CN108900311A - A kind of no certificate bluetooth key endorsement method and system - Google Patents
A kind of no certificate bluetooth key endorsement method and system Download PDFInfo
- Publication number
- CN108900311A CN108900311A CN201810929646.6A CN201810929646A CN108900311A CN 108900311 A CN108900311 A CN 108900311A CN 201810929646 A CN201810929646 A CN 201810929646A CN 108900311 A CN108900311 A CN 108900311A
- Authority
- CN
- China
- Prior art keywords
- key
- client
- bluetooth
- public key
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3252—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using DSA or related signature schemes, e.g. elliptic based signatures, ElGamal or Schnorr schemes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3825—Use of electronic signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
- G06Q20/401—Transaction verification
- G06Q20/4014—Identity check for transactions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/56—Financial cryptography, e.g. electronic payment or e-cash
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
- H04L2209/805—Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Computer Security & Cryptography (AREA)
- Accounting & Taxation (AREA)
- General Business, Economics & Management (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Mobile Radio Communication Systems (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
This application discloses a kind of no certificate bluetooth key endorsement method and systems, which is characterized in that including:When initiating transaction, client obtains pre-stored client public key mark from bluetooth key to verify the validity of bluetooth key;Bluetooth key carries out operation to the transaction message that the client is initiated and signs, and signature result is submitted to the client, the signature result is enclosed the client public key mark composition signature message and is sent to ebanking server sign test by client, and authorization this time operates after sign test passes through.It is identified using the embodiment of the present application using client public key as User Identity, not only reduces the time that mobile phone Internetbank APP reads User Identity from bluetooth key, improve the efficiency that mobile phone Internetbank APP transfers accounts, the user experience is improved;And reduce the total data packet number of signature message, improve efficiency of transmission.
Description
Technical field
This application involves art of cryptography, more particularly to a kind of no certificate bluetooth key endorsement method and system.
Background technique
Existing Internetbank bluetooth key is all based on the public key cryptosystem (PKI/CA) of certificate, the core element of PKI signature
The digital certificate (identity information) signed and issued by CA, PKI service provided by it be exactly authenticate, data integrity, data confidentiality
Property and non-repudiation.And include in certificate the main contents include user's name, CA title, client public key, validity period of certificate and
CA is to the signature of above- mentioned information, if client public key is RSA1024, public key length is 128 bytes, corresponding CA signature length
Degree is also 128 bytes, if client public key is RSA2048, client public key length one is 256 bytes, corresponding CA label
Name one is also 256 bytes, since user's name and CA title length can differ according to the actual situation, therefore the public key based on certificate
Certificate size about 1K or so in system, and classical bluetooth BLE can only transmit 20 bytes every time, transmit the data of 1k or so,
It need at least transmit 50 times, this operation has seriously affected user experience.
Summary of the invention
The application proposes a kind of no certificate bluetooth key endorsement method and system, and the conjunction of user is verified by public key mark
Method, and public key identifies included content and is far smaller than 1k, cell phone application reads public key mark from bluetooth key and demonstrate,proves more than reading
Book is much faster, substantially increases user experience.
In order to achieve the above objectives, according to the embodiment of the present application in a first aspect, providing a kind of no certificate bluetooth key signer
Method, including:
When initiating transaction, pre-stored client public key mark is obtained by client and verifies bluetooth key's in bluetooth key
Validity;
Bluetooth key carries out operation to the transaction message that client is initiated and signs, and submits signature result, visitor to client
Family termination receives affix client public key mark composition signature message after signature result.
It is as above, wherein a kind of no certificate bluetooth key endorsement method further includes that server end tests signature message
Card, and the transaction request of authorized client operates after being verified.
As above, wherein pre-stored client public key mark is issued from cipher key center.
As above, wherein client public key, which identifies, includes:User identifier, system banner, validity period, User Part public key R.
