CN104811309B

CN104811309B - A kind of long-range method and system using intelligent cipher key equipment

Info

Publication number: CN104811309B
Application number: CN201510130567.5A
Authority: CN
Inventors: 李东声
Original assignee: Tendyron Technology Co Ltd
Current assignee: Tendyron Technology Co Ltd
Priority date: 2015-03-24
Filing date: 2015-03-24
Publication date: 2018-07-17
Anticipated expiration: 2035-03-24
Also published as: CN104811309A

Abstract

The invention discloses a kind of long-range methods using intelligent cipher key equipment, including：Terminal obtains pending information, pending information is sent to terminal subsystem, terminal is the equipment that can not carry out network communication；Terminal subsystem verifies whether pending information is legal information, if legal, encrypt pending information and obtains encrypting pending information, and will encrypt pending information by remote information channel and be sent to terminal apart from long-range service subsystem；Pending information is encrypted in service subsystem decryption, obtains pending information, pending information is sent to intelligent cipher key equipment connected to it；The pending information of intelligent cipher key equipment processing.

Description

A kind of long-range method and system using intelligent cipher key equipment

Technical field

The present invention relates to a kind of electronic technology field more particularly to a kind of long-range method using intelligent cipher key equipment and it is System.

Background technology

With the development of online transaction, more and more people use for the selection of Logistics networks transaction security with signature work( Energy intelligent cipher key equipment, intelligent cipher key equipment are usually connect by a wire jack plug or other wireless modules with terminal, still, All it is either very limited at a distance from terminal connection by having line jack or wireless module, is led to intelligent cipher key equipment It crosses for USB (Universal Serial Bus) connect with terminal, intelligent cipher key equipment is by USB plug and terminal USB interface connection uses, but is only capable of supporting, into hundred meters of maximum distance, setting with intelligent key using USB connections transmission data For connecting with terminal by bluetooth module, it is only capable of supporting tens of meters of distances using bluetooth connection transmission data.It is above-mentioned various Mode is unable to reach long-range use (strange land use) or the debugging of intelligent cipher key equipment, is the long-range use of intelligent cipher key equipment (strange land use) forms certain obstacle, also, in order to ensure information safety, many to use or debug intelligent cipher key equipment Terminal can not carry out network communication, therefore, in the case where terminal can not carry out network communication, how safety strange land use or Intelligent cipher key equipment is debugged, is those skilled in the art's technical problem urgently to be resolved hurrily.

Invention content

Present invention seek to address that the above problem.

The main purpose of the present invention is to provide a kind of long-range methods using intelligent cipher key equipment, which is characterized in that packet It includes：Terminal obtains pending information, pending information is sent to terminal subsystem, terminal is that can not carry out setting for network communication It is standby；Terminal subsystem verifies whether pending information is legal information, if legal, encrypt pending information and obtains encrypting and wait locating Information is managed, and pending information will be encrypted by remote information channel and be sent to terminal apart from long-range service subsystem；Clothes Pending information is encrypted in business subsystem decryption, obtains pending information, it is close that pending information is sent to intelligence connected to it Key equipment；The pending information of intelligent cipher key equipment processing.

The main purpose of the present invention is to provide another methods for remotely using intelligent cipher key equipment, which is characterized in that Including：Terminal obtains pending information, verifies whether pending information is legal information, if legal, pending information is added It obtains encrypting pending information after close, pending information will be encrypted and be sent to terminal subsystem, terminal is that can not carry out network to lead to The equipment of news；Terminal subsystem, which receives, encrypts pending information, and is sent to terminal distance remotely by remote information channel Service subsystem；Pending information is encrypted in service subsystem decryption, obtains pending information, by pending information be sent to Its intelligent cipher key equipment connected；The pending information of intelligent cipher key equipment processing.

In addition, pending information is encrypted in service subsystem decryption, obtain pending information, by pending information be sent to Its intelligent cipher key equipment connected, including：Pending information is encrypted in service subsystem decryption, is obtained pending information, will be waited locating Reason information carries out protocol conversion and obtains the accessible information of intelligent cipher key equipment, and is sent to intelligent key connected to it and sets It is standby.

In addition, pending information includes at least：Data to be stored；Intelligent cipher key equipment handles pending information：Intelligence Data to be stored is stored in the safety chip of intelligent cipher key equipment by energy key devices.

In addition, pending information includes at least：Tune-up data；Intelligent cipher key equipment handles pending information：Intelligence Key devices are debugged according to tune-up data.

In addition, pending information includes at least：Transaction data；Before terminal obtains pending information, method further includes：Eventually Terminal system receives pending information, and pending information is sent to terminal；The pending information of intelligent cipher key equipment processing, packet It includes：Intelligent cipher key equipment signs to transaction data, generates signing messages；Intelligent cipher key equipment handles the step of pending information After rapid, method further includes：Signing messages is sent to service subsystem connected to it by intelligent cipher key equipment；Service subsystem Ciphering signature information obtains ciphering signature information, and ciphering signature information is sent to by remote information channel and is set with intelligent key For apart from long-range terminal subsystem；Terminal subsystem receives ciphering signature information, and decryption ciphering signature information obtains A.L.S. Breath, terminal is sent to by signing messages.

In addition, pending information includes at least：Transaction data；Before terminal obtains pending information, method further includes：Eventually Terminal system receives pending information, and pending information is sent to terminal；The pending information of intelligent cipher key equipment processing, packet It includes：Intelligent cipher key equipment signs to transaction data, generates signing messages；Intelligent cipher key equipment handles the step of pending information After rapid, method further includes：Signing messages is sent to service subsystem connected to it by intelligent cipher key equipment；Service subsystem Ciphering signature information obtains ciphering signature information, and ciphering signature information is sent to long-range null terminator Null by remote information channel System；Terminal subsystem receives ciphering signature information, ciphering signature information is sent to terminal, terminal receives ciphering signature information And decrypt, obtain signing messages.

In addition, terminal obtains pending information, the step of pending information is sent to terminal subsystem, further includes：Terminal Pending information and identity are sent to terminal subsystem by the identity for obtaining pending information and intelligent cipher key equipment System；Terminal subsystem verifies whether pending information is legal information, if legal, encrypt pending information and obtains encrypting and wait locating Information is managed, and pending information will be encrypted by remote information channel and be sent to step with terminal apart from long-range service subsystem Suddenly further include：Terminal subsystem verifies whether pending information is legal information, if legal, encrypt pending information and is added Close pending information, and pending information will be encrypted by remote information channel and identity be sent to it is long-range with terminal distance Service subsystem；Pending information is sent to intelligent cipher key equipment connected to it by service subsystem, including：Service subsystem Pending information is sent to intelligent cipher key equipment corresponding with identity connected to it by system.

In addition, the step of terminal acquisition pending information, includes：Terminal obtains pending information and intelligent cipher key equipment Identity；Terminal will encrypt the step of pending information is sent to terminal subsystem and include：Terminal will encrypt pending information It is sent to terminal subsystem with identity；Terminal subsystem, which receives, encrypts pending information, and is sent out by remote information channel It send to terminal and further includes apart from the step of long-range service subsystem：Terminal subsystem, which receives, encrypts pending information and identity Mark, and be sent to terminal apart from long-range service subsystem by remote information channel；Service subsystem is by pending letter Breath is sent to intelligent cipher key equipment connected to it, including：Service subsystem by pending information be sent to it is connected to it with The corresponding intelligent cipher key equipment of identity.

It is set in addition, pending information is sent to intelligent key corresponding with identity connected to it by service subsystem It is standby, including：Service subsystem pair intelligent cipher key equipment corresponding with identity carries out authentication, after certification passes through, will wait for Processing information is sent to intelligent cipher key equipment.

In addition, remote information channel is transmission control protocol TCP or User Datagram Protocol UDP connection networks.

In addition, intelligent cipher key equipment includes：It is one or more.

The main purpose of the present invention is to provide a kind of long-range systems using intelligent cipher key equipment, which is characterized in that packet It includes：Pending information is sent to terminal subsystem, terminal is that can not carry out network to lead to by terminal for obtaining pending information The equipment of news；Terminal subsystem, if legal, encrypts pending information for verifying whether pending information is legal information It obtains encrypting pending information, and pending information will be encrypted by remote information channel and be sent to terminal apart from long-range clothes Business subsystem；Service subsystem encrypts pending information for decrypting, obtains pending information, pending information is sent to Intelligent cipher key equipment connected to it；Intelligent cipher key equipment, for handling pending information.

The main purpose of the present invention is to provide another systems for remotely using intelligent cipher key equipment, which is characterized in that Including：Terminal if legal, obtains pending information, by pending letter for verifying whether pending information is legal information It obtains encrypting pending information after encryption for information, pending information will be encrypted and be sent to terminal subsystem, terminal is that can not carry out net The equipment of network communication；Terminal subsystem encrypts pending information for receiving, and is sent to by remote information channel and terminal Apart from long-range service subsystem；Service subsystem encrypts pending information for decrypting, obtains pending information, will wait locating Reason information is sent to intelligent cipher key equipment connected to it；Intelligent cipher key equipment, for handling pending information.

In addition, service subsystem, encrypts pending information for decrypting, obtains pending information, pending information is sent out It send to intelligent cipher key equipment connected to it, including：Service subsystem is encrypted pending information for decrypting, is obtained pending Information is sent to intelligent cipher key equipment connected to it after converting pending information protocol.

In addition, pending information includes at least：Data to be stored；Intelligent cipher key equipment, for handling pending packet It includes：Intelligent cipher key equipment, for data to be stored to be stored in the safety chip of intelligent cipher key equipment.

In addition, pending information includes at least：Tune-up data；Intelligent cipher key equipment includes for handling pending information： Intelligent cipher key equipment, for being debugged according to tune-up data.

In addition, pending information includes at least：Transaction data；Terminal subsystem is additionally operable to receive pending information concurrent It send to terminal；Intelligent cipher key equipment is additionally operable to be signed to obtain signing messages to transaction data；By signing messages be sent to Its service subsystem connected；Service subsystem is additionally operable to receive signing messages, and ciphering signature information obtains ciphering signature letter Breath, ciphering signature information is sent to intelligent cipher key equipment by remote information channel apart from long-range terminal subsystem；Eventually Terminal system is additionally operable to receive ciphering signature information and decrypt, obtains signing messages, signing messages is sent to terminal；Terminal, It is additionally operable to receive signing messages.

