CN1731890A - Method for mobile communication value-added service identification and payment - Google Patents
Method for mobile communication value-added service identification and payment Download PDFInfo
- Publication number
- CN1731890A CN1731890A CN200510057219.6A CN200510057219A CN1731890A CN 1731890 A CN1731890 A CN 1731890A CN 200510057219 A CN200510057219 A CN 200510057219A CN 1731890 A CN1731890 A CN 1731890A
- Authority
- CN
- China
- Prior art keywords
- message
- payment
- service network
- user terminal
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
This invention relates to a method for identifying and paying a mobile communication added-value service, belonging to mobile communication field, characterized in that it adopts unbalanced one-way binary tree structure manufacturing chain, user only needs to store secret value vm, n, and reconstructs whole UOBT, allocates each UOBT sub-chain different face value, the user and information service net execute identification and key consultation and pay initialization protocol, by the trusted third part to testing, and making mobile terminal attain most rapid micro-pay service for the user. The invention has lowered mobile terminal calculation expense.
Description
Technical field
The present invention relates to moving communicating field, be specifically related to be the value-added service identification of platform and the method for payment by the mobile network.
Background technology
At present, the research of micropayments is more active in the world, how according to the technical characterstic of mobile communication and micropayments, research is one of the most potential direction during current micropayments develops based on the authentication of the mobile communication of micropayments and payment model, it is a research focus, also propose some and moved the micropayments agreement, such as in 2002 " electronic letters, vol " the 4th interim " authentication in the mobile computing network environment and small amount payment agreement ", having proposed a kind of mobile micropayments agreement, mobile micropayments can make full use of existing authentication infrastructures, realize effective combination of authentication and payment, but this agreement has the following disadvantages:
1. the computing cost of portable terminal is bigger, and in authentication and payment initializtion protocol, portable terminal will carry out 4 apotype exponent arithmetics, 1 digital signature and 1 signature verification, 3 symmetric cryptographies, produce 1 random number, 5 hash computings;
2. the mechanism that lacks the consumption of control user malice;
3. for the bigger consumption of the amount of money, agreement implementation efficient is not high.
Therefore, be necessary to propose a kind of new method that is applicable to mobile communication value-added service identification and payment.The method that the present invention proposes can realize the mutual authentication of communication parties, can guarantee that the user is not charged by mistake, provides the pay imformation network to prevent the lawful evidence that the user denies simultaneously.
Summary of the invention
The invention provides the method for a kind of mobile communication value-added service identification and payment, use this method mobile subscriber can use mobile phone to obtain micropayments service fast, do not increase too many calculating of user mobile phone and storage burden simultaneously with anonymous identity.
The method of a kind of mobile communication value-added service identification and payment, this method comprises the steps:
A) when the user registers for the first time at third party TTP place, issue a payment certificate by TTP and give user U, content comprises the term of validity of payment certificate, user's payment credit line information, utilizes payment certificate, TTP authorizes U to make the hash chain, submits to service network V as evidence for payment;
B) portable terminal generates a trunk hash chain, obtains the root sequence;
C) user selects secret value w according to the currency number of required payment
M, n, user terminal U generates the Hash Value that needs, and defines the denomination information A dd of every subchain Hash Value representative
2
D) user terminal U and information service network V carry out authentication and key agreement and payment initializtion protocol;
E) user terminal U submits the Hash Value that generates to information service network V;
F) V receives payment and passes through root sequence and hash function h
2Verify the validity of these Hash Values;
G) service network is regularly issued user's TTP to Hash Value of receiving and decrypted message, and TTP is to its checking and according to Add
2Information can calculate the currency number that should pay V, then from the account of U the deduction respective value currency and deposit in the account of V.
Described step d) initializtion protocol may further comprise the steps:
D.1) U produces a random number N
AAnd encrypt N with shared key K
AWin message 1 and send to information service network V;
D.2) after V received article one message, if user's TTP is that he trusts, V then produced a random number N
V, and use private key SK
VTo its sign { V
N}
SKV, and produce second message 2 and be transmitted to TTP;
D.3) after TTP receives second message 2, check the validity of public key certificate, if certificate is qualified, private key with oneself carries out digital signature to second message, produce the private key that the 3rd message 3 sends to information service network oneself second message is carried out digital signature, produce the 3rd message 3 and send to information service network V;
D.4) after V receives the 3rd message 3, decipher the 3rd message 3, with the PKI PK of TTP with the private key of oneself
TDecrypted digital signature information produces the 4th message 4 and sends to user terminal U;
D.5) after U receives the 4th message 4, check that message is as finding to have random number N
A, promptly stop to receive other message, and the validity of checking message, produce the 5th message 5 and send to V;
D.6) after V receives the 5th message 5, use session key K
SeDecipher this message, with the PKI PK of U
lDecrypted digital signature information obtains eap-message digest h
3() stores the message with the session key deciphering then.
