CN118249998A - Key replacement, renting transaction and password modification method based on full-automatic safe deposit box system - Google Patents

Key replacement, renting transaction and password modification method based on full-automatic safe deposit box system Download PDF

Info

Publication number
CN118249998A
CN118249998A CN202410338737.8A CN202410338737A CN118249998A CN 118249998 A CN118249998 A CN 118249998A CN 202410338737 A CN202410338737 A CN 202410338737A CN 118249998 A CN118249998 A CN 118249998A
Authority
CN
China
Prior art keywords
deposit box
safe deposit
password
full
box system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202410338737.8A
Other languages
Chinese (zh)
Inventor
王春锋
毛小平
彭正强
侯成龙
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Industrial and Commercial Bank of China Ltd ICBC
Original Assignee
Industrial and Commercial Bank of China Ltd ICBC
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Industrial and Commercial Bank of China Ltd ICBC filed Critical Industrial and Commercial Bank of China Ltd ICBC
Priority to CN202410338737.8A priority Critical patent/CN118249998A/en
Publication of CN118249998A publication Critical patent/CN118249998A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/04Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Accounting & Taxation (AREA)
  • Finance (AREA)
  • Technology Law (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Marketing (AREA)
  • Economics (AREA)
  • Development Economics (AREA)
  • Lock And Its Accessories (AREA)

Abstract

The present disclosure provides a key exchange, renting and password modification method based on a full-automatic safe deposit box system, which can be applied to the financial field, and the method comprises: responding to a check-in transaction initiated by the low-cabinet terminal, and calling a password keyboard by the full-automatic safe deposit box system to randomly generate a public-private key pair, wherein the generated public-private key pair comprises a public key and a private key which are matched with each other, the public key is stored in the full-automatic safe deposit box system, and the private key is stored in the low-cabinet terminal; the full-automatic safe deposit box system forwards the public key to the encryption service platform and initiates a generation request of the working key to the encryption service platform; the encryption service platform generates a first working key and a second working key based on the generation request, and returns the first working key and the second working key to the full-automatic safe deposit box system; the full-automatic safe deposit box system transmits the second working key to the low-cabinet terminal so that the low-cabinet terminal can replace the private key with the second working key.

