KR20170087663A - Apparatus for performing on behalf an electronic signature for client terminal and operating method thereof - Google Patents
Apparatus for performing on behalf an electronic signature for client terminal and operating method thereof Download PDFInfo
- Publication number
- KR20170087663A KR20170087663A KR1020160007506A KR20160007506A KR20170087663A KR 20170087663 A KR20170087663 A KR 20170087663A KR 1020160007506 A KR1020160007506 A KR 1020160007506A KR 20160007506 A KR20160007506 A KR 20160007506A KR 20170087663 A KR20170087663 A KR 20170087663A
- Authority
- KR
- South Korea
- Prior art keywords
- key
- private key
- digital signature
- client terminal
- encrypted
- Prior art date
Links
- 238000011017 operating method Methods 0.000 title 1
- 238000006467 substitution reaction Methods 0.000 claims abstract description 26
- 230000000875 corresponding Effects 0.000 claims description 16
- 230000004044 response Effects 0.000 claims description 11
- 230000005540 biological transmission Effects 0.000 claims description 4
- 238000011084 recovery Methods 0.000 claims description 4
- 238000004590 computer program Methods 0.000 claims description 2
- 238000000638 solvent extraction Methods 0.000 claims description 2
- 239000000284 extract Substances 0.000 description 6
- 238000010586 diagram Methods 0.000 description 4
- 238000000034 method Methods 0.000 description 4
- 239000000203 mixture Substances 0.000 description 4
- 230000004048 modification Effects 0.000 description 3
- 238000006011 modification reaction Methods 0.000 description 3
- 206010057190 Respiratory tract infection Diseases 0.000 description 2
- 230000014509 gene expression Effects 0.000 description 2
- 125000002066 L-histidyl group Chemical group data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0nMS4wJyBlbmNvZGluZz0naXNvLTg4NTktMSc/Pgo8c3ZnIHZlcnNpb249JzEuMScgYmFzZVByb2ZpbGU9J2Z1bGwnCiAgICAgICAgICAgICAgeG1sbnM9J2h0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnJwogICAgICAgICAgICAgICAgICAgICAgeG1sbnM6cmRraXQ9J2h0dHA6Ly93d3cucmRraXQub3JnL3htbCcKICAgICAgICAgICAgICAgICAgICAgIHhtbG5zOnhsaW5rPSdodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rJwogICAgICAgICAgICAgICAgICB4bWw6c3BhY2U9J3ByZXNlcnZlJwp3aWR0aD0nMzAwcHgnIGhlaWdodD0nMzAwcHgnIHZpZXdCb3g9JzAgMCAzMDAgMzAwJz4KPCEtLSBFTkQgT0YgSEVBREVSIC0tPgo8cmVjdCBzdHlsZT0nb3BhY2l0eToxLjA7ZmlsbDojRkZGRkZGO3N0cm9rZTpub25lJyB3aWR0aD0nMzAwLjAnIGhlaWdodD0nMzAwLjAnIHg9JzAuMCcgeT0nMC4wJz4gPC9yZWN0Pgo8cGF0aCBjbGFzcz0nYm9uZC0wIGF0b20tMCBhdG9tLTEnIGQ9J00gMjYxLjksMTQ4LjIgTCAyNTcuNSwxMzIuNycgc3R5bGU9J2ZpbGw6bm9uZTtmaWxsLXJ1bGU6ZXZlbm9kZDtzdHJva2U6IzQyODRGNDtzdHJva2Utd2lkdGg6Mi4wcHg7c3Ryb2tlLWxpbmVjYXA6YnV0dDtzdHJva2UtbGluZWpvaW46bWl0ZXI7c3Ryb2tlLW9wYWNpdHk6MScgLz4KPHBhdGggY2xhc3M9J2JvbmQtMCBhdG9tLTAgYXRvbS0xJyBkPSdNIDI1Ny41LDEzMi43IEwgMjUzLjEsMTE3LjInIHN0eWxlPSdmaWxsOm5vbmU7ZmlsbC1ydWxlOmV2ZW5vZGQ7c3Ryb2tlOiMzQjQxNDM7c3Ryb2tlLXdpZHRoOjIuMHB4O3N0cm9rZS1saW5lY2FwOmJ1dHQ7c3Ryb2tlLWxpbmVqb2luOm1pdGVyO3N0cm9rZS1vcGFjaXR5OjEnIC8+CjxwYXRoIGNsYXNzPSdib25kLTEwIGF0b20tMTAgYXRvbS0wJyBkPSdNIDIyNS41LDE5Mi42IEwgMjM4LjQsMTg0LjAnIHN0eWxlPSdmaWxsOm5vbmU7ZmlsbC1ydWxlOmV2ZW5vZGQ7c3Ryb2tlOiMzQjQxNDM7c3Ryb2tlLXdpZHRoOjIuMHB4O3N0cm9rZS1saW5lY2FwOmJ1dHQ7c3Ryb2tlLWxpbmVqb2luOm1pdGVyO3N0cm9rZS1vcGFjaXR5OjEnIC8+CjxwYXRoIGNsYXNzPSdib25kLTEwIGF0b20tMTAgYXRvbS0wJyBkPSdNIDIzOC40LDE4NC4wIEwgMjUxLjMsMTc1LjMnIHN0eWxlPSdmaWxsOm5vbmU7ZmlsbC1ydWxlOmV2ZW5vZGQ7c3Ryb2tlOiM0Mjg0RjQ7c3Ryb2tlLXdpZHRoOjIuMHB4O3N0cm9rZS1saW5lY2FwOmJ1dHQ7c3Ryb2tlLWxpbmVqb2luOm1pdGVyO3N0cm9rZS1vcGFjaXR5OjEnIC8+CjxwYXRoIGNsYXNzPSdib25kLTEgYXRvbS0xIGF0b20tMicgZD0nTSAyNTMuMSwxMTcuMiBMIDIzNi44LDExNi42JyBzdHlsZT0nZmlsbDpub25lO2ZpbGwtcnVsZTpldmVub2RkO3N0cm9rZTojM0I0MTQzO3N0cm9rZS13aWR0aDoyLjBweDtzdHJva2UtbGluZWNhcDpidXR0O3N0cm9rZS1saW5lam9pbjptaXRlcjtzdHJva2Utb3BhY2l0eToxJyAvPgo8cGF0aCBjbGFzcz0nYm9uZC0xIGF0b20tMSBhdG9tLTInIGQ9J00gMjM2LjgsMTE2LjYgTCAyMjAuNiwxMTYuMCcgc3R5bGU9J2ZpbGw6bm9uZTtmaWxsLXJ1bGU6ZXZlbm9kZDtzdHJva2U6IzQyODRGNDtzdHJva2Utd2lkdGg6Mi4wcHg7c3Ryb2tlLWxpbmVjYXA6YnV0dDtzdHJva2UtbGluZWpvaW46bWl0ZXI7c3Ryb2tlLW9wYWNpdHk6MScgLz4KPHBhdGggY2xhc3M9J2JvbmQtMSBhdG9tLTEgYXRvbS0yJyBkPSdNIDI0Ny44LDEyNi45IEwgMjM2LjUsMTI2LjUnIHN0eWxlPSdmaWxsOm5vbmU7ZmlsbC1ydWxlOmV2ZW5vZGQ7c3Ryb2tlOiMzQjQxNDM7c3Ryb2tlLXdpZHRoOjIuMHB4O3N0cm9rZS1saW5lY2FwOmJ1dHQ7c3Ryb2tlLWxpbmVqb2luOm1pdGVyO3N0cm9rZS1vcGFjaXR5OjEnIC8+CjxwYXRoIGNsYXNzPSdib25kLTEgYXRvbS0xIGF0b20tMicgZD0nTSAyMzYuNSwxMjYuNSBMIDIyNS4xLDEyNi4xJyBzdHlsZT0nZmlsbDpub25lO2ZpbGwtcnVsZTpldmVub2RkO3N0cm9rZTojNDI4NEY0O3N0cm9rZS13aWR0aDoyLjBweDtzdHJva2UtbGluZWNhcDpidXR0O3N0cm9rZS1saW5lam9pbjptaXRlcjtzdHJva2Utb3BhY2l0eToxJyAvPgo8cGF0aCBjbGFzcz0nYm9uZC0yIGF0b20tMiBhdG9tLTMnIGQ9J00gMTk2LjAsMTM1LjkgTCAxOTEuMiwxNDkuMCcgc3R5bGU9J2ZpbGw6bm9uZTtmaWxsLXJ1bGU6ZXZlbm9kZDtzdHJva2U6IzQyODRGNDtzdHJva2Utd2lkdGg6Mi4wcHg7c3Ryb2tlLWxpbmVjYXA6YnV0dDtzdHJva2UtbGluZWpvaW46bWl0ZXI7c3Ryb2tlLW9wYWNpdHk6MScgLz4KPHBhdGggY2xhc3M9J2JvbmQtMiBhdG9tLTIgYXRvbS0zJyBkPSdNIDE5MS4yLDE0OS4wIEwgMTg2LjQsMTYyLjAnIHN0eWxlPSdmaWxsOm5vbmU7ZmlsbC1ydWxlOmV2ZW5vZGQ7c3Ryb2tlOiMzQjQxNDM7c3Ryb2tlLXdpZHRoOjIuMHB4O3N0cm9rZS1saW5lY2FwOmJ1dHQ7c3Ryb2tlLWxpbmVqb2luOm1pdGVyO3N0cm9rZS1vcGFjaXR5OjEnIC8+CjxwYXRoIGNsYXNzPSdib25kLTMgYXRvbS0zIGF0b20tNCcgZD0nTSAxODYuNCwxNjIuMCBMIDEzOC43LDE3NS43JyBzdHlsZT0nZmlsbDpub25lO2ZpbGwtcnVsZTpldmVub2RkO3N0cm9rZTojM0I0MTQzO3N0cm9rZS13aWR0aDoyLjBweDtzdHJva2UtbGluZWNhcDpidXR0O3N0cm9rZS1saW5lam9pbjptaXRlcjtzdHJva2Utb3BhY2l0eToxJyAvPgo8cGF0aCBjbGFzcz0nYm9uZC05IGF0b20tMyBhdG9tLTEwJyBkPSdNIDE4Ni40LDE2Mi4wIEwgMjI1LjUsMTkyLjYnIHN0eWxlPSdmaWxsOm5vbmU7ZmlsbC1ydWxlOmV2ZW5vZGQ7c3Ryb2tlOiMzQjQxNDM7c3Ryb2tlLXdpZHRoOjIuMHB4O3N0cm9rZS1saW5lY2FwOmJ1dHQ7c3Ryb2tlLWxpbmVqb2luOm1pdGVyO3N0cm9rZS1vcGFjaXR5OjEnIC8+CjxwYXRoIGNsYXNzPSdib25kLTkgYXRvbS0zIGF0b20tMTAnIGQ9J00gMTk4LjQsMTU4LjggTCAyMjUuOCwxODAuMicgc3R5bGU9J2ZpbGw6bm9uZTtmaWxsLXJ1bGU6ZXZlbm9kZDtzdHJva2U6IzNCNDE0MztzdHJva2Utd2lkdGg6Mi4wcHg7c3Ryb2tlLWxpbmVjYXA6YnV0dDtzdHJva2UtbGluZWpvaW46bWl0ZXI7c3Ryb2tlLW9wYWNpdHk6MScgLz4KPHBhdGggY2xhc3M9J2JvbmQtNCBhdG9tLTQgYXRvbS01JyBkPSdNIDEzOC43LDE3NS43IEwgMTAzLjAsMTQxLjInIHN0eWxlPSdmaWxsOm5vbmU7ZmlsbC1ydWxlOmV2ZW5vZGQ7c3Ryb2tlOiMzQjQxNDM7c3Ryb2tlLXdpZHRoOjIuMHB4O3N0cm9rZS1saW5lY2FwOmJ1dHQ7c3Ryb2tlLWxpbmVqb2luOm1pdGVyO3N0cm9rZS1vcGFjaXR5OjEnIC8+CjxwYXRoIGNsYXNzPSdib25kLTUgYXRvbS01IGF0b20tNicgZD0nTSAxMDMuMCwxNDEuMiBMIDU1LjMsMTU0LjgnIHN0eWxlPSdmaWxsOm5vbmU7ZmlsbC1ydWxlOmV2ZW5vZGQ7c3Ryb2tlOiMzQjQxNDM7c3Ryb2tlLXdpZHRoOjIuMHB4O3N0cm9rZS1saW5lY2FwOmJ1dHQ7c3Ryb2tlLWxpbmVqb2luOm1pdGVyO3N0cm9rZS1vcGFjaXR5OjEnIC8+CjxwYXRoIGNsYXNzPSdib25kLTggYXRvbS01IGF0b20tOScgZD0nTSAxMDMuMCwxNDEuMiBMIDEwOC44LDEyOC4xIEwgMTA0LjAsMTI2LjkgWicgc3R5bGU9J2ZpbGw6IzNCNDE0MztmaWxsLXJ1bGU6ZXZlbm9kZDtmaWxsLW9wYWNpdHk6MTtzdHJva2U6IzNCNDE0MztzdHJva2Utd2lkdGg6Mi4wcHg7c3Ryb2tlLWxpbmVjYXA6YnV0dDtzdHJva2UtbGluZWpvaW46bWl0ZXI7c3Ryb2tlLW9wYWNpdHk6MTsnIC8+CjxwYXRoIGNsYXNzPSdib25kLTggYXRvbS01IGF0b20tOScgZD0nTSAxMDguOCwxMjguMSBMIDEwNS4wLDExMi42IEwgMTE0LjcsMTE1LjAgWicgc3R5bGU9J2ZpbGw6IzQyODRGNDtmaWxsLXJ1bGU6ZXZlbm9kZDtmaWxsLW9wYWNpdHk6MTtzdHJva2U6IzQyODRGNDtzdHJva2Utd2lkdGg6Mi4wcHg7c3Ryb2tlLWxpbmVjYXA6YnV0dDtzdHJva2UtbGluZWpvaW46bWl0ZXI7c3Ryb2tlLW9wYWNpdHk6MTsnIC8+CjxwYXRoIGNsYXNzPSdib25kLTggYXRvbS01IGF0b20tOScgZD0nTSAxMDguOCwxMjguMSBMIDEwNC4wLDEyNi45IEwgMTA1LjAsMTEyLjYgWicgc3R5bGU9J2ZpbGw6IzQyODRGNDtmaWxsLXJ1bGU6ZXZlbm9kZDtmaWxsLW9wYWNpdHk6MTtzdHJva2U6IzQyODRGNDtzdHJva2Utd2lkdGg6Mi4wcHg7c3Ryb2tlLWxpbmVjYXA6YnV0dDtzdHJva2UtbGluZWpvaW46bWl0ZXI7c3Ryb2tlLW9wYWNpdHk6MTsnIC8+CjxwYXRoIGNsYXNzPSdib25kLTYgYXRvbS02IGF0b20tNycgZD0nTSA1MC41LDE1My42IEwgNDYuNSwxNjkuMycgc3R5bGU9J2ZpbGw6bm9uZTtmaWxsLXJ1bGU6ZXZlbm9kZDtzdHJva2U6IzNCNDE0MztzdHJva2Utd2lkdGg6Mi4wcHg7c3Ryb2tlLWxpbmVjYXA6YnV0dDtzdHJva2UtbGluZWpvaW46bWl0ZXI7c3Ryb2tlLW9wYWNpdHk6MScgLz4KPHBhdGggY2xhc3M9J2JvbmQtNiBhdG9tLTYgYXRvbS03JyBkPSdNIDQ2LjUsMTY5LjMgTCA0Mi42LDE4NS4wJyBzdHlsZT0nZmlsbDpub25lO2ZpbGwtcnVsZTpldmVub2RkO3N0cm9rZTojRTg0MjM1O3N0cm9rZS13aWR0aDoyLjBweDtzdHJva2UtbGluZWNhcDpidXR0O3N0cm9rZS1saW5lam9pbjptaXRlcjtzdHJva2Utb3BhY2l0eToxJyAvPgo8cGF0aCBjbGFzcz0nYm9uZC02IGF0b20tNiBhdG9tLTcnIGQ9J00gNjAuMSwxNTYuMCBMIDU2LjIsMTcxLjcnIHN0eWxlPSdmaWxsOm5vbmU7ZmlsbC1ydWxlOmV2ZW5vZGQ7c3Ryb2tlOiMzQjQxNDM7c3Ryb2tlLXdpZHRoOjIuMHB4O3N0cm9rZS1saW5lY2FwOmJ1dHQ7c3Ryb2tlLWxpbmVqb2luOm1pdGVyO3N0cm9rZS1vcGFjaXR5OjEnIC8+CjxwYXRoIGNsYXNzPSdib25kLTYgYXRvbS02IGF0b20tNycgZD0nTSA1Ni4yLDE3MS43IEwgNTIuMywxODcuNCcgc3R5bGU9J2ZpbGw6bm9uZTtmaWxsLXJ1bGU6ZXZlbm9kZDtzdHJva2U6I0U4NDIzNTtzdHJva2Utd2lkdGg6Mi4wcHg7c3Ryb2tlLWxpbmVjYXA6YnV0dDtzdHJva2UtbGluZWpvaW46bWl0ZXI7c3Ryb2tlLW9wYWNpdHk6MScgLz4KPHBhdGggY2xhc3M9J2JvbmQtNyBhdG9tLTYgYXRvbS04JyBkPSdNIDU1LjMsMTU0LjggTCA0NC42LDE0NC41JyBzdHlsZT0nZmlsbDpub25lO2ZpbGwtcnVsZTpldmVub2RkO3N0cm9rZTojM0I0MTQzO3N0cm9rZS13aWR0aDoyLjBweDtzdHJva2UtbGluZWNhcDpidXR0O3N0cm9rZS1saW5lam9pbjptaXRlcjtzdHJva2Utb3BhY2l0eToxJyAvPgo8cGF0aCBjbGFzcz0nYm9uZC03IGF0b20tNiBhdG9tLTgnIGQ9J00gNDQuNiwxNDQuNSBMIDMzLjksMTM0LjInIHN0eWxlPSdmaWxsOm5vbmU7ZmlsbC1ydWxlOmV2ZW5vZGQ7c3Ryb2tlOiM3RjdGN0Y7c3Ryb2tlLXdpZHRoOjIuMHB4O3N0cm9rZS1saW5lY2FwOmJ1dHQ7c3Ryb2tlLWxpbmVqb2luOm1pdGVyO3N0cm9rZS1vcGFjaXR5OjEnIC8+Cjx0ZXh0IHg9JzI2MC43JyB5PScxNzQuOCcgY2xhc3M9J2F0b20tMCcgc3R5bGU9J2ZvbnQtc2l6ZToxOXB4O2ZvbnQtc3R5bGU6bm9ybWFsO2ZvbnQtd2VpZ2h0Om5vcm1hbDtmaWxsLW9wYWNpdHk6MTtzdHJva2U6bm9uZTtmb250LWZhbWlseTpzYW5zLXNlcmlmO3RleHQtYW5jaG9yOnN0YXJ0O2ZpbGw6IzQyODRGNCcgPk48L3RleHQ+Cjx0ZXh0IHg9JzI3NC40JyB5PScxNzQuOCcgY2xhc3M9J2F0b20tMCcgc3R5bGU9J2ZvbnQtc2l6ZToxOXB4O2ZvbnQtc3R5bGU6bm9ybWFsO2ZvbnQtd2VpZ2h0Om5vcm1hbDtmaWxsLW9wYWNpdHk6MTtzdHJva2U6bm9uZTtmb250LWZhbWlseTpzYW5zLXNlcmlmO3RleHQtYW5jaG9yOnN0YXJ0O2ZpbGw6IzQyODRGNCcgPkg8L3RleHQ+Cjx0ZXh0IHg9JzE5Ny41JyB5PScxMjUuMycgY2xhc3M9J2F0b20tMicgc3R5bGU9J2ZvbnQtc2l6ZToxOXB4O2ZvbnQtc3R5bGU6bm9ybWFsO2ZvbnQtd2VpZ2h0Om5vcm1hbDtmaWxsLW9wYWNpdHk6MTtzdHJva2U6bm9uZTtmb250LWZhbWlseTpzYW5zLXNlcmlmO3RleHQtYW5jaG9yOnN0YXJ0O2ZpbGw6IzQyODRGNCcgPk48L3RleHQ+Cjx0ZXh0IHg9JzM3LjMnIHk9JzIxMi45JyBjbGFzcz0nYXRvbS03JyBzdHlsZT0nZm9udC1zaXplOjE5cHg7Zm9udC1zdHlsZTpub3JtYWw7Zm9udC13ZWlnaHQ6bm9ybWFsO2ZpbGwtb3BhY2l0eToxO3N0cm9rZTpub25lO2ZvbnQtZmFtaWx5OnNhbnMtc2VyaWY7dGV4dC1hbmNob3I6c3RhcnQ7ZmlsbDojRTg0MjM1JyA+TzwvdGV4dD4KPHRleHQgeD0nMTMuNicgeT0nMTMwLjMnIGNsYXNzPSdhdG9tLTgnIHN0eWxlPSdmb250LXNpemU6MTlweDtmb250LXN0eWxlOm5vcm1hbDtmb250LXdlaWdodDpub3JtYWw7ZmlsbC1vcGFjaXR5OjE7c3Ryb2tlOm5vbmU7Zm9udC1mYW1pbHk6c2Fucy1zZXJpZjt0ZXh0LWFuY2hvcjpzdGFydDtmaWxsOiM3RjdGN0YnID4qPC90ZXh0Pgo8dGV4dCB4PScxMDkuMScgeT0nMTAzLjAnIGNsYXNzPSdhdG9tLTknIHN0eWxlPSdmb250LXNpemU6MTlweDtmb250LXN0eWxlOm5vcm1hbDtmb250LXdlaWdodDpub3JtYWw7ZmlsbC1vcGFjaXR5OjE7c3Ryb2tlOm5vbmU7Zm9udC1mYW1pbHk6c2Fucy1zZXJpZjt0ZXh0LWFuY2hvcjpzdGFydDtmaWxsOiM0Mjg0RjQnID5OPC90ZXh0Pgo8dGV4dCB4PScxMjIuOCcgeT0nMTAzLjAnIGNsYXNzPSdhdG9tLTknIHN0eWxlPSdmb250LXNpemU6MTlweDtmb250LXN0eWxlOm5vcm1hbDtmb250LXdlaWdodDpub3JtYWw7ZmlsbC1vcGFjaXR5OjE7c3Ryb2tlOm5vbmU7Zm9udC1mYW1pbHk6c2Fucy1zZXJpZjt0ZXh0LWFuY2hvcjpzdGFydDtmaWxsOiM0Mjg0RjQnID5IPC90ZXh0Pgo8dGV4dCB4PScxMzYuNScgeT0nMTEwLjknIGNsYXNzPSdhdG9tLTknIHN0eWxlPSdmb250LXNpemU6MTNweDtmb250LXN0eWxlOm5vcm1hbDtmb250LXdlaWdodDpub3JtYWw7ZmlsbC1vcGFjaXR5OjE7c3Ryb2tlOm5vbmU7Zm9udC1mYW1pbHk6c2Fucy1zZXJpZjt0ZXh0LWFuY2hvcjpzdGFydDtmaWxsOiM0Mjg0RjQnID4yPC90ZXh0Pgo8L3N2Zz4K data:image/svg+xml;base64,PD94bWwgdmVyc2lvbj0nMS4wJyBlbmNvZGluZz0naXNvLTg4NTktMSc/Pgo8c3ZnIHZlcnNpb249JzEuMScgYmFzZVByb2ZpbGU9J2Z1bGwnCiAgICAgICAgICAgICAgeG1sbnM9J2h0dHA6Ly93d3cudzMub3JnLzIwMDAvc3ZnJwogICAgICAgICAgICAgICAgICAgICAgeG1sbnM6cmRraXQ9J2h0dHA6Ly93d3cucmRraXQub3JnL3htbCcKICAgICAgICAgICAgICAgICAgICAgIHhtbG5zOnhsaW5rPSdodHRwOi8vd3d3LnczLm9yZy8xOTk5L3hsaW5rJwogICAgICAgICAgICAgICAgICB4bWw6c3BhY2U9J3ByZXNlcnZlJwp3aWR0aD0nODVweCcgaGVpZ2h0PSc4NXB4JyB2aWV3Qm94PScwIDAgODUgODUnPgo8IS0tIEVORCBPRiBIRUFERVIgLS0+CjxyZWN0IHN0eWxlPSdvcGFjaXR5OjEuMDtmaWxsOiNGRkZGRkY7c3Ryb2tlOm5vbmUnIHdpZHRoPSc4NS4wJyBoZWlnaHQ9Jzg1LjAnIHg9JzAuMCcgeT0nMC4wJz4gPC9yZWN0Pgo8cGF0aCBjbGFzcz0nYm9uZC0wIGF0b20tMCBhdG9tLTEnIGQ9J00gNzQuNSw0NC4xIEwgNzIuOCwzOC40JyBzdHlsZT0nZmlsbDpub25lO2ZpbGwtcnVsZTpldmVub2RkO3N0cm9rZTojNDI4NEY0O3N0cm9rZS13aWR0aDoxLjBweDtzdHJva2UtbGluZWNhcDpidXR0O3N0cm9rZS1saW5lam9pbjptaXRlcjtzdHJva2Utb3BhY2l0eToxJyAvPgo8cGF0aCBjbGFzcz0nYm9uZC0wIGF0b20tMCBhdG9tLTEnIGQ9J00gNzIuOCwzOC40IEwgNzEuMiwzMi43JyBzdHlsZT0nZmlsbDpub25lO2ZpbGwtcnVsZTpldmVub2RkO3N0cm9rZTojM0I0MTQzO3N0cm9rZS13aWR0aDoxLjBweDtzdHJva2UtbGluZWNhcDpidXR0O3N0cm9rZS1saW5lam9pbjptaXRlcjtzdHJva2Utb3BhY2l0eToxJyAvPgo8cGF0aCBjbGFzcz0nYm9uZC0xMCBhdG9tLTEwIGF0b20tMCcgZD0nTSA2My40LDU0LjEgTCA2OC4yLDUwLjknIHN0eWxlPSdmaWxsOm5vbmU7ZmlsbC1ydWxlOmV2ZW5vZGQ7c3Ryb2tlOiMzQjQxNDM7c3Ryb2tlLXdpZHRoOjEuMHB4O3N0cm9rZS1saW5lY2FwOmJ1dHQ7c3Ryb2tlLWxpbmVqb2luOm1pdGVyO3N0cm9rZS1vcGFjaXR5OjEnIC8+CjxwYXRoIGNsYXNzPSdib25kLTEwIGF0b20tMTAgYXRvbS0wJyBkPSdNIDY4LjIsNTAuOSBMIDcyLjksNDcuNycgc3R5bGU9J2ZpbGw6bm9uZTtmaWxsLXJ1bGU6ZXZlbm9kZDtzdHJva2U6IzQyODRGNDtzdHJva2Utd2lkdGg6MS4wcHg7c3Ryb2tlLWxpbmVjYXA6YnV0dDtzdHJva2UtbGluZWpvaW46bWl0ZXI7c3Ryb2tlLW9wYWNpdHk6MScgLz4KPHBhdGggY2xhc3M9J2JvbmQtMSBhdG9tLTEgYXRvbS0yJyBkPSdNIDcxLjIsMzIuNyBMIDY1LjIsMzIuNScgc3R5bGU9J2ZpbGw6bm9uZTtmaWxsLXJ1bGU6ZXZlbm9kZDtzdHJva2U6IzNCNDE0MztzdHJva2Utd2lkdGg6MS4wcHg7c3Ryb2tlLWxpbmVjYXA6YnV0dDtzdHJva2UtbGluZWpvaW46bWl0ZXI7c3Ryb2tlLW9wYWNpdHk6MScgLz4KPHBhdGggY2xhc3M9J2JvbmQtMSBhdG9tLTEgYXRvbS0yJyBkPSdNIDY1LjIsMzIuNSBMIDU5LjMsMzIuMycgc3R5bGU9J2ZpbGw6bm9uZTtmaWxsLXJ1bGU6ZXZlbm9kZDtzdHJva2U6IzQyODRGNDtzdHJva2Utd2lkdGg6MS4wcHg7c3Ryb2tlLWxpbmVjYXA6YnV0dDtzdHJva2UtbGluZWpvaW46bWl0ZXI7c3Ryb2tlLW9wYWNpdHk6MScgLz4KPHBhdGggY2xhc3M9J2JvbmQtMSBhdG9tLTEgYXRvbS0yJyBkPSdNIDY5LjMsMzUuNCBMIDY1LjEsMzUuMycgc3R5bGU9J2ZpbGw6bm9uZTtmaWxsLXJ1bGU6ZXZlbm9kZDtzdHJva2U6IzNCNDE0MztzdHJva2Utd2lkdGg6MS4wcHg7c3Ryb2tlLWxpbmVjYXA6YnV0dDtzdHJva2UtbGluZWpvaW46bWl0ZXI7c3Ryb2tlLW9wYWNpdHk6MScgLz4KPHBhdGggY2xhc3M9J2JvbmQtMSBhdG9tLTEgYXRvbS0yJyBkPSdNIDY1LjEsMzUuMyBMIDYxLjAsMzUuMicgc3R5bGU9J2ZpbGw6bm9uZTtmaWxsLXJ1bGU6ZXZlbm9kZDtzdHJva2U6IzQyODRGNDtzdHJva2Utd2lkdGg6MS4wcHg7c3Ryb2tlLWxpbmVjYXA6YnV0dDtzdHJva2UtbGluZWpvaW46bWl0ZXI7c3Ryb2tlLW9wYWNpdHk6MScgLz4KPHBhdGggY2xhc3M9J2JvbmQtMiBhdG9tLTIgYXRvbS0zJyBkPSdNIDU1LjksMzUuNiBMIDU0LjEsNDAuNScgc3R5bGU9J2ZpbGw6bm9uZTtmaWxsLXJ1bGU6ZXZlbm9kZDtzdHJva2U6IzQyODRGNDtzdHJva2Utd2lkdGg6MS4wcHg7c3Ryb2tlLWxpbmVjYXA6YnV0dDtzdHJva2UtbGluZWpvaW46bWl0ZXI7c3Ryb2tlLW9wYWNpdHk6MScgLz4KPHBhdGggY2xhc3M9J2JvbmQtMiBhdG9tLTIgYXRvbS0zJyBkPSdNIDU0LjEsNDAuNSBMIDUyLjMsNDUuNCcgc3R5bGU9J2ZpbGw6bm9uZTtmaWxsLXJ1bGU6ZXZlbm9kZDtzdHJva2U6IzNCNDE0MztzdHJva2Utd2lkdGg6MS4wcHg7c3Ryb2tlLWxpbmVjYXA6YnV0dDtzdHJva2UtbGluZWpvaW46bWl0ZXI7c3Ryb2tlLW9wYWNpdHk6MScgLz4KPHBhdGggY2xhc3M9J2JvbmQtMyBhdG9tLTMgYXRvbS00JyBkPSdNIDUyLjMsNDUuNCBMIDM4LjgsNDkuMycgc3R5bGU9J2ZpbGw6bm9uZTtmaWxsLXJ1bGU6ZXZlbm9kZDtzdHJva2U6IzNCNDE0MztzdHJva2Utd2lkdGg6MS4wcHg7c3Ryb2tlLWxpbmVjYXA6YnV0dDtzdHJva2UtbGluZWpvaW46bWl0ZXI7c3Ryb2tlLW9wYWNpdHk6MScgLz4KPHBhdGggY2xhc3M9J2JvbmQtOSBhdG9tLTMgYXRvbS0xMCcgZD0nTSA1Mi4zLDQ1LjQgTCA2My40LDU0LjEnIHN0eWxlPSdmaWxsOm5vbmU7ZmlsbC1ydWxlOmV2ZW5vZGQ7c3Ryb2tlOiMzQjQxNDM7c3Ryb2tlLXdpZHRoOjEuMHB4O3N0cm9rZS1saW5lY2FwOmJ1dHQ7c3Ryb2tlLWxpbmVqb2luOm1pdGVyO3N0cm9rZS1vcGFjaXR5OjEnIC8+CjxwYXRoIGNsYXNzPSdib25kLTkgYXRvbS0zIGF0b20tMTAnIGQ9J00gNTUuNyw0NC41IEwgNjMuNSw1MC42JyBzdHlsZT0nZmlsbDpub25lO2ZpbGwtcnVsZTpldmVub2RkO3N0cm9rZTojM0I0MTQzO3N0cm9rZS13aWR0aDoxLjBweDtzdHJva2UtbGluZWNhcDpidXR0O3N0cm9rZS1saW5lam9pbjptaXRlcjtzdHJva2Utb3BhY2l0eToxJyAvPgo8cGF0aCBjbGFzcz0nYm9uZC00IGF0b20tNCBhdG9tLTUnIGQ9J00gMzguOCw0OS4zIEwgMjguNywzOS41JyBzdHlsZT0nZmlsbDpub25lO2ZpbGwtcnVsZTpldmVub2RkO3N0cm9rZTojM0I0MTQzO3N0cm9rZS13aWR0aDoxLjBweDtzdHJva2UtbGluZWNhcDpidXR0O3N0cm9rZS1saW5lam9pbjptaXRlcjtzdHJva2Utb3BhY2l0eToxJyAvPgo8cGF0aCBjbGFzcz0nYm9uZC01IGF0b20tNSBhdG9tLTYnIGQ9J00gMjguNywzOS41IEwgMTUuMiw0My40JyBzdHlsZT0nZmlsbDpub25lO2ZpbGwtcnVsZTpldmVub2RkO3N0cm9rZTojM0I0MTQzO3N0cm9rZS13aWR0aDoxLjBweDtzdHJva2UtbGluZWNhcDpidXR0O3N0cm9rZS1saW5lam9pbjptaXRlcjtzdHJva2Utb3BhY2l0eToxJyAvPgo8cGF0aCBjbGFzcz0nYm9uZC04IGF0b20tNSBhdG9tLTknIGQ9J00gMjguNywzOS41IEwgMzAuNywzNC41IEwgMjkuMywzNC4yIFonIHN0eWxlPSdmaWxsOiMzQjQxNDM7ZmlsbC1ydWxlOmV2ZW5vZGQ7ZmlsbC1vcGFjaXR5OjE7c3Ryb2tlOiMzQjQxNDM7c3Ryb2tlLXdpZHRoOjEuMHB4O3N0cm9rZS1saW5lY2FwOmJ1dHQ7c3Ryb2tlLWxpbmVqb2luOm1pdGVyO3N0cm9rZS1vcGFjaXR5OjE7JyAvPgo8cGF0aCBjbGFzcz0nYm9uZC04IGF0b20tNSBhdG9tLTknIGQ9J00gMzAuNywzNC41IEwgMjkuOSwyOC45IEwgMzIuNiwyOS42IFonIHN0eWxlPSdmaWxsOiM0Mjg0RjQ7ZmlsbC1ydWxlOmV2ZW5vZGQ7ZmlsbC1vcGFjaXR5OjE7c3Ryb2tlOiM0Mjg0RjQ7c3Ryb2tlLXdpZHRoOjEuMHB4O3N0cm9rZS1saW5lY2FwOmJ1dHQ7c3Ryb2tlLWxpbmVqb2luOm1pdGVyO3N0cm9rZS1vcGFjaXR5OjE7JyAvPgo8cGF0aCBjbGFzcz0nYm9uZC04IGF0b20tNSBhdG9tLTknIGQ9J00gMzAuNywzNC41IEwgMjkuMywzNC4yIEwgMjkuOSwyOC45IFonIHN0eWxlPSdmaWxsOiM0Mjg0RjQ7ZmlsbC1ydWxlOmV2ZW5vZGQ7ZmlsbC1vcGFjaXR5OjE7c3Ryb2tlOiM0Mjg0RjQ7c3Ryb2tlLXdpZHRoOjEuMHB4O3N0cm9rZS1saW5lY2FwOmJ1dHQ7c3Ryb2tlLWxpbmVqb2luOm1pdGVyO3N0cm9rZS1vcGFjaXR5OjE7JyAvPgo8cGF0aCBjbGFzcz0nYm9uZC02IGF0b20tNiBhdG9tLTcnIGQ9J00gMTMuOCw0My4wIEwgMTIuNCw0OC44JyBzdHlsZT0nZmlsbDpub25lO2ZpbGwtcnVsZTpldmVub2RkO3N0cm9rZTojM0I0MTQzO3N0cm9rZS13aWR0aDoxLjBweDtzdHJva2UtbGluZWNhcDpidXR0O3N0cm9rZS1saW5lam9pbjptaXRlcjtzdHJva2Utb3BhY2l0eToxJyAvPgo8cGF0aCBjbGFzcz0nYm9uZC02IGF0b20tNiBhdG9tLTcnIGQ9J00gMTIuNCw0OC44IEwgMTAuOSw1NC41JyBzdHlsZT0nZmlsbDpub25lO2ZpbGwtcnVsZTpldmVub2RkO3N0cm9rZTojRTg0MjM1O3N0cm9rZS13aWR0aDoxLjBweDtzdHJva2UtbGluZWNhcDpidXR0O3N0cm9rZS1saW5lam9pbjptaXRlcjtzdHJva2Utb3BhY2l0eToxJyAvPgo8cGF0aCBjbGFzcz0nYm9uZC02IGF0b20tNiBhdG9tLTcnIGQ9J00gMTYuNSw0My43IEwgMTUuMSw0OS41JyBzdHlsZT0nZmlsbDpub25lO2ZpbGwtcnVsZTpldmVub2RkO3N0cm9rZTojM0I0MTQzO3N0cm9rZS13aWR0aDoxLjBweDtzdHJva2UtbGluZWNhcDpidXR0O3N0cm9rZS1saW5lam9pbjptaXRlcjtzdHJva2Utb3BhY2l0eToxJyAvPgo8cGF0aCBjbGFzcz0nYm9uZC02IGF0b20tNiBhdG9tLTcnIGQ9J00gMTUuMSw0OS41IEwgMTMuNyw1NS4yJyBzdHlsZT0nZmlsbDpub25lO2ZpbGwtcnVsZTpldmVub2RkO3N0cm9rZTojRTg0MjM1O3N0cm9rZS13aWR0aDoxLjBweDtzdHJva2UtbGluZWNhcDpidXR0O3N0cm9rZS1saW5lam9pbjptaXRlcjtzdHJva2Utb3BhY2l0eToxJyAvPgo8cGF0aCBjbGFzcz0nYm9uZC03IGF0b20tNiBhdG9tLTgnIGQ9J00gMTUuMiw0My40IEwgMTEuMiwzOS41JyBzdHlsZT0nZmlsbDpub25lO2ZpbGwtcnVsZTpldmVub2RkO3N0cm9rZTojM0I0MTQzO3N0cm9rZS13aWR0aDoxLjBweDtzdHJva2UtbGluZWNhcDpidXR0O3N0cm9rZS1saW5lam9pbjptaXRlcjtzdHJva2Utb3BhY2l0eToxJyAvPgo8cGF0aCBjbGFzcz0nYm9uZC03IGF0b20tNiBhdG9tLTgnIGQ9J00gMTEuMiwzOS41IEwgNy4yLDM1LjcnIHN0eWxlPSdmaWxsOm5vbmU7ZmlsbC1ydWxlOmV2ZW5vZGQ7c3Ryb2tlOiM3RjdGN0Y7c3Ryb2tlLXdpZHRoOjEuMHB4O3N0cm9rZS1saW5lY2FwOmJ1dHQ7c3Ryb2tlLWxpbmVqb2luOm1pdGVyO3N0cm9rZS1vcGFjaXR5OjEnIC8+Cjx0ZXh0IHg9JzczLjMnIHk9JzQ5LjInIGNsYXNzPSdhdG9tLTAnIHN0eWxlPSdmb250LXNpemU6NnB4O2ZvbnQtc3R5bGU6bm9ybWFsO2ZvbnQtd2VpZ2h0Om5vcm1hbDtmaWxsLW9wYWNpdHk6MTtzdHJva2U6bm9uZTtmb250LWZhbWlseTpzYW5zLXNlcmlmO3RleHQtYW5jaG9yOnN0YXJ0O2ZpbGw6IzQyODRGNCcgPk48L3RleHQ+Cjx0ZXh0IHg9Jzc3LjQnIHk9JzQ5LjInIGNsYXNzPSdhdG9tLTAnIHN0eWxlPSdmb250LXNpemU6NnB4O2ZvbnQtc3R5bGU6bm9ybWFsO2ZvbnQtd2VpZ2h0Om5vcm1hbDtmaWxsLW9wYWNpdHk6MTtzdHJva2U6bm9uZTtmb250LWZhbWlseTpzYW5zLXNlcmlmO3RleHQtYW5jaG9yOnN0YXJ0O2ZpbGw6IzQyODRGNCcgPkg8L3RleHQ+Cjx0ZXh0IHg9JzU1LjMnIHk9JzM1LjInIGNsYXNzPSdhdG9tLTInIHN0eWxlPSdmb250LXNpemU6NnB4O2ZvbnQtc3R5bGU6bm9ybWFsO2ZvbnQtd2VpZ2h0Om5vcm1hbDtmaWxsLW9wYWNpdHk6MTtzdHJva2U6bm9uZTtmb250LWZhbWlseTpzYW5zLXNlcmlmO3RleHQtYW5jaG9yOnN0YXJ0O2ZpbGw6IzQyODRGNCcgPk48L3RleHQ+Cjx0ZXh0IHg9JzEwLjAnIHk9JzYwLjAnIGNsYXNzPSdhdG9tLTcnIHN0eWxlPSdmb250LXNpemU6NnB4O2ZvbnQtc3R5bGU6bm9ybWFsO2ZvbnQtd2VpZ2h0Om5vcm1hbDtmaWxsLW9wYWNpdHk6MTtzdHJva2U6bm9uZTtmb250LWZhbWlseTpzYW5zLXNlcmlmO3RleHQtYW5jaG9yOnN0YXJ0O2ZpbGw6I0U4NDIzNScgPk88L3RleHQ+Cjx0ZXh0IHg9JzMuMycgeT0nMzYuNicgY2xhc3M9J2F0b20tOCcgc3R5bGU9J2ZvbnQtc2l6ZTo2cHg7Zm9udC1zdHlsZTpub3JtYWw7Zm9udC13ZWlnaHQ6bm9ybWFsO2ZpbGwtb3BhY2l0eToxO3N0cm9rZTpub25lO2ZvbnQtZmFtaWx5OnNhbnMtc2VyaWY7dGV4dC1hbmNob3I6c3RhcnQ7ZmlsbDojN0Y3RjdGJyA+KjwvdGV4dD4KPHRleHQgeD0nMzAuMycgeT0nMjguOScgY2xhc3M9J2F0b20tOScgc3R5bGU9J2ZvbnQtc2l6ZTo2cHg7Zm9udC1zdHlsZTpub3JtYWw7Zm9udC13ZWlnaHQ6bm9ybWFsO2ZpbGwtb3BhY2l0eToxO3N0cm9rZTpub25lO2ZvbnQtZmFtaWx5OnNhbnMtc2VyaWY7dGV4dC1hbmNob3I6c3RhcnQ7ZmlsbDojNDI4NEY0JyA+TjwvdGV4dD4KPHRleHQgeD0nMzQuNCcgeT0nMjguOScgY2xhc3M9J2F0b20tOScgc3R5bGU9J2ZvbnQtc2l6ZTo2cHg7Zm9udC1zdHlsZTpub3JtYWw7Zm9udC13ZWlnaHQ6bm9ybWFsO2ZpbGwtb3BhY2l0eToxO3N0cm9rZTpub25lO2ZvbnQtZmFtaWx5OnNhbnMtc2VyaWY7dGV4dC1hbmNob3I6c3RhcnQ7ZmlsbDojNDI4NEY0JyA+SDwvdGV4dD4KPHRleHQgeD0nMzguNicgeT0nMzEuMycgY2xhc3M9J2F0b20tOScgc3R5bGU9J2ZvbnQtc2l6ZTozcHg7Zm9udC1zdHlsZTpub3JtYWw7Zm9udC13ZWlnaHQ6bm9ybWFsO2ZpbGwtb3BhY2l0eToxO3N0cm9rZTpub25lO2ZvbnQtZmFtaWx5OnNhbnMtc2VyaWY7dGV4dC1hbmNob3I6c3RhcnQ7ZmlsbDojNDI4NEY0JyA+MjwvdGV4dD4KPC9zdmc+Cg== [H]N1C([H])=NC(C([H])([H])[C@](C(=O)[*])([H])N([H])[H])=C1[H] 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000002708 enhancing Effects 0.000 description 1
- 230000003287 optical Effects 0.000 description 1
- 229920001690 polydopamine Polymers 0.000 description 1
- 230000001702 transmitter Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3825—Use of electronic signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/08—Payment architectures
- G06Q20/10—Payment architectures specially adapted for electronic funds transfer [EFT] systems; specially adapted for home banking systems
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3827—Use of message hashing
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
- G06Q50/10—Services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Abstract
An electronic signature proxy device for a client terminal and an operation method thereof are disclosed. An apparatus and method for performing an electronic signature for a client terminal in accordance with the present invention includes the steps of issuing a private key and a public key for an electronic signature to transmit the public key to a content providing server, Dividing the private key into a plurality of key stores, distributing the private key to the plurality of key stores, and, when receiving an electronic signature substitution request from the client terminal, combining the plurality of private key fragments distributed and stored in the plurality of key stores, Generating a digital signature value based on the private key, and transmitting the digital signature value to the content providing server instead of the client terminal, so that the private key is not stored in the client terminal, A predetermined program for generating an electronic signature value on a browser is installed in a plug-in form The user can easily perform digital signature by simply connecting to the digital signature proxy device for the client terminal by using various client terminals at any time and anywhere, .
Description
Embodiments of the present invention are directed to a technique for performing digital signature in response to an electronic signature request of a content providing server accessed through a network.
Recently, with the widespread use of the Internet and the like, the use of electronic payment or online-based banking services is increasing rapidly.
Generally, an electronic payment or an online-based banking service provides a content providing electronic payment or an online-based banking service when a user wants to use an electronic payment or an online-based banking service after issuing a predetermined certificate to a user terminal (Contents Provider) server receives the digital signature value from the terminal through the certificate installed in the terminal and performs the user authentication.
The user authentication method uses a PKI (Public Key Infrastructure) based encryption / decryption technology. More specifically, when a user accesses a content providing server through his / her client terminal and wants to use an electronic payment or an online banking service , The content providing server requests the client terminal to transmit the digital signature value.
At this time, the client terminal receives the digital signature subject data from the contents providing server in response to the transmission request of the digital signature value, encrypts the digital signature subject data with the private key stored in the memory, .
At this time, the hash value generated by applying the original text data such as the electronic payment information, the account information, and the like to the hash function as input is mainly used as the digital signature subject data.
Then, the client terminal transmits the digital signature subject data and the digital signature value to the contents providing server, and at this time, when the digital signature subject data and the digital signature value are received, Decrypting the digital signature value with a public key corresponding to the private key stored in the server, and if it is determined that the decryption result value and the digital signature subject data coincide with each other, an electronic signature is performed by a true user .
Such a user authentication method is widely used in companies providing electronic payment service or online banking service because it can enhance security.
However, such a user authentication method has recently been proposed in that a predetermined program for generating an electronic signature value on a web browser must be mounted in a plug-in form in order for a client terminal to generate an electronic signature value It is difficult to utilize it in a web browser which can not install the plug-in being introduced.
Especially, in a web browser based on HTML (Hyper Text Markup Language) 5, which is recently introduced, it is not possible to install a program in a form of a plug-in in the web browser itself. Therefore, a company providing electronic payment service or online banking service It is difficult to introduce such a PKI-based user authentication system.
In addition, in the conventional PKI-based user authentication system, the private key must be stored on the client terminal. Therefore, it is difficult for the user to proceed with the digital signature using various client terminals. In addition, It has been inconvenient to carry a portable storage device in which a private key is always stored in order to carry out a signature.
Accordingly, it is possible to perform PKI-based user authentication without installing a predetermined program in a plug-in form in the web browser, and at the same time, to support a user to proceed with electronic signature anywhere regardless of the client terminal Research is needed.
An apparatus and method for performing an electronic signature for a client terminal in accordance with the present invention includes the steps of issuing a private key and a public key for an electronic signature to transmit the public key to a content providing server, Dividing the private key into a plurality of key stores, distributing the private key to the plurality of key stores, and, when receiving an electronic signature substitution request from the client terminal, combining the plurality of private key fragments distributed and stored in the plurality of key stores, Generating a digital signature value based on the private key, and transmitting the digital signature value to the content providing server instead of the client terminal, so that the private key is not stored in the client terminal, A predetermined program for generating an electronic signature value on a browser is installed in a plug-in form Jaedoel so you do not have to, and want to help users simply connect the digital signature proxy device performs for the client terminal to take advantage of a variety of client terminals anywhere, anytime, you can easily perform an electronic signature.
An apparatus for performing an electronic signature for a client terminal according to an embodiment of the present invention includes a plurality of private key pieces, wherein the plurality of private key pieces are divided into a plurality of data pieces, A content providing server storing a plurality of key stores and a public key corresponding to the private key requests a digital signature to the client terminal, and an electronic signature agency request based on the private key is received from the client terminal A data receiving unit for receiving digital signature subject data from the contents providing server, extracting the plurality of private key pieces from the plurality of key stores in response to the digital signature substitution request, and combining the plurality of private key pieces A private key restoring unit for restoring the private key, An electronic signature value generation unit for encrypting the self signature subject data to generate an electronic signature value, and an electronic signature transmission unit for transmitting the digital signature subject data and the digital signature value to the contents providing server.
According to another aspect of the present invention, there is provided a method of operating an apparatus for performing an electronic signature for a client terminal, the method comprising: generating a plurality of private key fragments, each of the plurality of private key fragments having a private key divided into a plurality of data fragments, The method comprising the steps of: maintaining a plurality of key stores that are distributed and stored; receiving, from the client terminal, the private key as a basis for requesting a digital signature to a client terminal, the content providing server storing a public key corresponding to the private key; Receiving, from the content providing server, digital signature subject data when the electronic signature subscription request is received, extracting the plurality of private key pieces from the plurality of key stores in response to the digital signature substitution request, Restoring the private key by combining the private key fragments of the private key, On the basis of a step, and transmitting the digital signature target data and the digital signature value to the content providing server that generates an electronic signature value by encrypting the digital signature object data.
An apparatus and method for performing an electronic signature for a client terminal in accordance with the present invention includes the steps of issuing a private key and a public key for an electronic signature to transmit the public key to a content providing server, Dividing the private key into a plurality of key stores, distributing the private key to the plurality of key stores, and, when receiving an electronic signature substitution request from the client terminal, combining the plurality of private key fragments distributed and stored in the plurality of key stores, Generating a digital signature value based on the private key, and transmitting the digital signature value to the content providing server instead of the client terminal, so that the private key is not stored in the client terminal, A predetermined program for generating an electronic signature value on a browser is installed in a plug-in form The user can easily perform digital signature by simply connecting to the digital signature proxy device for the client terminal by using various client terminals at any time and anywhere, .
1 is a system conceptual diagram schematically illustrating an entire system for explaining an electronic signature proxy device for a client terminal according to an embodiment of the present invention.
2 is a block diagram illustrating an apparatus for performing an electronic signature proxy for a client terminal according to an exemplary embodiment of the present invention.
3 is a flowchart illustrating an operation method of an electronic signature proxy device for a client terminal according to an exemplary embodiment of the present invention.
While the invention is susceptible to various modifications and alternative forms, specific embodiments thereof are shown by way of example in the drawings and will herein be described in detail. It should be understood, however, that the invention is not intended to be limited to the particular embodiments, but includes all modifications, equivalents, and alternatives falling within the spirit and scope of the invention. Like reference numerals are used for like elements in describing each drawing.
It is to be understood that when an element is referred to as being "connected" or "connected" to another element, it may be directly connected or connected to the other element, . On the other hand, when an element is referred to as being "directly connected" or "directly connected" to another element, it should be understood that there are no other elements in between.
The terminology used in this application is used only to describe a specific embodiment and is not intended to limit the invention. The singular expressions include plural expressions unless the context clearly dictates otherwise. In the present application, the terms "comprises" or "having" and the like are used to specify that there is a feature, a number, a step, an operation, an element, a component or a combination thereof described in the specification, But do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, or combinations thereof.
Unless defined otherwise, all terms used herein, including technical or scientific terms, have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. Terms such as those defined in commonly used dictionaries are to be interpreted as having a meaning consistent with the contextual meaning of the related art and are to be interpreted as either ideal or overly formal in the sense of the present application Do not.
Hereinafter, embodiments according to the present invention will be described in detail with reference to the accompanying drawings.
1 is a system conceptual diagram schematically illustrating an entire system for explaining an electronic signature proxy device for a client terminal according to an embodiment of the present invention.
Referring to FIG. 1, an electronic signature proxy device 110, a client terminal 120, and a contents provider server 130 for a client terminal are illustrated.
Here, the content providing server 130 may be a server capable of providing various contents through a network, such as an electronic payment or an online-based banking service. The client terminal 120 may be a desktop PC, a mobile terminal, a PDA, A microprocessor-based device capable of connecting to the content providing server 130 such as a tablet PC and transmitting / receiving data.
Hereinafter, with reference to FIG. 1, it is assumed that the client terminal 120 accesses the content providing server 130 that provides an online-based banking service and performs electronic signature in the process of performing account transfer, Will be described in detail.
When the client terminal 120 accesses the content providing server 130 and performs the account transfer, it is checked whether the user of the client terminal 120 requesting the transfer of money from the content providing server 130 is a true account ownership user That is, it is necessary to perform user authentication for non-repudiation. For this, the content providing server 130 and the client terminal 120 must perform the digital signature process.
First, in order for the client terminal 120 to proceed with the digital signature to the content providing server 130, the client terminal 120 must perform an initial use registration process for performing digital signature.
In this regard, when the first use registration request for performing digital signature substitution is received from the client terminal 120, the digital signature proxy execution device 110 for the client terminal transmits a private key to be used for the digital signature and the private key corresponding to the private key Generate a public key, and request a password for use in encrypting the private key with respect to the client terminal 120.
At this time, the client terminal 120 can display a password input window for initial use registration on the screen, and the user can input his or her own password into the password input window. Accordingly, the client terminal 120 may transmit the password to the digital signature agent 110 for the client terminal.
At this time, when the password is received from the client terminal 120, the digital signature proxy execution device 110 for the client terminal encrypts the password based on a predetermined encryption key to generate a secret key, Key can be stored in the secret key storage unit.
Then, the digital signature agent 110 for a client terminal generates a random key composed of random data, and then encrypts the random key with the random key so as to authenticate the private key Key can be generated.
At this time, the digital signature substitution execution device 110 for a client terminal divides the random key into a plurality of data pieces to generate a plurality of random key pieces, and then the random key pieces are divided into a plurality of keys You can distribute it to the repositories.
Here, as a method of dividing the random key into the plurality of random key fragments, a method of simply dividing data constituting the random key into specific data size units may be used, and the random key may be divided into a plurality of partial recoverable A method of dividing into locally repairable codes can be used, and various data dividing methods can be used.
Thereafter, the digital signature substitution execution device 110 for the client terminal can generate the encrypted private key by encrypting the private key based on the authentication key, and generate the encrypted private key as a plurality of pieces of data By splitting, a plurality of private key fragments can be generated.
Here, as a method of dividing the encrypted private key into the plurality of private key fragments, a method of simply dividing data constituting the encrypted private key into specific data size units may be used, and the encrypted private key A method of dividing a plurality of partial recoverable codes into a plurality of partial recoverable codes can be used.
Then, the digital signature proxy execution device 110 for the client terminal may distribute and store the plurality of pieces of private key to the plurality of key stores, and transmits the public key to the contents providing server 130, The first use registration for the user of the client terminal 120 can be completed.
After the first use registration for digital signature is completed, the user of the client terminal 120 accesses the content providing server 130 and performs the account transfer, so that the content providing server 130 transmits the account registration request to the client terminal 120 The digital signature proxy execution unit 110 for the client terminal can receive the digital signature proxy request based on the private key previously issued from the client terminal 120, And can request the client terminal 120 to transmit a password for decrypting the encrypted private key.
Here, the digital signature object data includes a hash value generated by applying transfer information such as account information, transfer amount, sender information, recipient information, etc. of the user of the client terminal 120 according to the account transfer to a predetermined hash function .
That is, the content providing server 130 generates a hash value using a predetermined hash function for the transfer information, and transmits the hash value to the digital signature substitution execution device 110 for the client terminal, As shown in FIG.
At this time, the client terminal 120 may display a password input window for digital signature on the screen in response to the password transmission request, and may allow the user to input the same password The client terminal 120 may transmit the password to the digital signature agent 110 for the client terminal.
At this time, when the password is received from the client terminal 120, the digital signature proxy execution device 110 for the client terminal encrypts the password using the same encryption key as the selected encryption key used for the first use registration To generate an encrypted value.
Then, the digital signature proxy execution unit 110 for the client terminal extracts the secret key from the secret key storage unit, compares the encrypted value with the secret key, and determines whether the encrypted value matches the secret key It can be judged.
If it is determined that the encryption value and the secret key match with each other, the digital signature proxy execution device 110 for the client terminal completes use authentication for the client terminal 120, Extracts the plurality of random key fragments scattered from the random key and reconstructs the random key by combining the plurality of random key fragments.
In addition, the digital signature proxy execution unit 110 for the client terminal may generate an authentication key for decrypting the encrypted private key by performing encryption with the recovered random key for the encrypted value.
When the generation of the authentication key for decrypting the encrypted private key is completed, the digital signature substitution execution device 110 for the client terminal transmits the private key of the private key, which is distributed from the plurality of key stores, After extracting fragments, the plurality of private key fragments may be combined to recover the encrypted private key.
Then, the digital signature proxy execution device 110 for the client terminal decrypts the encrypted private key using the authentication key, and encrypts the digital signature subject data based on the decrypted private key, Value can be generated.
When the generation of the digital signature value is completed, the digital signature proxy execution device 110 for the client terminal transmits the digital signature subject data and the digital signature value to the content providing server 130, ). ≪ / RTI >
At this time, when the electronic signature subject data and the digital signature value are received from the digital signature agent 110 for the client terminal, the contents providing server 130 transmits the public key stored in the contents providing server 130 If it is determined that the decrypted digital signature value and the received digital signature subject data coincide with each other after the decryption of the digital signature value on the basis of the decrypted digital signature value, the account transfer can be executed by completing the authentication on the client terminal 120 .
As a result, the digital signature proxy execution device 110 for the client terminal according to the present invention issues a private key and a public key for digital signature, transmits the public key to the content providing server 130, Divided into the plurality of key stores, and then distributed to the plurality of key stores, when the digital signature request is received from the client terminal 120, the plurality of private key pieces And transmits the digital signature value to the content providing server 130 instead of the client terminal 120 to generate a digital signature value based on the private key, 120, a predetermined program for generating an electronic signature value is loaded in a plug-in form on the web browser of the client terminal 120 And the user can easily perform digital signature by simply connecting to the digital signature agent 110 for the client terminal by using various client terminals anytime and anywhere. Can be guaranteed.
2 is a block diagram illustrating an apparatus for performing an electronic signature proxy for a client terminal according to an exemplary embodiment of the present invention.
Referring to FIG. 2, an electronic signature proxy execution apparatus 210 for a client terminal according to an exemplary embodiment of the present invention includes a plurality of key stores 201, 202, 203 and 204, a data receiving unit 211, A restoring unit 212, a digital signature value generating unit 213, and an electronic signature transmitting unit 214.
A plurality of private key pieces are distributedly stored in the plurality of key stores 201, 202, 203,
Here, the plurality of private key pieces mean that the private key is divided into a plurality of data pieces.
The data receiving unit 211 receives the private key from the client terminal 230 by the content providing server 240 storing the public key corresponding to the private key from the client terminal 230 And receives the electronic signature subject data from the contents providing server 240. [
The private key restoring unit 212 extracts the plurality of private key pieces from the plurality of key stores 201, 202, 203, and 204 in response to the digital signature substitution request, combines the plurality of private key pieces, Restore the private key.
The digital signature value generator 213 encrypts the digital signature subject data based on the restored private key to generate an electronic signature value.
The digital signature transmitting unit 214 transmits the digital signature subject data and the digital signature value to the contents providing server 240.
In this case, according to an embodiment of the present invention, when the digital signature subject data and the digital signature value are received, the content providing server 240 decrypts the digital signature value based on the public key, When it is determined that the signature value and the received digital signature subject data coincide with each other, the authentication for the client terminal 230 can be completed.
Also, according to an embodiment of the present invention, the plurality of private key pieces may be one in which the encrypted private key generated by encrypting the private key is divided into a plurality of data pieces. At this time, when the digital signature subscription request based on the private key is received from the client terminal 230, the data receiving unit 211 receives the digital signature subject data from the contents providing server 240 and simultaneously transmits the digital signature subject data to the client terminal 230 The private key restoring unit 212 may receive a password for decrypting the encrypted private key from the plurality of key stores 201, 202, 203, and 204 in response to the electronic signature substitution request, After extracting the plurality of private key fragments, the encrypted private key may be reconstructed by combining the plurality of private key fragments. The digital signature value generation unit 213 decrypts the encrypted private key based on the secret key And encrypt the digital signature subject data based on the decrypted private key to generate the digital signature value.
According to an embodiment of the present invention, an electronic signature proxy execution device 210 for a client terminal includes a usage registration processor 215, a secret key generator 216, an authentication key generator 217, An install unit 218 and a key processing unit 219. [
The use registration processor 215 generates the public key corresponding to the private key and the private key when the first use registration request for performing an electronic signature substitution is received from the client terminal 230, To request the password for use in encrypting the private key.
When the password is received from the client terminal 230, the secret key generation unit 216 generates the secret key based on the selected encryption key, encrypts the secret key, and transmits the secret key to the secret key storage unit (not shown) .
The authentication key generation unit 217 generates a random key composed of random data, and then encrypts the random key with the random key to generate an authentication key for encrypting the private key.
The private key division unit 218 encrypts the private key based on the authentication key to generate the encrypted private key, and divides the encrypted private key into the plurality of private key fragments.
The key processing unit 219 distributes the plurality of pieces of private key to a plurality of key stores 201, 202, 203 and 204, and transmits the public key to the contents providing server 240.
In this case, according to an embodiment of the present invention, the digital signature proxy execution device 210 for the client terminal may further include a random key storage unit 220.
The random key storage unit 220 divides the random key into a plurality of data pieces to generate a plurality of random key pieces, and then transmits the random key pieces to a plurality of key stores 201, 202, 203, .
According to an embodiment of the present invention, an electronic signature proxy execution device 210 for a client terminal includes a password encryption unit 221, a usage authentication unit 222, a random key recovery unit 223, (224). ≪ / RTI >
When the password for decrypting the encrypted private key together with the digital signature substitution request is received from the client terminal 230, the password encryption unit 221 encrypts the secret key received from the client terminal 230, And performs encryption based on the encryption key to generate an encryption value.
The usage authentication unit 222 extracts the secret key from the secret key storage unit, compares the encrypted value with the secret key, and if the encrypted value matches the secret key, .
The random key recovery unit 223 extracts the plurality of random key fragments from the plurality of key stores 201, 202, 203, and 204 when the use authentication for the client terminal 230 is completed, And combines the pieces to recover the random key.
The decryption authentication key generation unit 224 generates the authentication key for decrypting the encrypted private key by performing encryption using the recovered random key with respect to the encrypted value.
In this case, according to an embodiment of the present invention, when the generation of the authentication key for decrypting the encrypted private key is completed, the private key restoring unit 212 restores the private key to a plurality of key stores Extracts the plurality of private key fragments from the plurality of private keys 201, 202, 203, 204, and combines the plurality of private key fragments to recover the encrypted private key.
Then, the digital signature value generator 213 decrypts the encrypted private key using the authentication key, and encrypts the digital signature subject data based on the decrypted private key to generate the digital signature value .
2, the digital signature proxy device 210 for a client terminal according to an embodiment of the present invention has been described. Here, the digital signature proxy execution device 210 for a client terminal according to an embodiment of the present invention may correspond to the configuration of the digital signature proxy execution device 110 for the client terminal described with reference to FIG. 1, A detailed description thereof will be omitted.
3 is a flowchart illustrating an operation method of an electronic signature proxy device for a client terminal according to an exemplary embodiment of the present invention.
In step S310, a plurality of key stores in which a plurality of pieces of private key are distributed are stored.
Here, the plurality of private key pieces mean that the private key is divided into a plurality of data pieces.
In step S320, when a content providing server storing a public key corresponding to the private key requests a digital signature to the client terminal, an electronic signature subscription request based on the private key is received from the client terminal , And receives digital signature subject data from the contents providing server.
In step S330, the plurality of private key fragments are extracted from the plurality of key stores in response to the digital signature substitution request, and the private key is recovered by combining the plurality of private key fragments.
In step S340, the digital signature subject data is encrypted based on the restored private key to generate an electronic signature value.
In step S350, the digital signature subject data and the digital signature value are transmitted to the contents providing server.
According to an embodiment of the present invention, when the digital signature subject data and the digital signature value are received, the content providing server decrypts the digital signature value based on the public key, and then transmits the decrypted digital signature value And the received digital signature data match with each other, authentication of the client terminal can be completed.
Also, according to an embodiment of the present invention, the plurality of private key pieces may be one in which the encrypted private key generated by encrypting the private key is divided into a plurality of data pieces. In this case, in step S320, when the electronic signature subscription request based on the private key is received from the client terminal, the digital signature subject data is received from the contents providing server and the encrypted private key In step S330, the plurality of private key fragments are extracted from the plurality of key stores in response to the digital signature substitution request, and the plurality of private key fragments are combined to extract the plurality of private key fragments In step S340, the encrypted private key is decrypted on the basis of the secret number, and the digital signature subject data is encrypted based on the decrypted private key, Can be generated.
According to an embodiment of the present invention, there is provided a method for operating an electronic signature proxy agent for a client terminal, the method comprising: when receiving an initial use registration request for performing an electronic signature proxy from the client terminal, The method comprising: generating the public key corresponding to the public key and requesting the client terminal for the password to be used for encrypting the private key, receiving the password from the client terminal, Storing the secret key in a secret key storage unit, generating a random key composed of random data, encrypting the random key with the random key to encrypt the private key, Generating an authentication key for encrypting the private key based on the authentication key, Creating the encrypted private key, partitioning the encrypted private key into the plurality of private key fragments, and distributing the plurality of private key fragments to the plurality of key stores, To the content providing server.
According to an embodiment of the present invention, an operation method of an apparatus for performing digital signature for a client terminal includes dividing the random key into a plurality of data pieces to generate a plurality of random key pieces, And distributing key pieces to the plurality of key stores.
In this case, according to an embodiment of the present invention, an operation method of an electronic signature proxy execution device for the client terminal includes: when the password for decrypting the encrypted private key together with the digital signature proxy request is received from the client terminal Generating an encrypted value by performing encryption based on the selected encryption key with respect to the password received from the client terminal, extracting the secret key from the secret key storage unit, The method comprising: completing use authentication for the client terminal when the encrypted value matches the secret key; and when the use authentication for the client terminal is completed, extracting the plurality of random key pieces from the plurality of key stores And then combines the plurality of random key pieces Generating the authentication key to perform the encrypting the recovered random key decrypting the encrypted private key for the step and the encryption value to restore the random key may be further included.
According to an embodiment of the present invention, in step S330, when the generation of the authentication key for decrypting the encrypted private key is completed, After extracting the plurality of private key fragments, the encrypted private key may be recovered by combining the plurality of private key fragments. In step S340, the encrypted private key is decrypted using the authentication key, And encrypts the digital signature subject data based on the generated private key to generate the digital signature value.
The operation of the digital signature proxy device for the client terminal according to the embodiment of the present invention has been described above with reference to FIG. Herein, an operation method of the digital signature proxy execution device for a client terminal according to an embodiment of the present invention will be described with reference to FIGS. 1 and 2 for the operation of the digital signature proxy execution devices 110 and 210 for the client terminal And therefore, a detailed description thereof will be omitted.
The method for operating the digital signature proxy device for a client terminal according to an exemplary embodiment of the present invention may be implemented by a computer program stored in a storage medium for execution through a combination with a computer.
In addition, the method of operating the digital signature proxy device for a client terminal according to an exemplary embodiment of the present invention may be implemented in the form of a program command that can be executed through various computer means and recorded in a computer readable medium. The computer-readable medium may include program instructions, data files, data structures, and the like, alone or in combination. The program instructions recorded on the medium may be those specially designed and configured for the present invention or may be available to those skilled in the art of computer software. Examples of computer-readable media include magnetic media such as hard disks, floppy disks and magnetic tape; optical media such as CD-ROMs and DVDs; magnetic media such as floppy disks; Magneto-optical media, and hardware devices specifically configured to store and execute program instructions such as ROM, RAM, flash memory, and the like. Examples of program instructions include machine language code such as those produced by a compiler, as well as high-level language code that can be executed by a computer using an interpreter or the like. The hardware devices described above may be configured to operate as one or more software modules to perform the operations of the present invention, and vice versa.
As described above, the present invention has been described with reference to particular embodiments, such as specific elements, and specific embodiments and drawings. However, it should be understood that the present invention is not limited to the above- And various modifications and changes may be made thereto by those skilled in the art to which the present invention pertains.
Accordingly, the spirit of the present invention should not be construed as being limited to the embodiments described, and all of the equivalents or equivalents of the claims, as well as the following claims, belong to the scope of the present invention .
110: Digital signature agent for client terminal
120: client terminal 130: content providing server
210: Digital signature agent for client terminal
201, 202, 203, 204: a plurality of key stores
211: Data receiving unit 212: Private key restoring unit
213: digital signature value generator 214: digital signature transmitter
215: use registration processor 216: secret key generator
217: Authentication key generation unit 218: Private key distribution unit
219: Key processing unit 220: Random key storage unit
221: Password encryption unit 222:
223 random key recovery unit 224 decryption authentication key generation unit
230: client terminal
240: Content providing server
Claims (16)
When a content providing server storing a public key corresponding to the private key requests an electronic signature to the client terminal, when an electronic signature subscription request based on the private key is received from the client terminal, A data receiving unit for receiving digital signature subject data from the digital signature subject data;
A private key recovery unit for extracting the plurality of private key fragments from the plurality of key stores corresponding to the digital signature substitution request, and restoring the private key by combining the plurality of private key fragments;
An electronic signature value generation unit for generating an electronic signature value by encrypting the digital signature subject data based on the restored private key; And
An electronic signature transmission unit for transmitting the digital signature subject data and the digital signature value to the contents providing server,
And an electronic signature agent for the client terminal.
The content providing server
When the digital signature data and the digital signature value are received, decrypting the digital signature value based on the public key, and if it is determined that the decrypted digital signature value and the received digital signature subject data coincide with each other, And completing the authentication for the client terminal.
The plurality of private key pieces
The encrypted private key generated by encrypting the private key is divided into a plurality of data pieces,
The data receiving unit
When receiving the electronic signature subscription request based on the private key from the client terminal, receiving the digital signature subject data from the contents providing server and receiving a password for decrypting the encrypted private key from the client terminal In addition,
The private key restoring unit
Extracting the plurality of private key fragments from the plurality of key stores corresponding to the digital signature substitution request, combining the plurality of private key fragments to recover the encrypted private key,
The digital signature value generation unit
And decrypting the encrypted private key based on the password and encrypting the digital signature subject data based on the decrypted private key to generate the digital signature value.
The method comprising: generating a public key corresponding to the private key and the private key when the first use registration request for performing an electronic signature substitution is received from the client terminal, A use registration processing unit for requesting a password;
A secret key generation unit for generating a secret key by encrypting the secret key based on a predetermined encryption key and storing the secret key in a secret key storage unit when the password is received from the client terminal;
An authentication key generation unit for generating a random key composed of random data and generating an authentication key for encrypting the private key by performing encryption using the random key for the secret key;
A private key division unit for encrypting the private key based on the authentication key to generate the encrypted private key, and dividing the encrypted private key into the plurality of private key fragments; And
A key processing unit for distributively storing the plurality of private key pieces in the plurality of key stores, and transmitting the public key to the contents providing server,
Further comprising: means for generating a digital signature for the client terminal;
A random key storage unit for dividing the random key into a plurality of data pieces to generate a plurality of random key pieces and distributing the plurality of random key pieces to the plurality of key stores,
Further comprising: means for generating a digital signature for the client terminal;
When receiving the password for decrypting the encrypted private key together with the digital signature substitution request from the client terminal, encrypting the password received from the client terminal based on the selected encryption key, A password encryption unit for generating a password;
A usage authentication unit for extracting the secret key from the secret key storage unit and comparing the encrypted value with the secret key to complete use authentication for the client terminal when the encrypted value matches the secret key;
A random key restoring unit for extracting the plurality of random key fragments from the plurality of key stores and restoring the random key by combining the plurality of random key fragments when the use authentication for the client terminal is completed; And
A decryption authentication key generation unit for generating the authentication key for decrypting the encrypted private key by performing encryption using the recovered random key for the encrypted value,
Further comprising: means for generating a digital signature for the client terminal;
The private key restoring unit
Extracting the plurality of private key fragments from the plurality of key stores in response to the digital signature substitution request when the generation of the authentication key for decrypting the encrypted private key is completed, To recover the encrypted private key,
The digital signature value generation unit
And decrypting the encrypted private key using the authentication key, and encrypting the digital signature subject data based on the decrypted private key to generate the digital signature value.
When a content providing server storing a public key corresponding to the private key requests an electronic signature to the client terminal, when an electronic signature subscription request based on the private key is received from the client terminal, Receiving digital signature subject data from the digital signature subject data;
Extracting the plurality of private key fragments from the plurality of key stores corresponding to the digital signature substitution request, and restoring the private key by combining the plurality of private key fragments;
Encrypting the digital signature subject data based on the restored private key to generate an electronic signature value; And
Transmitting the digital signature subject data and the digital signature value to the contents providing server
The method comprising the steps of:
The content providing server
When the digital signature data and the digital signature value are received, decrypting the digital signature value based on the public key, and if it is determined that the decrypted digital signature value and the received digital signature subject data coincide with each other, And completing the authentication for the client terminal.
The plurality of private key pieces
The encrypted private key generated by encrypting the private key is divided into a plurality of data pieces,
The step of receiving the digital signature subject data
When receiving the electronic signature subscription request based on the private key from the client terminal, receiving the digital signature subject data from the contents providing server and receiving a password for decrypting the encrypted private key from the client terminal In addition,
The step of restoring the private key
Extracting the plurality of private key fragments from the plurality of key stores corresponding to the digital signature substitution request, combining the plurality of private key fragments to recover the encrypted private key,
The step of generating the digital signature value
And decrypting the encrypted private key based on the password and encrypting the digital signature subject data based on the decrypted private key to generate the digital signature value.
The method comprising: generating a public key corresponding to the private key and the private key when the first use registration request for performing an electronic signature substitution is received from the client terminal, Requesting a password;
Storing the secret key in a secret key storage unit after encrypting the secret key based on a predetermined encryption key to generate a secret key when the password is received from the client terminal;
Generating a random key composed of random data and generating an authentication key for encrypting the private key by performing encryption using the random key for the private key;
Encrypting the private key based on the authentication key to generate the encrypted private key, and partitioning the encrypted private key into the plurality of private key fragments; And
Distributing the plurality of pieces of private key to the plurality of key stores, and transmitting the public key to the contents providing server
The method comprising the steps of: receiving an electronic signature;
Dividing the random key into a plurality of data pieces to generate a plurality of random key fragments, and distributing the plurality of random key fragments to the plurality of key stores
The method comprising the steps of: receiving an electronic signature;
When receiving the password for decrypting the encrypted private key together with the digital signature substitution request from the client terminal, encrypting the password received from the client terminal based on the selected encryption key, ;
Extracting the secret key from the secret key storage unit, comparing the encrypted value with the secret key, and completing use authentication for the client terminal if the encrypted value matches the secret key;
Extracting the plurality of random key fragments from the plurality of key stores and reconstructing the random key by combining the plurality of random key fragments when the use authentication for the client terminal is completed; And
Generating the authentication key for decrypting the encrypted private key by performing encryption with the recovered random key for the encrypted value
The method comprising the steps of: receiving an electronic signature;
The step of restoring the private key
Extracting the plurality of private key fragments from the plurality of key stores in response to the digital signature substitution request when the generation of the authentication key for decrypting the encrypted private key is completed, To recover the encrypted private key,
The step of generating the digital signature value
An operation method of an electronic signature proxy execution device for a client terminal for decrypting the encrypted private key using the authentication key and then encrypting the digital signature subject data based on the decrypted private key to generate the digital signature value .
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| KR1020160007506A KR101776635B1 (en) | 2016-01-21 | 2016-01-21 | Apparatus for performing on behalf an electronic signature for client terminal and operating method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| KR1020160007506A KR101776635B1 (en) | 2016-01-21 | 2016-01-21 | Apparatus for performing on behalf an electronic signature for client terminal and operating method thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| KR20170087663A true KR20170087663A (en) | 2017-07-31 |
| KR101776635B1 KR101776635B1 (en) | 2017-09-11 |
Family
ID=59418993
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| KR1020160007506A KR101776635B1 (en) | 2016-01-21 | 2016-01-21 | Apparatus for performing on behalf an electronic signature for client terminal and operating method thereof |
Country Status (1)
| Country | Link |
|---|---|
| KR (1) | KR101776635B1 (en) |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR101952641B1 (en) * | 2017-10-13 | 2019-02-27 | 주식회사 오스랩스 | Location based multi-channel login authentication method in a cloud environments |
| KR101984254B1 (en) | 2018-09-21 | 2019-05-30 | 김성완 | Node device constituting a block-chain network and an operation method of the node device |
| KR20190097998A (en) * | 2018-02-12 | 2019-08-21 | 주식회사 한컴위드 | User authentication apparatus supporting secure storage of private key and operating method thereof |
| KR20190098397A (en) * | 2018-02-14 | 2019-08-22 | 주식회사 코드박스 | Management method for private key of virtual money |
| KR20190118376A (en) * | 2018-04-10 | 2019-10-18 | (주)키스톤랩 | Method for trading blockchain exchange based real electronic wallet and method for trading the same |
| KR20200034565A (en) | 2019-05-23 | 2020-03-31 | 김성완 | Node device constituting a block-chain network and an operation method of the node device |
| KR20200118303A (en) * | 2019-04-04 | 2020-10-15 | (주)누리텔레콤 | Private key securing methods of decentralizedly storying keys in owner's device and/or blockchain nodes |
| KR102210448B1 (en) * | 2020-04-07 | 2021-02-02 | 블랍스 주식회사 | Method, apparatus and computer program for providing ownership registration and counterfeit judgment service for product using blockchain |
| KR20210067518A (en) | 2019-11-29 | 2021-06-08 | 한국정보통신주식회사 | A payment terminal apparatus for providing multi van services using a distributed management network of encryption key based on block chains |
| KR20210067493A (en) | 2019-11-29 | 2021-06-08 | 한국정보통신주식회사 | A payment terminal apparatus for providing payment services using a distributed management network of encryption key based on block chains |
| KR20210125804A (en) * | 2020-04-09 | 2021-10-19 | 건양대학교산학협력단 | Method for Authenticating Genuineness by Substituting the Autograph of the Work |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR102087285B1 (en) * | 2018-08-08 | 2020-03-10 | 주식회사 한글과컴퓨터 | Chatbot system server capable of system control based on interactive messaging and operating method thereof |
| KR102087287B1 (en) * | 2018-08-20 | 2020-03-10 | 주식회사 한글과컴퓨터 | Chatbot system server capable of executing events based on interactive messaging and operating method thereof |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP3793042B2 (en) | 2001-05-14 | 2006-07-05 | 日本電信電話株式会社 | Electronic signature proxy method, apparatus, program, and recording medium |
| JP6045018B2 (en) * | 2012-05-07 | 2016-12-14 | 日本電気株式会社 | Electronic signature proxy server, electronic signature proxy system, and electronic signature proxy method |
-
2016
- 2016-01-21 KR KR1020160007506A patent/KR101776635B1/en active IP Right Grant
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR101952641B1 (en) * | 2017-10-13 | 2019-02-27 | 주식회사 오스랩스 | Location based multi-channel login authentication method in a cloud environments |
| KR20190097998A (en) * | 2018-02-12 | 2019-08-21 | 주식회사 한컴위드 | User authentication apparatus supporting secure storage of private key and operating method thereof |
| KR20190098397A (en) * | 2018-02-14 | 2019-08-22 | 주식회사 코드박스 | Management method for private key of virtual money |
| KR20190118376A (en) * | 2018-04-10 | 2019-10-18 | (주)키스톤랩 | Method for trading blockchain exchange based real electronic wallet and method for trading the same |
| KR101984254B1 (en) | 2018-09-21 | 2019-05-30 | 김성완 | Node device constituting a block-chain network and an operation method of the node device |
| WO2020060094A1 (en) * | 2018-09-21 | 2020-03-26 | 김성완 | Node device constituting blockchain network and method for operation of node device |
| WO2020204444A3 (en) * | 2019-04-04 | 2020-12-17 | (주)누리텔레콤 | Secret key security method of distributing and storing key in blockchain node and/or possession device having wallet app installed therein |
| KR20200118303A (en) * | 2019-04-04 | 2020-10-15 | (주)누리텔레콤 | Private key securing methods of decentralizedly storying keys in owner's device and/or blockchain nodes |
| KR20200034565A (en) | 2019-05-23 | 2020-03-31 | 김성완 | Node device constituting a block-chain network and an operation method of the node device |
| KR20210067518A (en) | 2019-11-29 | 2021-06-08 | 한국정보통신주식회사 | A payment terminal apparatus for providing multi van services using a distributed management network of encryption key based on block chains |
| KR20210067493A (en) | 2019-11-29 | 2021-06-08 | 한국정보통신주식회사 | A payment terminal apparatus for providing payment services using a distributed management network of encryption key based on block chains |
| KR102210448B1 (en) * | 2020-04-07 | 2021-02-02 | 블랍스 주식회사 | Method, apparatus and computer program for providing ownership registration and counterfeit judgment service for product using blockchain |
| KR20210125804A (en) * | 2020-04-09 | 2021-10-19 | 건양대학교산학협력단 | Method for Authenticating Genuineness by Substituting the Autograph of the Work |
Also Published As
| Publication number | Publication date |
|---|---|
| KR101776635B1 (en) | 2017-09-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101776635B1 (en) | Apparatus for performing on behalf an electronic signature for client terminal and operating method thereof | |
| KR20200002985A (en) | Data sharing methods, clients, servers, computing devices, and storage media | |
| US10341106B2 (en) | Location aware cryptography | |
| CN105580311A (en) | Data security using request-supplied keys | |
| CN106487765B (en) | Authorized access method and device using the same | |
| CN103457733A (en) | Data sharing method and system under cloud computing environment | |
| CN110417750B (en) | Block chain technology-based file reading and storing method, terminal device and storage medium | |
| CN102281300A (en) | digital rights management license distribution method and system, server and terminal | |
| CN105991563B (en) | Method and device for protecting security of sensitive data and three-party service system | |
| CN103414727A (en) | Encryption protection system for input password input box and using method thereof | |
| CN103281187A (en) | Security authentication method, equipment and system | |
| KR20180101870A (en) | Method and system for data sharing using attribute-based encryption in cloud computing | |
| JP2013115522A (en) | Link access control method, program, and system | |
| CN107306254B (en) | Digital copyright protection method and system based on double-layer encryption | |
| JP2014167675A (en) | Document authority management system, terminal equipment, document authority management method and program | |
| CN110798315A (en) | Data processing method and device based on block chain and terminal | |
| CN104462877A (en) | Digital resource acquisition method and system under copyright protection | |
| KR101797571B1 (en) | Client terminal device for generating digital signature and digital signature generation method of the client terminal device, computer readable recording medium and computer program stored in the storage medium | |
| CN106411520B (en) | Method, device and system for processing virtual resource data | |
| CN111031352A (en) | Audio and video encryption method, security processing method, device and storage medium | |
| KR102070248B1 (en) | User authentication apparatus supporting secure storage of private key and operating method thereof | |
| CN110661814A (en) | Bidding file encryption and decryption method, device, equipment and medium | |
| CN107919958B (en) | Data encryption processing method, device and equipment | |
| JP2011227673A (en) | File management system, storage server, client, file management method and program | |
| CN109547198A (en) | The method and system of network transmission video file |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| A201 | Request for examination | ||
| E902 | Notification of reason for refusal | ||
| E701 | Decision to grant or registration of patent right | ||
| GRNT | Written decision to grant |