Use micropayments authentication method of the present invention, not only alleviated the computing cost of portable terminal, all improve to some extent at user's anonymity protection, user's malice control of consumption, the flexibility and the aspects such as agility, resistance Replay Attack of payment simultaneously.
Description of drawings
Fig. 1 is the system model of mobile phone value-added service authentication and method of payment;
Fig. 2 is the structure chart of the non-equilibrium unidirectional binary tree (UOBT) that adopts among the present invention
Fig. 3 is that the present invention authenticates and key agreement and payment initializtion protocol
Embodiment
Below in conjunction with drawings and Examples, the present invention is done concrete introduction:
The invention provides the method for a kind of mobile communication value-added service identification and payment, adopt this method mobile subscriber can use mobile phone to obtain micropayments service fast, do not increase too many calculating of user mobile phone and storage burden simultaneously with anonymous identity.
The method of mobile communication value-added service identification and payment relates generally to the three parts: user terminal U provides the network V of information service, the third party TTP (being generally mobile subscriber's network management center) that user terminal U and V trust.User terminal U and service network V keep an account at the TTP place, and TTP carries out corresponding prestige guarantee and currency conversion.The true identity of U is ID
U, in order to protect the confidentiality of U identity, TTP uses ID for each user distributes a long-term assumed name Alias as sign
TThe identity information of expression TTP, the shared key of TTP and U is K, TTP has preserved Alias and ID
UAnd the mapping relations of K, use ID
VThe identity information of expression V: the public key certificate of TTP is Cert (T), and private key is SK
T, PKI is PK
TThe public key certificate of V is Cert (V), and private key is SK
V, PKI is PK
VUser's private key is SK
U, PKI is PK
Uh
1, h
2And h
3Be the hash function in the cryptography, as MD5 and SHA-1 etc., its most important characteristic is an one-way function, that is to say given output, and the input difficulty of finding out its correspondence is very big.
System model as shown in Figure 1, wherein dotted line is represented off-line (off-line) mode.When user U registers for the first time at the TTP place, to issue a payment certificate by TTP and give user terminal U, its form is:
Wherein Expirel is the term of validity of payment certificate, Add
1Payment credit line information for the user.This certificate will utilize payment certificate TTP to authorize U to make the hash chain according to the user account information regular update, submits to V as evidence for payment.
As shown in Figure 2, adopt the structure of non-equilibrium unidirectional binary tree (UOBT, Unbalanced One-way BinaryTree) to make the hash chain, the user chooses a random number w
M, n, generate a trunk hash chain { w
1, n, w
2, n..., w
M-1, n, w
M, n, w wherein
K-1, n=h
1(w
K, n), k=m, m-1 ..., 2; Hash Value in every subchain can pass through w
I, j-1=h
2(w
I, j) obtain, i=m, m-1 ..., 1, j=n, n-1 ..., 1.{ w
1,0, w
2,0..., w
M-1,0, w
M, 0Be the root sequence of UOBT, and the length of a trunk hash chain is equaled the UOBT of subchain length, promptly when m=n, calculate that a certain Hash Value on average needs n-1 hash computing in the tree, user side only need be stored secret value w
M, n, by the whole UOBT of secret value restructural.For flexibility that improves payment and the transaction of supporting more information products, give every denomination that the UOBT subchain is different, the denomination information Add of subchain
2Represent.Micropayments of the present invention and authentication method specifically comprise the steps:
A) user U selects required information product by the terminal browser, check the pay imformation service catalogue that V announces on the net, comprising the billing unit s of every service (as the 1min of multimedia video service, 5min, one page of 10min etc. or electronic publication) and the price p of each billing unit and every pay demand note figure place t that service comprises, can calculate the currency number of own required service by the service catalogue user, select secret value w
M, n, user terminal is the whole UOBT of restructural, generates the Hash Value that needs, and defines the denomination information A dd of every subchain Hash Value representative
2
B) user U and information service network V carry out authentication and key agreement and payment initializtion protocol;
The initializtion protocol process as shown in Figure 3, (b1-b6) finishes by following steps:
B1) user U produces a random number N
AAnd encrypt N with shared key K
AGet E
K(N
A), according to E
K(N
A), the TTP sign ID of Alias and U
TGenerate first message, together send to information service network V;
B2) after network V received first message 1, if user's TTP is that he trusts, V then produced a random number N