Description

Key replacement, renting transaction and password modification method based on full-automatic safe deposit box system
Technical Field
The disclosure relates to the field of financial science and technology, in particular to a key replacement, renting transaction and password modification method based on a full-automatic safe deposit box system.
Background
At present, in the financial field, the development is going to the networking direction, more and more banks exchange fund information by means of computer networks, so that the security of transferring the fund information by the networks is ensured, illegal theft and modification are prevented, and the method becomes a main target in the informatization construction process of the banking networks. In the prior art of bank password keyboard encryption, a fixed key and a non-national encryption algorithm are adopted to carry out password encryption and encryption verification on a website counter password keyboard, but the fixed key is adopted to have the risk of being stolen by a hacker, and the non-national encryption algorithm is adopted to have the risk of being broken.
Disclosure of Invention
In view of the foregoing, the present disclosure provides a method and apparatus for key exchange, rental box transaction, and password modification based on a fully automated safe deposit box system. The method solves the defects in the prior encryption technology, ensures the integrity of counter transaction of the full-automatic safe deposit box system and the confidentiality of user passwords through the dynamic key replacement, the password encryption technology and the password encryption technology, and can be realized simply, has low implementation cost and effectively prevents hacking.
According to a first aspect of the present disclosure, there is provided a key exchange method based on a full-automatic safe deposit box system, the full-automatic safe deposit box system being respectively connected to a low-cabinet terminal and an encryption service platform, the low-cabinet terminal being configured with a password keyboard, the method comprising: responding to a check-in transaction initiated by the low-cabinet terminal, and calling a password keyboard by the full-automatic safe deposit box system to randomly generate a public-private key pair, wherein the generated public-private key pair comprises a public key and a private key which are matched with each other, the public key is stored in the full-automatic safe deposit box system, and the private key is stored in the low-cabinet terminal; the full-automatic safe deposit box system forwards the public key to the encryption service platform and initiates a generation request of the working key to the encryption service platform; the encryption service platform generates a first working key and a second working key based on the generation request, and returns the first working key and the second working key to the full-automatic safe deposit box system; the full-automatic safe deposit box system transmits the second working key to the low-cabinet terminal so that the low-cabinet terminal can replace the private key with the second working key.
According to an embodiment of the disclosure, an encryption service platform generates a first work key and a second work key based on a generation request, wherein; the first working key is ciphertext for verifying the password and the second working key is a key for encrypting the public key.
According to a second aspect of the present disclosure, there is provided a method for renting a case based on a full-automatic safe deposit box system, the full-automatic safe deposit box system being respectively connected to a low-case terminal and an encryption service platform, the low-case terminal being configured with a password keyboard, the method comprising a secret verification and a reserved safe deposit box password process, wherein the secret verification comprises: responding to the renting case transaction requirement, generating a first password ciphertext encrypted by a working key by the low-case terminal through a password keyboard, and sending the first password ciphertext to a full-automatic safe deposit box system; the full-automatic safe deposit box system sends the first cipher text to the encryption service platform; according to the first cipher text, the encryption service platform generates a first national encryption code envelope and sends the first national encryption code envelope to the full-automatic safe deposit box system; the full-automatic safe deposit box system sends the first national secret code envelope to a personal settlement application for secret verification; the personal settlement application sends the verification results to the full-automatic safe deposit box system to complete the verification.
According to an embodiment of the present disclosure, reservation safe deposit box cryptographic processing includes: acquiring authorization of a user to input information; after the authorization of the user to enter information is obtained, a safe deposit box password is entered through the low-cabinet terminal, wherein the low-cabinet terminal encrypts the safe deposit box password to obtain a second password ciphertext and sends the second password ciphertext to the full-automatic safe deposit box system; the full-automatic safe deposit box system calls an encryption service platform and uploads a working key in an encryption machine format, a second password ciphertext and a safe deposit box number to obtain a second national password envelope; the full-automatic safe deposit box system calls the encryption service platform again and uploads the second national encryption code envelope and the safe deposit box number to obtain a storage ciphertext and store the storage ciphertext.
According to a third aspect of the present disclosure, there is provided a password modification transaction method based on a full-automatic safe deposit box system, the full-automatic safe deposit box system being respectively connected to a low-cabinet terminal and an encryption service platform, the low-cabinet terminal being configured with a password keyboard, the method comprising an original safe deposit box encryption verification and a safe deposit box password modification process, wherein the original safe deposit box encryption verification process comprises: acquiring authorization of a user for inputting an original safe deposit box password; after the authorization of the user to input the original safe deposit box password is obtained, the original safe deposit box password is input through the low-cabinet terminal, wherein the low-cabinet terminal encrypts the original safe deposit box password through the working key and then sends the encrypted original safe deposit box password to the full-automatic safe deposit box system; the full-automatic safe deposit box system transmits the encrypted information of the original safe deposit box to the encrypted service platform; and the encryption service platform returns the encryption verification result to the full-automatic safe deposit box system, and the full-automatic safe deposit box system is transferred to the low-cabinet terminal.
According to an embodiment of the present disclosure, modifying a safe deposit box cryptographic process includes: when the original safe deposit box password passes the verification, the user inputs a target safe deposit box password through the low-cabinet terminal, and the target safe deposit box password is transmitted to the full-automatic safe deposit box system after being encrypted by the working key; the full-automatic safe deposit box system transmits the safe deposit box number, the target safe deposit box password and the working key to the encryption service platform to obtain a target safe deposit box password envelope; the encryption service platform sends the target safe deposit box password envelope to the full-automatic safe deposit box system.
According to a fourth aspect of the present disclosure, there is provided a key exchange device based on a full-automatic safe deposit box system, the full-automatic safe deposit box system being respectively connected to a low-cabinet terminal and an encryption service platform, the low-cabinet terminal being configured with a password keyboard, the device comprising: the system comprises a public and private key pair generation module, a key request sending module, a working key generation module and a key replacement module, wherein the public and private key pair generation module, the key request sending module, the working key generation module and the key replacement module are used for generating public and private keys; the public and private key pair generation module is used for responding to a check-in transaction initiated by the low-cabinet terminal, the full-automatic safe deposit box system calls the password keyboard to randomly generate a public and private key pair, wherein the generated public and private key pair comprises a public key and a private key which are matched with each other, the public key is stored in the full-automatic safe deposit box system, and the private key is stored in the low-cabinet terminal; the key request sending module is used for forwarding the public key to the encryption service platform by the full-automatic safe deposit box system and initiating a generation request of the working key to the encryption service platform; the encryption service platform is used for generating a first working key and a second working key based on the generation request and returning the first working key and the second working key to the full-automatic safe deposit box system; and the key replacement module is used for transmitting the second working key to the low-cabinet terminal by the full-automatic safe deposit box system so that the low-cabinet terminal can replace the private key with the second working key.
According to a fifth aspect of the present disclosure, there is provided a rental box transaction device based on a full-automatic safe deposit box system, the full-automatic safe deposit box system is respectively connected with a low-cabinet terminal and an encryption service platform, the low-cabinet terminal is configured with a password keyboard, the device comprises a secret verification module and a reserved safe deposit box password processing module, wherein the secret verification module comprises: the first ciphertext generating unit is used for responding to the case renting transaction requirement, and the low-cabinet terminal generates a first password ciphertext obtained by encrypting the working key by utilizing the password keyboard and sends the first password ciphertext to the full-automatic safe deposit box system; the first ciphertext sending unit is used for sending the first password ciphertext to the encryption service platform by the full-automatic safe deposit box system; the first password envelope generation unit is used for generating a first national password envelope according to the first password ciphertext by the encryption service platform and sending the first national password envelope to the full-automatic safe deposit box system; the first national security code envelope sending unit is used for sending the first national security code envelope to a personal settlement application by the full-automatic safe deposit box system for verification processing; and the secret verification unit is used for personal settlement application and sending the secret verification result to the full-automatic safe deposit box system so as to finish secret verification.
