CN1996831B - Certificate application method - Google Patents
Certificate application method Download PDFInfo
- Publication number
- CN1996831B CN1996831B CN2005101356989A CN200510135698A CN1996831B CN 1996831 B CN1996831 B CN 1996831B CN 2005101356989 A CN2005101356989 A CN 2005101356989A CN 200510135698 A CN200510135698 A CN 200510135698A CN 1996831 B CN1996831 B CN 1996831B
- Authority
- CN
- China
- Prior art keywords
- voucher
- user
- center
- telephone number
- application method
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
This invention relates to one bill require method for portable telephone, which comprises the following steps: generating user key set in telephone composed of user public key information; then sending the require pack through SMS by portable cell phone to bill center composed of at least user public key information and identification codes; then testing whether the identification codes and telephone numbers are correct; then bill center generates bill sealing pack.
Description
Technical field
The present invention relates to a kind of certificate application method, and be particularly related to a kind of method by short message service application voucher.
Background technology
So-called voucher is exactly the electronic ID card IC-card, just the identity card on the network.It is present that network is more and more popularized, and the user can carry out individual Data Processing, transmit and carry out actions such as commercial activity by network.Yet everyone identity all is to be difficult to confirm on network, and at the network uplink data, is not what be perfectly safe.Therefore, present most government services or organ all require the user being with documentation of identity, appear in person and handle.
And in order to improve fail safe and the convenience that the user utilizes the network processes personal information, and then developed voucher.The electronic digit signature that voucher the opposing party that to be exactly the user transmit mutually with information appoints is with electronic cipher.The user utilizes the function of electronic digit signature, just can confirm the identity on network.In addition, utilize the function of electronic cipher, no matter what data the user uploads at network, data has all been pinned by password, does not worry that also data leaks.Handle after the voucher, handle, transmit and carry out behaviors such as commerce, handle in person and need not go out as long as carry out personal information by world-wide web.
The flow process (as TaiWan, China natural person voucher) of general certificate application must the user be held my documentation of identity, and for example identity card goes to competent authority to handle in person, even must show at least two documentations of identity with photograph and just can handle.TaiWan, China natural person voucher for example, applicant even the office of affairs of household registration that must get back to the individual place where his residence is registered handle.The program of handling like this is complicated inconvenient again.
Summary of the invention
Purpose of the present invention just provides a kind of certificate application method, transmits user's relevant information to the voucher center by short message service, can simplify the complicated process that existing user applies in person.
The present invention proposes a kind of certificate application method, is applicable to pocket telephone, and wherein this pocket telephone belongs to the user, and has subscriber identification module, and this subscriber identification module has identification code and telephone number.The method comprises: produce user's set of keys in pocket telephone, wherein user's set of keys comprises the open key information of user at least.Afterwards, by pocket telephone,, to the voucher center, apply for that wherein package comprises the open key information of user at least by switching center's transmission application package with short message service.Continue it, whether the voucher center is correct according to being received from the telephone number authentication user that switching center transmits.Then, the voucher center produces the voucher package, and wherein the voucher package comprises at least one sequence number and a voucher center digital signature value.Afterwards, by the voucher center, with short message service, and according to this telephone number that is received, transmission voucher package this mancarried device under the telephone number.
The described certificate application method of preferred embodiment according to the present invention also is included in the digital signature value of pocket telephone according to sequence number in the voucher package and voucher center, sets up voucher.
The described certificate application method of preferred embodiment according to the present invention, above-mentioned voucher meets X.509 voucher form.
Voucher central information, the voucher that the described certificate application method of preferred embodiment according to the present invention, above-mentioned voucher comprise version information, this sequence number, Digital Signature Algorithm, issue this voucher comes into effect the time (Not Before), voucher last effective time (Not After), voucher user information, the open key information of this user and this voucher center digital signature value.
The described certificate application method of preferred embodiment according to the present invention, above-mentioned application package are to encrypt with the open key in voucher center.
