TW201110653A - Mediate platform, IC card, and method for generating authentication key - Google Patents

Mediate platform, IC card, and method for generating authentication key Download PDF

Info

Publication number
TW201110653A
TW201110653A TW98129950A TW98129950A TW201110653A TW 201110653 A TW201110653 A TW 201110653A TW 98129950 A TW98129950 A TW 98129950A TW 98129950 A TW98129950 A TW 98129950A TW 201110653 A TW201110653 A TW 201110653A
Authority
TW
Taiwan
Prior art keywords
card
identification code
identification
code information
local
Prior art date
Application number
TW98129950A
Other languages
Chinese (zh)
Other versions
TWI373951B (en
Inventor
Chun-Hsin Ho
Original Assignee
Taisys Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Taisys Technologies Co Ltd filed Critical Taisys Technologies Co Ltd
Priority to TW98129950A priority Critical patent/TWI373951B/en
Publication of TW201110653A publication Critical patent/TW201110653A/en
Application granted granted Critical
Publication of TWI373951B publication Critical patent/TWI373951B/en

Links

Landscapes

  • Telephone Function (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

A mediate platform and a method for providing an integrated circuit card with an authentication key for a local mobile phone number of a destination is disclosed. The mediate platform includes a processor, an encrypting device, a transmitter, a receiver, a decrypting device, and a calculator, wherein the authentication key is generated by an algorithm, and the local mobile phone number is activated by an authentication center of the destination.

Description

201110653 六、發明說明: 【發明所屬之技術領域】 本案關於一種產生認證密鑰的方法,尤指,一種由行 動電話晶片卡自行產生認證密鑰的方法。 【先前技術】 隨著通訊科技越來越發達,行動電話所帶來的高度便 利性如今已無庸置疑,人們對於行動電話的依賴性也隨之 • 而迅速增加,行動電話甚至可以說,已經成為現今人類所 不可或缺的生活必需品之一。加上世界經濟日趨國際化, 國際間的商務旅行日趨頻繁,使得國際漫遊已成為商務旅 客連絡公事的重要媒介,更讓世界變得「無國界」。 雖然國際漫遊提供了高度便利性的優點,但其所伴隨 的高額通話費卻是讓人無法忽略。因此,有些人為了降低 其國際漫遊的通話費,甚至在不同的國家申辦當地的行動 電話號碼。雖然這對於需要長期停留於國外的人來說已相 • 當方便,但對於只是停留3〜5天的觀光客來說,卻是不 切實際。為了因應觀光客這方面的需求,有些國際機場提 供「預付卡」的服務,讓觀光客可以在有限的通話費下使 用。然而,預付卡除了需要花費時間填寫申請表格之外, 個人資料也可能遭到非法濫用。並且當預付卡金額不足 時,便需要加值,但加值後,又有可能使用不完,而有餘 額,造成浪費。此外,當使用者把原本的S I Μ卡從行動 電話中取出,並改以預付卡插入時,則原本的S I Μ卡將 201110653 無法繼續接收到來電或簡訊 因此’預付卡亦相當不便。 而有機會錯失重要的訊息。 為了克服上述問題,美國專利第6 號揭露-種具有雙S丨Μ卡槽的行 時將兩張SIM卡放入到同-個行動電話中 2付卡為例’雖然㈣電話中可㈣時容㈣來的s ι Μ卡及新增_付卡,讓制者不需要將s ι m卡取出才 能置入預付卡’但使㈣’卻只有其+—張卡能夠通話並 接收來電’兩者無法时制。此外,倘若僅為了短暫的 出國旅遊,而特別購買-個具有雙s I M卡槽 話,著實過於浪費且不實用。 有鑑於上述習知技藝的缺失,本案遂而提出一種晶片 卡可以產生涊證密鑰的方法,使其具有當地行動電話號 碼,進而達到節省國際漫遊的通話費之目的。 【發明内容】 本發明的主要目的為提供一種晶片卡可以產生認證 密鑰的方法,使其具有當地行動電話號碼,進而節省國際 漫遊的通話費。 為達上述目的,本案提供一種產生認證密鑰的方法, 該認證密鑰用以啟動當地行動電話號碼,包括下列步驟: 提供一晶片卡’該晶片卡具有一第一識別碼資訊及一第二 識別碼資訊;將該第一識別碼資訊提供給一中介平台,該 中介平㈣存有該第 二識別碼資訊;將該第一識別碼資訊 201110653 加密;將該加密後的第一識別碼資訊傳輸到一當地認證中 心;產生對應於該第一識別碼資訊的一識別檔案;藉由該 當地認證中心將該當地行動電話號碼的一第三識別碼資 訊加密;將該識別檔案及該加密後的第三識別碼資訊傳送 到該中介平台;從該當地認證中心取得一公鑰;利用該公 输將該加密後的第三識別碼資訊解密;將該解密後的第三 識別碼資訊及該識別檔案傳輸到該晶片卡;該中介平台與 該晶片卡同時藉由一演算法利用該第二識別碼資訊及該 • 識別擰案進行分散運算來產生該認證密錄;及藉由該中介 平台將該認證密鑰輸出到該當地認證中心,以啟動該當地 行動電話號碼。 根據本案之構想,該識別檔案包括一分散因子。該分 散因子包括日期、時間、次數、頻率或週期。 根據本案之構想,該第一識別碼資訊及該第三識別碼 貧訊包括臨時行動用戶識別碼(TMs j )、國際行動用 戶識別碼(IMS I )、國際行動設備識別碼(j ME j )、 使用者身份模組識別碼(U j M丨D)、電子序號(E s N )、或I C卡識別碼(I c C I D )。 根據本案之構想,該晶片卡包括用戶識別模組(s工 =)卡、通用用戶識別模組(usIM)卡、使用者識別 核組(U IM)卡、或可移動使用者識別模組(RU IM) 卡。 根據本案之構想,該晶片卡可與用戶識別模組(S ! M)卡、通用用戶識別模組(USIM) +、使用者識別 201110653 模組(U I Μ)卡、 卡結合。 或可移動使用者識別模組(RUIΜ) 根據本案之構想,該識別檔案為-數位簽章。 =據本案之構想’該解密後的第三朗碼資訊及該識 別棺案藉由簡訊、網路、無線傳輸、智慧卡讀卡機、或◦ a i r )的方式從該中介平台 TA(〇ver-the 傳輸到該晶片卡。 根據本案之構想,該中介平台及該當地認證中心藉由201110653 VI. Description of the invention: [Technical field to which the invention pertains] The present invention relates to a method for generating an authentication key, and more particularly to a method for generating an authentication key by a mobile phone chip card. [Prior Art] With the development of communication technology, the high convenience brought by mobile phones is now unquestionable, and people's dependence on mobile phones has increased rapidly. Mobile phones can even be said to have become One of the necessities of life that is indispensable to humanity today. Coupled with the increasing internationalization of the world economy, international business travel has become more frequent, making international roaming an important medium for business travellers to contact the public, and to make the world "no borders." Although international roaming offers the advantage of high convenience, the high cost of the call is not negligible. Therefore, some people even bid for local mobile phone numbers in different countries in order to reduce their international roaming charges. Although this is convenient for people who need to stay abroad for a long time, it is unrealistic for tourists who only stay for 3 to 5 days. In order to meet the needs of tourists, some international airports offer “prepaid card” services, allowing tourists to use the limited call charges. However, in addition to the time it takes for the prepaid card to fill out the application form, personal data may be illegally abused. And when the amount of the prepaid card is insufficient, it needs to be added. However, after the added value, it may be used up, but there is a surplus, which is wasteful. In addition, when the user removes the original S I Leica from the mobile phone and inserts it into the prepaid card, the original S I Leica will not be able to continue receiving calls or text messages in 201110653. Therefore, the prepaid card is also quite inconvenient. And have the opportunity to miss important messages. In order to overcome the above problems, U.S. Patent No. 6 discloses that when a line having a double S card slot is used, two SIM cards are placed in the same mobile phone as an example of a two-card card, although (4) when the phone is available (four)容 Μ 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 及 四 四 四 四 四 四 四 四Can't be timed. In addition, if only for a short trip abroad, and special purchases - with a double s I M card slot, it is too wasteful and not practical. In view of the above-mentioned shortcomings of the prior art, the present invention proposes a method for generating a certificate key for a wafer card, so that it has a local mobile phone number, thereby achieving the purpose of saving the international roaming call fee. SUMMARY OF THE INVENTION A primary object of the present invention is to provide a method for a wafer card to generate an authentication key, which has a local mobile phone number, thereby saving the cost of international roaming calls. To achieve the above objective, the present invention provides a method for generating an authentication key for initiating a local mobile phone number, comprising the steps of: providing a chip card having a first identification code information and a second Identification code information; providing the first identification code information to an intermediary platform, the intermediary (4) storing the second identification code information; encrypting the first identification code information 201110653; and encrypting the first identification code information Transmitting to a local authentication center; generating an identification file corresponding to the first identification code information; encrypting a third identification code information of the local mobile phone number by the local authentication center; and identifying the identification file and the encrypted file Transmitting the third identification code information to the intermediary platform; obtaining a public key from the local authentication center; decrypting the encrypted third identification code information by using the public input; and decrypting the decrypted third identification code information and the identification Transferring the file to the chip card; the mediation platform and the chip card simultaneously utilize the second identification code information and the identification file by an algorithm Performing a decentralized operation to generate the authentication secret record; and outputting the authentication key to the local authentication center by the intermediary platform to activate the local mobile phone number. According to the concept of the present case, the identification file includes a dispersion factor. The disaggregation factor includes date, time, number of times, frequency, or period. According to the concept of the present case, the first identification code information and the third identification code information include a temporary mobile subscriber identity (TMs j ), an international mobile subscriber identity (IMS I ), and an international mobile device identifier (j ME j ). User identity module identification code (U j M丨D), electronic serial number (E s N ), or IC card identification code (I c CID ). According to the concept of the present invention, the chip card includes a user identification module (s work =) card, a universal user identification module (usIM) card, a user identification core group (U IM) card, or a removable user identification module ( RU IM) card. According to the concept of the present case, the chip card can be combined with a user identification module (S! M) card, a universal user identification module (USIM) +, a user identification 201110653 module (U I Μ) card, and a card. Or removable user identification module (RUIΜ) According to the concept of the case, the identification file is a digital signature. According to the concept of the case, the decrypted third language information and the identification file are transmitted from the intermediary platform TA by way of SMS, internet, wireless transmission, smart card reader, or ◦ air. -the transfer to the chip card. According to the concept of the case, the intermediary platform and the local certification center

RSA、D I FF I E-HELLMAN、ELGAMA L、橢圓曲線密碼、DSA、f〇rtezza、des、RSA, D I FF I E-HELLMAN, ELGAMA L, elliptic curve cryptography, DSA, f〇rtezza, des,

TRIPLE DES、AES、RC2、RC4、或 I DEA的方式加密。 本發明另一目的為提供一種中介平台,其提供一晶片 卡用以啟動當地行動電話號碼的一認證密鑰。該中介平台 包括.一處理器,用以取得該晶片卡的一第一識別碼資 訊,並從一當地認證中心取得一公鑰;一記憶體,用以儲 存該晶片卡的一第二識別碼資訊;一加密裝置,用以將該 第一識別碼資訊加密;一傳輸器,用以將該加密後的第一 識別碼資訊傳輸到該當地認證中心;一接收器,用以接收 對應於該第一識別碼資訊並由該當地認證中心所產生的 一識別檔案’及由該當地認證中心所加密的一第三識別碼 資訊’一解密裳置’利用該公鑰將該加密後的第三識別碼 資訊解密;及一計算器’藉由一演算法利用該第二識別碼 資訊及該識別檔案進行分散運算來產生該認證密鑰;其中 201110653 該傳輸器將該解密後的第三識別碼資訊及該識別檔案傳 輸到該晶片卡’使得該晶片卡也可以藉由該演算法產生該 奶也达鑰並且該傳輸器也將該認證密錄傳輸到該當地認 證中心’以讓該當地行動電話號碼啟動。 根據本案之構想,該傳輸器藉由簡訊、網路、無線傳 輸、智慧卡讀卡機、或〇TA(〇ver — the — ai r)的方式將解密後的第三識別碼資訊及該識別檔案傳輸 到該晶片卡。 根據本案之構想,該加密裝置藉由RSA、D I FF IE—HELLMANiELGAMAL·、橢圓曲線密Encryption of TRIPLE DES, AES, RC2, RC4, or I DEA. Another object of the present invention is to provide an intermediary platform that provides an authentication key for a chip card to activate a local mobile phone number. The mediation platform includes: a processor for obtaining a first identification code information of the chip card, and obtaining a public key from a local authentication center; and a memory for storing a second identification code of the chip card Information, an encryption device for encrypting the first identification code information, a transmitter for transmitting the encrypted first identification code information to the local authentication center, and a receiver for receiving the corresponding information The first identification code information and an identification file generated by the local certification center and a third identification code information encrypted by the local authentication center, a decryption skirt, using the public key to encrypt the third The identification code information is decrypted; and a calculator generates the authentication key by using an algorithm to perform the distributed operation by using the second identification code information and the identification file; wherein the transmitter transmits the decrypted third identification code by 201110653 Transmitting the information and the identification file to the wafer card 'so that the wafer card can also generate the milk key by the algorithm and the transmitter also transmits the authentication secret record to the local identification The card center is to activate the local mobile phone number. According to the concept of the present case, the transmitter decrypts the third identification code information and the identification by way of SMS, network, wireless transmission, smart card reader, or 〇TA (〇ver — the — ai r) The file is transferred to the wafer card. According to the concept of the present case, the encryption device is characterized by RSA, D I FF IE-HELLMANi ELGAMAL, elliptic curve

碼、DSA、FORTEZZA、DES、TRI PLE DES、AES、RC2、RC4、或IDEA的方式加 密。 本發明再另一目的為提供一種晶片卡,其具有用以啟 動當地行動電話號碼的一認證密鑰。該晶片卡包括:一記 憶體,用以儲存一第一識別碼資訊及一第二識別碼資訊°; 一傳輸器,用以將該第一識別碼資訊傳輸到一中介平台, 其中該第一識別碼資訊藉由該中介平台加密並傳輸到一 當地認證中心;一接收器,用以接收對應於該第一識別碼 資訊並由該當地認證中心所產生的一識別檔案,及由談中 介平台利用從該當地認證中心取得的一公鑰所解密的一 第三識別碼資訊,其中該第三識別碼資訊由該當地認證中 心所加密;及一計算器,藉由一演算法利用該第二識別碼 資訊及該識別稽案進行分散運算來產生該認證密输,其中 201110653 以碼。4藉由該認證密鍮來啟動該當地行動電話 輸、想,該接收器藉由簡訊、網路、無線傳 翰曰慧卡讀卡機、或〇TA(0Ver—the—ai 別檔^方式從該中介平台接收到該第三識別碼資訊及該識 本案得藉由下列圖式與實施例說明,俾得一更清楚之 了解。 【實施方式】Code, DSA, FORTEZZA, DES, TRI PLE DES, AES, RC2, RC4, or IDEA are encrypted. It is still another object of the present invention to provide a wafer card having an authentication key for initiating a local mobile telephone number. The chip card includes: a memory for storing a first identification code information and a second identification code information; a transmitter for transmitting the first identification code information to an intermediary platform, wherein the first The identification code information is encrypted by the intermediary platform and transmitted to a local authentication center; a receiver is configured to receive an identification file corresponding to the first identification code information and generated by the local authentication center, and the intermediary platform a third identification code information decrypted by a public key obtained from the local authentication center, wherein the third identification code information is encrypted by the local authentication center; and a calculator that utilizes the second by an algorithm The identification code information and the identification audit are distributed to generate the authentication secret, wherein 201110653 is coded. 4 Start the local mobile phone by means of the authentication key, and the receiver can use the SMS, the Internet, the wireless transmission card reader, or the 〇TA (0Ver-the-ai file) The third identifier information received from the intermediary platform and the knowledge of the document can be clearly understood by the following figures and embodiments. [Embodiment]

本案為—種可以讓晶4卡不需要從外部輸人的方式 (例如:網路下載、無線傳輸、内建安裝)便可自行產生 認證密鍮的方法。當使用者出國時,倘若能夠取得當地的 仃動電話號碼’便可於當地以境内通話的方式進行撥打, 進而節省高額的國際漫遊通話費。以下將詳細說明其實現 方去。雖然本實施例將以G S Μ通訊系統作說明,然,熟 悉此技藝者應知並不限於此,本發明亦可應用於G p R S、3 G、CDMA、WCDMA等通訊系統。 首先,請參閱第1圖,其揭示本案晶片卡及中介平台 的主要構成要件(實線框)並示意其所包含的内部資訊/ 凡件(虛線框)。如圖所示,晶片卡丄〇包含記憶體丄〇 1、計算器102、傳輸器1〇3、接收器1〇4。中介 平台2 0包含處理器201、加密裝置2〇2、解密裝置 2 〇 3、傳輸器204、接收器205、計算器206、 201110653 記憶體2 0 7。 在第1圖中,除了揭示本案晶片卡1 〇及中介平台2 〇之外,亦顯示-當地認證t心3 0,其為使用者所二前 往國家(即:當地)的當地認證單位(發卡單位),用來 提供行動電話號碼及通訊服務。由於不同的國家會有不同 的當地認證中心,因此,中介平台2 〇為一個整:各國當 地認證中心的平台,讓使用者免除為了申請一個當地行& 電話號碼所需的繁雜手續與精神耗費。透過中介平台2 〇,使用者可於出國前,利用簡單的程序輕易取得所欲前 往國家的當地行動電話號碼,而不需在人生地不熟的地方 尋找當地的當地認證中心辦理。一般受限於行動電話號碼 的認證密鑰(K i )無法透過簡訊、網路下載、無線傳輸、 智慧卡讀卡機、或〇TA (ove r — the — a i r) 的方式進行載入到晶片卡中,使得現行晶片卡無法達到載 入新行動電話號碼的功能。囟此,本發明藉由讓晶片卡1 ◦與中介平台2 0同時自行產生相同的認證密鑰,再由中 介平台2 0將所產生的認證密鑰2 〇 8以輸出檔案(〇 u t p u t 1 e )的方式傳輸給當地的當地認證中心 3 0來克服此一限制。 以G S Μ通訊系統為例’晶片卡1 〇除了可以是一張 用戶識別模組(S I Μ)卡’亦可為一張具有用戶識別模 組(S IΜ)的智慧卡,甚至可為一張不具有用戶識別模 組(S I Μ)卻可與S I Μ卡結合使用的晶片卡。如上所 述’本發明不限於G SM通訊系統,因此,晶片卡1 〇亦 201110653 可為通用用戶識別模組(u S I Μ)卡、使用者識別模組 (U I Μ )卡、或可移動使用者識別模組(r υ I Μ )卡。 甚至亦可與通用用戶識別模組(U S IΜ)卡、使用者識 別模組(U IΜ)卡、或可移動使用者識別模組(R u j Μ)卡結合。由於晶片卡1 〇並不限使用於〇 sμ通訊系 統’亦不限需具有用戶識別模組(S I Μ),而可與用戶 識別模組(S I Μ)卡結合使用,因此,倘若使用者所欲 前往的國家並非使用G SΜ通訊系統,則晶片卡i 〇可配 合該國的通訊系統做對應的搭配。 其中i己憶體1 〇 1是用來儲存晶片卡1 〇的第一識 別碼=貝1 Q 5及第二識別碼資訊1 Q 6。第—識別碼資 訊1 0 5包含如臨時行動用戶識別碼(TM s丨)、國際 仃動用戶識別碼(I MS I )、國際行動設備識別碼(j me I )、使用者身份餘識別碼(UIMI D)、電子序 號(ESN)、或I C卡識別碼(j cc j D)等的資訊。 而第二識別碼資訊1 ◦ 6為晶片卡1 G出廠時,所特有的 =序:虎識:序號是無法經由簡訊、網路下載、無線 傳輸、智慧切卡機、或〇TA (。ve卜t h 的方式對外進行傳輸或讀取,因此,除 〇本身具有該識別序號之外,只有生產製造㊂ = 中介平台2 0知道該晶片卡丄〇 曰卡1 0的 丄U的識別序號。中介 〇將該識別序號(第二識別碼資 十口」 2〇7中。 貝汛1〇6)儲存於記憶體 傳輸器1 0 3是用來將第一 識別碼資訊1 0 5傳輸 2〇lll〇653 平台20。接收器104是用來從中介平台2〇接 識別碼#訊1()5並由#地認證中心3〇 斤取付的識別檔案3〇2(可為一數位This case is a method that allows the Crystal 4 card to generate authentication keys without the need to input from outside (for example, network download, wireless transmission, built-in installation). When the user goes abroad, if the local mobile phone number can be obtained, the local call can be made in the local area, thereby saving a high amount of international roaming charges. The implementation will be detailed below. Although the present embodiment will be described with the G S Μ communication system, it should be understood by those skilled in the art that the present invention is not limited thereto, and the present invention is also applicable to communication systems such as G p R S, 3 G, CDMA, and WCDMA. First, please refer to Fig. 1, which discloses the main components (solid frame) of the wafer card and the interposer in this case and indicates the internal information/parts (dashed frame) contained therein. As shown, the wafer cassette contains a memory bank 1, a calculator 102, a transmitter 1〇3, and a receiver 1〇4. The intermediary platform 20 includes a processor 201, an encryption device 2, a decryption device 2, a transmitter 204, a receiver 205, a calculator 206, and a 201110653 memory. In Fig. 1, in addition to revealing the wafer card 1 and the intermediary platform 2, the local authentication t-key 30 is also displayed, which is the local certification unit (the local) that the user goes to the country (ie: local). Unit), used to provide mobile phone numbers and communication services. Since different countries have different local certification centers, the intermediary platform 2 is a whole: a platform for local certification centers in various countries, which allows users to exempt the complicated procedures and mental expenses required to apply for a local line and phone number. . Through the intermediary platform 2, users can easily obtain the local mobile phone number of the country they want to go to before going abroad, without having to find a local local certification center in an unfamiliar place. The authentication key (K i ) that is generally limited by the mobile phone number cannot be loaded into the chip via SMS, network download, wireless transmission, smart card reader, or 〇TA (ove r — the — air). In the card, the current chip card cannot reach the function of loading a new mobile phone number. Therefore, the present invention generates the same authentication key by causing the chip card 1 to simultaneously generate the same authentication key with the intermediary platform 20, and then the generated authentication key 2 〇8 by the intermediary platform 20 to output the file (〇utput 1 e ) The method is transmitted to the local local certification center 30 to overcome this limitation. Take the GS Μ communication system as an example. 'The chip card 1 can be a user identification module (SI Μ) card' or a smart card with a user identification module (S I ,), or even a A chip card that does not have a Subscriber Identity Module (SI Μ) but can be used with an SI Leica. As described above, the present invention is not limited to the G SM communication system, and therefore, the chip card 1 201110653 can be a universal user identification module (u SI Μ) card, a user identification module (UI Μ ) card, or can be used for mobile use. Identify the module (r υ I Μ ) card. It can even be combined with a Universal User Identity Module (U S IΜ) card, a User Identification Module (U IΜ) card, or a Mobile User Identification Module (R u j Μ) card. Since the chip card 1 is not limited to use in the 〇sμ communication system, it does not need to have a user identification module (SI Μ), but can be used in combination with a user identification module (SI Μ) card, so if the user If the country you want to travel to does not use the G SΜ communication system, the chip card can be matched with the country's communication system. The first memory 1 〇 1 is used to store the first identification code of the wafer card 1 贝 1 5 1 Q 5 and the second identification code information 1 Q 6 . The first-identification code information 1 0 5 includes, for example, a temporary action user identification code (TM s丨), an international mobile user identification code (I MS I ), an international mobile device identification code (j me I ), and a user identity residual identification code. Information such as (UIMI D), electronic serial number (ESN), or IC card identification code (j cc j D). The second identification code information 1 ◦ 6 is the wafer card 1 G when it leaves the factory, the unique = sequence: Tiger knowledge: serial number is not available via SMS, network download, wireless transmission, smart card cutter, or 〇TA (.ve The mode of th is transmitted or read externally. Therefore, except for the identification number itself, only the manufacturing three = the intermediary platform 20 knows the identification number of the 丄〇曰U of the wafer card 10. 〇 The identification number (the second identification code is ten ports) 2〇7. Bellow 1〇6) is stored in the memory transmitter 1 0 3 is used to transmit the first identification code information 1 0 5 2〇lll 〇 653 platform 20. The receiver 104 is used to identify the identification code #1 () 5 from the intermediary platform 2 and the identification file 3 〇 2 (which can be a digit)

利用從當地認證中心3〇二= ^解密的第三識別碼資訊3 01。如同第—識別碼資訊 1 ? 5,第三識別碼資訊3 〇工包括如臨時行動用戶識別 & (TMS I )、國際行動用戶識別碼(j Ms j )、國際 行動設備識別碼(IME I )、使用者身份模組識別碼(;; MID)電子序號(esn)、或ic卡識別碼(ic D)荨的為β孔。其中接收器1 〇 4藉由簡訊、網路、 無線傳輸、智慧卡讀卡機、或〇丁Α的方式從中介平台2 〇的傳輸器2 0 4接收到第三識別碼資訊3 〇 i及識別 ^案3 0 2 °計算器! 〇 2藉由—演算法利用第二識別碼 資訊1 0 6及識別檔案3 〇 2進行分散運算來產生認證 密鑰1 0 7。 由於中介平台2 〇亦具有第二識別碼資訊丄〇 6,因 此,中介平台2 〇的計算器2 〇 6可藉由該演算法(相同 於計算器1 〇 2的演算法)利用第二識別碼資訊i 〇 6及 識別檔案3 0 2進行分散運算來產生認證密鑰2 〇 8。 處理器20 1是用來取得晶片卡丄〇的第一識別碼 資訊1 0 5,並從當地認證中心3 〇取得公鑰3 〇 3。加 密裝置202主要藉由RSA、DIFFIE—HELL· MAN、ELGAMAL·、橢圓曲線密碼、、F〇 RTEZZA、DES、TRIPLE DES、AES、 201110653 RC2、RC4、或IDE A的方式將第一識別碼資訊1 0 5加密。在本實施例’加密裝置2 〇 2是以D E S的對 稱式加密法進行加密。 傳輸器2 0 4是用來將加密後的第一識別碼資訊1 0 5傳輸到當地認證中心3 〇,並將解密後的第三識別碼 資訊3 0 1及識別檔案3 〇 2傳輸到晶片卡1 0,使得晶 片卡1 0也可以藉由該演算法產生認證密鑰1 〇 7。此 外’傳輸器2 0 4也負責將認證密鑰2 〇 8傳輸到當地認 證中心3 0,以啟動該當地行動電話號碼。由於計算器1 ◦ 2及計算器2 0 6經由演算法所產生的認證密鑰1 〇 7及認證密鎗2 0 8相同,因此,當地認證中心3 〇僅需 藉由認證密鑰2 0 8來啟動該當地行動電話號碼。 接收器2 0 5是用來接收識別檔案3 〇 2及由當地 認證中心3 0所加密的第三識別碼資訊3 〇 1。如同加密 裝置2 0 2,當地認證中心3 ◦亦可藉由RSA、D IF F I E — HELLMAN、ELGAMAL·、橢圓曲線密 碼、DSA、F〇RTEZZA、DES、TRIPLE DES、AES、RC2、RC4、或 IDEA的方式將 第三識別碼資訊3 〇 1加密。在本實施例,當地認證中心 30是以RSA的非對稱式加密法進行加密。解密裝置2 0 3再利用公鑰3 0 3將加密後的第三識別碼資訊3 〇 1解密。計算器2 0 6藉由一演算法利用解密後的第三識 別碼資訊3 0 1及識別樓案3 〇 2來產生認證密錄2 0 8 ° 12 201110653 /在簡略介紹晶片卡1〇與中介平台2〇的各値要件 之後,接下來將針對本發明如何產生認證密鑰及晶片卡工 〇 :中介平台2 0、當地認證中心3◦三者之間的關係做 更詳細的說明。 ^如上所述,本發明的主要目的為提供使用者一個國外 當地的行動電話號碼,以便使用者出國時,可以於當地以 堍内通活的方式進行撥打,進而節省高額的國際漫遊通話 費。 原則上,當地認證中心3 〇以s I Μ卡的I M S I 碼、I C C I D碼、Κ I碼做為其認證的依據。其中ζ Μ S I竭及I c C I D碼皆可透過簡訊、網路、無線傳輸、 智慧卡讀卡機、或〇Τ Α的方式載入到晶片卡中,唯有κ I碼受到此傳輸方式的限制。因此’本發明利用以下方法 來克服此一問題。 請參閱第2Α、2Β圖’其揭示本發明產生認證密鑰 的方法流程圖。首先’晶片卡1 〇透過傳輸器1 〇 3將第 一識別碼資訊1 〇 5傳輸給中介平台2 0的接收器2 0 5 (步驟S 4 0 1 )。接收器2 0 5接收到第一識別碼資 訊1 05後,再由加密裝置202利用RSA、D I FF I E—HELLMAN、ELGAMAL、橢圓曲線密The third identification code information 3 01 decrypted from the local authentication center is used. Like the first-identification code information 1 ? 5, the third identification code information 3 completion includes, for example, Temporary Action User Identification & (TMS I), International Mobile Subscriber Identity (j Ms j ), International Mobile Equipment Identity (IME I) ), user identity module identification code (;; MID) electronic serial number (esn), or ic card identification code (ic D) 荨 is the beta hole. The receiver 1 〇4 receives the third identifier information 3 〇i from the transmitter 2 0 4 of the intermediary platform 2 by means of a short message, a network, a wireless transmission, a smart card reader, or a card reader. Identify ^ 3 3 2 ° calculator! 〇 2 uses the second identification code information 1 0 6 and the identification file 3 〇 2 to perform a decentralized operation to generate an authentication key 1 0 7 . Since the intermediary platform 2 〇 also has the second identification code information 丄〇6, the calculator 2 〇6 of the intermediary platform 2 可 can utilize the second recognition by the algorithm (the same algorithm as the calculator 1 〇 2) The code information i 〇 6 and the identification file 3 0 2 perform a decentralized operation to generate an authentication key 2 〇 8. The processor 20 1 is for obtaining the first identification code information 1 0 5 of the wafer cassette and obtaining the public key 3 〇 3 from the local authentication center 3 . The encryption device 202 mainly uses the RSA, DIFFIE-HELL MAN, ELGAMAL, elliptic curve cryptography, F〇RTEZZA, DES, TRIPLE DES, AES, 201110653 RC2, RC4, or IDE A to set the first identification code information 1 0 5 encryption. In the present embodiment, the encryption device 2 〇 2 is encrypted by the symmetrical encryption method of D E S . The transmitter 2 0 4 is configured to transmit the encrypted first identification code information 1 0 5 to the local authentication center 3 〇, and transmit the decrypted third identification code information 3 0 1 and the identification file 3 〇 2 to the chip. The card 10 causes the chip card 10 to generate the authentication key 1 〇7 by the algorithm. The 'transmitter 2 0 4 is also responsible for transmitting the authentication key 2 〇 8 to the local authentication center 30 to activate the local mobile phone number. Since the calculator 1 ◦ 2 and the calculator 2 0 6 are identical to the authentication key 1 〇 7 and the authentication glitch 2 0 8 generated by the algorithm, the local authentication center 3 〇 only needs to use the authentication key 2 0 8 To activate the local mobile phone number. The receiver 205 is for receiving the identification file 3 〇 2 and the third identification code information 3 〇 1 encrypted by the local authentication center 30. Like the encryption device 2 0 2, the local certificate authority 3 can also be used by RSA, D IF FIE — HELLMAN, ELGAMAL·, elliptic curve cryptography, DSA, F〇RTEZZA, DES, TRIPLE DES, AES, RC2, RC4, or IDEA. The way to encrypt the third identification code information 3 〇 1. In the present embodiment, the local authentication center 30 is encrypted by the asymmetric encryption method of RSA. The decryption device 2 0 3 decrypts the encrypted third identification code information 3 〇 1 by using the public key 3 0 3 . The calculator 2 0 6 uses the decrypted third identification code information 3 0 1 and the identification of the building 3 〇 2 to generate the authentication secret record 2 0 8 ° 12 201110653 / Briefly introduce the wafer card 1〇 and the intermediary After the various requirements of the platform 2, the relationship between the authentication key and the chip card process: the intermediary platform 20 and the local authentication center 3 will be described in more detail. ^ As mentioned above, the main purpose of the present invention is to provide a foreign local mobile phone number for the user, so that when the user goes abroad, the user can dial in the local area, thereby saving a high amount of international roaming charges. . In principle, the local certification center 3 uses the I M S I code, I C C I D code, and Κ I code of s I Leica as the basis for its certification. The ζ Μ SI and I c CID codes can be loaded into the chip card through SMS, network, wireless transmission, smart card reader, or , ,, only the κ I code is subjected to this transmission method. limit. Therefore, the present invention utilizes the following method to overcome this problem. Please refer to FIG. 2, FIG. 2 for a flowchart of a method for generating an authentication key according to the present invention. First, the wafer card 1 transmits the first identification code information 1 〇 5 to the receiver 2 0 5 of the intermediation platform 20 through the transmitter 1 〇 3 (step S 4 0 1 ). After the receiver 205 receives the first identification code information 05, the encryption device 202 uses RSA, D I FF I E-HELLMAN, ELGAMAL, and elliptic curve.

碼、DSA、FORTEZZA、DES、TRIPLE DES、AES、RC2、RC4、或 IDEA等的方式 將第一識別碼資訊105加密(步驟S402)。在本實 施例,加密裝置202是以DES的對稱式加密法進行加 13 201110653 ^ °加密完成後’傳輸器2 Q 4會連同其加密密鑰將加密 後的弟-識別碼資訊i 〇 5傳送給當地認證中心3 〇 (步 ,S 4 Q 3 )。由於第-識別碼資訊丄Q 5是以對稱式加 密法進仃加密,故當地認證巾心3 G只要湘傳輸器2 〇 4所提供的加密_進行解密即可。當地認證中心、3 〇再 根據第-識別碼資訊χ 〇 5取得使用者的身分資料及晶 片卡1 0資料。建檔完成後,當地認證中心3 〇再利用R S A的非對稱式加密法將第一識別碼資訊丄〇 5以一私 鑰加密成為識別檔案3 0 2,以作為當地認證中心3 〇未 來認證及辨識的依據(步驟S 4 〇 4 )。換句話說,識別 檔案3 0 2為當地認證令心3 〇的一個數位簽章。當使用 者要如往識別槽案3 0 2的所在國家並提出申請當地行 動電話號碼的要求時,識別檔案3◦ 2會分配一組新的當 地行動電話號碼給使用者,並將該組行動電話號碼的第三 識別碼資訊3 0 1如同識別檔案3 0 2利用R s A以私 鑰加岔(步驟S 4 0 5 )。接下來,加密後的第三識別碼 為訊3 0 1與識別檔案3 0 2以簡訊、網路、無線傳輸、 智慧卡讀卡機、或〇T A的方式傳送到中介平台2 〇的接 收器2 0 5 (步驟S 4 0 6 )。然後,處理器2 〇 1再請 求當地s忍證中心3 0發送公錄3 0 3以便解密(步驟s 4 0 7 )。解密裝置再利用取得的公鑰3 0 3進行第三識別 碼資訊3 0 1的解密(步驟S 4 0 8 )。識別檔案3 〇 2 及解密後的第三識別碼資訊3 0 1將由傳輸器2 〇 4透 過簡訊、網路、無線傳輸、智慧卡讀卡機、或〇 TA的方 201110653 式傳輸到晶片卡1 〇的接收器1 〇 4 (步驟S 4 0 9 )。 藉由識別檔案302及第二識別碼資訊1 0 6,計算器1 0 2及計算器2 0 6將可利用演算法分別產生一組認證 密鑰1 0 7及認證密鑰2 08 (步驟S410)。由於計 算器1 0 2及計算器206所使用的演算法及帶入計算 的參數(識別檔案3 0 2及第二識別碼資訊1 〇 6 )相 同’因此’所計算出來的認證密鑰1 〇 7及認證密鑰2 〇 8亦為相同。計算器2 0 6產生認證密鑰2 0 8之後,傳 • 輸器2 0 4將把認證密鑰2 0 8傳送給當地認證中心3 0 (步驟S 4 1 1 ),並讓當地認證中心3 〇藉由認證密 鑰2 0 8來將該當地行動電話號碼啟動(步驟s 4 1 2 )。此外,由於當地認證中心3 〇已由第一識別碼資訊 1 ◦5取得使用者的身分資料及晶片卡丄〇資料,故對於 當地認證中心3 0來說,具有認證密鑰2 0 8及第三識別 碼資訊3 0 1的行動電話號碼的使用者與晶片卡丄〇的 使用者相同。因此,使用者進入該國後,並不需要經過繁 雜的申請程序或審核流程便可以直接啟用該當地的行動 電話號碼。 此外,由於一般使用者旅遊或洽公僅會短期停留在當 地認證中心、3 G所在國家,不f要長_有該#地的行^ 電話號碼’因此,為了有效管理該行動電話號碼,當地認 證中心3 0可以在識別檔案3 〇 2中加入一或多個分^ 因子,其中分散因子可以包括日冑、時間、次數、頻率或 週期等參數。倘錢職0 2具有分散因子,則認證 201110653 密输1 0 7及認證密錄2 0 8將透過該演算法與分散因 子進订分散運算而得到。換句話說,若預設的分散因子為 一個日期區間的話,則所產生的認證密鑰丄〇 7及認證密 餘2 0 8將只於該日期區間有效。以本實施例為例,其曰 期區間可依據使用者預計停留的制而設定,意即,使用 者回國的同時,該當地行動電話號碼亦將跟著失效。 當使用者需要前往不只一個國家時,出國前僅需事先 分別取得所欲前往國家的第三識別碼資訊3 〇 i及識別 檔案3 0 2,並將之儲存於記憶體丄〇 i中,當需要使用 到,中-個國家的行動電話號碼時’再由計算器及 计算器2 0 6直接以演算法產生該國的認證密鑰丄〇 7 及認證密鎗2◦8,並再由傳輸器2◦4將認證密錄2 〇 8傳送給該國的當地認證中心3 〇以啟動該當地行動電 =號碼。如此’記憶體χ 〇工不需要同時儲存多國的認證 欲鑰1 0 7,甚至僅需儲存各國的識別檔案3 〇 2,而不 需儲存其第三識別石馬資訊3 ◦ 1 ’等到需要使用時,再經 由簡訊、網路、無線傳輸、智慧卡讀卡機、或〇T A的方 式載入到晶片卡中。 综上所述,本發明藉由讓晶片卡與中介平台同時自行 產生相同的認證密鑰’再由中介平台將所產生的認證密輪 傳輸給當地的當地認證中心來讓晶片卡不需要從外部輪 入的方式(例如:網路下載、無線傳輸、内建安裝)便^ 自行產生認證密鑰的方法,使得使用者出國時,能夠取得 當地的行動電話號碼,並可於當地以境内通話的方式進行 201110653 撥打,進而钸省高額的國際漫遊通話費。 本案得由熟悉此技藝之人士任施匠思而為諸般修 飾’然皆不脱如附申請範圍所欲保護者。The first identification code information 105 is encrypted in a manner of code, DSA, FORTEZZA, DES, TRIPLE DES, AES, RC2, RC4, or IDEA (step S402). In this embodiment, the encryption device 202 is performed by the symmetric encryption method of DES. 13 201110653 ^ ° After the encryption is completed, the transmitter 2 Q 4 transmits the encrypted ID-ID information i 〇 5 together with its encryption key. Give the local certification center 3 步 (step, S 4 Q 3 ). Since the first identification code information 丄Q 5 is encrypted by the symmetric encryption method, the local authentication towel 3G can be decrypted only by the encryption _ provided by the Xiang transmitter 2 〇 4. The local certification center, 3 〇 then obtain the user's identity data and the wafer card 10 data according to the first identification code information χ 〇 5 . After the file is completed, the local certification center 3 〇 uses the asymmetric encryption method of RSA to encrypt the first identification code information 丄〇5 with a private key to become the identification file 3 0 2, as a local certification center 3 〇 future certification and The basis for identification (step S 4 〇 4 ). In other words, the identification file 3 0 2 is a digital signature of the local certification order. When the user wants to identify the country of the slot case and ask for a local mobile phone number, the identification file 3◦ 2 will assign a new set of local mobile phone numbers to the user, and the group will act. The third identification code information 3 0 1 of the telephone number is like the identification file 3 0 2 and is encrypted with the private key by using R s A (step S 4 0 5 ). Next, the encrypted third identification code is transmitted to the receiver of the mediation platform 2 by means of SMS, network, wireless transmission, smart card reader, or 〇TA, in the manner of the message 3 0 1 and the identification file 3 0 2 2 0 5 (step S 4 0 6 ). Then, the processor 2 再 1 again requests the local s-bearing center 30 to send the quotation 3 0 3 for decryption (step s 4 0 7 ). The decryption device then decrypts the third identification code information 3 0 1 using the obtained public key 3 0 3 (step S 4 0 8 ). The identification file 3 〇 2 and the decrypted third identification code information 3 0 1 will be transmitted to the chip card 1 by the transmitter 2 〇 4 through the short message, network, wireless transmission, smart card reader, or 〇TA party 201110653 〇 Receiver 1 〇 4 (step S 4 0 9 ). By identifying the file 302 and the second identification code information 1 0 6, the calculator 1 0 2 and the calculator 2 0 6 will respectively generate a set of the authentication key 1 0 7 and the authentication key 2 08 by using the algorithm (step S410). ). The algorithm used by the calculator 1 0 2 and the calculator 206 and the parameters (the identification file 3 0 2 and the second identification code information 1 〇 6 ) that are brought into the calculation are the same 'so that' the calculated authentication key 1 〇 7 and the authentication key 2 〇 8 are also the same. After the calculator 2 0 6 generates the authentication key 2 0 8 , the transmitter 2 0 4 will transmit the authentication key 2 0 8 to the local authentication center 30 (step S 4 1 1 ), and let the local authentication center 3 The local mobile phone number is activated by the authentication key 2 0 8 (step s 4 1 2 ). In addition, since the local authentication center 3 has obtained the user's identity data and the chip card data from the first identification code information 1 ◦ 5, the local authentication center 30 has the authentication key 2 0 8 and the The user of the mobile phone number of the three identification code information 3 0 1 is the same as the user of the chip card. Therefore, after entering the country, the user does not need to go through a complicated application process or review process to directly activate the local mobile phone number. In addition, since the general user travels or negotiates only for a short stay in the local certification center, 3G country, it is not necessary to have a long phone number. Therefore, in order to effectively manage the mobile phone number, local The authentication center 30 may add one or more sub-factors to the identification file 3 , 2, wherein the dispersing factor may include parameters such as day, time, number of times, frequency or period. If the money position 0 2 has a dispersion factor, the certification 201110653 secret transmission 1 0 7 and the certification secret record 2 0 8 will be obtained by the algorithm and the dispersion factor ordering dispersion operation. In other words, if the default scatter factor is a date range, then the generated authentication key 丄〇 7 and the authentication secret 208 will be valid only for that date interval. Taking this embodiment as an example, the period of the period can be set according to the system of the user's expected stay, that is, the local mobile phone number will also be invalidated when the user returns to the country. When the user needs to travel to more than one country, it is only necessary to obtain the third identification code information 3 〇i and the identification file 3 0 2 of the desired country before going abroad, and store it in the memory 丄〇i. When you need to use the mobile phone number of the middle country, 'the calculator and the calculator 2 0 6 directly generate the country's authentication key 丄〇7 and the authentication secret gun 2◦8, and then transmit it. The device 2◦4 transmits the authentication secret record 2 〇8 to the local certification center 3 of the country to activate the local mobile power=number. So 'memory 〇 〇 不需要 不需要 不需要 不需要 不需要 不需要 不需要 不需要 不需要 不需要 不需要 不需要 不需要 不需要 不需要 不需要 不需要 不需要 不需要 不需要 不需要 不需要 不需要 不需要 不需要 不需要 不需要 不需要 不需要 不需要 不需要 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 When in use, it is loaded into the chip card via SMS, network, wireless transmission, smart card reader, or 〇TA. In summary, the present invention allows the wafer card to be externally generated by allowing the wafer card to simultaneously generate the same authentication key with the intermediary platform, and then the generated authentication pin is transmitted to the local local authentication center by the intermediary platform. The way to enter (for example, network download, wireless transmission, built-in installation) ^ will generate the authentication key by itself, so that when the user goes abroad, he can get the local mobile phone number and can call in the local area. The way to call 201110653, in order to save a high amount of international roaming call charges. This case has to be modified by people who are familiar with this skill, but it is not to be protected as intended.

17 201110653 【圖式簡單說明】 第1圖為依據本發明較佳實施例晶片卡及中介平台 的方塊圖;及 第2 A、2 B圖為依據本發明較佳實施例產生認證密 輪的方法流程圖。 [t要元 1 〇 1 0 1 1 0 2 1 〇 3 1 0 4 1 〇 5 1 〇 6 1 0 7 2 〇 2 〇 1 2 0 2 2 0 3 2 〇 4 2 0 5 2 0 6 2 〇 7 2 〇 8 件符號說明】 晶片卡 記憶體 計算器 傳輸器 接收器 第一識别碼資訊 第二識別碼資訊 認證密鑰 中介平台 處理器 加密裝置 解密裝置 傳輸器 接收器 計算器 記憶體 認證密鑰 20111065317 201110653 [Simplified Schematic] FIG. 1 is a block diagram of a wafer card and an interposer according to a preferred embodiment of the present invention; and FIGS. 2A and 2B are diagrams showing a method for generating a certified pinch according to a preferred embodiment of the present invention; flow chart. [t要元1 〇1 0 1 1 0 2 1 〇3 1 0 4 1 〇5 1 〇6 1 0 7 2 〇2 〇1 2 0 2 2 0 3 2 〇4 2 0 5 2 0 6 2 〇7 2 〇8-piece symbol description] Chip card memory calculator transmitter receiver first identification code information second identification code information authentication key intermediary platform processor encryption device decryption device transmitter receiver calculator memory authentication key 201110653

30 當地認證中心 301 第三識別碼資訊 3 0 2 識別檔案 3 0 3 公錄 1930 Local Certification Center 301 Third Identification Code Information 3 0 2 Identification File 3 0 3 Public Registration 19

Claims (1)

201110653 七、申請專利範圍: 1. 一種產生認證密鑰的方法,該認證密鑰用以啟動當地行 動電話號碼,包括下列步驟: 提供一晶片卡,該晶片卡具有一第一識別碼資訊及 一第二識別碼資訊; 將該第一識別碼資訊提供給一中介平台,該中介平 台儲存有該第二識別碼資訊; 將該第一識別碼資訊加密; 將該加密後的第一識別碼資訊傳輸到一當地認證 中心; 產生對應於該第一識別碼資訊的一識別檔案; 藉由該當地認證中心將該當地行動電話號碼的一 第三識別碼資訊加密; 將該識別檔案及該加密後的第三識別碼資訊傳送 到該中介平台; 從該當地認證中心取得一公鑰; 利用該公鑰將該加密後的第三識別碼資訊解密; 將該解密後的第三識別碼資訊及該識別檔案傳輸 到該晶片卡, 該中介平台與該晶片卡同時藉由一演算法利用該 第二識別碼資訊及該識別檔案進行分散運算來產生該 認證密鑰;及 藉由該中介平台將該認證密鑰輸出到該當地認證 中心,以啟動該當地行動電話號碼。 20 201110653 2.Γ:=圍第1項所述之方法,其中該識職案包 括一分散因子。 3t申圍第2項所述之方法,其中該分散因子包 括曰期、時間、次數、頻率或週期。 4.如申請專職圍第1項所述之方法,1中該第—識別碼 第三識別碼資訊包括臨時行動用戶識別碼(τ 用戶識別碼(IMsi)、國際行動 〇又備識別石馬(I Μ E I )、祐田土 ώ T Ayr τ 、 使用者身份模組識別碼(υ 二;=電子序號…N),c卡識別碼(1 ^申請專職㈣1項所述之枝,其中該晶片卡包括 ^識:模組(SIM)卡 '通用用戶識別模組(Μ 用者識別模組(RUIM)SIM)卡、或可移動使 \申請專利項所述之方法,其中該晶片卡可與 (S IM)卡、通用用戶識別模組(us 用者識別餘(RUIM)二iM)卡、或可移動使 項所&方法,其中該識別權案為 r δ·=請專·㈣!項所述之方法,其中該解 ς識別碼資減_職案藉㈣ 輪、智慧卡讀卡機、或◦丁 A(0ver=h = 的方式從該中介平台傳輪到該晶片卡。e a 21 201110653 9. 如申請專利範圍第1項所述之方法,其中該中介平台及 該當地認證中心藉由RSA、D I FF I E—HELL MAN、ELGAMAL·、橢圓曲線密碼、Dsa、F 〇RTEZZA、DES、TRIPLE DES、A ES、RC2、RC4、或IDEA的方式加密。 10. —種中介平台,提供一晶片卡用以啟動當地行動電話號 碼的一認證密鑰,包括: 處理器’用以取得該晶片卡的一第一識別碼資 訊’並從一當地認證中心取得一公錄; φ 一記憶體,用以儲存該晶片卡的一第二識別碼資 訊; 加在、襄置’用以將該第一識別碼資訊加密; 一傳輸器,用以將該加密後的第一識別碼資訊傳輸 到該當地認證中心; "一接收器,用以接收對應於該第一識別碼資訊並由 該當地認證中心所產生的一識別檔案,及由該當地認證 令心所加密的一第三識別碼資訊; φ 一解密裴置,利用該公鑰將該加密後的第三識別碼 資訊解密;及 =' s十算器,藉由一演算法利用該第二識別碼資訊及 該識別檔案進行分散運算來產生該認證密鑰; =其中該傳輸器將該解密後的第三識別碼資訊及該 知案傳輸到該晶片卡,使得該晶片卡也可以藉由該 廣算法產生該認證密鑰,並且該傳輸器也將該認證密鑰 22 201110653 =輪到該當地認證中心,以讓該當地行動電話號碼啟 ^如苹申^專^1—介其中該識別 棕案包括一分散因子。 申請專利顧第"項所述之中介平台^ 1子包括日期、時間、次數、頻率或週期/… 13.如申請專利範圍第i 0項所 識別碼f <〒"千口,其中該第一 21庄貝Λ及》第二識別碼資訊包括臨時行動用戶識 別碼(TMS I )、國際純田Μ 了㈣用戶識 國際行動設備識別碼(::Γ):碼(IMSI)、 別碼(UIMID “子用者身份模組識 別喝(ICCID)。破(ESN)、或1C卡識 14卡如申:專利範圍第10項所述之 卡包括用戶識別模組(s IM) 八中〃亥日日片 (US TM、▲ ± )卡、通用用戶識別模組 卡、使用者識別模組(U I M) + ^ -p 移動使用者識職組(Ru丨M)卡。 卡、或可 15卡如,範圍第1〇項所述之中介 卡可與用戶_模組(s IM) 〃中忒曰曰片 (Us IMU 卡、通用用戶識別模組 、u S IM)卡、使用者識別模組( 移動使用者識別模組(RUIM)卡結合。、或可 .如申請專㈣圍第1 Q項所敎 檔案為一數位簽章。 +口,其中該識別 17 in專韻㈣1Q销述之中介h 傳_ ㈣由簡訊、網路'無線傳輸、智慧卡讀卡機= 23 201110653 A(over — the — a i !)的方式將解密後的第 三識別碼資訊及該識別檔案傳輸到該晶片卡。 18. 如申請專利範圍第1 〇項所述之中介平台,其中該加密 裝置藉由RSA、D I FF I £ — HELLMAN、Ξ LGAMAL、橢圓曲線密碼、DSA、 ZA、DES、TRIPLE DES、AES、RC 2、RC4、或IDEA的方式加密。 19. 一種晶片卡,具有用以啟動當地行動電話號碼的一認證 密鑰,包括: δ己憶體,用以儲存一第一識別碼資訊及一第二識 別碼資訊; 傳輸器,用以將該第一識別碼資訊傳輸到一中介 平台,其中該第一識別碼資訊藉由該中介平台加密並傳 輸到一當地認證中心; 一接收器,用以接收對應於該第一識別碼資訊並由 該當地認證中心所產生的一識別檔案,及由該中介平台 利用從該當地認證中心取得的一公鑰所解密的一第三 識別碼資訊’其中該第三識別碼資訊由該當地認證中心 所加密;及 —計算器,藉由一演算法利用該第二識別碼資訊及 該識別檔案進行分散運算來產生該認證密鑰,其中該當 地<4證中心藉由該認證密鑰來啟動該當地行動電話號 碼0 1如申請專利範圍第19項所述之晶片卡,其中該識別檐 24 201110653 案包括一分散因子。 21. 如申請專利範圍第2 子包括曰期、時間、-欠之:片卡,其中該分散因 π间-人數、頻率或週期。 22. 如申請專利範圍第19項所述之晶片卡,盆中 別碼資訊及該第三識別石馬資訊包括行用: 碼(TMSI)、國際杆叙田^ , 勒用戶識別 際行動設備識別碼(ΙΜΕ I 吏身:^)、國 .⑻MID)、電子序號()E:;)== 碼(I C C I D)。 /飞a卡識別 技如申請專利範圍第i 9項所述之 包括用戶識別模組(s IM)卡、通用用曰片卡 STiv/r、上I ^下逋用用戶識別模組(ϋ S 1 Μ)卡、使用者識別模 使用者識別模組(RUIM)卡。)卡或可移動 2(如申請專利範圍第1 9項所述之 可與用戶識別模組(S IM)卡、通用爾中該明片卡 STM、上 卞通用用戶識別模組(U b 1M)卡、使用者識別模組 使用者識別模組(RUIM)卡結合M)卡、或可移動 25^請專利㈣第1 9項所述之晶片卡, 案為-數位簽章。 W識別檔 26^由申I專利範圍第19項所述之晶片卡,其中該接收器 1由間訊、網路、無線傳輸、智慧卡讀卡機、或Ο TA 二=訊=式從該中介平台接 7.如申清專利範圍第丄9項所述之晶片卡,其中該中介平 25 201110653 .. 台及該當地認證中心藉由RSA、DIFFIE — HE LLMAN、ELGAMAL、橢圓曲線密碼、D S A、 F〇RTEZZA、DES、TRIPLE DES、 AES、RC2、RC4、或IDE A的方式加密。201110653 VII. Patent application scope: 1. A method for generating an authentication key, the authentication key used to activate a local mobile phone number, comprising the following steps: providing a wafer card, the chip card having a first identification code information and a The first identification code information is provided to an intermediary platform, the intermediary platform stores the second identification code information; the first identification code information is encrypted; and the encrypted first identification code information is used Transmitting to a local authentication center; generating an identification file corresponding to the first identification code information; encrypting a third identification code information of the local mobile phone number by the local authentication center; Transmitting the third identification code information to the intermediary platform; obtaining a public key from the local authentication center; decrypting the encrypted third identification code information by using the public key; and decrypting the decrypted third identification code information The identification file is transmitted to the chip card, and the mediation platform and the chip card simultaneously utilize the second identification code information by an algorithm and The identification file is distributed to generate the authentication key; and the authentication key is output to the local authentication center by the intermediary platform to activate the local mobile phone number. 20 201110653 2. The method described in item 1, wherein the job description includes a dispersion factor. The method of claim 2, wherein the dispersion factor comprises a flood season, time, number of times, frequency or period. 4. If the method described in item 1 of the full-time application is applied, the third identification code information of the first-identification code includes the temporary action user identification code (τ user identification code (IMsi), the international action, and the identification stone horse ( I Μ EI ), Youtian bandit T Ayr τ , user identity module identification code (υ 2; = electronic serial number...N), c card identification code (1 ^ apply for full-time (4) 1 branch, where the wafer card Including: a module (SIM) card 'Universal Subscriber Identity Module (RUIM) SIM) card, or a method described in the patent application, wherein the chip card can be S IM) card, universal user identification module (us user identification remainder (RUIM) two iM) card, or movable enabling item & method, wherein the identification right is r δ ·= please (four)! The method, wherein the deciphering identification code reduction _ job borrowing (four) wheel, smart card reader, or Kenting A (0ver=h = way from the intermediary platform to the wafer card. ea 21 201110653 9. The method of claim 1, wherein the intermediary platform and the local certification center use RSA, DI FF IE-HELL MAN, ELGAMAL·, elliptic curve cryptography, Dsa, F 〇RTEZZA, DES, TRIPLE DES, A ES, RC2, RC4, or IDEA encryption. 10. An intermediary platform that provides a chip card for Initiating an authentication key of the local mobile phone number, comprising: a processor 'to obtain a first identification code information of the chip card' and obtaining a public record from a local authentication center; φ a memory for storing the a second identification code information of the chip card; adding, setting 'encrypting the first identification code information; a transmitter for transmitting the encrypted first identification code information to the local authentication center; " a receiver for receiving an identification file corresponding to the first identification code information and generated by the local authentication center, and a third identification code information encrypted by the local authentication authority; φ a decryption The device decrypts the encrypted third identification code information by using the public key; and the ’s s calculator calculates the identification by using an algorithm and the identification file to perform a decentralized operation by an algorithm a certificate key; wherein the transmitter transmits the decrypted third identification code information and the knowledge card to the chip card, so that the chip card can also generate the authentication key by the wide algorithm, and the transmitter Also, the authentication key 22 201110653 = the turn of the local certification center, so that the local mobile phone number can be opened, such as Ping Shen ^ special ^1 - which identifies the brown case including a dispersion factor. Patent application Gu Di " The mediation platform ^1 of the item includes date, time, number of times, frequency or period/... 13. As claimed in the patent application scope i 0 item f < 〒 " thousand mouth, wherein the first 21 Zhuangbei Λ and 》Second identification code information includes Temporary Mobile User Identification Number (TMS I), International Pure Field ( (4) User Identification International Mobile Equipment Identification Code (::Γ): Code (IMSI), Other Code (UIMID “Sub-use Identity module identification drink (ICCID). Breaking (ESN), or 1C card recognition 14 card as Shen: The card mentioned in item 10 of the patent scope includes user identification module (s IM), eight Chinese, Japanese, Japanese (US TM, ▲ ± ) cards, general users Identification Module Card, User Identification Module (UIM) + ^ -p Mobile User Identification Group (Ru丨M) card. Card, or 15 card, for example, the media card described in the first item can be combined with the user_module (s IM) 忒曰曰 U (Us IMU card, universal user identification module, u S IM) card User identification module (Mobile User Identification Module (RUIM) card combination, or may apply. For example, the application file (4) is the one-digit signature of the first Q item. + port, which identifies 17 in Rhyme (4) 1Q sales intermediary h _ (4) by the newsletter, network 'wireless transmission, smart card reader = 23 201110653 A (over — the — ai !) way to decrypt the third identification code information and the identification The file is transferred to the chip card. 18. The intermediary platform as described in claim 1 wherein the encryption device is represented by RSA, DI FF I £ — HELLMAN, Ξ LGAMAL, elliptic curve cryptography, DSA, ZA, DES , TRIPLE DES, AES, RC 2, RC4, or IDEA encryption. 19. A chip card with an authentication key to activate the local mobile phone number, including: δ mnemonics, for storing a first Identification code information and a second identification code information; a transmitter for Transmitting the first identification code information to an intermediary platform, wherein the first identification code information is encrypted by the intermediary platform and transmitted to a local authentication center; and a receiver is configured to receive the information corresponding to the first identification code and An identification file generated by the local certification center and a third identification code information decrypted by the intermediary platform using a public key obtained from the local certification center, wherein the third identification code information is encrypted by the local authentication center And a calculator, wherein the authentication key is generated by an algorithm using the second identification code information and the identification file, wherein the local <4 certificate center activates the locality by using the authentication key The mobile phone number 0 1 is the wafer card described in claim 19, wherein the identification 2011 24 201110653 includes a scatter factor. 21. If the scope of the patent application includes the 曰 period, time, owe: Card, wherein the dispersion is due to π-number, frequency or period. 22. The wafer card as described in claim 19, the information in the basin and the number Identification of Shima information including line: code (TMSI), international rod statistic ^, Le user identification mobile device identification code (ΙΜΕ I 吏: ^), country. (8) MID), electronic serial number () E:;) = = code (ICCID). /Fly a card identification technology, as described in the scope of application of the patent scope i9, including the user identification module (s IM) card, the universal use of the card STiv / r, the upper I ^ user identification module (ϋ S 1 Μ) card, user identification module user identification module (RUIM) card. ) Card or removable 2 (such as the User Identity Module (S IM) card described in item 19 of the patent application scope, the STM card, the general user identification module (U b 1M) The card, the user identification module user identification module (RUIM) card combined with the M) card, or the removable chip card of the patent (4) item 19, the case is a digital signature. The identification file file is the wafer card described in claim 19 of the patent application scope, wherein the receiver 1 is connected by inter-communication, network, wireless transmission, smart card reader, or ΟTA== The intermediary platform is connected to 7. The wafer card described in the ninth paragraph of the patent scope, wherein the intermediary is 25 201110653 .. and the local certification center by RSA, DIFFIE - HE LLMAN, ELGAMAL, elliptic curve password, DSA , F〇RTEZZA, DES, TRIPLE DES, AES, RC2, RC4, or IDE A encryption. 2626
TW98129950A 2009-09-04 2009-09-04 Mediate platform, ic card, and method for generating authentication key TWI373951B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
TW98129950A TWI373951B (en) 2009-09-04 2009-09-04 Mediate platform, ic card, and method for generating authentication key

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW98129950A TWI373951B (en) 2009-09-04 2009-09-04 Mediate platform, ic card, and method for generating authentication key

Publications (2)

Publication Number Publication Date
TW201110653A true TW201110653A (en) 2011-03-16
TWI373951B TWI373951B (en) 2012-10-01

Family

ID=44836340

Family Applications (1)

Application Number Title Priority Date Filing Date
TW98129950A TWI373951B (en) 2009-09-04 2009-09-04 Mediate platform, ic card, and method for generating authentication key

Country Status (1)

Country Link
TW (1) TWI373951B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI484812B (en) * 2011-12-01 2015-05-11 Htc Corp System and method for data authentication among processors

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI503693B (en) * 2014-09-04 2015-10-11 Joe Chi Chen Full dynamic digital electronic transactions identification method

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TWI484812B (en) * 2011-12-01 2015-05-11 Htc Corp System and method for data authentication among processors
US9054874B2 (en) 2011-12-01 2015-06-09 Htc Corporation System and method for data authentication among processors
US9240889B2 (en) 2011-12-01 2016-01-19 Htc Corporation Method and system for secure data access among two devices
US9270466B2 (en) 2011-12-01 2016-02-23 Htc Corporation System and method for temporary secure boot of an electronic device

Also Published As

Publication number Publication date
TWI373951B (en) 2012-10-01

Similar Documents

Publication Publication Date Title
EP2316169B1 (en) Systems, methods, and computer readable media for providing for secure offline data transfer between wireless smart devices
CN104145445B (en) Method, equipment and computer-readable recording medium for being securely accessed by social network data
CN100574511C (en) The method and system of opposite end identity validation in a kind of mobile terminal communication
JP5278803B2 (en) Authority management method, system thereof, and server device and information equipment terminal used in the system
CN101339639A (en) Dummy member card system and providing method, dummy member card reading method
JP2004518374A (en) Method of operating PKI function in smart card
EP2195769B1 (en) Method based on a sim card performing services with high security features
KR20070030351A (en) System and Method of the Instant Card Issuance via a Mobile phone
CN107690667A (en) Use the payment system and its method for user's non-repudiation of user terminal
TW201110653A (en) Mediate platform, IC card, and method for generating authentication key
TW201935295A (en) Real-name authentication service system and real-name authentication service method
KR20070090770A (en) Portable telephone, and portable telephone readable recording medium having a program for sending and receiving electronic mail
US10491413B2 (en) Secure processing of confidential information on a network
RU2517375C2 (en) Intermediate platform, card with pcb and generation of authentication key
TWI577145B (en) Method for encrypted data transmission of near field communication device and system thereof
KR20130053132A (en) Memory card and portable terminal and encrypted message exchanging method
TWI524291B (en) Message encryption method applied to communication software
Jawanjal et al. A Secure Protocol For End To End Security To SMS Banking
JP2001148741A (en) System and method for position information service and storage medium stored with position information service program
TWI477164B (en) Encrypting method for wireless communication of mobile devices
Mallett et al. Perspectives on next generation mobile
KR102145071B1 (en) Method for Using a Value Data in Reverse by using Near Field Communication
Venkatraman et al. Trust and security realization for mobile users in gsm cellular networks
CN110830963A (en) Method for protecting block chain communication data based on film card
KR20110003669A (en) System for settling one's own expense using voucher person's wireless terminal

Legal Events

Date Code Title Description
MM4A Annulment or lapse of patent due to non-payment of fees