KR102547682B1 - Server for supporting user identification using physically unclonable function based onetime password and operating method thereof - Google Patents

Abstract

In the operation method of a physical unclonable function (PUF) one time password (OTP) server according to an embodiment, payment information is received from a payment gateway (PG) server according to an authentication request through a user terminal, and the payment information and PUF OTP transmitting the certificate to the user terminal; Receiving and decrypting a first OTP authentication value encrypted with a PUF OTP certificate from a user terminal - the first OTP authentication value is generated from a PUF OTP applet included in the user terminal and encrypted with the PUF OTP certificate; Among the OTP authentication values, the authentication value for first user confirmation is displayed on the user terminal -; generating a second OTP authentication value and verifying whether the decrypted first OTP authentication value corresponds to the second OTP authentication value; An operation of transmitting an authentication value for second user confirmation and a verification result among the second OTP authentication values to the user terminal through the PG server -the authentication value for second user confirmation is displayed on the user terminal; and a PG server may complete authentication based on a user input that the authentication value for first user confirmation and the authentication value for second user confirmation correspond.

Description

Server supporting user authentication using PUF-based OTP and its operating method

The following embodiments relate to a server supporting user authentication and an operating method thereof, and more specifically, to a server supporting user authentication using a physically unclonable function (PUF) based one time password (OTP) and an operating method thereof it's about

OTP (One Time Password) is a one-time password and is used as a secure authentication method in many ways. In particular, in Korea, it is used as an additional authentication factor to verify the user's identity during transactions for safe electronic financial transactions.

Threats to electronic financial transactions, such as phishing and pharming, are diversifying, and OTP responds to these threats by generating random values using the advantage of a hash function, which is basically a one-way function. However, since only the software method is used in the process of generating the OTP value, the same OTP value can be generated if the same input information is entered, and the same OTP value can be generated if the attacker collects personal information for a specific target. can

PUF (physically unclonable function) technology is a physical copy protection technology that can overcome the structural limitations of software-based security methods by using hardware characteristics.

As related prior art, there is Korean Patent Registration No. 10-1525888 (title of invention: otp generation device and method using Puf, Applicant: Soongsil University Industry-University Cooperation Foundation). The registered patent publication discloses an OTP generator for authenticating a user in an electronic financial transaction system.

According to an embodiment, in a user authentication process using PUF-based OTP, there may be a risk of smishing during SMS authentication.

According to another embodiment, in the process of verifying the PUF-based OTP authentication value, the PUF OTP server needs to receive a Hash-based Message Authentication Code (HMAC) key from the PUF chip in the USIM chip of the user terminal.

However, the technical challenges are not limited to the above-described technical challenges, and other technical challenges may exist.

According to an embodiment, a method of operating a physical unclonable function (PUF) one time password (OTP) server receives payment information from a payment gateway (PG) server according to an authentication request through a user terminal, and the payment information and the PUF transmitting an OTP certificate to the user terminal; Receiving and decrypting a first OTP authentication value encrypted with the PUF OTP certificate from the user terminal - the first OTP authentication value is generated in a PUF OTP applet included in the user terminal and converted to the PUF OTP certificate encrypted, and the authentication value for first user confirmation among the first OTP authentication values is displayed on the user terminal -; generating a second OTP authentication value and verifying whether the decrypted first OTP authentication value corresponds to the second OTP authentication value; An operation of transmitting a second user confirmation authentication value and the verification result among the second OTP authentication values to the user terminal through the PG server, wherein the second user confirmation authentication value is displayed on the user terminal; and the PG server may complete authentication based on a user input indicating that the first authentication value for user confirmation corresponds to the authentication value for second user confirmation.

According to an embodiment, the first OTP authentication value and the second OTP authentication value are based on a hash-based message authentication code (HMAC) key generation algorithm and an HMAC algorithm predefined by the PUF OTP applet and the PUF OTP server. can be created based on

According to an embodiment, the HMAC key generation algorithm and the HMAC algorithm are transmitted from the PUF OTP server to the PUF OTP applet when a Universal Subscriber Identify Module (USIM) of the user terminal is issued together with the PUF OTP certificate, The PUF OTP applet generates a first HMAC key based on the HMAC key generation algorithm and the USIM serial number of the user terminal, and stores the HMAC algorithm, the PUF OTP certificate, and the first HMAC key. can

According to an embodiment, when the payment information and the PUF OTP certificate are transmitted from the PUF OTP server to the user terminal in response to an authentication request from the user terminal, the PUF OTP applet receives the stored PUF OTP certificate and the received PUF OTP applet. If the PUF OTP certificate corresponds, the first OTP authentication value is generated based on the stored HMAC algorithm, the payment information, and the stored first HMAC key, and the first OTP authentication value is encrypted with the PUF OTP certificate. It can be transmitted to the PUF OTP server.

According to an embodiment, the operation of generating the second OTP authentication value by the PUF OTP server and verifying whether the decrypted first OTP authentication value and the second OTP authentication value correspond to the HMAC key generation algorithm and Generating a second HMAC key based on the USIM-specific number of the user terminal; generating the second OTP authentication value based on the HMAC algorithm, the payment information, and the second HMAC key; and verifying whether the decrypted first OTP authentication value corresponds to the second OTP authentication value.

According to an embodiment, the payment information and the PUF OTP certificate are transmitted from the PUF OTP server to the user terminal through a SIM Toolkit message, and the first OTP authentication value encrypted with the PUF OTP certificate may be transmitted from the user terminal to the PUF OTP server through a SIM Toolkit message.

According to one embodiment, the payment information may include at least one of a transaction number, a product name, and a transaction amount.

According to an embodiment, in a physical unclonable function (PUF) one time password (OTP) server, payment information is received from a payment gateway (PG) server according to an authentication request through a user terminal, and the payment information and the PUF OTP certificate is transmitted to the user terminal, and a first OTP authentication value encrypted with the PUF OTP certificate is received from the user terminal, and among the second OTP authentication values, a second user confirmation authentication value and the first OTP authentication value and the a communication interface for transmitting a verification result of whether a second OTP authentication value corresponds to the user terminal through the PG server; a memory in which computer-executable instructions are stored; and a processor accessing the memory to execute the instructions, wherein the processor decrypts the first OTP authentication value encrypted with the PUF OTP certificate, generates a second OTP authentication value, and performs the decryption It is verified whether the first OTP authentication value and the second OTP authentication value correspond to each other, and the first OTP authentication value is generated in a PUF OTP applet included in the user terminal and encrypted with the PUF OTP certificate. Among the first OTP authentication values, a first authentication value for user confirmation is displayed on the user terminal, the second authentication value for user confirmation is displayed on the user terminal, and the PG server displays the authentication value for first user confirmation and Authentication may be completed based on a user input indicating that the authentication value for second user confirmation corresponds.

According to an embodiment, the first OTP authentication value and the second OTP authentication value are based on a hash-based message authentication code (HMAC) key generation algorithm and an HMAC algorithm predefined by the PUF OTP applet and the PUF OTP server. can be created based on

According to an embodiment, the HMAC key generation algorithm and the HMAC algorithm are transmitted from the PUF OTP server to the PUF OTP applet when a Universal Subscriber Identify Module (USIM) of the user terminal is issued together with the PUF OTP certificate, The PUF OTP applet generates a first HMAC key based on the HMAC key generation algorithm and the USIM serial number of the user terminal, and stores the HMAC algorithm, the PUF OTP certificate, and the first HMAC key. can

According to an embodiment, when the payment information and the PUF OTP certificate are transmitted from the PUF OTP server to the user terminal in response to an authentication request from the user terminal, the PUF OTP applet receives the stored PUF OTP certificate and the received PUF OTP applet. If the PUF OTP certificate corresponds, the first OTP authentication value is generated based on the stored HMAC algorithm, the payment information, and the stored first HMAC key, and the first OTP authentication value is encrypted with the PUF OTP certificate. It can be transmitted to the PUF OTP server.

According to an embodiment, the processor generates a second HMAC key based on the HMAC key generation algorithm and the USIM-specific number of the user terminal, and based on the HMAC algorithm, the payment information, and the second HMAC key The second OTP authentication value may be generated, and it may be verified whether the decrypted first OTP authentication value corresponds to the second OTP authentication value.

According to an embodiment, the payment information and the PUF OTP certificate are transmitted from the PUF OTP server to the user terminal through a SIM Toolkit message, and the first OTP authentication value encrypted with the PUF OTP certificate may be transmitted from the user terminal to the PUF OTP server through a SIM Toolkit message.

According to one embodiment, the payment information may include at least one of a transaction number, a product name, and a transaction amount.

According to an embodiment, in a method for verifying an OTP authentication value of a Physical Unclonable Function (PUF) OTP (One Time Password) server, a PUF OTP certificate is sent to a PUF OTP applet of the user terminal according to an authentication request from a user terminal. the operation of sending to; receiving and decrypting a first OTP authentication value encrypted with the PUF OTP certificate from the PUF OTP applet; Generating a second HMAC key based on an HMAC key generation algorithm and a Universal Subscriber Identify Module (USIM) serial number of the user terminal; generating a second OTP authentication value based on an HMAC algorithm and the second HMAC key; and verifying whether the decrypted first OTP authentication value corresponds to the second OTP authentication value.

According to an embodiment, the HMAC key generation algorithm and the HMAC algorithm are transmitted from the PUF OTP server to the PUF OTP applet when the USIM of the user terminal is issued together with the PUF OTP certificate, and the PUF OTP applet comprises: A first HMAC key may be generated based on the HMAC key generation algorithm and the USIM-specific number of the user terminal, and the HMAC algorithm, the PUF OTP certificate, and the first HMAC key may be stored.

According to an embodiment, when the PUF OTP certificate is received from the PUF OTP server according to the authentication request of the user terminal, the PUF OTP applet corresponds to the stored PUF OTP certificate and the received PUF OTP certificate, The first OTP authentication value may be generated based on the stored HMAC algorithm and the stored first HMAC key, and the first OTP authentication value may be encrypted with the PUF OTP certificate and transmitted to the PUF OTP server.

According to one embodiment, in a user terminal, a communication interface for communicating with a physical unclonable function (PUF) one time password (OTP) server and a payment gateway (PG) server; a display module configured to display an authentication value for first user confirmation and an authentication value for second user confirmation; a memory in which computer-executable instructions are stored; and a processor accessing the memory and executing the commands, wherein the processor receives payment information and a PUF OTP certificate from the PUF OTP server upon requesting authentication from a Payment Gateway (PG) server, and 1 OTP authentication value is generated and encrypted with the PUF OTP certificate, the authentication value for first user confirmation among the first OTP authentication values is displayed, and the encrypted first OTP authentication value is transmitted to the PUF OTP server; , Among the second OTP authentication values generated by the PUF OTP server, the second user confirmation authentication value is received from the PG server and displayed, and the PG server receives the first user confirmation authentication value and the second user confirmation It is possible to transmit a user input indicating that the user authentication value corresponds.

The PUF OTP server according to various embodiments may provide an OTP authentication method through a PUF chip in the USIM of the user terminal instead of a short message service (SMS) authentication method in the micropayment authentication process of the user terminal.

The PUF OTP server according to various embodiments may allow an OTP value to be input on a micropayment webpage through a SIM Toolkit message, thereby providing an authentication method without the risk of SMS phishing.

The PUF OTP server according to various embodiments may provide a method of generating a Hash-based Message Authentication Code (HMAC) key unique to a user by generating an OTP value based on a USIM unique number.