According to an embodiment of the present disclosure, a reservation safe deposit box cryptographic processing module includes: the user authorization unit is used for acquiring the authorization of the user to the input information; the password input unit is used for inputting the safe deposit box password through the low-cabinet terminal after the authorization of the user input information is obtained, wherein the low-cabinet terminal encrypts the safe deposit box password to obtain a second password ciphertext and sends the second password ciphertext to the full-automatic safe deposit box system; the second password envelope generating unit is used for calling the encryption service platform by the full-automatic safe deposit box system and uploading the working key in the format of the encryptor, the second password ciphertext and the safe deposit box number to obtain a second national password envelope; and the ciphertext storage unit is used for calling the encryption service platform again by the full-automatic safe deposit box system, uploading the second national password envelope and the safe deposit box number, obtaining the stored ciphertext and storing the stored ciphertext.
According to a sixth aspect of the present disclosure, there is provided a password modification transaction apparatus based on a full-automatic safe deposit box system, the full-automatic safe deposit box system being respectively connected to a low-cabinet terminal and an encryption service platform, the low-cabinet terminal being configured with a password keyboard, the apparatus comprising an original safe deposit box password verification module and a modified safe deposit box password processing module, wherein the original safe deposit box password verification module comprises: the user authorization unit is used for acquiring the authorization of a user for inputting the original safe deposit box password; the system comprises an original password input unit, a low-cabinet terminal and a full-automatic safe deposit box system, wherein the original password input unit is used for inputting the original safe deposit box password through the low-cabinet terminal after obtaining the authorization of inputting the original safe deposit box password by a user, and the low-cabinet terminal encrypts the original safe deposit box password through a working key and then sends the encrypted original safe deposit box password to the full-automatic safe deposit box system; the encryption information sending unit is used for transmitting the encryption information of the original safe deposit box to the encryption service platform by the full-automatic safe deposit box system; and the encryption service platform is used for sending the encryption result to the full-automatic safe deposit box system, and the full-automatic safe deposit box system is transferred to the low-cabinet terminal.
According to an embodiment of the present disclosure, a modified safe deposit box cryptographic processing module includes: a target password generating unit for generating a target safe deposit box password input by a user through a low-cabinet terminal after the original safe deposit box password passes the verification, the target safe deposit box password is encrypted by the working key and then transmitted to the full-automatic safe deposit box system; the target password envelope generation unit is used for transmitting the safe deposit box number, the target safe deposit box password and the working key to the encryption service platform by the full-automatic safe deposit box system to obtain the target safe deposit box password envelope; and the target password envelope sending unit is used for sending the target safe deposit box password envelope to the full-automatic safe deposit box system by the encryption service platform.
Drawings
The foregoing and other objects, features and advantages of the disclosure will be more apparent from the following description of embodiments of the disclosure with reference to the accompanying drawings, in which:
FIG. 1 schematically illustrates a system architecture suitable for full-automatic safe deposit box system-based key exchange, lease transaction and password modification methods and apparatus in accordance with embodiments of the present disclosure;
FIG. 2 schematically illustrates a flow chart of a method of rekeying based on a fully automated safe deposit box system according to an embodiment of the present disclosure;
FIG. 3 schematically illustrates a flow chart of verification in a rental box transaction method based on a fully automated safe deposit box system, in accordance with an embodiment of the present disclosure;
FIG. 4 schematically illustrates a flow diagram of a reserve safe deposit box password process in a fully automated safe deposit box system-based rental box transaction method, in accordance with an embodiment of the present disclosure;
FIG. 5 schematically illustrates a flow diagram for verification in a password modified transaction method based on a fully automated safe deposit box system according to an embodiment of the present disclosure;
FIG. 6 schematically illustrates a flow diagram of a process for modifying a safe deposit box password in a password modification transaction method based on a fully automated safe deposit box system according to an embodiment of the present disclosure;
FIG. 7 schematically illustrates a block diagram of a key exchange device based on a fully automated safe deposit box system according to an embodiment of the present disclosure;
FIG. 8 schematically illustrates a block diagram of a rental box transaction device based on a fully automated safe deposit box system, in accordance with an embodiment of the present disclosure;
Fig. 9 schematically illustrates a block diagram of a password-modified transaction device based on a fully automated safe deposit box system according to an embodiment of the present disclosure.
Detailed Description
Hereinafter, embodiments of the present disclosure will be described with reference to the accompanying drawings. It should be understood that the description is only exemplary and is not intended to limit the scope of the present disclosure. In the following detailed description, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of the embodiments of the present disclosure. It may be evident, however, that one or more embodiments may be practiced without these specific details. In addition, in the following description, descriptions of well-known structures and techniques are omitted so as not to unnecessarily obscure the concepts of the present disclosure.
The terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the disclosure. The terms "comprises," "comprising," and/or the like, as used herein, specify the presence of stated features, steps, operations, and/or components, but do not preclude the presence or addition of one or more other features, steps, operations, or components.
All terms (including technical and scientific terms) used herein have the same meaning as commonly understood by one of ordinary skill in the art unless otherwise defined. It should be noted that the terms used herein should be construed to have meanings consistent with the context of the present specification and should not be construed in an idealized or overly formal manner.
Where a convention analogous to "at least one of A, B and C, etc." is used, in general such a convention should be interpreted in accordance with the meaning of one of skill in the art having generally understood the convention (e.g., "a system having at least one of A, B and C" would include, but not be limited to, systems having a alone, B alone, C alone, a and B together, a and C together, B and C together, and/or A, B, C together, etc.).
Some of the block diagrams and/or flowchart illustrations are shown in the figures. It will be understood that some blocks of the block diagrams and/or flowchart illustrations, or combinations of blocks in the block diagrams and/or flowchart illustrations, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the instructions, when executed by the processor, create means for implementing the functions/acts specified in the block diagrams and/or flowchart. The techniques of this disclosure may be implemented in hardware and/or software (including firmware, microcode, etc.). Additionally, the techniques of this disclosure may take the form of a computer-readable storage medium having stored thereon instructions that, when executed by a processor, cause the processor to perform the methods of this disclosure.
In the technical solution of the present disclosure, the related user information (including, but not limited to, user personal information, user image information, user equipment information, such as location information, etc.) and data (including, but not limited to, data for analysis, stored data, displayed data, etc.) are information and data authorized by the user or sufficiently authorized by each party, and the related data is collected, stored, used, processed, transmitted, provided, disclosed, applied, etc. in compliance with relevant laws and regulations and standards, necessary security measures are taken, no prejudice to the public order colloquia is provided, and corresponding operation entries are provided for the user to select authorization or rejection.
In the scenario of using personal information to make an automated decision, the method, the device and the system provided by the embodiment of the disclosure provide corresponding operation inlets for users, so that the users can choose to agree or reject the automated decision result; if the user selects refusal, the expert decision flow is entered. The expression "automated decision" here refers to an activity of automatically analyzing, assessing the behavioral habits, hobbies or economic, health, credit status of an individual, etc. by means of a computer program, and making a decision. The expression "expert decision" here refers to an activity of making a decision by a person who is specializing in a certain field of work, has specialized experience, knowledge and skills and reaches a certain level of expertise.
