CN108319870A - A kind of electronic key equipment of no button - Google Patents
A kind of electronic key equipment of no button Download PDFInfo
- Publication number
- CN108319870A CN108319870A CN201711342236.3A CN201711342236A CN108319870A CN 108319870 A CN108319870 A CN 108319870A CN 201711342236 A CN201711342236 A CN 201711342236A CN 108319870 A CN108319870 A CN 108319870A
- Authority
- CN
- China
- Prior art keywords
- factor
- key
- module
- confirmation code
- button
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000012790 confirmation Methods 0.000 claims abstract description 129
- 230000005540 biological transmission Effects 0.000 claims abstract description 72
- 238000003860 storage Methods 0.000 claims description 11
- 238000005096 rolling process Methods 0.000 claims description 9
- 230000008878 coupling Effects 0.000 claims description 6
- 238000010168 coupling process Methods 0.000 claims description 6
- 238000005859 coupling reaction Methods 0.000 claims description 6
- 238000000034 method Methods 0.000 description 52
- 238000001629 sign test Methods 0.000 description 39
- 230000003993 interaction Effects 0.000 description 12
- 238000010586 diagram Methods 0.000 description 9
- 230000006870 function Effects 0.000 description 9
- 238000004519 manufacturing process Methods 0.000 description 9
- 230000008569 process Effects 0.000 description 7
- 230000005611 electricity Effects 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 4
- 230000003247 decreasing effect Effects 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 239000000463 material Substances 0.000 description 2
- 238000003825 pressing Methods 0.000 description 2
- 229910052709 silver Inorganic materials 0.000 description 2
- 239000004332 silver Substances 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 235000013399 edible fruits Nutrition 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000032696 parturition Effects 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- XLYOFNOQVPJJNP-UHFFFAOYSA-N water Substances O XLYOFNOQVPJJNP-UHFFFAOYSA-N 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/123—Restricting unauthorised execution of programs by using dedicated hardware, e.g. dongles, smart cards, cryptographic processors, global positioning systems [GPS] devices
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/32—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using wireless devices
- G06Q20/322—Aspects of commerce using mobile devices [M-devices]
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Business, Economics & Management (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- Accounting & Taxation (AREA)
- General Business, Economics & Management (AREA)
- Remote Sensing (AREA)
- Strategic Management (AREA)
- Computer Networks & Wireless Communication (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Radar, Positioning & Navigation (AREA)
- Storage Device Security (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The present invention provides a kind of electronic key equipment of no button, including:First information transmission module is sent to security module for receiving transaction message, and by transaction message;First confirmation code generation module, for generating the first confirmation code and sending it to electronic ink screen and security module;First roll-off factor generation module, for generating the first roll-off factor and sending it to security module;Electronic ink screen, at least showing the first confirmation code;Power supply module, for powering;Security module, for receiving transaction message, the first confirmation code and the first roll-off factor, it treats signature packet and carries out signature operation, obtain signed data, operation is encrypted to signed data based on first key, the first encryption data is obtained, the first encryption data is at least sent to the second information transmission modular;Second information transmission modular, at least the first encryption data of outgoing.
Description
The application is entitled " a kind of electronic key equipment of no button ", application No. is 201410229713.5,
The applying date is the divisional application of the patent on May 28th, 2014.
Technical field
The present invention relates to a kind of electronic technology field more particularly to a kind of electronic key equipment of no button.
Background technology
It is presently used for increasing the electronic key equipment of transaction security being intelligent cipher key equipment, such as USB-KEY, sound
Frequency KEY or bluetooth KEY etc. can also be smart card, such as IC card.
Wherein, intelligent cipher key equipment is the important tool for protecting user's bank capital safety, from the technical point of view, intelligence
Key devices are the built-in miniature safety chips for signing electronically and the tool of data authentication, using key algorithm to transaction
Data are encrypted, decrypt and digital signature, it is ensured that confidentiality, authenticity, integrality and the non-repudiation of online transaction.
In intelligent cipher key equipment, the private key that storage is generated by asymmetric key algorithm in safety chip, which has can not be derived
Characteristic has ensured uniqueness and the safety of private key, based on the public key that same algorithm generates, is then stored in bank server
In, the transaction data to sign to intelligent cipher key equipment carries out sign test operation, and sign test is by then meaning that transaction data is true
Effectively, and then transaction is completed.In order to further ensure user using the transaction data that electronic key tool is signed be it is true not
Display screen and acknowledgement key is further arranged in tampered data, existing intelligent cipher key equipment, and transaction data is by showing screen display
Show, user reads transaction data, it is believed that transaction data it is true it is errorless after, acknowledgement key can be pressed, indicating intelligent key devices are to this
Transaction Information carries out signature operation.Now, the increasingly raising with user to the attention degree of transaction security is needed using intelligence
The transaction of key devices is more and more, in order to ensure the portability of intelligent cipher key equipment, to the volume of intelligent cipher key equipment
The principal element that requirement with thickness also improves therewith, and influences the thickness of intelligent cipher key equipment is the thickness of acknowledgement key and battery
Degree.Therefore, the influence of the presence of acknowledgement key and battery to the thickness of intelligent cipher key equipment how is eliminated, is that this field is urgently to be resolved hurrily
The technical issues of.
In addition, in field of intelligent cards with the development of science and technology, to ensure the safety for using IC card bankcard consumption, it is desirable that IC
Card is also accompanied by the function of electronic signature, signs to transaction data, ensures safety and the non repudiation of transaction data,
In order to ensure the safety of signature operation, also requires transaction data to be signed that need to pass through and confirm, this requires IC card to be accompanied with
Display screen, battery and acknowledgement key increase the thickness of IC card, to affect the portability and versatility of IC card, also improve
The manufacturing cost of IC card.Therefore, how on the basis of ensureing IC card portability and versatility, the thickness of IC card is further decreased
Degree, the safety for ensureing transaction simultaneously reduce IC card manufacturing cost and this field technical problem urgently to be resolved hurrily.
Invention content
Present invention seek to address that one of above problem.
In order to achieve the above objectives, technical scheme of the present invention is specifically realized in:
The present invention provides a kind of electronic key equipment of no button, includes at least first information transmission module, electric ink
Screen, the first confirmation code generation module, the first roll-off factor generation module, power supply module, security module and the second information transmit mould
Block, the first information transmission module are at least sent to the safe mould for receiving transaction message, and by the transaction message
Block;First confirmation code is sent to the electronic ink by the first confirmation code generation module for generating the first confirmation code
Water screen and the security module;The first roll-off factor generation module is rolled for generating the first roll-off factor by described first
Reason is sent to the security module;The electronic ink screen at least shows institute at least receiving first confirmation code
State the first confirmation code;The power supply module is produced electricl energy for passing through near-field coupling, for the first information transmission module, institute
State the second information transmission modular, the electronic ink screen, the first roll-off factor generation module, the confirmation code generation module
It powers with the security module;The security module, for receiving the transaction message, first confirmation code and described first
Roll-off factor, treat signature packet carry out signature operation, obtain signed data, based on first key to the signed data into
Row cryptographic operation obtains the first encryption data, and first encryption data is at least sent to second information transmission modular,
The data to be signed packet includes at least the transaction message, first confirmation code and the first roll-off factor;Second letter
Cease transmission module, at least receiving first encryption data, at least the first encryption data described in outgoing.
In addition, the security module, is additionally operable to prestore the first key;Alternatively, the security module, is additionally operable to
Generate the first key.
In addition, the first information transmission module, it is additionally operable to receive first key encryption information, and by the first key
Encryption information is sent to the security module;The security module is additionally operable to receive the first key encryption information, passes through use
Family private key decrypts the first key encryption information, obtains the first key.
In addition, the security module, is additionally operable to generate the first key, by being stored in advance in the security module
The key in portion encrypts the first key, obtains first key encryption information, and the first key encryption information is sent to
Second information transmission modular;Second information transmission modular is additionally operable to receive the first key encryption information, by institute
State first key encryption information outgoing.
In addition, the first roll-off factor generation module, is additionally operable to generate first roll-off factor every preset time;
Alternatively, the first roll-off factor generation module, is additionally operable to the transaction message at least based on previous transaction and generates first rolling
Reason.
In addition, the electronic key equipment of the no button further includes the first playback factor generation module, described first resets
Factor generation module, the factor is reset for generating first every preset time, and resetting the factor by described first is sent to the peace
Full module;The security module is additionally operable to receive the first playback factor;The data to be signed packet further includes described first
Reset the factor.
In addition, the electronic key equipment of the no button further includes the first playback factor generation module, described first resets
Factor generation module, at random generate first reset the factor, by it is described first reset the factor be sent to the security module and
Second information transmission modular;The security module is additionally operable to receive the first playback factor;The data to be signed packet
It further include the first playback factor;Second information transmission modular is additionally operable to receive the first playback factor, at least will
Described first resets factor outgoing.