V, use private key SK
VTo its sign { N
V}
SKV, it is transmitted to TTP with public key certificate Cert (V) of oneself and second message 2 of message 1 formation;
B3) after TTP receives second message 2, check the validity of V public key certificate, if certificate is qualified, with the PKI deciphering { N of V
V}
SKVObtain N
V, check first section Alias of message sees whether be the user of oneself, if then Alias is mapped to user's true identity ID
l, check user's payment certificate paycert
UValidity, check pass through after, from database, search shared key K, decipher E with K
K(N
A) obtain random number N
AProduce a random number N in addition
S, calculate Mac with message authentication code function Mac
K(N
S, ID
l), Mac
K(N
A, N
S, ID
T) and E
K(Mac
K) N
S, then from user's payment certificate, find out client public key PK
lWith payment credit line information A dd
1, the private key of using oneself is to { N
V, N
A, Mac
K(N
A, N
S, ID
B), E
K(Mac
K) N
S, Mac
K(N
S, ID
U), N
S, PK
U, Add
1Digital signature, signing messages and public key certificate Cert (T) reinstate the PKI PK of V
VEncrypt back formation the 3rd message and send to information service network;
B4) after information service network V receives the 3rd message 3,, check that Cert (T) obtains the PKI PK of TTP with the private key decrypted message 3 of oneself
T, use PK
TDecrypted digital signature information obtains session key K
SeRequired N
A, Mac
K(N
S, ID
U) information, storage user's PKI PK
UWith payment amount information A dd
1, session key K subsequently
Se=h (N
AMac
K(N
S, ID
U)) and E
Kse(N
s), form the 4th message 4, and message 4 is sent to user U;
B5) after user U received the 4th message 4, U checked that the message discovery has N
A, promptly stop to receive other message, get E for the 3rd section with sharing key K encryption message
K(Mac
K) and with the 4th section { E
K(Mac
K) N
SDistance, thereby N obtained
S, calculate Mac
K(N
A, N
S, ID
T) and with the 3rd section comparison of message, the validity with the checking message reaches the purpose of authentication information service network V, if does not wait then abandon verification process, if verify and pass through, the user then uses the identical method session key K of V
Se, calculate E
Kse(N
S) and with the 5th section comparison of message to confirm that V knows session key, the user calculates h then
3(N
S, ID
V, Iid, (w
1,0, w
2,0..., w
M, 0), Expire2, Add
2) and to this Hash Value private key SK
lSignature, signing messages and Iid, (w
1,0, w
2,0..., w
M, 0), Expire2 and Add
2Use session key K
SeEncrypt back formation the 5th message 5 and send to V.Iid is the service request sign, wherein comprises the information such as time of service request, the term of validity that Expire2 cashes for payment;
B6) after V receives the 5th message 5, use session key K
SeDecipher this message, use the PKI PK of U then
lDecrypted digital signature information obtains eap-message digest h
3() calculates and the checking eap-message digest with the same method of U, thereby obtains the authentication to U.This moment, V confirmed that the user knows session key, stored the message with the session key deciphering then.The signing messages of U provides undeniable evidence for the user does payment with the hash tree, and the foundation of charge also is provided for V simultaneously.
After finishing above authentication and key agreement and payment initializtion protocol, continue to carry out following steps:
C) user U submits to the Hash Value that generates (as { (w to information service network V
1,5, 1,5), (w
5.8, 5,8) ..., (w
X, y, x, y) }) as evidence for payment to obtain required information product, because submit w to
1,5With submit (w successively to
1,1, w
1,5) equivalence, the mode of this variable-size payment adds that the subchain of different denominations can greatly improve payment efficient;
D) V receives payment and passes through root sequence (w
1,0, w
2,0..., w
M, 0) and hash function h
2Verify the validity of these Hash Values, according to Add
2Information calculations is paid amount information A dd with the user after going out the currency sum of user's pre-paid
1Relatively, can prevent user's malice consumption (total value of the information of buying has surpassed the idle money balance in its real accounts) like this, when the consumption of user U surpassed user's credit line, information service network V can refuse to provide service to user U.After checking was passed through, V allowed U to insert required service and store the Hash Value of having submitted in database, can prevent user's multiple consumption like this;
E) V regularly issues user's TTP to Hash Value of receiving and decrypted message 5, and TTP is to its checking and according to Add
2Information can calculate the currency number that should pay V, the currency of deduction respective value and depositing in the account of V from the account of U then, the cashing and clear and can finish by off-line of currency.TTP stores the Hash Value of having exchanged in database, can effectively prevent the repeatedly exchange of V.