It is as above, wherein User Part public key R calculation formula is:
R=rG=d1G+r2G=Q1+r2G;
Wherein,<G ,+>It is the addition cyclic group of the point composition on elliptic curve, (d1,Q1) it is that the SM2 that user generates is interim
Key pair, d1For temporary private, Q1For temporary public key, r2It is to be generated by cipher key center;
According to the second aspect of the embodiment of the present application, a kind of no certificate bluetooth key endorsement method is provided, including:
Bluetooth key verifies user PIN, and after being verified, the bluetooth key generates SM2 temporary key to (d1,Q1), and handle
Temporary public key Q1Return to the client;
Bluetooth key receives part private key d', client public key Q, the client public key mark C that client is sent;
Bluetooth key is to part private key d' and temporary private d1Private key for user d is obtained by operation, and verifies private key for user d
With the matching of client public key Q;
It is verified, obtains public and private key (d, Q) and client public key mark C, and be written into bluetooth key.
It is as above, wherein a kind of no certificate bluetooth key endorsement method further includes:
User enters the client-side program and initiates public key mark downloading, and client-side program jumps to input bluetooth key and uses
The interface of family PIN inputs bluetooth key user PIN;
It is as above, wherein a kind of no certificate bluetooth key endorsement method further includes:
Client is by user's temporary public key Q1And User ID is sent to code key center.
It is as above, wherein a kind of no certificate bluetooth key endorsement method further includes:
Cipher key center is according to User ID and temporary public key Q1Calculating section private key d', client public key Q and public key identify C, and
Part private key d', client public key Q and public key mark C are returned into client;
According to the third aspect of the embodiment of the present application, a kind of no certificate bluetooth key signature system is provided, including:
It client, the server end being connect with client network and cipher key center and is connect with client by blueteeth network
Bluetooth key, wherein
When client initiates transaction request, using above-mentioned first aspect the method;
When client initiates downloading public key mark, using above-mentioned second aspect the method.
As above, wherein
What the application realized has the beneficial effect that:
(1) a kind of no certificate bluetooth key endorsement method is identified using client public key as User Identity, is reduced
Mobile phone Internetbank APP reads the time of User Identity from bluetooth key, improves the efficiency that mobile phone Internetbank APP transfers accounts, and is promoted
User experience.
(2) when mobile phone Internetbank APP assembling signature message, replacement user certificate is identified using client public key, reduces signature
Message total improves efficiency of transmission according to packet number.
Detailed description of the invention
In order to illustrate the technical solutions in the embodiments of the present application or in the prior art more clearly, to embodiment or will show below
There is attached drawing needed in technical description to be briefly described, it should be apparent that, the accompanying drawings in the following description is only this
The some embodiments recorded in application, for those of ordinary skill in the art, in the premise of not making the creative labor property
Under, it is also possible to obtain other drawings based on these drawings.
In the accompanying drawings:
Fig. 1 is according to a kind of no certificate bluetooth key endorsement method flow chart disclosed in the present application;
Fig. 2 is according to a kind of no certificate bluetooth key endorsement method application scenarios schematic diagram disclosed in the present application;
Fig. 3 is according to client public key mark downloading scene in a kind of no certificate bluetooth key endorsement method disclosed in the present application
Schematic diagram;
Fig. 4 is according to a kind of no certificate bluetooth key signature system composition block diagram disclosed in the present application.
Specific embodiment
This application discloses a kind of no certificate bluetooth key endorsement method and systems.
In order to make those skilled in the art better understand the technical solutions in the application, below in conjunction with the application reality
The attached drawing in example is applied, the technical scheme in the embodiment of the application is clearly and completely described, it is clear that described implementation
Example is merely a part but not all of the embodiments of the present application.Based on the embodiment of the present application, ordinary skill
The model of the application protection all should belong in personnel's every other embodiment obtained without creative efforts
It encloses.
In the embodiment of the present application, no certificate signature system be it is a kind of based on SM2, without using Bilinear map operation without certificate
System is authenticated, in this system, client public key is identified instead of the digital certificate in PKI system.And client public key mark packet
It includes:User identifier (18 byte), system banner (2 byte), validity period (6 byte), User Part public key (32 byte), therefore be based on
No certificate verification system public key identification length can control within 64 bytes, far smaller than there is certificate in certificate signature system
Length.
Fig. 4 is according to a kind of no certificate bluetooth key signature system composition block diagram disclosed in the present application.
As shown in figure 4, without certificate bluetooth key signature system 400 by cipher key center 410, client 420, bluetooth key430
And server end 440 is constituted,
Wherein, client 420 and server end 440 and cipher key center 410 are connected to the network, client 420 and bluetooth
Key430 is connected by blueteeth network.