In addition, pending information further includes：Transaction data；Terminal subsystem is additionally operable to receive pending information and send To terminal；Intelligent cipher key equipment is additionally operable to be signed to obtain signing messages to transaction data, by signing messages be sent to and its The service subsystem of connection；Service subsystem is additionally operable to receive signing messages, and ciphering signature information obtains ciphering signature information, Ciphering signature information is sent to intelligent cipher key equipment by remote information channel apart from long-range terminal subsystem；Null terminator Null System is additionally operable to receive ciphering signature information, ciphering signature information is sent to terminal；Terminal is additionally operable to receive ciphering signature Information, decryption ciphering signature information obtain signing messages.

In addition, pending information is sent to terminal subsystem by terminal for obtaining pending information, including：Terminal, Pending information and identity are sent to null terminator Null by the identity for obtaining pending information and intelligent cipher key equipment System；Terminal subsystem, if legal, encrypted pending information and is obtained for verifying whether pending information is legal information Pending information is encrypted, and pending information will be encrypted by remote information channel and be sent to terminal apart from long-range service System, including：Terminal subsystem, if legal, encrypts pending information for verifying whether pending information is legal information Obtain encrypting pending information, and pending information will be encrypted by remote information channel and identity be sent to terminal away from From long-range service subsystem；Service subsystem encrypts pending information for decrypting, obtains pending information, will be pending Information is sent to intelligent cipher key equipment connected to it, including：Service subsystem is encrypted pending information for decrypting, is obtained Pending information is sent to intelligent cipher key equipment corresponding with identity connected to it by pending information.

In addition, terminal, for obtaining pending information, including：Terminal is set for obtaining pending information and intelligent key Standby identity；Terminal is sent to terminal subsystem for that will encrypt pending information, including：Terminal is waited for for that will encrypt Processing information and identity are sent to terminal subsystem；Terminal subsystem encrypts pending information for receiving, and by remote Journey information channel is sent to terminal apart from long-range service subsystem, including：Terminal subsystem, it is pending for receiving encryption Information and identity, and be sent to terminal apart from long-range service subsystem by remote information channel；Service subsystem, For pending information to be sent to intelligent cipher key equipment connected to it, including：Service subsystem is used for pending information It is sent to intelligent cipher key equipment corresponding with identity connected to it.

In addition, service subsystem, for pending information to be sent to intelligence corresponding with identity connected to it Key devices, including：Service subsystem, for carrying out authentication to the corresponding intelligent cipher key equipment of identity, certification is logical Later, pending information is sent to intelligent cipher key equipment corresponding with identity connected to it.

In addition, terminal subsystem includes：First verification encryption and decryption equipment and first data transmission equipment；Wherein：First tests Encryption and decryption equipment is demonstrate,proved, for receiving pending information, and whether legal, if legal, encrypt and wait locating if verifying pending information Information is managed, obtains encrypting pending information, pending information will be encrypted and be sent to first data transmission equipment；First data transmission Equipment encrypts pending information for receiving, will encrypt pending information and be sent to and terminal distance by remote information channel Long-range service subsystem.

In addition, terminal includes：Acquisition module, the first verification encryption/decryption module and transceiver module；Wherein：Acquisition module is used In the pending information of acquisition, and pending information is sent to the first verification encryption/decryption module；First verification encryption/decryption module, is used In receiving pending information, whether legal, if legal, encrypt pending information, obtain encrypting and wait locating if verifying pending information Information is managed, pending information will be encrypted and be sent to transceiver module；Transceiver module is sent to terminal for that will encrypt pending information Subsystem；Terminal subsystem, including first data transmission equipment；First data transmission equipment encrypts pending letter for receiving Breath, will encrypt pending information and is sent to long-range service subsystem by remote information channel.

In addition, service subsystem, including：Second data transmission set, the second encryption and decryption equipment and third data transmission are set It is standby；Wherein：Second data transmission set encrypts pending information for receiving, and will encrypt pending information and be sent to second Encryption and decryption equipment；Second encryption and decryption equipment encrypts pending information for receiving, and decrypts the pending information of encryption, is waited for Information is handled, pending information is sent to third data transmission set；Third data transmission set, for receiving pending letter Breath, intelligent cipher key equipment connected to it is sent to by pending information.

In addition, service subsystem, including：Second encryption and decryption equipment and the second data transmission set；Wherein：Second encryption and decryption Equipment encrypts pending information for receiving, and decrypts the pending information of encryption, pending information is obtained, by pending information It is sent to the second data transmission set；Pending information is sent to by the second data transmission set for receiving pending information Intelligent cipher key equipment connected to it.

In addition, service subsystem, including：Second data transmission set, the second encryption and decryption equipment；Wherein：Second data pass Transfer device encrypts pending information for receiving, and will encrypt pending information and be sent to the second encryption and decryption equipment；Second adds solution Close equipment encrypts pending information for receiving, and decrypts the pending information of encryption, pending information is obtained, by pending letter Breath is sent to the second data transmission set；Second data transmission set is additionally operable to the pending information after receiving and deciphering, will wait locating Reason information is sent to intelligent cipher key equipment connected to it.

In addition, service subsystem, further includes protocol conversion device, protocol conversion device is used for pending information protocol After conversion, it is sent to intelligent cipher key equipment connected to it.

In addition, intelligent cipher key equipment includes：It is one or more.

As seen from the above technical solution provided by the invention, the present invention provides one kind remotely to be set using intelligent key Standby method and system, terminal obtain pending information, pending information are sent to terminal subsystem, using terminal subsystem It verifies the legal rear encryption of pending information and the pending information of remote transmission, service subsystem remotely receives and decrypt to obtain and wait locating Information is managed, obtained pending information is sent to intelligent cipher key equipment and handled by terminal subsystem, before ensuring information security It puts, solves the problems, such as that progress information exchange can not be connected between long-range terminal and intelligent cipher key equipment, realize The terminal of network communication and the remote information interaction of intelligent cipher key equipment, can reach long-range and use or debug intelligent cipher key equipment Technique effect, the user experience is improved.

Description of the drawings

In order to illustrate the technical solution of the embodiments of the present invention more clearly, required use in being described below to embodiment Attached drawing be briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for this For the those of ordinary skill in field, without creative efforts, other are can also be obtained according to these attached drawings Attached drawing.

Fig. 1 is the flow chart for the long-range method using intelligent cipher key equipment that the embodiment of the present invention 1 provides；

Fig. 2 is the flow chart for the long-range method using intelligent cipher key equipment that the embodiment of the present invention 1 provides；

Fig. 3 is the flow chart for the long-range method using intelligent cipher key equipment that the embodiment of the present invention 2 provides；

Fig. 4 is the flow chart for the long-range method using intelligent cipher key equipment that the embodiment of the present invention 2 provides；

Fig. 5 is the structural schematic diagram for the long-range system using intelligent cipher key equipment that the embodiment of the present invention 3 provides；

Fig. 6 is another structural schematic diagram for the long-range system using intelligent cipher key equipment that the embodiment of the present invention 3 provides；

Fig. 7 is the structural schematic diagram for the long-range system using intelligent cipher key equipment that the embodiment of the present invention 4 provides；

Fig. 8 is another structural schematic diagram for the long-range system using intelligent cipher key equipment that the embodiment of the present invention 4 provides.

Specific implementation mode

With reference to the attached drawing in the embodiment of the present invention, technical solution in the embodiment of the present invention carries out clear, complete Ground describes, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.Based on this The embodiment of invention, every other implementation obtained by those of ordinary skill in the art without making creative efforts Example, belongs to protection scope of the present invention.

In the description of the present invention, it is to be understood that, term "center", " longitudinal direction ", " transverse direction ", "upper", "lower", The orientation or positional relationship of the instructions such as "front", "rear", "left", "right", "vertical", "horizontal", "top", "bottom", "inner", "outside" is It is based on the orientation or positional relationship shown in the drawings, is merely for convenience of description of the present invention and simplification of the description, rather than instruction or dark Show that signified device or element must have a particular orientation, with specific azimuth configuration and operation, therefore should not be understood as pair The limitation of the present invention.In addition, term " first ", " second " are used for description purposes only, it is not understood to indicate or imply opposite Importance or quantity or position.

In the description of the present invention, it should be noted that unless otherwise clearly defined and limited, term " installation ", " phase Even ", " connection " shall be understood in a broad sense, for example, it may be being fixedly connected, may be a detachable connection, or be integrally connected；It can Can also be electrical connection to be mechanical connection；It can be directly connected, can also indirectly connected through an intermediary, Ke Yishi Connection inside two elements.For the ordinary skill in the art, above-mentioned term can be understood at this with concrete condition Concrete meaning in invention.

The embodiment of the present invention is described in further detail below in conjunction with attached drawing.

Embodiment 1

According to an embodiment of the invention, a kind of long-range method using intelligent cipher key equipment is provided.

In the present embodiment, intelligent cipher key equipment can be to have electronic signature, certificate verification and/or encryption and decryption functions Mini-plant, for example, KEY (the K treasured etc. that U-shield that industrial and commercial bank uses, agricultural bank use).Terminal subsystem can be by have verification and The system of equipment and the data transmission set composition of encryption and decryption functions, wherein the equipment with verification encryption and decryption functions can be tool It can appoint to have the intelligent cipher key equipment of authentication function or the combination of other verification equipment and encryption and decryption equipment, data transmission set What sends and receivees the equipment (such as mobile phone, PC and tablet computer) of function with network data.Service subsystem can be several According to transmission device and the equipment with encryption and decryption functions and with connection intelligent cipher key equipment function equipment composition system, Wherein, data transmission set can be any equipment (such as mobile phone, PC and tablet electricity that function is sended and received with network data Brain etc.), the equipment with encryption and decryption functions can be intelligent cipher key equipment, have the equipment of connection intelligent cipher key equipment function can To be mobile phone, PC and tablet apparatus such as computer.

Fig. 1 is the long-range method for using intelligent cipher key equipment that the embodiment of the present invention 1 provides, and this method includes mainly following Step：

S101, terminal obtain pending information, pending information are sent to terminal subsystem, terminal is that can not carry out net The equipment of network communication；

In the present embodiment, terminal be can not carry out network communication equipment (such as relating computer, without network card computer or Bank server etc., terminal can not carry out network communication, ensure the safety of terminal storage information, can not be infected or Illegally it can not read or distort).

In a kind of optional embodiment of the present embodiment, terminal and terminal subsystem wired connection.Wired connection is compared Wireless connection has better safety, is not easy to be tampered after illegal intercepted and captured, wired connection mode can be USB connections or UART connections etc..

Can include that processing refers in a kind of optional embodiment of the present embodiment, in the pending information that terminal obtains It enables, which can be the process instruction that terminal generates, and can also be the processing for the other equipment transmission that terminal receives Instruction, process instruction can be trading instruction or the instructions such as instruction of shaking hands.Enable intelligent cipher key equipment according to receiving Process instruction handles pending information accordingly.

In a kind of optional embodiment of the present embodiment, pending information may include：Data to be stored.Optionally, It can also include store instruction in pending information.Intelligent cipher key equipment is waited for according to the store instruction received Store the storage of data.

In a kind of optional embodiment of the present embodiment, pending information may include：Tune-up data.Optionally, it waits for It can also includes debugging instruction to handle in information.Intelligent cipher key equipment is adjusted according to the debugging instruction received Examination.

In a kind of optional embodiment of the present embodiment, pending information may include：Transaction data.Optionally, it waits for It can also includes trading instruction to handle in information.Intelligent cipher key equipment is enable to complete transaction according to the trading instruction received Flow.

Certainly, in a kind of optional embodiment of this implementation, pending information can also include：Data to be stored, tune Try the arbitrary combination in data and transaction data.Allow intelligent cipher key equipment carry out as needed data storage, debugging and Complete transaction.

In a kind of optional embodiment of the present embodiment, terminal obtains pending information and the identity of intelligent cipher key equipment Mark, terminal subsystem is sent to by pending information and identity；Enable service subsystem according to identity into The identification of row intelligent cipher key equipment carries out remote debugging or use convenient for user to specified intelligent cipher key equipment.

S102, terminal subsystem verify whether pending information is legal information, if legal, encrypt pending information and obtain To the pending information of encryption；

In the present embodiment, terminal subsystem is encrypted pending information and can also be passed through by symmetric key encryption Asymmetric-key encryption.Verify whether pending information is legal information, the hardware chip built in terminal subsystem can be passed through Verify whether pending information is information type (the equipment class that such as intelligent cipher key equipment should receive that intelligent cipher key equipment should receive Type is store instruction, Transaction Information, then the other information other than both information is disposed as invalid information), if not The pending information is then determined as that invalid information is intercepted, prevented to end by the information type that intelligent cipher key equipment should receive The encryption key of terminal subsystem is known in the attack of terminal system.

S103, terminal subsystem by remote information channel will encrypt pending information be sent to it is long-range with terminal distance Service subsystem；

In the present embodiment, long-range with terminal distance, refer to that service subsystem can not be directly by terminal and intelligence with terminal The distance that the connection type of energy key devices is transmitted.

In an optional embodiment of the present embodiment, remote information channel is transmission control protocol TCP or number of users According to datagram protocol UDP connection networks.Information is transmitted using general information network, there is good convenience.

In an optional embodiment of the present embodiment, terminal subsystem is waited for the encryption by remote information channel Processing information and identity are sent to terminal apart from long-range service subsystem.Enable service subsystem according to identity Mark carries out the identification of intelligent cipher key equipment, and remote debugging or use are carried out to specified intelligent cipher key equipment convenient for user.

S104, service subsystem decryption encrypt pending information, obtain pending information, by pending information be sent to Its intelligent cipher key equipment connected；

In an optional embodiment of the present embodiment, can also include in step 104：Service subsystem decryption encryption Pending information obtains pending information, after pending information protocol is converted, is sent to intelligent key connected to it and sets It is standby.Through protocol conversion, terminal meets the pending of the connection type standard by it with what terminal subsystem connection type was sent out Information can be converted the arbitrary pending information for meeting service subsystem and intelligent cipher key equipment connection type standard.For example, Terminal is connect with terminal subsystem by USB, and pending information is to meet the information of USB standard, and service subsystem and intelligence are close Key equipment bluetooth connection, service subsystem, which can be converted to pending information by the information for meeting USB standard, meets bluetooth mark Accurate information is convenient for the information exchange of service subsystem and intelligent cipher key equipment.In this way, service subsystem and intelligence The connection type of key devices is not limited by terminal and terminal subsystem connection type, easy to use.

In the present embodiment, pending information is sent to intelligent cipher key equipment connected to it, connection side by service subsystem Formula can be wired connection (such as by USB interface connection, UART (Universal Asynchronous Receiver/ Transmitter, universal asynchronous receiving-transmitting transmitter) interface connection etc.), can also be wirelessly connected (such as by bluetooth, it is infrared, WIFI, NFC, 2.4G etc.).

In the present embodiment, null terminator Null in the decryption method and S102 that pending information uses is encrypted in service subsystem decryption The cipher mode that the pending information of system encryption uses corresponds to.

In a kind of optional embodiment of the present embodiment, pending information is sent to intelligence connected to it by service subsystem Energy key devices, including：It is close that pending information is sent to intelligence corresponding with identity connected to it by service subsystem Key equipment.Be conducive to improve the accuracy that pending information is sent, and user can remotely specify intelligent cipher key equipment, complete The remote control of specified intelligent cipher key equipment, such as when being remotely connected with multiple intelligent cipher key equipments, user may be selected use and refer to Fixed intelligent cipher key equipment completes transaction.Further, pending information is sent to connected to it and body by service subsystem Part identifies corresponding intelligent cipher key equipment, can also be：Service subsystem pair intelligent cipher key equipment corresponding with identity into Pending information after certification passes through, is sent to intelligent cipher key equipment by row authentication.After intelligent cipher key equipment authentication Pending information is sent to intelligent cipher key equipment again, the accuracy of information transmission is can further improve, improves the safety of information Property.

S105, the pending information of intelligent cipher key equipment processing；

In the present embodiment, the mode that intelligent cipher key equipment handles pending information may include following manner at least it One：

Mode one：Include process instruction in pending information, then intelligent cipher key equipment is handled pending according to process instruction Information；

Mode two：According to the pending information of the contents processing of pending information；

Mode three：According to the format of pending information and/or the type of the pending information of content recognition, (for example, when waiting locating When managing the interior perhaps format that information is # account information # transaction amount # payees #, it is identified as transaction data), according to pending letter The pending information of type of process of breath.

Specifically, in a kind of optional embodiment of the present embodiment, if in pending information including data to be stored, intelligence Energy key devices handle pending information：Data to be stored is stored in the safety of intelligent cipher key equipment by intelligent cipher key equipment In chip.Optionally, the storage operation into row storage data can be instructed according to be stored in pending information, it also can be according to waiting for It handles the format of information and/or content judges that pending information is data to be stored, storage operation is carried out to data to be stored.

Specifically, in another optional embodiment of the present embodiment, if in pending information including tune-up data, intelligence Energy key devices handle pending information：Intelligent cipher key equipment is debugged according to tune-up data.It optionally, can be according to waiting for The debugging operations that the debugging instruction in information carries out are handled, also can judge to wait for according to the format and/or content of pending information Processing information is tune-up data, carries out debugging operations.

Specifically, in another optional embodiment of the present embodiment, if in pending information including transaction data, by Network communication can not be carried out in terminal itself, therefore can not be communicated with bank backstage, in the present embodiment, terminal, which obtains, to be waited locating Before managing information, the method flow of the present embodiment further includes：Terminal subsystem receives pending information, and pending information is sent To terminal；(there is also various other embodiments for this step, for example, it is also possible to be other equipment with network communicating function Pending information is received, pending information is sent to terminal.) the pending information of intelligent cipher key equipment processing, including：Intelligence is close Key equipment signs to transaction data, generates signing messages.

In the optional embodiment, as shown in Fig. 2, the step of intelligent cipher key equipment handles pending information (S105) Later, method provided in this embodiment further includes：

S106, intelligent cipher key equipment will handle the signing messages that pending information obtains and be sent to service connected to it System；

S107, service subsystem ciphering signature information obtains ciphering signature information, by ciphering signature information by remotely believing Breath channel is sent to intelligent cipher key equipment apart from long-range terminal subsystem；

S108, terminal subsystem receive ciphering signature information, and decryption ciphering signature information obtains signing messages, by A.L.S. Breath is sent to terminal；

S109, terminal will sign signing messages by terminal subsystem (or other equipment with network communicating function) Information is sent to bank server；

S110, bank server receive signing messages and sign test, and sign test completes transaction flow after passing through.

Optionally, the signature operation that intelligent cipher key equipment can be carried out according to the trading instruction in pending information, also can root Judge that pending information is transaction data according to the format and/or content of pending information, carries out signature operation.This optional implementation In mode, signature flow is known in the art technology, and details are not described herein.

In a kind of optional embodiment of the present embodiment, intelligent cipher key equipment can be one, can also be multiple.Clothes Business subsystem connects multiple intelligent cipher key equipments simultaneously, and the efficiency of information processing can be improved.

As can be seen from the above-described embodiment, terminal obtains pending information, and pending information is sent to terminal subsystem, Using terminal subsystem verifies the legal rear encryption of pending information and the pending information of remote transmission, service subsystem remotely receive And decrypt and obtain pending information, obtained pending information is sent to intelligent cipher key equipment and handled by service subsystem, true Under the premise of protecting information security, carry out information exchange can not be connected between long-range terminal and intelligent cipher key equipment by solving The problem of, the terminal of network communication and the remote information interaction of intelligent cipher key equipment are realized, can reach long-range and use or adjust The technique effect of intelligent cipher key equipment is tried, the user experience is improved.