The present invention provides a kind of safe, authentication web mode easily for mobile phone users, and has following technical characterstic:
(1) fail safe and the freshness of session key between assurance user U and the information service network V
Session key K
SeeBe used for secure communication thereafter and on link, do not transmit, guaranteed the fail safe of session key.In addition, because different random number session key has been chosen in the authentication before each communication, different session keys is all adopted in each communication, thereby has guaranteed the freshness of key, has prevented Replay Attack effectively.
(2) calculated load of portable terminal is less
The present invention taken into full account the portable terminal operational capability relatively a little less than, and V and TTP have comparison sufficient calculation, storage resources, with more digital signature with the signature verification computing is transferred to V and TTP goes to finish, have reduced the calculated load of portable terminal.
(4) two-way authentication
By the authentication of information service network, prevent that the assailant from palming off validated user and obtaining pay imformation to the user; By the authentication of user to information service network V, can prevent to palm off the deception of information service network to the user, authentication mechanism has effectively been protected the tripartite interests of communication mutually.
(5) Zhi Fu non-repudiation
TTP has guaranteed the validity of their PKIs to the On line inspection of the public key certificate of V and user's payment certificate, and the user is to root sequence (w
1,0, w
2,0..., w
M, 0) and Add
2Signature etc. information provides undeniable evidence for TTP charges.
(6) malice control of consumption
In system model, that degree of belief is the highest is the third party TTP that trusts, and secondly is information service network V, is only user U at last, so will there be effective mechanism to prevent the malice consumption of U.In the present invention, by payment credit line information A dd
1Control user's malice consumption.
(7) Zhi Fu flexibility and agility
An important feature of the present invention is to support the variable-size payment, and every UOBT subchain can be given denomination inequality, can greatly improve the efficient and the flexibility of payment like this.
Claims (3)
1, the method for a kind of mobile communication value-added service identification and payment is characterized in that, said method comprising the steps of:
A) user terminal U issues a payment certificate by third party TTP and gives user terminal in the registration of third party TTP place, utilizes payment certificate third party authorizes user terminal to make the hash chain, submits to information service network V as evidence for payment;
B) user chooses a secret number w
M, nThe input user terminal, user terminal generates a trunk hash chain, obtains the root sequence;
C) user terminal generates the Hash Value that needs according to the non-equilibrium unidirectional binary tree of secret number reconstruct, the denomination information A dd of every subchain representative of definition Hash Value
2
D) user terminal and information service network are carried out authentication and key agreement and payment initializtion protocol;
E) user terminal is submitted the Hash Value that generates to information service network;
F) information service network receives payment and passes through root sequence and hash function h
2Verify the validity of these Hash Values;
G) service network is regularly issued the third party to Hash Value of receiving and decrypted message, the third party goes out the currency number that should pay service network to its checking and according to the denomination information calculations, then from the account of user terminal the deduction respective value currency and deposit in the account of service network.
2, the method for mobile communication value-added service identification according to claim 1 and payment is characterized in that, initializtion protocol may further comprise the steps in the described step d):
D1) user terminal produces a random number N
AAnd encrypt this random number message of winning with shared key K and send to service network;
D2) after service network was received first message, service network also produced a corresponding random number N
v, and with the private key SK of service network
vTo its signature, and produce second message and be transmitted to the third party;
D3) after the third party receives second message, check the validity of public key certificate,, use the private key of oneself that second message is carried out digital signature, produce the 3rd message and send to service network if certificate is qualified;
D4) after service network is received the 3rd message, decipher the 3rd message with the private key of oneself, with third-party PKI PK
TDecrypted digital signature information produces the 4th message and sends to user terminal;
D5) after user terminal is received the 4th message, check that message is as finding to have random number N
A, promptly stop to receive other message, and the validity of checking message, produce the 5th message and send to service network;
D6) after service network is received the 5th message, use session key K
SeDecipher this message, with the PKI PK of user terminal
lDecrypted digital signature information obtains eap-message digest, stores the message that obtains with the session key deciphering then.