The described certificate application method of preferred embodiment according to the present invention, above-mentioned voucher center are untied the application package that discloses key encryption with the voucher center with voucher center secret key.
The described certificate application method of preferred embodiment according to the present invention, the step that above-mentioned voucher center authenticates this user also comprises: investigate this telephone number that is received at this voucher center to telecommunication center.
The described certificate application method of preferred embodiment according to the present invention, above-mentioned application package also comprises identification code.
The described certificate application method of preferred embodiment according to the present invention, above-mentioned voucher center authentication user's step also comprises: investigate telephone number and identification code at the voucher center to telecommunication center, with contrast telephone number and identification code.
The described certificate application method of preferred embodiment according to the present invention, above-mentioned identification code comprises international mobile subscriber identity.
The described certificate application method of preferred embodiment according to the present invention, above-mentioned switching center comprises short message service center.
The described certificate application method of preferred embodiment according to the present invention, the said short message service comprises point-to-point short message service.
The described certificate application method of preferred embodiment according to the present invention, the method for above-mentioned generation user set of keys comprise and carry out the asymmetric key algorithm.
The present invention also proposes a kind of application method of voucher, is applicable to the short message service communication system.The method comprises: mancarried device is provided, and wherein mancarried device belongs to the user, and has identification code and telephone number.Afterwards, produce user's set of keys in mancarried device, wherein user's set of keys comprises the open key information of user at least.Afterwards, the voucher center receives by the application package of mancarried device by the note service system transmission, and by the telephone number that note service system transmits, applies for that wherein package comprises open key information of user and identification code at least.Continue it, whether the voucher center is correct according to identification code in the application package and telephone number authentication user.Again, the voucher center is according to this telephone number distribution sequence number that is received and voucher center digital signature value this mancarried device under the telephone number.Then, in mancarried device,, set up voucher according to sequence number that is received and voucher center digital signature value.
Voucher central information, the voucher that the described certificate application method of preferred embodiment according to the present invention, above-mentioned voucher comprise version information, this sequence number, Digital Signature Algorithm, issue this voucher comes into effect the time (Not Before), voucher last effective time (Not After), voucher user information, the open key information of this user and this voucher center digital signature value.
The step of the described certificate application method of preferred embodiment according to the present invention, above-mentioned distribution sequence number and voucher center digital signature value this mancarried device under the telephone number comprises also that transmission version information, Digital Signature Algorithm, the voucher central information of distribution voucher, voucher come into effect the time (Not Before), voucher last effective time (Not After), voucher user information and user disclose the mancarried device of key information under the telephone number.
The described certificate application method of preferred embodiment according to the present invention, above-mentioned identification code comprises international mobile subscriber identity.
The described certificate application method of preferred embodiment according to the present invention, the said short message service system has point-to-point short message service.
The described certificate application method of preferred embodiment according to the present invention, above-mentioned voucher center authentication user's step also comprises: investigate telephone number and identification code at this voucher center to telecommunication center, with contrast telephone number and identification code.
The described certificate application method of preferred embodiment according to the present invention, the method for above-mentioned generation user set of keys comprise and carry out the asymmetric key algorithm.
Among the present invention, user identification code and the caller ID telephone number that transmit by the user at the voucher center compare, and finish user's authentication, and issue the mancarried device of the voucher of the open key of user to the user, for example pocket telephone by short message service.Therefore the user need not to go in person the voucher center to handle, and then simplifies the process of certificate application.
State with other purpose, feature and advantage and can become apparent on the present invention for allowing, preferred embodiment cited below particularly, and conjunction with figs. are described in detail below.
Description of drawings
Fig. 1 is a kind of application evidence method general flow chart according to a preferred embodiment of the present invention.
The main element description of symbols
100: mancarried device
102: switching center
200: the voucher center
300: telecommunication center
301: line
S101, S103, S105, S107, S109, S111: steps flow chart
Embodiment
Fig. 1 is a kind of application evidence method general flow chart according to a preferred embodiment of the present invention.Please refer to Fig. 1, mancarried device 100 is provided, this mancarried device 100 for example is a pocket telephone.Again, mancarried device 100 belongs to the user, and this mancarried device 100 has identification code and telephone number.Preferably, subscriber identification module (Subscriber Identify Module) is installed on this mancarried device 100, this subscriber identification module can with telephone number by telecommunication center 300 and authorize to the user, and this subscriber identification module has above-mentioned identification code.In addition, above-mentioned identification code comprises international mobile subscriber identity (International MobileSubscriber Identification Number, IMSI number).In addition, this identification code also can be the telephone number that telecommunication center 300 is authorized.
In step S101, in mancarried device, produce user's set of keys, this user's set of keys comprises the open key information of user at least.Preferably, this user's set of keys also comprises user's secret key information.In addition, the method that produces above-mentioned user's set of keys comprises and carries out the asymmetric key algorithm.Above-mentioned asymmetric key algorithm comprises RSA key algorithm, DSA key algorithm, Diffie-Hellman key algorithm, fan's bag system (knapsack system), the open key encryption technology of ElGamal, the open key encryption technology of McEliece, the LUC key system, finite automaton (Finite Automation) system, the Ong-Schnorr-Shamir key system, ESIGN (Efficient Digital Signature) key system, cellular (Cellular Automation) system, elliptic curve cipher system (Elliptic CurveCryptosystem), GOST DSA key system.
Afterwards, in step S103, mancarried device 100 transmission application packages wherein apply for comprising in the package open key information of user and identification code to voucher center 200.This application package is to transmit by communication system, and this communication system comprises the short message service communication system, and has switching center 102, for example is short message service center.Just this switching center 102 receives the application package that mancarried device 100 is transmitted, and this application package transmission is arrived voucher center 200.It should be noted that this application package is to encrypt with the open key in voucher center.In addition, note service system comprises point-to-point short message service.
Then, in step S105, when voucher center 200 received the application package, the caller ID telephone number that transmits from switching center 102 was also received at voucher center 200.Afterwards, untie the application package that discloses key encryption with the voucher center with voucher center secret key.
Continue it, when application package when comprising identification code, voucher center 200 is carried out the user according to identification code in the application package and caller ID telephone number from switching center 102 and is authenticated (step S107).It should be noted that voucher center 200 can have data bank and can be used for retrieving corresponding telephone number according to identification code, or retrieve corresponding identification code according to telephone number.In addition, voucher center 200 also can with telecommunication center 300 lines 301, with identification code and the caller ID telephone number that is directly received by the data bank contrast voucher center 200 of telecommunication center 300.In addition, when the application package did not comprise identification code, user's identity validation (step S107 just) still can directly be made according to the caller identification number of being received from switching center 102 in voucher center 200 to telecommunication center 300.
Afterwards, in step S109, when voucher center 200 confirmed that users are errorless, voucher center 200 produced vouchers and voucher transmission voucher package according to this.Wherein, this voucher can be to meet X.509 voucher form.Moreover, when X.509 above-mentioned voucher met the voucher form, voucher central information, the voucher that the project hurdle of above-mentioned voucher comprises version information, sequence number, Digital Signature Algorithm, issue this voucher came into effect the time (Not Before), voucher last effective time (Not After), voucher user information, user's open key information and voucher center digital signature value.And the voucher package that voucher center 200 is transmitted preferably comprises sequence number and voucher center digital signature value in the above-mentioned voucher at least.Just in a preferred embodiment, voucher center 200 is according to the voucher of being issued, and wherein sequence number and voucher center digital signature value are packaged into the voucher package.In another embodiment, the voucher package also can comprise the sundry item hurdle in the above-mentioned voucher, for example version information, Digital Signature Algorithm, voucher central information, the voucher of issuing this voucher (Not Before), voucher last effective time (NotAfter), voucher user information and user's the open key information that comes into effect the time.Moreover above-mentioned voucher user information comprises identification code or telephone number.
Then, in step S111, the voucher center above-mentioned voucher package of 200 transmission is to the mancarried device with above-mentioned caller ID telephone number.This voucher package is to transmit by communication system, and this communication system comprises the short message service communication system, receives by switching center 102 and is transferred to the voucher package that voucher center 200 is transmitted, and this voucher package is sent to mancarried device 100.
At last, in step S113, in mancarried device 100,, set up voucher according to sequence number in the voucher package that is received and voucher center digital signature value, that is the open key voucher of user.Wherein, this voucher can be to meet X.509 voucher form, and this voucher comprises the open key information of user, telephone number, identification code, useful life, sequence number and voucher center digital signature value.Just on mancarried device 100,, reformulate the voucher of being issued as above-mentioned voucher center according to sequence number in the voucher package that is received and voucher center digital signature value.Just, when X.509 the voucher of this reconstruction meets the voucher form, voucher central information, the voucher that the project hurdle of this voucher comprises version information, sequence number, Digital Signature Algorithm, issue this voucher come into effect the time (Not Before), voucher last effective time (NotAfter), voucher user information, user's open key information and voucher center digital signature value.In an embodiment, define that above-mentioned voucher comes into effect the time (Not Before), the method for voucher last effective time (Not After) comprises the time that receives the voucher package by mancarried device 100, the voucher of being appraised and decided when this voucher is issued at estimation voucher center comes into effect the time, and adds fixing useful life and last effective time of voucher that can obtain estimating according to time of coming into effect of this estimation.In addition, in another embodiment, because the user is at the beginning of the application voucher, user's open key information and voucher user information, therefore for example identification code or telephone number are to be Given information, even do not comprise user's open key information and voucher user information in the voucher package that the voucher center is transmitted, when reorganization key voucher, still can be about to these Given informations certainly to insert corresponding voucher project hurdle.
Afterwards, the user can pass through this mancarried device, use the open key voucher of the user who is applied for, by WLAN (Wireless Local Area Network, WLAN), GPRS (General Packet Radio Service, GPRS) be linked to other devices or server, carry out interactive authentication, so carry out on purchase on the line, network bank trading and the line pay the fees, work such as inquiry.
Because when telecommunication center 300 is authorized subscriber identification module and telephone number to the user, telecommunication center 300 can carry out authentication procedure, comprise that the user must go out to be shown with effective documentation of identity of photo, and telecommunication center 300 registration users' proof of identification number, even telecommunication center 300 and associating credit line of centres verification user's credit standing.Therefore the user has also passed through once strict personal identification process in subscriber identification module and telephone number that acquisition telecommunication center 300 is authorized.Therefore, the user identification code that transmit by the user at the voucher center with and/or the caller ID telephone number, compare, or inquire about to telecommunication center, and finish user's authentication, and by telecommunication path, the mancarried device of the voucher of the open key of user to the user transmitted in for example short message service.Therefore the user need not to go in person the voucher center to handle, and then simplifies the process of certificate application.
Though the present invention discloses as above with preferred embodiment; right its is not in order to limit the present invention; any person of ordinary skill in the field; without departing from the spirit and scope of the invention; when can doing a little change and improvement, so the present invention's protection range is as the criterion when looking the claim person of defining.
Claims (16)
1. a certificate application method is applicable to pocket telephone, it is characterized in that this pocket telephone belongs to the user, and has subscriber identification module, and this subscriber identification module has identification code and telephone number, and the method comprises:
Produce user's set of keys in this pocket telephone, wherein this user's set of keys comprises the open key information of user at least;
By this pocket telephone, with short message service, to the voucher center, wherein this application package comprises the open key information of this user at least by switching center's transmission application package;
This voucher center receives by the application package of this pocket telephone by this switching center's transmission, and this telephone number that is transmitted by this switching center, and wherein this application package comprises the open key information of this user and this identification code at least;
Whether this voucher center authenticates this user according to this identification code in this application package and this telephone number correct;
This voucher center produces the voucher package, and wherein this voucher package comprises at least one sequence number and a voucher center digital signature value;
By this voucher center, with this short message service, and according to this telephone number that is received, transmit this voucher package this pocket telephone under this telephone number; And
In this pocket telephone,, set up voucher according to this sequence number and this voucher center digital signature value that this received.
2. certificate application method according to claim 1 is characterized in that this voucher meets X.509 voucher form.
3. certificate application method according to claim 1 is characterized in that this voucher comprises version information, this sequence number, Digital Signature Algorithm, voucher central information, the voucher of issuing this voucher comes into effect the time, voucher last effective time, voucher user information, the open key information of this user and this voucher center digital signature value.
4. certificate application method according to claim 1 is characterized in that this application package is to encrypt with the open key in voucher center.
5. certificate application method according to claim 4 is characterized in that this voucher center unties this application package with the open key encryption in this voucher center with voucher center secret key.
6. certificate application method according to claim 1, it is characterized in that the step that this voucher center authenticates this user also comprises: investigate this telephone number and this identification code at this voucher center to telecommunication center, to contrast this telephone number and this identification code.
7. certificate application method according to claim 1 is characterized in that this identification code comprises international mobile subscriber identity.
8. certificate application method according to claim 1 is characterized in that this switching center comprises short message service center.
9. certificate application method according to claim 1 is characterized in that this short message service comprises point-to-point short message service.
10. certificate application method according to claim 1, the method that it is characterized in that producing this user's set of keys comprises carries out the asymmetric key algorithm.
11. the application method of a voucher is applicable to the short message service communication system, it is characterized in that the method comprises:
Mancarried device is provided, and wherein this mancarried device belongs to the user, and has identification code and telephone number;
Produce user's set of keys in this mancarried device, wherein this user's set of keys comprises the open key information of user at least;
The voucher center receives by the application package of this mancarried device by this note service system transmission, and by this telephone number of this note service system transmission, wherein this application package comprises the open key information of this user and this identification code at least;
Whether this voucher center authenticates this user according to this identification code in this application package and this telephone number correct;
This voucher center is according to the sequence number of this telephone number distribution that is received and voucher center digital signature value this mancarried device under this telephone number; And
In this mancarried device,, set up voucher according to this sequence number and this voucher center digital signature value that this received.
12. certificate application method according to claim 11, it is characterized in that this voucher comprises version information, this sequence number, Digital Signature Algorithm, voucher central information, the voucher of issuing this voucher comes into effect the time, voucher last effective time, voucher user information, the open key information of this user and this voucher center digital signature value, wherein
Come into effect time, this voucher last effective time, this voucher user's information and this user of this voucher central information, this voucher that the step of issuing this sequence number and this voucher center digital signature value this mancarried device under this telephone number also comprises transmission this version information, this Digital Signature Algorithm, issue this voucher discloses key information this mancarried device under this telephone number.
13. certificate application method according to claim 11 is characterized in that this identification code comprises international mobile subscriber identity.
14. certificate application method according to claim 11 is characterized in that this note service system has point-to-point short message service.
15. certificate application method according to claim 11, it is characterized in that the step that this voucher center authenticates this user also comprises: investigate this telephone number and this identification code at this voucher center to telecommunication center, to contrast this telephone number and this identification code.
16. certificate application method according to claim 11, the method that it is characterized in that producing this user's set of keys comprises carries out the asymmetric key algorithm.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2005101356989A CN1996831B (en) | 2005-12-31 | 2005-12-31 | Certificate application method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2005101356989A CN1996831B (en) | 2005-12-31 | 2005-12-31 | Certificate application method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1996831A CN1996831A (en) | 2007-07-11 |
| CN1996831B true CN1996831B (en) | 2011-09-28 |
Family
ID=38251788
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2005101356989A Expired - Fee Related CN1996831B (en) | 2005-12-31 | 2005-12-31 | Certificate application method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1996831B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101686125A (en) * | 2008-09-25 | 2010-03-31 | 韩燕� | Telephone signature verification method and system |
| SG187789A1 (en) * | 2011-07-27 | 2013-03-28 | Cheng-Hao Hsiao | Mobile device pay method |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2001054346A1 (en) * | 2000-01-21 | 2001-07-26 | Smarttrust Systems Oy | Method for issuing an electronic identity |
| KR20030023124A (en) * | 2001-09-12 | 2003-03-19 | 에스케이 텔레콤주식회사 | Public-key infrastructure based certification method in mobile communication system |
| CN1437375A (en) * | 2002-02-08 | 2003-08-20 | 泰康亚洲(北京)科技有限公司 | Confirmation method for safe mobile e-business platform digital certificate |
| CN1647052A (en) * | 2002-04-12 | 2005-07-27 | 沃达方集团有限公司 | Method ans system for distribution of encrypted data in a mobile network |
-
2005
- 2005-12-31 CN CN2005101356989A patent/CN1996831B/en not_active Expired - Fee Related
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2001054346A1 (en) * | 2000-01-21 | 2001-07-26 | Smarttrust Systems Oy | Method for issuing an electronic identity |
| KR20030023124A (en) * | 2001-09-12 | 2003-03-19 | 에스케이 텔레콤주식회사 | Public-key infrastructure based certification method in mobile communication system |
| CN1437375A (en) * | 2002-02-08 | 2003-08-20 | 泰康亚洲(北京)科技有限公司 | Confirmation method for safe mobile e-business platform digital certificate |
| CN1647052A (en) * | 2002-04-12 | 2005-07-27 | 沃达方集团有限公司 | Method ans system for distribution of encrypted data in a mobile network |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1996831A (en) | 2007-07-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11622265B2 (en) | Security system for handheld wireless devices using time-variable encryption keys | |
| JP4603252B2 (en) | Security framework and protocol for universal general transactions | |
| US5664017A (en) | Internationally regulated system for one to one cryptographic communications with national sovereignty without key escrow | |
| CN100374971C (en) | Securing access to an application service based on a proximity token | |
| CN101300808B (en) | Method and arrangement for secure autentication | |
| EP1277301B1 (en) | Method for transmitting payment information between a terminal and a third equipement | |
| CN101641976B (en) | An authentication method | |
| US6529886B1 (en) | Authenticating method for an access and/or payment control system | |
| CN100574511C (en) | The method and system of opposite end identity validation in a kind of mobile terminal communication | |
| CN1977559B (en) | Method and system for protecting information exchanged during communication between users | |
| CN1316405C (en) | Method for obtaining digital siguature and realizing data safety | |
| CN113595725B (en) | Communication system and communication method based on quantum key card arrangement | |
| CN1996831B (en) | Certificate application method | |
| Kisore et al. | A secure SMS protocol for implementing digital cash system | |
| Adi et al. | Secured multi-identity mobile infrastructure and offline mobile-assisted micro-payment application | |
| Davaanaym et al. | A ping pong based one-time-passwords authentication system | |
| US20050125662A1 (en) | Method for exchanging authentication information between a communication entity and an operator server | |
| Yannick et al. | Practical Design And Implementation Of A Mobile Off-Line E-Wallet | |
| Liu et al. | EQRC: A secure QR code-based E-coupon framework supporting online and offline transactions | |
| Cooke et al. | The use of smart cards in personal communication systems security | |
| JP2001034817A (en) | Method for certifying prepaid type charging service user and method for registering initial certification data therefor | |
| Jawanjal et al. | A Secure Protocol For End To End Security To SMS Banking | |
| Zhang | A Secure Roaming Payment Protocol in Mobile Commerce | |
| Galen | Design and feasibility of mobile peer-to-peer payment systems | |
| CN106886814A (en) | A kind of card supported bank card and have bluetooth communication and positioning function |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20110928 Termination date: 20171231 |