The present invention also provides a kind of electronic key equipment of no button, which is characterized in that includes at least the first information and transmits
Module, electronic ink screen, the first confirmation code generation module, power supply module, security module and the second information transmission modular, described
One information transmission modular is at least sent to the security module for receiving transaction message, and by the transaction message;Described
First confirmation code is sent to the electronic ink screen and institute by one confirmation code generation module for generating the first confirmation code
State security module;The electronic ink screen at least shows first confirmation code at least receiving first confirmation code;
The power supply module is produced electricl energy for passing through near-field coupling, is the first information transmission module, second information transmission
Module, the electronic ink screen, the first confirmation code generation module and security module power supply;The security module is used
In receiving the transaction message and first confirmation code, treats signature packet using IBC private keys and carry out signature operation, obtain
Signed data, is at least sent to second information transmission modular by the signed data, and the data to be signed packet includes institute
State transaction message and first confirmation code;Second information transmission modular, at least receiving the signed data, at least
Signed data described in outgoing.
In addition, the security module, is additionally operable to storage Query Information, and the Query Information is sent to second letter
Cease transmission module;Second information transmission modular is additionally operable to receive the Query Information, by the Query Information outgoing.
As seen from the above technical solution provided by the invention, the electronic signature device of no button provided by the invention,
By introducing confirmation code in process of exchange, confirms button to be arranged in electronic key equipment, it is close to reduce electronics
The volume and thickness of key equipment are rolled using to the encrypted method of signed data, or by the way that first is added in signature process
The method of the factor, or the method by the way that IBC private keys are added in signature process, prevent the illegal operation in process of exchange, protect
Hinder transaction security, the electronic signature device of no button is shown using electronic ink screen, need not setting in electronic key equipment
Battery further reduces electronic key device thickness, simultaneously because being not necessarily to setting button and battery, reduces electronic signature and sets
Standby production and transportation cost.
Description of the drawings
In order to illustrate the technical solution of the embodiments of the present invention more clearly, required use in being described below to embodiment
Attached drawing be briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for this
For the those of ordinary skill in field, without creative efforts, other are can also be obtained according to these attached drawings
Attached drawing.
Fig. 1 is the flow chart for the information interacting method that the embodiment of the present invention 1 provides;
Fig. 2 is the structural schematic diagram for the information interaction system that the embodiment of the present invention 1 provides;
Fig. 3 is the structural schematic diagram for the electronic key equipment without button that the embodiment of the present invention 1 provides;
Fig. 4 is the flow chart for the information interacting method that the embodiment of the present invention 2 provides;
Fig. 5 is the structural schematic diagram for the information interaction system that the embodiment of the present invention 2 provides;
Fig. 6 is the structural schematic diagram for the electronic key equipment without button that the embodiment of the present invention 2 provides.
Specific implementation mode
With reference to the attached drawing in the embodiment of the present invention, technical solution in the embodiment of the present invention carries out clear, complete
Ground describes, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.Based on this
The embodiment of invention, every other implementation obtained by those of ordinary skill in the art without making creative efforts
Example, belongs to protection scope of the present invention.
In the description of the present invention, it is to be understood that, term "center", " longitudinal direction ", " transverse direction ", "upper", "lower",
The orientation or positional relationship of the instructions such as "front", "rear", "left", "right", "vertical", "horizontal", "top", "bottom", "inner", "outside" is
It is based on the orientation or positional relationship shown in the drawings, is merely for convenience of description of the present invention and simplification of the description, rather than instruction or dark
Show that signified device or element must have a particular orientation, with specific azimuth configuration and operation, therefore should not be understood as pair
The limitation of the present invention.In addition, term " first ", " second " are used for description purposes only, it is not understood to indicate or imply opposite
Importance or quantity or position.
In the description of the present invention, it should be noted that unless otherwise clearly defined and limited, term " installation ", " phase
Even ", " connection " shall be understood in a broad sense, for example, it may be being fixedly connected, may be a detachable connection, or be integrally connected;It can
Can also be electrical connection to be mechanical connection;It can be directly connected, can also indirectly connected through an intermediary, Ke Yishi
Connection inside two elements.For the ordinary skill in the art, above-mentioned term can be understood at this with concrete condition
Concrete meaning in invention.
The embodiment of the present invention is described in further detail below in conjunction with attached drawing.
Embodiment 1
In the present embodiment, the electronic key equipment of no button can be intelligent cipher key equipment, such as USB-KEY, audio KEY or
Bluetooth KEY etc. can also be smart card, such as IC card.Transaction terminal can be POS machine, card reader etc. with card-reading function and can
With the equipment of server communication.Server can be the equipment such as bank's background server or network trading terminal server.Nothing is pressed
The electronic key equipment of key and the connection of transaction terminal can be that contact can also be contactless, transaction terminal and server
Information exchange can also be wirelessly by wired mode.
Fig. 1 is a kind of flow diagram of the embodiment of information interacting method provided by the invention.Method shown in FIG. 1 is real
Example is applied, is included the following steps:
Step 201, the electronic key equipment of no button receives the transaction message that transaction terminal is sent;
In this step, transaction message can be transaction terminal transmission comprising user information, spending amount and/or transaction silver
The information of the contents such as row title.
Step 202, the electronic key equipment of no button generates and shows the first confirmation code;
In this step, one group of character that the first confirmation code generates for the electronic key equipment internal random of no button, shape
Formula can be character or picture, can also be the section audio that can be controlled record and broadcast and put.Since the first confirmation code is the electricity of no button
It is generated inside sub-key equipment, external equipment can not obtain the first confirmation code, ensure the safety of transaction.
In this step, further, the electronic key equipment of no button can also show transaction message, ensure that finding is institute
Label, i.e. signature contents will not cause the transaction message of display and transaction message content to be signed inconsistent because being tampered, and ensure
Transaction security.
Step 203, the electronic key equipment of no button treats signature packet and carries out signature operation, obtains signed data,
Data to be signed packet includes at least the first confirmation code, the first roll-off factor and transaction message;
In this step, key that the signature operation of transaction message is used for the electronic key equipment of no button safe core
Private key for user in piece, private key for user have can not derived characteristic, signature operation is techniques known, detailed process
Details are not described herein.The first roll-off factor is generated inside the electronic key equipment of no button, external equipment can not obtain the first rolling
Reason ensures therefore, it is impossible to which electronic signature device of the disguise as without button carries out signature or disguise as server carries out sign test
Transaction terminal can not carry out transaction illegal Replay Attack, further enhance the safety of transaction.
Further, before this step, the electronic key equipment of no button can be based on preset algorithm, generate first and roll
The factor, the mode for generating the first roll-off factor are including but not limited to following two:First way is the electronic key of no button
Equipment is also based on preset algorithm every preset time and generates the first roll-off factor, alternatively, the electronic key equipment without button is also every
It is based on preset algorithm every preset time and seed generates the first roll-off factor.Preset algorithm, seed or pre- are had no in transaction terminal
If time, and then the first roll-off factor can not be obtained, therefore, transaction terminal can not disguise as electronic signature device carry out signature or
Disguise as server carries out sign test, has ensured that transaction terminal can not carry out transaction illegal Replay Attack, has further enhanced
The safety of transaction.The second way is, the transaction message that the electronic key equipment of no button can also be at least based on previous transaction
And preset algorithm, the first roll-off factor is generated, transaction terminal can not obtain previous transaction message, and then can not obtain the first rolling
The factor, therefore, transaction terminal can not disguise as electronic signature device carry out signature or disguise as server carry out sign test, ensure
Transaction terminal can not carry out transaction illegal Replay Attack, further enhance the safety of transaction.
Further, before this step, the electronic key equipment of no button produces first and resets the factor, this step
In, data to be signed packet can also include the first playback factor, i.e., transaction message, the first rolling are included at least in data to be signed packet
Reason and first resets the factor.Generating the mode that first resets the factor includes but not limited to:The electronics of mode one, no button is close
Key equipment is based on preset algorithm every preset time, generates first and resets the factor.Mode two, the electronic key equipment of no button
It can be based on preset algorithm and seed every preset time, generate first and reset the factor.Mode three, the electronic key equipment of no button
The first playback factor can also be generated at random, such as generate first according to the current or voltage noise of the electronic equipment internal of no button
Reset the factor.Transaction terminal can not learn that generating first resets the preset algorithm of the factor, seed, preset time or without keying electronic
Voltage and current noise in key devices, and then the first playback factor can not be obtained, therefore, transaction terminal can not disguise as electronics
Signature apparatus carries out signature or disguise as server carries out sign test, has ensured that transaction terminal can not carry out transaction illegal playback
Attack, further enhances the safety of transaction.
In this step, further, data to be signed packet further includes the mark factor, i.e., data to be signed packet, which includes at least, hands over
Easy message, the first roll-off factor, the first confirmation code and the mark factor, wherein the mark factor is the electronic key equipment of no button
The unique mark of identity further enhances the safety of transaction.
Step 204, operation is encrypted to signed data based on first key in the electronic key equipment of no button, obtains
One encryption data;
Operation is encrypted to signed data using the first encryption key in the electronic key equipment of no button, has ensured external
Equipment is unable to get the first encryption data because that can not obtain first key, has ensured the safety of transaction.
In this step, the acquisition modes of first key include but not limited to following several:
First way is that first key is stored in advance in inside the electronic key equipment of no button, that is, is being merchandised
Flow is stored in the key in the electronic key equipment of no button before starting;
The second way is that first key can be that the electronic key equipment of no button is generated based on preset algorithm,
In, first key can be based on preset time and default seed and be generated based on preset algorithm, may be based on the transaction report of previous transaction
Text generates, and the randomness of first key has ensured the unpredictability of first key, further enhanced the safety of transaction.
The third mode is that first key can also be the key that the electronic key equipment of no button is obtained from outside, tool
Body, the electronic key equipment of no button obtains first key encryption information, and it is close that decryption first key encryption information obtains first
Key.First key has the characteristics that randomness, can avoid fixed key leakage and caused by transaction risk, further enhance
The safety of transaction.
4th kind of mode is that first key can also be generation inside the electronic key equipment of no button, specifically, can
To be one group of random number that the electronic key equipment of no button is generated according to its signal noise, for example, voltage noise or electric current are made an uproar
Sound can also be one group of random number that the electronic key equipment of no button is generated according to preset algorithm and seed.It is close by encrypting
Key encrypts first key, obtains first key encryption information, encryption key can be the public key of decryption device.Electronics without button
The key that key devices generate and send has the characteristics that randomness, can avoid the leakage of fixed key and caused by merchandise wind
Danger, further enhances the safety of transaction.
Step 205, the first encryption data is at least sent to transaction terminal by the electronic key equipment of no button;
In this step, further, if first key is generated by the 4th kind of mode in step 204, will also
First key encryption information is also sent to transaction terminal, i.e., is at least sent to the first encryption data and first key encryption information
Transaction terminal.
It is further, corresponding with step 204 in this step, if further include the first playback in data to be signed packet because
What son and the first playback factor were randomly generated, then the first playback factor is also also sent to transaction terminal, i.e., at least by first
Encryption data and the first playback factor are sent to transaction terminal.
Step 206, transaction terminal at least receives the first encryption data and obtains the second confirmation code;
In this step, the method that transaction terminal obtains the second confirmation code includes:Second confirmation code can be that transaction terminal is logical
It crosses keyboard to obtain, can also be that transaction terminal reads the picture acquisition that the electronic key equipment without button is shown, can also be to hand over
The audio of easy electronic key device plays of the terminal recognition without button obtains.
In this step, further, if first key is generated by the 4th kind of mode in step 204, transaction is eventually
End also receives first key encryption information, i.e., at least receives the first encryption data and first key encryption information.
It is further, corresponding with step 204 in this step, if further include the first playback in data to be signed packet because
What son and the first playback factor were randomly generated, then transaction terminal also receives the first playback factor, i.e., at least receives the first encryption
Data and first reset the factor.
Step 207, transaction terminal is at least by transaction message, the second confirmation code and the first encryption data outgoing;
In this step, further, if first key is generated by the 4th kind of mode in step 204, will also
First key encryption information outgoing, i.e., at least by first key encryption information, transaction message, the second confirmation code and the first encryption number
According to outgoing.
It is further, corresponding with step 204 in this step, if further include the first playback in data to be signed packet because
The son and first playback factor is randomly generated, then transaction terminal resets factor outgoing by first, i.e., at least by second confirmation code,
Transaction message, the first encryption data and first reset factor outgoing.
Further, in the present embodiment step 207, transaction terminal at least adds the second confirmation code, transaction message and first
It is sent to server outside ciphertext data, if first key is generated by the 4th kind of mode in step 204, transaction terminal will also
It is sent to server outside first key encryption information, it is corresponding with step 204, if in data to be signed packet further including the first playback
What the factor and the first playback factor were randomly generated, then transaction terminal will also be sent to server outside the first playback factor.
Further, in step 204, the third mode is that first key can also be the electronic key equipment of no button
The key that the server of acquisition generates, specifically, server generate first key, encrypt first key by client public key, obtain
To first key encryption information, first key encryption information is transmitted to the electronic key of no button by server by transaction terminal
The electronic key equipment of equipment, no button decrypts first key encryption information by private key for user, obtains first key.Wherein,
The private key for user stored in the client public key and the electronic key equipment of no button stored in server is a pair of of unsymmetrical key.
For the key generated and sent using server as first key, first key has the characteristics that randomness, can avoid fixed
The leakage of key and caused by transaction risk, further enhance the safety of transaction.4th kind of mode be, first key can be with
It is to be generated inside the electronic key equipment of no button, specifically, can be the electronic key equipment of no button according to its signal
One group of random number that noise generates, for example, voltage noise or current noise, can also be no button electronic key equipment according to
One group of random number that preset algorithm and seed generate.By encryption keys first key, first key encryption information is obtained,
Encryption key can be the public key of server.The key that the electronic key equipment of no button generates and sends has the spy of randomness
Point, can avoid fixed key leakage and caused by transaction risk, further enhance the safety of transaction.
Further, the present embodiment further includes:Step 208, server at least receives the second confirmation code, transaction message and
One encryption data;
In this step, further, if first key is generated by the 4th kind of mode in step 204, server
Also receive first key encryption information, i.e., server at least receive first key encryption information, transaction message, the second confirmation code and
First encryption data.
It is further, corresponding with step 104 in this step, if further include the first playback in data to be signed packet because
What son and the first playback factor were randomly generated, then server also receives the first playback factor, i.e. server at least receives second
Confirmation code, transaction message, the first encryption data and first reset the factor.
Step 209, operation is decrypted based on second the first encryption data of key pair in server, if successful decryption,
Obtain signed data;
Signed data is needed by that could be obtained after correct first decryption key decryption, if external equipment can not obtain
Second key or operation method can not then obtain the first decruption key, and then can not obtain signed data, ensure the peace of transaction
Entirely.
In the present embodiment, the second key is key pair with first key, and further, which can be symmetric key
It is right, can also be unsymmetrical key pair.
Before this step, server obtains the second key, and mode includes:
The mode that server corresponding with the present embodiment step 204 first way obtains the second key includes that second is close
Key is stored in advance in server internal.
The mode that server corresponding with the present embodiment step 204 second way obtains the second key includes server
The second key is generated also according to preset algorithm, the electronic key equipment of no button is for generating first key and server for giving birth to
Preset algorithm at the second key is identical.
The mode that server corresponding with the third mode of the present embodiment step 204 obtains the second key includes server
After generating first key, first key is also stored as the second key.
The mode that server corresponding with the 4th kind of mode of the present embodiment step 204 obtains the second key includes server
Also by being stored in advance in the decryption key decryption first key encryption information of server internal, the second key is obtained.
Step 210, server is based on sign test data packet and carries out sign test operation to signed data, and sign test data packet includes at least
Second confirmation code, transaction message and the second roll-off factor.
Server need based on the second roll-off factor to signed data carry out sign test operation, if server cannot generate with
Identical second roll-off factor of first roll-off factor, i.e., cannot succeed sign test, further ensure the safety of transaction.
Further, before this step, server is also based on preset algorithm, generates the second roll-off factor.It is walked with the present embodiment
The method of the second roll-off factor of the rapid corresponding server acquisition of 203 first way includes that server is based on every preset time
Preset algorithm generates the second roll-off factor;Wherein, server is for generating the preset algorithm of the second roll-off factor and without button
The preset algorithm that electronic key equipment is used to generate the first roll-off factor be it is identical, preset time be also it is identical, therefore, the
One roll-off factor and the second roll-off factor are also identical.Alternatively, server is also based on preset algorithm and kind every preset time
Son generates the second roll-off factor, wherein server is used to generate the second roll-off factor and the electronic key equipment without button is used for
The preset algorithm, preset time and seed for generating the first roll-off factor are identical.If server and the electronics without button
Seed, preset algorithm or interval time in key devices is different, then cannot generate the second rolling identical with the first roll-off factor
Reason, i.e., cannot succeed sign test, further ensure the safety of transaction.With the present embodiment step 203 second way pair
The method that the server answered obtains the second roll-off factor includes, transaction message of the server also at least based on previous transaction and default
Algorithm, generates the second roll-off factor, and the electronic key equipment of no button generates the first roll-off factor and server for generating the
The preset algorithm of two roll-off factors is identical, ensures successfully sign test.