A PUF OTP server according to various embodiments may provide a method of verifying an OTP value without sharing an HMAC key with a user terminal.

1 is a configuration diagram of a Physical Unclonable Function (PUF) One Time Password (OTP) server for payment authentication according to various embodiments.
2 is a configuration diagram of a user terminal for authentication based on a Physical Unclonable Function (PUF) One Time Password (OTP) according to various embodiments.
3 is a flowchart illustrating a flow of performing payment authentication based on PUF OTP according to various embodiments.
4 is a diagram for explaining a screen displayed on a user terminal in a payment authentication process based on PUF OTP according to various embodiments.
5 is a diagram for explaining an operation of verifying a PUF OTP authentication value according to various embodiments.
6 is a flowchart illustrating a method of operating a PUF OTP server according to various embodiments.
7 is a flowchart illustrating a method of verifying a PUF OTP authentication value of a PUF OTP server according to various embodiments.

Specific structural or functional descriptions of the embodiments are disclosed for illustrative purposes only, and may be changed and implemented in various forms. Therefore, the form actually implemented is not limited only to the specific embodiments disclosed, and the scope of the present specification includes changes, equivalents, or substitutes included in the technical idea described in the embodiments.

Although terms such as first or second may be used to describe various components, such terms should only be construed for the purpose of distinguishing one component from another. For example, a first element may be termed a second element, and similarly, a second element may be termed a first element.

It should be understood that when an element is referred to as being “connected” to another element, it may be directly connected or connected to the other element, but other elements may exist in the middle.

Singular expressions include plural expressions unless the context clearly dictates otherwise. In this specification, terms such as "comprise" or "have" are intended to designate that the described feature, number, step, operation, component, part, or combination thereof exists, but one or more other features or numbers, It should be understood that the presence or addition of steps, operations, components, parts, or combinations thereof is not precluded.

Unless defined otherwise, all terms used herein, including technical or scientific terms, have the same meaning as commonly understood by one of ordinary skill in the art. Terms such as those defined in commonly used dictionaries should be interpreted as having a meaning consistent with the meaning in the context of the related art, and unless explicitly defined in this specification, it should not be interpreted in an ideal or excessively formal meaning. don't

Hereinafter, embodiments will be described in detail with reference to the accompanying drawings. In the description with reference to the accompanying drawings, the same reference numerals are given to the same components regardless of reference numerals, and overlapping descriptions thereof will be omitted.

<PUF OTP Server>

1 is a configuration diagram of a Physical Unclonable Function (PUF) One Time Password (OTP) server for payment authentication according to various embodiments.

Referring to FIG. 1 , a PUF OTP server supporting user authentication upon payment using PUF-based OTP is shown. According to an embodiment, the PUF OTP server 100 is a communication interface 110 for communication with the user terminal 200 and the payment gateway (PG) server 300, and a computer for supporting authentication using PUF-based OTP. It may include a memory 130 in which computer-executable instructions are stored, and a processor 120 that accesses the memory 130 and executes the stored instructions.

According to an embodiment, a PUF OTP applet 250 implemented as a PUF chip within a USIM chip and generating a PUF-based OTP value may be included in the user terminal 200 . The PUF OTP applet 250 and the user terminal 200 will be described in detail with reference to FIG. 2 .

According to an embodiment, the PG server 300 is a server that performs payment, and a user may request authentication to the PG server 300 through the user terminal 200 for user authentication for small-amount payment.

According to an embodiment, the PUF OTP server 100 may receive payment information from the PG server 300 through the communication interface 110 and transmit the payment information and the PUF OTP certificate to the user terminal 200 . According to an embodiment, the PUF OTP certificate is for encrypting and decrypting the PUF OTP authentication value, and may be stored in the PUF OTP server 100. According to one embodiment, the payment information may include at least one of a transaction number, a product name, and a transaction amount.

According to an embodiment, the PG server 300 and the PUF OTP server 100 may transmit information through a payment server (not shown). For example, the PG server 300 may transmit payment information to the payment server and transmit payment information received by the payment server to the PUF OTP server 100 .

According to an embodiment, the PUF OTP server 100 may transmit and receive information through a SIM Toolkit message through the user terminal 200 and a SIM Toolkit server (not shown). For example, when the PUF OTP server 100 transmits payment information and PUF OTP certificate to the user terminal 200, it can be transmitted by including it in a SIM Toolkit message, and the user terminal 200 transmits the encrypted PUF OTP server 100. When transmitting the first OTP authentication value, it may be included in the SIM Toolkit message and transmitted. Since the SIM Toolkit message is directly transmitted to the PUF OTP applet 250 without remaining in the message box of the user terminal, the risk of smishing can be reduced.

According to an embodiment, the first OTP authentication value is generated in the PUF OTP applet 250 included in the user terminal 200 and encrypted with the PUF OTP certificate, and among the first OTP authentication values, the authentication value for first user confirmation is It may be displayed on the user terminal 200 .

According to an embodiment, the PUF OTP server 100 receives the first OTP authentication value encrypted with the PUF OTP certificate from the user terminal 200 through the communication interface 110, and the processor 120 converts the PUF OTP certificate to The first OTP authentication value may be decrypted.

According to an embodiment, the processor 120 may generate a second OTP authentication value and verify whether the first OTP authentication value corresponds to the second OTP authentication value by comparing the generated second OTP authentication value with the decrypted first OTP authentication value. A method of generating an OTP authentication value and a method of verifying an OTP authentication value will be described in detail with reference to FIG. 5 .

According to an embodiment, the PUF OTP server 100 determines whether the second user confirmation authentication value among the second OTP authentication values and whether the first OTP authentication value and the second OTP authentication value correspond through the communication interface 110. Verification results may be transmitted to the PG server 300 . At this time, as described above, it may be transmitted to the PG server 300 through a payment server (not shown), and the authentication value for second user confirmation may be encrypted with a PG certificate and transmitted.

According to an embodiment, the PG server 300 decrypts the authentication value for second user confirmation with the PG certificate and transmits it to the user terminal 200, and the second user confirmation authentication value is displayed on the user terminal 200. It can be.

According to an embodiment, the PG server 300 may complete authentication when receiving a user input indicating that the authentication value for first user confirmation and the authentication value for second user confirmation displayed through the user terminal 200 correspond. . For example, the PG server 300 may complete authentication when receiving a user input indicating that the authentication value for first user confirmation and the authentication value for second user confirmation are the same from the user terminal 200 .

<User Terminal>

2 is a configuration diagram of a user terminal for authentication based on a Physical Unclonable Function (PUF) One Time Password (OTP) according to various embodiments.

According to an embodiment, the user terminal 200 includes a communication interface 210 for communicating with a physical unclonable function (PUF) one time password (OTP) server 100 and a payment gateway (PG) server 300, a first A display module 270 for displaying an authentication value for user confirmation and an authentication value for second user confirmation, and a computer for generating and decrypting a PUF-based OTP value, in which computer-executable instructions are stored. It may include a memory 230 and a processor 220 that accesses the memory 230 and executes instructions.

According to an embodiment, the user terminal 200 is an electronic device through which a user can make a payment through a network, and may be a smart phone, a tablet, a smart TV, a laptop, a PC, and the like.

According to one embodiment, the processor 220 is the PUF OTP applet 250 described in FIG. 1 and may be included in the PUF chip within the USIM chip of the user terminal 200 .

According to an embodiment, the processor 220 requests authentication from the Payment Gateway (PG) server 300 through the communication interface 210, and accordingly receives payment information and PUF OTP certificate from the PUF OTP server 100 can do.

According to an embodiment, the processor 220 generates a first OTP authentication value, encrypts it with a PUF OTP certificate, displays a first user confirmation authentication value among the first OTP authentication values, and displays the encrypted first OTP authentication value. may be transmitted to the PUF OTP server.

According to an embodiment, the processor 120 receives from the PG server 300 an authentication value for second user confirmation among the second OTP authentication values generated by the PUF OTP server 100, displays it, and displays the first user authentication value from the user. An input indicating whether the authentication value for verification and the authentication value for second user verification correspond may be received and transmitted to the PG server 300 .

<PUF OTP-based Authentication Method>

3 is a flowchart illustrating a flow of performing payment authentication based on PUF OTP according to various embodiments.

Referring to FIG. 3 , when a user requests 305 payment authentication to the PG server 300 through the user terminal 200 , payment authentication based on PUF OTP starts. The PG server 300 transmits payment information according to the payment request to the PUF OTP server 100 (310). As described in FIG. 1, the payment information may include at least one of a transaction number, product name, and transaction amount, and the PUF OTP server 300 receives the payment information from the PG server 300 through a payment server (not shown) can do.

The PUF OTP server 100 may transmit the received payment information together with the PUF OTP certificate to the user terminal 200 (310). As described in FIG. 1, the payment information and the PUF OTP certificate may be included in the SIMToolkit message and transmitted through the SIMToolkit message server.

According to an embodiment, after receiving 310 the payment information and the PUF OTP certificate, the user terminal 200 transmits the received payment information and the PUF OTP certificate to the PUF OTP applet 250 and requests a first OTP authentication value. (315) can. The PUF OTP applet 250 may request 320 user authentication to generate a first OTP authentication value, and when a user input 325 authorizing payment is received through the user terminal 200, the user terminal 200 ) may transmit the approval result to the PUF OTP applet 250 (330).

According to an embodiment, in operation 320, the PUF OTP applet 250 may request the user terminal 200 to create an input window for user input for payment approval in order to generate a first OTP value, and input for payment approval. The window can be created without installing a separate application using the SIM Toolkit function provided by the user terminal 200 .

Unlike the description in FIGS. 1 and 2, in FIG. 3, an operation between the user terminal 200 and the PUF OTP applet 250 is added. It may be performed by a main processor (not shown) of the user terminal instead of the processor 220 (eg, the PUF OTP applet 250) of No. 2 .

According to an embodiment, the PUF OTP applet 250 generates a first OTP authentication value, encrypts it with the received PUF OTP certificate (335), and sends the encrypted first OTP authentication value together with the payment information to the PUF OTP server 100. ) may be transmitted (340). In this case, as described above, the encrypted authentication value and payment information may be transmitted to the PUF OTP server 100 as a SIM Toolkit message. The user terminal 200 may display the first authentication value for user confirmation generated for user confirmation among the first OTP authentication values.

According to an embodiment, the PUF OTP server 100 decrypts the first OTP authentication value with the PUF OTP certificate, generates a second OTP authentication value, and verifies whether the first OTP authentication value and the second OTP authentication value correspond. can (350). According to an embodiment, the PUF OTP server 100 may determine that they correspond when the first OTP authentication value and the second OTP authentication value are the same. A method of generating a first OTP authentication value in the PUF OTP applet 250, generating a second OTP authentication value in the PUT OTP server 100, and verifying the PUF OTP authentication value will be described in detail with reference to FIG. 5 .

According to an embodiment, the PUF OTP server 100 generates an authentication value for second user confirmation among the second OTP authentication values, encrypts it with a PG certificate (355), and generates the encrypted second user authentication value and the PUF OTP authentication value The verification result between the steps may be transmitted to the PG server 300 (360). The PG server 300 decrypts (365) the authentication value for second user confirmation with the PG certificate, transmits it to the user terminal 200, and sends the authentication value for second user confirmation to the PG payment window displayed on the user terminal 200. It may be input (370) and displayed on the user terminal (200) (375). According to an embodiment, the authentication value for second user confirmation may be input to the PG payment window without user input.

The user terminal 200 transmits, to the PG server 300, a user input regarding whether the displayed first user confirmation authentication value (see operation 345) and the second user confirmation authentication value (see operation 375) correspond (380) )can do. According to an embodiment, user input (e.g., tactile input such as a touch or tap on the 'confirm' button, or "Yes") for whether the first user confirmation authentication value and the second user confirmation authentication value are the same voice input, etc.) may be transmitted to the PG server 300. Upon receiving the user input, the PG server 300 may complete authentication for payment (385).

4 is a diagram for explaining a screen displayed on a user terminal in a payment authentication process based on PUF OTP according to various embodiments.

Payment information and a PUF OTP certificate are received from the PUF OTP server (eg, operation 310 of FIG. 3 ), and a user authentication request for generating an OTP authentication value is received from the PUF OTP applet 250 of the PUF chip in the USIM (eg, operation 310 of FIG. 3 ). For example, after operation 320 of FIG. 3 , a screen such as reference number 410 may be displayed on the user terminal 200 . Referring to the screen 410, payment information such as product name and payment amount may be displayed on the screen for payment approval. As described in FIG. 3 , the input screen 410 for payment approval can be created without installing a separate application through the SIM Toolkit function provided by the user terminal 200 .

When a user input indicating payment approval is received on the screen 410, the PUF OTP applet 250 generates and encrypts the first OTP authentication value (for example, operation 335 of FIG. 3), and the PUF OTP server 100 After transmitting (eg, operation 340 of FIG. 3 ), the first authentication value for user confirmation among the first OTP authentication values may be displayed on the user terminal 200 as shown in the screen 450 . Referring to screen 450, an authentication value for user confirmation may be displayed together with payment information such as a payment approval number, a product name, and a payment amount.

According to an embodiment, after generating the second OTP authentication value in the PUF OTP server and verifying between the OTP authentication values (eg, operation 350 of FIG. 3 ), among the second OTP authentication values, the authentication value for second user confirmation is It may be transmitted to the user terminal 200 via the PG server 300 . The authentication value for second user confirmation may also be displayed on the PG server payment window of the user terminal 200 like the authentication value for first user confirmation in the screen 450 (not shown). As described in operation 380 of FIG. 3 , the user input indicating that the authentication value for first user confirmation and the authentication value for second user confirmation displayed on the user terminal 200 correspond (or are the same) is the PG server 300 ), authentication may be completed.

<How to verify the PUF OTP authentication value>

5 is a diagram for explaining a process of verifying a PUF OTP authentication value according to various embodiments.

Referring to FIG. 5 , an operation of generating a PUF OTP authentication value and verifying the PUF OTP value is illustrated. Operations 515 to 525 are operations 510 in which a first HMAC key, which is a symmetric key value used to generate a first OTP authentication value, is generated based on the SIM ID number of the user terminal 200, and operations 535 to 590 is an operation 530 of verifying whether the OTP authentication values correspond.

According to an embodiment, operation 510 of generating the first HMAC key may occur temporally prior to operation 530 of verifying OTP authentication values. For example, operations of reference number 510 occur when a SIM card of the user terminal 200 is issued for the first time, and operations of reference number 530 occur when payment is made in the user terminal 200 and authentication for payment is performed. can The operation 530 of verifying the OTP authentication value may correspond to the operation of decrypting the first OTP authentication value described with reference to FIG. 3 and generating and verifying the second OTP authentication value (eg, operation 350 of FIG. 3 ). .

According to an embodiment, in operation 515, when the USIM of the user terminal 200 is issued, a PUF OTP certificate and an HMAC key are generated from the PUF OTP server 100 to the PUF OTP applet 250 included in the user terminal 200. Algorithm and HMAC algorithm may be transmitted (515). Although omitted for concise description in FIG. 5, the PUF OTP server 100 can transmit the PUF OTP certificate, HMAC key, and HMAC algorithm to the SIM issuing device (not shown), and the SIM issuing device is the user terminal 200 PUF OTP certificate, HMAC key, and HMAC algorithm can be transmitted at the same time as issuing USIM serial number. The PUF OTP applet 250 in the SIM chip of the user terminal 200 may generate a first HMAC key by inputting a SIM unique number to the HMAC key generation algorithm (520), the generated first HMAC key, HMAC algorithm, The PUF OTP certificate may be encrypted and stored (525). According to an embodiment, an HMAC key may be generated based on a USIM ID number, so that a unique HMAC key based on actual subscriber authentication may be generated.

According to an embodiment, after the first HMAC key is generated when the USIM is issued, the PUF OTP certificate may be transmitted from the PUF OTP server to the PUF OTP applet 250 for payment authentication as described in FIG. 3 (535). . Operation 535 may correspond to operation 310 of FIG. 3 .

According to an embodiment, in operation 540, the PUF OTP applet 250 may authenticate the PUF OTP server 100 by checking whether the received PUF OTP certificate and the stored PUF OTP certificate correspond (or are the same). After authenticating the PUF OTP server, in operation 550, server information, transaction information, and the first HMAC key are input to the stored HMAC algorithm to generate a first OTP authentication value and encrypt it with a PUF OTP certificate. In operation 555, the PUF OTP applet 250 may transmit the encrypted first OTP authentication value to the PUF OTP server 100. Operation 550 may correspond to operation 335 of FIG. 3 , and operation 555 may correspond to operation 340 of FIG. 3 .

According to an embodiment, the PUF OTP server 100 may decrypt the first OTP authentication value into a PUF OTP certificate in operation 560 and generate a second HMAC key in operation 570 . For example, the PUF OTP server 100 may generate a second HMAC key by inputting the unique SIM number of the user terminal 200 into the HMAC key generation algorithm.

According to an embodiment, the second HMAC key may be generated by the PUF OTP server 100 in advance, for example, based on the SIM ID number received when the user terminal 200 receives a SIM card issued at reference number 510. can According to another embodiment, if the PUF OTP server 100 has never generated the second HMAC key, the PUF OTP server 100 requests and receives the SIM ID number of the user terminal 200 from the subscriber information server (not shown). And, a second HMAC key can be generated with the SIM-specific number of the user terminal 200. The first HMAC key and the second HMAC key generated based on the SIM ID number of the same user terminal 200 may have the same value.

According to an embodiment, the PUF OTP server 100 may generate a second OTP authentication value from a second HMAC key in operation 580 and verify whether the first OTP authentication value and the second OTP authentication value correspond to each other in operation 590. there is. Since the HMAC key is generated based on the SIM ID number for the same user terminal 200 and the OTP authentication value is generated based on the HMAC key, the first OTP authentication value and the second OTP authentication value may correspond to each other. For example, both authentication values may have the same value.

By generating the HMAC key at reference number 510 based on the SIM ID number of the user terminal 200, the PUF OTP server 100 receives the HMAC key from the PUF OTP applet 250 during the verification process between the OTP authentication values at reference number 530. It is possible to verify the OTP authentication value by generating an HMAC key based on the USIM unique number and generating an OTP authentication value without receiving separately.

<How to operate the PUF OTP server>

6 is a flowchart illustrating a method of operating a PUF OTP server according to various embodiments.

Operations 610 to 640 are the PUF payment authentication process described above with reference to FIG. 3 viewed from the side of the PUF OTP server 100. may be omitted. According to an embodiment, operations 610 to 640 may be performed by the processor 120 of the PUF OTP server 100 described above with reference to FIG. 1 .

According to an embodiment, in operation 610, the processor 120 of the PUF OTP server 100 may receive payment information from the PG server 300 and transmit the payment information together with the PUF OTP certificate to the user terminal 200. Operation 610 may correspond to operation 310 of FIG. 3 .

According to an embodiment, the PUF OTP applet 250 included in the user terminal 200 may generate a first OTP authentication value and encrypt it with a PUF OTP certificate.

According to an embodiment, in operation 620, the processor 120 may receive a first OTP authentication value encrypted with the PUF OTP certificate from the user terminal 200 and decrypt the first OTP authentication value with the PUF OTP certificate. At this time, the user terminal 200 may display the first authentication value for user confirmation among the first OTP authentication values.

According to an embodiment, in operation 630, the processor 120 may generate a second OTP authentication value and verify whether it corresponds to the first OTP authentication value. Operations 620 and 630 may correspond to operations 340 and 350 of FIG. 3 .

According to an embodiment, in operation 640, the processor 120 may generate a second user confirmation authentication value from the second OTP authentication value and transmit it to the PG server 300. Operation 640 may correspond to operations 355 and 360 of FIG. 3 .

According to an embodiment, the authentication value for second user confirmation may be encrypted with a PG certificate, decrypted by the PG server, and the authentication value for second user confirmation may be transmitted to the user terminal 200 . According to an embodiment, the PG server 300 may complete authentication based on a user input regarding whether the authentication value for first user confirmation and the authentication value for second user confirmation displayed on the user terminal 200 correspond. there is.

<How to verify OTP of PUF OTP server>

7 is a flowchart illustrating a method of verifying a PUF OTP authentication value of a PUF OTP server according to various embodiments.

Operations 710 to 750 are the PUF OTP authentication value verification process described above with reference to FIG. 5 viewed from the side of the PUF OTP server 100. Content may be omitted. According to an embodiment, operations 710 to 750 may be performed by the processor 120 of the PUF OTP server 100 described above with reference to FIG. 1 .

According to an embodiment, in operation 710, the processor 120 of the PUF OTP server 100 may transmit the PUF OTP certificate to the user terminal 200 according to the payment authentication request from the user terminal 200 to the PG server 300. there is. Operation 710 may correspond to operation 535 of FIG. 5 .

According to an embodiment, in operation 720, the processor 120 of the PUF OTP server 100 receives a first OTP authentication value encrypted with a PUF OTP certificate from the PUF OTP applet 250 of the user terminal 200, and PUF It can be decrypted with OTP certificate. Operation 720 may correspond to operations 555 and 560 of FIG. 5 . According to one embodiment, as described with reference to FIG. 5, the first OTP authentication value is the user terminal 200 based on the first HMAC key generated based on the SIM unique number when the SIM of the user terminal 200 is issued. ) may be generated by the PUF OTP applet 250 .

According to an embodiment, in operation 730, the processor 120 may generate a second HMAC key based on the HMAC key generation algorithm and the USIM-specific number of the user terminal 200. As described above in FIG. 5, the second HMAC key may be generated by receiving a SIM unique number from the SIM issuing device when the user terminal 200 receives the SIM, or the first OTP encrypted in operation 720. After receiving the authentication value, it may be generated by receiving a unique SIM number of the user terminal 200 from a subscriber information server (not shown). Operation 730 may correspond to operation 570 of FIG. 5 .

According to an embodiment, in operation 740, the processor 120 may generate a second OTP authentication value based on the HMAC algorithm and the second HMAC key. Operation 740 may correspond to operation 580 of FIG. 5 .

According to an embodiment, in operation 750, the processor 120 may verify whether the decrypted first OTP authentication value corresponds to the second OTP authentication value. For example, when the first OTP authentication value and the second OTP authentication value are the same, the processor 120 may determine that the OTP authentication values correspond. Operation 750 may correspond to operation 590 of FIG. 5 .

The embodiments described above may be implemented as hardware components, software components, and/or a combination of hardware components and software components. For example, the devices, methods and components described in the embodiments may include, for example, a processor, a controller, an arithmetic logic unit (ALU), a digital signal processor, a microcomputer, a field programmable gate (FPGA). array), programmable logic units (PLUs), microprocessors, or any other device capable of executing and responding to instructions. The processing device may execute an operating system (OS) and software applications running on the operating system. A processing device may also access, store, manipulate, process, and generate data in response to execution of software. For convenience of understanding, there are cases in which one processing device is used, but those skilled in the art will understand that the processing device includes a plurality of processing elements and/or a plurality of types of processing elements. It can be seen that it can include. For example, a processing device may include a plurality of processors or a processor and a controller. Other processing configurations are also possible, such as parallel processors.

Software may include a computer program, code, instructions, or a combination of one or more of the foregoing, which configures a processing device to operate as desired or processes independently or collectively. You can command the device. Software and/or data may be any tangible machine, component, physical device, virtual equipment, computer storage medium or device, intended to be interpreted by or provide instructions or data to a processing device. , or may be permanently or temporarily embodied in a transmitted signal wave. Software may be distributed on networked computer systems and stored or executed in a distributed manner. Software and data may be stored on computer readable media.

The method according to the embodiment may be implemented in the form of program instructions that can be executed through various computer means and recorded on a computer readable medium. The computer readable medium may include program instructions, data files, data structures, etc. alone or in combination, and the program instructions recorded on the medium may be specially designed and configured for the embodiment or may be known and usable to those skilled in the art of computer software. may be Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks and magnetic tapes, optical media such as CD-ROMs and DVDs, and magnetic media such as floptical disks. - includes hardware devices specially configured to store and execute program instructions, such as magneto-optical media, and ROM, RAM, flash memory, and the like. Examples of program instructions include high-level language codes that can be executed by a computer using an interpreter, as well as machine language codes such as those produced by a compiler.

The hardware device described above may be configured to operate as one or a plurality of software modules to perform the operations of the embodiments, and vice versa.

As described above, although the embodiments have been described with limited drawings, those skilled in the art can apply various technical modifications and variations based on this. For example, the described techniques may be performed in an order different from the method described, and/or components of the described system, structure, device, circuit, etc. may be combined or combined in a different form than the method described, or other components may be used. Or even if it is replaced or substituted by equivalents, appropriate results can be achieved.

Therefore, other implementations, other embodiments, and equivalents of the claims are within the scope of the following claims.

Claims (19)

In the operation method of the PUF (Physical Unclonable Function) OTP (One Time Password) server,
receiving payment information from a payment gateway (PG) server according to an authentication request through a user terminal, and transmitting the payment information and PUF OTP certificate to the user terminal;
Receiving and decrypting a first OTP authentication value encrypted with the PUF OTP certificate from the user terminal - The first OTP authentication value is sent from the PUF OTP applet included in the user terminal to the USIM (Universal Subscriber Identify Module) Generated based on a serial number and encrypted with the PUF OTP certificate, and among the first OTP authentication values, an authentication value for first user identification is displayed on the user terminal -;
generating a second OTP authentication value based on the USIM-specific number of the user terminal and verifying whether the decrypted first OTP authentication value corresponds to the second OTP authentication value;
Transmitting a second user confirmation authentication value and the verification result among the second OTP authentication values to the user terminal through the PG server, wherein the second user confirmation authentication value is displayed on the user terminal;
including,
The PG server completes authentication based on a user input that the first user confirmation authentication value and the second user confirmation authentication value correspond.
method.
According to claim 1,
The first OTP authentication value and the second OTP authentication value are generated based on a Hash-based Message Authentication Code (HMAC) key generation algorithm and an HMAC algorithm predefined by the PUF OTP applet and the PUF OTP server,
method.
According to claim 2,
The HMAC key generation algorithm and the HMAC algorithm are transmitted from the PUF OTP server to the PUF OTP applet when the USIM of the user terminal is issued together with the PUF OTP certificate;
The PUF OTP applet,
Generating a first HMAC key based on the HMAC key generation algorithm and the USIM-specific number of the user terminal;
Storing the HMAC algorithm, the PUF OTP certificate, and the first HMAC key,
method.
According to claim 3,
When the payment information and the PUF OTP certificate are transmitted from the PUF OTP server to the user terminal according to the authentication request of the user terminal,
The PUF OTP applet,
When the stored PUF OTP certificate and the received PUF OTP certificate correspond,
Generating the first OTP authentication value based on the stored HMAC algorithm, the payment information, and the stored first HMAC key, encrypting the first OTP authentication value with the PUF OTP certificate, and transmitting it to the PUF OTP server,
method.
According to claim 2,
The operation of the PUF OTP server generating the second OTP authentication value and verifying whether the decrypted first OTP authentication value corresponds to the second OTP authentication value,
generating a second HMAC key based on the HMAC key generation algorithm and the USIM-specific number of the user terminal;
generating the second OTP authentication value based on the HMAC algorithm, the payment information, and the second HMAC key; and
An operation of verifying whether the decrypted first OTP authentication value corresponds to the second OTP authentication value
including,
method.
According to claim 1,
The payment information and the PUF OTP certificate are transmitted from the PUF OTP server to the user terminal through a SIM Toolkit message,
The first OTP authentication value encrypted with the PUF OTP certificate is transmitted from the user terminal to the PUF OTP server through a SIM Toolkit message.
method.
According to claim 1,
The payment information,
Including at least one of the transaction number, product name and transaction amount,
method.
In the PUF (Physical Unclonable Function) OTP (One Time Password) server,
Receiving payment information from a Payment Gateway (PG) server according to an authentication request through a user terminal, transmitting the payment information and PUF OTP certificate to the user terminal, and a first OTP encrypted with the PUF OTP certificate from the user terminal An authentication value is received, and an authentication value for second user confirmation among the second OTP authentication values and a verification result of whether the first OTP authentication value and the second OTP authentication value correspond to the user terminal through the PG server communication interface for transmission;
a memory in which computer-executable instructions are stored; and
A processor that accesses the memory and executes the instructions
including,
The processor decrypts the first OTP authentication value encrypted with the PUF OTP certificate, generates a second OTP authentication value based on a universal subscriber identification module (USIM) serial number of the user terminal, and verifying whether the decrypted first OTP authentication value and the second OTP authentication value correspond;
The first OTP authentication value is generated based on the USIM-specific number of the user terminal in a PUF OTP applet included in the user terminal and encrypted with the PUF OTP certificate, and the first user among the first OTP authentication values An authentication value for confirmation is displayed on the user terminal,
The authentication value for the second user confirmation is displayed on the user terminal,
The PG server completes authentication based on a user input indicating that the first user confirmation authentication value and the second user confirmation authentication value correspond.
PUF OTP Server.
According to claim 8,
The first OTP authentication value and the second OTP authentication value are generated based on a Hash-based Message Authentication Code (HMAC) key generation algorithm and an HMAC algorithm predefined by the PUF OTP applet and the PUF OTP server,
PUF OTP Server.
According to claim 9,
The HMAC key generation algorithm and the HMAC algorithm are transmitted from the PUF OTP server to the PUF OTP applet when the USIM of the user terminal is issued together with the PUF OTP certificate;
The PUF OTP applet,
Generating a first HMAC key based on the HMAC key generation algorithm and the USIM-specific number of the user terminal;
Storing the HMAC algorithm, the PUF OTP certificate, and the first HMAC key,
PUF OTP Server.
According to claim 10,
When the payment information and the PUF OTP certificate are transmitted from the PUF OTP server to the user terminal according to the authentication request of the user terminal,
The PUF OTP applet,
When the stored PUF OTP certificate and the received PUF OTP certificate correspond,
Generating the first OTP authentication value based on the stored HMAC algorithm, the payment information, and the stored first HMAC key, encrypting the first OTP authentication value with the PUF OTP certificate, and transmitting it to the PUF OTP server;
PUF OTP Server.
According to claim 9,
the processor,
Generating a second HMAC key based on the HMAC key generation algorithm and the USIM-specific number of the user terminal;
Generating the second OTP authentication value based on the HMAC algorithm, the payment information, and the second HMAC key;
Verifying whether the decrypted first OTP authentication value and the second OTP authentication value correspond,
PUF OTP Server.
According to claim 8,
The payment information and the PUF OTP certificate are transmitted from the PUF OTP server to the user terminal through a SIM Toolkit message,
The first OTP authentication value encrypted with the PUF OTP certificate is transmitted from the user terminal to the PUF OTP server through a SIM Toolkit message.
PUF OTP Server.
According to claim 8,
The payment information,
Including at least one of the transaction number, product name and transaction amount,
PUF OTP Server.
In the OTP authentication value verification method of a PUF (Physical Unclonable Function) OTP (One Time Password) server,
transmitting a PUF OTP certificate to a PUF OTP applet of the user terminal according to an authentication request from the user terminal;
Receiving and decrypting a first OTP authentication value encrypted with the PUF OTP certificate from the PUF OTP applet - the first OTP authentication value is a Universal Subscriber Identify Module (USIM) identification number of the user terminal in the PUF OTP applet ( serial number) -;
Generating a second HMAC key based on an HMAC key generation algorithm and a USIM-specific number of the user terminal;
generating a second OTP authentication value based on an HMAC algorithm and the second HMAC key; and
An operation of verifying whether the decrypted first OTP authentication value corresponds to the second OTP authentication value
including,
How to verify the OTP authentication value of the PUF OTP server.
According to claim 15,
The HMAC key generation algorithm and the HMAC algorithm are transmitted from the PUF OTP server to the PUF OTP applet when the USIM of the user terminal is issued together with the PUF OTP certificate;
The PUF OTP applet,
Generating a first HMAC key based on the HMAC key generation algorithm and the USIM-specific number of the user terminal;
Storing the HMAC algorithm, the PUF OTP certificate, and the first HMAC key,
How to verify the OTP authentication value of the PUF OTP server.
According to claim 16,
The PUF OTP applet,
When the PUF OTP certificate is received from the PUF OTP server according to the authentication request of the user terminal,
When the stored PUF OTP certificate and the received PUF OTP certificate correspond,
generating the first OTP authentication value based on the stored HMAC algorithm and the stored first HMAC key, encrypting the first OTP authentication value with the PUF OTP certificate, and transmitting it to the PUF OTP server;
How to verify the OTP authentication value of the PUF OTP server.
In the user terminal,
A communication interface for communicating with a Physical Unclonable Function (PUF) One Time Password (OTP) server and a Payment Gateway (PG) server;
a display module configured to display an authentication value for first user confirmation and an authentication value for second user confirmation;
a memory in which computer-executable instructions are stored; and
A processor that accesses the memory and executes the instructions
including,
The processor receives payment information and a PUF OTP certificate from the PUF OTP server as it requests authentication from a Payment Gateway (PG) server, and converts the first OTP authentication value to a universal subscriber identification module (USIM) unique number of the user terminal ( serial number), encrypts the PUF OTP certificate, displays the first user confirmation authentication value among the first OTP authentication values, and transmits the encrypted first OTP authentication value to the PUF OTP server. And, among the second OTP authentication values generated by the PUF OTP server based on the USIM-specific number of the user terminal, the second authentication value for user confirmation is received from the PG server and displayed;
Transmitting a user input indicating that the first user confirmation authentication value and the second user confirmation authentication value correspond to the PG server,
user terminal.
A computer program stored in a computer readable recording medium to be combined with hardware to execute the method of any one of claims 1 to 7 and 15 to 17.

Images