Before describing in detail specific embodiments of the present disclosure, technical terms are first explained in order to facilitate a better understanding of the present disclosure. A personal full-automatic safe deposit box service management system (for short, a full-automatic safe deposit box system): the network point deploys full-automatic safe deposit box equipment to provide safe deposit box service.
The embodiment of the disclosure provides a key replacement, renting transaction and password modification method based on a full-automatic safe deposit box system, wherein the full-automatic safe deposit box system is respectively connected with a low-cabinet terminal and an encryption service platform, and the low-cabinet terminal is configured with a password keyboard, and the method comprises the following steps: a key replacement method based on a full-automatic safe deposit box system, a renting transaction method based on the full-automatic safe deposit box system and a password modification method based on the full-automatic safe deposit box system. The key replacement method based on the full-automatic safe deposit box system comprises the following steps: responding to a check-in transaction initiated by the low-cabinet terminal, and calling a password keyboard by the full-automatic safe deposit box system to randomly generate a public-private key pair, wherein the generated public-private key pair comprises a public key and a private key which are matched with each other, the public key is stored in the full-automatic safe deposit box system, and the private key is stored in the low-cabinet terminal; the full-automatic safe deposit box system forwards the public key to the encryption service platform and initiates a generation request of the working key to the encryption service platform; the encryption service platform generates a first working key and a second working key based on the generation request, and returns the first working key and the second working key to the full-automatic safe deposit box system; the full-automatic safe deposit box system transmits the second working key to the low-cabinet terminal so that the low-cabinet terminal can replace the private key with the second working key.
According to the embodiment of the disclosure, the defects in the prior encryption technology are overcome, the integrity of counter transaction of the full-automatic safe deposit box system and the confidentiality of user passwords are ensured through the dynamic key replacement, the password encryption technology and the password verification technology, and the method is simple to realize, low in implementation cost and capable of effectively preventing hacking.
Fig. 1 schematically illustrates a system architecture suitable for full-automatic safe deposit box system-based key exchange, lease transaction and password modification methods and apparatus in accordance with an embodiment of the present disclosure. It should be noted that fig. 1 is only an example of a system architecture to which embodiments of the present disclosure may be applied to assist those skilled in the art in understanding the technical content of the present disclosure, but does not mean that embodiments of the present disclosure may not be used in other devices, systems, environments, or scenarios.
As shown in fig. 1, a system architecture 100 according to this embodiment may include low-level terminals 101, 102, 103, a full-automatic safe deposit box system 104, and an encryption service platform 105, the full-automatic safe deposit box system 104 being communicatively connected to clients 101, 102, 103, and the encryption service platform 105, respectively.
A user may interact with the fully automated safe system 104 using clients 101, 102, 103 to receive or send messages, etc. Various communication client applications may be installed on clients 101, 102, 103, such as shopping class applications, web browser applications, search class applications, instant messaging tools, mailbox clients, social platform software, and the like (by way of example only).
The clients 101, 102, 103 may be a variety of electronic devices having a display screen and supporting web browsing, including but not limited to smartphones, tablets, laptop and desktop computers, and the like.
The full-automatic safe deposit box system 104 is a banking-generation safe deposit box device capable of providing 24-hour service for renters, and is integrated with multiple sophisticated technologies of storing service, monitoring, inquiring, and the whole year old, and the operation process comprises customer identification, operation guidance, safe deposit box withdrawal and return, and use condition recording.
It should be noted that the method for key exchange, rental box transaction, and password modification based on the fully automatic safe deposit box system provided in the embodiments of the present disclosure may be generally performed by the fully automatic safe deposit box system 104. Accordingly, the key exchange, rental box transaction, and password modification devices provided by embodiments of the present disclosure that are based on a fully automated safe deposit box system may generally be provided in the fully automated safe deposit box system 104.
It should be understood that the number of clients, fully automated safe deposit box systems, and encryption service platforms in FIG. 1 are merely illustrative. Any number of clients, fully automated safe deposit box systems, and encryption service platforms may be provided, as desired.
The key exchange, rental box transaction, and password modification method based on the full-automatic safe deposit box system of the disclosed embodiment will be described in detail with reference to fig. 2 to 6 based on the system architecture described in fig. 1.
Fig. 2 schematically illustrates a flow chart of a method of rekeying based on a fully automated safe deposit box system according to an embodiment of the present disclosure. The full-automatic safe deposit box system is respectively connected with the low-cabinet terminal and the encryption service platform, and the low-cabinet terminal is configured with a password keyboard, as shown in fig. 2, and the method may further comprise operations S210 to S240.
In operation S210, in response to the check-in transaction initiated by the low-level terminal, the full-automatic safe deposit box system invokes the password keyboard to randomly generate a public-private key pair, wherein the generated public-private key pair includes a public key and a private key paired with each other, the public key is stored in the full-automatic safe deposit box system, and the private key is stored in the low-level terminal.
In operation S220, the full-automatic safe deposit box system forwards the public key to the encryption service platform and initiates a request for generating a working key to the encryption service platform.
Specifically, a daily teller (or user) initiates a check-in transaction through a low-cabinet terminal, the full-automatic safe deposit box system calls a key generation interface of a double-screen password keyboard, and a public and private key pair is randomly generated by using an asymmetric algorithm. The public key pair is generated and comprises a public key and a private key which are paired with each other, the public key is stored in the full-automatic safe deposit box system, and the private key is stored in the low-cabinet terminal.
In operation S230, the encryption service platform generates a first work key and a second work key based on the generation request, and returns the first work key and the second work key to the full-automatic safe deposit box system.
The public key is forwarded to an encryption service platform in the full-automatic safe deposit box system, and a generation request of the working key is initiated to an HSM (encryption service platform). According to the generation request, the encryption service platform generates two keys by using a symmetric algorithm, wherein the two keys comprise a first working key and a second working key, the first working key is ciphertext for verifying the password, and the second working key is a key for encrypting the public key.
In operation S240, the full automatic safe deposit box system transfers the second working key to the low-cabinet terminal so that the low-cabinet terminal replaces the private key with the second working key.
And then, the full-automatic safe deposit box system transmits the second working key to the low-cabinet terminal so that the low-cabinet terminal can change the private key into the second working key, and the key change of the low-cabinet password keyboard on the same day is completed.
In the key exchange method of the full-automatic safe deposit box system, the full-automatic safe deposit box management system stores the working key of the current day, wherein the table structure records corresponding to the double-screen password keyboards of the full-automatic safe deposit box equipment and the low-cabinet terminal have fields for storing the key, and the rule is that the number of the full-automatic safe deposit box equipment (the number of the low-cabinet terminal) is mapped corresponding to the working key of the current day.
Through the embodiment of the disclosure, the transaction time, the transaction channel and the message integrity MAC (message authentication code) are controlled to efficiently prevent replay attack through dynamic key replacement, so that confidentiality of counter transaction of the full-automatic safe deposit box system is effectively ensured.
In the embodiment of the disclosure, for example, a daily one-day password mechanism is adopted, a teller signs in every day, a working key of a double-screen password keyboard is updated, and a low cabinet is configured with a double-screen password keyboard to check a bank card and reserve a safe deposit box password. The following describes the process of verifying the bank card and reserving the safe deposit box password in detail.
Fig. 3 schematically illustrates a flow chart of verification in a rental box transaction method based on a fully automated safe deposit box system, according to an embodiment of the present disclosure. Operations S310 to S350 may be further included as shown in fig. 3.
In operation S310, in response to the rental box transaction requirement, the low-cabinet terminal generates a first cipher text encrypted by the working key using the cipher keyboard, and transmits the first cipher text to the full-automatic safe deposit box system.
In an embodiment of the present disclosure, a rental box transaction is first bank card authenticated and then a safe deposit box password is reserved. It should be noted that, the ciphertext encrypted by the dual-screen password keyboard is a non-card password standard, and the HSM is required to provide a function of converting the password into the card password. The bank card secret verification flow is consistent with the safe deposit box secret verification flow by calling the HSM service.
For example, a user performs a case renting transaction through a low-cabinet terminal, a bank card password input by the user, and a low-cabinet double-screen password keyboard carries out a primary account number (ANSIX 9.8) encryption format according to a Unionpay specification, and a password ciphertext (pinblock) obtained by encrypting a bank card number/account number and a password plaintext by using a key is transmitted to a full-automatic safe deposit box system.
In operation S320, the full-automatic safe deposit box system transmits the first ciphertext to the encryption service platform.
In an embodiment of the present disclosure, the full automatic safe deposit box system invokes the HSM interface service to upload the working key (sm 4 WKey), the first cipher text (pinblock) and the bank card number/account number (cardno) in the encryptor format to the encryption service platform.
In operation S330, the encryption service platform generates a first cryptographic envelope according to the first cryptographic ciphertext and transmits the first cryptographic envelope to the full-automatic safe deposit box system.
In operation S340, the full-automatic safe deposit box system transmits the first national security code envelope to the personal settlement application for the verification process.
In operation S350, the personal settlement application transmits the encryption verification result to the full-automatic safe deposit box system to complete encryption verification.
Specifically, the encryption service platform returns a national password envelope, generates a first national password envelope according to a first password ciphertext, sends the first national password envelope to the full-automatic safe deposit box system, and sends the obtained first national password envelope and a bank card number/account number to the personal settlement application for verification, so that a verification result is obtained.
Fig. 4 schematically illustrates a flowchart of a reserve safe deposit box password process in a fully automatic safe deposit box system-based rental box transaction method, in accordance with an embodiment of the present disclosure. Operations S410 to S440 may be further included as shown in fig. 4.
In operation S410, authorization of the user to enter information is obtained.
In operation S420, after the authorization of the user to enter the information is obtained, the safe deposit box password is entered through the low-deposit box terminal, wherein the low-deposit box terminal encrypts the safe deposit box password to obtain the second password ciphertext and sends the second password ciphertext to the full-automatic safe deposit box system.
Specifically, a user inputs a safe deposit box password through a low-deposit box terminal, and the low-deposit box work key, the safe deposit box number and the safe deposit box password are encrypted according to a Union code (ANSIX 9.8) format to obtain a second password ciphertext and then transmitted to a full-automatic safe deposit box system.
In operation S430, the full-automatic safe deposit box system calls the encryption service platform and uploads the working key in the encryptor format, the second cipher text and the safe deposit box number to obtain a second national encryption code envelope.
In operation S440, the full-automatic safe deposit box system calls the encryption service platform again and uploads the second national security code envelope and the safe deposit box number, and the stored ciphertext is obtained and stored.
In an embodiment of the present disclosure, the fully automated safe deposit box system invokes the HSM service and uploads the working key in encryptor format (sm 4 WKey), the second cipher text (pinblock) and the safe deposit box number (boxNo) to obtain a second national cryptographic envelope.
By the embodiment of the disclosure, the integrity of counter transaction of the full-automatic safe deposit box system and the confidentiality of customer passwords are ensured by the password encryption technology and the password verification technology.
Fig. 5 schematically illustrates a flow chart of verification in a password modified transaction method based on a fully automated safe deposit box system according to an embodiment of the present disclosure. Operations S510 to S540 may be further included as shown in fig. 5.
In operation S510, a user' S authorization to enter an original safe deposit box password is obtained.
In operation S520, after obtaining the authorization of the user to input the original safe deposit box password, the original safe deposit box password is input through the low-cabinet terminal, wherein the low-cabinet terminal encrypts the original safe deposit box password through the working key and transmits the encrypted original safe deposit box password to the full-automatic safe deposit box system.
In operation S530, the full-automatic safe deposit box system transmits the encrypted information of the original safe deposit box to the encrypted service platform.
In operation S540, the encryption service platform returns the encryption result to the full-automatic safe deposit box system, and the full-automatic safe deposit box system is transferred to the low-cabinet terminal.
Specifically, the user inputs the original safe deposit box password through the low-cabinet terminal, and the input original safe deposit box password is encrypted through the working key and then is transmitted to the full-automatic safe deposit box system. The full-automatic safe deposit box system transmits the safe deposit box number, the original safe deposit box password ciphertext, the working key and the original safe deposit box password envelope to the encryption service platform. The encryption service platform returns the encryption verification result to the full-automatic safe deposit box system, and the full-automatic safe deposit box system is transferred to the low-cabinet terminal.
After the original safe deposit box password passes the encryption verification, the password modification transaction is started, and the method is as follows:
Fig. 6 schematically illustrates a flowchart of a process for modifying a safe deposit box password in a password modification transaction method based on a fully automated safe deposit box system according to an embodiment of the present disclosure. Operations S610 to S630 may be further included as shown in fig. 6.
In operation S610, when the original safe deposit box password passes the verification, the target safe deposit box password entered by the user through the low-cabinet terminal is transmitted to the full-automatic safe deposit box system after being encrypted by the working key.
In operation S620, the full-automatic safe deposit box system transmits the safe deposit box number, the target safe deposit box password, and the working key to the encryption service platform to obtain a target safe deposit box password envelope.
In operation S630, the encryption service platform transmits the target safe deposit box password envelope to the full-automatic safe deposit box system.
Specifically, after the original safe deposit box password passes the verification, the user inputs the target safe deposit box password through the low-cabinet terminal, and the target safe deposit box password is transmitted to the full-automatic safe deposit box system after being encrypted by the working key. The full-automatic safe deposit box system transmits the safe deposit box number and the target new safe deposit box cipher text and the working key to the encryption service platform. The encryption service platform sends the safe deposit box number, the new safe deposit box password ciphertext and the working key to the full-automatic safe deposit box system.
According to the embodiment of the disclosure, the defects in the prior encryption technology are overcome, the integrity of counter transaction of the full-automatic safe deposit box system and the confidentiality of user passwords are ensured through the dynamic key replacement, the password encryption technology and the password verification technology, and the method is simple to realize, low in implementation cost and capable of effectively preventing hacking.
Based on the key replacement method based on the full-automatic safe deposit box system, the disclosure also provides a key replacement device based on the full-automatic safe deposit box system. The device will be described in detail below in connection with fig. 7.
Fig. 7 schematically illustrates a block diagram of a key exchange apparatus based on a fully automated safe deposit box system according to an embodiment of the present disclosure.
As shown in fig. 7, the key replacing apparatus 700 based on the full-automatic safe deposit box system of this embodiment includes a public-private key pair generating module 710, a key request transmitting module 720, a working key generating module 730, and a key replacing module 740.
The public-private key pair generating module 710 is configured to respond to a check-in transaction initiated by the low-level terminal, and the full-automatic safe deposit box system invokes the password keyboard to randomly generate a public-private key pair, where the generated public-private key pair includes a public key and a private key paired with each other, the public key is stored in the full-automatic safe deposit box system, and the private key is stored in the low-level terminal. In an embodiment, the public-private key pair generating module 710 may be configured to perform the operation S210 described above, which is not described herein.
The key request sending module 720 is configured to forward the public key to the encryption service platform by using the full-automatic safe deposit box system, and initiate a request for generating the working key to the encryption service platform. In an embodiment, the key request sending module 720 may be configured to perform the operation S220 described above, which is not described herein.
The working key generating module 730 is configured to generate a first working key and a second working key based on the generation request by the encryption service platform, and return the first working key and the second working key to the full-automatic safe deposit box system. In an embodiment, the key request sending module 730 may be configured to perform the operation S230 described above, which is not described herein.