Embodiment 2

Fig. 3 is the long-range method for using intelligent cipher key equipment that the embodiment of the present invention 2 provides, and this method includes mainly following Step：

S201, terminal obtain pending information, verify whether the pending information is legal information, will if legal It obtains encrypting pending information after pending information encryption, pending information will be encrypted and be sent to terminal subsystem, terminal is nothing The equipment that method carries out network communication；

In the present embodiment, the pending information of terminal encryption can be by symmetric key encryption, can also be by asymmetric Key is encrypted.Terminal be can not carry out network communication equipment (such as relating computer, without network card computer or bank server Deng terminal can not carry out network communication, ensure the safety of terminal storage information, can not be infected or can not illegally read It takes or distorts).Verify whether pending information is legal information, pending letter can be verified by the hardware chip of terminal built-in Breath whether be intelligent cipher key equipment should receive information type (device type that such as intelligent cipher key equipment should receive be storage refer to Enable, Transaction Information, then the other information other than both information be disposed as invalid information), it is set if not intelligent key The standby information type that should be received, then be determined as that invalid information is intercepted by the pending information, prevent the attack to terminal, obtain Know the encryption key of terminal.

In a kind of optional embodiment of the present embodiment, pending information may include：Data to be stored.Optionally, It may also include store instruction in pending information.Intelligent cipher key equipment is enable to carry out waiting depositing according to the store instruction received Store up the storage of data.

In a kind of optional embodiment of the present embodiment, pending information may include：Tune-up data.Optionally, it waits for It may also include debugging instruction in processing information.Intelligent cipher key equipment is debugged according to the debugging instruction received.

In a kind of optional embodiment of the present embodiment, pending information may include：Transaction data.Optionally, it waits for It may also include trading instruction in processing information.Intelligent cipher key equipment is enable to complete transaction flow according to the trading instruction received Journey.

In a kind of optional embodiment of the present embodiment, terminal obtains pending information and the identity of intelligent cipher key equipment Mark, will encrypt pending information and identity is sent to terminal subsystem；Enable service subsystem according to identity mark Know the identification for carrying out intelligent cipher key equipment, remote debugging or use are carried out to specified intelligent cipher key equipment convenient for user.

S202, terminal subsystem, which receives, encrypts pending information, and is sent to and terminal distance by remote information channel Long-range service subsystem；

S203, service subsystem decryption encrypt pending information, obtain pending information, by pending information be sent to Its intelligent cipher key equipment connected；

In the present embodiment, service subsystem decryption is encrypted terminal in the decryption method and S201 that pending information uses and is added The cipher mode that close pending information uses corresponds to.

In an optional embodiment of the present embodiment, can also include in step 203：Service subsystem decryption encryption Pending information obtains pending information, after pending information protocol is converted, is sent to intelligent key connected to it and sets It is standby.Through protocol conversion, terminal meets the pending of the connection type standard by it with what terminal subsystem connection type was sent out Information can be converted the arbitrary pending information for meeting service subsystem and intelligent cipher key equipment connection type standard.For example, Terminal is connect with terminal subsystem by USB, and pending information is to meet the information of USB standard, and service subsystem and intelligence are close Key equipment bluetooth connection, service subsystem, which can be converted to pending information by the information for meeting USB standard, meets bluetooth mark Accurate information is convenient for the information exchange of service subsystem and intelligent cipher key equipment.In this way, service subsystem and intelligence The connection type of key devices is not limited by terminal and terminal subsystem connection type, easy to use.

In a kind of optional embodiment of the present embodiment, pending information is sent to connected to it by service subsystem Intelligent cipher key equipment, including：Pending information is sent to intelligence corresponding with identity connected to it by service subsystem Key devices.Be conducive to improve the accuracy that pending information is sent, and user can remotely specify intelligent cipher key equipment, it is complete At the remote control of specified intelligent cipher key equipment, such as when being remotely connected with multiple intelligent cipher key equipments, user may be selected to use Specified intelligent cipher key equipment completes transaction.Further, service subsystem by pending information be sent to it is connected to it with The corresponding intelligent cipher key equipment of identity, can also be：Service subsystem pair intelligent cipher key equipment corresponding with identity Authentication is carried out, after certification passes through, pending information is sent to intelligent cipher key equipment.To intelligent cipher key equipment authentication Pending information is sent to intelligent cipher key equipment again afterwards, the accuracy of information transmission is can further improve, improves the peace of information Quan Xing.

In the present embodiment, pending information is sent to intelligent cipher key equipment connected to it, connection side by service subsystem Formula can be wired connection (such as being connected by USB interface connection, UART interface), can also be to be wirelessly connected (such as to pass through indigo plant Tooth, infrared, WIFI, NFC, 2.4G etc.).

S204, the pending information of intelligent cipher key equipment processing；

In a kind of optional embodiment of the present embodiment, if in pending information including data to be stored, intelligent key Equipment handles pending information：Data to be stored is stored in the safety chip of intelligent cipher key equipment by intelligent cipher key equipment In.Optionally, can be according to the storage operation to be stored instructed into row storage data in pending information, it also can be according to pending The format and/or content of information judge that pending information is data to be stored, and storage operation is carried out to data to be stored.

Specifically, in another optional embodiment of the present embodiment, if in pending information including transaction data, eventually Before end obtains pending information, the flow of the present embodiment further includes：Terminal subsystem receives pending information, by pending letter Breath is sent to terminal；(there is also various other embodiments for this step, for example, it is also possible to be other with network communicating function Equipment receive pending information, pending information is sent to terminal.) the pending information of intelligent cipher key equipment processing, including： Intelligent cipher key equipment signs to transaction data, generates signing messages.

In the optional embodiment, as shown in figure 4, the step of intelligent cipher key equipment handles pending information (S204) Afterwards, further include that method provided in this embodiment further includes：

S205, intelligent cipher key equipment will handle the signing messages that pending information obtains and be sent to service connected to it System；

S206, service subsystem ciphering signature information obtains ciphering signature information, by ciphering signature information by remotely believing Breath channel is sent to intelligent cipher key equipment apart from long-range terminal subsystem；

S207, terminal subsystem receive ciphering signature information, ciphering signature information are sent to terminal, terminal receives encryption Signing messages is simultaneously decrypted, and signing messages is obtained；

S208, terminal will sign signing messages by terminal subsystem (or other equipment with network communicating function) Information is sent to bank server；

S209, bank server receive signing messages and sign test, and sign test completes transaction flow after passing through.

Optionally, the signature operation that intelligent cipher key equipment can be carried out according to the trading instruction in pending information, also can root Judge that pending information is transaction data according to the format and/or content of pending information, carries out signature operation.This optional implementation In mode, the flow of signature operation is known in the art technology, and details are not described herein.

As can be seen from the above-described embodiment, terminal obtains pending information, verify pending information it is legal after, encrypt and wait locating Reason information obtains encrypting pending information, will encrypt pending information and is sent to terminal subsystem, using terminal subsystem is long-range Pending information is transmitted, service subsystem remotely receives and decrypt to obtain pending information, and service subsystem waits locating by what is obtained Reason information is sent to intelligent cipher key equipment processing, under the premise of ensuring information security, solves apart from long-range terminal and intelligence It can not connect the problem of carrying out information exchange between key devices, realize the terminal and intelligent cipher key equipment of network communication Remote information interacts, and can reach the long-range technique effect used or debug intelligent cipher key equipment, the user experience is improved.

Embodiment 3

The present embodiment provides a kind of long-range system using intelligent cipher key equipment, the system be with it is long-range in embodiment 1 One-to-one using the method for intelligent cipher key equipment, details are not described herein, is only briefly described as follows：

In the present embodiment, intelligent cipher key equipment 304 can be to have electronic signature, certificate verification and/or encryption and decryption work( Can mini-plant, for example, KEY (the K treasured etc. that U-shield that industrial and commercial bank uses, agricultural bank use).

Fig. 5 is the long-range system for using intelligent cipher key equipment that the embodiment of the present invention 3 provides, which includes：Terminal 301, terminal subsystem 302, service subsystem 303, intelligent cipher key equipment 304.

Pending information is sent to terminal subsystem 302, terminal 301 is by terminal 301 for obtaining pending information The equipment that can not carry out network communication；

In the present embodiment, terminal 301 be can not carry out network communication equipment (such as relating computer, without network interface card calculate Machine or bank server etc., terminal 301 can not carry out network communication, ensure the safety of terminal storage information, can not be sick Poison infection illegally can not read or distort).In a kind of optional embodiment of the present embodiment, what terminal 301 obtained waits locating It can includes process instruction to manage in information, which can be the process instruction that terminal generates, and can also be that terminal receives The process instruction that the other equipment arrived is sent, process instruction can be trading instruction or the instructions such as instruction of shaking hands.So that intelligence is close Key equipment 304 can be handled pending information accordingly according to the process instruction received.

In a kind of optional embodiment of the present embodiment, pending information may include：Data to be stored.Optionally, It may also include store instruction in pending information.Intelligent cipher key equipment 304 is enable to carry out number to be stored according to store instruction According to storage.

In a kind of optional embodiment of the present embodiment, pending information may include：Tune-up data.Optionally, it waits for It may also include debugging instruction in processing information.Intelligent cipher key equipment 304 is adjusted according to the debugging instruction received Examination.

In a kind of optional embodiment of the present embodiment, pending information may include：Transaction data.Optionally, it waits for It may also include trading instruction in processing information.Intelligent cipher key equipment 304 is enable to complete to hand over according to the trading instruction received Easy flow.

Certainly, in a kind of optional embodiment of this implementation, pending information can also include：Data to be stored, tune Try the arbitrary combination in data and transaction data.Allow intelligent cipher key equipment carry out as needed data storage, debugging and Complete transaction.In a kind of optional embodiment of the present embodiment, terminal 301, for obtaining pending information and intelligent key Pending information and identity are sent to terminal subsystem 302 by the identity of equipment 304；Make service subsystem 303 The identification that intelligent cipher key equipment 304 can be carried out according to identity, carries out specified intelligent cipher key equipment 304 convenient for user Remote debugging or use.

Terminal subsystem 302, it is whether legal for verifying pending information, if the legal pending information of encryption is added Close pending information, and pending information will be encrypted by remote information channel and be sent to terminal 301 apart from long-range service Subsystem 303；

In the present embodiment, terminal subsystem 302 is encrypted pending information and can also be led to by symmetric key encryption Cross asymmetric-key encryption.Verify whether pending information is legal information, the hardware built in terminal subsystem 302 can be passed through Whether the pending information of chip checking is that (what such as intelligent cipher key equipment should receive sets the information type that should receive of intelligent cipher key equipment Standby type is store instruction, Transaction Information, then the other information other than both information is disposed as invalid information), if It is not the information type that intelligent cipher key equipment 304 should receive, then the pending information is determined as that invalid information is intercepted, prevents Only to the attack of terminal subsystem 302, the encryption key of terminal subsystem is known.