In the embodiment of the present application, client 420 can be mobile phone, Pad or other mobile terminals;Bluetooth key430 function can
To include:Authentication, based on mobile support, meet the requirement of mainstream operation system and corresponding standard interface, number be provided
Word signature provides dedicated digital signature standard, compatible bank's signature requirement etc.;Server end 440 can be bank validation
Server etc.;Cipher key center 410 is key generation centre (Key Generation Center).
Fig. 1 is according to a kind of no certificate bluetooth key endorsement method flow chart disclosed in the present application;
This application discloses a kind of no certificate bluetooth key endorsement methods, including:
Step 110:When initiating transaction, pre-stored client public key mark is obtained by client 420 in bluetooth key430
And verify the validity of the bluetooth key430.
Step 120:The transaction message that bluetooth key430 initiates client 420 carries out operation and signs, and to client
420 submission signature results, client 420 enclose client public key mark composition signature message after receiving signature result;
Specifically, as shown in Fig. 2, for according to a kind of no certificate bluetooth key endorsement method application scenarios disclosed in the present application
Schematic diagram.Wherein ebanking server is authentication server i.e. server end 440, and mobile phone Internetbank client is client 420;
Specific network bank business process step is as follows:
201, user fills in Transaction Information, and submits;
Specifically, user logs in mobile phone Internetbank APP, fills in after Transaction Information and click submission;
202, client public key mark is obtained by Bluetooth channels;
203, public key mark is read;
204, public key mark is returned;
Specifically, Internetbank client obtains client public key mark, authentication verification bluetooth by Bluetooth channels from bluetooth key
The validity of key;
205, transaction message is organized;
206, transaction is initiated;
207, it HASH and signs;
Specifically, Internetbank client tissue transaction message and initiate to trade, bluetooth key receive after transaction message to message into
The corresponding HASH operation of row, and signature operation is carried out to message HASH value with private key for user;
208, signature result is returned;
209, signature message;
Specifically, signature result is issued Internetbank client by bluetooth key, Internetbank client will signature message (signature result
Affix public key mark) it is sent to ebanking server;
210, client public key, and sign test are calculated;
211, it is verified;
212, it trades successfully;
Specifically, ebanking server according to client public key identify in User ID and User Part public key R to calculate user public
Key, and sign test is carried out to signature result, after sign test passes through, authorization is this time operated.
In this specification embodiment, client public key mark is public by user identifier, system banner, validity period, User Part
Key R is composed.
Specifically, cipher key center 410 generates one group of SM2 public private key pair (s, P),
S=(s1,s2,…,sN), P=(P1,P2,…,PN), wherein Pi=siG, if E is an elliptic curve,<G ,+>It is E
On point composition addition cyclic group, n is<G ,+>Rank, and n be prime number;
Cipher key center 410 is saved s as system private key, and P is published as system public key, and total system must all trust
System public key.
In this specification embodiment, client public key Q calculation formula is:
Q=R+ (a1P1+a2P2+…+aNPN);
Wherein, R=rG=d1G+r2G=Q1+r2G is generated jointly by user and cipher key center, (d1,Q1) it is user's generation
Temporary key pair, d1For temporary private, Q1For temporary public key, r2It is to be generated by cipher key center;H (ID | | R)=(a1,
a2,…,aN) be by ID | | the mapping of R to mark vector, aiValue be not limited to 0,1, can be arbitrary value.
In this specification embodiment, pre-stored client public key mark be issued by cipher key center 410, including:
Bluetooth key430 generates SM2 temporary key to (d1,Q1), and temporary public key Q1Return to client 420;
Client 420 is by user's temporary public key Q1And User ID is sent to cipher key center 410;
Cipher key center 410 is according to User ID and temporary public key Q1Calculating section private key d', client public key Q and public key identify C,
And part private key d', client public key Q and public key mark C are returned into client 420;
Part private key d', client public key Q, client public key mark C are sent to bluetooth key430 by client 420;
Bluetooth key430 is to part private key d' and temporary private d1Real private key for user d is obtained by operation, and is verified
The matching of private key for user d and client public key Q;
It is verified, obtains user's public and private key (d, Q) and client public key mark C and bluetooth key430 is written.