The key replacing module 740 is configured to transfer the second working key to the low-cabinet terminal by using the full-automatic safe deposit box system, so that the low-cabinet terminal replaces the private key with the second working key. In an embodiment, the key exchange module 740 may be configured to perform the operation S240 described above, which is not described herein.
Based on the renting case transaction method based on the full-automatic safe deposit box system, the invention also provides a renting case transaction device based on the full-automatic safe deposit box system. The device will be described in detail below in connection with fig. 8.
Fig. 8 schematically illustrates a block diagram of a box renting transaction device based on a fully automated safe deposit box system according to an embodiment of the present disclosure.
As shown in fig. 8, the rental box transaction device based on the full-automatic safe deposit box system includes a verification module 810 and a reserved safe deposit box password processing module 820, wherein the verification module 810 includes:
The first cipher text generating unit is used for responding to the case renting transaction requirement, and the low-cabinet terminal generates a first cipher text obtained by encrypting the working key by utilizing the cipher keyboard and sends the first cipher text to the full-automatic safe deposit box system. In an embodiment, the first ciphertext generating unit may be configured to perform the operation S310 described above, which is not described herein.
And the first ciphertext sending unit is used for sending the first password ciphertext to the encryption service platform by the full-automatic safe deposit box system. In an embodiment, the first ciphertext sending unit may be configured to perform the operation S320 described above, which is not described herein.
The first password envelope generation unit is used for generating a first password envelope according to the first password ciphertext by the encryption service platform and sending the first password envelope to the full-automatic safe deposit box system. In an embodiment, the first cryptographic envelope generating unit may be configured to perform the operation S330 described above, which is not described herein.
And the first national security code envelope sending unit is used for sending the first national security code envelope to a personal settlement application by the full-automatic safe deposit box system for verification processing. In an embodiment, the first tcm envelope sending unit may be configured to perform operation S340 described above, which is not described herein.
And the secret verification unit is used for personal settlement application and sending the secret verification result to the full-automatic safe deposit box system so as to finish secret verification. In an embodiment, the encryption unit may be configured to perform operation S350 described above, which is not described herein.
In an embodiment of the present disclosure, reservation safe deposit box cryptographic handling module 820 includes:
and the user authorization unit is used for acquiring the authorization of the user to the input information. In an embodiment, the user authorization unit may be used to perform the operation S410 described above, which is not described herein.
And the password input unit is used for inputting the safe deposit box password through the low-cabinet terminal after the authorization of the user input information is obtained, wherein the low-cabinet terminal encrypts the safe deposit box password to obtain a second password ciphertext and sends the second password ciphertext to the full-automatic safe deposit box system. In an embodiment, the password entry unit may be used to perform the operation S420 described above, which is not described herein.
And the second password envelope generating unit is used for calling the encryption service platform by the full-automatic safe deposit box system and uploading the working key in the encryption machine format, the second password ciphertext and the safe deposit box number to obtain the second national password envelope. In an embodiment, the second cryptographic envelope generating unit may be configured to perform operation S430 described above, which is not described herein.
And the ciphertext storage unit is used for calling the encryption service platform again by the full-automatic safe deposit box system, uploading the second national password envelope and the safe deposit box number, obtaining the stored ciphertext and storing the stored ciphertext. In an embodiment, the ciphertext storage unit may be used to perform operation S440 described above, which is not described herein.
Based on the password modification transaction method based on the full-automatic safe deposit box system, the disclosure also provides a password modification transaction device based on the full-automatic safe deposit box system. The device will be described in detail below in connection with fig. 9.
Fig. 9 schematically illustrates a block diagram of a password-modified transaction device based on a fully automated safe deposit box system according to an embodiment of the present disclosure.
As shown in fig. 9, the password modification transaction apparatus based on the full-automatic safe deposit box system includes an original safe deposit box password verification module 910 and a modified safe deposit box password processing module 920, wherein the original safe deposit box password verification module 910 includes:
And the user authorization unit is used for acquiring the user authorization for inputting the original safe deposit box password. In an embodiment, the user authorization unit may be used to perform the operation S510 described above, which is not described herein.
The system comprises an original password input unit, a low-cabinet terminal and a full-automatic safe deposit box system, wherein the original password input unit is used for inputting the original safe deposit box password through the low-cabinet terminal after obtaining the authorization of inputting the original safe deposit box password by a user, and the low-cabinet terminal encrypts the original safe deposit box password through a working key and then sends the encrypted original safe deposit box password to the full-automatic safe deposit box system. In an embodiment, the original password entry unit may be used to perform the operation S520 described above, which is not described herein.
And the encryption information sending unit is used for transmitting the encryption information of the original safe deposit box to the encryption service platform by the full-automatic safe deposit box system. In an embodiment, the encryption information sending unit may be configured to perform the operation S530 described above, which is not described herein.
And the encryption service platform is used for sending the encryption result to the full-automatic safe deposit box system, and the full-automatic safe deposit box system is transferred to the low-cabinet terminal. In an embodiment, the encryption result generating unit may be configured to perform the operation S540 described above, which is not described herein.
In an embodiment of the present disclosure, the modification safe deposit box cryptographic processing module 920 includes:
A target password generating unit for generating a target safe deposit box password input by a user through a low-cabinet terminal after the original safe deposit box password passes the verification, the target safe deposit box password is transmitted to the full-automatic safe deposit box system after being encrypted by the working key. In an embodiment, the target password generating unit may be used to perform the operation S610 described above, which is not described herein.
And the target password envelope generation unit is used for transmitting the safe deposit box number, the target safe deposit box password and the working key to the encryption service platform by the full-automatic safe deposit box system to obtain the target safe deposit box password envelope. In an embodiment, the target cryptographic envelope generating unit may be configured to perform operation S620 described above, which is not described herein.
And the target password envelope sending unit is used for sending the target safe deposit box password envelope to the full-automatic safe deposit box system by the encryption service platform. In an embodiment, the target cryptographic envelope sending unit may be configured to perform operation S630 described above, which is not described herein.
Any of the above-described modules may be combined in one module to be implemented, or any of the modules may be split into a plurality of modules according to embodiments of the present disclosure. Or at least some of the functionality of one or more of the modules may be combined with, and implemented in, at least some of the functionality of other modules. According to embodiments of the present disclosure, at least one of the foregoing may be implemented at least in part as a hardware circuit, such as a Field Programmable Gate Array (FPGA), a Programmable Logic Array (PLA), a system on a chip, a system on a substrate, a system on a package, an Application Specific Integrated Circuit (ASIC), or as hardware or firmware in any other reasonable manner of integrating or packaging the circuit, or as any one of or a suitable combination of any of three implementations of software, hardware, and firmware. Or at least one of the above may be at least partly implemented as a computer program module which, when run, performs the corresponding function.
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
Those skilled in the art will appreciate that the features recited in the various embodiments of the disclosure and/or in the claims may be provided in a variety of combinations and/or combinations, even if such combinations or combinations are not explicitly recited in the disclosure. In particular, the features recited in the various embodiments of the present disclosure and/or the claims may be variously combined and/or combined without departing from the spirit and teachings of the present disclosure. All such combinations and/or combinations fall within the scope of the present disclosure.
The embodiments of the present disclosure are described above. These examples are for illustrative purposes only and are not intended to limit the scope of the present disclosure. Although the embodiments are described above separately, this does not mean that the measures in the embodiments cannot be used advantageously in combination. The scope of the disclosure is defined by the appended claims and equivalents thereof. Various alternatives and modifications can be made by those skilled in the art without departing from the scope of the disclosure, and such alternatives and modifications are intended to fall within the scope of the disclosure.