3, the method for mobile communication value-added service identification according to claim 1 and payment is characterized in that, payment certificate comprises the term of validity of certificate, credit line information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200510057219.6A CN1731890A (en) | 2005-08-09 | 2005-08-09 | Method for mobile communication value-added service identification and payment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200510057219.6A CN1731890A (en) | 2005-08-09 | 2005-08-09 | Method for mobile communication value-added service identification and payment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1731890A true CN1731890A (en) | 2006-02-08 |
Family
ID=35964165
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200510057219.6A Pending CN1731890A (en) | 2005-08-09 | 2005-08-09 | Method for mobile communication value-added service identification and payment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1731890A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102264068A (en) * | 2010-05-28 | 2011-11-30 | 中国移动通信集团公司 | Shared key consultation method, system, network platform and terminal |
| CN102752280A (en) * | 2012-05-16 | 2012-10-24 | 中国科学院计算机网络信息中心 | Domain name registration method, device and system |
| CN105074719A (en) * | 2013-03-15 | 2015-11-18 | 英特尔公司 | Mutually assured data sharing between distrusting parties in a network environment |
| CN113525152A (en) * | 2020-04-15 | 2021-10-22 | 华为技术有限公司 | Charging authentication method and device |
-
2005
- 2005-08-09 CN CN200510057219.6A patent/CN1731890A/en active Pending
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102264068A (en) * | 2010-05-28 | 2011-11-30 | 中国移动通信集团公司 | Shared key consultation method, system, network platform and terminal |
| CN102264068B (en) * | 2010-05-28 | 2014-04-02 | 中国移动通信集团公司 | Shared key consultation method, system, network platform and terminal |
| CN102752280A (en) * | 2012-05-16 | 2012-10-24 | 中国科学院计算机网络信息中心 | Domain name registration method, device and system |
| CN102752280B (en) * | 2012-05-16 | 2016-06-01 | 中国科学院计算机网络信息中心 | Domain name registration, device and system |
| CN105074719A (en) * | 2013-03-15 | 2015-11-18 | 英特尔公司 | Mutually assured data sharing between distrusting parties in a network environment |
| CN105074719B (en) * | 2013-03-15 | 2019-02-26 | 英特尔公司 | The device and method of data sharing mutually determining between distrust side in network environment |
| CN113525152A (en) * | 2020-04-15 | 2021-10-22 | 华为技术有限公司 | Charging authentication method and device |
| CN113525152B (en) * | 2020-04-15 | 2023-07-18 | 华为技术有限公司 | Charging authentication method and device |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Zhang et al. | Research on a covert communication model realized by using smart contracts in blockchain environment | |
| Peng et al. | Privacy preservation in permissionless blockchain: A survey | |
| CN110599261B (en) | Electric automobile safety electric power transaction and excitation system based on energy source block chain | |
| CN109858281B (en) | Block chain account model privacy protection method based on zero knowledge proof | |
| CN110958110B (en) | Block chain private data management method and system based on zero knowledge proof | |
| CN110060037B (en) | Distributed digital identity system based on block chain | |
| Cui et al. | Pay as you decrypt: Decryption outsourcing for functional encryption using blockchain | |
| CN113129518B (en) | Electric vehicle charging system and resource management method thereof | |
| CN109561110A (en) | A kind of cloud platform audit log guard method based on SGX | |
| Kales et al. | Revisiting user privacy for certificate transparency | |
| CN114036539A (en) | Safety auditable Internet of things data sharing system and method based on block chain | |
| Han et al. | An efficient multi-signature wallet in blockchain using bloom filter | |
| CN115801260B (en) | Block chain-assisted collaborative attack and defense game method in untrusted network environment | |
| CN108449329A (en) | Data security protection method based on cloud computing and device | |
| CN111314066B (en) | Block chain-based data transfer method, terminal and computer-readable storage medium | |
| Vetter et al. | Homomorphic primitives for a privacy-friendly smart metering architecture. | |
| CN1731890A (en) | Method for mobile communication value-added service identification and payment | |
| CN114866248A (en) | Distributed credible identity authentication method and system in edge computing environment | |
| CN105812356B (en) | Anonymous query processing method facing cloud service system | |
| Tan et al. | A mobile energy trading scheme based on Lightning Network | |
| CN114760060B (en) | Service scheduling method for edge calculation | |
| CN114760067B (en) | Privacy security protection method for blockchain crowd sensing system by using zero knowledge proof | |
| Wang et al. | Dynamic threshold changeable multi‐policy secret sharing scheme | |
| CN1645393A (en) | Inter-communicating method for realizing penny payment | |
| CN113422681B (en) | Block chain digital signature method, device and system based on quantum cryptography |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |