CN106027247A - Method for remotely issuing POS key - Google Patents
Method for remotely issuing POS key Download PDFInfo
- Publication number
- CN106027247A CN106027247A CN201610619435.3A CN201610619435A CN106027247A CN 106027247 A CN106027247 A CN 106027247A CN 201610619435 A CN201610619435 A CN 201610619435A CN 106027247 A CN106027247 A CN 106027247A
- Authority
- CN
- China
- Prior art keywords
- key
- pos
- management platform
- platform
- delivery method
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/083—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/20—Point-of-sale [POS] network systems
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Security & Cryptography (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The present invention discloses a method for remotely issuing a POS key, comprising the following steps in sequence: S1. a POS terminal uploads a request to acquire a public key to a management platform, and the management platform issues the public key to a POS machine; S2. the POS machine generates a transmission key at random, encrypts same using the public key, and uploads same to the management platform, and the management platform decrypts and verifies same using a private key; S3. after the transmission key passes validation, the management platform decrypts same to obtain transmission key plaintext, encrypts a master key using the transmission key plaintext, and returns same to the POS terminal; and S4. after decrypting same, the POS terminal encapsulates the master key in the machine, and notifies the platform of key encapsulation success. By means of the method for remotely issuing a POS key disclosed by the present invention, key encapsulation can be performed on each POS machine through a mechanism requested by a customer without performing key encapsulation on each POS machine by the manufacturer before it leaves the factory or by the merchant before delivery, thereby greatly saving time costs of key encapsulation.
Description
Technical field
The present invention relates to network payment security fields, particularly to a kind of POS secret key remote delivery method.
Background technology
In the prior art, key is a kind of parameter, and it is to be converted to ciphertext or converting ciphertext in plain text
The parameter of input in algorithm in plain text.Key is divided into symmetric key and unsymmetrical key.
Can the encryption key that be used according to cryptographic algorithm be the most identical with decruption key, be pushed away by ciphering process
Derive decrypting process (or being derived ciphering process by decrypting process), cipher system can be divided into symmetric cryptography
System (being also called single key cryptosystem, Private Key Cryptography system, symmetric-key cryptography) and asymmetric
Cipher system (is also called conbined public or double key cipher system, public-key encryptosystem, asymmetric key cipher system).
Symmetric key encryption, also known as private key encryption or the sender of session key algorithm, i.e. information with connect
Debit uses same key to go encrypting and decrypting data.Its sharpest edges are that enciphering/deciphering speed is fast, suitable
It is encrypted together in big data quantity, but cipher key management difficult.
Asymmetric-key encryption system, encrypts also known as public-key cryptographic keys.It needs to use different keys to distinguish
Completing encrypt and decrypt operation, one publishes, i.e. public-key cryptography, and another is protected by user oneself is secret
Deposit, i.e. private key.Information transmitter public-key cryptography goes encryption, and information receiver then uses private key
Go deciphering.Public-key mechanism is flexible, but encryption and deciphering speed are more more slowly than symmetric key encryption.
So in actual application, both are generally used in conjunction with by people, such as, symmetric key
Encryption system is used for storing mass data information, and Public Key Cryptographic Systems is then for encryption key.
For common symmetric cryptography, cryptographic calculation key as deciphering computing use.Generally, make
Symmetric encipherment algorithm more simple and effective, key is brief, decodes extremely difficult, due to the secrecy of system
Property depends primarily on the safety of key, so, disclosed computer network transmits safely and takes care of
Key is a severe problem.Identical key is all used, therefore just because of both sides in symmetric cryptography
The function such as data signature and non-repudiation cannot be realized.
Since 20 century 70s, some scholars propose RSA arithmetic, i.e. use the number of one-way function
Learn principle, to realize the separation of Encrypt and Decrypt key.Encryption key is disclosed, and decruption key is secrecy.
This new cipher system, causes extensively noting and inquiring into of password educational circles.
Unlike using identical key to encrypt, solve ciphertext data in common symmetric cryptography, unsymmetrical key adds
Secret skill art uses the key of a pair coupling to be encrypted, decipher, and has two keys, and one is PKI one
Being private key, they have this character: every key performs a kind of unidirectional process to data, the merit of every
Can be exactly contrary with another, one when being used for encrypting, then another is just used for deciphering.With public key encryption
File can only be deciphered with private key, and the file of private key encryption can only use public key decryptions.Public keys is by it
Owner is in addition disclosed, and private key must maintain secrecy and deposit.For sending a secrecy message, sender must
The public keys of recipient must be used to be encrypted data, once encrypt, only recipient is close with its individual
Key could be deciphered.On the contrary, data also can be acted upon by user with oneself private key.Change sentence
Talking about, the work of double secret key can optional direction.This provides the basis of " digital signature ", if wanted
Data are processed by one user with the private key of oneself, the public keys that others can provide with him
Data are acted upon.Owing to only owner knows private key, this processed message is just
Define a kind of electronic signature----a kind of file that others cannot produce.Digital certificate contain public close
Key information, thus confirm to have the identity of the user of double secret key.
Simple public keys example can represent with prime number, and the algorithm being multiplied by prime number is as PKI, by institute
It is exactly private key that the product obtained resolves into the algorithm of original prime number, and encryption will want the information of transmission compiling exactly
Adding prime number during code, sending receiver after coding to, after anyone receives this information, if not having this to collect mail
The private key that people is had, then during deciphering (actually finding the process of prime number), it will because looking for prime number
Process (resolve into factors of prime number) cross for a long time and information cannot be understood.
It is to be passed through specially before POS is dispatched from the factory or before businessman's delivery by producer at traditional POS fill key
Software carry out manual operation, want machine to return producer or businessman fills again when Key Exposure or after damaging
Dress, relatively costly.
Summary of the invention
For above-mentioned shortcoming and defect of the prior art, it is an object of the invention to provide one can be long-range
Issue the POS secret key remote delivery method of key.
It is an object of the invention to be achieved through the following technical solutions:
A kind of POS secret key remote delivery method, in turn includes the following steps:
S1, POS end uploads acquisition PKI request to management platform, and PKI is issued to POS by management platform;
S2, POS end stochastic generation transmission key, and with public key encryption, above deliver to manage platform, management is flat
Platform private key is decrypted and verifies;
S3, after transmission key authentication is passed through by management platform, deciphering obtains transmitting key plain, close with transmission
Master key is encrypted by key in plain text, returns to POS end;
After the deciphering of S4, POS end, master key is filled in machine, and notification platform key fill success.
Preferably, after step s4, also include:
Step S5, the state of POS end is set to fill key by platform.
Preferably, when step S2 is verified, it is obstructed out-of-date to verify, error message is back to management by POS end
Platform.
Preferably, POS end has unique terminal number and the trade company corresponding with this terminal number numbering,
POS end, when acquisition PKI request uploaded by management platform, needs the terminal number of typing POS end and and is somebody's turn to do
Trade company's numbering that terminal number is corresponding.
Preferably, when POS end key damages and cannot conclude the business, send, to management platform, the information that key damages,
After management platform validation is passed through, repeat step S1~S4.
Preferably, when causing key to be lost during POS end hardware damage depot repair, to management platform
Send the information that key damages, after management platform validation is passed through, repeat step S1~S4.
Preferably, when holding trade company or agency's generation change of POS end, send modification information to management platform,
After management platform validation is passed through, repeat step S1~S4.
Compared with prior art, the embodiment of the present invention at least has the advantage that
POS secret key remote delivery method of the present invention need not producer before dispatching from the factory or before businessman's delivery to each
Platform POS carries out the fill of key, but can carry out close to each POS by the mechanism that client asks
Key fill, has saved the time cost of fill key greatly.And when needing again fill key, be also not required to
POS is back to producer or businessman's fill again, directly can send fill by POS end to management platform
Request can fill key again, shorten the time of fill again greatly, it is to avoid be back in POS
Producer or businessman affect the application of POS in during this period of time.
Accompanying drawing explanation
Fig. 1 is the schematic flow sheet of POS secret key remote delivery method of the present invention.