Further, corresponding with the present embodiment step 203 before this step, server generates second and resets the factor,
Further include the second playback factor in this step, in sign test data packet, i.e., includes at least transaction message, first in data to be signed packet
Roll-off factor and second resets the factor, and the mode for generating the second playback factor includes but not limited to:Mode one, server can also be every
It is based on preset algorithm every preset time, second is generated and resets the factor, server generates the preset algorithm that second resets the factor and pre-
If the time is identical as the preset algorithm of the electronic key equipment of no button generation the first playback factor and preset time, ensure successfully
Sign test;Mode two, server are based on preset algorithm and seed every preset time, generate second and reset the factor, server generates
The preset algorithm and preset time and the electronic key equipment of no button of the second playback factor generate first and reset the default of the factor
Algorithm is identical with preset time, ensures successfully sign test;Mode three, server can also reset factor setting by receive first
The factor is reset for second.
Further, corresponding with step 203 in this step, if data to be signed packet further includes the mark factor, test
Label data packet further include mark the factor, i.e., sign test data packet include at least transaction message, the second roll-off factor, the second confirmation code and
Identify the factor.
Information interacting method provided in this embodiment confirms the side of transaction by inputting the second confirmation code in transaction terminal
Method, instead of the method for confirming transaction by the acknowledgement key of electronic key equipment in the prior art, therefore, the nothing in the present embodiment
The electronic key equipment of button, can omit the setting of acknowledgement key, greatly reduce the thickness and volume of equipment, enhance equipment
Portability, do not influence versatility, save manufacturing cost.Further, in data to be signed packet, be added first roll because
Son prevents transaction terminal in the case of no acquisition correct second confirmation code, and sign test operation is completed by Replay Attack, this
Outside, the first confirmation code is added in data to be signed packet, further enhances the safety of transaction.Moreover, the electronics without button
Information transmission between key devices and transaction terminal only needs primary interaction, reduces transactional operation step, transaction is made more to accelerate
Victory is convenient.
The present embodiment also provides a kind of information interaction system using above- mentioned information exchange method, which is and this method
Correspondingly, details are not described herein, is only briefly described as follows:
Fig. 2 illustrates the structural schematic diagram of the information interaction system of the present invention, referring to Fig. 2, information exchange system of the invention
System, including:Electronic key equipment 401 without button and transaction terminal 402.
Electronic key equipment 401 without button, the transaction message for receiving the transmission of transaction terminal 402, generates and shows
First confirmation code is treated signature packet and carries out signature operation acquisition signed data, carried out to signed data based on first key
Cryptographic operation obtains the first encryption data, and the first encryption data is at least sent to transaction terminal 402, and data to be signed packet includes
Transaction message, the first confirmation code and the first roll-off factor;
Further, in this system, the electronic key equipment 401 of no button is additionally operable to be based on preset algorithm, generates first
Roll-off factor, the mode for generating the first roll-off factor are including but not limited to following two:First way is the electronics of no button
Key devices 401 are also based on preset algorithm every preset time and generate the first roll-off factor, alternatively, the electronic key without button is set
Standby 401 are also based on preset algorithm and seed the first roll-off factor of generation every preset time.Pre- imputation is had no in transaction terminal 402
Method, seed or preset time, and then the first roll-off factor can not be obtained, therefore, transaction terminal 402 can not be signed or be tested
Label have ensured that transaction terminal 402 can not carry out transaction illegal Replay Attack, have further enhanced the safety of transaction.The
Two kinds of modes are, the transaction message and preset algorithm that the electronic key equipment 401 of no button can also be at least based on previous transaction, raw
At the first roll-off factor, transaction terminal 402 can not obtain previous transaction message, and then can not obtain the first roll-off factor, therefore,
Transaction terminal 402 can not carry out signature or sign test, ensure that transaction terminal 402 can not carry out transaction illegal Replay Attack,
Further enhance the safety of transaction.
Further, in this system, the electronic key equipment 401 of no button produces first and resets the factor, in this system,
Data to be signed packet can also include the first playback factor, i.e., transaction message, the first rolling are included at least in data to be signed packet
The factor and first resets the factor.Generating the mode that first resets the factor includes but not limited to:Mode one, the electronic key of no button
Equipment 401 is based on preset algorithm every preset time, generates first and resets the factor.Mode two, the electronic key equipment of no button
401 also can be based on preset algorithm and seed every preset time, generate first and reset the factor.The electronics of mode three, no button is close
Key equipment 401 can also generate the first playback factor at random, such as be made an uproar according to the current or voltage of the electronic equipment internal of no button
Sound generates first and resets the factor.When transaction terminal 402 can not learn the preset algorithm for generating the first playback factor, seed, preset
Between or without the voltage and current noise in keying electronic key devices 401, and then the first playback factor can not be obtained, therefore, transaction
Terminal 402 can not carry out signature or sign test, ensure that transaction terminal 402 can not carry out transaction illegal Replay Attack, into one
Step enhances the safety of transaction.
In this system, data to be signed packet further includes the mark factor, i.e. data to be signed packet includes at least transaction message, the
One roll-off factor, the first confirmation code and the mark factor, wherein the mark factor is 401 identity of electronic key equipment of no button
Unique mark further enhances the safety of transaction.
Further, the electronic key equipment 401 of no button is additionally operable to obtain first key, wherein first key obtains
It includes but not limited to following several to take mode:
First way is that first key is stored in advance in inside the electronic key equipment 401 of no button, that is, is being handed over
Easy flow is stored in the key in the electronic key equipment 401 of no button before starting;
The second way is that first key can be that the electronic key equipment 401 of no button is generated based on preset algorithm,
Wherein, first key can be based on preset time and default seed based on preset algorithm generation, may be based on the transaction of previous transaction
Message generates, and the randomness of first key has ensured the unpredictability of first key, further enhanced the safety of transaction.
The third mode is that first key can also be the key that the electronic key equipment 401 of no button obtains, specifically
The electronic key equipment 401 on ground, no button obtains first key encryption information, and first key encryption letter is decrypted by private key for user
Breath obtains first key.First key has the characteristics that randomness, can avoid the leakage of fixed key and caused by merchandise wind
Danger, further enhances the safety of transaction.
4th kind of mode is that first key can also be what 401 inside of electronic key equipment of no button generated, specifically
, can be one group of random number that the electronic key equipment 401 of no button is generated according to its signal noise, for example, voltage noise
Or current noise, can also be one group of random number that the electronic key equipment 401 of no button is generated according to preset algorithm and seed.
By encryption keys first key, first key encryption information is obtained, encryption key can be the public key of decryption device.Nothing
The key that the electronic key equipment 401 of button generates and sends has the characteristics that randomness, can avoid the leakage of fixed key
Transaction risk caused by and further enhances the safety of transaction.
In the present embodiment, further, if first key is based in advance by 401 inside of electronic key equipment of no button
What imputation method generated, then first key encryption information is also also sent to transaction terminal 402, i.e., at least by the first encryption data and
First key encryption information is sent to transaction terminal 402.
In the present embodiment, further, if further include in data to be signed packet the first playback factor and first reset because
What son was randomly generated, then the first playback factor is also sent to transaction terminal by the electronic key equipment without button, i.e., at least sends out
The first encryption data and first is sent to reset the factor.
Transaction terminal 402, at least receive the first encryption data and obtain the second confirmation code, at least by transaction message,
Second confirmation code and the first encryption data outgoing;
In the present embodiment, the method that transaction terminal 402 obtains the second confirmation code includes:Second confirmation code can be that transaction is whole
End 402 obtained by keyboard, can also be transaction terminal 402 reads the picture that electronic key equipment 401 without button is shown and obtains
It takes, can also be the audio acquisition that electronic key equipment 401 of the identification of transaction terminal 402 without button plays.
In this system, further, if first key is to be based on presetting by 401 inside of electronic key equipment of no button
What algorithm generated, then transaction terminal 402 at least adds transaction message, first key also by first key encryption information outgoing
Confidential information, the second confirmation code and the first encryption data send outgoing.
Further, further include server 403 in the system of the present embodiment,
Further, in the present embodiment transaction terminal 402 at least by the second confirmation code, transaction message and the first encryption data
It is sent to server 403 outside, if first key is generated by the 4th kind of mode of first key acquisition modes, transaction terminal
402 will also be sent to server 403 outside first key encryption information, if further include in data to be signed packet the first playback factor and
What the first playback factor was randomly generated, then transaction terminal 402 will also be sent to server 403 outside the first playback factor.