Specifically, as shown in figure 3, for according to a kind of no certificate bluetooth key endorsement method client public key disclosed in the present application
Mark downloading schematic diagram of a scenario.User applies for that public key mark process is as follows:
301, public key mark downloading is initiated;
Specifically, user, which enters cipher key center client-side program, initiates public key mark downloading, client-side program be can be
Browser is also possible to cell phone application etc.;
302, user PIN is inputted;
Specifically, client-side program jumps to the input interface bluetooth key user PIN, bluetooth key user PIN is inputted;
303, it issues and generates key pair instruction;
304, SM2 temporary key is generated to (d1,Q1);
305, bluetooth key returns to temporary public key Q1;
Specifically, bluetooth key verifies user PIN, verification passes through, and client-side program issues generation key pair to bluetooth key
Instruction, the interior SM2 temporary key that generates of bluetooth key is to (d1Temporary private, Q1Temporary public key), and temporary public key Q1Return to client
Hold program;
306, temporary public key Q is sent1, User ID;
Specifically, client-side program is by user's temporary public key Q1And User ID (can be bluetooth key sequence number) is sent to
Cipher key center;
307, User Part private key d', client public key Q, client public key are generated and identifies C;
Specifically, cipher key center is according to User ID and temporary public key Q1Calculating section private key d', client public key Q, Yong Hugong
Key identifies C, and steps are as follows for calculating:
Step 1 calculates a User Part public key R=rG=d by user and the common livelihood of cipher key center1G+r2G=Q1+
r2G, d1That is temporary private, Q1It for temporary public key, is generated by user, r2Generated by cipher key center, construct an ID | | R to mark
The mapping of vector:
H (ID | | R)=(a1,a2,…,aN) wherein aiValue be not limited to 0,1, can be arbitrary value.
Step 2, then cipher key center calculating section private key d':
D'=r2+a1s1+a2s2+…+aNsN(modn)
Step 3, cipher key center calculate client public key Q:
Q=R+ (a1P1+a2P2+…+aNPN)
Step 4, cipher key center combine to form user according to user identifier, system banner, validity period, User Part public key R
Public key identifies C.
308, returning part private key d', client public key Q, client public key identify C;
Specifically, part private key d', client public key Q, client public key mark C are returned to 420 journey of client by cipher key center
Sequence;
309, returning part private key d', client public key Q, client public key identify C;
Part private key d', client public key Q, client public key mark C are sent to bluetooth key by client-side program;
310, pass through temporary private d1Real private key d is calculated with part private key d', whether verifying d and Q matches, if
Match, stores d, Q and C;
Specifically, bluetooth key is by part private key d' and key temporary private d1Real private key for user d is obtained by operation,
And the matching of private key for user d and client public key Q are verified, user's public and private key (d, Q), client public key are identified into C if matching
It is respectively written into Key.
Specifically, the calculating process of private key for user d is as follows:
D=d1+d'(modn)
Then have:
D=r+a1s1+a2s2+…+aNsN(modn)
Specifically, the matching process of verifying private key for user d and client public key Q is as follows:
It calculates known to the corresponding public key Q' of private key for user d:Q'=dG=R+ (a1P1+a2P2+…+aNPN)
Comparison show that Q'=Q, i.e. d and Q are matched, is otherwise mismatch.
311, it returns successfully;
312, display application client public key identifies successfully.
The application proposes a kind of no certificate bluetooth key endorsement method and system, and the conjunction of user is verified by public key mark
Method, realization have the beneficial effect that:
(1) a kind of no certificate bluetooth key endorsement method is identified using client public key as subscriber identity information, is reduced
Mobile phone Internetbank APP reads the time of subscriber identity information from bluetooth key, improves the efficiency that mobile phone Internetbank APP transfers accounts, and is promoted
User experience.
(2) when mobile phone Internetbank APP assembling signature message, replacement user certificate is identified using client public key, reduces signature
Message total improves efficiency of transmission according to packet number.
It should be understood by those skilled in the art that, embodiments herein can provide as method, system or computer program
Product.Therefore, complete hardware embodiment, complete software embodiment or reality combining software and hardware aspects can be used in the application
Apply the form of example.Moreover, it wherein includes the computer of computer usable program code that the application, which can be used in one or more,
The computer program implemented in usable storage medium (including but not limited to magnetic disk storage, CD-ROM, optical memory etc.) produces
The form of product.
The application is reference according to the method for the embodiment of the present application, the stream of bluetooth key (system) and computer program product
Journey figure and/or block diagram describe.It should be understood that can be realized by computer program instructions each in flowchart and/or the block diagram
The combination of process and/or box in process and/or box and flowchart and/or the block diagram.It can provide these computer journeys
Processor of the sequence instruction to general purpose computer, special purpose computer, Embedded Processor or other programmable datas processing bluetooth key
To generate a machine, so that being produced by the instruction that the processor that computer or other programmable datas handle bluetooth key executes
Life is for realizing the function of specifying in one or more flows of the flowchart and/or one or more blocks of the block diagram
Device.
These computer program instructions may also be stored in be able to guide computer or other programmable datas processing bluetooth key with
In the computer-readable memory of ad hoc fashion work, so that instruction stored in the computer readable memory generation includes
The manufacture of command device, the command device are realized in one box of one or more flows of the flowchart and/or block diagram
Or the function of being specified in multiple boxes.
These computer program instructions can also be loaded on computer or other programmable datas processing bluetooth key, so that
Series of operation steps are executed on computer or other programmable bluetooth key to generate computer implemented processing, thus
The instruction executed on computer or other programmable bluetooth key is provided for realizing in one or more flows of the flowchart
And/or in one or more blocks of the block diagram specify function the step of.
Although the preferred embodiment of the application has been described, it is created once a person skilled in the art knows basic
Property concept, then additional changes and modifications may be made to these embodiments.So it includes excellent that the following claims are intended to be interpreted as
It selects embodiment and falls into all change and modification of the application range.Obviously, those skilled in the art can be to the application
Various modification and variations are carried out without departing from spirit and scope.If in this way, these modifications and variations of the application
Belong within the scope of the claim of this application and its equivalent technologies, then the application is also intended to encompass these modification and variations and exists
It is interior.
Claims (10)
1. a kind of no certificate bluetooth key endorsement method, which is characterized in that including:
When initiating transaction, pre-stored client public key mark is obtained by client and verifies the bluetooth key's in bluetooth key
Validity;
The bluetooth key carries out operation to the transaction message that the client is initiated and signs, and submits and sign to the client
Name is as a result, the client receives the mark of client public key described in affix composition signature message after signature result.
2. a kind of no certificate bluetooth key endorsement method according to claim 1, which is characterized in that further include:Server end
Sign test is carried out to the signature message, and authorizes the transaction request of the client to operate after sign test passes through.
3. a kind of no certificate bluetooth key endorsement method according to claim 1, which is characterized in that described pre-stored
Client public key mark is issued by cipher key center.
4. a kind of no certificate bluetooth key endorsement method according to claim 3, which is characterized in that the client public key mark
Knowledge includes:User identifier, system banner, validity period, User Part public key R.
5. a kind of no certificate bluetooth key endorsement method according to claim 4, which is characterized in that
The User Part public key R calculation formula is:
R=rG=d1G+r2G=Q1+r2G;
Wherein,<G ,+>It is the addition cyclic group of the point composition on elliptic curve, (d1,Q1) it is the SM2 temporary key that user generates
It is right, d1For temporary private, Q1For temporary public key, r2It is to be generated by cipher key center.
6. a kind of no certificate bluetooth key endorsement method, which is characterized in that including:
Bluetooth key verifies user PIN, and after being verified, the bluetooth key generates SM2 temporary key to (d1,Q1), and interim
Public key Q1Return to client;
The bluetooth key receives part private key d', client public key Q, the client public key mark C that the client is sent;
The bluetooth key is to part private key d' and temporary private d1Obtain private key for user d by operation, and verify private key for user d and
The matching of client public key Q;
It is verified, obtains public and private key (d, Q) and client public key mark C, and be written into the bluetooth key.
7. a kind of no certificate bluetooth key endorsement method according to claim 6, which is characterized in that further include:
Before bluetooth key checking PIN, user enters the client-side program and initiates public key mark downloading request, the client
It holds programming jump to the interface of input bluetooth key user PIN, inputs bluetooth key user PIN.
8. a kind of no certificate bluetooth key endorsement method according to claim 6, which is characterized in that further include:
The client is by user's temporary public key Q1And User ID is sent to cipher key center.
9. a kind of no certificate bluetooth key endorsement method according to claim 8, which is characterized in that further include:
The cipher key center is according to User ID and the temporary public key Q1Calculating section private key d', client public key Q and the public key mark
Know C, and part private key d', client public key Q and public key mark C are returned into the client.
10. a kind of no certificate bluetooth key signature system, which is characterized in that including:
Client, the server end connecting with the client network and cipher key center and pass through blueteeth network with the client
The bluetooth key of connection, wherein
When the client initiates transaction request, 1-5 the method is required for perform claim;
When the client initiates downloading public key mark, 6-9 the method is required for perform claim.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810929646.6A CN108900311B (en) | 2018-08-15 | 2018-08-15 | Certificateless Bluetooth key signature method and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810929646.6A CN108900311B (en) | 2018-08-15 | 2018-08-15 | Certificateless Bluetooth key signature method and system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108900311A true CN108900311A (en) | 2018-11-27 |
CN108900311B CN108900311B (en) | 2021-04-27 |
Family
ID=64354260
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810929646.6A Active CN108900311B (en) | 2018-08-15 | 2018-08-15 | Certificateless Bluetooth key signature method and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108900311B (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109327310A (en) * | 2018-11-30 | 2019-02-12 | 江苏恒宝智能系统技术有限公司 | A kind of link protection method based on no certificate |
CN109560931A (en) * | 2018-11-30 | 2019-04-02 | 江苏恒宝智能系统技术有限公司 | A kind of equipment remote upgrade method based on no Certification system |
US11328039B2 (en) * | 2019-03-05 | 2022-05-10 | Kyocera Document Solutions Inc. | Electronic apparatus, and method of controlling electronic apparatus |
CN114640989A (en) * | 2022-03-26 | 2022-06-17 | 三未信安科技股份有限公司 | System and method for managing cryptographic module based on wireless communication technology |
CN116156495A (en) * | 2023-04-11 | 2023-05-23 | 支付宝(杭州)信息技术有限公司 | Security environment body checking method and system based on wireless signals |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101378315A (en) * | 2007-08-27 | 2009-03-04 | 华为技术有限公司 | Method, system, equipment and server for packet authentication |
CN101951603A (en) * | 2010-10-14 | 2011-01-19 | 中国电子科技集团公司第三十研究所 | Access control method and system for wireless local area network |
CN104539423A (en) * | 2014-12-16 | 2015-04-22 | 熊荣华 | Achievement method of certificate-less public key cryptosystem without bilinear pairing operation |
CN105450396A (en) * | 2016-01-11 | 2016-03-30 | 长沙市迪曼森信息科技有限公司 | Certificate-free combined secret key generation and application method |
CN105553662A (en) * | 2014-10-29 | 2016-05-04 | 航天信息股份有限公司 | Dynamic digital right management method and system based on identification password |
CN105743649A (en) * | 2014-12-11 | 2016-07-06 | 中兴通讯股份有限公司 | User signature and user signature decryption method, device and system |
WO2017114809A1 (en) * | 2015-12-28 | 2017-07-06 | Bull Sas | Second dynamic authentication of an electronic signature using a secure hardware module |
-
2018
- 2018-08-15 CN CN201810929646.6A patent/CN108900311B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101378315A (en) * | 2007-08-27 | 2009-03-04 | 华为技术有限公司 | Method, system, equipment and server for packet authentication |
CN101951603A (en) * | 2010-10-14 | 2011-01-19 | 中国电子科技集团公司第三十研究所 | Access control method and system for wireless local area network |
CN105553662A (en) * | 2014-10-29 | 2016-05-04 | 航天信息股份有限公司 | Dynamic digital right management method and system based on identification password |
CN105743649A (en) * | 2014-12-11 | 2016-07-06 | 中兴通讯股份有限公司 | User signature and user signature decryption method, device and system |
CN104539423A (en) * | 2014-12-16 | 2015-04-22 | 熊荣华 | Achievement method of certificate-less public key cryptosystem without bilinear pairing operation |
WO2017114809A1 (en) * | 2015-12-28 | 2017-07-06 | Bull Sas | Second dynamic authentication of an electronic signature using a secure hardware module |
CN105450396A (en) * | 2016-01-11 | 2016-03-30 | 长沙市迪曼森信息科技有限公司 | Certificate-free combined secret key generation and application method |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109327310A (en) * | 2018-11-30 | 2019-02-12 | 江苏恒宝智能系统技术有限公司 | A kind of link protection method based on no certificate |
CN109560931A (en) * | 2018-11-30 | 2019-04-02 | 江苏恒宝智能系统技术有限公司 | A kind of equipment remote upgrade method based on no Certification system |
CN109560931B (en) * | 2018-11-30 | 2020-11-24 | 江苏恒宝智能系统技术有限公司 | Equipment remote upgrading method based on certificate-free system |
US11328039B2 (en) * | 2019-03-05 | 2022-05-10 | Kyocera Document Solutions Inc. | Electronic apparatus, and method of controlling electronic apparatus |
CN114640989A (en) * | 2022-03-26 | 2022-06-17 | 三未信安科技股份有限公司 | System and method for managing cryptographic module based on wireless communication technology |
CN114640989B (en) * | 2022-03-26 | 2023-09-26 | 三未信安科技股份有限公司 | System and method for managing cryptographic module based on wireless communication technology |
CN116156495A (en) * | 2023-04-11 | 2023-05-23 | 支付宝(杭州)信息技术有限公司 | Security environment body checking method and system based on wireless signals |
Also Published As
Publication number | Publication date |
---|---|
CN108900311B (en) | 2021-04-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108900311A (en) | A kind of no certificate bluetooth key endorsement method and system | |
US9871655B2 (en) | Method for deriving a verification token from a credential | |
CN109067539B (en) | Alliance chain transaction method, alliance chain transaction equipment and computer readable storage medium | |
CN106161359B (en) | It authenticates the method and device of user, register the method and device of wearable device | |
US20240095713A1 (en) | Method, client device and pos terminal for offline transaction | |
US11882509B2 (en) | Virtual key binding method and system | |
CN117579281A (en) | Method and system for ownership verification using blockchain | |
CN108234385A (en) | A kind of method for authenticating user identity and device | |
CN113541970B (en) | Method and system for using distributed identifier | |
CN110189184B (en) | Electronic invoice storage method and device | |
CN110189013A (en) | A kind of determination method, apparatus, equipment and the medium of operation flow | |
CN104836776A (en) | Data interaction method and device | |
CN111931209B (en) | Contract information verification method and device based on zero knowledge proof | |
CN109981278A (en) | Applying digital certificate method, system, subscriber identification card, equipment and medium | |
CN109413084A (en) | A kind of password update method, apparatus and system | |
US10171249B2 (en) | Privacy friendly location based services | |
CN110363533A (en) | A kind of real-name authentication system and method | |
CN111949958A (en) | Authorization authentication method and device in Oauth protocol | |
CN109302286B (en) | Fido equipment key index generation method | |
CN112801660B (en) | Secret subscription-free method and device of payment protocol | |
CN109766716A (en) | A kind of anonymous bidirectional authentication method based on trust computing | |
CN115705601A (en) | Data processing method and device, computer equipment and storage medium | |
CN106533681A (en) | Attribute attestation method and system supporting partial presentation | |
CN115426106A (en) | Identity authentication method, device, system, electronic equipment and storage medium | |
CN112491777B (en) | Cross-block chain identity authentication method, computer equipment and readable storage medium |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information |
Address after: 801, 8 / F, building 4a, international R & D headquarters park, 68 Olympic street, Jianye District, Nanjing City, Jiangsu Province 210019 Applicant after: JIANGSU HENGBAO INTELLIGENT SYSTEM TECHNOLOGY Co.,Ltd. Address before: Hengtang Industrial Park, Yunyang town, Danyang City, Zhenjiang City, Jiangsu Province Applicant before: JIANGSU HENGBAO INTELLIGENT SYSTEM TECHNOLOGY Co.,Ltd. |
|
CB02 | Change of applicant information | ||
GR01 | Patent grant | ||
GR01 | Patent grant |