Detailed description of the invention
For making the purpose of the embodiment of the present invention, technical scheme and advantage clearer, below in conjunction with the present invention
Accompanying drawing in embodiment, is clearly and completely described the technical scheme in the embodiment of the present invention, it is clear that
Described embodiment is a part of embodiment of the present invention rather than whole embodiments.Generally the most attached
Described in figure, the assembly with the embodiment of the present invention illustrated can be arranged with various different configurations and design.
Therefore, detailed description to the embodiments of the invention provided in the accompanying drawings is not intended to limit requirement and protects below
The scope of the present invention protected, but it is merely representative of the selected embodiment of the present invention.Based on the enforcement in the present invention
Example, the every other enforcement that those of ordinary skill in the art are obtained under not making creative work premise
Example, broadly falls into the scope of protection of the invention.
Embodiments of the invention are described below in detail, and the example of described embodiment is shown in the drawings, wherein certainly
Begin to same or similar label eventually represent same or similar element or there is the unit of same or like function
Part.The embodiment described below with reference to accompanying drawing is exemplary, it is intended to be used for explaining the present invention, and not
It is understood that as limitation of the present invention.
The invention will be further described with embodiment below in conjunction with the accompanying drawings.
A kind of POS secret key remote delivery method, in turn includes the following steps:
S1, POS end uploads acquisition PKI request to management platform, and PKI is issued to POS by management platform;
S2, POS end stochastic generation transmission key, and with public key encryption, above deliver to manage platform, management is flat
Platform private key is decrypted and verifies;
S3, after transmission key authentication is passed through by management platform, deciphering obtains transmitting key plain, close with transmission
Master key is encrypted by key in plain text, returns to POS end;
After the deciphering of S4, POS end, master key is filled in machine, and notification platform key fill success.
After step s4, also include:
Step S5, the state of POS end is set to fill key by platform.
When step S2 is verified, it is obstructed out-of-date to verify, error message is back to manage platform by POS end.
POS end have unique terminal number and the trade company corresponding with this terminal number numbering, POS end to
When acquisition PKI request uploaded by management platform, need terminal number and and this terminal number of typing POS end
Corresponding trade company's numbering.
When POS end key damages and cannot conclude the business, sending, to management platform, the information that key damages, management is flat
After platform is verified, repeat step S1~S4.
When causing key to be lost during POS end hardware damage depot repair, send key to management platform
The information damaged, after management platform validation is passed through, repeats step S1~S4.
When holding trade company or agency's generation change of POS end, sending modification information to management platform, management is put down
After platform is verified, repeat step S1~S4.
The above, the only present invention preferably detailed description of the invention, but protection scope of the present invention not office
Being limited to this, any those familiar with the art, can be easily in the technical scope that the invention discloses
The change expected or replacement, all should contain within protection scope of the present invention.Therefore, the protection of the present invention
Scope should be as the criterion with the protection domain of claims.
Claims (7)
1. a POS secret key remote delivery method, it is characterised in that in turn include the following steps:
S1, POS end uploads acquisition PKI request to management platform, and PKI is issued to POS by management platform;
S2, POS end stochastic generation transmission key, and with public key encryption, above deliver to manage platform, management is flat
Platform private key is decrypted and verifies;
S3, after transmission key authentication is passed through by management platform, deciphering obtains transmitting key plain, close with transmission
Master key is encrypted by key in plain text, returns to POS end;
After the deciphering of S4, POS end, master key is filled in machine, and notification platform key fill success.
POS secret key remote delivery method the most according to claim 1, it is characterised in that in step S4
Afterwards, also include:
Step S5, the state of POS end is set to fill key by platform.
POS secret key remote delivery method the most according to claim 1, it is characterised in that in step S2
During checking, it is obstructed out-of-date to verify, error message is back to manage platform by POS end.
POS secret key remote delivery method the most according to claim 1, it is characterised in that POS end has
Unique terminal number and the trade company corresponding with this terminal number numbering, POS end is uploaded to management platform and is obtained
When taking PKI request, the terminal number of typing POS end and the trade company corresponding with this terminal number is needed to compile
Number.
5. according to the POS secret key remote delivery method according to any one of claim 1-4, it is characterised in that
When POS end key damages and cannot conclude the business, sending, to management platform, the information that key damages, management platform is tested
Card, by rear, repeats step S1~S4.
6. according to the POS secret key remote delivery method according to any one of claim 1-4, it is characterised in that
When causing key to be lost during POS end hardware damage depot repair, send key to management platform and damage
Information, management after platform validation passes through, repeats step S1~S4.
7. according to the POS secret key remote delivery method according to any one of claim 1-4, it is characterised in that
When holding trade company or agency's generation change of POS end, sending modification information to management platform, management platform is tested
Card, by rear, repeats step S1~S4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610619435.3A CN106027247A (en) | 2016-07-29 | 2016-07-29 | Method for remotely issuing POS key |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610619435.3A CN106027247A (en) | 2016-07-29 | 2016-07-29 | Method for remotely issuing POS key |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106027247A true CN106027247A (en) | 2016-10-12 |
Family
ID=57133614
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610619435.3A Pending CN106027247A (en) | 2016-07-29 | 2016-07-29 | Method for remotely issuing POS key |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106027247A (en) |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106961326A (en) * | 2016-12-22 | 2017-07-18 | 中国银联股份有限公司 | POS terminal remote cipher key more new system and update method |
| CN108513704A (en) * | 2018-04-17 | 2018-09-07 | 福建联迪商用设备有限公司 | The remote distribution method and its system of terminal master key |
| CN108809925A (en) * | 2017-10-26 | 2018-11-13 | 深圳市移卡科技有限公司 | POS terminal data encryption and transmission method, terminal device and storage medium |
| CN109347630A (en) * | 2018-10-16 | 2019-02-15 | 航天信息股份有限公司 | A kind of tax controlling equipment cryptographic key distribution method and system |
| CN109792380A (en) * | 2018-12-27 | 2019-05-21 | 福建联迪商用设备有限公司 | A kind of method, terminal and system for transmitting key |
| CN110379095A (en) * | 2019-07-29 | 2019-10-25 | 东莞市广基达电子科技有限公司 | A kind of test method based on KSOI equipment management |
| CN110601836A (en) * | 2019-10-10 | 2019-12-20 | 中国建设银行股份有限公司 | Key acquisition method, device, server and medium |
| CN111431708A (en) * | 2020-03-23 | 2020-07-17 | 中国建设银行股份有限公司 | Method and device for managing master key |
| CN113194466A (en) * | 2021-04-23 | 2021-07-30 | 哈尔滨理工大学 | Hybrid key system and method based on wireless channel characteristic simulation |
| CN113541939A (en) * | 2021-06-25 | 2021-10-22 | 上海吉大正元信息技术有限公司 | Internet of vehicles digital certificate issuing method and system |
| CN114401426A (en) * | 2021-12-31 | 2022-04-26 | 珠海迈科智能科技股份有限公司 | Method and system for generating dynamic key |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103716153A (en) * | 2013-03-15 | 2014-04-09 | 福建联迪商用设备有限公司 | Terminal master key safety downloading method and system |
-
2016
- 2016-07-29 CN CN201610619435.3A patent/CN106027247A/en active Pending
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103716153A (en) * | 2013-03-15 | 2014-04-09 | 福建联迪商用设备有限公司 | Terminal master key safety downloading method and system |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106961326A (en) * | 2016-12-22 | 2017-07-18 | 中国银联股份有限公司 | POS terminal remote cipher key more new system and update method |
| CN108809925A (en) * | 2017-10-26 | 2018-11-13 | 深圳市移卡科技有限公司 | POS terminal data encryption and transmission method, terminal device and storage medium |
| CN108809925B (en) * | 2017-10-26 | 2021-02-19 | 深圳市移卡科技有限公司 | POS equipment data encryption transmission method, terminal equipment and storage medium |
| CN108513704A (en) * | 2018-04-17 | 2018-09-07 | 福建联迪商用设备有限公司 | The remote distribution method and its system of terminal master key |
| CN108513704B (en) * | 2018-04-17 | 2021-01-19 | 福建联迪商用设备有限公司 | Remote distribution method and system of terminal master key |
| CN109347630A (en) * | 2018-10-16 | 2019-02-15 | 航天信息股份有限公司 | A kind of tax controlling equipment cryptographic key distribution method and system |
| CN109792380A (en) * | 2018-12-27 | 2019-05-21 | 福建联迪商用设备有限公司 | A kind of method, terminal and system for transmitting key |
| WO2020133068A1 (en) * | 2018-12-27 | 2020-07-02 | 福建联迪商用设备有限公司 | Key transfer method, terminal and system |
| CN110379095A (en) * | 2019-07-29 | 2019-10-25 | 东莞市广基达电子科技有限公司 | A kind of test method based on KSOI equipment management |
| CN110601836B (en) * | 2019-10-10 | 2022-04-12 | 中国建设银行股份有限公司 | Key acquisition method, device, server and medium |
| CN110601836A (en) * | 2019-10-10 | 2019-12-20 | 中国建设银行股份有限公司 | Key acquisition method, device, server and medium |
| CN111431708A (en) * | 2020-03-23 | 2020-07-17 | 中国建设银行股份有限公司 | Method and device for managing master key |
| CN113194466A (en) * | 2021-04-23 | 2021-07-30 | 哈尔滨理工大学 | Hybrid key system and method based on wireless channel characteristic simulation |
| CN113541939A (en) * | 2021-06-25 | 2021-10-22 | 上海吉大正元信息技术有限公司 | Internet of vehicles digital certificate issuing method and system |
| CN113541939B (en) * | 2021-06-25 | 2022-12-06 | 上海吉大正元信息技术有限公司 | Internet of vehicles digital certificate issuing method and system |
| CN114401426A (en) * | 2021-12-31 | 2022-04-26 | 珠海迈科智能科技股份有限公司 | Method and system for generating dynamic key |
| CN114401426B (en) * | 2021-12-31 | 2023-05-05 | 珠海迈科智能科技股份有限公司 | Dynamic key generation method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106027247A (en) | Method for remotely issuing POS key | |
| CN106961336B (en) | A kind of key components trustship method and system based on SM2 algorithm | |
| Yasin et al. | Cryptography based e-commerce security: a review | |
| US20110145576A1 (en) | Secure method of data transmission and encryption and decryption system allowing such transmission | |
| JPH10301491A (en) | Cipher communication method and system therefor | |
| CN102118710A (en) | System and method for transmitting data between mobile terminals | |
| CN101789865A (en) | Dedicated server used for encryption and encryption method | |
| CN105743646A (en) | Encryption method and system based on identity | |
| US20080063193A1 (en) | Crypto-communication method, recipient-side device, key management center-side device and program | |
| US20220021526A1 (en) | Certificateless public key encryption using pairings | |
| CN104767612A (en) | Signcryption method from certificateless environment to public key infrastructure environment | |
| CN104901935A (en) | Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem) | |
| US7660987B2 (en) | Method of establishing a secure e-mail transmission link | |
| GB2401014A (en) | Identifier based encryption method using an encrypted condition and a trusted party | |
| CN104200154A (en) | Identity based installation package signing method and identity based installation package signing device | |
| CN110113150A (en) | The encryption method and system of deniable authentication based on no certificate environment | |
| CN104901803A (en) | Data interaction safety protection method based on CPK identity authentication technology | |
| CN107086912B (en) | Ciphertext conversion method, decryption method and system in heterogeneous storage system | |
| CN111769938A (en) | Key management system and data verification system of block chain sensor | |
| CN102970144A (en) | Identity-based authentication method | |
| CN103297230B (en) | Information encipher-decipher method, Apparatus and system | |
| CN107172043A (en) | A kind of smart power grid user sale of electricity method based on homomorphic cryptography | |
| CN108011885A (en) | A kind of E-mail encryption method and system based on group cipher system | |
| US7305093B2 (en) | Method and apparatus for securely transferring data | |
| JPH10154977A (en) | User certification system and method therefor |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20161012 |