CN105512883B - Mobile wallet near-field communication pays encryption method - Google Patents

Mobile wallet near-field communication pays encryption method Download PDF

Info

Publication number
CN105512883B
CN105512883B CN201510956129.4A CN201510956129A CN105512883B CN 105512883 B CN105512883 B CN 105512883B CN 201510956129 A CN201510956129 A CN 201510956129A CN 105512883 B CN105512883 B CN 105512883B
Authority
CN
China
Prior art keywords
terminal
mobile payment
payment
code key
field communication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510956129.4A
Other languages
Chinese (zh)
Other versions
CN105512883A (en
Inventor
郑紫微
潘洋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Ningbo University
Original Assignee
Ningbo University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ningbo University filed Critical Ningbo University
Priority to CN201510956129.4A priority Critical patent/CN105512883B/en
Publication of CN105512883A publication Critical patent/CN105512883A/en
Application granted granted Critical
Publication of CN105512883B publication Critical patent/CN105512883B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/32Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
    • G06Q20/327Short range or proximity payments by means of M-devices
    • G06Q20/3278RFID or NFC payments by means of M-devices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
    • G06Q20/401Transaction verification
    • G06Q20/4014Identity check for transactions

Abstract

The present invention relates to mobile wallet near-field communications to pay encryption method, the identity number that Mobile payment terminal and cash receiving terminal send respective NFC module respectively is stored to certification authority, certification authority generates Mobile payment terminal anonymous identification number, cash receiving terminal anonymous identification number and certification authority respectively with Mobile payment terminal, the shared code key of cash receiving terminal communication, certification authority stores Mobile payment terminal and sends the certification request time, and with this certification request sending time, shared code key and shared code key generate encryption information of the time as Mobile payment terminal payment transaction;When Mobile payment terminal and cash receiving terminal carry out near-field communication payment, Mobile payment terminal sends encryption information to cash receiving terminal, it is retransmited by cash receiving terminal to certification authority and is authenticated, since certification authority has been pre-stored the encryption information of Mobile payment terminal, after certification authority passes through the authentification of message that cash receiving terminal is sent, it is ensured that the safety of payment transaction between cash receiving terminal and Mobile payment terminal.

