CN108886465A

CN108886465A - Key management method

Info

Publication number: CN108886465A
Application number: CN201680083465.5A
Authority: CN
Inventors: 李昕光
Original assignee: Individual
Current assignee: Individual
Priority date: 2016-03-30
Filing date: 2016-03-30
Publication date: 2018-11-23
Also published as: WO2017166118A1

Abstract

A kind of key management method, belongs to data processing field.Including：Producer's transmission card and M person in charge's cards are stored in one-level management center (201)；Blocked by the person in charge and generate master key card and main transmission card, and the master key is imported in the encryption equipment at one-level management center (202)；The branch's master key card and the main transmission card, distribution hair fastener master card that second level administrative center is issued using the one-level management center, or branch's master key is imported in the encryption equipment of the second level administrative center (203).This method realizes the replacement of electronic cash industry key, reduces purchase cost, realize higher scalability by under level-one key dispersion, realizing that the multistage key of software disperses.

Description

Key management method

Technical field

The present invention relates to key management field, in particular to a kind of key management method.

Background technique

In the case where living to build portion's key code system or under Unionpay's key code system, for unified root key, multi-stage key management system is carried out.It is the symmetrical 3DES algorithm using Double Length key such as three-level key management system, defines the unified consumption root key in the whole nation, then dispersed step by step according to different institutions code and area code, shared secondary breakup forms three-level key code system downwards.

Financial IC card is the IC card that bank card financial service function is realized using intelligent card chip, and country's financial IC card abides by PBOC standard at present.It is arranged according to the People's Bank, the whole nation has all started migration work of the magnetic stripe card to IC card at present, and financial IC card is widely used, and will greatly improve the safety of bank card payment, reduces fraud, while providing basis for bank card multifunctional application.Financial IC card is that one kind has high security and multiduty bank card, it not only can be used as financial card and uses, many industrial applications can be loaded simultaneously forms multipurpose bank piece, such as financial social security card, Citizen Card Item, financial consumption card card type, it can be widely applied to the fields such as market consumption, self-help shopping, public transport, greatly facilitate consumer, develops new bank card product for bank and basis is provided.The card sending system of financial IC card is mainly made of financial IC card root CA, key management system, data preparation system and personalization system at present, and building up for card sending system will greatly improve the efficiency and speed of issued by banks financial IC card, is provided safeguard for bank card business.

To reinforce the unified management of all banks IC card key, guarantees the safety of bank IC card service operation, specially formulate all banks IC card key management rule.

In the implementation of the present invention, the inventor finds that the existing technology has at least the following problems:

Key management system administers root key by large enterprise, and arranges more encryption equipments, realizes the unified key management system in the whole nation.Subordinate using second level or the mechanism of three-level distributed key, if there is hair fastener etc. operates, need to initiate to apply to general headquarters, and collect certain expense by general headquarters.

Summary of the invention

In order to which the cipher key system for solving the problems, such as current is at high cost, the embodiment of the invention provides a kind of key pipes Reason method.The technical solution is as follows:

According to a first aspect of the embodiments of the present invention, a kind of key management system is provided, the system comprises: KMS server-side, including one or more:

KMS server for installing software and executing the function of the software, and can pass through KMS server described in the API Access of client end interface software or the software；

Cipher machine for executing various security algorithm operations, and can be reserved for all or part of key；

Cipher machine management terminal is connected by one or more serial ports with the cipher machine, realizes the management to the cipher machine, including but not limited to configures the cipher machine and management key；

Cipher machine management card authenticates operating right when for being managed to the cipher machine；

Cipher machine key card, for backing up the key stored in the cipher machine, it can also be used to by the key recovery backed up in the cipher machine key card into the cipher machine；

KMS client, including one or more:

KMS client, is used for installation interface software, and user can carry out system administration and cipher key management operation by the interface of the client；

IC card carries out authentication when for logging in the key management system for storing subscriber authentication key；

Card reader is used for read/write IC card；

The key management system can support key Multistage dispersion and key two-level management.

In the first possible embodiment of first aspect, the system also includes:

KMS server-side, further includes one or more:

Printer, including but not limited to stylus printer, for printing key envelope；

Key envelope, i.e. digital envelope, for storing encrypted content and the encrypted key for being used to encrypt the content；

KMS client, further includes one or more:

The IC card that subscriber card, i.e. personal user are held, the key that client is written by the card reader when for saving hair fastener, and the terminal device of IC card is supported to trade；

PSAM card, for saving the various keys used in transaction；

Terminal security module, for processing terminal safety, including but not limited to preservation client key and security algorithm operation；

Cipher key delivery medium, for storing key in cipher key transmitting process；

Code keyboard inputs password for user, and the key stored in the code keyboard is used to encrypt the password of user's input.

In second of possible embodiment of first aspect, the system also includes:

All data of IC card hair fastener for when IC card hair fastener, collecting the data that IC card hair fastener needs, and are supplied to personalization system, by personalization system hair fastener by data preparation system；

Interaction center, between including but not limited to each system exchange information must by mechanism；

The equipment that terminal, including but not limited to user are traded using magnetic stripe card or IC card；

Sales counter, including but not limited to the cabinet face of bank outlets.

The second aspect of the embodiment of the present invention provides a kind of key management method, which comprises

Sub-key after the dispersion of master key n times is written in the subscriber card as the key of subscriber card in hair fastener, N is the natural number greater than 1；Or

Producer's transmission card and M person in charge's cards are stored in one-level management center, M is the natural number greater than 3；

Blocked by the person in charge and generate master key card and main transmission card, and the master key imported in the encryption equipment at the one-level management center；

The branch's master key card and the main transmission card that second level administrative center is issued using the one-level management center, issue hair fastener master card, or branch's master key are imported in the encryption equipment of the second level administrative center.

In the first possible embodiment of second aspect, when bank provides electronic cash card and provides key permission, by the certain applications file key of the electronic cash card, the file key of industry is replaced with, the file key of the industry is obtained by the master key or branch's master key dispersion.

In second of possible embodiment of second aspect, when the certain applications file key of the electronic cash card is replaced with the file key of industry, the application file key of the electronic cash card can also be retained.

In the third possible embodiment of second aspect, the M is equal to 4.

In the 4th kind of possible embodiment of second aspect, the one-level management center can be national Key Management Center.

In the 5th kind of possible embodiment of second aspect, the second level administrative center can be described one The financial IC card Key Management Center that the Lower Establishment of grade administrative center authorization is set up.

In the 6th kind of possible embodiment of second aspect, the second level administrative center can be experimental city or business bank's Key Management Center or issuing bank's Key Management Center.

Technical solution provided in an embodiment of the present invention has the benefit that

The present invention realizes the replacement of electronic cash industry key, reduces purchase cost, realize higher scalability by under level-one key dispersion, realizing that the multistage key of software disperses.

Detailed description of the invention

To describe the technical solutions in the embodiments of the present invention more clearly, the accompanying drawings required for describing the embodiments of the present invention are briefly described below, apparently, drawings in the following description are only some embodiments of the invention, for those of ordinary skill in the art, without creative efforts, it is also possible to obtain other drawings based on these drawings.

Fig. 1 is the structural schematic diagram of implementation environment involved in each embodiment of the present invention；

Fig. 2 is the method flow diagram of key management method provided by one embodiment of the present invention；

Fig. 3 is the structural schematic diagram for the key management system that another embodiment of the present invention provides；

Fig. 4 is the structural schematic diagram for the KMS server that another embodiment of the present invention provides；

Fig. 5 is the structural schematic diagram for the KMS client that another embodiment of the present invention provides；

Fig. 6 is the structural schematic diagram of data processing module provided by one embodiment of the present invention；

Fig. 7 be another embodiment of the present invention provides server structural schematic diagram.

Specific embodiment

To make the object, technical solutions and advantages of the present invention clearer, below in conjunction with attached drawing, embodiment of the present invention is described further in detail.

Referring to FIG. 1, it illustrates the structural schematic diagrams of implementation environment involved in each embodiment of the present invention.

Key management system is made of software and hardware part, software section mainly realize production, dispersion, the key importing of key, the downloading of key, key store function.Hardware components mainly realize the operation of key, the backup of key, the transaction of key, transaction of business etc..

Cipher key system supports key Multistage dispersion and key two-level management.When key Multistage dispersion refers to hair fastener The key being written in subscriber card can be each master key and repeatedly disperse later sub-key.Using the key cryptosystem of Multistage dispersion, it is ensured that the key between different discrete areas is mutually indepedent, while again can be mutually general；And key two-level management refers to headquarters level management and branch's grade management.Headquarters level management can be by operator management.General headquarters are responsible for taking care of producer's transmission card and 4 person in charge's cards.Master key card and main transmission card by person in charge's card generation system, and master key is imported in encryption equipment.The branch grade financial IC card Key Management Center set up by the Lower Establishment that operator general headquarters authorize of management is responsible for management and operation.Branch's grade key management is the branch's master key card issued using general headquarters and main transmission card issue various hair fastener master cards required for branch or be introduced directly into the encryption equipment of branch carry out using.

Realize the replacement of electronic cash industry key, electronic cash card is provided by bank first, permission is provided by bank, make system that certain applications file key therein to be replaced with to the file key of industry, the key is that the self-built key dispersion of operator obtains, therefore the electronic cash card for carrying out the replacement of industry key can use in the application range of City-level；Retain pervious file simultaneously, apply electronic cash card can also in original scene.

Key management system is a set of software systems, and the angle used from key is managed the various keys in operation system, and key algorithm operation and operation are realized by hardware encryption equipment.

Key management system major function is to provide key management and service function for operation system, can be widely applied to the payment of the associated electricals such as mobile payment, telecommunications, bank, social security, public transport.The cipher key system is managed using configurationization, is met user and is applied multi-service key management demand more.

Key code system builds the thought for strictly implementing " secret is key ", safety with higher and advance.In safety management, there is perfect personnel's certification, security control, O&M monitoring and Audit Mechanism.On application function, support EMV/PBOC2.0 Standard Bank credit card/debit card, stored value card etc. key generation, transmission, hair fastener, in terms of key management and demand for services, it can be used as independent Key Management Center to use, can also be connect with operation systems such as data preparation system, card sending systems and support associated key management service.

In conclusion the present invention realizes the replacement of electronic cash industry key, reduces purchase cost, realize higher scalability by under level-one key dispersion, realizing that the multistage key of software disperses.

Referring to FIG. 2, it illustrates the method flow diagrams of key management method provided by one embodiment of the present invention.The present embodiment is applied to implementation environment shown in Fig. 1 with key management method to illustrate.This method may include:

By the sub-key after the dispersion of master key n times, as the key of subscriber card, in hair fastener described in write-in In subscriber card, N is the natural number greater than 1；Or

Step 201, producer's transmission card and M person in charge's cards are stored in one-level management center, M is the natural number greater than 3；

Preferably, the one-level management center can be national Key Management Center；

Preferably, the M is equal to 4；

Step 202, blocked by the person in charge and generate master key card and main transmission card, and the master key imported in the encryption equipment at the one-level management center；

Step 203, the branch's master key card and the main transmission card that second level administrative center is issued using the one-level management center, issue hair fastener master card, or branch's master key are imported in the encryption equipment of the second level administrative center.

Preferably, when bank provides electronic cash card and provides key permission, by the certain applications file key of the electronic cash card, the file key of industry is replaced with, the file key of the industry is obtained by the master key or branch's master key dispersion.

Preferably, when the certain applications file key of the electronic cash card being replaced with the file key of industry, the application file key of the electronic cash card can also be retained.

Preferably, the second level administrative center can be the financial IC card Key Management Center that the Lower Establishment of the one-level management central authority is set up.

Preferably, the second level administrative center can be experimental city or business bank's Key Management Center or issuing bank's Key Management Center.

Referring to FIG. 3, the structural schematic diagram of the key management system provided it illustrates another embodiment of the present invention., the present embodiment is applied to implementation environment shown in Fig. 1 in this way to illustrate.The system comprises: KMS server-side 201 and KMS client 202.

Referring to FIG. 4, the structural schematic diagram of the KMS server provided it illustrates another embodiment of the present invention.The present embodiment is applied to implementation environment shown in Fig. 1 in this way to illustrate.KMS server-side 201 includes:

KMS server 1011 for installing software and executing the function of the software, and can pass through KMS server described in the API Access of client end interface software or the software；

Cipher machine 1012 for executing various security algorithm operations, and can be reserved for all or part of key；

Cipher machine management terminal 1013 is connected by one or more serial ports with the cipher machine, realizes the management to the cipher machine, including but not limited to configures the cipher machine and management key；

Cipher machine management card 1014, when for being managed to the cipher machine, authenticates operating right；

Cipher machine key card 1015, for backing up the key stored in the cipher machine, it can also be used to by the key recovery backed up in the cipher machine key card into the cipher machine；

Printer 1016, including but not limited to stylus printer, for printing key envelope；

Key envelope 1017, i.e. digital envelope, for storing encrypted content and the encrypted key for being used to encrypt the content.

Referring to FIG. 5, the structural schematic diagram of the KMS client provided it illustrates another embodiment of the present invention., the present embodiment is applied to implementation environment shown in Fig. 1 in this way to illustrate.KMS client 201, including one or more:

KMS client 2011, is used for installation interface software, and user can carry out system administration and cipher key management operation by the interface of the client；

2012IC card carries out authentication when for logging in the key management system for storing subscriber authentication key；

Card reader 2013 is used for read/write IC card；

The IC card that subscriber card 2014, i.e. personal user are held, the key that client is written by the card reader when for saving hair fastener, and the terminal device of IC card is supported to trade；

PSAM card 2015, for saving the various keys used in transaction；

Terminal security module 2016, for processing terminal safety, including but not limited to preservation client key and security algorithm operation；

Cipher key delivery medium 2017, for storing key in cipher key transmitting process；

Code keyboard 2018 inputs password for user, and the key stored in the code keyboard is used to encrypt the password of user's input.

It should be understood that key management system provided by the above embodiment is when carrying out key management, only with The division of above-mentioned each functional module is illustrated, in practical application, it can according to need and be completed by different functional modules above-mentioned function distribution, i.e., the internal structure of system is divided into different functional modules, to complete all or part of the functions described above.In addition, key management system provided by the above embodiment and key management method embodiment belong to same design, specific implementation process is detailed in embodiment of the method, and which is not described herein again.

Referring to FIG. 6, it illustrates the structural schematic diagrams of terminal provided by one embodiment of the present invention.The item transfer method that the electronic equipment can be used for implementing providing in above-described embodiment.Specifically:

Terminal 1000 may include the components such as RF (Radio Frequency, radio frequency) circuit 1010, the memory 1020 for including one or more computer readable storage medium, input unit 1030, display unit 1040, sensor 1050, voicefrequency circuit 1060, short-range communication module 1070, the processor 1080 for including one or more than one processing core and power supply 1090.It will be understood by those skilled in the art that the restriction of the not structure paired terminal of terminal structure shown in Figure 10, may include perhaps combining certain components or different component layouts than illustrating more or fewer components.Wherein:

RF circuit 1010 can be used for receiving and sending messages or communication process in, signal sends and receivees, and particularly, after the downlink information of base station is received, transfers to one or the processing of more than one processor 1080；In addition, the data for being related to uplink are sent to base station.Usually, RF circuit 1010 includes but is not limited to antenna, at least one amplifier, tuner, one or more oscillators, subscriber identity module (SIM) card, transceiver, coupler, LNA (Low Noise Amplifier, low-noise amplifier), duplexer etc..In addition, RF circuit 1010 can also be communicated with network and other equipment by wireless communication.Any communication standard or agreement can be used in wireless communication, including but not limited to GSM (Global System of Mobile communication, global system for mobile communications), GPRS (General Packet Radio Service, general packet radio service), CDMA (Code Division Multiple Access, CDMA), WCDMA (Wideband Code Division Multiple Access, wideband code division multiple access), LTE (Long Term Evolution, long term evolution), Email, SMS (Sho Rt Messaging Service, short message service) etc..

Memory 1020 can be used for storing software program and module, and processor 1080 is stored in the software program and module of memory 1020 by operation, thereby executing various function application and data processing.Memory 1020 can mainly include storing program area and storage data area, wherein storing program area can application program (such as sound-playing function, image player function etc.) needed for storage program area, at least one function Deng；Storage data area, which can be stored, uses created data (such as audio data, phone directory etc.) etc. according to terminal 1000.In addition, memory 1020 may include high-speed random access memory, it can also include nonvolatile memory, a for example, at least disk memory, flush memory device or other volatile solid-state parts.Correspondingly, memory 1020 can also include Memory Controller, to provide the access of processor 1080 and input unit 1030 to memory 1020.

Input unit 1030 can be used for receiving the number or character information of input, and generate keyboard related with user setting and function control, mouse, operating stick, optics or trackball signal input.Specifically, input unit 1030 may include touch sensitive surface 1031 and other input equipments 1032.Touch sensitive surface 1031, also referred to as touch display screen or Trackpad, the touch operation (for example user uses the operations of any suitable object or attachment on touch sensitive surface 1031 or near touch sensitive surface 1031 such as finger, stylus) of collectable user on it or nearby, and corresponding attachment device is driven according to preset formula.Optionally, touch sensitive surface 1031 may include both touch detecting apparatus and touch controller.Wherein, the touch orientation of touch detecting apparatus detection user, and touch operation bring signal is detected, transmit a signal to touch controller；Touch controller receives touch information from touch detecting apparatus, and is converted into contact coordinate, then gives processor 1080, and can receive order that processor 1080 is sent and be executed.Furthermore, it is possible to realize touch sensitive surface 1031 using multiple types such as resistance-type, condenser type, infrared ray and surface acoustic waves.In addition to touch sensitive surface 1031, input unit 1030 can also include other input equipments 1032.Specifically, other input equipments 1032 can include but is not limited to one of physical keyboard, function key (such as volume control button, switch key etc.), trace ball, mouse, operating stick etc. or a variety of.

Display unit 1040 can be used for showing information input by user or be supplied to the information of user and the various graphical user interface of terminal 1000, these graphical user interface can be made of figure, text, icon, video and any combination thereof.Display unit 1040 may include display panel 1041, optionally, display panel 1041 can be configured using the forms such as LCD (Liquid Crystal Display, liquid crystal display), OLED (Organic Light-Emitting Diode, Organic Light Emitting Diode).Further, touch sensitive surface 1031 can cover display panel 1041, after touch sensitive surface 1031 detects touch operation on it or nearby, processor 1080 is sent to determine the type of touch event, device 1080 is followed by subsequent processing according to the type of touch event and corresponding visual output is provided on display panel 1041.Although touch sensitive surface 1031 and display panel 1041 are to realize input and input function as two independent components, in some embodiments it is possible to touch sensitive surface 1031 and display panel 1041 is integrated and realize and output and input function in Figure 10.

Terminal 1000 may also include at least one sensor 1050, such as optical sensor, motion sensor and other sensors.Specifically, optical sensor may include ambient light sensor and proximity sensor, wherein ambient light sensor can adjust the brightness of display panel 1041 according to the light and shade of ambient light, proximity sensor can close display panel 1041 and/or backlight when terminal 1000 is moved in one's ear.As a kind of motion sensor, gravity accelerometer can detect the size of (generally three axis) acceleration in all directions, size and the direction that can detect that gravity when static can be used to identify application (such as horizontal/vertical screen switching, dependent game, magnetometer pose calibrating), Vibration identification correlation function (such as pedometer, percussion) of mobile phone posture etc.；The other sensors such as the gyroscope, barometer, hygrometer, thermometer, the infrared sensor that can also configure as terminal 1000, details are not described herein.

Voicefrequency circuit 1060, loudspeaker 1061, microphone 1062 can provide the audio interface between user and terminal 1000.Electric signal after the audio data received conversion can be transferred to loudspeaker 1061 by voicefrequency circuit 1060, be converted to voice signal output by loudspeaker 1061；On the other hand, the voice signal of collection is converted to electric signal by microphone 1062, audio data is converted to after being received by voicefrequency circuit 1060, it again will be after the processing of audio data output processor 180, through RF circuit 110 to be sent to such as another terminal, or audio data exported to memory 120 to be further processed.Voicefrequency circuit 160 is also possible that earphone jack, to provide the communication of peripheral hardware earphone Yu terminal 1000.

Short-range communication module 170 may include WiFi (wireless fidelity, Wireless Fidelity) technology and/or NFC technique and/or Bluetooth technology and/or infrared technique, terminal 1000 can help user to send and receive e-mail by short-range communication module 170, browse webpage and access streaming video etc., it provides wireless broadband internet access and short-range communication for user, for example is used for the read-write of electronic card in embodiments of the present invention.

Processor 1080 is the control centre of terminal 1000, utilize the various pieces of various interfaces and connection whole mobile phone, by running or executing the software program and/or module that are stored in memory 1020, and call the data being stored in memory 1020, the various functions and processing data for executing terminal 1000, to carry out integral monitoring to mobile phone.Optionally, processor 1080 may include one or more processing cores；Preferably, processor 1080 can integrate application processor and modem processor, wherein the main processing operation system of application processor, user interface and application program etc., modem processor mainly handles wireless communication.It is understood that above-mentioned modem processor can not also be integrated into processor 1080.

Terminal 1000 further includes the power supply 1090 (such as battery) powered to all parts, it is preferred that electricity Source can be logically contiguous by power-supply management system and processor 1080, to realize the functions such as management charging, electric discharge and power managed by power-supply management system.Power supply 1090 can also include one or more direct current or the random components such as AC power source, recharging system, power failure detection circuit, power adapter or inverter, power supply status indicator.

Although being not shown, terminal 1000 can also include camera, bluetooth module etc., and details are not described herein.Specifically in the present embodiment, the display unit of electronic equipment is touch-screen display, electronic equipment further includes having memory, and one or more than one program, perhaps more than one program is stored in memory and is configured to state one or more than one program by one or the execution of more than one processor to include for executing key management method as described above for one of them.

Referring to FIG. 7, it illustrates the structural schematic diagrams of server provided by one embodiment of the present invention.One or more server can form order management system, card management system, convergence management system or article in the embodiment of the present invention and provide method, apparatus.The server 1100 includes central processing unit (CPU) 1101, includes the system storage 1104 of random access memory (RAM) 1102 and read-only memory (ROM) 1103, and connects the system bus 1105 of system storage 1104 and central processing unit 1101.The server 1100 further includes the basic input/output (I/O system) 1106 that information is transmitted between each device helped in computer, and for the mass-memory unit 1107 of storage program area 1113, application program 1114 and other program modules 1115.

The basic input/output 1106 includes the input equipment 1109 of the display 1108 for showing information and such as mouse, keyboard etc for user's input information.Wherein the display 1108 and input equipment 1109 are all connected to central processing unit 1101 by being connected to the input and output controller 1110 of system bus 1105.The basic input/output 1106 can also include input and output controller 1110 for receiving and handling the input from multiple other equipment such as keyboard, mouse or electronic touch pen.Similarly, input and output controller 1110 also provides output to display screen, printer or other kinds of output equipment.

The mass-memory unit 1107 is connected to central processing unit 1101 by being connected to the bulk memory controller (not shown) of system bus 1105.The mass-memory unit 1107 and its associated computer-readable medium are that server 1100 provides non-volatile memories.That is, the mass-memory unit 1107 may include the computer-readable medium of such as hard disk or CD-ROM drive etc (not shown).

Without loss of generality, the computer-readable medium may include computer storage media and communication media.Computer storage medium includes volatile and non-volatile, the removable and irremovable medium that any method or technique of the information such as computer readable instructions, data structure, program module or other data for storage is realized.Computer storage medium includes RAM, ROM, EPROM, EEPROM, flash memory or other solid-state storages its technologies, CD-ROM, DVD or other optical storages, cassette, tape, disk storage or other magnetic storage devices.Certainly, skilled person will appreciate that the computer storage medium be not limited to it is above-mentioned several.Above-mentioned system storage 1104 and mass-memory unit 1107 may be collectively referred to as memory.

According to various embodiments of the present invention, the server 1100 can also be connected to the network to the remote computer on network by internet etc. and be run.Namely server 1100 can be connected to network 1112 by the Network Interface Unit 1111 being connected on the system bus 1105, in other words, Network Interface Unit 1111 can be used also to be connected to other kinds of network or remote computer system (not shown).

The memory further includes that one or more than one program, the one or more programs are stored in memory, and the one or more programs include the instruction for carrying out key management method provided in an embodiment of the present invention.

The serial number of the above embodiments of the invention is only for description, does not represent the advantages or disadvantages of the embodiments.

Those of ordinary skill in the art will appreciate that realizing that all or part of the steps of above-described embodiment may be implemented by hardware, relevant hardware can also be instructed to complete by program, the program can store in a kind of computer readable storage medium, storage medium mentioned above can be read-only memory, disk or CD etc..

The foregoing is merely presently preferred embodiments of the present invention, is not intended to limit the invention, and all within the spirits and principles of the present invention, any modification, equivalent replacement, improvement and so on should all be included in the protection scope of the present invention.

Claims

A kind of key management method, which is characterized in that the described method includes:

Sub-key after the dispersion of master key n times is written in the subscriber card as the key of subscriber card in hair fastener, N is the natural number greater than 1；Or

Producer's transmission card and M person in charge's cards are stored in one-level management center, M is the natural number greater than 3；

Blocked by the person in charge and generate master key card and main transmission card, and the master key imported in the encryption equipment at the one-level management center；

The branch's master key card and the main transmission card that second level administrative center is issued using the one-level management center, issue hair fastener master card, or branch's master key are imported in the encryption equipment of the second level administrative center.
According to the method for claim 1, it is characterized in that, when bank provides electronic cash card and provides key permission, by the certain applications file key of the electronic cash card, the file key of industry is replaced with, the file key of the industry is obtained by the master key or branch's master key dispersion.
According to the method described in claim 2, it is characterized in that, the application file key of the electronic cash card can also be retained when the certain applications file key of the electronic cash card is replaced with the file key of industry.
The method according to claim 1, wherein the M is equal to 4.
The method according to claim 1, wherein the one-level management center can be national Key Management Center.
The method according to claim 1, wherein the second level administrative center can be the financial IC card Key Management Center that the Lower Establishment of the one-level management central authority is set up.
According to the method described in claim 6, it is characterized in that, the second level administrative center can be experimental city or business bank's Key Management Center or issuing bank's Key Management Center.