KR20070010874A - Method of transfering payment key among electronic cash systems using public key certificate - Google Patents

Method of transfering payment key among electronic cash systems using public key certificate Download PDF

Info

Publication number
KR20070010874A
KR20070010874A KR1020050065849A KR20050065849A KR20070010874A KR 20070010874 A KR20070010874 A KR 20070010874A KR 1020050065849 A KR1020050065849 A KR 1020050065849A KR 20050065849 A KR20050065849 A KR 20050065849A KR 20070010874 A KR20070010874 A KR 20070010874A
Authority
KR
South Korea
Prior art keywords
public key
key
certificate
electronic money
application module
Prior art date
Application number
KR1020050065849A
Other languages
Korean (ko)
Inventor
구경본
Original Assignee
주식회사 유비닉스
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 주식회사 유비닉스 filed Critical 주식회사 유비닉스
Priority to KR1020050065849A priority Critical patent/KR20070010874A/en
Publication of KR20070010874A publication Critical patent/KR20070010874A/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/36Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
    • G06Q20/367Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
    • G06Q20/3674Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes involving authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/40Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists

Abstract

A method for transferring a purchase key among electronic cash companies with a public key certificate is provided to transfer an electronic cash purchase key by using an asymmetrical key encryption algorithm based on the public key certificate. A public certificate authority generates a private and a public key for the asymmetrical encryption algorithm. The electronic cash company generates a pair of the private and public key for the asymmetrical encryption algorithm, and requests the public certificate authority to issue the public key certificate for the electronic cash company. A secure application module smart card generates the pair of the private and public key, and requests the electronic cash company to issue the public key certificate for a secure application module. The electronic cash company loads the public key certificate for an electronic cash company public key and the certificate for a secure application module public key when the secure application module is issued.

Description

공개키 인증서를 이용한 전자화폐사간 구매키 전달 방법 {METHOD OF TRANSFERING PAYMENT KEY AMONG ELECTRONIC CASH SYSTEMS USING PUBLIC KEY CERTIFICATE}How to pass purchase key between electronic money companies using public key certificate {METHOD OF TRANSFERING PAYMENT KEY AMONG ELECTRONIC CASH SYSTEMS USING PUBLIC KEY CERTIFICATE}

도 1은 종래 전자화폐사 키 전달 과정을 도시한 흐름도1 is a flow chart illustrating a conventional electronic money company key delivery process

도 2는 본 발명의 전자화폐사 공개키 인증서 및 보안 응용 모듈의 공개키 인증서 전달 과정을 도시한 흐름도2 is a flowchart illustrating a public key certificate delivery process of the electronic money company public key certificate and security application module of the present invention.

도 3은 본 발명의 공인 인증기관의 공개키 전달 과정을 도시한 흐름도3 is a flowchart illustrating a public key delivery process of an accredited certification authority of the present invention.

도 4는 본 발명의 보안 응용 모듈과 키 카드간의 타 전자화폐사 키 전달 과정을 도시한 흐름도 4 is a flowchart illustrating a process of delivering another electronic money company key between a security application module and a key card of the present invention.

본 발명은 스마트카드 전자화폐 시스템의 보안 응용 모듈용 카드에 타 전자화폐사의 전자화폐 구매용 키를 안전하게 전달하는 시스템이다.The present invention is a system for securely delivering a key for purchasing electronic money of another electronic money company to the card for the security application module of the smart card electronic money system.

통상적으로, 전자화폐 시스템은 전자화폐 어플리케이션이 탑재된 사용자용 스마트카드; 사용자 스마트카드의 전자화폐 어플리케이션과 지불 거래를 수행하는 지불 단말기의 보안 응용 모듈용 스마트카드; 로 운영되며, 보안 응용 모듈용 스마 트카드는 전자화폐의 거래를 위한 구매용 마스터키가 탑재되어 있으며, 이러한 구매용 마스터키는 전자화폐 시스템 사업자의 키 관리 시스템에 의하여 보안 응용 모듈용 스마트카드에 안전하게 탑재된다. 특정 사업자에 의해 운영되는 전자화폐 시스템에 타 사업자에 의해 운영되는 전자화폐를 호환 사용 가능하게 하기 위하여, 보안 응용 모듈용 스마트카드에 타 사업자의 전자화폐 구매용 마스터키를 안전하게 탑재하여야 하며 그 운영에 있어 높은 신뢰성을 요구한다.Typically, the electronic money system includes a smart card for a user equipped with an electronic money application; A smart card for a security application module of a payment terminal that performs a payment transaction with an electronic money application of a user smart card; The smart card for security application module is equipped with a purchase master key for transactions of electronic money, and this purchase master key is applied to the smart card for security application module by the key management system of the electronic money system operator. Safely mounted In order to enable the electronic money operated by other operators to be compatible with the electronic money system operated by a specific operator, the smart card for the security application module must be securely loaded with a master key for purchasing electronic money of another operator. It requires high reliability.

한편, 종래의 기술에 따른 서로 다른 전자화폐 시스템의 구매용 마스터키 전달 방식은 대칭 키 암호 알고리즘을 이용한 구매키 전달 방식이다. 이러한 대칭키 암호 알고리즘을 이용한 구매키 전달 방식은 보안 응용 모듈용 스마트카드와 키 전달용 키 카드가 서로 동일한 공통 키를 가지고 있어야 하며, 이는 구매키가 타 전자화폐사에 노출될 위험성을 내재하는 문제점이 있다. Meanwhile, the purchase master key delivery method of the electronic money system according to the related art is a purchase key delivery method using a symmetric key cryptographic algorithm. The purchase key delivery method using the symmetric key cryptographic algorithm requires that the smart card for the security application module and the key delivery key card have the same common key, which implies a problem that the purchase key is exposed to other electronic money companies. have.

상기한 문제를 해결하기 위해서 본 발명에서는 공인키 인증서기반의 비 대칭키 암호 알고리즘을 사용하는 키 전달 방법을 제공하는 것을 목적으로 한다.In order to solve the above problems, an object of the present invention is to provide a key transfer method using a non-symmetric key cryptographic algorithm based on a public key certificate.

상기한 목적을 달성하기 위해서 본 발명은 전자화폐 사업자용 공개키 인증서를 제공하는 공인 인증기관; 보안 응용 모듈용 공개키 인증서를 제공하는 전자화폐 사업자; 공개키 인증서를 탑재하고 전자화폐 구매 거래를 수행하는 보안 응용 모듈; 타 전자화폐사의 전자화폐 구매키를 전달하는 키 카드; 로 구성된다.In order to achieve the above object, the present invention provides a public certification authority for providing a public key certificate for electronic money operators; An electronic money provider providing a public key certificate for a security application module; A security application module that carries a public key certificate and performs an electronic money purchase transaction; A key card for transmitting an electronic money purchase key of another electronic money company; It consists of.

본 발명에서 공인 인증기관은 비 대칭키 암호 알고리즘용 비밀 키 및 공개키 를 생성한다. 전자화폐사는 역시 비 대칭키 암호 알고리즘용 비밀 키 및 공개키 쌍을 생성하고, 공인 인증기관에게 전자화폐사 공개키 인증서 발급을 요청한다. 또한 보안 응용 모듈용 스마트카드는 비 대칭키 암호 알고리즘용 비밀 키 및 공개키 쌍을 생성하고, 전자화폐사에게 보안 응용 모듈용 공개키 인증서 발급을 요청한다. 전자화폐사는 공인 인증기관으로부터 제공되는 전자화폐사용 공개키에 대한 공인 인증서와 보안 응용 모듈용 공개키에 대한 인증서를 보안 응용 모듈 발급 시에 탑재한다. 공인 인증기관은 상기 보안 응용 모듈에 의해 운영되는 전자화폐 시스템에 구매키를 안전하게 전달하고자하는 타 전자화폐사에게 공인 인증기관용 비 대칭키 암호알고리즘의 공개키를 제공한다. 공인 인증기관으로부터 공개키를 제공받은 타 전자 화폐 사는 키 카드에 전달하고자하는 구매키와 공인 인증기관용 공개키를 탑재하여 상기 보안 응용 모듈을 운영하는 전자화폐사에게 제공한다. In the present invention, the certification authority generates a secret key and a public key for an asymmetric key cryptographic algorithm. The electronic money company also generates a secret key and public key pair for the asymmetric key cryptographic algorithm, and requests a certificate authority to issue the electronic money company public key certificate. In addition, the smart card for the security application module generates a secret key and public key pair for the asymmetric key cryptographic algorithm, and requests the electronic money company to issue a public key certificate for the security application module. The electronic money company mounts a certificate for a public key for use of electronic money and a certificate for a public key for a security application module when issuing a security application module. The accredited certification authority provides the public key of the asymmetric key cryptographic algorithm for the accredited certification authority to other electronic money companies that want to securely transfer the purchase key to the electronic money system operated by the security application module. The other electronic money company provided with the public key from the authorized certification authority provides the electronic money company operating the security application module with the purchase key to be delivered to the key card and the public key for the certification authority.

키 카드를 전달 받은 전자화폐사는 보안 응용 모듈용 스마트카드와 키 카드간의 구매키 전달 과정을 수행하며, 이 과정은 다음과 같다. 키 카드는 보안 응용 모듈용 스마트카드로부터 전자화폐사 공개키에 대한 공인 인증서와, 보안 응용 모듈용 공개키에 대한 인증서를 제공받고, 공인 인증기관용 공개키를 이용하여 전자화폐사 공개키에 대한 공이 인증서를 검증한 후 전자화폐사 공개키를 추출한다. 또한 전자화폐사 공개키를 이용하여 보안 응용 모듈용 공개키에 대한 인증서를 검증하고 보안 응용 모듈용 공개키를 추출한다. 키 카드는 추출한 보안 응용 모듈용 공개키를 이용하여 전달하고자하는 구매키를 비 대칭키 암호 알고리즘으로 암호화 하여 보안 응용 모듈에게 전달한다. 보안 응용 모듈은 키 카드로부터 전달 받은 암호 화된 구매키를 보안 응용 모듈용 비밀 키로 복호화함으로써, 타 전자화폐사의 구매키를 안전하게 저장한다. The electronic money company that has received the key card performs the purchase key transfer process between the smart card for the security application module and the key card. This process is as follows. The key card receives a certificate for the public key for the electronic money company and a certificate for the public key for the security application module from the smart card for the security application module, and the certificate for the public key for the electronic money company is obtained using the public key for the certificate authority. After verification, the public key of the electronic money is extracted. In addition, the certificate of the public key for the security application module is verified using the public key of the electronic money company, and the public key for the security application module is extracted. The key card encrypts the purchase key to be delivered using the extracted public key for the security application module with an asymmetric key cryptographic algorithm and delivers it to the security application module. The security application module securely stores the purchase key of another electronic money company by decrypting the encrypted purchase key received from the key card with the secret key for the security application module.

이상 설명한 바와 같이, 본 발명에 따르면, 하나의 전자화폐사 보안 응용 모듈에 타 전자화폐사의 구매키를 안전하게 전달할 수 있는 장점이 있다.As described above, according to the present invention, there is an advantage that can safely transfer the purchase key of another electronic money company to one electronic money company security application module.

Claims (1)

공개키 인증서를 이용한 전자화폐사 구매키 전달 방법에 있어서, 전자화폐사 공개키 인증서를 제공하는 공인 인증기관; 보안 응용 모듈용 공개키 인증서를 제공하는 전자화폐사; 공인인증기관의 공개키와 타 전자화폐사의 구매키를 탑재한 키 카드;로 구성되는 공개키 인증서를 이용한 전자화폐사간 구매키 전달 방법.An electronic money purchase key delivery method using a public key certificate, comprising: an authorized certification authority for providing an electronic money company public key certificate; An electronic money company providing a public key certificate for a security application module; A method of delivering a purchase key between electronic money companies using a public key certificate consisting of a key card including a public key of an accredited certification authority and a purchase key of another electronic money company.
KR1020050065849A 2005-07-20 2005-07-20 Method of transfering payment key among electronic cash systems using public key certificate KR20070010874A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020050065849A KR20070010874A (en) 2005-07-20 2005-07-20 Method of transfering payment key among electronic cash systems using public key certificate

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020050065849A KR20070010874A (en) 2005-07-20 2005-07-20 Method of transfering payment key among electronic cash systems using public key certificate

Publications (1)

Publication Number Publication Date
KR20070010874A true KR20070010874A (en) 2007-01-24

Family

ID=38012014

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020050065849A KR20070010874A (en) 2005-07-20 2005-07-20 Method of transfering payment key among electronic cash systems using public key certificate

Country Status (1)

Country Link
KR (1) KR20070010874A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8043742B2 (en) 2008-06-09 2011-10-25 Samsung Sdi Co., Ltd. Secondary battery
KR20230028022A (en) 2021-08-20 2023-02-28 지영배 A Nano bubble dishwasher
KR20230028021A (en) 2021-08-20 2023-02-28 지영배 A Nano bubble device for dishwasher
KR20230040717A (en) 2021-09-16 2023-03-23 지효근 A Nano bubble dishwasher
KR20230040716A (en) 2021-09-16 2023-03-23 지효근 A Nano bubble device

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8043742B2 (en) 2008-06-09 2011-10-25 Samsung Sdi Co., Ltd. Secondary battery
KR20230028022A (en) 2021-08-20 2023-02-28 지영배 A Nano bubble dishwasher
KR20230028021A (en) 2021-08-20 2023-02-28 지영배 A Nano bubble device for dishwasher
KR20230040717A (en) 2021-09-16 2023-03-23 지효근 A Nano bubble dishwasher
KR20230040716A (en) 2021-09-16 2023-03-23 지효근 A Nano bubble device

Similar Documents

Publication Publication Date Title
US10666428B2 (en) Efficient methods for protecting identity in authenticated transmissions
CN103729945B (en) A kind of method and system of secure download terminal master key
US9647845B2 (en) Key downloading method, management method, downloading management method, device and system
US9806889B2 (en) Key downloading method, management method, downloading management method, device and system
US9948624B2 (en) Key downloading method, management method, downloading management method, device and system
US20160028539A1 (en) Key management method and system
CN102801730B (en) Information protection method and device for communication and portable devices
CA3081876A1 (en) System and method for secure communication in a retail environment
TWI591553B (en) Systems and methods for mobile devices to trade financial documents
CN103905196B (en) A kind of PIN turns encryption method
CN101227276B (en) Method and system for public key safety transfer of digital mobile certificate
KR20040034165A (en) Method for distrubution of copyright protected digital contents
CN108460597B (en) Key management system and method
KR20070010874A (en) Method of transfering payment key among electronic cash systems using public key certificate
KR20140071775A (en) Cryptography key management system and method thereof
KR20130019929A (en) How to use certificate by using secure reader
KR20040006651A (en) Security system and method in buying device based on the smart card
JPH1078988A (en) Electronic business transaction system
KR20060020305A (en) Mobile 3d secure protocol using ecc
JP2004334783A (en) Electronic value distribution system and electronic value distribution method

Legal Events

Date Code Title Description
A201 Request for examination
N231 Notification of change of applicant
E902 Notification of reason for refusal
E601 Decision to refuse application