Claims (11)

1. The utility model provides a secret key replacement method based on full-automatic safe deposit box system, full-automatic safe deposit box system links to each other with low cabinet terminal and encryption service platform respectively, low cabinet terminal disposes the password keyboard, its characterized in that, the method includes:
Responding to a check-in transaction initiated by a low-cabinet terminal, the full-automatic safe deposit box system calls the password keyboard to randomly generate a public-private key pair, wherein the generated public-private key pair comprises a public key and a private key which are matched with each other, the public key is stored in the full-automatic safe deposit box system, and the private key is stored in the low-cabinet terminal;
The full-automatic safe deposit box system forwards the public key to an encryption service platform and initiates a generation request of a working key to the encryption service platform;
The encryption service platform generates a first working key and a second working key based on the generation request, and returns the first working key and the second working key to the full-automatic safe deposit box system;
the full-automatic safe deposit box system transmits the second working key to the low-cabinet terminal so that the low-cabinet terminal can replace the private key with the second working key.
2. The method for replacing a key based on a full-automatic safe deposit box system according to claim 1, wherein said encryption service platform generates a first work key and a second work key based on said generation request, wherein;
The first working key is ciphertext for verifying a password, and the second working key is a key for encrypting the public key.
3. A rental box transaction method based on a full-automatic safe deposit box system, wherein the full-automatic safe deposit box system is respectively connected with a low-cabinet terminal and an encryption service platform, and the low-cabinet terminal is provided with a password keyboard, and the method is characterized by comprising a secret verification and a reserved safe deposit box password treatment, wherein the secret verification comprises:
Responding to the renting case transaction requirement, the low-cabinet terminal generates a first password ciphertext obtained by encrypting a working key by utilizing the password keyboard and sends the first password ciphertext to the full-automatic safe deposit box system;
the full-automatic safe deposit box system sends the first cipher text to an encryption service platform;
According to the first cipher text, the encryption service platform generates a first national encryption code envelope and sends the first national encryption code envelope to the full-automatic safe deposit box system;
the full-automatic safe deposit box system sends the first national security code envelope to a personal settlement application for verification;
the personal settlement application sends the verification result to the full-automatic safe deposit box system to complete verification.
4. A rental box transaction method based on a fully automatic safe deposit box system as claimed in claim 3, wherein said reserved safe deposit box cryptographic process comprises:
acquiring authorization of a user to input information;
after the authorization of the user to enter information is obtained, a safe deposit box password is entered through a low-cabinet terminal, wherein the low-cabinet terminal encrypts the safe deposit box password to obtain a second password ciphertext and sends the second password ciphertext to the full-automatic safe deposit box system;
the full-automatic safe deposit box system calls the encryption service platform and uploads a working key in an encryption machine format, a second password ciphertext and a safe deposit box number to obtain a second national password envelope;
and the full-automatic safe deposit box system calls the encryption service platform again and uploads the second national encryption code envelope and the safe deposit box number to obtain a storage ciphertext and store the storage ciphertext.
5. A cryptographic modification transaction method based on a fully automatic safe deposit box system, the fully automatic safe deposit box system being respectively connected with a low-cabinet terminal and an encryption service platform, the low-cabinet terminal being configured with a cryptographic keyboard, the method comprising an original safe deposit box encryption verification and a safe deposit box cryptographic modification process, wherein the original safe deposit box encryption verification process comprises:
acquiring authorization of a user for inputting an original safe deposit box password;
After the authorization of a user to input an original safe deposit box password is obtained, the original safe deposit box password is input through a low-cabinet terminal, wherein the low-cabinet terminal encrypts the original safe deposit box password through a working key and then sends the encrypted original safe deposit box password to the full-automatic safe deposit box system;
The full-automatic safe deposit box system transmits the encryption information of the original safe deposit box to an encryption service platform;
and the encryption service platform returns the encryption verification result to the full-automatic safe deposit box system, and the full-automatic safe deposit box system is transferred to the low-cabinet terminal.
6. A method of modifying a transaction based on a fully automated safe deposit box system according to claim 5, wherein said modifying a safe deposit box cryptographic process comprises:
When the original safe deposit box password passes the verification, the user inputs a target safe deposit box password through the low-cabinet terminal, and the target safe deposit box password is transmitted to the full-automatic safe deposit box system after being encrypted by the working key;
the full-automatic safe deposit box system transmits the safe deposit box number, the target safe deposit box password and the working key to an encryption service platform to obtain a target safe deposit box password envelope;
and the encryption service platform sends the target safe deposit box password envelope to the full-automatic safe deposit box system.
7. A key replacement device based on a full-automatic safe deposit box system, the full-automatic safe deposit box system is respectively connected with a low-cabinet terminal and an encryption service platform, and the low-cabinet terminal is configured with a password keyboard, the device is characterized in that the device comprises: the system comprises a public and private key pair generation module, a key request sending module, a working key generation module and a key replacement module, wherein the public and private key pair generation module, the key request sending module, the working key generation module and the key replacement module are used for generating public and private keys;
The public-private key pair generation module is used for responding to a check-in transaction initiated by a low-cabinet terminal, the full-automatic safe deposit box system calls the password keyboard to randomly generate a public-private key pair, wherein the generated public-private key pair comprises a public key and a private key which are matched with each other, the public key is stored in the full-automatic safe deposit box system, and the private key is stored in the low-cabinet terminal;
The key request sending module is used for forwarding the public key to the encryption service platform by the full-automatic safe deposit box system and initiating a generation request of a working key to the encryption service platform;
The encryption service platform is used for generating a first working key and a second working key based on the generation request and returning the first working key and the second working key to the full-automatic safe deposit box system;
And the key replacement module is used for transmitting the second working key to the low-cabinet terminal by the full-automatic safe deposit box system so that the low-cabinet terminal replaces the private key with the second working key.
8. The utility model provides a renting case transaction device based on full-automatic safe deposit box system, full-automatic safe deposit box system links to each other with low cabinet terminal and encryption service platform respectively, low cabinet terminal configuration has the password keyboard, its characterized in that, the device includes secret module and reserves safe deposit box password processing module, wherein, secret module includes:
the first ciphertext generating unit is used for responding to the renting case transaction requirement, and the low-cabinet terminal generates a first password ciphertext obtained by encrypting the working key by utilizing the password keyboard and sends the first password ciphertext to the full-automatic safe deposit box system;
The first ciphertext sending unit is used for sending the first password ciphertext to the encryption service platform by the full-automatic safe deposit box system;
The first password envelope generation unit is used for generating a first password envelope according to the first password ciphertext by the encryption service platform and sending the first password envelope to the full-automatic safe deposit box system;
a first national security code envelope transmitting unit, configured to transmit the first national security code envelope to a personal settlement application by the full-automatic safe deposit box system for verification processing;
And the secret verification unit is used for the personal settlement application to send the secret verification result to the full-automatic safe deposit box system so as to finish secret verification.
9. The rental box transaction device based on the fully automatic safe deposit box system according to claim 8, wherein the reserved safe deposit box cryptographic processing module includes:
The user authorization unit is used for acquiring the authorization of the user to the input information;
the password input unit is used for inputting a safe deposit box password through a low-cabinet terminal after obtaining the authorization of the user to input information, wherein the low-cabinet terminal encrypts the safe deposit box password to obtain a second password ciphertext and sends the second password ciphertext to the full-automatic safe deposit box system;
The second password envelope generating unit is used for calling the encryption service platform by the full-automatic safe deposit box system and uploading the working key in the encryption machine format, the second password ciphertext and the safe deposit box number to obtain a second national password envelope;
And the ciphertext storage unit is used for calling the encryption service platform again by the full-automatic safe deposit box system, uploading the second national password envelope and the safe deposit box number, obtaining a storage ciphertext and storing the storage ciphertext.
10. The utility model provides a password modification transaction device based on full-automatic safe deposit box system, full-automatic safe deposit box system links to each other with low cabinet terminal and encryption service platform respectively, low cabinet terminal configuration has the password keyboard, its characterized in that, the device includes original safe deposit box secret verification module and modifies safe deposit box password processing module, wherein original safe deposit box secret verification module includes:
The user authorization unit is used for acquiring the authorization of a user for inputting the original safe deposit box password;
the system comprises an original password input unit, a low-cabinet terminal and a full-automatic safe deposit box system, wherein the original password input unit is used for inputting an original safe deposit box password through the low-cabinet terminal after obtaining the authorization of inputting the original safe deposit box password by a user, and the low-cabinet terminal encrypts the original safe deposit box password through a working key and then sends the encrypted original safe deposit box password to the full-automatic safe deposit box system;
the encryption information sending unit is used for transmitting the encryption information of the original safe deposit box to the encryption service platform by the full-automatic safe deposit box system;
and the encryption service platform is used for sending the encryption result to the full-automatic safe deposit box system, and the full-automatic safe deposit box system is transferred to the low-cabinet terminal.
11. A fully automated safe deposit box system based password modifying transaction device according to claim 10, wherein said modifying safe deposit box password processing module comprises:
The target password generating unit is used for inputting a target safe deposit box password through the low-cabinet terminal by a user after the original safe deposit box password passes the encryption, and transmitting the target safe deposit box password to the full-automatic safe deposit box system after the target safe deposit box password is encrypted by the working key;
the target password envelope generation unit is used for transmitting the safe deposit box number, the target safe deposit box password and the working key to the encryption service platform by the full-automatic safe deposit box system to obtain a target safe deposit box password envelope;
and the target password envelope sending unit is used for sending the target safe deposit box password envelope to the full-automatic safe deposit box system by the encryption service platform.
CN202410338737.8A 2024-03-22 2024-03-22 Key replacement, renting transaction and password modification method based on full-automatic safe deposit box system Pending CN118249998A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202410338737.8A CN118249998A (en) 2024-03-22 2024-03-22 Key replacement, renting transaction and password modification method based on full-automatic safe deposit box system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202410338737.8A CN118249998A (en) 2024-03-22 2024-03-22 Key replacement, renting transaction and password modification method based on full-automatic safe deposit box system

Publications (1)

Publication Number Publication Date
CN118249998A true CN118249998A (en) 2024-06-25

Family

ID=91550459

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202410338737.8A Pending CN118249998A (en) 2024-03-22 2024-03-22 Key replacement, renting transaction and password modification method based on full-automatic safe deposit box system

Country Status (1)

Country Link
CN (1) CN118249998A (en)

Similar Documents

Publication Publication Date Title
US10250593B2 (en) Image based key deprivation function
EP3997606B1 (en) Cryptoasset custodial system with custom logic
CN102782694A (en) Transaction auditing for data security devices
EP3937040B1 (en) Systems and methods for securing login access
CN104917807A (en) Resource transfer method, apparatus and system
US11418338B2 (en) Cryptoasset custodial system using power down of hardware to protect cryptographic keys
US20190050590A1 (en) Ensuring Information Security by Utilizing Encryption of Data
US12107956B2 (en) Information processing device, information processing method, and non-transitory computer readable storage medium
US20240121230A1 (en) Systems and methods for generating and using secure sharded onboarding user interfaces
US10664612B2 (en) System and method for controlling operations performed on personal information
CN116962021A (en) Method, device, equipment and medium for user real name authentication in financial cooperative institution
US20200382304A1 (en) User identity verification method for secure transaction environment
CN118249998A (en) Key replacement, renting transaction and password modification method based on full-automatic safe deposit box system
CN112199695A (en) Processing method and device for receivable financing, electronic device and storage medium
Janpitak et al. The novel secure testament methodology for cryptocurrency wallet using mnemonic seed
TW201804384A (en) Electronic card creating system and method thereof capable of effectively improving security of card information
KR101823241B1 (en) System and method for opening concurrently account of multiple financial institute through integrating process of non-faced account opening
CN112990927B (en) Payment verification method, system, device, computer system and storage medium
TWI802794B (en) Financial business review integration system and method thereof
CN109063458B (en) Terminal security method and device for hierarchical information management
US20150235214A1 (en) User Authentication and Authorization
CN118157962A (en) Communication information changing method and device, electronic equipment and medium
CN118229288A (en) Offline withdrawal method, device, electronic card, system, electronic equipment and medium
CN118101215A (en) U-shield login method, device, equipment and medium
CN102752270B (en) E-document transmission systems, mobile communications device and relevant decryption device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination