CN109784076A - A kind of encrypting and decrypting method of 8583 agreement - Google Patents

A kind of encrypting and decrypting method of 8583 agreement Download PDF

Info

Publication number
CN109784076A
CN109784076A CN201910024059.7A CN201910024059A CN109784076A CN 109784076 A CN109784076 A CN 109784076A CN 201910024059 A CN201910024059 A CN 201910024059A CN 109784076 A CN109784076 A CN 109784076A
Authority
CN
China
Prior art keywords
group
data
ciphertext
encryption
tag
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910024059.7A
Other languages
Chinese (zh)
Other versions
CN109784076B (en
Inventor
夏俊
杨宏旭
陈刚
方超
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Eight Virton Technology Co Ltd
Original Assignee
Eight Virton Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Eight Virton Technology Co Ltd filed Critical Eight Virton Technology Co Ltd
Priority to CN201910024059.7A priority Critical patent/CN109784076B/en
Publication of CN109784076A publication Critical patent/CN109784076A/en
Application granted granted Critical
Publication of CN109784076B publication Critical patent/CN109784076B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention discloses the encrypting and decrypting methods of 8583 agreements, main code key is equipped with using the terminal of 8583 agreements, when encryption, des encryption is carried out by the domain bitmap in 8583 protocol data packet of key pair of master key first, and the original domain bitmap is replaced using encrypted data, secondly encryption replacement is carried out to 55 numeric field datas in 8583 protocol data packets, the data mart modeling in 8583 protocol data packets that finally encryption is completed is at ciphertext;When decryption, ciphertext is reversely processed obtain ciphertext data first, parsing secondly is carried out to ciphertext data and obtains the domain bitmap, and DES is carried out to the domain bitmap with master key and decrypts to obtain the original domain bitmap, finally restores 55 numeric field datas of encryption.The present invention, which carries out encrypting and decrypting to 8583 protocol data packets, can prevent sensitive information leakage in information transfer process.

Description

A kind of encrypting and decrypting method of 8583 agreement
Technical field
The present invention relates to network information communication encryption decryption technology fields, more particularly, to a kind of encryption solution of 8583 agreements Decryption method.
Background technique
8583 agreements are the communications protocol of the packet format based on ISO8583 message international standard, and 8583 packets are at most by 128 Field domain composition, there is unified regulation in each domain, and be divided into fixed length with it is elongated.8583 one section of packet fronts are bitmap, it is It being packaged to unpack and determines that the crucial of field domain replaces, bitmap is the soul of 8583 packets, it is the key that be packaged to unpack to determine field domain, And the attribute for understanding each field domain is then the basis for filling in data.8583 agreements mostly use in the exploitation of POS machine.8583 associations View as a kind of disclosed agreement, format be it is disclosed, anyone can be according to disclosed document to 8583 data in this way Packet is parsed, and may result in sensitive information (such as trade company number, terminal number, bank card data etc.) leakage.
Frequently with 55 domains of 8583 agreements, 55 domains are machine, that is, the equipment such as POS machine or ATM for Unionpay at present, are passed through Unionpay's specification calculates.Consumer sale occurs in we, and transaction message has arrived card issuer, and card issuer can verify the conjunction in 55 domains first Method.
Summary of the invention
The present invention is to provide one to may result in sensitive information leakage when solving the problems, such as the transmitting of current 8583 agreement Kind carries out encrypting and decrypting using to 8583 protocol data packets, can prevent the encrypting and decrypting side of 8583 agreements of sensitive information leakage Method.
To achieve the goals above, the invention adopts the following technical scheme: a kind of encrypting and decrypting method of 8583 agreements, is adopted Main code key is equipped with the terminals of 8583 agreements, when encryption, first using master key as in 8583 protocol data packet of key pair The domain bitmap carries out des encryption, and the original domain bitmap is replaced using encrypted data, secondly to 8583 protocol data packets In 55 numeric field datas carry out encryption replacement, finally encryption complete 8583 protocol data packets in data mart modeling at ciphertext;Decryption When, ciphertext is reversely processed obtain ciphertext data first, parsing secondly is carried out to ciphertext data and obtains the domain bitmap, and is close with master Key carries out DES to the domain bitmap and decrypts to obtain the original domain bitmap, finally restores 55 numeric field datas of encryption.In the present solution, Master key abbreviation pmk, according to current Unionpay's standard, every terminal that can carry out 8583 transaction necessarily first wants filling master close Key, general 16 bytes of master key;Bitmap, that is, bitmap;Des encryption is carried out according to Data Encryption Standard Encryption, DES are also referred to as data encryption standards.
Preferably, it is described to 55 numeric field datas in 8583 protocol data packets carry out encryption replacement process it is as follows: first basis The tag occurred in all 55 domains is arranged in a table, referred to as tag table, one byte of index of each tag by 8583 standards It indicates, the tag in 55 domains is replaced with to the tag index an of byte.Tag in this programme is alternatively referred to as label, and 55 domains are original Data are Tag-Length-Value format, first according to 8583 standards, and the tag being likely to occur in all 55 domains is arranged in one Table, referred to as tag table, according to standard, the item number of this table does not exceed 255, and the index of tag each in this way can use a word Section indicates.
Preferably, the data mart modeling in the 8583 protocol data packets that encryption is completed includes following step at ciphertext It is rapid: 1) entire 8583 protocol data bag data sequence to be divided into n group, every group of 8 bytes, last less than 8 bytes are supplied with 0; 2) first group of data is constant, since second group, carries out exclusive or with previous group for every group, the result of exclusive or is as new second group To n-th group of data;3) first group of constant data and new second group are formed into the square that a n row x 8 is arranged to n-th group of data Battle array, matrix ranks are exchanged, and obtain the new matrix of 8 row x n column, which is ciphertext.
Preferably, it includes following steps that the ciphertext, which reversely processes acquisition ciphertext data: 1) ciphertext is divided into 8 rows, N data of every row regard the matrix of 8 row x n column as;2) matrix ranks are exchanged, is arranged so as to obtain a n row x 8 Permutation matrix;3) since n-th group, exclusive or is carried out with previous group by every group, the result of exclusive or is as new n-th group, so It repeats, is substituted for new second group with first group of exclusive or until second group, and first group constant obtains new n group ciphertext data.
Preferably, the 55 numeric field data reduction processes by encryption, are that will decrypt the tag in 55 obtained numeric field datas Index is substituted for practical tag, completes all decryption.
Therefore, it the invention has the following beneficial effects: encrypting and decrypting is carried out to 8583 protocol data packets, was transmitted in information Cheng Zhong can prevent sensitive information leakage.
Specific embodiment
A kind of encrypting and decrypting method of 8583 agreement is equipped with main code key using the terminal of 8583 agreements, when encryption, first with Master key is that the domain bitmap in 8583 protocol data packet of key pair carries out des encryption, and replaces original using encrypted data Secondly the domain bitmap of beginning carries out encryption replacement to 55 numeric field datas in 8583 protocol data packets, 8583 that finally encryption is completed Data mart modeling in protocol data packet is at ciphertext;When decryption, ciphertext is reversely processed obtain ciphertext data first, secondly to decryption Data carry out parsing and obtain the domain bitmap, and carry out DES to the domain bitmap with master key and decrypt to obtain the original domain bitmap, most 55 numeric field datas of encryption are restored afterwards;
It is as follows that encryption replacement process is carried out to 55 numeric field datas in 8583 protocol data packets: first according to 8583 standards, will be owned The tag occurred in 55 domains is arranged in a table, referred to as tag table, and one byte representation of index of each tag will be in 55 domains Tag replaces with the tag index an of byte;
1) data mart modeling in the 8583 protocol data packets that encryption is completed is included the following steps: at ciphertext by entire 8583 Protocol data bag data sequence is divided into n group, every group of 8 bytes, and last less than 8 bytes are supplied with 0;2) first group of data be not Become, since second group, carries out exclusive or with previous group for every group, the result of exclusive or is as new second group to n-th group of data;3) First group of constant data and new second group are formed into the matrix that a n row x 8 is arranged to n-th group of data, matrix ranks are mutual It changes, obtains the new matrix of 8 row x n column, which is ciphertext;
It includes following steps that ciphertext, which reversely processes and obtains ciphertext data: 1) ciphertext being divided into 8 rows, n data of every row are regarded as The matrix of one 8 row x n column;2) matrix ranks are exchanged, so as to obtain the permutation matrix of a n row x 8 column;3) from N group starts, and carries out exclusive or with previous group for every group, and the result of exclusive or is so repeated as new n-th group, until second group with First group of exclusive or is substituted for new second group, and first group constant obtains new n group ciphertext data;
It is that the tag index decrypted in 55 obtained numeric field datas is substituted for reality by 55 numeric field data reduction processes of encryption Tag completes all decryption.
Specific implementation process is, when encryption, first using master key as the domain bitmap in 8583 protocol data packet of key pair Des encryption is carried out, and replaces the original domain bitmap using encrypted data;
Secondly encryption replacement is carried out to 55 numeric field datas in 8583 protocol data packets;It is as follows to encrypt replacement process: first basis The tag occurred in all 55 domains is arranged in a table, referred to as tag table, one byte of index of each tag by 8583 standards It indicates, the tag in 55 domains is replaced with to the tag index an of byte
The data mart modeling in 8583 protocol data packets that finally encryption is completed is at ciphertext;Including the following steps: 1) will be whole A 8583 protocol data bag data sequence is divided into n group, every group of 8 bytes, and last less than 8 bytes are supplied with 0, forms following number According to group:
Group 1:m11, m12, m13, m14, m15, m16, m17, m18
Group 2:m21, m22, m23, m24, m25, m26, m27, m28
…………………….
Group n:mn1, mn2, mn3, mn4, mn5, mn6, mn7, mn8;
2) first group of data is constant, since second group, carries out exclusive or with previous group for every group, the result of exclusive or is as new Second group to n-th group of data, it is as follows to obtain new data set:
Group 1:m11, m12, m13, m14, m15, m16, m17, m18
New group 2:m21, m22, m23, m24, m25, m26, m27, m28
…………………….
New group n:mn1, mn2, mn3, mn4, mn5, mn6, mn7, mn8;
3) first group of constant data and new second group are formed into the matrix M that a n row x 8 is arranged to n-th group of data, it will Matrix M ranks exchange, and obtain the new matrix MT of 8 row x n column, which is ciphertext;
When decryption, practical is exactly the inverse process of ciphering process, ciphertext is divided into 8 rows first, n data of every row regard one as The matrix MT of a 8 row x n column;
Then matrix MT ranks are exchanged, so as to obtain the permutation matrix M of a n row x 8 column:
Group 1:m11, m12, m13, m14, m15, m16, m17, m18
Group 2:m21, m22, m23, m24, m25, m26, m27, m28
…………………….
Group n:mn1, mn2, mn3, mn4, mn5, mn6, mn7, mn8;
Finally since n-th group, exclusive or is carried out with previous group by every group, the result of exclusive or is as new n-th group, so weight It is multiple, it is substituted for new second group with first group of exclusive or until second group, and first group constant obtains new n group ciphertext data:
Group 1:m11, m12, m13, m14, m15, m16, m17, m18
New group 2:m21, m22, m23, m24, m25, m26, m27, m28
…………………….
New group n:mn1, mn2, mn3, mn4, mn5, mn6, mn7, mn8;
The data finally obtained are parsed into (offset in the domain bitmap is fixed), obtain the domain bitmap, it is close with master Key carries out DES decryption to the obtained domain bitmap, obtains the original domain bitmap;
After the original domain bitmap is got, so that it may be parsed according to 8583 pairs of data, the tag in 55 domains obtained at this time Tag index has been had been replaced in ciphering process, and according to tag table content, the tag index in 55 obtained numeric field datas has been replaced It changes practical TAG into, completes all decryption.
The above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although with reference to the foregoing embodiments Invention is explained in detail, those skilled in the art should understand that: it still can be to aforementioned each implementation Technical solution documented by example is modified or equivalent replacement of some of the technical features;And these modification or Replacement, the spirit and scope for technical solution of various embodiments of the present invention that it does not separate the essence of the corresponding technical solution.

Claims (5)

1. a kind of encrypting and decrypting method of 8583 agreements is equipped with main code key using the terminal of 8583 agreements, it is characterised in that: encryption When, des encryption is carried out by the domain bitmap in 8583 protocol data packet of key pair of master key first, and use encrypted number According to the original domain bitmap is replaced, encryption replacement secondly is carried out to 55 numeric field datas in 8583 protocol data packets, finally having encrypted At 8583 protocol data packets in data mart modeling at ciphertext;When decryption, ciphertext is reversely processed obtain ciphertext data first, It is secondary to ciphertext data carry out parsing obtain the domain bitmap, and with master key to the domain bitmap carry out DES decrypt to obtain it is original The domain bitmap finally restores 55 numeric field datas of encryption.
2. a kind of encrypting and decrypting method of 8583 agreement according to claim 1, characterized in that described to 8583 agreements It is as follows to carry out encryption replacement process for 55 numeric field datas in data packet: first according to 8583 standards, the tag occurred in all 55 domains being arranged At a table, referred to as tag table, the tag in 55 domains is replaced with a byte by one byte representation of index of each tag Tag index.
3. a kind of encrypting and decrypting method of 8583 agreement according to claim 1, characterized in that described that encryption is completed 8583 protocol data packets in data mart modeling include the following steps: 1) at ciphertext by entire 8583 protocol data bag data sequence It is divided into n group, every group of 8 bytes, last less than 8 bytes are supplied with 0;2) first group of data is constant, will be every since second group Group carries out exclusive or with previous group, and the result of exclusive or is as new second group to n-th group of data;3) by constant first group of data with New second group forms the matrix of n row x8 column to n-th group of data, and matrix ranks are exchanged, and obtains the new of a 8 row xn column Matrix, which is ciphertext.
4. a kind of encrypting and decrypting method of 8583 agreement according to claim 1 or 3, characterized in that the ciphertext is anti- Obtaining ciphertext data to processing includes following steps: 1) ciphertext being divided into 8 rows, n data of every row regard a 8 row xn column as Matrix;2) matrix ranks are exchanged, so as to obtain the permutation matrix of n row x8 column;3) since n-th group, by every group Exclusive or is carried out with previous group, the result of exclusive or is so repeated as new n-th group, replaced until second group with first group of exclusive or Second group of Cheng Xin, and first group constant obtains new n group ciphertext data.
5. a kind of encrypting and decrypting method of 8583 agreement according to claim 1 or 2, characterized in that described will encryption 55 numeric field data reduction processes, be that the tag index in obtained 55 numeric field datas of decryption is substituted for practical tag, completion all solutions It is close.
CN201910024059.7A 2019-01-10 2019-01-10 Encryption and decryption method of 8583 protocol Active CN109784076B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910024059.7A CN109784076B (en) 2019-01-10 2019-01-10 Encryption and decryption method of 8583 protocol

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910024059.7A CN109784076B (en) 2019-01-10 2019-01-10 Encryption and decryption method of 8583 protocol

Publications (2)

Publication Number Publication Date
CN109784076A true CN109784076A (en) 2019-05-21
CN109784076B CN109784076B (en) 2021-07-06

Family

ID=66500164

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910024059.7A Active CN109784076B (en) 2019-01-10 2019-01-10 Encryption and decryption method of 8583 protocol

Country Status (1)

Country Link
CN (1) CN109784076B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101877100A (en) * 2010-03-23 2010-11-03 苏州德融嘉信信用管理技术有限公司 Multi-channel access module based on bank preposing service platform and access method thereof
CN108270549A (en) * 2017-12-28 2018-07-10 深圳市泛海三江科技发展有限公司 The key encryption of remote control gate inhibition a kind of and decryption method

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101877100A (en) * 2010-03-23 2010-11-03 苏州德融嘉信信用管理技术有限公司 Multi-channel access module based on bank preposing service platform and access method thereof
CN108270549A (en) * 2017-12-28 2018-07-10 深圳市泛海三江科技发展有限公司 The key encryption of remote control gate inhibition a kind of and decryption method

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
吕晶: "银行增值服务系统通讯子系统的研究与实现", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *
胡艳 等: "浅谈 ISO8583协议数据加密和网络安全传输技术", 《信息通信》 *

Also Published As

Publication number Publication date
CN109784076B (en) 2021-07-06

Similar Documents

Publication Publication Date Title
CN107197037B (en) A kind of data access method and system with audit function based on Cloud Server
US20230254122A1 (en) Secret material exchange and authentication cryptography operations
CN106663387A (en) Encryption/decryption function generating method, an encryption/decryption method and related apparatuses
JPH0338131A (en) Method of using the key, whichis coded in computer network, as the key identifier in data packet
WO2016058404A1 (en) Entity authentication method and device based on pre-shared key
CN106027235A (en) PCI password card, and password operation method and system for massive keys
CN108768620A (en) A kind of data processing method and device
CN113365270B (en) RFID multi-label joint authentication system and method based on application of Internet of things
CN110400212A (en) A kind of block chain finance big data processing system and method
CN106921485A (en) Encrypting and decrypting method based on matrix operation
CN107070642A (en) Multi-brand cipher machine heterogeneous resource pond multiplexing technology
Arshad et al. Construction of highly nonlinear substitution boxes (S-boxes) based on connected regular graphs
Penchalaiah et al. Effective Comparison and evaluation of DES and Rijndael Algorithm (AES)
CN105915345B (en) The implementation method of licensed-type production and restructuring in a kind of family gateway equipment production test
CN109784076A (en) A kind of encrypting and decrypting method of 8583 agreement
CN106712952A (en) Radio frequency tag safety identification method and system
CN107317673A (en) A kind of intelligent electric energy meter communication encryption algorithm
CN108055268A (en) A kind of method based on PCIe link data penetration transmission encryption and decryption
CN103944718B (en) Data processing method for ATM machine-core encryption and decryption device
Kar et al. An improved data security using DNA sequencing
CN106921486A (en) The method and apparatus of data encryption
US20240214193A1 (en) Method and Apparatus for Generating Working Key, and Computer-Readable Storage Medium
CN102968598B (en) The decryption method of digital document
Qin et al. Research on point-to-point encryption method of power system communication data based on block chain technology
CN111639943A (en) Digital currency transaction method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant