TWI564825B - Authorization method for new currency trading device - Google Patents
Authorization method for new currency trading device Download PDFInfo
- Publication number
- TWI564825B TWI564825B TW103139308A TW103139308A TWI564825B TW I564825 B TWI564825 B TW I564825B TW 103139308 A TW103139308 A TW 103139308A TW 103139308 A TW103139308 A TW 103139308A TW I564825 B TWI564825 B TW I564825B
- Authority
- TW
- Taiwan
- Prior art keywords
- data
- key
- storage device
- request
- storage
- Prior art date
Links
Landscapes
- Storage Device Security (AREA)
Description
本發明有關於一種授權新增加密電子貨幣(Cryptocurrency)交易裝置的方法,特別是指一種透過已認證交易裝置來變更其他新增電子裝置與儲存裝置之間密鑰狀態的方法。The present invention relates to a method for authorizing the addition of a cryptographic electronic money (Cryptocurrency) transaction device, and more particularly to a method for changing the state of a key between other newly added electronic devices and a storage device through an authenticated transaction device.
位元幣是網際網路上的一種貨幣形式,主要是儲存在電腦或是相關電子裝置上的無形虛擬硬幣,其與一般各國所發行的貨幣有所不同,位元幣是一種在對等網路系統中不受中央或政府機關規範的貨幣單位,不用依賴中央銀行、政府、企業的支援或者信用擔保,而是依賴對等網路系統中的參與者與進行位元幣交易的企業組織共同執行建構。Bitcoin is a form of currency on the Internet. It is mainly an invisible virtual coin stored on a computer or related electronic device. It is different from the currency issued by the general countries. The bitcoin is a peer-to-peer network. The monetary unit in the system that is not regulated by the central or government agencies, does not rely on the support of the central bank, the government, the enterprise, or the credit guarantee, but relies on the participants in the peer-to-peer network system to perform together with the enterprise organization that conducts the bitcoin transaction. Construction.
位元幣是經由一種稱為「挖礦」的過程產生,所謂挖礦就是每次一個網路節點或礦工(即網路通信中的電腦)透過處理交易驗證和交易記錄來獲取作為手續費的位元幣,或是取得新產出的位元幣。Bitcoin is generated through a process called “mining”, where each time a network node or miner (ie, a computer in network communication) obtains a fee by processing transaction verification and transaction records. Bitcoin, or a bitcoin that yields new output.
位元幣的挖礦與節點軟體主要是透過對等網路、數位簽名、互動式證明系統來進行交易驗證,每一個網路節點向網路進行廣播交易,這些廣播出來的交易在經過礦工的驗證後,礦工會用自己的工作量證明結果來表達確認,而確認後的交易會被打包到資料塊中,資料塊將會串起形成連續的資料塊鏈。Bitcoin mining and node software mainly conducts transaction verification through peer-to-peer network, digital signature and interactive proof system. Each network node broadcasts transactions to the network. These broadcast transactions are processed by miners. After verification, the mine union uses its own workload proof results to express the confirmation, and the confirmed transaction will be packaged into the data block, and the data blocks will be stringed together to form a continuous data block chain.
由於位元幣採用不可逆的雜湊運算,要尋找到符合要求的隨機條調整數非常困難,因此,挖礦的網路節點需要不斷地重複試錯過程,直到找到的隨機調整數使得產生的雜湊值低於某個特定的標的。當任何一個節點找到符合要求的解,該節點將會向全網廣播自己的結果,而其他節點就會接收這個新解出來的資料塊,並檢驗其是否符合規則,若其他節點透過計算雜湊值發現確實滿足要求(位元幣要求的運算標的),那麼該資料塊有效,其他的節點就會接受該資料塊。Since the bitcoin uses irreversible hash operations, it is very difficult to find the random bar adjustments that meet the requirements. Therefore, the mining network nodes need to continuously repeat the trial and error process until the random adjustments are found to make the generated hash values. Below a certain target. When any node finds a solution that meets the requirements, the node will broadcast its own results to the entire network, and other nodes will receive the newly solved data block and check whether it meets the rules, if other nodes calculate the hash value. If the discovery does meet the requirements (the operation target required by the bitcoin), then the data block is valid and the other nodes will accept the data block.
本發明之主要目的在於提供一種新增位元幣交易裝置的授權方法,讓存有位元幣資料的儲存裝置與一連線網際網路的電子裝置之間能夠連線建立認證關係,並可透過此一電子裝置來授權新增其他多組電子裝置來讀取儲存裝置內部的位元幣資料。The main object of the present invention is to provide an authorization method for adding a new bit currency transaction device, so that an authentication device can be established between the storage device storing the bit coin data and the electronic device connected to the Internet, and Through the electronic device, another plurality of electronic devices are authorized to read the bit coin data inside the storage device.
本發明之次要目的在於每個已經與儲存裝置建立認證關係的電子裝置,皆能夠各自獨立操作使得儲存裝置新增其他額外的電子裝置取得授權認證。A secondary object of the present invention is that each electronic device that has established an authentication relationship with the storage device can operate independently of each other such that the storage device adds other additional electronic devices to obtain authorization authentication.
為達上述目的,本發明新增位元幣交易裝置的授權方法,包含:提供一儲存裝置與一第一電子裝置互相連線,其中,上述儲存裝置設為一無法直接連線上網際網路的封閉式裝置,且上述儲存裝置內部未記錄任何裝置密鑰;由上述第一電子裝置輸入一第一裝置資料,並傳輸一新增第一裝置要求至上述儲存裝置,上述新增第一裝置要求含有上述第一裝置資料;上述儲存裝置接收上述新增第一裝置要求,並將上述第一裝置資料運算產生一第一密鑰,同時將上述第一密鑰轉換為一第一數據於上述儲存裝置上顯示;上述儲存裝置檢測內部未記錄有任何密鑰,將上述第一密鑰判定為已認證狀態並儲存;於上述第一電子裝置輸入上述第一數據,並由上述第一數據運算產生上述第一密鑰儲存。In order to achieve the above object, the method for authorizing the new bit coin transaction device of the present invention comprises: providing a storage device and a first electronic device interconnected, wherein the storage device is set to be unable to directly connect to the Internet. a closed device, and no device key is recorded inside the storage device; a first device data is input by the first electronic device, and a new first device request is transmitted to the storage device, and the first device is added Requiring to include the first device data; the storage device receives the newly added first device request, and the first device data is calculated to generate a first key, and the first key is converted into a first data. Displaying on the storage device; the storage device detects that no key is recorded internally, determines the first key to be authenticated and stores, and inputs the first data to the first electronic device, and is operated by the first data The first key storage described above is generated.
由於上述第一電子裝置內存有相同於上述儲存裝置演算的第一密鑰,且上述儲存裝置亦將第一密鑰判定為已認證狀態,因此,第一電子裝置後續即能直接請求上述儲存裝置進行位元幣資料的傳輸。The first electronic device has a first key that is calculated by the storage device, and the storage device determines that the first key is in an authenticated state. Therefore, the first electronic device can directly request the storage device. Transfer of bitcoin data.
於第一較佳實施狀態,本發明授權方法更包含:於上述第一電子裝置輸入一第二裝置資料,並傳輸一新增第二裝置要求給上述儲存裝置,上述新增第二裝置要求含有上述第二裝置資料以及由第一密鑰演算的驗證資料;上述儲存裝置接收上述新增第二裝置要求,並將上述第二裝置資料運算產生一第二密鑰,同時將上述第二密鑰轉換為一第二數據於上述儲存裝置上顯示;上述儲存裝置檢測上述新增第二裝置要求符合內存第一密鑰的驗證資料,將上述第二密鑰判定為已認證狀態並儲存;提供一第二電子裝置並輸入上述第二數據,上述第二電子裝置將由上述第二數據運算產生上述第二密鑰並儲存。In a first preferred embodiment, the method of the present invention further includes: inputting a second device data to the first electronic device, and transmitting a new second device request to the storage device, wherein the newly added second device requires The second device data and the verification data calculated by the first key; the storage device receives the newly added second device request, and the second device data is calculated to generate a second key, and the second key is simultaneously Converting to a second data displayed on the storage device; the storage device detecting the verification data that the newly added second device is required to comply with the first key of the memory, determining the second key to be authenticated and storing; providing one The second electronic device inputs the second data, and the second electronic device generates the second key by the second data operation and stores the second key.
由於上述第二電子裝置內存有相同於上述儲存裝置演算的第二密鑰,且上述儲存裝置亦將第二密鑰判定為已認證狀態,因此,第二電子裝置後續即能直接請求上述儲存裝置進行位元幣資料的傳輸。Since the second electronic device has a second key that is calculated by the storage device, and the storage device determines that the second key is in an authenticated state, the second electronic device can directly request the storage device. Transfer of bitcoin data.
後續,本發明授權方法進一步包含:提供一第三電子裝置輸入一第三裝置資料,並傳輸一新增第三裝置要求給上述儲存裝置,上述新增第三裝置要求含有上述第三裝置資料;上述儲存裝置接收上述新增第三裝置要求,並將上述第三裝置資料運算產生一第三密鑰,同時將上述第三密鑰轉換為一第三數據於上述儲存裝置上顯示;上述儲存裝置檢測上述新增第三裝置要求不符合內存第一密鑰的驗證資料,將上述第三密鑰判定為未認證狀態並儲存;於上述第三電子裝置輸入上述第三數據,並由上述第三數據運算產生上述第三密鑰儲存。Subsequently, the authorization method of the present invention further includes: providing a third electronic device to input a third device data, and transmitting a new third device request to the storage device, wherein the newly added third device requesting the third device data; The storage device receives the newly added third device request, and the third device data is calculated to generate a third key, and the third key is converted into a third data and displayed on the storage device; the storage device Detecting that the newly added third device requires verification data that does not meet the first key of the memory, determining the third key as an unauthenticated state and storing the third key, and inputting the third data by the third electronic device, and the third The data operation produces the third key store described above.
上述第三電子裝置雖然內存有相同於上述儲存裝置演算的第三密鑰,但由於上述儲存裝置所產生的第三密鑰在未有其他已認證裝置的授權前,屬於未認證狀態,因此,在尚未取得認證之前,上述第三電子裝置將無法請求上述儲存裝置進行位元幣資料的傳輸。The third electronic device has a third key that is calculated by the storage device, but the third key generated by the storage device belongs to an unauthenticated state before being authorized by another authenticated device. The third electronic device will not be able to request the storage device to transmit the bit currency data before the authentication is obtained.
當然,若希望將第三電子裝置能夠與上述儲存裝置進行資料的傳輸,必須由上述第一電子裝置傳輸一啟用第三裝置要求給上述儲存裝置,上述啟用第三裝置要求含有由上述第一密鑰演算的驗證資料;上述儲存裝置接收上述啟用第三裝置要求,並檢測上述啟用第三裝置要求符合內存第一密鑰的驗證資料,將已儲存的第三密鑰由未認證狀態變更判定為已認證狀態。Of course, if it is desired to enable the third electronic device to transmit data with the storage device, the first electronic device must transmit an enable third device request to the storage device, and the enable third device is required to contain the first secret. The verification data of the key calculus; the storage device receives the request for enabling the third device, and detects the verification data that the third device is required to comply with the first key of the memory, and determines that the stored third key is changed from the unauthenticated state to Authenticated status.
或者是,由上述第二電子裝置傳輸一啟用第三裝置要求給上述儲存裝置,上述啟用第三裝置要求含有由上述第二密鑰演算的驗證資料;上述儲存裝置接收上述啟用第三裝置要求,並檢測上述啟用第三裝置要求符合內存第二密鑰的驗證資料,將已儲存的第三密鑰由未認證狀態變更判定為已認證狀態。Alternatively, the second electronic device transmits an enabling third device request to the storage device, and the enabling third device requires the verification data calculated by the second key; the storage device receives the enabling third device request, And detecting the verification data that the third device is required to comply with the second key of the memory, and determining that the stored third key is changed from the unauthenticated state to the authenticated state.
不論是由已認證的第一電子裝置或第二電子裝置將上述第三密鑰由未認證狀態變更為已認證狀態,後續上述第三電子裝置將可請求上述儲存裝置進行位元幣資料的傳輸。Whether the third key is changed from the unauthenticated state to the authenticated state by the authenticated first electronic device or the second electronic device, the subsequent third electronic device may request the storage device to perform bit currency data transmission. .
於第二較佳實施狀態,本發明授權方法亦可直接提供一第二電子裝置輸入一第二裝置資料,並傳輸一新增第二裝置要求給上述儲存裝置,上述新增第二裝置要求含有上述第二裝置資料;上述儲存裝置接收上述新增第二裝置要求,並將上述第二裝置資料運算產生一第二密鑰,同時將上述第二密鑰轉換為一第二數據於上述儲存裝置上顯示;上述儲存裝置檢測上述新增第二裝置要求不符合內存第一密鑰的驗證資料,將上述第二密鑰判定為未認證狀態並儲存;於上述第二電子裝置輸入上述第二數據,並由上述第二數據運算產生上述第二密鑰儲存。In a second preferred embodiment, the authorization method of the present invention can also directly provide a second electronic device to input a second device data, and transmit a new second device request to the storage device, and the newly added second device requires The second device data; the storage device receives the newly added second device request, and the second device data is calculated to generate a second key, and the second key is converted into a second data to the storage device Displaying, the storage device detects that the newly added second device requires verification data that does not meet the first key of the memory, determines the second key as an unauthenticated state, and stores the second data, and inputs the second data to the second electronic device. And generating the second key storage by the second data operation.
由上述第一電子裝置傳輸一啟用第二裝置要求給上述儲存裝置,上述啟用第二裝置要求含有由上述第一密鑰演算的驗證資料;上述儲存裝置接收上述啟用第二裝置要求,並檢測上述啟用第二裝置要求符合內存第一密鑰的驗證資料,將已儲存的第二密鑰由未認證狀態變更判定為已認證狀態。Transmitting, by the first electronic device, an enabling second device requesting to the storage device, the enabling second device requesting verification data calculated by the first key; the storage device receiving the enabling second device request, and detecting the foregoing The second device is enabled to require the verification data conforming to the first key of the memory, and the stored second key is determined to be the authenticated state by the unauthenticated state change.
前述所有實施例中儲存裝置所顯示的第一數據、第二數據和第三數據皆設為一次性密碼(OTP),又上述第一數據、第二數據和第三數據的輸入方式可採用使用者自行操作輸入或由上述儲存裝置傳送內存數據至電子裝置自動輸入,而上述儲存裝置與每個電子裝置之間可選擇性採用有線的插接頭互相連線,或是採用無線傳輸通訊協定互相連線。其中上述儲存裝置可設為一具有近場通訊模組的智慧型卡片或是一具有連接插座的隨身碟。The first data, the second data, and the third data displayed by the storage device in all the foregoing embodiments are all set as one-time password (OTP), and the input manners of the first data, the second data, and the third data may be used. The self-operated input or the memory data transmitted by the storage device to the electronic device for automatic input, and the storage device and each electronic device can be selectively connected by wired plug connectors or connected by wireless transmission protocol. line. The storage device can be set as a smart card with a near field communication module or a flash drive with a connection socket.
本發明的特點在於採用一無法直接連線上網際網路的封閉式儲存裝置,配合與一可直接連線網際網路的電子裝置來建立連線與交易認證關係,在儲存裝置未有任何密鑰產生前,第一個產生的密鑰將直接判定為已認證狀態,後續新增的電子裝置則必須由第一電子裝置來授權新增裝置,讓儲存裝置直接產生另一已認證密鑰,亦或使用者可直接使用其他電子裝置要求儲存裝置產生一未認證密鑰,再由已授權的電子裝置(如:第一電子裝置)傳輸授權新增要求,使儲存裝置內存的未認證密鑰變更判定為已認證密鑰,藉以讓每個已經與儲存裝置建立認證關係的任何電子裝置,皆能夠各自獨立操作使得儲存裝置新增其他額外的電子裝置取得授權認證,大幅提升位元幣儲存與交易使用上的便利性。The invention is characterized in that a closed storage device that cannot directly connect to the Internet is used, and the connection and transaction authentication relationship is established with an electronic device that can directly connect to the Internet, and the storage device has no confidentiality. Before the key is generated, the first generated key will be directly determined as the authenticated state, and the newly added electronic device must be authorized by the first electronic device to add the device, so that the storage device directly generates another authenticated key. Alternatively, the user can directly use other electronic devices to request the storage device to generate an unauthenticated key, and then the authorized electronic device (eg, the first electronic device) transmits an authorization new request to make the unauthenticated key of the storage device memory. The change is determined as an authenticated key, so that any electronic device that has established an authentication relationship with the storage device can operate independently, so that the storage device adds other additional electronic devices to obtain authorized authentication, thereby greatly enhancing the storage of the bit coin. The convenience of using the transaction.
此外,透過間接資料(OTP)完成電子裝置與儲存裝置的密鑰建立,過程中不暴露密鑰於通訊傳輸中,可強化儲存裝置使用上的安全性。In addition, the key establishment of the electronic device and the storage device is completed through indirect data (OTP), and the key is not exposed in the communication transmission during the process, thereby enhancing the security of the storage device.
茲為便於更進一步對本發明之構造、使用及其特徵有更深一層明確、詳實的認識與瞭解,爰舉出較佳實施例,配合圖式詳細說明如下:In order to further clarify and understand the structure, the use and the features of the present invention, the preferred embodiment is described in detail with reference to the following drawings:
請參閱圖1所示,本發明位元幣交易裝置主要包含一存放有位元幣資料的儲存裝置以及複數個能夠操作進行位元幣交易的電子裝置,上述儲存裝置設為一種無法直接連線上網際網路的封閉式裝置,而上述電子裝置設為一可直接連線上網際網路的開放式裝置。Referring to FIG. 1 , the bit coin transaction device of the present invention mainly comprises a storage device storing bit coin data and a plurality of electronic devices capable of operating bit coin transactions, wherein the storage device is set to be incapable of directly connecting. A closed device for the Internet, and the electronic device is an open device that can be directly connected to the Internet.
於圖式一可行實施例中,本發明的第一電子裝置設為一智慧型手機10,而上述儲存裝置設為一智慧型卡片20,上述智慧型卡片20表面具有一供使用者觀看的顯示螢幕21以及一方便操作的操控介面22,且內部儲存有一位元幣資料,但並未儲存任何密鑰資料。In a possible embodiment of the present invention, the first electronic device of the present invention is configured as a smart phone 10, and the storage device is configured as a smart card 20, and the surface of the smart card 20 has a display for the user to view. The screen 21 and a convenient operation interface 22 are internally stored with one piece of currency data, but no key data is stored.
其中,上述智慧型手機10與智慧型卡片20之間採用無線傳輸通訊協定互相連線,且兩者皆安裝有一能夠進行連線、交易、演算以及認證的應用程式,上述無線傳輸通訊協定可包含:紅外線、藍芽、ISO14443、ISO7816等各種不同近程通訊方式。Wherein, the smart phone 10 and the smart card 20 are connected to each other by using a wireless transmission protocol, and both of them are installed with an application capable of connection, transaction, calculation and authentication, and the wireless transmission protocol may include : Infrared, Bluetooth, ISO14443, ISO7816 and other different short-range communication methods.
於第一較佳實施例中,本發明授權方法是先透過上述操控介面22將上述智慧型卡片20與智慧型手機10無線連線,請參閱圖2所示,隨後於上述智慧型手機10上輸入一第一裝置資料11,上述第一裝置資料11可由帳號、密碼、個資、手機晶片序號等任意資料組合而成,上述智慧型手機10將把第一裝置資料11轉換為一新增第一裝置要求12,並將上述新增第一裝置要求12傳輸至上述智慧型卡片20。In the first preferred embodiment, the smart card 20 is wirelessly connected to the smart phone 10 through the control interface 22, as shown in FIG. 2, and then on the smart phone 10. Entering a first device data 11, the first device data 11 may be composed of any data such as an account number, a password, a personal resource, a mobile phone chip serial number, etc., and the smart phone 10 converts the first device data 11 into a new one. A device request 12 is transmitted to the smart card 20 as described above.
請參閱圖3所示,當上述智慧型卡片20接收到上述新增第一裝置要求12時,將把上述新增第一裝置要求12中的第一裝置資料11運算產生一第一密鑰23,並同時將上述第一密鑰23轉換為一第一數據24於上述顯示螢幕21上顯示;後續上述智慧型卡片20檢測內部未記錄有任何裝置密鑰資料,而直接將上述第一密鑰23判定為已認證狀態並儲存。Referring to FIG. 3, when the smart card 20 receives the new first device request 12, the first device data 11 in the newly added first device request 12 is calculated to generate a first key 23. And simultaneously converting the first key 23 into a first data 24 to be displayed on the display screen 21; the subsequent smart card 20 detects that no device key data is recorded internally, and directly directly uses the first key. 23 is determined to be in an authenticated state and stored.
隨後,使用者由上述智慧型卡片20上顯示螢幕21知悉第一數據24後,可透過上述智慧型手機10自行操作輸入上述第一數據24,亦或由上述智慧型卡片20將內存的數據資料傳輸至上述智慧型手機10自動輸入上述第一數據24,由上述第一數據24運算產生上述第一密鑰23儲存;由於上述智慧型手機10內存有相同於上述智慧型卡片20演算的已認證第一密鑰23,因此,上述智慧型卡片20判定上述智慧型手機10為已認證裝置,使用者即可採用上述智慧型手機10來提取上述智慧型卡片20中的位元幣資料。Then, after the user knows the first data 24 from the display screen 21 on the smart card 20, the first data 24 can be input by the smart phone 10, or the data of the memory can be read by the smart card 20. The first smart phone 10 is automatically input to the first data 24, and the first data 24 is calculated to generate the first key 23; since the smart phone 10 has the same authentication as the smart card 20 The first key 23, therefore, the smart card 20 determines that the smart phone 10 is an authenticated device, and the user can use the smart phone 10 to extract the bit coin data in the smart card 20.
請參閱圖4所示,當使用者欲透過上述智慧型手機10來新增另一電子裝置(如圖5平板電腦30)時,可透過操作上述智慧型手機10輸入一第二裝置資料31,上述智慧型手機10將演算上述第一密鑰23形成一驗證資料,並把上述第二裝置資料31以及由上述第一密鑰23演算的驗證資料結合轉換為一新增第二裝置要求32,並將上述新增第二裝置要求32傳輸至上述智慧型卡片20。Referring to FIG. 4, when the user wants to add another electronic device (such as the tablet 30 in FIG. 5) through the smart phone 10, the second device data 31 can be input by operating the smart phone 10. The smart phone 10 calculates the first key 23 to form a verification data, and converts the second device data 31 and the verification data calculated by the first key 23 into a new second device requirement 32. The above-mentioned new second device request 32 is transmitted to the smart card 20 described above.
請參閱圖5所示,上述智慧型卡片20於接收上述新增第二裝置要求32後,將上述第二裝置資料31運算產生一第二密鑰25,同時將上述第二密鑰25轉換為一第二數據26於上述智慧型卡片20上顯示,另因上述智慧型卡片20檢測上述新增第二裝置要求32所含的密鑰驗證資料符合內部儲存已認證第一密鑰23所演算的驗證資料,故將上述第二密鑰25判定為已認證狀態並儲存。Referring to FIG. 5, after receiving the new second device request 32, the smart card 20 calculates the second device data 31 to generate a second key 25, and converts the second key 25 into A second data 26 is displayed on the smart card 20, and the smart card 20 detects that the key verification data included in the newly added second device requirement 32 conforms to the internal storage of the authenticated first key 23 The verification data is such that the second key 25 is determined to be in an authenticated state and stored.
隨後,使用者由上述智慧型卡片20上顯示螢幕21知悉第二數據26後,採用一安裝有上述應用程式的平板電腦30自行操作輸入上述第二數據26,亦或由上述智慧型卡片20將內存的數據資料傳輸至上述平板電腦30自動輸入上述第二數據26,上述平板電腦30將由上述第二數據26運算產生上述第二密鑰25並儲存。由於上述平板電腦30內存有相同於上述智慧型卡片20演算的已認證第二密鑰25,因此,當上述智慧型卡片20與上述平板電腦30互相連線時,上述智慧型卡片20將判定上述平板電腦30同樣為已認證裝置,使用者即可採用上述平板電腦30來提取上述智慧型卡片20中的位元幣資料。Then, after the user knows the second data 26 from the display screen 21 on the smart card 20, the user inputs the second data 26 by using the tablet 30 with the application program, or the smart card 20 The data data of the memory is transferred to the tablet computer 30 to automatically input the second data 26, and the tablet computer 30 calculates and stores the second key 25 by the second data 26. Since the tablet 30 has the authenticated second key 25 calculated in the same manner as the smart card 20, when the smart card 20 and the tablet 30 are connected to each other, the smart card 20 determines the above. The tablet 30 is also an authenticated device, and the user can use the tablet 30 to extract the bitcoin data in the smart card 20.
後續若使用者希望增加一第三電子裝置40來配合上述智慧型卡片20進行位元幣交易,除可採用上述智慧型手機10(第一電子裝置)或平板電腦30(第二電子裝置)等已認證裝置來直接進行新增裝置外,亦可直接採用一新的第三電子裝置40(如:另一台智慧型手機、平板電腦或是筆記型電腦)直接與上述智慧型卡片20建立連線。If the user wishes to add a third electronic device 40 to perform the bit coin transaction with the smart card 20, the smart phone 10 (first electronic device) or the tablet computer 30 (second electronic device) may be used. The authenticated device can be directly connected to the smart card 20 directly by using a new third electronic device 40 (such as another smart phone, a tablet computer or a notebook computer). line.
請參閱圖6所示,若希望採用新的電子裝置與上述智慧型卡片20建立連線,則必須提供一第三電子裝置40輸入一第三裝置資料41,並傳輸一新增第三裝置要求42給上述智慧型卡片20,上述新增第三裝置要求42含有上述第三裝置資料41;上述智慧型卡片20接收上述新增第三裝置要求42,並將上述第三裝置資料41運算產生一第三密鑰27,同時將上述第三密鑰27轉換為一第三數據28於上述智慧型卡片20上顯示;上述智慧型卡片20將檢測出上述新增第三裝置要求42不符合內部儲存由上述第一密鑰23所驗算的驗證資料,將上述第三密鑰27判定為未認證狀態並儲存。Referring to FIG. 6 , if it is desired to establish a connection with the smart card 20 by using a new electronic device, a third electronic device 40 must be provided to input a third device data 41 and transmit a new third device request. 42. For the smart card 20, the newly added third device request 42 includes the third device data 41; the smart card 20 receives the newly added third device request 42 and operates the third device data 41 to generate a The third key 27 simultaneously converts the third key 27 into a third data 28 for display on the smart card 20; the smart card 20 will detect that the newly added third device request 42 does not conform to internal storage. The third key 27 is determined to be in an unauthenticated state and stored by the verification data checked by the first key 23 described above.
請參閱圖7所示,使用者由上述智慧型卡片20上顯示螢幕21知悉第三數據28後,將採用一安裝有上述應用程式的第三電子裝置40中自行操作輸入上述第三數據28,亦或由上述智慧型卡片20將內存的數據資料傳輸至上述第三電子裝置40自動輸入上述第三數據28,並由上述第三數據28運算產生上述第三密鑰27儲存。上述第三電子裝置40雖然內存有相同於上述智慧型卡片20演算的第三密鑰27,但由於上述智慧型卡片20所產生的第三密鑰27在未有其他已認證裝置(如智慧型手機10或平板電腦30)的授權前屬於未認證狀態,因此,在尚未取得認證之前,上述第三電子裝置40將無法請求上述智慧型卡片20進行位元幣資料的傳輸。Referring to FIG. 7, after the user knows the third data 28 from the display screen 21 on the smart card 20, the user inputs the third data 28 by using a third electronic device 40 equipped with the application. Alternatively, the data card of the memory is transmitted by the smart card 20 to the third electronic device 40 to automatically input the third data 28, and the third data 28 is calculated to generate the third key 27 for storage. The third electronic device 40 has the third key 27 calculated by the smart card 20, but the third key 27 generated by the smart card 20 does not have other authenticated devices (such as smart type). The authorization of the mobile phone 10 or the tablet 30) is unauthenticated. Therefore, the third electronic device 40 cannot request the smart card 20 to transmit the bitcoin data until the authentication has been obtained.
當然,若希望將上述智慧型卡片20中儲存的第三密鑰27由未認證裝置改為已認證狀態,使上述第三電子裝置40能夠與智慧型卡片20之間進行資料的傳輸。必須再由已認證過的電子裝置(如智慧型手機10或智慧型卡片20)傳輸一含有由已認證密鑰(如:第一密鑰23或第二密鑰25)驗證資料的啟用第三裝置要求43給上述智慧型卡片20;上述智慧型卡片20於接收上述啟用第三裝置要求43後,將檢測上述啟用第三裝置要求43是否符合內存的已認證密鑰的驗證資料,若符合任何一個已認證密鑰所驗算的驗證資料,將把第三密鑰27由未認證狀態變更判定為已認證狀態,後續上述第三電子裝置40將可請求上述智慧型卡片20進行位元幣資料的傳輸。Of course, if it is desired to change the third key 27 stored in the smart card 20 from the unauthenticated device to the authenticated state, the third electronic device 40 can perform data transmission with the smart card 20. The authenticated electronic device (such as the smart phone 10 or the smart card 20) must be transmitted again to enable the third of the authentication data containing the authenticated key (eg, the first key 23 or the second key 25). The device request 43 is sent to the smart card 20; after receiving the enabling third device requirement 43, the smart card 20 detects the verification data of the authenticated key that enables the third device requirement 43 to meet the memory, if any The verification data verified by the authenticated key will determine the third key 27 from the unauthenticated state change to the authenticated state, and the third electronic device 40 may subsequently request the smart card 20 to perform the bit currency data. transmission.
前述儲存裝置設計為一智慧型卡片20僅為方便舉例說明之用,並非加以限制其產品結構。亦即上述儲存裝置亦可設計為以插接方式連線的硬碟、隨身碟或記憶卡等。The foregoing storage device is designed as a smart card 20 for convenience of illustration and does not limit its product structure. In other words, the storage device can also be designed as a hard disk, a flash drive or a memory card that is connected by a plug-in method.
請參閱圖9A至圖9B所示,由前述實施例可知,本發明由已認證裝置進行新增的方法包含:步驟(A)提供一儲存裝置與一第一電子裝置互相連線,上述儲存裝置內部未記錄任何裝置密鑰;步驟(B)於上述第一電子裝置輸入一第一裝置資料,並傳輸一新增第一裝置要求至上述儲存裝置,上述新增第一裝置要求含有上述第一裝置資料;步驟(C)上述儲存裝置接收上述新增第一裝置要求,並將上述第一裝置資料運算產生一第一密鑰,同時將上述第一密鑰轉換為一第一數據於上述儲存裝置上顯示;步驟(D)上述儲存裝置檢測內部未記錄有任何密鑰,將上述第一密鑰判定為已認證狀態並儲存;步驟(E)於上述第一電子裝置輸入上述第一數據,並由上述第一數據運算產生上述第一密鑰儲存;步驟(F)上述第一電子裝置輸入一第二裝置資料,並傳輸一新增第二裝置要求給上述儲存裝置,上述新增第二裝置要求含有上述第二裝置資料以及由上述第一密鑰驗算的驗證資料;步驟(G)上述儲存裝置接收上述新增第二裝置要求,並將上述第二裝置資料運算產生一第二密鑰,同時將上述第二密鑰轉換為一第二數據於上述儲存裝置上顯示;步驟(H)上述儲存裝置檢測上述新增第二裝置要求符合內存第一密鑰的驗證資料,將上述第二密鑰判定為已認證狀態並儲存;步驟(I)提供一第二電子裝置並輸入上述第二數據,上述第二電子裝置將由上述第二數據運算產生上述第二密鑰並儲存。Referring to FIG. 9A to FIG. 9B , it can be seen from the foregoing embodiments that the method of the present invention for adding a new device includes: step (A) providing a storage device and a first electronic device interconnecting the storage device. No device key is recorded internally; step (B) inputs a first device data to the first electronic device, and transmits a new first device request to the storage device, and the newly added first device request includes the first device Device data; step (C) the storage device receives the newly added first device request, and the first device data is calculated to generate a first key, and the first key is converted into a first data in the storage Displaying on the device; step (D) the storage device detecting that no key is recorded internally, determining the first key to be authenticated and storing; and (E) inputting the first data to the first electronic device, And generating, by the first data operation, the first key storage; the step (F), the first electronic device inputting a second device data, and transmitting a new second device request to the storage The device, the newly added second device is required to include the second device data and the verification data verified by the first key; and the step (G), the storage device receives the newly added second device request, and the second device data is The operation generates a second key, and simultaneously converts the second key into a second data for display on the storage device; and (H) the storage device detects that the newly added second device is required to meet the first key of the memory Verifying the data, determining the second key as an authenticated state and storing; step (I) provides a second electronic device and inputting the second data, and the second electronic device generates the second dense by the second data operation Key and save.
請參閱圖10所示第二較佳實施例,本發明另可於智慧型手機10與智慧型卡片20之間完成認證關係之後,即直接提供上述平板電腦30輸入一第二裝置資料31,並傳輸一新增第二裝置要求32給上述智慧型卡片20,上述新增第二裝置要求32僅含有上述第二裝置資料31,而未有由上述第一密鑰23演算的驗證資料;上述智慧型卡片20接收上述新增第二裝置要求32,並將上述第二裝置資料31運算產生一第二密鑰25,同時將上述第二密鑰25轉換為一第二數據26於上述智慧型卡片20上顯示;上述智慧型卡片20檢測上述新增第二裝置要求32不符合內存第一密鑰23所演算的驗證資料,將上述第二密鑰25判定為未認證狀態並儲存;於上述平板電腦30輸入上述第二數據26,並由上述第二數據26運算產生上述第二密鑰25儲存。Referring to the second preferred embodiment shown in FIG. 10, after the authentication relationship is completed between the smart phone 10 and the smart card 20, the tablet 30 directly inputs a second device data 31, and Transmitting a new second device request 32 to the smart card 20, the newly added second device request 32 only containing the second device data 31, and there is no verification data calculated by the first key 23; The type card 20 receives the new second device request 32, and the second device data 31 is operated to generate a second key 25, and the second key 25 is converted into a second data 26 to the smart card. The above-mentioned smart card 20 detects that the newly added second device request 32 does not meet the verification data calculated by the first key 23 of the memory, and determines the second key 25 as an unauthenticated state and stores it; The computer 30 inputs the second data 26 and generates the second key 25 by the second data 26 operation.
請參閱圖11所示,後續,如同前一實施例的新增第三電子裝置40流程,由上述智慧型手機10傳輸一啟用第二裝置要求33給上述智慧型卡片20,上述啟用第二裝置要求33含有由上述第一密鑰23所驗算的驗證資料;上述智慧型卡片20接收上述啟用第二裝置要求33,並檢測上述啟用第二裝置要求33符合內存第一密鑰23所演算的驗證資料,將已儲存的第二密鑰25由未認證狀態變更判定為已認證狀態,後續上述平板電腦30將可請求上述智慧型卡片20進行位元幣資料的傳輸。Referring to FIG. 11 , in the following, as in the process of adding the third electronic device 40 in the previous embodiment, the smart phone 10 transmits an enable second device request 33 to the smart card 20, and the second device is enabled. The request 33 includes verification data verified by the first key 23; the smart card 20 receives the enabling second device request 33, and detects that the enabling second device request 33 conforms to the verification of the memory first key 23 The data is used to determine that the stored second key 25 is changed from the unauthenticated state to the authenticated state, and the tablet 30 may subsequently request the smart card 20 to transmit the bitcoin data.
請參閱圖12A至圖12B所示,由前述實施例可知,本發明由未認證裝置進行新增的方法包含:步驟(A)提供一儲存裝置與一第一電子裝置互相連線,上述儲存裝置內部未記錄任何密鑰;步驟(B)於上述第一電子裝置輸入一第一裝置資料,並傳輸一新增第一裝置要求至上述儲存裝置,上述新增第一裝置要求含有上述第一裝置資料;步驟(C)上述儲存裝置接收上述新增第一裝置要求,並將上述第一裝置資料運算產生一第一密鑰,同時將上述第一密鑰轉換為一第一數據於上述儲存裝置上顯示;步驟(D)上述儲存裝置檢測內部未記錄有任何密鑰,將上述第一密鑰判定為已認證狀態並儲存;步驟(E)於上述第一電子裝置輸入上述第一數據,並由上述第一數據運算產生上述第一密鑰儲存;步驟(F)提供一第二電子裝置輸入一第二裝置資料,並傳輸一新增第二裝置要求給上述儲存裝置,上述新增第二裝置要求含有上述第二裝置資料;步驟(G)上述儲存裝置接收上述新增第二裝置要求,並將上述第二裝置資料運算產生一第二密鑰,同時將上述第二密鑰轉換為一第二數據於上述儲存裝置上顯示;步驟(H)上述儲存裝置檢測上述新增第二裝置要求不符合內存第一密鑰所演算的驗證資料,將上述第二密鑰判定為未認證狀態並儲存;步驟(I)於上述第二電子裝置輸入上述第二數據,並由上述第二數據運算產生上述第二密鑰儲存;步驟(J)由上述第一電子裝置傳輸一啟用第二裝置要求給上述儲存裝置,上述啟用第二裝置要求含有由上述第一密鑰演算的認證資料;步驟(K)上述儲存裝置接收上述啟用第二裝置要求,並檢測上述啟用第二裝置要求符合內存第一密鑰所演算的驗證資料,將已儲存的第二密鑰由未認證狀態變更判定為已認證狀態。Referring to FIG. 12A to FIG. 12B , it can be seen from the foregoing embodiments that the method for adding an unauthenticated device according to the present invention includes: step (A) providing a storage device and a first electronic device interconnected, the storage device No key is recorded internally; step (B) inputs a first device data to the first electronic device, and transmits a new first device request to the storage device, wherein the newly added first device requires the first device to be included The data storage device receives the new first device request, and the first device data is generated to generate a first key, and the first key is converted into a first data to the storage device. The above-mentioned storage device detects that no key is recorded internally, determines the first key to be authenticated and stores it; and (E) inputs the first data to the first electronic device, and Generating the first key storage by the first data operation; step (F) providing a second electronic device to input a second device data, and transmitting a new second device request to the storage The second adding device is required to include the second device data; the step (G) is that the storing device receives the newly added second device request, and the second device data is calculated to generate a second key, and the foregoing Converting the second key into a second data to be displayed on the storage device; and (H) the storing device detects that the newly added second device requires the verification data calculated by the first key of the memory not to match the second key Determining the key as an unauthenticated state and storing; the step (I) inputting the second data to the second electronic device, and generating the second key storage by the second data operation; and (J) by the first electronic device Transmitting an enable second device request to the storage device, the enabling second device requesting the authentication data calculated by the first key; and (K) the storing device receiving the enabling second device request, and detecting the enabling The second device is required to comply with the verification data calculated by the first key of the memory, and the stored second key is determined to be in an authenticated state by the unauthenticated state change.
以上所舉實施例,僅用為方便說明本發明並非加以限制,在不離本發明精神範疇,熟悉此一行業技藝人士依本發明申請專利範圍及發明說明所作之各種簡易變形與修飾,均仍應含括於以下申請專利範圍中。The above embodiments are intended to be illustrative only, and are not intended to limit the scope of the present invention. It is included in the scope of the following patent application.
10‧‧‧智慧型手機
11‧‧‧第一裝置資料
12‧‧‧新增第一裝置要求
20‧‧‧智慧型卡片
21‧‧‧顯示螢幕
22‧‧‧操控介面
23‧‧‧第一密鑰
24‧‧‧第一數據
25‧‧‧第二密鑰
26‧‧‧第二數據
27‧‧‧第三密鑰
28‧‧‧第三數據
30‧‧‧平板電腦
31‧‧‧第二裝置資料
32‧‧‧新增第二裝置要求
33‧‧‧啟用第二裝置要求
40‧‧‧第三電子裝置
41‧‧‧第三裝置資料
42‧‧‧新增第三裝置要求
43‧‧‧啟用第三裝置要求10‧‧‧Smart mobile phone
11‧‧‧ First device data
12‧‧‧New first device requirements
20‧‧‧Smart card
21‧‧‧ Display screen
22‧‧‧Control interface
23‧‧‧ First key
24‧‧‧ first data
25‧‧‧second key
26‧‧‧ Second data
27‧‧‧ Third key
28‧‧‧ Third data
30‧‧‧ tablet
31‧‧‧Second device information
32‧‧‧Addition of second device requirements
33‧‧‧Enable second device requirements
40‧‧‧ Third electronic device
41‧‧‧ Third device information
42‧‧‧New third device requirements
43‧‧‧Enable third device requirements
圖1為本發明第一電子裝置連線儲存裝置的示意圖; 圖2為本發明第一電子裝置傳輸新增第一裝置要求給儲存裝置的示意圖; 圖3為本發明儲存裝置產生已認證密鑰數據由使用者輸入第一電子裝置的示意圖; 圖4為本發明第一電子裝傳輸新增第二裝置要求給儲存裝置的示意圖; 圖5為本發明儲存裝置產生已認證密鑰數據由使用者輸入第二電子裝置的示意圖; 圖6為本發明第三電子裝置傳輸新增第三裝置要求給儲存裝置的示意圖; 圖7為本發明儲存裝置產生未認證密鑰數據並由使用者輸入第三電子裝置的的示意圖; 圖8為本發明第一電子裝置要求儲存裝置啟動認證第三電子裝置的示意圖; 圖9A至9B為本發明授權方法第一較佳實施例的流程圖; 圖10為本發明第二電子裝置傳輸新增第二裝置要求給儲存裝置的示意圖; 圖11為本發明儲存裝置產生未認證密鑰數據並由使用者輸入第二電子裝置的示意圖; 圖12A至圖12B為本發明授權方法第二較佳實施例的流程圖。1 is a schematic diagram of a first electronic device connection storage device of the present invention; FIG. 2 is a schematic diagram of a first electronic device transmitting a first device requirement to a storage device according to the present invention; FIG. 3 is a storage device generating an authenticated key according to the present invention; FIG. 4 is a schematic diagram of the first electronic device transmitting a second device required to the storage device according to the present invention; FIG. 5 is a schematic diagram of the device for generating the authenticated key data by the user device according to the present invention; FIG. 6 is a schematic diagram of a third electronic device transmitting a third device request to a storage device according to the present invention; FIG. 7 is a view showing that the storage device generates unauthenticated key data and is input by a user. FIG. 8 is a schematic diagram of a first electronic device requiring a storage device to initiate authentication of a third electronic device according to the present invention; and FIGS. 9A to 9B are flowcharts showing a first preferred embodiment of the authorization method of the present invention; The second electronic device transmits a schematic diagram of the newly added second device request to the storage device; FIG. 11 shows the unauthenticated key data generated by the storage device of the present invention. A schematic view of a second user input from the electronic device; FIGS. 12A to 12B flowchart of a second preferred embodiment of the present invention, authorization method.
Claims (13)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW103139308A TWI564825B (en) | 2014-11-12 | 2014-11-12 | Authorization method for new currency trading device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW103139308A TWI564825B (en) | 2014-11-12 | 2014-11-12 | Authorization method for new currency trading device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| TW201617986A TW201617986A (en) | 2016-05-16 |
| TWI564825B true TWI564825B (en) | 2017-01-01 |
Family
ID=56509005
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| TW103139308A TWI564825B (en) | 2014-11-12 | 2014-11-12 | Authorization method for new currency trading device |
Country Status (1)
| Country | Link |
|---|---|
| TW (1) | TWI564825B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TWI694337B (en) * | 2018-11-02 | 2020-05-21 | 英屬維京群島商幣託科技有限公司 | Method for cross-platform digital information exchanging and system thereof |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2012079145A1 (en) * | 2010-12-16 | 2012-06-21 | 1856327 Ontario Corp. | Method and system for product or service source authentication |
| WO2013127713A1 (en) * | 2012-03-02 | 2013-09-06 | Alcatel Lucent | Decentralized electronic transfer system |
| CN103927656A (en) * | 2014-05-05 | 2014-07-16 | 宋骊平 | Bitcoin terminal wallet with embedded fixed collecting address and Bitcoin payment method of Bitcoin terminal wallet |
| US20140279544A1 (en) * | 2013-03-15 | 2014-09-18 | Independence Bancshares, Inc. | Creation and use of mobile identities |
-
2014
- 2014-11-12 TW TW103139308A patent/TWI564825B/en active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2012079145A1 (en) * | 2010-12-16 | 2012-06-21 | 1856327 Ontario Corp. | Method and system for product or service source authentication |
| WO2013127713A1 (en) * | 2012-03-02 | 2013-09-06 | Alcatel Lucent | Decentralized electronic transfer system |
| US20140279544A1 (en) * | 2013-03-15 | 2014-09-18 | Independence Bancshares, Inc. | Creation and use of mobile identities |
| CN103927656A (en) * | 2014-05-05 | 2014-07-16 | 宋骊平 | Bitcoin terminal wallet with embedded fixed collecting address and Bitcoin payment method of Bitcoin terminal wallet |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TWI694337B (en) * | 2018-11-02 | 2020-05-21 | 英屬維京群島商幣託科技有限公司 | Method for cross-platform digital information exchanging and system thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| TW201617986A (en) | 2016-05-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR102138283B1 (en) | Method of using one device to unlock another device | |
| US20210081928A1 (en) | Systems and methods for linking devices to user accounts | |
| CN106779636B (en) | Block chain digital currency wallet based on mobile phone earphone interface | |
| US20210004454A1 (en) | Proof of affinity to a secure event for frictionless credential management | |
| JP6921222B2 (en) | Encryption key management based on ID information | |
| US9722792B2 (en) | Reading of an attribute from an ID token | |
| CN108229220B (en) | System and method for trusted presentation of information on untrusted user devices | |
| US20220239509A1 (en) | Method for storing and recovering key for blockchain-based system, and device therefor | |
| KR101943228B1 (en) | Blockchain system for virtual currency | |
| JP2023535013A (en) | Quantum secure payment system | |
| TW201608499A (en) | Transaction device, transaction system using the same and transaction method using the same | |
| US20100005519A1 (en) | System and method for authenticating one-time virtual secret information | |
| CN104966193A (en) | System and method for safely transmitting ID (identity )by using Bluetooth | |
| TWI564825B (en) | Authorization method for new currency trading device | |
| CN115362461A (en) | Electronic device for transmitting cryptocurrency to a blockchain account and method for operating the electronic device | |
| JP2019036139A (en) | Data structure, transmitter, receiver, settlement device, method, and computer program | |
| KR102532162B1 (en) | Method for verifying ownership of a blockchain wallet without a signature function and system using thereof | |
| WO2019237258A1 (en) | Digital currency interactive method, digital currency physical carrier, terminal device and storage medium | |
| TWI524289B (en) | Data transfer method between bit currency trading devices | |
| KR20170041463A (en) | Creation Method of Signature Key to use Security Token efficiently | |
| CN113159940A (en) | Transaction method, system and computer equipment for enhanced bit currency wallet | |
| TWI625690B (en) | Bit coin transaction authentication method | |
| KR102118620B1 (en) | System for and method of transmiting digital asset including cryptocurrency | |
| WO2019232766A1 (en) | Trading method, hardware wallet and trading device | |
| KR101495034B1 (en) | Method and system for remote authentication based on security token |