In the present embodiment, refer to that service subsystem 303 can not directly pass through with terminal 301 with terminal 301 apart from long-range At a distance from terminal 301 and the connection type of intelligent cipher key equipment 304 are transmitted.

In an optional embodiment of the present embodiment, terminal subsystem 302, for passing through remote information channel by institute It states the pending information of encryption and identity is sent to terminal 301 apart from long-range service subsystem 303.So that service subsystem System 303 can carry out the identification of intelligent cipher key equipment 304 according to identity, convenient for user to specified intelligent cipher key equipment 304 carry out remote debugging or use.Service subsystem 303 encrypts pending information for decrypting, obtains pending information, will Pending information is sent to intelligent cipher key equipment 304 connected to it；

In the present embodiment, the decryption method and the present embodiment that pending information uses are encrypted in the decryption of service subsystem 303 Middle terminal subsystem 302 is encrypted the cipher mode that pending information uses and is corresponded to.In an optional embodiment of the present embodiment In, service subsystem 303 can be also used for：Pending information is encrypted in decryption, pending information is obtained, by pending information protocol After conversion, it is sent to intelligent cipher key equipment 304 connected to it.Through protocol conversion, terminal 301 passes through itself and terminal subsystem What 302 connection types were sent out meets the pending information of the connection type standard, can be converted and arbitrarily meets service subsystem 303 with the pending information of 304 connection type standard of intelligent cipher key equipment.For example, terminal 301 passes through with terminal subsystem 302 USB connections, pending information are to meet the information of USB standard, service subsystem 303 and 304 bluetooth connection of intelligent cipher key equipment, Pending information can be converted to the information for meeting bluetooth standard by service subsystem 303 by the information for meeting USB standard, be convenient for The information exchange of service subsystem and intelligent cipher key equipment 304.In this way, service subsystem 303 is set with intelligent key Standby 304 connection type is not limited by terminal 301 and 302 connection type of terminal subsystem, easy to use.

In the present embodiment, pending information is sent to intelligent cipher key equipment 304 connected to it by service subsystem 303, Connection type can be wired connection (such as by USB interface connection, UART (Universal Asynchronous Receiver/Transmitter, universal asynchronous receiving-transmitting transmitter) interface connection etc.), can also be to be wirelessly connected (such as to pass through indigo plant Tooth, infrared, WIFI, NFC, 2.4G etc.).

In a kind of optional embodiment of the present embodiment, service subsystem 303, for by pending information be sent to Its intelligent cipher key equipment 304 connected, including：Service subsystem 303 is additionally operable to pending information being sent to connected to it Intelligent cipher key equipment corresponding with identity 304.Be conducive to improve the accuracy that pending information is sent.Further, it takes Business subsystem 303 can also be for pending information to be sent to intelligent cipher key equipment 304 corresponding with identity：Clothes Business subsystem 303 is additionally operable to a pair intelligent cipher key equipment 304 corresponding with identity and carries out an authentication, will after certification passes through Pending information is sent to the corresponding intelligent cipher key equipment of identity connected to it 304.To 304 identity of intelligent cipher key equipment Pending information is sent to intelligent cipher key equipment 304 again after certification, can further improve the accuracy of information transmission, improves letter The safety of breath.

Intelligent cipher key equipment 304, for handling pending information.

In the present embodiment, the mode that intelligent cipher key equipment 304 handles pending information may include following manner at least One of：Mode one：Include process instruction in pending information, then intelligent cipher key equipment 304 is handled pending according to process instruction Information；Mode two：According to the pending information of the contents processing of pending information；Mode three：According to the format of pending information and/ Or the type of the pending information of content recognition, (for example, when pending information is the interior of # account information # transaction amount # payees # Perhaps format when, be identified as transaction data) according to the pending information of type of process of pending information.

In a kind of optional embodiment of the present embodiment, if in pending information including data to be stored, intelligent key Equipment 304 includes for handling pending information：Intelligent cipher key equipment 304, for data to be stored to be stored in intelligent key In the safety chip of equipment 304.Optionally, it can be grasped according to the storage of the store instruction in pending information into row storage data Make, can also judge that pending information is data to be stored according to the format and/or content of pending information, to data to be stored Carry out storage operation.

In another optional embodiment of the present embodiment, if in pending information including tune-up data, intelligent key Equipment 304 includes for handling pending information：Intelligent cipher key equipment 304, for being debugged according to tune-up data.It is optional , the debugging operations that can be carried out according to the debugging instruction in pending information also can be according to the format of pending information and/or interior Appearance judges that pending information is tune-up data, carries out debugging operations.

In another optional embodiment of the present embodiment, if including transaction data in pending information, terminal 301 obtains Before taking pending information, in the system of the present embodiment：Terminal subsystem 302 is additionally operable to receive pending information, will be pending Information is sent to terminal 301；(there is also various other embodiments, for example, it is also possible to be other with network communicating function Equipment receives pending information, and pending information is sent to terminal 301.) intelligent cipher key equipment 304, it is additionally operable to number of deals According to signing, signing messages is generated；Signing messages is sent to service subsystem 303 connected to it；Service subsystem 303, it is additionally operable to receive signing messages, ciphering signature information obtains ciphering signature information, by ciphering signature information by remotely believing Breath channel is sent to intelligent cipher key equipment apart from long-range terminal subsystem 302；Terminal subsystem 302 is additionally operable to reception and adds Close signing messages, decryption ciphering signature information obtain signing messages, signing messages are sent to terminal 301；Terminal 301, is also used In reception signing messages；Signing messages is passed through (or other the setting with network communicating function of terminal subsystem 302 by terminal 301 It is standby) signing messages is sent to bank server；Bank server receives signing messages and sign test, and sign test completes transaction after passing through Flow.Optionally, the signature operation that intelligent cipher key equipment 304 can be carried out according to the trading instruction in pending information, also can root Judge that pending information is transaction data according to the format and/or content of pending information, carries out signature operation.This optional implementation In mode, signature operation is known in the art technology, and details are not described herein.In a kind of optional embodiment of the present embodiment, Intelligent cipher key equipment 304 can be one, can also be multiple.Service subsystem connects multiple intelligent cipher key equipments 304 simultaneously, The efficiency of information processing can be improved.

In a kind of optional embodiment of the present embodiment, as shown in fig. 6, terminal subsystem 302, it may include the first verification Encryption and decryption equipment 3021 and first data transmission equipment 3022；First verification encryption and decryption equipment 3021, for receiving pending letter It ceases and whether verify pending information legal, if the legal pending information of encryption, obtains encrypting pending information, encryption is waited for Processing information is sent to first data transmission equipment 3022；First data transmission equipment 3022 encrypts pending letter for receiving Breath, will encrypt pending information and is sent to terminal 301 apart from long-range service subsystem 303 by remote information channel.

In a kind of optional embodiment of the present embodiment, as shown in fig. 6, service subsystem 303, including the second data pass Transfer device 3031, the second encryption and decryption equipment 3032 and third data transmission set 3033；Second data transmission set 3031, is used for It receives and encrypts pending information, pending information will be encrypted and be sent to the second encryption and decryption equipment 3032；Second encryption and decryption equipment 3032, pending information is encrypted for receiving, decryption encrypts pending information, obtains pending information, pending information is sent out It send to third data transmission set 3033；Third data transmission set 3033, for receiving pending information, by pending information It is sent to intelligent cipher key equipment 304 connected to it.

Further, in this optional embodiment, third data transmission set 3033, for sending pending information To intelligent cipher key equipment 304 connected to it, including：Third data transmission set 3033 is additionally operable to send pending information To intelligent cipher key equipment corresponding with identity 304.Be conducive to improve the accuracy that pending information is sent.Further, Third data transmission set 3033, for pending information to be sent to intelligent cipher key equipment 304 corresponding with identity, also Can be：Second encryption and decryption equipment 3032 is additionally operable to pair progress of an intelligent cipher key equipment 304 identity corresponding with identity and recognizes Card, after certification passes through, pending information is sent to intelligent cipher key equipment 304 by third data transmission set 3033.It is close to intelligence Pending information is sent to intelligent cipher key equipment 304 again after 304 authentication of key equipment, can further improve information transmission Accuracy improves the safety of information.

Further, in the optional embodiment of above-mentioned two the present embodiment, if in pending information including number of deals According to before terminal 304 obtains pending information, in the system of the present embodiment：First data transmission equipment 3022 is additionally operable to receive Pending information is sent directly to terminal 301 or is pass-through to terminal 301 by the first encryption and decryption equipment 3021 by pending information (there is also various other embodiments, for example, it is also possible to be that other equipment with network communicating function receive pending letter Breath, terminal 301 is sent to by pending information)；Intelligent cipher key equipment 304 is additionally operable to sign to transaction data, generates label Name information；The signing messages is sent to the third data transmission set 3033 of service subsystem 303 connected to it；Third Data transmission set 3033 is additionally operable to receive signing messages, signing messages is sent to the second encryption and decryption equipment 3032；Second adds Decryption device 3032 is additionally operable to receive signing messages, and ciphering signature information obtains ciphering signature information, ciphering signature information is sent out It send to the second data transmission set 3032；Second data transmission set 3031 is additionally operable to receive ciphering signature information, encryption is signed Name information is sent to the first number with intelligent cipher key equipment 304 apart from long-range terminal subsystem 302 by remote information channel According to transmission device 3022；First data transmission equipment 3022 is additionally operable to receive ciphering signature information, ciphering signature information is sent To the first encryption and decryption equipment 3021；First encryption and decryption equipment 3021 is additionally operable to receive ciphering signature information, decryption ciphering signature letter Breath obtains signing messages, and signing messages is sent to terminal 301；Terminal 301 is additionally operable to receive signing messages.Optionally, intelligence The signature operation that key devices 304 can be carried out according to the trading instruction in pending information, also can be according to the lattice of pending information Formula and/or content judge that pending information is transaction data, carry out signature operation.In this optional embodiment, signature operation It is known in the art technology, details are not described herein.

