CN108632226A - A kind of encryption method of catv terminal to net control device - Google Patents
A kind of encryption method of catv terminal to net control device Download PDFInfo
- Publication number
- CN108632226A CN108632226A CN201710179187.XA CN201710179187A CN108632226A CN 108632226 A CN108632226 A CN 108632226A CN 201710179187 A CN201710179187 A CN 201710179187A CN 108632226 A CN108632226 A CN 108632226A
- Authority
- CN
- China
- Prior art keywords
- encryption
- control device
- net control
- key
- message
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
Abstract
A kind of catv terminal includes the following steps to the encryption method of net control device:Step 1, it registers in net control device when starting catv terminal and establishes data interconnection, and in several keys of the pre- typing of catv terminal;Step 2, any one key pair message is randomly choosed when transmitting message to be encrypted, and is generated comprising the encryption definition including key;Step 3, the data stream transmitting including encryption definition and encryption message to net control device will be included;Step 4, net control device receives data flow, identifies the encryption definition in data flow, and select corresponding secret key decryption to encrypt message according to the instruction of encryption definition.The characteristics of with making limited terminal in transaction, ensureing the safety of transaction data.
Description
Technical field
The present invention relates to e-payment field, more particularly to the encryption method of a kind of limited terminal to net control device.
Background technology
There is no relevant cipher mode by the data of telephone line in existing financial transaction, when by lines in parallel and
The mode of eavesdropping easilys lead to leaking data.
Invention content
The purpose of the present invention is to provide a kind of encryption methods of catv terminal to net control device, and having makes limited terminal hand over
Yi Shi, the characteristics of ensureing the safety of data flow.
The present invention above-mentioned purpose technical scheme is that:
A kind of catv terminal includes the following steps to the encryption method of net control device
Step 1, it registers in net control device when starting catv terminal and establishes data interconnection, and is several close in the pre- typing of catv terminal
Key;
Step 2, any one key pair message is randomly choosed when transmitting message to be encrypted, and is generated comprising adding including key
Close definition;
Step 3, the data stream transmitting including encryption definition and encryption message to net control device will be included;
Step 4, net control device receives data flow, identifies the encryption definition in data flow, and according to the instruction of encryption definition selection pair
The secret key decryption encryption message answered.
Further, the data interconnection in step 1 includes cipher key match.
Further, the encryption in step 2 includes whole encryptions or Partial encryption.
Further, the encryption definition in step 2 includes key being encrypted and being generated the second key, the net control device identification
Second key finds out corresponding key.
Further, the encryption definition further includes that encrypted data length, the start offset amount of encryption data and receipts are single
The index of side
Further, when network controller receives data flow, the content and the encryption message that are included by encryption definition first
It is verified, judges whether encryption message is complete.
Further, the cipher mode is that DES or 3DES technologies are encrypted.
Further, it is transmitted on the basis of the message format of ISO8583 when transmission data data flow.In conclusion this hair
It is bright to have the advantages that:
1. using DES or Triple-DES algorithms, do not exchange key, make the transmission of data flow when being intercepted will not read
Go out key.
2. being encrypted using encrypted method twice, security performance is further increased.
3. before net control device decrypts encryption message, there are one the processes verified.
Description of the drawings
Fig. 1 is flow chart of the limited terminal to the encryption method of net control device;
Fig. 2 is encrypted message format;
Fig. 3 is the message format after decryption;
Verification flow chart when Fig. 4 is transaction.
Specific implementation mode
Below in conjunction with attached drawing, invention is further described in detail.
Embodiment,
Term:
TPDU:Transport protocol data unit.Represent the message that another transmission entity is sent to from a transmission entity;
EDS:Encryption definition part, a part of TPDU define how encryption message;
KIN:Cipher key index number, this is by the number that acquisition side is the setting of a terminal, in order to allow each terminal to have them
Independent transaction key;
ID=70:Encrypted message;
ID=60:Message after unencryption or decryption.
Shown in referring to Fig.1, a kind of encryption method of catv terminal to net control device comprising following steps
100. start catv terminal when register in net control device and establish data interconnection, in catv terminal pre- typing have several close
Key.
When starting catv terminal every time, it is necessary first to register in net control device, prevent catv terminal itself hardware and software quilt
It distorts, net control device carries out signature verification with line terminal during registering, and wired end is permitted in success of registering after meeting condition
End transaction, and the pre- typing key in catv terminal, making catv terminal and net control device has corresponding key, and the key is most
4095 different keys can mostly be managed.
When 200. transmitting message, randomly choose a kind of key, using DES or 3DES technologies to message carry out whole encryptions or
Partial encryption, and it includes the second key to be generated to key encryption(Encrypted key)Encryption definition inside, the encryption definition
Further include encrypted data length, start offset amount and index etc..
Randomly choosing a kind of key pair message and carrying out whole encryptions or Partial encryption keeps secrecy better, when encrypting,
Encrypted encryption length, start offset amount etc. can be generated, accordingly even when the data flow of transmission is stolen, thief can not also look for
To encrypted key, or start to encrypt therefrom.
300. will include the data stream transmitting including encryption definition and encryption message to net control device.
Encrypted message encrypts editor according to the format of ISO8583, and by the data stream transmitting to net control device.
When 400. net control devices receive data flow, it is first depending on encryption definition and encryption message is verified, judge to encrypt
Whether message is complete.
When net control device receives message, there is the step of verification before and after decryption, encryption length is read from encryption definition, is sentenced
Whether the encryption length of disconnected encryption message matches, and upon a match, operation is decrypted, when mismatching, enters step 600 progress
Alarm.
500. net control devices identify the second key, and find out corresponding key.
Since initial pre- typing there are several keys, several dry keys can be numbered, such second key is only first
The number of beginning key, when decryption, the key found out corresponding to number both may be used.
700. decrypt encryption message by encryption key used.
By being so arranged at the beginning, both sides(Catv terminal and net control device)There is key, in encryption and transmission,
Both sides do not have to exchange key, can both realize the process by secret key decryption.
With reference to shown in Fig. 2, the data flow of transmission, into edlin, TPDU is received by net control device according to format shown in figure
Judge whether the data flow encrypts, as ID=70, which has been encrypted, to identify EDS, and judge the letter of data flow
Whether breath is with the novel correspondence in EDS, KIN when to corresponding in extraction EDS, and finds key corresponding with KIN, by this
Key pair Transaction section is decrypted, and since there are data-bias during encrypted, and the data transmitted have to satisfaction 8
The multiple of byte, so in encryption, it may be necessary to additional byte is filled, to meet the multiple of 8 bytes.Data after decryption
ID=60 of stream, and Transaction section is complete message, as shown in Figure 3.
With reference to Fig. 4, in initializing cable terminal, catv terminal is communicated with net control device foundation, and has net control device reception
The verification of catv terminal judges whether KIN is non-zero when being verified, and when there is KIN, judges whether Key-seed is empty;When
When there is no KIN, it was demonstrated that do not encrypt, message, which is directly sent to net control device, at this time is traded;When Key-seed is empty, to
Net control device registration call, whether the TRDU and KIN that net control device knows catv terminal are effective, are that key-seed is obtained from key
(After POS registers successfully on net control device for the first time daily, the parameter used that can be obtained, net control device is registered for the first time
This key-seed can be issued POS in reply, POS terminal can be used after receiving in sending transaction encryption every time.If
POS can empty key-seed when encrypting sign-out within one day automatically.POS transaction each so all can know whether oneself has registered,
Ensure that transaction encryption is normally carried out.), and be stored in catv terminal, otherwise judge that mistake occurs for the catv terminal;Work as Key-
When seed is not empty, message is encrypted and by encrypted data stream transmitting to net control device, net control device receives message foundation
Above-mentioned EDS verifies message, judges whether the integrality of message or key are expired, is traded without mistaking, then
It merchandises successfully.
This specific embodiment is only explanation of the invention, is not limitation of the present invention, people in the art
Member can as needed make the present embodiment the modification of not creative contribution after reading this specification, but as long as at this
It is all protected by Patent Law in the right of invention.
Claims (7)
1. a kind of catv terminal is to the encryption method of net control device, it is characterised in that:Include the following steps
Step 1, it registers in net control device when starting catv terminal and establishes data interconnection, and is several close in the pre- typing of catv terminal
Key;
Step 2, any one key pair message is randomly choosed when transmitting message to be encrypted, and is generated comprising adding including key
Close definition;
Step 3, the data stream transmitting including encryption definition and encryption message to net control device will be included;
Step 4, net control device receives data flow, identifies the encryption definition in data flow, and according to the instruction of encryption definition selection pair
The secret key decryption encryption message answered.
2. a kind of catv terminal according to claim 1 is to the encryption method of net control device, it is characterised in that:In step 1
Data interconnection includes cipher key match.
3. a kind of catv terminal according to claim 1 is to the encryption method of net control device, it is characterised in that:In step 2
Encryption includes whole encryptions or Partial encryption.
4. a kind of catv terminal according to claim 1 is to the encryption method of net control device, it is characterised in that:In step 2
Encryption definition includes key being encrypted and being generated the second key, and the net control device identifies that the second key finds out corresponding key.
5. a kind of catv terminal according to claim 4 is to the encryption method of net control device, it is characterised in that:The encryption is fixed
Justice further includes encrypted data length, the start offset amount of encryption data and the index of acquirer
A kind of encryption method of the catv terminal according to claim 5 to net control device, it is characterised in that:Work as network controller
When receiving data flow, the content that encryption definition is included is verified with encryption message first, judges whether encrypt message
Completely.
6. a kind of catv terminal according to claim 1 is to the encryption method of net control device, it is characterised in that:The encryption side
Formula is that DES or 3DES technologies are encrypted.
7. a kind of catv terminal according to claim 1 is to the encryption method of net control device, it is characterised in that:Transmission data number
It is transmitted on the basis of the message format of ISO8583 when according to stream.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710179187.XA CN108632226A (en) | 2017-03-23 | 2017-03-23 | A kind of encryption method of catv terminal to net control device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710179187.XA CN108632226A (en) | 2017-03-23 | 2017-03-23 | A kind of encryption method of catv terminal to net control device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN108632226A true CN108632226A (en) | 2018-10-09 |
Family
ID=63706675
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710179187.XA Pending CN108632226A (en) | 2017-03-23 | 2017-03-23 | A kind of encryption method of catv terminal to net control device |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108632226A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109673013A (en) * | 2018-12-25 | 2019-04-23 | 南京升诚舜电子科技有限公司 | A kind of law-enforcing recorder data transfer control method |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080103982A1 (en) * | 2006-06-19 | 2008-05-01 | Ayman Hammad | Terminal Data Encryption |
CN101427280A (en) * | 2006-02-22 | 2009-05-06 | 海泊柯姆公司 | Secure electronic transaction system |
CN101656007A (en) * | 2009-08-14 | 2010-02-24 | 通联支付网络服务股份有限公司 | Safe system realizing one machine with multiple ciphers on POS machine and method thereof |
CN101964793A (en) * | 2010-10-08 | 2011-02-02 | 上海银联电子支付服务有限公司 | Method and system for transmitting data between terminal and server and sign-in and payment method |
CN103312522A (en) * | 2013-06-24 | 2013-09-18 | 上海讯联数据服务有限公司 | Secure data transmission control method based on payment terminal full-message encryption |
-
2017
- 2017-03-23 CN CN201710179187.XA patent/CN108632226A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101427280A (en) * | 2006-02-22 | 2009-05-06 | 海泊柯姆公司 | Secure electronic transaction system |
US20080103982A1 (en) * | 2006-06-19 | 2008-05-01 | Ayman Hammad | Terminal Data Encryption |
CN101656007A (en) * | 2009-08-14 | 2010-02-24 | 通联支付网络服务股份有限公司 | Safe system realizing one machine with multiple ciphers on POS machine and method thereof |
CN101964793A (en) * | 2010-10-08 | 2011-02-02 | 上海银联电子支付服务有限公司 | Method and system for transmitting data between terminal and server and sign-in and payment method |
CN103312522A (en) * | 2013-06-24 | 2013-09-18 | 上海讯联数据服务有限公司 | Secure data transmission control method based on payment terminal full-message encryption |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109673013A (en) * | 2018-12-25 | 2019-04-23 | 南京升诚舜电子科技有限公司 | A kind of law-enforcing recorder data transfer control method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7879111B2 (en) | System and method for RFID transfer of MAC, keys | |
US5745576A (en) | Method and apparatus for initialization of cryptographic terminal | |
US7571320B2 (en) | Circuit and method for providing secure communications between devices | |
CN100588142C (en) | IC card and encrypted communication method between IC cards thereof | |
US20060195402A1 (en) | Secure data transmission using undiscoverable or black data | |
WO1997045979A9 (en) | Method and apparatus for initialization of cryptographic terminal | |
US20150006404A1 (en) | Cryptographic Authentication And Identification Method Using Real-Time Encryption | |
IL113259A (en) | Apparatus and method for safe communication handshake and data transfer | |
CN106912046B (en) | One-way key fob and vehicle pairing | |
CN110768938A (en) | Vehicle safety communication method and device | |
CN111064572B (en) | Data communication method and device | |
CN100566337C (en) | Strengthen the method for wireless LAN safety | |
CN102415103A (en) | Cable television secure communication system for one way restricted access | |
CN108401494B (en) | Method and system for transmitting data | |
TW200537959A (en) | Method and apparatus for authentication in wireless communications | |
CN105791258A (en) | Data transmission method, terminal and open platform | |
CN105407467A (en) | Short message encryption methods, devices and system | |
CN110198320B (en) | Encrypted information transmission method and system | |
CN102056156B (en) | Computer Data Security is downloaded to the method and system of mobile terminal | |
US9876774B2 (en) | Communication security system and method | |
CN108632226A (en) | A kind of encryption method of catv terminal to net control device | |
US8953804B2 (en) | Method for establishing a secure communication channel | |
US10200348B2 (en) | Method to detect an OTA (over the air) standard message affected by an error | |
CN112769759B (en) | Information processing method, information gateway, server and medium | |
CN112787990B (en) | Power terminal trusted access authentication method and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20181009 |