Further, the third mode that the electronic key equipment 401 of no button obtains first key is first key
Can be the key that the server 403 that obtains of electronic key equipment 401 of no button generates, specifically, server 403 generates the
One key encrypts first key by client public key, obtains first key encryption information, server 403 encrypts first key
Information is transmitted to the electronic key equipment 401 of no button by transaction terminal 402, and the electronic key equipment 401 of no button passes through
Private key for user decrypts first key encryption information, obtains first key.Wherein, the client public key and nothing stored in server 403
The private key for user stored in the electronic key equipment 401 of button is a pair of of unsymmetrical key.It is generated and sent using server 403
Key as first key, first key has the characteristics that randomness, can avoid fixed key leakage and caused by hand over
Easy risk further enhances the safety of transaction.4th kind of mode is that first key can also be that the electronic key of no button is set
What standby 401 inside generated, specifically, can be generated according to its signal noise one group of electronic key equipment 401 of no button
Random number, for example, voltage noise or current noise, can also be the electronic key equipment 401 of no button according to preset algorithm and
One group of random number that seed generates.By encryption keys first key, first key encryption information is obtained.Electricity without button
The key that sub-key equipment 401 generates and sends has the characteristics that randomness, can avoid fixed key leakage and caused by
Transaction risk further enhances the safety of transaction.
In this system, further, if in data to be signed packet further including the first playback factor and the first playback factor
Be randomly generated, then transaction terminal also receive first playback the factor, i.e., at least receive the first encryption data and first reset because
Son.
Operation is decrypted for being based on second the first encryption data of key pair in server 403, if successful decryption,
Signed data is obtained, the second confirmation code and the second roll-off factor is at least based on and sign test operation is carried out to signed data;
In this system, further, if first key is to be based on presetting by 401 inside of electronic key equipment of no button
What algorithm generated, server 403 also receives first key encryption information, i.e. server 403 at least receives first key encryption letter
Breath, the second confirmation code, transaction message and the first encryption data.
In this system, further, if in data to be signed packet further including the first playback factor and the first playback factor
It is randomly generated, then server 403 is additionally operable to receive the first playback factor, that is, receives first and reset the factor, the first encryption number
According to, the second confirmation code and transaction message.
In the present embodiment, the second key is key pair with first key.
Further, server 403 is additionally operable to obtain the second key, wherein
Server 403 corresponding with the first way of first key is obtained in the present embodiment obtains the mode of the second key
Including the second key is stored in advance in 403 inside of server.
Server 403 corresponding with the second way of first key is obtained in the present embodiment obtains the mode of the second key
Including server 403 generates the second key also according to preset algorithm, and the electronic key equipment 401 of no button is for generating first
It is identical that key and server 403, which are used to generate the preset algorithm of the second key,.
Server 403 corresponding with the third mode of first key is obtained in the present embodiment obtains the mode of the second key
Including after server 403 generates first key, first key is also stored as the second key.
Server 403 corresponding with the 4th kind of mode of first key is obtained in the present embodiment obtains the mode of the second key
Including server 403 also by the decryption key decryption first key encryption information being stored in advance in inside server 403, obtains
Obtain the second key.
Further, server 403 is additionally operable to generate the second roll-off factor, and server 403 is carried out based on sign test data packet
Sign test operates, and sign test data packet includes at least the second roll-off factor and transaction message to signed data.Wherein, server 403 is gone back
For being based on preset algorithm, the second roll-off factor is generated.The first rolling is generated with electronic key equipment 401 of the present embodiment without button
The method that the corresponding server 403 of first way of reason obtains the second roll-off factor includes that server 403 is every default
Time is based on preset algorithm, generates the second roll-off factor;Wherein, server 403 is used to generate the pre- imputation of the second roll-off factor
Method and electronic key equipment 401 without button are identical, preset times for generating the preset algorithm of the first roll-off factor
It is identical, therefore, the first roll-off factor and the second roll-off factor are also identical.Alternatively, server 403 is also when default
Between the second roll-off factor generated based on preset algorithm and seed, wherein server 403 is for generating the second roll-off factor and without pressing
The electronic key equipment 401 of key is identical for generating the preset algorithm, preset time and seed of the first roll-off factor.Such as
Fruit server 403 is different with seed, preset algorithm or the interval time in the electronic key equipment 401 of no button, then cannot produce
Raw the second roll-off factor identical with the first roll-off factor, i.e., cannot succeed sign test, further ensure the safety of transaction.With
The corresponding server of the second way 403 that electronic key equipment 401 of the present embodiment without button generates the first roll-off factor obtains
The method for taking the second roll-off factor includes transaction message and preset algorithm of the server 403 also at least based on previous transaction, is generated
The electronic key equipment 401 of second roll-off factor, no button generates the first roll-off factor and server 403 for generating the second rolling
The preset algorithm of reason is identical, ensures successfully sign test.
Further, in the present system, server 403, which is additionally operable to generate second, resets the factor, in this system, sign test data
Further include the second playback factor in packet, i.e., includes at least transaction message, the first roll-off factor and the second weight in data to be signed packet
The factor is put, the mode for generating the second playback factor includes but not limited to:Mode one, server 403 can also be every preset time bases
In preset algorithm, generates second and reset the factor, server 403 generates the preset algorithm that second resets the factor and preset time and nothing
The preset algorithm that the electronic key equipment 401 of button generates the first playback factor is identical with preset time, ensures successfully sign test;Side
Formula two, server 403 are based on preset algorithm and seed every preset time, generate second and reset the factor, server 403 generates the
The preset algorithm and preset time and the electronic key equipment 401 of no button of the two playback factors generate first and reset the default of the factor
Algorithm is identical with preset time, ensures successfully sign test;Mode three, server 403 can also reset the factor by receive first
It is set as the second playback factor.
In the present embodiment, further, if data to be signed packet further includes the mark factor, sign test data packet further includes
The factor is identified, i.e. sign test data packet includes at least transaction message, the second roll-off factor, the second confirmation code and the mark factor.
Information interaction system provided in this embodiment confirms transaction by inputting the second confirmation code in transaction terminal 402
Method, instead of in the prior art by the acknowledgement key of electronic key equipment confirm transaction method, therefore, in the present embodiment
The electronic key equipment 401 without button, the setting of acknowledgement key can be omitted, greatly reduce the thickness and volume of equipment, increase
The strong portability of equipment, does not influence versatility, saves manufacturing cost.Further, in data to be signed packet, it is added the
One roll-off factor prevents transaction terminal 402 in the case of no acquisition correct second confirmation code, is tested by Replay Attack completion
Label operation, in addition, the first confirmation code is added in data to be signed packet, further enhances the safety of transaction.Moreover, without pressing
Information transmission between the electronic key equipment 401 and transaction terminal 402 of key only needs primary interaction, reduces transactional operation step
Suddenly, transaction is made more fast to facilitate.
The present embodiment also provides a kind of with the present embodiment information interacting method and information interaction system uses without button
Electronic key equipment, nothing in the method and system in technical solution and the present embodiment which uses
The scheme that the electronic key equipment of button uses is identical, and details are not described herein, is only briefly described as follows:
Fig. 3 illustrates the structural schematic diagram of the embodiment of the electronic key equipment without button.Structure shown in Fig. 3, should
Equipment includes at least:First information transmission module 501, electronic ink screen 503, the first confirmation code generation module 502, power supply module
504, the first roll-off factor generation module 505, security module 506 and the second information transmission modular 507,
First information transmission module 501 is at least sent to security module for receiving transaction message, and by transaction message
506;
In the present embodiment, first information transmission module 501 and the second information transmission modular 507 can be by way of contacts
(such as passing through the exposed hard contact outside the electronic key equipment of no button) receives information or is sent out information, can also pass through
Non-contacting mode (such as using bluetooth, NFC or radio frequency mode) receives information or is sent out information.Further, first
Information transmission modular 501 is additionally operable to transaction message being sent to electronic ink screen 503.
First confirmation code is sent to electronic ink screen by the first confirmation code generation module 502 for generating the first confirmation code
503 and security module 506;
First roll-off factor is sent to safety by the first roll-off factor generation module 505 for generating the first roll-off factor
Module 506;
Electronic ink screen 503 at least shows the first confirmation code at least receiving the first confirmation code;
In the present embodiment, electronic ink screen 503 is additionally operable to display transaction message.
In the present embodiment, it is shown using electronic ink screen 503, user does not expend electricity when reading display content
Amount, i.e. electronic ink screen lose power supply after the completion of display, can still be shown, therefore, the electronic key equipment of no button without
Battery must be set, the thickness and volume of the electronic key equipment of no button can be further decreased.
Power supply module 504 is produced electricl energy for passing through near-field coupling, is first information transmission module 501, electronic ink screen
503, the first confirmation code generation module 502, the first roll-off factor generation module 505, security module 506 and the second information transmit mould
Block 507 is powered;
Security module 506 treats signature packet for receiving transaction message, the first confirmation code and the first roll-off factor
Signature operation is carried out, signed data is obtained, operation is encrypted to signed data based on first key, obtains the first encryption number
According to, the first encryption data is at least sent to the second information transmission modular 507, data to be signed packet include at least transaction message,
First confirmation code and the first roll-off factor;
Second information transmission modular 507, at least receiving the first encryption data, at least the first encryption data of outgoing.
Further, security module 506 are additionally operable to prestore first key;Alternatively, security module 506, is additionally operable to give birth to
At first key.
Further, first information transmission module 501 is additionally operable to receive first key encryption information, and by first key
Encryption information is sent to security module 506;Security module 506 is additionally operable to receive first key encryption information, passes through private key for user
First key encryption information is decrypted, first key is obtained.
Further, security module 506 are additionally operable to generate first key, by being stored in advance in inside security module 506
Key encrypt first key, obtain first key encryption information, and first key encryption information is sent to the second information and is passed
Defeated module 507;Second information transmission modular 507 is additionally operable to receive first key encryption information, will be outside first key encryption information
Hair.
Further, the first roll-off factor generation module 505 is additionally operable to generate the first roll-off factor every preset time;
Alternatively, the first roll-off factor generation module 505, be additionally operable to the transaction message at least based on previous transaction generate first roll because
Son.
Further, the electronic key equipment of no button further includes the first playback factor generation module 508, first reset because
Sub- generation module 508, the factor is reset for generating first every preset time, and the first playback factor is sent to security module;
Security module is additionally operable to receive the first playback factor;Data to be signed packet further includes the first playback factor.
Further, the electronic key equipment of no button further includes the first playback factor generation module 508, first reset because
Sub- generation module 508 resets the factor for generating first at random, and the first playback factor is sent to security module and the second information
Transmission module;Security module is additionally operable to receive the first playback factor;Data to be signed packet further includes the first playback factor;Second
Information transmission modular is additionally operable to receive the first playback factor, at least resets factor outgoing by first.
The electronic key equipment of no button provided in this embodiment can be based on confirmation code and complete user to transaction message content
Confirmation, confirm button without setting, simultaneously because it is not necessary that battery is arranged, further reduces the thickness of equipment and volume and drop
Low manufacturing cost.
Embodiment 2
In the present embodiment, the electronic key equipment of no button can be intelligent cipher key equipment, such as USB-KEY, audio KEY or
Bluetooth KEY etc. can also be smart card, such as IC card.Transaction terminal can be POS machine, card reader etc. with card-reading function and can
With the equipment of server communication.Server can be the equipment such as bank's background server or network trading terminal server.Nothing is pressed
The electronic key equipment of key and the connection of transaction terminal can be that contact can also be contactless, transaction terminal and server
Information exchange can also be wirelessly by wired mode.
Fig. 4 is a kind of flow diagram of the embodiment of information interacting method provided by the invention.Method shown in Fig. 4 is real
Example is applied, is included the following steps:
Step 301, the electronic key equipment of no button receives the transaction message that transaction terminal is sent;
In this step, transaction message can be transaction terminal transmission comprising user information, spending amount and/or transaction silver
The information of the contents such as row title.
Step 302, the electronic key equipment of no button, which generates, shows the first confirmation code;
In this step, one group of character that the first confirmation code generates for the electronic key equipment internal random of no button, shape
Formula can be character or picture, can also be the section audio that can be controlled record and broadcast and put.Since the first confirmation code is the electricity of no button
It is generated inside sub-key equipment, external equipment can not obtain the first confirmation code, ensure the safety of transaction.
In this step, further, the electronic key equipment of no button can also show transaction message, ensure that finding is institute
Label, i.e. signature contents will not cause the transaction message of display and transaction message content to be signed inconsistent because being tampered, and ensure
Transaction security.
Step 303, the electronic key equipment of no button uses IBC private keys, treats signature packet and carries out signature operation, obtains
It includes the first confirmation code and transaction message to take signed data, data to be signed packet;
In this step, the key that the signature operation of signature packet uses is treated as the peace of the electronic key equipment of no button
IBC private keys in full chip, IBC private keys have can not derived characteristic, signature operation is techniques known, specific to flow
Details are not described herein for journey.
In this step, further, data to be signed packet further includes the mark factor, i.e. signature packet includes at least transaction
Message, the first confirmation code and the mark factor, wherein the mark factor is the unique mark of the electronic key equipment identities of no button,
Further enhance the safety of transaction.
Step 304, signed data is sent to transaction terminal by the electronic key equipment of no button;
In this step, further, Query Information is also sent to transaction terminal, i.e. the electronic key equipment without button extremely
Major general's signed data and Query Information are sent to transaction terminal.
Step 305, transaction terminal receives signed data and obtains the second confirmation code;
In this step, the method that transaction terminal obtains the second confirmation code includes:Second confirmation code can be that transaction terminal is logical
It crosses keyboard to obtain, can also be that transaction terminal reads the picture acquisition that the electronic key equipment without button is shown, can also be to hand over
The audio of easy electronic key device plays of the terminal recognition without button obtains.
Step 306, transaction terminal is at least by the second confirmation code, transaction message and signed data outgoing;
In this step, further, transaction terminal also by Query Information outgoing, i.e., transaction terminal at least by Query Information,
Transaction message, the second confirmation code and signed data outgoing.
Further, in the present embodiment step 306, transaction terminal is at least by the second confirmation code, transaction message and number of signature
According to server is sent to, further, Query Information is also sent to server by transaction terminal, i.e. transaction terminal at least will inquiry
Information, transaction message, the second confirmation code and signed data are sent to server.
Further, the present embodiment further includes,
Step 307, server at least receives transaction message, the second confirmation code and signed data;
In this step, further, server also receives Query Information, i.e. server at least receives transaction message, inquiry
Information, the second confirmation code and signed data.
Step 308, server is at least based on the second confirmation code and transaction message, is carried out to signed data using IBC public keys
Sign test operates.
IBC public keys, which are server internal storage or the internal key generated, external equipment, can not obtain IBC public keys, i.e., not
Sign test operation can be carried out, has ensured transaction security.
Sign test operation in this step is techniques known, and details are not described herein.
Before this step, further, server also searches IBC public keys according at least to Query Information.
Before this step, further, server also searches IBC public keys according at least to Query Information and generates information, according to IBC
Public key generates information and is based on IBC algorithms generation IBC public keys.
In this step, further, if data to be signed packet further include mark the factor, sign test operation also be based on mark because
Son carries out, i.e. sign test operation is carried out based on transaction message, the second confirmation code and the mark factor.
Information interacting method provided in this embodiment confirms the side of transaction by inputting the second confirmation code in transaction terminal
Method, instead of the method for confirming transaction by the acknowledgement key of electronic key equipment in the prior art, therefore, the nothing in the present embodiment
The electronic key equipment of button, can omit the setting of acknowledgement key, greatly reduce the thickness and volume of equipment, enhance equipment
Portability, do not influence versatility, save manufacturing cost.In addition, IBC private keys are based on user information, user key and/or pipe
The key that reason person's key is generated using IBC algorithms, for IBC private keys in the electronic key equipment storage inside of no button, having can not
Derived characteristic.Since rogue attacks person can not find the IBC public keys of user according to Query Information, or can not be according to IBC public affairs
Key generates information searching and generates information to IBC public keys and generate the IBC public keys of user, has ensured the safety of transaction, in addition,
The first confirmation code is added in data to be signed packet, further enhances the safety of transaction.Moreover, the electronic key without button is set
The standby information transmission between transaction terminal only needs primary interaction, reduces transactional operation step, transaction is made more fast to facilitate.
The present embodiment also provides a kind of information interaction system using above- mentioned information exchange method, which is and this method
Correspondingly, details are not described herein, is only briefly described as follows:
Referring to Fig. 5, the electronic key equipment 401 of no button, the transaction message for receiving the transmission of transaction terminal 402, life
At and show the first confirmation code, using IBC private keys treat signature packet carry out signature operation obtain signed data, at least will label
Name data are sent to transaction terminal 402, and data to be signed packet includes the first confirmation code and transaction message;
In this system, further, Query Information is also sent to transaction terminal by the electronic key equipment 401 of no button
402, i.e. signed data and Query Information are at least sent to transaction terminal 402 by the electronic key equipment 401 without button.
Transaction terminal 402 at least will be outside the second confirmation code, transaction message and signed data for obtaining the second confirmation code
Hair;
In this system, further, Query Information is also sent to server 403, i.e. transaction terminal by transaction terminal 402
402 at least by Query Information, transaction message, the second confirmation code and signed data outgoing.