In the optional embodiment of the present invention, service subsystem 303, including：Second encryption and decryption equipment, 3032 He Second data transmission set 3031；Wherein：Second encryption and decryption equipment 3032 encrypts pending information for receiving, and decrypts and add Close pending information, obtains pending information, and pending information is sent to the second data transmission set 3031；Second data pass Pending information is sent to intelligent cipher key equipment 304 connected to it by transfer device 3031 for receiving pending information.

In the optional embodiment of the present invention, service subsystem 303, including：Second data transmission set 3031, Second encryption and decryption equipment 3032；Wherein：Second data transmission set 3031 encrypts pending information for receiving, and will encryption Pending information is sent to the second encryption and decryption equipment 3032；Second encryption and decryption equipment 3032 encrypts pending information for receiving, And the pending information of encryption is decrypted, pending information is obtained, pending information is sent to the second data transmission set 3031；The Two data transmission sets 3031 are additionally operable to the pending information after receiving and deciphering, pending information are sent to connected to it Intelligent cipher key equipment 304.

In a kind of optional embodiment of embodiment, service subsystem 303 further includes：Protocol conversion device 3034 is used After by the pending information protocol conversion, it is sent to intelligent cipher key equipment 304 connected to it.It need not be according to terminal 301 The connection type of intelligent cipher key equipment 304 and service subsystem 303 is set with the connection type of terminal subsystem 302.By above-mentioned Embodiment can be seen that terminal 301 and obtain pending information, and pending information is sent to terminal subsystem 302, using terminal Subsystem 302 verifies the legal rear encryption of pending information and the pending information of remote transmission, service subsystem 303 remotely receive simultaneously Decryption obtains pending information, and obtained pending information is sent to intelligent cipher key equipment processing 304 by service subsystem 303, Under the premise of ensuring information security, solve can not be connected between long-range terminal 301 and intelligent cipher key equipment 304 into The problem of row information interaction realizes the terminal 301 of network communication and the remote information interaction of intelligent cipher key equipment 304, can be with Reach the long-range technique effect used or debug intelligent cipher key equipment 304, the user experience is improved.

Embodiment 4

The present embodiment provides a kind of long-range system using intelligent cipher key equipment, the system be with it is long-range in embodiment 2 One-to-one using the method for intelligent cipher key equipment, details are not described herein, is only briefly described as follows：

In the present embodiment, intelligent cipher key equipment 404 can be to have electronic signature, certificate verification and/or encryption and decryption work( Can mini-plant, for example, KEY (the K treasured etc. that U-shield that industrial and commercial bank uses, agricultural bank use).

Fig. 7 is the long-range system for using intelligent cipher key equipment that the embodiment of the present invention 4 provides, which includes：Terminal 401, terminal subsystem 402, service subsystem 403, intelligent cipher key equipment 404.

Terminal 401, for obtaining pending information, whether the verification pending information is legal information, if legal, It obtains encrypting pending information after pending information is encrypted, pending information will be encrypted and be sent to terminal subsystem 402, terminal 401 be the equipment that can not carry out network communication；

In the present embodiment, terminal 401 be can not carry out network communication equipment (such as relating computer, without network interface card calculate Machine or bank server etc., terminal 401 can not carry out network communication, ensure the safety of terminal storage information, can not be sick Poison infection illegally can not read or distort).Verify whether pending information is legal information, the hard of terminal built-in can be passed through Whether the pending information of part chip checking is the information type that should receive of intelligent cipher key equipment (as intelligent cipher key equipment should receive Device type is store instruction, Transaction Information, then the other information other than both information is disposed as invalid information), such as Fruit is not the information type that intelligent cipher key equipment should receive, then the pending information is determined as that invalid information is intercepted, and is prevented Only to the attack of terminal, the encryption key of terminal is known.

In a kind of optional embodiment of the present embodiment, terminal 401 and 402 wired connection of terminal subsystem.Wired company Connect has better safety compared to wireless connection, is not easy to be tampered after illegal intercepted and captured, wired connection mode can be USB Connection or UART connections etc..

Can include processing in a kind of optional embodiment of the present embodiment, in the pending information that terminal 401 obtains Instruction, the process instruction can be the process instructions that terminal generates, and can also be that the other equipment that receives of terminal 401 is sent Process instruction, process instruction can be trading instruction or the instructions such as instruction of shaking hands.Enable intelligent cipher key equipment 404 according to connecing The process instruction received handles pending information accordingly.

In a kind of optional embodiment of the present embodiment, pending information may include：Data to be stored.Optionally, It may also include store instruction in pending information.Intelligent cipher key equipment 404 is carried out according to the store instruction received The storage of data to be stored.

In a kind of optional embodiment of the present embodiment, pending information may include：Tune-up data.Optionally, it waits for It may also include debugging instruction in processing information.Intelligent cipher key equipment 404 is adjusted according to the debugging instruction received Examination.

In a kind of optional embodiment of the present embodiment, pending information may include：Transaction data.Optionally, it waits for It may also include trading instruction in processing information.Intelligent cipher key equipment 404 is enable to complete to hand over according to the trading instruction received Easy flow.

Certainly, in a kind of optional embodiment of this implementation, pending information can also include：Data to be stored, tune Try the arbitrary combination in data and transaction data.Allow intelligent cipher key equipment carry out as needed data storage, debugging and Complete transaction.In a kind of optional embodiment of the present embodiment, terminal 401 obtains pending information and intelligent cipher key equipment 404 identity, will encrypt pending information and identity is sent to terminal subsystem 402；Make service subsystem 403 The identification that intelligent cipher key equipment 404 can be carried out according to identity, carries out specified intelligent cipher key equipment 404 convenient for user Remote debugging or use.

Terminal subsystem 402 encrypts pending information for receiving, and is sent to by remote information channel and terminal 401 apart from long-range service subsystem 403；

In the present embodiment, refer to that service subsystem 403 can not directly pass through with terminal 401 with terminal 401 apart from long-range At a distance from terminal and the connection type of intelligent cipher key equipment are transmitted.

In an optional embodiment of the present embodiment, terminal subsystem 402 described will be added by remote information channel Close pending information and identity are sent to terminal 401 apart from long-range service subsystem 403.Make service subsystem 403 can carry out the identification of intelligent cipher key equipment 404 according to identity, convenient for user to specified intelligent cipher key equipment 404 Carry out remote debugging or use.Service subsystem 403 encrypts pending information for decrypting, obtains pending information, will wait locating Reason information is sent to intelligent cipher key equipment 404 connected to it；

In the present embodiment, the decryption method and the present embodiment that pending information uses are encrypted in the decryption of service subsystem 403 Middle terminal subsystem 402 is encrypted the cipher mode that pending information uses and is corresponded to.

In an optional embodiment of the present embodiment, service subsystem 403 can also include：Decryption encryption is pending Information obtains pending information, after pending information protocol is converted, is sent to intelligent cipher key equipment 404 connected to it.Through Protocol conversion, terminal 401 meet the pending of the connection type standard by it with what 402 connection type of terminal subsystem was sent out Information can be converted the arbitrary pending letter for meeting service subsystem 403 and 404 connection type standard of intelligent cipher key equipment Breath.For example, terminal 401 is connect with terminal subsystem 402 by USB, pending information is to meet the information of USB standard, service Subsystem 403 and 404 bluetooth connection of intelligent cipher key equipment, service subsystem 403 can be by pending information by meeting USB standard Information be converted to the information for meeting bluetooth standard, be convenient for service subsystem 403 and intelligent cipher key equipment 404 information exchange. In this way, the connection type of service subsystem 403 and intelligent cipher key equipment 404 is not by terminal 401 and terminal subsystem The limitation of 402 connection types, it is easy to use.

In a kind of optional embodiment of the present embodiment, service subsystem 403, for by pending information be sent to Its intelligent cipher key equipment 404 connected, including：Service subsystem 403 is additionally operable to pending information being sent to connected to it Intelligent cipher key equipment corresponding with identity 404.Be conducive to improve the accuracy that pending information is sent.Further, it takes Business subsystem can also be for pending information to be sent to intelligent cipher key equipment 404 corresponding with identity：Service Subsystem 403 is additionally operable to a pair intelligent cipher key equipment 404 corresponding with identity and carries out authentication, after certification passes through, will wait for Processing information is sent to the corresponding intelligent cipher key equipment of identity connected to it 404.404 identity of intelligent cipher key equipment is recognized Pending information is sent to intelligent cipher key equipment 404 again after card, can further improve the accuracy of information transmission, improves information Safety.

In the present embodiment, pending information is sent to intelligent cipher key equipment 404 connected to it by service subsystem 403, Connection type can be wired connection (such as being connected by USB interface connection, UART interface), can also be to be wirelessly connected (such as Pass through bluetooth, infrared, WIFI, NFC, 2.4G etc.).Intelligent cipher key equipment 404, for handling pending information；

In the present embodiment, the mode that intelligent cipher key equipment 404 handles pending information may include following manner at least One of：

Mode one：Include process instruction in pending information, then intelligent cipher key equipment 404 is handled according to process instruction waits locating Manage information；

In a kind of optional embodiment of the present embodiment, if in pending information including data to be stored, intelligent key Equipment 404 includes for handling pending information：Intelligent cipher key equipment 404, for data to be stored to be stored in intelligent key In the safety chip of equipment 404.Optionally, it can be grasped according to the storage of the store instruction in pending information into row storage data Make, can also judge that pending information is data to be stored according to the format and/or content of pending information, to data to be stored Carry out storage operation.

In another optional embodiment of the present embodiment, if in pending information including tune-up data, intelligent key Equipment 404 includes for handling pending information：Intelligent cipher key equipment 404, for being debugged according to tune-up data.It is optional , the debugging operations that can be carried out according to the debugging instruction in pending information also can be according to the format of pending information and/or interior Appearance judges that pending information is tune-up data, carries out debugging operations.

In another optional embodiment of the present embodiment, if pending information further includes transaction data, terminal 401 obtains Before taking pending information, in the system of the present embodiment：Terminal subsystem 402 is additionally operable to receive pending information and be sent to (there is also various other embodiments, for example, it is also possible to be that other equipment receptions with network communicating function wait for for terminal 401 Information is handled, pending information is sent to terminal 401.)；Intelligent cipher key equipment 404 is additionally operable to sign to transaction data Signing messages is obtained, signing messages is sent to service subsystem 403 connected to it；Service subsystem 403 is additionally operable to receive Signing messages, ciphering signature information obtain ciphering signature information, by ciphering signature information by remote information channel be sent to Intelligent cipher key equipment 404 is apart from long-range terminal subsystem 402；Terminal subsystem 402 is additionally operable to receive ciphering signature information, Ciphering signature information is sent to terminal 401；Terminal 401 is additionally operable to receive ciphering signature information, and decryption ciphering signature information obtains To signing messages；Terminal 401 will by terminal subsystem 402 (or other equipment with network communicating function) by signing messages Signing messages is sent to bank server；Bank server receives signing messages and sign test, and sign test completes transaction flow after passing through. Optionally, the signature operation that intelligent cipher key equipment 404 can be carried out according to the trading instruction in pending information, also can be according to waiting locating It manages the format of information and/or content judges that pending information is transaction data, carry out signature operation.This optional embodiment In, signature operation is known in the art technology, and details are not described herein.

In a kind of optional embodiment of the present embodiment, intelligent cipher key equipment 404 can be one, can also be more It is a.Service subsystem connects multiple intelligent cipher key equipments 404 simultaneously, and the efficiency of information processing can be improved.

In a kind of optional embodiment of the present embodiment, as shown in figure 8, terminal 401, including：4011 He of acquisition module First verification encryption/decryption module 4012 and transceiver module 4013；Acquisition module 4011 for obtaining pending information, and will wait locating Reason information is sent to the first verification encryption/decryption module 4012；First verification encryption/decryption module 4012, for receiving pending information, It whether legal verifies pending information, if legal, encrypts pending information, pending information will be encrypted and be sent to transceiver module 4013；Transceiver module 4013 is sent to terminal subsystem 402 for that will encrypt pending information.Terminal subsystem 402, including First data transmission equipment 4021；First data transmission equipment 4021 is encrypted pending information for receiving, will be encrypted pending Information is sent to terminal 401 by remote information channel apart from long-range service subsystem 403.

In a kind of optional embodiment of the present embodiment, as shown in figure 8, service subsystem 403, including：Second data Transmission device 4031, the second encryption and decryption equipment 4032 and third data transmission set 4033；Second data transmission set 4032 is used Pending information is encrypted in receiving, and pending information will be encrypted and be sent to the second encryption and decryption equipment 4032；Second encryption and decryption is set Standby 4032, pending information is encrypted for receiving, and decrypt the pending information of encryption, pending information is obtained, by pending letter Breath is sent to third data transmission set 4033；Third data transmission set 4033 will be pending for receiving pending information Information is sent to intelligent cipher key equipment 404 connected to it.

In a kind of optional embodiment of the present embodiment, third data transmission set 4033 is used for pending information It is sent to intelligent cipher key equipment 404 connected to it, including：Third data transmission set 4033 is additionally operable to pending information It is sent to intelligent cipher key equipment corresponding with identity 404.Be conducive to improve the accuracy that pending information is sent.Further , third data transmission set 3033, for pending information to be sent to intelligent cipher key equipment corresponding with identity 404, it can also be：Second encryption and decryption equipment 4032 is additionally operable to a pair intelligent cipher key equipment 404 corresponding with identity and carries out body Part certification, after certification passes through, pending information is sent to intelligent cipher key equipment 404 by third data transmission set 4033.To intelligence Pending information can be sent to intelligent cipher key equipment 404 again after 404 authentication of key devices, can further improve information hair The accuracy sent improves the safety of information.

Further, in the optional embodiment of above-mentioned two the present embodiment, if in pending information including number of deals According to, intelligent cipher key equipment is additionally operable to be signed to obtain signing messages to the transaction data, by signing messages be sent to and its The third data transmission set 4033 of the service subsystem 403 of connection；Third data transmission set 4033 is additionally operable to receive signature Signing messages is sent to the second encryption and decryption equipment 4032 by information；Second encryption and decryption equipment 4032 is additionally operable to receive A.L.S. Breath, ciphering signature information obtain ciphering signature information, ciphering signature information are sent to the second data transmission set 4031；Second Data transmission set 4031 is additionally operable to receive ciphering signature information, ciphering signature information is sent to by remote information channel The first data transmission equipment 4021 of the terminal subsystem 402 long-range with intelligent cipher key equipment 404；First data transmission equipment 4021, it is additionally operable to receive ciphering signature information, ciphering signature information is sent to the first verification encryption and decryption mould of the terminal 401 Block 4012；First adds verification deciphering module 4012, is additionally operable to receive ciphering signature information, decryption ciphering signature information is signed Information.Signing messages is also sent to silver by terminal 401 by the first transmission device 4021 or other equipment with communication function Row server, bank server carry out sign test to signing messages, and sign test is merchandised by then completing.Optionally, intelligent cipher key equipment 404 signature operations that can be carried out according to the trading instruction in pending information, also can be according to the format of pending information and/or interior Appearance judges that pending information is transaction data, carries out signature operation.In this optional embodiment, the flow of signature operation is this Field known technology, details are not described herein.

In another optional embodiment of the present embodiment, service subsystem 403, including：Second encryption and decryption equipment 4032 and second data transmission set 4031；Wherein：Second encryption and decryption equipment 4032 encrypts pending information for receiving, and Pending information is encrypted in decryption, obtains pending information, pending information is sent to the second data transmission set 4031；Second Pending information is sent to intelligent cipher key equipment connected to it by data transmission set 4031 for receiving pending information 404。

In another optional embodiment of the present embodiment, service subsystem 403, including：Second data transmission set 4031, the second encryption and decryption equipment 4032；Wherein：Second data transmission set 4031 encrypts pending information for receiving, and will It encrypts pending information and is sent to the second encryption and decryption equipment 4032；Second encryption and decryption equipment 4032, it is pending for receiving encryption Information, and the pending information of encryption is decrypted, pending information is obtained, pending information is sent to the second data transmission set 4031；Second data transmission set 4031 is additionally operable to the pending information after receiving and deciphering, by pending information be sent to and its The intelligent cipher key equipment 404 of connection.

In a kind of optional embodiment of embodiment, service subsystem 403 further includes：Protocol conversion device 4034 is used After by the pending information protocol conversion, it is sent to intelligent cipher key equipment 404 connected to it.It need not be according to terminal 401 The connection type of intelligent cipher key equipment 404 and service subsystem 403 is set with the connection type of terminal subsystem 402.

As can be seen from the above-described embodiment, terminal 401 obtains pending information, verify pending information it is legal after, encryption Pending information obtains encrypting pending information, will encrypt pending information and is sent to terminal subsystem 402, using terminal subsystem The pending information of 402 remote transmissions of uniting, service subsystem 403 remotely receive and decrypt to obtain pending information, service subsystem Obtained pending information is sent to intelligent cipher key equipment processing 404 by 403, under the premise of ensuring information security, is solved The problem of carrying out information exchange can not be connected between long-range terminal 401 and intelligent cipher key equipment 404, and it is logical to realize network The terminal 401 of news and the remote information interaction of intelligent cipher key equipment 404, can reach long-range and use or debug intelligent cipher key equipment 404 technique effect, the user experience is improved.

Any process described otherwise above or method description are construed as in flow chart or herein, and expression includes It is one or more for realizing specific logical function or process the step of executable instruction code module, segment or portion Point, and the range of the preferred embodiment of the present invention includes other realization, wherein can not press shown or discuss suitable Sequence, include according to involved function by it is basic simultaneously in the way of or in the opposite order, to execute function, this should be of the invention Embodiment person of ordinary skill in the field understood.

It should be appreciated that each section of the present invention can be realized with hardware, software, firmware or combination thereof.Above-mentioned In embodiment, software that multiple steps or method can in memory and by suitable instruction execution system be executed with storage Or firmware is realized.It, and in another embodiment, can be under well known in the art for example, if realized with hardware Any one of row technology or their combination are realized：With the logic gates for realizing logic function to data-signal Discrete logic, with suitable combinational logic gate circuit application-specific integrated circuit, programmable gate array (PGA), scene Programmable gate array (FPGA) etc..

Those skilled in the art are appreciated that realize all or part of step that above-described embodiment method carries Suddenly it is that relevant hardware can be instructed to complete by program, the program can be stored in a kind of computer-readable storage medium In matter, which includes the steps that one or a combination set of embodiment of the method when being executed.

In addition, each functional unit in each embodiment of the present invention can be integrated in a processing module, it can also That each unit physically exists alone, can also two or more units be integrated in a module.Above-mentioned integrated mould The form that hardware had both may be used in block is realized, can also be realized in the form of software function module.The integrated module is such as Fruit is realized in the form of software function module and when sold or used as an independent product, can also be stored in a computer In read/write memory medium.

Storage medium mentioned above can be read-only memory, disk or CD etc..

In the description of this specification, reference term " one embodiment ", " some embodiments ", " example ", " specifically show The description of example " or " some examples " etc. means specific features, structure, material or spy described in conjunction with this embodiment or example Point is included at least one embodiment or example of the invention.In the present specification, schematic expression of the above terms are not Centainly refer to identical embodiment or example.Moreover, particular features, structures, materials, or characteristics described can be any One or more embodiments or example in can be combined in any suitable manner.

Although the embodiments of the present invention has been shown and described above, it is to be understood that above-described embodiment is example Property, it is not considered as limiting the invention, those skilled in the art are not departing from the principle of the present invention and objective In the case of can make changes, modifications, alterations, and variations to the above described embodiments within the scope of the invention.The scope of the present invention By appended claims and its equivalent limit.

Claims

1. a kind of long-range method using intelligent cipher key equipment, which is characterized in that including：

Terminal obtains the identity of pending information and intelligent cipher key equipment, by the pending information and the identity It is sent to terminal subsystem, the terminal is the equipment that can not carry out network communication, wherein the pending information is at least wrapped It includes：Data to be stored and tune-up data；

The terminal subsystem verifies whether the pending information is legal information, if legal, encrypts the pending letter Breath obtains encrypting pending information, and is sent the pending information of the encryption and the identity by remote information channel Extremely with the terminal apart from long-range service subsystem；

The service subsystem decryption pending information of encryption, obtains the pending information, by the pending information It is sent to intelligent cipher key equipment corresponding with the identity connected to it, wherein the service subsystem connection is multiple Intelligent cipher key equipment；

The intelligent cipher key equipment handles the pending information, wherein the intelligent cipher key equipment handles the pending letter Breath includes：The data to be stored is stored in the safety chip of the intelligent cipher key equipment by the intelligent cipher key equipment, and It is debugged according to the tune-up data.

2. a kind of long-range method using intelligent cipher key equipment, which is characterized in that including：

Terminal obtains the identity of pending information and intelligent cipher key equipment, verifies whether the pending information is legal letter Breath will obtain encrypting pending information, by the pending information of the encryption and institute if legal after the pending information encryption It states identity and is sent to terminal subsystem, the terminal is the equipment that can not carry out network communication, wherein the pending letter Breath includes at least：Data to be stored and tune-up data；

The terminal subsystem receives the pending information of the encryption and the identity, and is sent by remote information channel Extremely with the terminal apart from long-range service subsystem；

3. method according to claim 1 or 2, which is characterized in that the service subsystem decryption encryption is pending Information obtains the pending information, the pending information is sent to connected to it corresponding with the identity Intelligent cipher key equipment, including：

The service subsystem decryption pending information of encryption, obtains the pending information, by the pending information It carries out protocol conversion and obtains the accessible information of the intelligent cipher key equipment, and be sent to the connected to it and identity Corresponding intelligent cipher key equipment.

4. method according to claim 1 or 2, which is characterized in that

The pending information further includes：Transaction data；

Before terminal obtains the identity of pending information and intelligent cipher key equipment, the method further includes：

The terminal subsystem receives the pending information, and the pending information is sent to the terminal；

The intelligent cipher key equipment handles the pending information, including：

The intelligent cipher key equipment signs to the transaction data, generates signing messages；

After the intelligent cipher key equipment handles the step of pending information, the method further includes：

The signing messages is sent to the service subsystem connected to it by the intelligent cipher key equipment；

The service subsystem encrypts the signing messages and obtains ciphering signature information, the ciphering signature information is passed through described Remote information channel is sent to the terminal subsystem long-range with intelligent cipher key equipment distance；

The terminal subsystem receives the ciphering signature information, decrypts the ciphering signature information and obtains the signing messages, The signing messages is sent to the terminal.

5. according to the method described in claim 3, it is characterized in that,

The pending information further includes：Transaction data；

The service subsystem encrypts the signing messages and obtains ciphering signature information, the ciphering signature information is passed through long-range Information channel is sent to the long-range terminal subsystem；

The terminal subsystem receives the ciphering signature information, and the ciphering signature information is sent to the terminal, described Terminal receives the ciphering signature information and decrypts, and obtains the signing messages.

6. according to claim 1,2 or 5 any one of them methods, which is characterized in that

It is close that the pending information is sent to intelligence corresponding with the identity connected to it by the service subsystem Key equipment, including：

The service subsystem pair intelligent cipher key equipment corresponding with the identity carries out authentication, after certification passes through, The pending information is sent to the intelligent cipher key equipment.

7. according to claim 1,2 or 5 any one of them methods, which is characterized in that the remote information channel is that transmission is controlled Agreement TCP processed or User Datagram Protocol UDP connection networks.

8. a kind of long-range system using intelligent cipher key equipment, which is characterized in that including：

Terminal, the identity for obtaining pending information and intelligent cipher key equipment, by the pending information and the body Part mark is sent to terminal subsystem, and the terminal is the equipment that can not carry out network communication, wherein the pending information is extremely Include less：Data to be stored and tune-up data；

The terminal subsystem waits locating for verifying whether the pending information is legal information if legal, described in encryption Reason information obtains encrypting pending information, and by remote information channel by the pending information of the encryption and the identity It is sent to the terminal apart from long-range service subsystem；

The service subsystem obtains the pending information for decrypting the pending information of the encryption, will be described pending Information is sent to intelligent cipher key equipment corresponding with the identity connected to it, wherein the service subsystem connection Multiple intelligent cipher key equipments；

The intelligent cipher key equipment, for handling the pending information, wherein wait locating described in the intelligent cipher key equipment processing Managing information includes：The data to be stored is stored in the safety chip of the intelligent cipher key equipment by the intelligent cipher key equipment In, and debugged according to the tune-up data.

9. a kind of long-range system using intelligent cipher key equipment, which is characterized in that including：

Terminal, if legal, obtain the pending information and intelligence is close for verifying whether pending information is legal information The identity of key equipment will obtain encrypting pending information, by the pending letter of encryption after the pending information encryption Breath and the identity are sent to terminal subsystem, and the terminal is the equipment that can not carry out network communication, wherein described to wait for Processing information includes at least：Data to be stored and tune-up data；

The terminal subsystem, for receiving the pending information of the encryption and the identity, and it is logical by remote information Road is sent to the terminal apart from long-range service subsystem；

Intelligent cipher key equipment, for handling the pending information, wherein the intelligent cipher key equipment handles the pending letter Breath includes：The data to be stored is stored in the safety chip of the intelligent cipher key equipment by the intelligent cipher key equipment, and It is debugged according to the tune-up data.

10. system according to claim 8 or claim 9, which is characterized in that the service subsystem, for decrypting the encryption Pending information obtains the pending information, and the pending information is sent to the connected to it and identity Corresponding intelligent cipher key equipment, including：

The service subsystem obtains the pending information for decrypting the pending information of the encryption, will be described pending It is sent to intelligent cipher key equipment corresponding with the identity connected to it after information protocol conversion.

11. system according to claim 8 or claim 9, which is characterized in that

The pending information further includes：Transaction data；

The terminal subsystem is additionally operable to receive the pending information and is sent to terminal；

The intelligent cipher key equipment is additionally operable to be signed to obtain signing messages to the transaction data；By the signing messages It is sent to the service subsystem connected to it；

The service subsystem is additionally operable to receive the signing messages, encrypts the signing messages and obtains ciphering signature information, will The ciphering signature information is sent to the null terminator Null long-range with intelligent cipher key equipment distance by remote information channel System；

The terminal subsystem is additionally operable to receive the ciphering signature information and decrypt, the signing messages obtained, by the label Name information is sent to the terminal；

The terminal is additionally operable to receive the signing messages.

12. system according to claim 10, which is characterized in that

The pending information further includes：Transaction data；

The intelligent cipher key equipment is additionally operable to be signed to obtain signing messages to the transaction data, by the signing messages It is sent to the service subsystem connected to it；

The terminal subsystem, is additionally operable to receive the ciphering signature information, and the ciphering signature information is sent to the end End；

The terminal is additionally operable to receive the ciphering signature information, decrypts the ciphering signature information and obtains the signing messages.

13. according to claim 8,9 or 12 any one of them systems, which is characterized in that

The service subsystem, for the pending information to be sent to intelligence corresponding with the identity connected to it Energy key devices, including：

The service subsystem carries out authentication, certification for the intelligent cipher key equipment corresponding to the identity By rear, the pending information is sent to intelligent cipher key equipment corresponding with the identity connected to it.

14. system according to claim 8, which is characterized in that

The terminal subsystem includes：First verification encryption and decryption equipment and first data transmission equipment；Wherein：

The first verification encryption and decryption equipment, for receiving the pending information, and verifies whether the pending information closes Method encrypts pending information if legal, obtains encrypting pending information, and the pending information of encryption is sent to institute State first data transmission equipment；

The first data transmission equipment passes through the pending information of encryption for receiving the pending information of encryption Remote information channel is sent to the terminal apart from long-range service subsystem.

15. the system according to claim 9 or 12, which is characterized in that

The terminal includes：Acquisition module, the first verification encryption/decryption module and transceiver module；Wherein：

The acquisition module is sent to first verification for obtaining the pending information, and by the pending information Encryption/decryption module；

The first verification encryption/decryption module, for receiving the pending information, whether the verification pending information is legal, If legal, the pending information is encrypted, obtains encrypting pending information, the pending information of encryption is sent to described Transceiver module；

The transceiver module, for the pending information of encryption to be sent to the terminal subsystem；

Terminal subsystem, including first data transmission equipment；

The first data transmission equipment passes through the pending information of encryption for receiving the pending information of encryption Remote information channel is sent to long-range service subsystem.

16. the system according to claim 9 or 12, which is characterized in that

The service subsystem, including：Second data transmission set, the second encryption and decryption equipment and third data transmission set；Its In：

Second data transmission set is sent out for receiving the pending information of encryption, and by the pending information of encryption It send to the second encryption and decryption equipment；

The second encryption and decryption equipment for receiving the pending information of encryption, and is decrypted the pending information of encryption, is obtained To the pending information, the pending information is sent to the third data transmission set；

The pending information is sent to and connects with it for receiving the pending information by the third data transmission set The intelligent cipher key equipment connect.

17. the system according to claim 9 or 12, which is characterized in that

The service subsystem, including：Second encryption and decryption equipment and the second data transmission set；Wherein：

The second encryption and decryption equipment for receiving the pending information of encryption, and is decrypted the pending information of encryption, is obtained To the pending information, the pending information is sent to second data transmission set；

The pending information is sent to and connects with it for receiving the pending information by second data transmission set The intelligent cipher key equipment connect.

18. the system according to claim 9 or 12, which is characterized in that

The service subsystem, including：Second data transmission set, the second encryption and decryption equipment；Wherein：

Second data transmission set is additionally operable to the pending information after receiving and deciphering, and the pending information is sent out It send to intelligent cipher key equipment connected to it.

19. system according to claim 16, which is characterized in that the service subsystem further includes protocol conversion device, The protocol conversion device, for by after the pending information protocol conversion, being sent to intelligent cipher key equipment connected to it.

20. system according to claim 17, which is characterized in that the service subsystem further includes protocol conversion device, The protocol conversion device, for by after the pending information protocol conversion, being sent to intelligent cipher key equipment connected to it.

21. system according to claim 18, which is characterized in that the service subsystem further includes protocol conversion device, The protocol conversion device, for by after the pending information protocol conversion, being sent to intelligent cipher key equipment connected to it.

22. the system according to claim 9 or 12, which is characterized in that the remote information channel is transmission control protocol TCP or User Datagram Protocol UDP connection networks.