Description

Mobile wallet near-field communication pays encryption method
Technical field
The present invention relates to mobile payment fields more particularly to a kind of mobile wallet near-field communication to pay encryption method.
Background technique
Near-field communication (Near Field Communication, abbreviation NFC) is a kind of radio technology of short distance high frequency, It is to be evolved by non-contact radio-frequency identification technology and point-to-point communication technological incorporation, in 0 to 20cm distance, work exists 13.56MHz frequency, transmission speed have 106Kbit/ seconds, 212Kbit/ seconds or three kinds of 424Kbit/ second, and can be different Automatically switch between transmission speed.
There are three types of use patterns for NFC tool: mode card, peer-to-peer mode, read/write card device mode.Wherein, point-to-point logical Letter mode is for realizing the data interaction between different NFC terminals, so that multiple equipment for having NFC function be communicated to connect Get up, and realizes the point-to-point transmission of data by link layer communication protocols.It is found that the near-field communication equipment with NFC function Between can carry out wireless data transmission.For example, consumer is in the transaction using Mobile payment terminal shopping, completion payment In, the Mobile payment terminal of consumer needs to carry out near-field communication with the cash receiving terminal of businessman, could complete entire near-field communication Payment process.This Mobile payment terminal that consumer uses is also known as mobile wallet.
However, sharing between the two is secret when existing Mobile payment terminal and cash receiving terminal carry out near-field communication payment Key is easy as unique encryption information by illegal third-party attack, to be truncated to the shared of near-field communication payment both sides Code key, it is serious to compromise the trading information safety of Mobile payment terminal and cash receiving terminal.
Summary of the invention
The technical problem to be solved by the present invention is to provide one kind for the above-mentioned prior art to pay near-field communication The information of both sides encrypts, to guarantee that the mobile wallet near-field communication of both parties' information security pays encryption method.
The technical scheme of the invention to solve the technical problem is: mobile wallet near-field communication pays encryption side Method, for NFC module Mobile payment terminal, certification authority and with NFC module cash receiving terminal composition near field Communicate payment transaction system, which is characterized in that in turn include the following steps:
(1) Mobile payment terminal generates the first certification random number, will include that the first certification random number and mobile payment are whole It holds the certification request information of the identity number of itself NFC module to be sent to certification authority, and stores and send certification request information Time;
Wherein, the first certification random number is denoted as m1(m1∈ [0,9], and m1∈ Z), Mobile payment terminal itself NFC module Identity number is denoted as IDPayment, Mobile payment terminal send certification request information time be denoted as T1, certification authority is labeled as TSM, certification request information are denoted as SP-T(Request,IDPayment,m1,T1);
(2) the certification request information that certification authority receives, storage Mobile payment terminal is sent, generates certification authority and movement Shared code key between payment terminal, record generate the time of the shared code key, and by the shared code key of generation and this share it is secret The generation time of key is sent to Mobile payment terminal and is stored;
Wherein, the shared code key between certification authority and Mobile payment terminal is denoted as SKPayment-TSM, the shared code key SKPayment-TSMThe generation time be denoted as T2
(3) when Mobile payment terminal is close to cash receiving terminal, Mobile payment terminal sends near field communication request information to gathering Terminal;
Wherein, near field communication request information includes the shared code key between Mobile payment terminal and cash receiving terminal SKPayment-Receiver, Mobile payment terminal generate second certification random number m2(m2∈ (0,9) and m2∈ Z, m2≠m1), it is mobile The time T of payment terminal transmission certification request information1, Mobile payment terminal itself NFC module identity IDPayment, move Shared code key SK between dynamic payment terminal and certification authorityPayment-TSM;Wherein, near field communication request information is denoted as SP-R (Request,IDPayment,m2,T1,SKPayment-TSM,SKPayment-Receiver);
(4) for cash receiving terminal after the near field communication request information for receiving Mobile payment terminal transmission, sending includes gathering Code key and received mobile payment are shared between the identity number of terminal itself NFC module, cash receiving terminal and certification authority The Licensing Authority solicited message of terminal near field communication request information is authenticated to certification authority;
Wherein, the identity number of cash receiving terminal itself NFC module is denoted as IDReceiver, cash receiving terminal and certification authority it Between shared code key be denoted as SKReceiver-TSM;Licensing Authority solicited message label is as follows:
SR-A(Request,IDPayment,IDReceiver,m2,T2,SKPayment-TSM,SKPayment-Receiver,SKReceiver-TSM);
(5) the Licensing Authority solicited message that certification authority sends according to received cash receiving terminal carries out information extraction and sentences It is disconnected, with the Mobile payment terminal identity of certification request and cash receiving terminal near-field communication:
When certification authority's extracted Mobile payment terminal identity number, mobile payment in Licensing Authority solicited message Share code key between terminal and certification authority and the shared code key generate time with the mobile branch that is stored in certification authority Pay terminal identity identification number IDPayment, shared code key SKPayment-TSM, shared code key generate time T2When consistent, then certification authority Its shared code key between cash receiving terminal is updated, and sends license near-field communication information and sharing of newly updating is secret Key is to cash receiving terminal;Otherwise, refusal near-field communication information is sent to cash receiving terminal;
Wherein, the license near-field communication information that certification authority sends includes sharing between Mobile payment terminal and certification authority Code key SKPayment-TSM, the shared code key SKPayment-TSMGeneration time T2, Mobile payment terminal send certification request information Time T1, updated shared code key is denoted as SK' between certification authority and cash receiving terminalReceiver-TSM
License near-field communication information is SA-R(Accept,T1,T2,SKPayment-TSM,SKPayment-Receiver,SK 'Receiver-TSM);Refusal near-field communication information is SA-R(Reject,SKReceiver-TSM);
(6) cash receiving terminal receives, stores itself and the updated shared code key of certification authority, and according to received certification authority License near-field communication information or refusal near-field communication information, to Mobile payment terminal send near field communication request information to Give feedback:
When cash receiving terminal receives the license near-field communication information of certification authority, then cash receiving terminal receives mobile payment end The near field communication request sent is held, and generates the update shared for cash receiving terminal and Mobile payment terminal and shares code key SK'Payment-Receiver, while sending includes sharing code key between Mobile payment terminal and certification authority to generate time T2, gathering eventually End updates shared code key SK' with Mobile payment terminalPayment-Receiver, cash receiving terminal itself NFC module identity number IDReceiverNear-field communication receive information to Mobile payment terminal;Wherein, near-field communication receives information and is denoted as SR-P(Accept, IDReceiver,SK'Payment-Receiver,T2);
When cash receiving terminal receives the refusal near-field communication information of certification authority, then cash receiving terminal refuses Mobile payment terminal The near field communication request of transmission, and refusal near-field communication information is sent to Mobile payment terminal;Wherein, refuse near-field communication information It is denoted as SR-P(Reject,SKPayment-Receiver);
(7) Mobile payment terminal receives the information that cash receiving terminal is sent, and judges and operate according to received information:
When received information is that near-field communication receives information, Mobile payment terminal extracts near-field communication and receives institute in information When sharing code key TimeGenerated value between the Mobile payment terminal for including and certification authority, and judging that the shared code key extracted generates Between value with Mobile payment terminal itself storage shared code key TimeGenerated value T2When consistent, then Mobile payment terminal generation includes The dummy keyboard of letter and number mixing is moved by dummy keyboard input letter, the payment cipher of digital mixed form with realizing Payment transaction process between dynamic payment terminal and cash receiving terminal, and sent more after the completion of payment transaction by Mobile payment terminal Newly shared code key solicited message is to certification authority;Otherwise, Mobile payment terminal stops sending near field communication request information to gathering Terminal;Wherein, updating the update that Mobile payment terminal is sent and sharing code key solicited message includes having Mobile payment terminal itself NFC The identity number of module is denoted as IDPayment, cash receiving terminal itself NFC module identity IDReceiver, mobile payment it is whole End and the shared code key SK before certification authorityPayment-TSM;It updates shared code key solicited message and is denoted as SP-A(Renew, IDPayment,IDReceiver,SKPayment-TSM);
When received information is refusal near-field communication information, Mobile payment terminal stops sending near field communication request information To cash receiving terminal;
(8) certification authority receive Mobile payment terminal transmission update share code key request after, certification authority to its with Shared code key between Mobile payment terminal is updated, and obtains updated shared code key, and by it is new it is updated share it is secret Key is sent to Mobile payment terminal, uses so that Mobile payment terminal carries out next near-field communication;Wherein, it is updated share it is secret Key is denoted as SK'Payment-TSM
Further, it in order to increase updated shared code key complexity between certification authority and Mobile payment terminal, mentions The safety of the shared code key of height, as an improvement, updated total between certification authority and Mobile payment terminal in the step (8) Enjoy code key SK'Payment-TSMCalculation formula it is as follows:
SK'Payment-TSM=n1·SKPayment-TSM=n1·kTSM·G;
Wherein, kTSMFor the random number that certification authority TSM is generated, SKPayment-TSMIt is that certification authority TSM and mobile payment are whole Shared code key of end Payment when not updating, G are the basic point of elliptic curve E, basic point G on an elliptic curvee, elliptic curve E's Equation are as follows: E:y2=x3+k1x+k2 mod n1;Wherein,
k1=4;
k2=64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1;
n1=62,771,017,353,866,807,638,357,894,231,760,590,137,671,947,731,828,422,840 81.
Compared with the prior art, the advantages of the present invention are as follows: Mobile payment terminal and cash receiving terminal are respectively by respective NFC mould The identity number of block is sent to certification authority's storage, is generated by certification authority Mobile payment terminal anonymous identification number, receives Shared code key when money terminal anonymous identification number and certification authority communicate with Mobile payment terminal, cash receiving terminal respectively, The time of certification request is sent, and by certification authority's storage Mobile payment terminal with this certification request sending time, shared code key And shared code key generates encryption information of the time as Mobile payment terminal payment transaction;It is whole in Mobile payment terminal and gathering When end carries out near-field communication payment, Mobile payment terminal sends its encryption information to cash receiving terminal, by cash receiving terminal retransmit to Certification authority's certification, since certification authority has been pre-stored the encryption information of Mobile payment terminal, will collect money in certification authority After the authentification of message that terminal is sent passes through, it is ensured that the safety of payment transaction between cash receiving terminal and Mobile payment terminal.
Detailed description of the invention
Fig. 1 is the structural schematic diagram of near-field communication payment transaction system in the embodiment of the present invention;
Fig. 2 is the flow diagram that mobile wallet near-field communication pays encryption method in the embodiment of the present invention.
Specific embodiment
The present invention will be described in further detail below with reference to the embodiments of the drawings.
As shown in Figure 1, the near-field communication payment transaction system in the present embodiment is whole by the mobile payment with NFC module End, certification authority and the cash receiving terminal composition with NFC module.Wherein, in order to improve the near-field communication payment transaction system Safety as shown in Fig. 2, mobile wallet near-field communication in the embodiment of the present invention pays encryption method successively include as follows Step 1 is to step 8:
Step 1, Mobile payment terminal generates the first certification random number, will include the first certification random number and mobile payment The certification request information of the identity number of terminal itself NFC module is sent to certification authority, and stores and send certification request letter The time of breath;
Wherein, the first certification random number is denoted as m1(m1∈ [0,9], and m1∈ Z), Mobile payment terminal itself NFC module Identity number is denoted as IDPayment, identity IDPaymentThe as global identity identification number of NFC module, the global identity Identification number has uniqueness;The time that Mobile payment terminal sends certification request information is denoted as T1, certification authority be labeled as TSM, Certification request information is denoted as SP-T(Request,IDPayment,m1,T1);
Step 2, certification authority receive, storage Mobile payment terminal send certification request information, generate certification authority with Shared code key between Mobile payment terminal, record generates the time of the shared code key, and the shared code key of generation is total to this The generation time for enjoying code key is sent to Mobile payment terminal and is stored;
Wherein, the shared code key between certification authority and Mobile payment terminal is denoted as SKPayment-TSM, the shared code key SKPayment-TSMThe generation time be denoted as T2;Wherein, it when Mobile payment terminal is communicated with certification authority, needs to send between the two Shared code key SKPayment-TSM, to verify the legal identity of the two each other;
Wherein, the shared code key SK of certification authority and Mobile payment terminalPayment-TSM, Mobile payment terminal send certification ask Seek the time T of information1And shared code key SKPayment-TSMGeneration time T2Only certification authority and Mobile payment terminal is known It knows, other third parties, such as cash receiving terminal, illegal user's terminal cannot get the shared code key SKPayment-TSM, logical with this It crosses shared code key SKPayment-TSM, certification request access time T1With shared code key SKPayment-TSMGenerate time T2As The encryption information of Mobile payment terminal and certification authority, to guarantee the information security of Mobile payment terminal;
Step 3, when Mobile payment terminal is close to cash receiving terminal, Mobile payment terminal sends near field communication request information to receipts Money terminal;
Wherein, near field communication request information includes the shared code key between Mobile payment terminal and cash receiving terminal SKPayment-Receiver, Mobile payment terminal generate second certification random number m2(m2∈ (0,9) and m2∈ Z, m2≠m1), it is mobile The time T of payment terminal transmission certification request information1, Mobile payment terminal itself NFC module identity IDPayment, move Shared code key SK between dynamic payment terminal and certification authorityPayment-TSM;Wherein, near field communication request information is denoted as SP-R (Request,IDPayment,m2,T1,SKPayment-TSM,SKPayment-Receiver);
Wherein, the second certification random number m2With the first certification random number m1Difference, increasing illegal user terminal acquisition with this should The difficulty of second certification random number, improves the information security of Mobile payment terminal and cash receiving terminal transaction;
Step 4, for cash receiving terminal after the near field communication request information for receiving Mobile payment terminal transmission, sending includes receiving Code key is shared between the identity number of itself NFC module of money terminal, cash receiving terminal and certification authority and receives to move props up The Licensing Authority solicited message for paying terminal near field communication request information is authenticated to certification authority;
Wherein, the identity number of cash receiving terminal itself NFC module is denoted as IDReceiver, cash receiving terminal and certification authority it Between shared code key be denoted as SKReceiver-TSM;Licensing Authority solicited message label is as follows:
SR-A(Request,IDPayment,IDReceiver,m2,T2,SKPayment-TSM,SKPayment-Receiver,SKReceiver-TSM);
Similarly, cash receiving terminal and the shared code key SK of certification authority between the twoReceiver-TSMAlso only have cash receiving terminal, Certification knows that other third parties, including NFC payment terminal, illegal user's terminal cannot get the shared code key SKReceiver-TSM, guarantee the information security of cash receiving terminal with this;
Shared code key SKPayment-TSMIt is unknown for cash receiving terminal;Thus cash receiving terminal can only get movement The identity ID of payment terminalPayment, it can guarantee that Mobile payment terminal will not be pretended to be by other illegal users in this way, into And illegally attempt to send payment transaction process with certification authority, cash receiving terminal, to ensure that the information peace of Mobile payment terminal Entirely;
Step 5, certification authority carries out information extraction according to the Licensing Authority solicited message that received cash receiving terminal is sent And judgement, with the Mobile payment terminal identity of certification request and cash receiving terminal near-field communication:
When certification authority's extracted Mobile payment terminal identity number, mobile payment in Licensing Authority solicited message Share code key between terminal and certification authority and the shared code key generate time with the mobile branch that is stored in certification authority Pay terminal identity identification number IDPayment, shared code key SKPayment-TSM, shared code key generate time T2When consistent, then certification authority Its shared code key between cash receiving terminal is updated, and sends license near-field communication information and sharing of newly updating is secret Key is to cash receiving terminal;Otherwise, refusal near-field communication information is sent to cash receiving terminal;
Wherein, the license near-field communication information that certification authority sends includes sharing between Mobile payment terminal and certification authority Code key SKPayment-TSM, the shared code key SKPayment-TSMGeneration time T2, Mobile payment terminal send certification request information Time T1, updated shared code key is denoted as SK' between certification authority and cash receiving terminalReceiver-TSM
License near-field communication information is SA-R(Accept,T1,T2,SKPayment-TSM,SKPayment-Receiver,SK 'Receiver-TSM);Refusal near-field communication information is SA-R(Reject,SKReceiver-TSM);
Wherein, the shared code key SK in Licensing Authority solicited message transmitted by cash receiving terminalReceiver-TSMTo enable certification machine Structure verifies cash receiving terminal identity, and communication between the two is realized after being verified;
Step 6, cash receiving terminal receives, stores itself and the updated shared code key of certification authority, and authenticates according to receiving The license near-field communication information or refusal near-field communication information of mechanism, believe the near field communication request that Mobile payment terminal is sent Breath, which is given, to be fed back:
When cash receiving terminal receives the license near-field communication information of certification authority, then cash receiving terminal receives mobile payment end The near field communication request sent is held, and generates the update shared for cash receiving terminal and Mobile payment terminal and shares code key SK'Payment-Receiver, while sending includes sharing code key between Mobile payment terminal and certification authority to generate time T2, gathering eventually End updates shared code key SK' with Mobile payment terminalPayment-Receiver, cash receiving terminal itself NFC module identity number IDReceiverNear-field communication receive information to Mobile payment terminal;Wherein, near-field communication receives information and is denoted as SR-P(Accept, IDReceiver,SK'Payment-Receiver,T2);
When cash receiving terminal receives the refusal near-field communication information of certification authority, then cash receiving terminal refuses Mobile payment terminal The near field communication request of transmission, and refusal near-field communication information is sent to Mobile payment terminal;Wherein, refuse near-field communication information It is denoted as SR-P(Reject,SKPayment-Receiver);
Wherein, the purpose that certification authority updates that it shares code key between cash receiving terminal is, prevents from having used shared code key When being used again, guarantee the information security of cash receiving terminal.If what other third parties got that this is used again shares secret Key, third party will illegally obtain the information of cash receiving terminal, threaten to the safety of near-field communication payment system;
Step 7, Mobile payment terminal receives the information that cash receiving terminal is sent, and judges and grasp according to received information Make:
When received information is that near-field communication receives information, Mobile payment terminal extracts near-field communication and receives institute in information When sharing code key TimeGenerated value between the Mobile payment terminal for including and certification authority, and judging that the shared code key extracted generates Between value with Mobile payment terminal itself storage shared code key TimeGenerated value T2When consistent, then Mobile payment terminal generation includes The dummy keyboard of letter and number mixing is moved by dummy keyboard input letter, the payment cipher of digital mixed form with realizing Payment transaction process between dynamic payment terminal and cash receiving terminal, and sent more after the completion of payment transaction by Mobile payment terminal Newly shared code key solicited message is to certification authority;Otherwise, Mobile payment terminal stops sending near field communication request information to gathering Terminal;
Wherein, updating the update that Mobile payment terminal is sent and sharing code key solicited message includes having Mobile payment terminal itself The identity number of NFC module is denoted as IDPayment, cash receiving terminal itself NFC module identity IDReceiver, mobile branch Pay the shared code key SK before terminal and certification authorityPayment-TSM;It updates shared code key solicited message and is denoted as SP-A(Renew, IDPayment,IDReceiver,SKPayment-TSM);
When received information is refusal near-field communication information, Mobile payment terminal stops sending near field communication request information To cash receiving terminal;
Step 8, after code key request is shared in the update that certification authority receives Mobile payment terminal transmission, certification authority is to it Shared code key between Mobile payment terminal is updated, and obtains updated shared code key, and will be new updated shared Code key is sent to Mobile payment terminal, uses so that Mobile payment terminal carries out next near-field communication;Wherein, updated shared Code key is denoted as SK'Payment-TSM
Wherein, it in order to increase updated shared code key complexity between certification authority and Mobile payment terminal, improves altogether Enjoy in the safety of the code key step 8 updated shared code key SK' between certification authority and Mobile payment terminalPayment-TSM's Calculation formula is as follows:
SK'Payment-TSM=n1·SKPayment-TSM=n1·kTSM·G;
Wherein, kTSMFor the random number that certification authority TSM is generated, SKPayment-TSMIt is that certification authority TSM and mobile payment are whole Shared code key of end Payment when not updating, G are the basic point of elliptic curve E, basic point G on an elliptic curvee, elliptic curve E's Equation are as follows: E:y2=x3+k1x+k2 mod n1;Wherein,
k1=4;
k2=64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1;
n1=62,771,017,353,866,807,638,357,894,231,760,590,137,671,947,731,828,422,840 81.
In mobile wallet near-field communication payment encryption method of the invention, Mobile payment terminal and cash receiving terminal respectively will The identity number of respective NFC module is sent to certification authority's storage, is generated by certification authority Mobile payment terminal anonymous Identity Identification number, cash receiving terminal anonymous identification number and its sharing when communicating respectively with Mobile payment terminal, cash receiving terminal are secret Key, by certification authority storage Mobile payment terminal send certification request time, and with this certification request sending time, share it is secret Key and shared code key generate encryption information of the time as Mobile payment terminal payment transaction;In Mobile payment terminal and gathering When terminal carries out near-field communication payment, Mobile payment terminal sends its encryption information to cash receiving terminal, is retransmited by cash receiving terminal It authenticates to certification authority, since certification authority has been pre-stored the encryption information of Mobile payment terminal, will be received in certification authority After the authentification of message that money terminal is sent passes through, it is ensured that the safety of payment transaction between cash receiving terminal and Mobile payment terminal Property.

Claims (2)

1. mobile wallet near-field communication pay encryption method, for NFC module Mobile payment terminal, certification authority and The near-field communication payment transaction system of cash receiving terminal composition with NFC module, which is characterized in that in turn include the following steps:
(1) Mobile payment terminal generates the first certification random number, will authenticate random number and Mobile payment terminal certainly including first The certification request information of the identity number of body NFC module is sent to certification authority, and store send certification request information when Between;
Wherein, the first certification random number is denoted as m1, m1∈ [0,9], and m1∈ Z, the identity of Mobile payment terminal itself NFC module Identification number is denoted as IDPayment, Mobile payment terminal send certification request information time be denoted as T1, certification authority be labeled as TSM, Certification request information is denoted as SP-T(Request,IDPayment,m1,T1);
(2) the certification request information that certification authority receives, storage Mobile payment terminal is sent, generates certification authority and mobile payment Shared code key between terminal, record generates the time of the shared code key, and the shared code key of generation is shared code key with this The generation time is sent to Mobile payment terminal and is stored;
Wherein, the shared code key between certification authority and Mobile payment terminal is denoted as SKPayment-TSM, the shared code key SKPayment-TSMThe generation time be denoted as T2
(3) when Mobile payment terminal is close to cash receiving terminal, Mobile payment terminal sends near field communication request information to cash receiving terminal;
Wherein, near field communication request information includes the shared code key between Mobile payment terminal and cash receiving terminal SKPayment-Receiver, Mobile payment terminal generate second certification random number m2, Mobile payment terminal send certification request information Time T1, Mobile payment terminal itself NFC module identity IDPayment, between Mobile payment terminal and certification authority Shared code key SKPayment-TSM;Wherein, near field communication request information is denoted as SP-R(Request,IDPayment,m2,T1, SKPayment-TSM,SKPayment-Receiver);m2∈ (0,9) and m2∈ Z, m2≠m1;
(4) for cash receiving terminal after the near field communication request information for receiving Mobile payment terminal transmission, sending includes cash receiving terminal Code key and received Mobile payment terminal are shared between the identity number of itself NFC module, cash receiving terminal and certification authority The Licensing Authority solicited message of near field communication request information is authenticated to certification authority;
Wherein, the identity number of cash receiving terminal itself NFC module is denoted as IDReceiver, between cash receiving terminal and certification authority Shared code key is denoted as SKReceiver-TSM;Licensing Authority solicited message label is as follows:
SR-A(Request,IDPayment,IDReceiver,m2,T2,SKPayment-TSM,SKPayment-Receiver,SKReceiver-TSM);
(5) certification authority carries out information extraction and judgement according to the Licensing Authority solicited message that received cash receiving terminal is sent, With the Mobile payment terminal identity of certification request and cash receiving terminal near-field communication:
When certification authority's extracted Mobile payment terminal identity number, Mobile payment terminal in Licensing Authority solicited message Share code key between certification authority and the shared code key to generate time whole with the mobile payment that is stored in certification authority Hold identity IDPayment, shared code key SKPayment-TSM, shared code key generate time T2When consistent, then certification authority is to it Shared code key between cash receiving terminal is updated, and send license near-field communication information and the shared code key that newly updates to Cash receiving terminal;Otherwise, refusal near-field communication information is sent to cash receiving terminal;Wherein,
The license near-field communication information that certification authority sends includes that code key is shared between Mobile payment terminal and certification authority SKPayment-TSM, the shared code key SKPayment-TSMGeneration time T2, Mobile payment terminal send certification request information time T1, updated shared code key is denoted as SK' between certification authority and cash receiving terminalReceiver-TSM
License near-field communication information is SA-R(Accept,T1,T2,SKPayment-TSM,SKPayment-Receiver,SK'Receiver-TSM);It refuses Exhausted near-field communication information is SA-R(Reject,SKReceiver-TSM);
(6) cash receiving terminal receives, stores itself and the updated shared code key of certification authority, and is permitted according to received certification authority Can near-field communication information or refusal near-field communication information, to Mobile payment terminal send near field communication request information give instead Feedback:
When cash receiving terminal receives the license near-field communication information of certification authority, then cash receiving terminal receives Mobile payment terminal hair The near field communication request sent, and generate the update shared for cash receiving terminal and Mobile payment terminal and share code key SK'Payment-Receiver, while sending includes sharing code key between Mobile payment terminal and certification authority to generate time T2, gathering eventually End updates shared code key SK' with Mobile payment terminalPayment-Receiver, cash receiving terminal itself NFC module identity number IDReceiverNear-field communication receive information to Mobile payment terminal;Wherein, near-field communication receives information and is denoted as SR-P(Accept, IDReceiver,SK'Payment-Receiver,T2);
When cash receiving terminal receives the refusal near-field communication information of certification authority, then cash receiving terminal refusal Mobile payment terminal is sent Near field communication request, and send refusal near-field communication information to Mobile payment terminal;Wherein, refusal near-field communication information is denoted as SR-P(Reject,SKPayment-Receiver);
(7) Mobile payment terminal receives the information that cash receiving terminal is sent, and judges and operate according to received information:
When received information is that near-field communication receives information, Mobile payment terminal extracts near-field communication and receives included in information Mobile payment terminal and certification authority between share code key TimeGenerated value, and judge extract shared code key TimeGenerated value With the shared code key TimeGenerated value T of Mobile payment terminal itself storage2When consistent, then it includes letter that Mobile payment terminal, which generates, With the dummy keyboard of number mixing, alphabetical by dummy keyboard input, number mixed form payment cipher, to realize mobile branch The payment transaction process between terminal and cash receiving terminal is paid, and sends update after the completion of payment transaction altogether by Mobile payment terminal Code key solicited message is enjoyed to certification authority;Otherwise, Mobile payment terminal stops sending near field communication request information to cash receiving terminal;
Wherein, updating the update that Mobile payment terminal is sent and sharing code key solicited message includes having Mobile payment terminal itself NFC The identity number of module is denoted as IDPayment, cash receiving terminal itself NFC module identity IDReceiver, mobile payment it is whole End and the shared code key SK before certification authorityPayment-TSM;It updates shared code key solicited message and is denoted as SP-A(Renew, IDPayment,IDReceiver,SKPayment-TSM);
When received information is refusal near-field communication information, Mobile payment terminal stops sending near field communication request information to receipts Money terminal;
(8) after code key request is shared in the update that certification authority receives Mobile payment terminal transmission, certification authority is to itself and movement Shared code key between payment terminal is updated, and obtains updated shared code key, and will new updated shared code key hair Mobile payment terminal is given, is used so that Mobile payment terminal carries out next near-field communication;Wherein, updated shared code key note For SK'Payment-TSM
2. mobile wallet near-field communication according to claim 1 pays encryption method, which is characterized in that the step (8) Updated shared code key SK' between middle certification authority and Mobile payment terminalPayment-TSMCalculation formula it is as follows:
SK'Payment-TSM=n1·SKPayment-TSM=n1·kTSM·G;
Wherein, kTSMFor the random number that certification authority TSM is generated, SKPayment-TSMFor certification authority TSM and Mobile payment terminal Shared code key when Payment does not update, G be elliptic curve E basic point, basic point G on an elliptic curvee, the side of elliptic curve E Journey are as follows: E:y2=x3+k1x+k2 modn1;Wherein:
k1=4;
k2=64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1;
n1=62,771,017,353,866,807,638,357,894,231,760,590,137,671,947,731,828,422,840 81.
CN201510956129.4A 2015-12-18 2015-12-18 Mobile wallet near-field communication pays encryption method Active CN105512883B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510956129.4A CN105512883B (en) 2015-12-18 2015-12-18 Mobile wallet near-field communication pays encryption method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510956129.4A CN105512883B (en) 2015-12-18 2015-12-18 Mobile wallet near-field communication pays encryption method

Publications (2)

Publication Number Publication Date
CN105512883A CN105512883A (en) 2016-04-20
CN105512883B true CN105512883B (en) 2019-11-12

Family

ID=55720844

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510956129.4A Active CN105512883B (en) 2015-12-18 2015-12-18 Mobile wallet near-field communication pays encryption method

Country Status (1)

Country Link
CN (1) CN105512883B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101853453A (en) * 2009-04-03 2010-10-06 中兴通讯股份有限公司 System and method for realizing mobile payment
CN103258264A (en) * 2013-06-06 2013-08-21 李万君 Payment method and device based on NFC

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20080016703A (en) * 2008-01-09 2008-02-21 (주) 엘지텔레콤 System for charging electronic-cash to a high-pass card using a mobile communication unit
US20130009756A1 (en) * 2011-07-07 2013-01-10 Nokia Corporation Verification using near field communications

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101853453A (en) * 2009-04-03 2010-10-06 中兴通讯股份有限公司 System and method for realizing mobile payment
CN103258264A (en) * 2013-06-06 2013-08-21 李万君 Payment method and device based on NFC

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
An automated payment system for car parks based on Near Field Communication technology;Giuliano Benelli 等;《2010 International Conference for Internet Technology and Secured Transactions》;20101111;第1-6页 *
基于Android的NFC移动支付系统设计与实现;陈平顺等;《数据通信》;20151028(第5期);第5-14页 *

Also Published As

Publication number Publication date
CN105512883A (en) 2016-04-20

Similar Documents

Publication Publication Date Title
CN105684346B (en) Ensure the method for air communication safety between mobile application and gateway
CN106656488B (en) Key downloading method and device for POS terminal
US7362869B2 (en) Method of distributing a public key
CN104618116B (en) A kind of cooperative digital signature system and its method
CN103873244A (en) Identity authentication method and system in mobile payment based on fingerprint identification
CN104301110A (en) Authentication method, authentication device and system applied to intelligent terminal
CN103944736A (en) Data security interactive method
CN104240073A (en) Offline payment method and offline payment system on basis of prepaid cards
CN103971241A (en) Two-channel payment method and system
CN104240074A (en) Prepaid card online payment system based on identity authentication and payment method of prepaid card online payment system
CN102238193A (en) Data authentication method and system using same
CN102547691B (en) A kind of safe electronic control system based on 2.4G RFID smart card system and method
AU2014340234A1 (en) Facilitating secure transactions using a contactless interface
JP2004247799A (en) Information system for access controlling using public key certificate
US10305878B2 (en) Virtual device authorization method and device
CN103944728A (en) Data security interactive system
CN103944735A (en) Data security interactive method
CN105405005B (en) Mobile wallet method of payment based on optic communication and near-field communication
CN105682092B (en) Bidirectional authentication method based on short-distance wireless communication technology
CN106779672A (en) The method and device that mobile terminal safety pays
CN105512883B (en) Mobile wallet near-field communication pays encryption method
CN105376704B (en) Mobile wallet near-field communication method of payment based on image encryption
CN114463012A (en) Authentication method, payment method, device and equipment
KR20070092840A (en) System and method for processing financial transaction by using high-speed wireless internet
CN102137396A (en) Terminal, card and method and system for checking machine and card

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant