WO2010045821A1 - 密钥更新方法和系统 - Google Patents

密钥更新方法和系统 Download PDF

Info

Publication number
WO2010045821A1
WO2010045821A1 PCT/CN2009/073399 CN2009073399W WO2010045821A1 WO 2010045821 A1 WO2010045821 A1 WO 2010045821A1 CN 2009073399 W CN2009073399 W CN 2009073399W WO 2010045821 A1 WO2010045821 A1 WO 2010045821A1
Authority
WO
WIPO (PCT)
Prior art keywords
smart card
security domain
management platform
card
service terminal
Prior art date
Application number
PCT/CN2009/073399
Other languages
English (en)
French (fr)
Inventor
贾倩
余万涛
马景旺
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2010045821A1 publication Critical patent/WO2010045821A1/zh

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • H04W12/086Access security using security domains
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/35Protecting application or service provisioning, e.g. securing SIM application provisioning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal

Definitions

  • NFC Near Field Communication
  • RFID Radio Frequency Identification
  • mobile communication terminals such as mobile phones can simulate contactless IC cards for related applications of electronic payment, and mobile phones are used in the field of electronic payment, which will further expand the use of mobile phones and bring people's lives. Convenient, there is a broad application prospect.
  • the main security i or Issuer Security Domain, called ISD
  • ISD Issuer Security Domain
  • issuer security i or is the primary security domain enforced by the card issuer, which can be used to represent the current card, the primary security domain is included for support Secure channel protocol operation and security domain key for card content management.
  • the security domain key includes a primary security domain key for ensuring integrity and confidentiality of application data during initialization and use of the secure channel, and for implementing mutual authentication of the card and the external entity.
  • Each security domain (including the primary security domain) has at least one set of keys, which are Secure Channel-Encryption (S-ENC), Secure Channel Information-Fire Code Encryption (Secure Channel) -Message Authentication Code, the cartridge is called S-MAC) and data force.
  • S-ENC Secure Channel-Encryption
  • Secure Channel Secure Channel Information-Fire Code Encryption
  • S-MAC Secure Channel Information-Fire Code Encryption
  • the Data Encryption Key (DEK) is used to generate the corresponding session key for use during the initialization and use of the secure channel.
  • the card issuer management platform must update the primary security domain key when the primary security domain key is about to expire, leak, or is assessed to be at risk of leakage.
  • the primary security domain key update method includes scheduled update and forced update, wherein the scheduled update is based on the set primary security domain update cycle, and the primary security domain key is updated before the primary security domain key is about to expire; Forced update is The primary security domain key is forced to update if the primary security domain key is compromised or if it is assessed that the key is at risk of leakage.
  • updating the key security domain key of the smart card is an important means to ensure the security of the smart card electronic payment application.
  • no specific solution has been proposed for the key security domain key update of the smart card. Therefore, there is an urgent need for a technical solution that can quickly and easily update the smart card primary security domain key.
  • a key update method for performing an update of a primary security domain key on a smart card of a mobile terminal.
  • the card issuer management platform receives the smart card primary security domain key update request sent by the service terminal in a predetermined data format, and selects the primary security domain of the smart card through the service terminal to establish security with the smart card.
  • the card issuer management platform and the smart card perform a key update operation on the selected primary security domain through a secure channel.
  • the foregoing method further includes: the service terminal sending the smart card primary security domain key update request to the card issuer management platform, where the smart card primary security The domain key update request carries the feature information of the smart card.
  • the specific processing of the card issuer management platform and the smart card establishing a secure channel is as follows:
  • the card issuer management platform establishes a secure channel with the smart card according to a predetermined secure channel protocol, and the card issuer management platform and the smart card identify the identity while establishing a secure channel. Authentication and negotiation of session keys.
  • the card issuer management platform and the smart card perform the key update operation of the smart card primary security domain as follows:
  • the card issuer management platform encrypts the new primary security key by using the primary security domain key, and encapsulates the predetermined command.
  • the card issuer management platform encapsulates the predetermined command as data and sends it to the smart card through the service terminal; after receiving the predetermined command, the smart card decrypts the new primary security domain key, performs the primary security domain key update operation, and The service terminal sends a response message to the card issuer management platform; the service terminal receives the key update completion command sent by the card issuer management platform, and ends the communication with the smart card.
  • a key update system is provided.
  • the key update system comprises: a card issuer management platform, configured to receive a smart card primary security domain key update request sent by the service terminal in a predetermined data format, and select a smart card primary security domain through the service terminal, and the smart card After establishing a secure channel, the smart card performs a key update operation on the selected primary security domain through the secure channel; the service terminal is configured to send the smart card primary security domain key update request to the card issuer management platform, and is in the card issuer management platform. Transmitting data transparently with the smart card, wherein the smart card primary security domain key update request carries the feature information of the smart card; the smart card is used to perform the selected primary security domain through the secure channel through the service terminal and the card issuer management platform. Key update operation.
  • the service terminal is further configured to send a read smart card feature information command to the smart card.
  • the smart card is further configured to transmit to the service terminal in response to reading the smart card feature information command and encapsulating the feature information in a response message for reading the smart card feature information command.
  • the card issuer management platform further includes: an acquisition module, configured to acquire feature information of the smart card in the smart card primary security domain key update request; and a determination module, configured to determine, according to the feature information of the smart card, whether the update is required; The module is configured to select, by the service terminal, a primary security domain of the smart card when the determining module determines to be YES.
  • the card issuer management platform further includes: an establishing module, configured to establish a secure channel with the smart card according to a predetermined secure channel protocol; and an authentication module, configured to perform identity authentication with the smart card while establishing a secure channel.
  • the card issuer management platform further includes: an encryption module, configured to encrypt the new primary security key by using a primary security domain key; and a first encapsulation module, configured to encapsulate the encrypted new primary security key
  • the second encapsulating module is configured to encapsulate the predetermined command as data
  • the sending module is configured to send the predetermined command to the smart card by using the service terminal
  • the receiving module is configured to: after receiving the response message sent by the service terminal, , Send a key update completion command to the service terminal.
  • FIG. 1 is a block diagram of a key update system according to an embodiment of the present invention
  • FIG. 2 is a flowchart of a key update method according to an embodiment of the present invention
  • FIG. 3 is an embodiment of the present invention. Signaling flowchart for detailed processing of the key update method.
  • DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Currently, in the related art, a technical solution for implementing a smart card primary security domain key update using a service terminal has not been proposed. Therefore, the present invention provides a method for implementing a primary security domain key update by a service terminal.
  • the card issuer management platform receives the smart card master security domain key update request sent by the service terminal in a predetermined data format, and selects a smart card's primary security domain through the service terminal to establish a secure channel with the smart card; the card issuer management platform and the smart card Smart card primary security domain
  • the key update operation to implement a secure update of the primary security domain key.
  • a near field communication based mobile terminal electronic payment system The framework is required to meet the Global Platform Card Specification version 2.1.1 or 2.2 (Global Platform Card Specification V2.1.1 or V2.2) developed by the Global Platform (GP) organization, if the system supports the GP2.1.1 specification.
  • the secure channel protocol needs to support a symmetric key (Security Channel Protocol 02, called SCP02); if the system supports the GP2.2 specification, the secure channel protocol needs to support SCP02 and based on the asymmetric key (Security Channel Protocol 10)
  • SCP10 Secure Channel Protocol
  • the mobile terminal electronic payment system is mainly composed of a card issuer management platform, an application provider management platform and a mobile terminal, and multiple application provider management platforms may exist in the system.
  • the smart terminal has a smart card supporting electronic payment.
  • the smart card needs to establish communication with the card issuer management platform and the application provider management platform, and the smart card can use the mobile terminal to move.
  • the communication network establishes communication between the service terminal of the management platform and the management platform.
  • the mobile terminal electronic payment system based on the near field communication technology supports a multi-electronic payment application, that is, a plurality of electronic payment applications can be installed on the smart card.
  • FIG. 1 is a diagram of a key update system according to an embodiment of the present invention. As shown in FIG. 1, a slice issuer management platform 10 is included.
  • the terminal 12 and the smart card 14 (located in the mobile terminal) will be described in detail below with respect to the key update system.
  • the card issuer management platform 10 is responsible for card issuance and management, and manages card resources and lifecycles, keys, certificates, and applications.
  • the service terminal 12, the card issuer can provide the user with the relevant information of the smart card 14 through the service terminal 12 of the business outlet, for example, key update, download and update of the electronic payment application, etc., jt ⁇ , the business of the card issuer
  • the terminal 12 can be connected to the card issuer management platform 10 through the service terminal management system.
  • the service terminal 12 is configured with a smart card read/write device, and communicates with the smart card read/write device and the smart card 14.
  • the smart card read/write device can be a contactless reader/writer or Contact smart card reader, when a contactless reader/writer is used, the smart card 14 is placed in the mobile terminal, and the service terminal 12 communicates with the smart card 14 through the near field communication protocol; when the contact smart card reader is used, the service The terminal 12 communicates directly with the smart card 14 via a smart card reader.
  • the service terminal 12 first needs to send a smart card 14 primary security domain key update request to the card issuer management platform 10, and transparently transmits data between the card issuer management platform 10 and the smart card 14, wherein the smart card 14 The feature information of the smart card 14 is carried in the primary security domain key update request.
  • the smart card 14 is configured to perform a key update operation on the selected primary security domain through the secure channel through the service terminal 12 and the card issuer management platform 10.
  • the smart card refers to an IC chip or a smart card conforming to the Global Platform Card Specification V2.1.2.2 specification, and may be a physical (U)SIM card, a pluggable smart memory card or integrated in a mobile terminal. On the IC chip.
  • the service terminal 12 is further used for the smart card
  • the smart card 14 sends a read smart card feature information command; the smart card 14 transmits the signature information to the service terminal 12 in response to the read smart card feature information command and encapsulates its feature information in a response message for reading the smart card feature information command.
  • the service terminal 12 first reads the feature information of the smart card 14 , and the smart card feature information refers to the information that can identify the smart card 14 , which may be an integrated circuit card identification code (ICCID), but is not limited thereto. This is not limited; then the business terminal 12 The information is included in the key update request and sent to the card issuer management platform 10.
  • ICCID integrated circuit card identification code
  • the card issuer management platform 10 further includes: an obtaining module, configured to acquire feature information of the smart card 14 in the smart card key update request of the smart card 14; and a determining module, configured to determine, according to the feature information of the smart card 14, whether the update is needed a selection module, configured to select, by the service terminal 12, a primary security domain of the smart card 14 when the determination module determines to be YES; and an establishing module, configured to establish a secure channel with the smart card 14 according to a predetermined secure channel protocol;
  • a secure channel can be established between them according to regulations;
  • an authentication module is used for establishing At the same time as the secure channel, the smart card 14 is authenticated and encrypted by the operator.
  • the service terminal 12 does not have a key to communicate with the smart card 14, and the command sent to the smart card 14 is encapsulated by the card issuer management platform 10 and communicates between the service terminal 12 and the card issuer management platform 10
  • the protocol transmits the command as data to the service terminal 12, and the service terminal 12 transparently transmits the received data to the smart card 14, and the service terminal 12 cannot parse the encrypted information in the command; the response information sent by the smart card 14 to the card issuer management platform 10
  • the service terminal 12 transparently transmits the data to the card issuer management platform 10, and the service terminal 12 cannot parse the encrypted information in the response.
  • An encryption module configured to encrypt a new primary security key by using a primary security domain key; a first encapsulating module, configured to encapsulate the encrypted new primary security key in a predetermined command (PUT KEY command); a second encapsulating module, configured to encapsulate the predetermined command as data; a sending module, configured to send the predetermined command to the smart card through the service terminal 12; the smart card 14 uses the new primary security domain key to update the existing key on the card, and completes Primary security domain
  • the update of the key after the update is completed, sends a response message to the card issuer management platform 10 via the service terminal 12.
  • the receiving module is configured to send a key update completion command to the service terminal 12 after receiving the response message sent by the service terminal 12.
  • Step S202 A card issuer management platform receives a smart card primary security domain sent by a service terminal in a predetermined data format.
  • the key update request, and the security terminal is selected by the service terminal to establish a secure channel with the smart card.
  • the card issuer management platform Before proceeding to the process of step S202, when the primary security domain key is about to expire, leak, or is assessed to be at risk of leakage, the card issuer management platform must update the primary security domain key. At this time, the card issuer management platform will Use the phone or SMS to inform the user to carry the card to his business outlet to update the key through the service terminal. After the user receives the notification and carries the smart card to its business outlet, the smart card primary security domain key update through the service terminal specifically includes the following processing: 1. The service terminal sends a read smart card feature information command to the smart card; 2.
  • the smart card feature information command the smart card encapsulates its feature information in a response message for reading the smart card feature information command, and sends the smart card to the card issuer management platform, where the smart card sends the smart card primary security domain key update request to the card issuer management platform.
  • the key security domain key update request carries the feature information of the smart card; 4.
  • the card issuer management platform obtains the feature information carried in the smart card primary security domain key update request, and determines whether it needs to be updated according to the feature information; In the case of YES, the card issuer management platform selects the primary security domain of the smart card through the service terminal.
  • step S202 the card issuer management platform and the smart card establish a secure channel as follows:
  • the card issuer management platform establishes a secure channel with the smart card according to a predetermined secure channel protocol, and while establishing a secure channel, the card issuer management platform and Smart card for identity authentication.
  • Step S204 the card issuer management platform and the smart card perform a key update operation on the selected primary security domain through the secure channel.
  • the specific processing of the card issuer management platform and the smart card performing the key update operation of the smart card primary security domain is as follows: 1.
  • the card issuer management platform encrypts the new primary security key by using the primary security domain key. And being encapsulated in a predetermined command; 2.
  • the card issuer management platform encapsulates the predetermined command as data and sends it to the smart card through the service terminal; 3. After receiving the predetermined command, the smart card decrypts and obtains a new primary security domain key, and executes The primary security domain key update operation, and sending a response message to the card issuer management platform through the service terminal; 4. The service terminal receives the key update completion command sent by the card issuer management platform, and ends the communication with the smart card.
  • FIG. 3 is a signaling flowchart of detailed processing of a key update method according to an embodiment of the present invention. The present invention is described based on the key update system architecture shown in FIG.
  • the card issuer management platform is responsible for the management of the key, which completes the update of the primary security domain key on the smart card through the service terminal. As shown in Figure 3, the following processing is included:
  • the service terminal sends a command to read the smart card feature information to the smart card, where the smart card feature information refers to information that can identify the smart card.
  • the smart card feature information can be an ICCID.
  • the smart card After receiving the smart card feature information command, the smart card encapsulates its own feature information in a response message for reading the smart card feature information command, and then sends the feature information to the service terminal.
  • the service terminal sends a smart card primary security domain key update request to the card issuer management platform, wherein the data format of the primary security domain key update request may be defined in the interface technical specification of the service terminal and the card issuer management platform, The data of the security domain key update request needs to include the ICCID of the smart card, so that the card issuer management platform can know the smart card that needs to update the primary security domain key. 4.
  • the card issuer management platform After receiving the primary security domain key update request, the card issuer management platform determines whether the smart card applying for the update key is the smart card issued by the smart card and whether the key needs to be updated; if it is determined that it is the primary security of the smart card issued by it The domain key, and determining that the smart card needs to be updated, select the primary security domain of the smart card, and the card issuer management platform encapsulates the SELECT command of the selected smart card primary security domain according to the command format specified in the Global Platform specification, in the SELECT The command fills the AID of the primary security domain, and then encapsulates the SELECT command as data. Sended to the service terminal, the service terminal strips out the SELECT command from the data sent by the card issuer management platform, and then sends it to the smart card.
  • the smart card selects the primary security domain according to the SELECT command. After executing the command, the smart card sends the SELECT response data to the service terminal, and the service terminal encapsulates the data and sends it to the card issuer management platform.
  • the card issuer management platform After receiving the SELECT response, the card issuer management platform establishes a secure communication channel with the smart card according to the provisions of Appendix E Secure Channel Protocol 02 of Global Platform V2.2. When establishing a secure communication channel, the card issuer management platform Two-way authentication with smart cards, the authentication method can be explicit authentication, but not limited to jt ⁇ . 7. After the security channel is established, the card issuer management platform encrypts the new primary security domain key by using the primary security domain key, encapsulates the PUT KEY command according to the PUT KEY command format specification, and then sends the PUT KEY command to the service. The terminal is then sent by the service terminal to the smart card.
  • the smart card After receiving the PUT KEY command, the smart card performs the primary security domain key update operation, decrypts the new primary security domain key, and updates the existing key on the card with the new key. After the key update is completed, the smart card sends a PUT KEY response (including the key version number, key check value, etc.) to the service terminal, which is then sent by the service terminal to the card issuer management platform.
  • a PUT KEY response including the key version number, key check value, etc.
  • the card issuer management platform After receiving the PUT KEY response, the card issuer management platform sends a key update completion command to the service terminal, and the service terminal ends the communication with the smart card.
  • a method for implementing smart card update by using a service terminal is provided, which solves the problem that the service terminal cannot use the service terminal for smart card update in the related art, and can implement the smart card master securely through the service terminal. Update of the security domain key.
  • a computer readable medium having stored thereon computer executable instructions for causing a computer or processor to perform, for example, when executed by a computer or processor The processing of step S202 and step S204 shown in Fig. 2, preferably, the method embodiment described above can be performed.
  • the implementation of the present invention does not modify the system architecture and the current processing flow, is easy to implement, facilitates promotion in the technical field, and has strong industrial applicability.
  • the above is only the preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes can be made to the present invention. Where in the spirit of the present invention Within the principles, any modifications, equivalent substitutions, improvements, etc., are intended to be included within the scope of the present invention.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Description

密钥更新方法和系统
技术领域 本发明涉及通信领域, 并且特别地, 涉及一种密钥更新方法和系统。 背景技术 在相关技术中 ,近场通信技术 ( Near Field Communication ,筒称为 NFC ) 是工作于 13.56MHz的一种近距离无线通信技术, 该技术由射频识别 (Radio Frequency Identification, 筒称为 RFID )技术及互连技术融合演变而来。 手机 等移动通信终端在集成 NFC技术后, 可以模拟非接触式 IC卡, 用于电子支 付的相关应用, 并且, 手机应用于电子支付领域, 会进一步扩大手机的使用 范围, 给人们的生活带来便捷, 存在着广阔的应用前景。 在相关技术中, 为实现基于 NFC技术的移动电子支付, 需要建立移动 终端电子支付系统, 并通过该系统实现对移动终端电子支付的管理, 其中, 移动终端电子支付系统包括: 智能卡的发行、 电子支付应用的下载、 安装和 个人化、 以及采用相关技术和管理策略实现电子支付的安全等。 主安全 i或 ( Issuer Security Domain , 筒称为 ISD ) , 又称为发行者安全 i或 , 是卡片发行商强制分配的主要安全域, 其可以用于代表当前卡片, 主安全域 包含用于支持安全通道协议运作以及卡内容管理的安全域密钥。 具体地, 安全域密钥包括主安全域密钥, 用于在安全信道的初始化和使 用过程中保证应用程序数据的完整性和机密性, 以及用于实现卡和卡外实体 的互认证。 每个安全域(包括主安全域)拥有至少一组密钥, 分别是安全信 道加密密钥 ( Secure Channel-Encryption, 筒称为 S-ENC )、 安全信道信息-险 证编码密胡 ( Secure Channel-Message Authentication Code, 筒称为 S-MAC ) 和数据力。密密钥( Data Encryption Key, 筒称为 DEK ), 在安全信道的初始化 和使用过程中, 用这些密钥生成相应的会话密钥以备使用。 当主安全域密钥即将过期、 泄漏或者经评估确认存在泄漏风险时, 卡片 发行商管理平台必须对主安全域密钥进行更新。 主安全域密钥更新方式包括 按计划更新和强制更新, 其中, 按计划更新是按照设置的主安全域的更新周 期, 在主安全域密钥即将过期之前, 对主安全域密钥进行更新; 强制更新是 在主安全域密钥出现泄露或者经过评估确认密钥存在泄漏风险的情况下, 对 主安全域密钥进行强制更新。 从上面的描述可以看出,对智能卡的主安全域密钥进行更新是确保智能 卡电子支付应用安全的一个重要手段, 但是, 目前, 对于智能卡的主安全域 密钥更新还没有提出具体的方案, 因此, 急需一种能够方便快速的对智能卡 主安全域密钥进行更新的技术方案。 发明内容 考虑到相关技术中尚未提出实现主安全域密钥更新的具体方案的问题 而提出本发明, 为此,本发明的主要目的在于提供一种密钥更新方法和系统, 以解决相关技术中存在的上述问题。 根据本发明的一个方面, 提供了一种密钥更新方法, 用于对移动终端的 智能卡进行主安全域密钥的更新。 才艮据本发明的密钥更新方法包括:卡片发行商管理平台接收业务终端以 预定数据格式发送的智能卡主安全域密钥更新请求 , 并通过业务终端选择智 能卡的主安全域, 与智能卡建立安全通道; 卡片发行商管理平台与智能卡通 过安全通道对选择的主安全域进行密钥更新操作。 此外 ,卡片发行商管理平台接收业务终端发送的智能卡主安全域密钥更 新请求之前, 上述方法进一步包括: 业务终端发送智能卡主安全域密钥更新 请求到卡片发行商管理平台, 其中, 智能卡主安全域密钥更新请求中携带有 智能卡的特征信息。 此外 ,业务终端发送智能卡主安全域密钥更新请求到卡片发行商管理平 台之前, 上述方法进一步包括: 业务终端向智能卡发送读取智能卡特征信息 命令; 响应于读取智能卡特征信息命令, 智能卡将其特征信息封装在读取智 能卡特征信息命令的响应消息中发送到业务终端。 此外, 卡片发行商管理平台接收到智能卡主安全域密钥更新请求后, 上 述方法进一步包括: 卡片发行商管理平台获取智能卡主安全域密钥更新请求 中携带的特征信息, 并根据特征信息判断是否需要更新; 在判断为是的情况 下, 卡片发行商管理平台通过业务终端选择智能卡的主安全域。 其中, 卡片发行商管理平台与智能卡建立安全通道的具体处理为: 卡片 发行商管理平台按照预定安全信道协议与智能卡建立安全通道, 并在建立安 全通道的同时, 卡片发行商管理平台与智能卡进行身份认证和会话密钥的协 商。 其中,卡片发行商管理平台与智能卡进行智能卡主安全域的密钥更新操 作的具体处理为: 卡片发行商管理平台采用主安全域密钥对新的主安全密钥 进行加密, 并封装在预定命令中; 卡片发行商管理平台将预定命令作为数据 进行封装, 并通过业务终端发送到智能卡; 智能卡接收到预定命令后, 解密 得到新的主安全域密钥, 执行主安全域密钥更新操作, 并通过业务终端向卡 片发行商管理平台发送响应消息; 业务终端接收卡片发行商管理平台发送的 密钥更新完成命令, 并结束与智能卡的通信。 才艮据本发明的另一方面, 提供了一种密钥更新系统。 根据本发明的密钥更新系统包括: 卡片发行商管理平台 , 用于接收业务 终端以预定数据格式发送的智能卡主安全域密钥更新请求 , 并通过业务终端 选择智能卡的主安全域, 在与智能卡建立安全通道后, 与智能卡通过安全通 道对选择的主安全域进行密钥更新操作; 业务终端, 用于发送智能卡主安全 域密钥更新请求到卡片发行商管理平台 , 并且在卡片发行商管理平台与智能 卡之间透明地传输数据, 其中, 智能卡主安全域密钥更新请求中携带有智能 卡的特征信息; 智能卡, 用于通过业务终端与卡片发行商管理平台通过安全 通道对选择的主安全域进行密钥更新操作。 此外 , 业务终端进一步用于向智能卡发送读取智能卡特征信息命令。 此外, 智能卡进一步用于响应于读取智能卡特征信息命令, 并将其特征 信息封装在读取智能卡特征信息命令的响应消息中发送到业务终端。 此外, 上述卡片发行商管理平台进一步包括: 获耳 莫块, 用于获取智能 卡主安全域密钥更新请求中的智能卡的特征信息; 判断模块, 用于根据智能 卡的特征信息判断是否需要更新; 选择模块, 用于在判断模块判断为是的情 况下, 通过业务终端选择智能卡的主安全域。 此外, 上述卡片发行商管理平台进一步包括: 建立模块, 用于按照预定 安全信道协议与智能卡建立安全通道; 认证模块 , 用于在建立安全通道的同 时, 与智能卡进行身份认证。 此外, 上述卡片发行商管理平台进一步包括: 加密模块, 用于采用主安 全域密钥对新的主安全密钥进行加密; 第一封装模块, 用于将加密后的新的 主安全密钥封装在预定命令中; 第二封装模块, 用于将预定命令作为数据进 行封装; 发送模块, 用于通过业务终端将预定命令发送到智能卡; 接收模块, 用于在接收到业务终端发送的响应消息后, 向业务终端发送密钥更新完成命 令。 借助于本发明的技术方案 ,提供了一种通过业务终端实现智能卡更新的 方法,解决了相关技术中尚未提供实现主安全域密钥更新的具体方案的问题 , 能够通过业务终端实现安全、 便利的智能卡主安全域密钥更新, 填补了相关 技术中的空白。 本发明的其它特征和优点将在随后的说明书中阐述, 并且, 部分地从说 明书中变得显而易见, 或者通过实施本发明而了解。 本发明的目的和其他优 点可通过在所写的说明书、 权利要求书、 以及附图中所特别指出的结构来实 现和获得。 附图说明 附图用来提供对本发明的进一步理解 , 并且构成说明书的一部分, 与本 发明的实施例一起用于解释本发明, 并不构成对本发明的限制。 在附图中: 图 1是才艮据本发明实施例的密钥更新系统的框图; 图 2是才艮据本发明实施例的密钥更新方法的流程图; 图 3是根据本发明实施例的密钥更新方法的详细处理的信令流程图。 具体实施方式 功能相克述 目前, 在相关技术中, 尚未提出使用业务终端实现智能卡主安全域密钥 更新的技术方案, 因此, 本发明提供了一种通过业务终端实现主安全域密钥 更新的方法, 包括: 卡片发行商管理平台接收业务终端以预定数据格式发送 的智能卡主安全域密钥更新请求 , 并通过业务终端选择智能卡的主安全域, 与智能卡建立安全通道; 卡片发行商管理平台与智能卡进行智能卡主安全域 的密钥更新操作, 以实现主安全域密钥的安全更新。 以下结合附图对本发明的优选实施例进行说明, 应当理解, 此处所描述 的优选实施例仅用于说明和解释本发明, 并不用于限定本发明。 系统实施例 根据本发明的实施例 , 提供了一种密钥更新系统, 图 1是根据本发明实 施例的密钥更新系统的才 ϋ图, 目前, 基于近场通信的移动终端电子支付系统 的框架要求满足由环球平台 (Global Platform, 筒称为 GP ) 组织制定的环球 平台卡规范 2.1.1或 2.2版本 ( Global Platform Card Specification V2.1.1或 V2.2 ), 如果该系统支持 GP2.1.1规范 , 则安全通道协议就需要支持基于对称 密钥 ( Security Channel Protocol 02 , 筒称为 SCP02 ); 如果该系统支持 GP2.2 规范, 安全通道协议需要支持 SCP02 和基于非对称密钥 (Security Channel Protocol 10 , 筒称为 SCP10 ), 并且, 应允许卡片发行商、 应用提供商才艮据安 全策略的需求对使用的密钥进行选择。 移动终端电子支付系统主要由卡片发行商管理平台、应用提供商管理平 台和移动终端组成, 系统中可以存在多个应用提供商管理平台。 移动终端中具备支持电子支付的智能卡,为了实现智能卡的安全性管理 和支付应用的下载、 安装等, 智能卡需要和卡发行商管理平台以及应用提供 商管理平台建立通信, 智能卡可以通过移动终端使用移动通信网络或者通过 管理平台的业务终端与管理平台之间建立通信。 基于近场通信技术的移动终端电子支付系统支持多电子支付应用, 即, 在智能卡上可以安装多个电子支付应用。 为了实现支付应用的安全, 智能卡 采用 Global Platform Card Specification V2.1 V2.2规范, 智能卡被分隔为若干 个独立的安全域, 以保证多个应用相互之间的隔离以及独立性, 各个应用提 供商管理各自的安全 i或以及应用、 应用数据等。 下面, 基于上述的系统构架, 对通过业务终端实现的密钥更新的系统进 行详细的说明, 需要说明的是, 本发明的密钥更新系统为上述基于近场通信 的移动终端电子支付系统的一部分。 根据本发明的实施例 , 提供了一种密钥更新系统, 图 1是根据本发明实 施例的密钥更新系统的才 ϋ图, 如图 1所示, 包括片发行商管理平台 10、 业务 终端 12和智能卡 14 (位于移动终端), 下面对上述密钥更新系统进行详细的 说明。 卡片发行商管理平台 10 , 负责卡的发行和管理, 对卡的资源和生命周 期、 密钥、 证书及应用等进行管理。 用于接收业务终端 12 以预定数据格式 发送的智能卡 14主安全域密钥更新请求 ,并通过业务终端 12选择智能卡 14 的主安全域, 在与智能卡 14建立安全通道后, 与智能卡 14通过安全通道对 选择的主安全域进行密钥更新操作。 业务终端 12 , 卡片发行商可以通过营业网点的业务终端 12向用户提供 智能卡 14 的有关^^务, 例如, 密钥更新、 电子支付应用的下载和更新等, jt匕外, 卡片发行商的业务终端 12 可以通过业务终端管理系统连接到卡片发 行商管理平台 10 , 业务终端 12配置有智能卡读写设备, 通过智能卡读写设 备和智能卡 14 进行通信, 智能卡读写设备可以是非接触式读写器或者接触 式智能卡读写器, 采用非接触式读写器时, 智能卡 14 放置在移动终端, 业 务终端 12采用近场通信协议通过移动终端和智能卡 14进行通信; 采用接触 式智能卡读写器时 , 业务终端 12通过智能卡读写器直接和智能卡 14进行通 信。 在本发明中 , 业务终端 12首先需要发送智能卡 14主安全域密钥更新请 求到卡片发行商管理平台 10 , 并且在卡片发行商管理平台 10与智能卡 14之 间透明地传输数据, 其中, 智能卡 14 主安全域密钥更新请求中携带有智能 卡 14的特征信息。 智能卡 14 , 用于通过业务终端 12与卡片发行商管理平台 10通过安全 通道对选择的主安全域进行密钥更新操作。 需要说明的是, 上述智能卡是指 符合 Global Platform Card Specification V2.1. 2.2规范的 IC芯片或智能卡, 从物理形式上可以为 (U)SIM卡、可插拔的智能存储卡或者集成在移动终端上 的 IC芯片。 此外, 当需要更新主安全域密钥时, 业务终端 12进一步用于向智能卡
14发送读取智能卡特征信息命令; 智能卡 14响应于读取智能卡特征信息命 令, 并将其特征信息封装在读取智能卡特征信息命令的响应消息中发送到业 务终端 12。 业务终端 12首先读取智能卡 14的特征信息,智能卡特征信息指可以识 别智能卡 14 的信息, 可以是集成电路卡片标识码 (Integrated Circuit Card Identity, 筒称为 ICCID) , 但不限于此, 本发明对此不做限定; 然后业务终端 12把该信息包含在密钥更新请求中一起发送给卡片发行商管理平台 10。 此外, 上述卡片发行商管理平台 10进一步包括: 获取模块, 用于获取智能卡 14 主安全域密钥更新请求中的智能卡 14 的特征信息; 判断模块 , 用于根据智能卡 14的特征信息判断是否需要更新; 选择模块, 用于在判断模块判断为是的情况下, 通过业务终端 12选择 智能卡 14的主安全域; 建立模块, 用于按照预定安全信道协议与智能卡 14建立安全通道; 需 要说明的是, 通过业务终端 12进行智能卡 14的主安全域密钥更新时, 为了 实现智能卡 14和卡片发行商管理平台 10之间通信的安全, 它们之间可按照 规定建立安全信道; 认证模块 , 用于在建立安全通道的同时, 与智能卡 14进行身份认证及 通信加密的†办商。 从另一方面说, 业务终端 12不掌握与智能卡 14通信的密钥, 发送给智 能卡 14的命令由卡片发行商管理平台 10封装, 并按照业务终端 12和卡片 发行商管理平台 10之间的通信协议将命令作为数据发送给业务终端 12, 业 务终端 12将接收到的数据透明地传输给智能卡 14, 业务终端 12无法解析命 令中的加密信息; 智能卡 14发送给卡片发行商管理平台 10的响应信息, 由 业务终端 12作为数据透明地传输给卡片发行商管理平台 10, 业务终端 12无 法解析响应中的加密信息。 加密模块 , 用于采用主安全域密钥对新的主安全密钥进行加密; 第一封装模块, 用于将加密后的新的主安全密钥封装在预定命令(PUT KEY命令) 中; 第二封装模块, 用于将预定命令作为数据进行封装; 发送模块, 用于通过业务终端 12将预定命令发送到智能卡; 智能卡 14使用新的主安全域密钥更新卡上已有的密钥, 完成主安全域 密钥的更新, 在完成更新后, 通过业务终端 12向卡片发行商管理平台 10发 送响应消息。 接收模块, 用于在接收到业务终端 12发送的响应消息后, 向业务终端 12发送密钥更新完成命令。 通过上述的处理,能够安全地通过业务终端实现智能卡主安全域密钥的 更新。 方法实施例 根据本发明的实施例, 提供了一种密钥更新方法, 用于对移动终端的智 能卡进行主安全域密钥的更新。 图 2是才艮据本发明实施例的密钥更新方法的 流程图, 如图 2所示, 包括以下处理: 步骤 S202, 卡片发行商管理平台接收业务终端以预定数据格式发送的 智能卡主安全域密钥更新请求 , 并通过业务终端选择智能卡的主安全域 , 与 智能卡建立安全通道。 在进行步骤 S202的处理之前, 当主安全域密钥即将过期、 泄漏或者经 评估确认存在泄漏风险时, 卡片发行商管理平台必须对主安全域密钥进行更 新, 此时, 卡片发行商管理平台会使用电话或短信的方式通知用户携带卡片 去其营业网点通过业务终端进行密钥更新。 在用户接到通知并携带智能卡去 其营业网点后 , 通过业务终端进行智能卡主安全域密钥更新具体包括以下处 理: 1、 业务终端向智能卡发送读取智能卡特征信息命令; 2、 响应于读取智 能卡特征信息命令, 智能卡将其特征信息封装在读取智能卡特征信息命令的 响应消息中发送到业务终端; 3、 业务终端发送智能卡主安全域密钥更新请 求到卡片发行商管理平台, 其中, 智能卡主安全域密钥更新请求中携带有智 能卡的特征信息; 4、 卡片发行商管理平台获取智能卡主安全域密钥更新请 求中携带的特征信息, 并根据特征信息判断是否需要更新; 5、 在判断为是 的情况下 , 卡片发行商管理平台通过业务终端选择智能卡的主安全域。 在步骤 S202中, 卡片发行商管理平台与智能卡建立安全通道的具体处 理为: 卡片发行商管理平台按照预定安全信道协议与智能卡建立安全通道, 并在建立安全通道的同时, 卡片发行商管理平台与智能卡进行身份认证。 步骤 S204, 卡片发行商管理平台与智能卡通过安全通道对选择的主安 全域进行密钥更新操作。 在步骤 S204中 , 卡片发行商管理平台与智能卡进行智能卡主安全域的 密钥更新操作的具体处理为: 1、 卡片发行商管理平台采用主安全域密钥对 新的主安全密钥进行加密, 并封装在预定命令中; 2、 卡片发行商管理平台 将预定命令作为数据进行封装, 并通过业务终端发送到智能卡; 3、 智能卡 接收到预定命令后, 解密得到新的主安全域密钥, 执行主安全域密钥更新操 作, 并通过业务终端向卡片发行商管理平台发送响应消息; 4、 业务终端接 收卡片发行商管理平台发送的密钥更新完成命令, 并结束与智能卡的通信。 下面, 结合实例, 对本发明的上述技术方案进行详细的说明, 如图 3 所示 , 图 3是才艮据本发明实施例的密钥更新方法的详细处理的信令流程图 , 需要说明的是, 本发明基于图 1所示的密钥更新系统架构为例进行描述, 但 不限于图 1所示的密钥更新系统的架构。 在图 1的构架中, 卡片发行商管理 平台负责密钥的管理,它通过业务终端完成对智能卡上主安全域密钥的更新。 口图 3所示, 包括以下处理:
1、 业务终端向智能卡发送读取智能卡特征信息命令 , 其中智能卡特征 信息指可以识别智能卡的信息, 优选地, 该智能卡特征信息可以为 ICCID。
2、 智能卡接收到读取智能卡特征信息命令后, 将自己的特征信息封装 在读取智能卡特征信息命令的响应消息中 , 然后发送到业务终端。 3、业务终端发送智能卡主安全域密钥更新请求到卡片发行商管理平台, 其中, 主安全域密钥更新请求的数据格式可以在业务终端和卡片发行商管理 平台的接口技术规范中定义, 主安全域密钥更新请求的数据中需要包括智能 卡的 ICCID, 以使卡片发行商管理平台可以得知需要更新主安全域密钥的智 能卡。 4、 卡片发行商管理平台收到主安全域密钥更新请求后, 判断申请更新 密钥的智能卡是否是它所发行的智能卡、 以及密钥是否需要更新; 如果判断 是它发行的智能卡的主安全域密钥 , 并且判断该智能卡需要更新的情况下 , 选择智能卡的主安全域 , 卡片发行商管理平台按照 Global Platform规范中的 命令格式规定对选择的智能卡主安全域的 SELECT 命令进行封装, 在 SELECT命令中填充主安全域的 AID, 然后将封装的 SELECT命令作为数据 发送到业务终端, 业务终端从卡片发行商管理平台发送来的数据中剥离出 SELECT命令 , 然后发送给智能卡。
5、 智能卡按照 SELECT命令选择主安全域, 在执行命令后, 智能卡发 送 SELECT响应数据给业务终端, 业务终端将该数据进行封装, 然后发送给 卡片发行商管理平台。
6、卡片发行商管理平台收到 SELECT响应后,按照 Global Platform V2.2 中附录 E Secure Channel Protocol 02的规定建立与智能卡之间的安全通信信 道, 在建立安全通信信道时, 卡片发行商管理平台和智能卡进行双向认证, 认证方式可采用显式认证, 但不限于 jt匕。 7、 安全信道建立完成后, 卡片发行商管理平台采用主安全域密钥对新 的主安全域密钥进行加密,按照 PUT KEY的命令格式规范封装 PUT KEY命 令, 然后将 PUT KEY命令发送给业务终端 , 再由业务终端发送给智能卡。
8、 智能卡收到 PUT KEY命令后, 执行主安全域密钥更新操作, 解密 得到新的主安全域密钥, 用新密钥更新卡上已存在的密钥。 密钥更新完成后, 智能卡发送 PUT KEY响应 (包括密钥版本号、 密钥校验值等)给业务终端 , 再由业务终端发送给卡片发行商管理平台。
9、 卡片发行商管理平台收到 PUT KEY响应后, 将密钥更新完成命令 发送给业务终端, 业务终端结束与智能卡的通信。 综上所述, 借助于本发明的技术方案, 提供了一种通过业务终端实现智 能卡更新的方法, 解决了相关技术中不能使用业务终端进行智能卡更新的问 题 , 能够安全地通过业务终端实现智能卡主安全域密钥的更新。 才艮据本发明实施例, 还提供了一种计算机可读介质, 该计算机可读介质 上存储有计算机可执行的指令, 当该指令被计算机或处理器执行时, 使得计 算机或处理器执行如图 2所示的步骤 S202和步骤 S204的处理, 优选地, 可 以执行上述的方法实施例。 另外 ,本发明的实现没有对系统架构和目前的处理流程修改,易于实现 , 便于在技术领域中进行推广, 具有较强的工业适用性。 以上所述仅为本发明的优选实施例而已, 并不用于限制本发明, 对于本 领域的技术人员来说, 本发明可以有各种更改和变化。 凡在本发明的精神和 原则之内, 所作的任何修改、 等同替换、 改进等, 均应包含在本发明的保护 范围之内。

Claims

权 利 要 求 书
1. 一种密钥更新方法 ,用于对移动终端的智能卡进行主安全域密钥的更新 , 其特征在于, 所述方法包括:
所述卡片发行商管理平台接收所述业务终端以预定数据格式发送 的智能卡主安全域密钥更新请求 , 并通过所述业务终端选择所述智能卡 的主安全域, 与所述智能卡建立安全通道;
所述卡片发行商管理平台与所述智能卡通过所述安全通道对选择 的所述主安全域进行密钥更新操作。
2. 根据权利要求 1所述的方法, 其特征在于, 所述卡片发行商管理平台接 收所述业务终端发送的智能卡主安全域密钥更新请求之前 , 所述方法进 一步包括:
所述业务终端发送所述智能卡主安全域密钥更新请求到所述卡片 发行商管理平台, 其中, 所述智能卡主安全域密钥更新请求中携带有所 述智能卡的特征信息。
3. 根据权利要求 2所述的方法, 其特征在于, 所述业务终端发送所述智能 卡主安全域密钥更新请求到卡片发行商管理平台之前 , 进一步包括: 所述业务终端向所述智能卡发送读取智能卡特征信息命令; 响应于所述读取智能卡特征信息命令 ,所述智能卡将其特征信息封 装在所述读取智能卡特征信息命令的响应消息中发送到所述业务终端。
4. 根据权利要求 3所述的方法, 其特征在于, 所述卡片发行商管理平台接 收到所述智能卡主安全域密钥更新请求后 , 所述方法进一步包括:
所述卡片发行商管理平台获取所述智能卡主安全域密钥更新请求 中携带的所述特征信息 , 并根据所述特征信息判断是否需要更新;
在判断为是的情况下,所述卡片发行商管理平台通过所述业务终端 选择所述智能卡的所述主安全域。
5. 才艮据权利要求 1所述的方法, 其特征在于, 所述卡片发行商管理平台与 所述智能卡建立安全通道的具体处理为:
所述卡片发行商管理平台按照预定安全信道协议与所述智能卡建 立所述安全通道, 并在建立所述安全通道的同时, 所述卡片发行商管理 平台与所述智能卡进行身份认证和会话密钥的协商。
6. 才艮据权利要求 1所述的方法, 其特征在于, 所述卡片发行商管理平台与 所述智能卡进行所述智能卡主安全域的密钥更新操作的具体处理为: 所述卡片发行商管理平台采用主安全域密钥对新的主安全密钥进 行加密, 并封装在预定命令中;
所述卡片发行商管理平台将所述预定命令作为数据进行封装,并通 过所述业务终端发送到所述智能卡;
所述智能卡接收到所述预定命令后 ,解密得到所述新的主安全域密 钥, 执行主安全域密钥更新操作, 并通过所述业务终端向所述卡片发行 商管理平台发送响应消息;
所述业务终端接收所述卡片发行商管理平台发送的密钥更新完成 命令, 并结束与所述智能卡的通信。
7. 一种密钥更新系统, 其特征在于, 包括:
卡片发行商管理平台 ,用于接收业务终端以预定数据格式发送的智 能卡主安全域密钥更新请求, 并通过所述业务终端选择智能卡的主安全 域, 在与所述智能卡建立安全通道后, 与所述智能卡通过所述安全通道 对选择的所述主安全域进行密钥更新操作;
所述业务终端 ,用于发送所述智能卡主安全域密钥更新请求到卡片 发行商管理平台, 并且在所述卡片发行商管理平台与所述智能卡之间透 明地传输数据, 其中, 所述智能卡主安全域密钥更新请求中携带有所述 智能卡的特征信息;
所述智能卡,用于通过所述业务终端与所述卡片发行商管理平台通 过所述安全通道对选择的所述主安全域进行密钥更新操作。
8. 根据权利要求 7所述的系统, 其特征在于, 所述业务终端进一步用于向 所述智能卡发送读取智能卡特征信息命令。
9. 根据权利要求 8所述的系统, 其特征在于, 所述智能卡进一步用于响应 于所述读取智能卡特征信息命令 , 并将其特征信息封装在所述读取智能 卡特征信息命令的响应消息中发送到所述业务终端。
10. 才艮据权利要求 9所述的系统, 其特征在于, 所述卡片发行商管理平台进 一步包括:
获取模块 ,用于获取所述智能卡主安全域密钥更新请求中的所述智 能卡的特征信息;
判断模块, 用于根据所述智能卡的特征信息判断是否需要更新; 选择模块, 用于在所述判断模块判断为是的情况下, 通过所述业务 终端选择所述智能卡的主安全域。
11. 才艮据权利要求 10所述的系统, 其特征在于, 所述卡片发行商管理平台进 一步包括:
建立模块 ,用于按照预定安全信道协议与所述智能卡建立所述安全 通道;
认证模块, 用于在建立所述安全通道的同时, 与所述智能卡进行身 份认证。
12. 才艮据权利要求 11所述的系统, 其特征在于, 所述卡片发行商管理平台进 一步包括:
加密模块, 用于采用主安全域密钥对新的主安全密钥进行加密; 第一封装模块,用于将加密后的所述新的主安全密钥封装在预定命 令中;
第二封装模块, 用于将所述预定命令作为数据进行封装; 发送模块,用于通过所述业务终端将所述预定命令发送到所述智能 卡;
接收模块 , 用于在接收到所述业务终端发送的响应消息后, 向所述 业务终端发送密钥更新完成命令。
PCT/CN2009/073399 2008-10-21 2009-08-21 密钥更新方法和系统 WO2010045821A1 (zh)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN2008101694917A CN101729243B (zh) 2008-10-21 2008-10-21 密钥更新方法和系统
CN200810169491.7 2008-10-21

Publications (1)

Publication Number Publication Date
WO2010045821A1 true WO2010045821A1 (zh) 2010-04-29

Family

ID=42118936

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2009/073399 WO2010045821A1 (zh) 2008-10-21 2009-08-21 密钥更新方法和系统

Country Status (2)

Country Link
CN (1) CN101729243B (zh)
WO (1) WO2010045821A1 (zh)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2015506605A (ja) * 2011-12-20 2015-03-02 アップル インコーポレイテッド グローバルプラットフォーム仕様を使用した発行元セキュリティドメインの鍵管理のためのシステム及び方法
TWI558152B (zh) * 2014-07-18 2016-11-11 Hao-Xi Zhuang Key replacement method and computer program products

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20120124378A1 (en) * 2010-11-12 2012-05-17 Xac Automation Corp. Method for personal identity authentication utilizing a personal cryptographic device
CN103079198B (zh) * 2011-10-26 2018-08-03 中兴通讯股份有限公司 传感器节点的密钥更新方法和系统
CN103684755B (zh) * 2013-12-06 2017-04-05 上海新储集成电路有限公司 一种加解密算法和加解密钥的更换方法
CN106685931B (zh) * 2016-12-07 2020-01-14 深圳市久和久科技有限公司 智能卡应用管理方法和系统、终端和智能卡
CN110113153B (zh) * 2019-04-23 2022-05-13 深圳数字电视国家工程实验室股份有限公司 一种nfc密钥更新方法、终端及系统

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1304101A (zh) * 2000-01-07 2001-07-18 索尼公司 信息处理系统、便携电子装置及其存取装置和存储空间
US20080049940A1 (en) * 1998-07-02 2008-02-28 Kocher Paul C Payment smart cards with hierarchical session key derivation providing security against differential power analysis and other attacks
CN101164086A (zh) * 2005-03-07 2008-04-16 诺基亚公司 能够使用无线网络实现信用卡个人化的方法、系统和移动设备
CN101179377A (zh) * 2006-11-09 2008-05-14 中兴通讯股份有限公司 一种多媒体广播业务中的密钥下发和更新系统
CN101257358A (zh) * 2008-04-17 2008-09-03 中兴通讯股份有限公司 一种用户密钥的更新方法及系统

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080049940A1 (en) * 1998-07-02 2008-02-28 Kocher Paul C Payment smart cards with hierarchical session key derivation providing security against differential power analysis and other attacks
CN1304101A (zh) * 2000-01-07 2001-07-18 索尼公司 信息处理系统、便携电子装置及其存取装置和存储空间
CN101164086A (zh) * 2005-03-07 2008-04-16 诺基亚公司 能够使用无线网络实现信用卡个人化的方法、系统和移动设备
CN101179377A (zh) * 2006-11-09 2008-05-14 中兴通讯股份有限公司 一种多媒体广播业务中的密钥下发和更新系统
CN101257358A (zh) * 2008-04-17 2008-09-03 中兴通讯股份有限公司 一种用户密钥的更新方法及系统

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2015506605A (ja) * 2011-12-20 2015-03-02 アップル インコーポレイテッド グローバルプラットフォーム仕様を使用した発行元セキュリティドメインの鍵管理のためのシステム及び方法
US9185089B2 (en) 2011-12-20 2015-11-10 Apple Inc. System and method for key management for issuer security domain using global platform specifications
US9590963B2 (en) 2011-12-20 2017-03-07 Apple Inc. System and method for key management for issuer security domain using global platform specifications
TWI558152B (zh) * 2014-07-18 2016-11-11 Hao-Xi Zhuang Key replacement method and computer program products

Also Published As

Publication number Publication date
CN101729243B (zh) 2011-12-07
CN101729243A (zh) 2010-06-09

Similar Documents

Publication Publication Date Title
CN111052777B (zh) 支持无线通信系统中设备间简档转移的方法和装置
JP5508428B2 (ja) 鍵の配布方法及びシステム
US8781131B2 (en) Key distribution method and system
US20110280406A1 (en) Key distribution method and system
EP2671398B1 (en) Subscriber identity module provisioning
KR101514754B1 (ko) non-UICC SE를 구비한 이동통신 단말기에 중요 정보를 OTA 프로비저닝 하는 시스템 및 방법
US20120311109A1 (en) System and method for installing smart card applet
KR20160124648A (ko) 프로파일 다운로드 및 설치 장치
WO2010045821A1 (zh) 密钥更新方法和系统
WO2010045823A1 (zh) 密钥更新方法和系统
WO2010096991A1 (zh) 一种应用下载的系统和方法
EP3769551B1 (en) Method and apparatus for negotiating euicc version
CN104660567A (zh) D2d终端接入认证方法、d2d终端及服务器
US10097553B2 (en) Installation of a secure-element-related service application in a secure element in a communication device, system and telecommunications
CN116097636A (zh) 用于设备之间的链接或配置文件传输的装置和方法
CN104461616A (zh) 一种芯片卡软件的更新方法和系统
CN115997398A (zh) 用于在设备改变期间移动具有不同版本的简档的方法和设备
WO2010045777A1 (zh) 电子支付系统、更新智能卡对应的移动用户号码的方法
WO2010045825A1 (zh) 密钥分发方法和系统
CN114760195B (zh) 一种网络接入点配置方法、装置、系统、设备及介质
US20220278985A1 (en) Method and device for transferring bundle between devices
KR101445001B1 (ko) Nfc를 이용한 종단간 보안 결제 제공 방법 및 시스템
KR101904458B1 (ko) 자원 할당을 이용한 일회용코드 운영 방법
CN114731505A (zh) 用于在装置之间的包传输后设置包的状态的方法和设备
KR20150066654A (ko) 칩모듈을 이용한 다중 채널 인증 방법

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09821542

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 09821542

Country of ref document: EP

Kind code of ref document: A1