Further, in the present embodiment system further include server 403,
Further, in the present embodiment system, transaction terminal 402 is at least by the second confirmation code, transaction message and number of signature
According to server 403 is sent to, further, Query Information is also sent to server 403, i.e. transaction terminal by transaction terminal 402
Query Information, transaction message, the second confirmation code and signed data are at least sent to server 403 by 402.Server 403, is used for
It is at least based on the second confirmation code and transaction message, sign test operation is carried out to signed data using IBC public keys.
In this system, further, server 403 also searches IBC public keys according at least to Query Information.
In this system, further, server 403 also searches IBC public keys according at least to Query Information and generates information, according to
IBC public keys generate information and are based on IBC algorithms generation IBC public keys.
In the present embodiment, further, if data to be signed packet further includes the mark factor, sign test operation is also based on mark
The factor carries out, i.e. sign test operation is carried out based on transaction message, the second confirmation code and the mark factor.
Information interaction system provided in this embodiment confirms transaction by inputting the second confirmation code in transaction terminal 402
Method, instead of in the prior art by the acknowledgement key of electronic key equipment confirm transaction method, therefore, in the present embodiment
The electronic key equipment 401 without button, the setting of acknowledgement key can be omitted, greatly reduce the thickness and volume of equipment, increase
The strong portability of equipment, does not influence versatility, saves manufacturing cost.In addition, IBC private keys are based on user information, user
The key that key and/or administrator key are generated using IBC algorithms, IBC private keys are inside the electronic key equipment 401 of no button
Storage, having can not derived characteristic.Since rogue attacks person can not find the IBC of user according to a part for user information
Public key, or the reserved information of user can not be found according to a part for user information and generate the IBC public keys of user, ensure friendship
Easy safety.
The present embodiment also provides a kind of with the present embodiment information interacting method and information interaction system uses without button
Electronic key equipment, nothing in the method and system in technical solution and the present embodiment which uses
The scheme that the electronic key equipment of button uses is identical, and details are not described herein, is only briefly described as follows:
Fig. 6 illustrates the structural schematic diagram of the embodiment of the electronic key equipment without button.Structure shown in fig. 6, should
Equipment includes at least:First information transmission module 501, electronic ink screen 503, the first confirmation code generation module 502, power supply module
504, security module 506 and the second information transmission modular 507,
First information transmission module 501 is at least sent to security module for receiving transaction message, and by transaction message
506;
In the present embodiment, first information transmission module 501 and the second information transmission modular 507 can be by way of contacts
(such as passing through the exposed hard contact outside the electronic key equipment of no button) receives information or is sent out information, can also pass through
Non-contacting mode (such as using bluetooth, NFC or radio frequency mode) receives information or is sent out information.Further, first
Information transmission modular 501 is additionally operable to transaction message being sent to electronic ink screen 503.
First confirmation code is sent to electronic ink screen by the first confirmation code generation module 502 for generating the first confirmation code
503 and security module 506;
Electronic ink screen 503 at least shows the first confirmation code at least receiving the first confirmation code;
In the present embodiment, electronic ink screen 503 is additionally operable to display transaction message.
In the present embodiment, it is shown using electronic ink screen 503, user does not expend electricity when reading display content
Amount, i.e. electronic ink screen lose power supply after the completion of display, can still be shown, therefore, the electronic key equipment of no button without
Battery must be set, the thickness and volume of the electronic key equipment of no button can be further decreased.
Power supply module 504 is produced electricl energy for passing through near-field coupling, is first information transmission module 501, electronic ink screen
503, the first confirmation code generation module 502, security module 506 and the power supply of the second information transmission modular 507;
Security module 506, for receiving transaction message and the first confirmation code, using IBC private keys treat signature packet into
Row signature operation obtains signed data, and signed data is at least sent to the second information transmission modular 507, data to be signed packet
Including at least transaction message and the first confirmation code;
Second information transmission modular 507, at least receiving signed data, at least outgoing signed data.
Further, security module 506 are additionally operable to storage Query Information, and Query Information are sent to the second information and is passed
Defeated module 507;Second information transmission modular 507 is additionally operable to receive Query Information, by Query Information outgoing.
The electronic key equipment of no button provided in this embodiment can be based on confirmation code and complete user to transaction message content
Confirmation, confirm button without setting, simultaneously because it is not necessary that battery is arranged, further reduces the thickness of equipment and volume and drop
Low manufacturing cost.
Any process described otherwise above or method description are construed as in flow chart or herein, and expression includes
It is one or more for realizing specific logical function or process the step of executable instruction code module, segment or portion
Point, and the range of the preferred embodiment of the present invention includes other realization, wherein can not press shown or discuss suitable
Sequence, include according to involved function by it is basic simultaneously in the way of or in the opposite order, to execute function, this should be of the invention
Embodiment person of ordinary skill in the field understood.
It should be appreciated that each section of the present invention can be realized with hardware, software, firmware or combination thereof.Above-mentioned
In embodiment, software that multiple steps or method can in memory and by suitable instruction execution system be executed with storage
Or firmware is realized.It, and in another embodiment, can be under well known in the art for example, if realized with hardware
Any one of row technology or their combination are realized:With the logic gates for realizing logic function to data-signal
Discrete logic, with suitable combinational logic gate circuit application-specific integrated circuit, programmable gate array (PGA), scene
Programmable gate array (FPGA) etc..
Those skilled in the art are appreciated that realize all or part of step that above-described embodiment method carries
Suddenly be that relevant hardware can be instructed to complete by program, program can be stored in a kind of computer readable storage medium
In, which includes the steps that one or a combination set of embodiment of the method when being executed.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing module, it can also
That each unit physically exists alone, can also two or more units be integrated in a module.Above-mentioned integrated mould
The form that hardware had both may be used in block is realized, can also be realized in the form of software function module.If integrated module with
The form of software function module realizes and when sold or used as an independent product, can also be stored in one it is computer-readable
It takes in storage medium.
Storage medium mentioned above can be read-only memory, disk or CD etc..
In the description of this specification, reference term " one embodiment ", " some embodiments ", " example ", " specifically show
The description of example " or " some examples " etc. means specific features, structure, material or spy described in conjunction with this embodiment or example
Point is included at least one embodiment or example of the invention.In the present specification, schematic expression of the above terms are not
Centainly refer to identical embodiment or example.Moreover, particular features, structures, materials, or characteristics described can be any
One or more embodiments or example in can be combined in any suitable manner.
Although the embodiments of the present invention has been shown and described above, it is to be understood that above-described embodiment is example
Property, it is not considered as limiting the invention, those skilled in the art are not departing from the principle of the present invention and objective
In the case of can make changes, modifications, alterations, and variations to the above described embodiments within the scope of the invention.The scope of the present invention
By appended claims and its equivalent limit.
Claims (9)
1. a kind of electronic key equipment of no button, which is characterized in that include at least first information transmission module, electric ink
Screen, the first confirmation code generation module, the first roll-off factor generation module, power supply module, security module and the second information transmit mould
Block,
The first information transmission module is at least sent to the safety for receiving transaction message, and by the transaction message
Module;
First confirmation code is sent to the electronics by the first confirmation code generation module for generating the first confirmation code
Ink screen and the security module;
First roll-off factor is sent to institute by the first roll-off factor generation module for generating the first roll-off factor
State security module;
The electronic ink screen at least shows first confirmation code at least receiving first confirmation code;
The power supply module is produced electricl energy for passing through near-field coupling, is the first information transmission module, second information
Transmission module, the electronic ink screen, the first roll-off factor generation module, the first confirmation code generation module and described
Security module is powered;
The security module treats label for receiving the transaction message, first confirmation code and first roll-off factor
Name data packet carries out signature operation, obtains signed data, operation is encrypted to the signed data based on first key, obtains
First encryption data is at least sent to second information transmission modular, the data to be signed by the first encryption data
Packet includes at least the transaction message, first confirmation code and the first roll-off factor;
Second information transmission modular, at least receiving first encryption data, at least described in outgoing first encryption number
According to.
2. the electronic key equipment of no button according to claim 1, which is characterized in that
The security module is additionally operable to prestore the first key;Alternatively,
The security module is additionally operable to generate the first key.
3. the electronic key equipment of no button according to claim 1, which is characterized in that
The first information transmission module is additionally operable to receive first key encryption information, and by the first key encryption information
It is sent to the security module;
The security module is additionally operable to receive the first key encryption information, the first key is decrypted by private key for user
Encryption information obtains the first key.
4. the electronic key equipment of no button according to claim 1, which is characterized in that
The security module is additionally operable to generate the first key, passes through the key being stored in advance in inside the security module
The first key is encrypted, obtains first key encryption information, and the first key encryption information is sent to described second
Information transmission modular;
Second information transmission modular is additionally operable to receive the first key encryption information, and the first key is encrypted and is believed
Cease outgoing.
5. the electronic key equipment of no button according to claim 1, which is characterized in that
The first roll-off factor generation module is additionally operable to generate first roll-off factor every preset time;Alternatively,
The first roll-off factor generation module is additionally operable to the transaction message at least based on previous transaction and generates first rolling
The factor.
6. the electronic key equipment of no button according to claim 1, which is characterized in that
The electronic key equipment of the no button further includes the first playback factor generation module, and described first, which resets the factor, generates mould
Block, the factor is reset for generating first every preset time, and resetting the factor by described first is sent to the security module;
The security module is additionally operable to receive the first playback factor;
The data to be signed packet further includes the first playback factor.
7. the electronic key equipment of no button according to claim 1, which is characterized in that
The electronic key equipment of the no button further includes the first playback factor generation module, and described first, which resets the factor, generates mould
Block resets the factor for generating first at random, and resetting the factor by described first is sent to the security module and second letter
Cease transmission module;
The security module is additionally operable to receive the first playback factor;
The data to be signed packet further includes the first playback factor;
Second information transmission modular is additionally operable to receive described first and resets the factor, at least will be outside the first playback factor
Hair.
8. a kind of electronic key equipment of no button, which is characterized in that include at least first information transmission module, electric ink
Screen, the first confirmation code generation module, power supply module, security module and the second information transmission modular,
The first information transmission module is at least sent to the safety for receiving transaction message, and by the transaction message
Module;
First confirmation code is sent to the electronics by the first confirmation code generation module for generating the first confirmation code
Ink screen and the security module;
The electronic ink screen at least shows first confirmation code at least receiving first confirmation code;
The power supply module is produced electricl energy for passing through near-field coupling, is the first information transmission module, second information
Transmission module, the electronic ink screen, the first confirmation code generation module and security module power supply;
The security module, for receiving the transaction message and first confirmation code, using IBC private keys to data to be signed
Packet carries out signature operation, obtains signed data, the signed data is at least sent to second information transmission modular, described
Data to be signed packet includes the transaction message and first confirmation code;
Second information transmission modular, at least receiving the signed data, at least signed data described in outgoing.
9. the electronic key equipment of no button according to claim 8, which is characterized in that
The security module is additionally operable to storage Query Information, and the Query Information is sent to second information and transmits mould
Block;
Second information transmission modular is additionally operable to receive the Query Information, by the Query Information outgoing.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711342236.3A CN108319870B (en) | 2014-05-28 | 2014-05-28 | Electronic key equipment without keys |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201410229713.5A CN103984906B (en) | 2014-05-28 | 2014-05-28 | A kind of electronic key equipment of no button |
CN201711342236.3A CN108319870B (en) | 2014-05-28 | 2014-05-28 | Electronic key equipment without keys |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410229713.5A Division CN103984906B (en) | 2014-05-28 | 2014-05-28 | A kind of electronic key equipment of no button |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108319870A true CN108319870A (en) | 2018-07-24 |
CN108319870B CN108319870B (en) | 2021-08-17 |
Family
ID=51276870
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711342236.3A Active CN108319870B (en) | 2014-05-28 | 2014-05-28 | Electronic key equipment without keys |
CN201410229713.5A Active CN103984906B (en) | 2014-05-28 | 2014-05-28 | A kind of electronic key equipment of no button |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201410229713.5A Active CN103984906B (en) | 2014-05-28 | 2014-05-28 | A kind of electronic key equipment of no button |
Country Status (1)
Country | Link |
---|---|
CN (2) | CN108319870B (en) |
Families Citing this family (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106936792A (en) * | 2015-12-30 | 2017-07-07 | 卓望数码技术(深圳)有限公司 | Safety certifying method and system and the mobile terminal for safety certification |
FR3075542B1 (en) * | 2017-12-19 | 2020-08-28 | Electricite De France | DIFFUSION KEY ON SCREEN |
WO2019232764A1 (en) * | 2018-06-07 | 2019-12-12 | 北京光合信诚科技有限公司 | Transaction method, hardware wallet and transaction device |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101989991A (en) * | 2010-11-24 | 2011-03-23 | 北京天地融科技有限公司 | Method for importing secret keys safely, electronic signature tool, authentication device and system |
CN102073801A (en) * | 2009-11-23 | 2011-05-25 | 邵通 | Method for confirming data in CPU (Central Processing Unit) card |
CN102215106A (en) * | 2011-05-31 | 2011-10-12 | 飞天诚信科技股份有限公司 | Wireless intelligent key device and signature method thereof |
CN102223237A (en) * | 2011-07-15 | 2011-10-19 | 飞天诚信科技股份有限公司 | Data signature authentication method and data signature authentication system |
CN202230487U (en) * | 2011-07-29 | 2012-05-23 | 邵军利 | Mobile paying code processor and system |
CN103136664A (en) * | 2013-03-06 | 2013-06-05 | 天地融科技股份有限公司 | Trading system and trading method of smart card with electronic signature function |
CN103312517A (en) * | 2013-06-28 | 2013-09-18 | 飞天诚信科技股份有限公司 | Implementation method for sharing display screens and keys in dual-purpose equipment |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102222390B (en) * | 2011-06-30 | 2012-10-31 | 飞天诚信科技股份有限公司 | Multifunctional intelligent key device and working method thereof |
CN103136667B (en) * | 2013-03-06 | 2016-09-14 | 天地融科技股份有限公司 | There is the smart card of electronic signature functionality, smart card transaction system and method |
CN108596605A (en) * | 2013-02-06 | 2018-09-28 | 天地融科技股份有限公司 | Smart card with electronic signature functionality |
-
2014
- 2014-05-28 CN CN201711342236.3A patent/CN108319870B/en active Active
- 2014-05-28 CN CN201410229713.5A patent/CN103984906B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102073801A (en) * | 2009-11-23 | 2011-05-25 | 邵通 | Method for confirming data in CPU (Central Processing Unit) card |
CN101989991A (en) * | 2010-11-24 | 2011-03-23 | 北京天地融科技有限公司 | Method for importing secret keys safely, electronic signature tool, authentication device and system |
CN102215106A (en) * | 2011-05-31 | 2011-10-12 | 飞天诚信科技股份有限公司 | Wireless intelligent key device and signature method thereof |
CN102223237A (en) * | 2011-07-15 | 2011-10-19 | 飞天诚信科技股份有限公司 | Data signature authentication method and data signature authentication system |
CN202230487U (en) * | 2011-07-29 | 2012-05-23 | 邵军利 | Mobile paying code processor and system |
CN103136664A (en) * | 2013-03-06 | 2013-06-05 | 天地融科技股份有限公司 | Trading system and trading method of smart card with electronic signature function |
CN103312517A (en) * | 2013-06-28 | 2013-09-18 | 飞天诚信科技股份有限公司 | Implementation method for sharing display screens and keys in dual-purpose equipment |
Also Published As
Publication number | Publication date |
---|---|
CN103984906B (en) | 2018-01-16 |
CN103984906A (en) | 2014-08-13 |
CN108319870B (en) | 2021-08-17 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106656510B (en) | A kind of encryption key acquisition methods and system | |
CN104243451B (en) | A kind of information interacting method, system and intelligent cipher key equipment | |
KR100653142B1 (en) | Communication system and device and communication method | |
CN100559393C (en) | RFID label and reader thereof, reading system and safety certifying method | |
CN103905204B (en) | The transmission method and Transmission system of data | |
CN103116847B (en) | Smart card, intelligent card transaction system and method with electronic signature functionality | |
CN107077670A (en) | Transaction message is sent | |
CN104243162B (en) | A kind of information interacting method, system and intelligent cipher key equipment | |
CN103136664A (en) | Trading system and trading method of smart card with electronic signature function | |
CN102236773A (en) | Radio frequency identification (RFID) encryption verification system and method | |
CN108768653A (en) | Identity authorization system based on quantum key card | |
CN103973455B (en) | A kind of information interacting method | |
CN101789068B (en) | Card reader safety certification device and method | |
CN103198401B (en) | There is smart card method of commerce and the system of electronic signature functionality | |
CN103984906B (en) | A kind of electronic key equipment of no button | |
US9154481B1 (en) | Decryption of a protected resource on a cryptographic device using wireless communication | |
KR20100031354A (en) | Tag security processing method using one time password | |
CN101540675A (en) | Smart key equipment and communication method and system of application software | |
CN103136667B (en) | There is the smart card of electronic signature functionality, smart card transaction system and method | |
CN109687957A (en) | A kind of RFID authentication method of the public-key cryptography scheme based on ellipse-hyperbolic | |
WO2012022207A1 (en) | Method and device for encryption and hard disk | |
CN1848725B (en) | Method and apparatus for securing a communicaton link between a first and a second device | |
CN108322440A (en) | It is a kind of to utilize safety equipment Card Reader login method and Security Login System | |
CN105959249B (en) | The management method and system of electronic equipment | |
CN109615054B (en) | Intelligent card |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |