WO2022188033A1 - Data uploading method, data downloading method and related device - Google Patents

Data uploading method, data downloading method and related device Download PDF

Info

Publication number
WO2022188033A1
WO2022188033A1 PCT/CN2021/079784 CN2021079784W WO2022188033A1 WO 2022188033 A1 WO2022188033 A1 WO 2022188033A1 CN 2021079784 W CN2021079784 W CN 2021079784W WO 2022188033 A1 WO2022188033 A1 WO 2022188033A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
key
server
access control
ciphertext
Prior art date
Application number
PCT/CN2021/079784
Other languages
French (fr)
Chinese (zh)
Inventor
杨世昭
王雪平
孙金龙
Original Assignee
深圳市汇顶科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市汇顶科技股份有限公司 filed Critical 深圳市汇顶科技股份有限公司
Priority to PCT/CN2021/079784 priority Critical patent/WO2022188033A1/en
Priority to CN202180004124.5A priority patent/CN114026820A/en
Publication of WO2022188033A1 publication Critical patent/WO2022188033A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements

Definitions

  • the embodiments of the present application relate to the technical field of information security, and in particular, to a method for uploading data, a method for downloading data, and related equipment.
  • the access card information can be used to open the access control, which may cause property damage and personal safety hazards of the enterprise, which is extremely dangerous.
  • the embodiments of the present application provide a method for uploading data, a method for downloading data, and related equipment, so as to realize safe migration of access control card data.
  • the embodiments of the present application provide a data uploading method, which is applied to an electronic device, including: acquiring access control data to be uploaded; and sending a PIN to a server in response to a user's input, wherein the PIN is used to verify the user's Whether the identity is legal; receive the first confirmation information sent by the server, and create a random factor S, the first confirmation information is used to confirm whether the user identity verification is successful; determine the first key based on the PIN and the random factor S K, encrypting the access control data to be uploaded based on the first key K to obtain a first data ciphertext; uploading the first data ciphertext and the random factor S to the server.
  • the secure uploading of the access control card data is realized.
  • a possible implementation manner is that, before the acquiring the access control data to be uploaded, the method further includes:
  • a possible implementation manner is that the electronic device includes a signature public key, the server includes a signature private key and a second private key, and further includes:
  • the signed first certificate is obtained after the server signs the first certificate with the signing private key, the first certificate is issued by the server, and the first certificate includes the first public key;
  • the signature public key to perform identity verification on the signed second certificate, and if the identity verification is passed, obtain a second public key in the second certificate, wherein the second public key is the same as the first public key.
  • the second private key is a pair of asymmetric public and private keys;
  • a secure channel is established with the server, and the second key EK is determined as the session key of the secure channel.
  • encrypting the access control data to be uploaded based on the first key K, and obtaining the first data ciphertext includes:
  • the second data ciphertext is encrypted by using the second key EK to obtain the first data ciphertext.
  • encrypting the access control data to be uploaded based on the first key K, and obtaining the first data ciphertext includes:
  • the access control data to be uploaded is encrypted based on the first key K and the initial vector to obtain a first data ciphertext.
  • an embodiment of the present application provides a data download method, the method includes: sending a data acquisition request to a server, where the data acquisition request is used to acquire a first data ciphertext; encapsulating a data packet and a random factor S, wherein the encapsulating data packet includes the first data ciphertext; obtaining a PIN, and determining a first key K based on the PIN and the random factor S; based on the first ciphertext
  • the key K decrypts the encapsulated data packet to obtain the plaintext of the access control data.
  • a possible implementation manner is that the data acquisition request includes a PIN, and the PIN is used to verify whether the user's identity is legal.
  • the receiving the encapsulated data packet sent by the server includes:
  • the encrypted encapsulated data packet is decrypted using the second key EK to obtain an encapsulated data packet.
  • the encapsulated data packet further includes executable instructions, and the encapsulated data packet is decrypted based on the first key K to obtain access control data
  • the plaintext includes:
  • an embodiment of the present application provides a chip to implement the aforementioned data uploading method, which is applied to an electronic device, and the chip includes:
  • the acquisition module is used to acquire the access control data to be uploaded
  • a sending module configured to send a PIN to the server in response to the user's input, wherein the PIN is used to verify whether the user's identity is legal;
  • a receiving module configured to receive the first confirmation information sent by the server, create a random factor S, and the first confirmation information is used to confirm whether the verification of the user identity is successful;
  • an encryption module configured to determine a first key K based on the PIN and the random factor S, and encrypt the access control data to be uploaded based on the first key K to obtain a first data ciphertext;
  • An uploading module configured to upload the first data ciphertext and the random factor S to the server.
  • the chip further includes:
  • a registration module configured to send a user registration request to the server, wherein the user registration request is used to register a user identity on the server, and the user registration request includes the PIN; Confirmation information, wherein the second confirmation information is used to confirm whether the registration of the user is successful.
  • the electronic device includes a signature public key
  • the server includes a signature private key and a second private key
  • the chip further includes:
  • a certificate obtaining module configured to obtain a signed first certificate, wherein the signed first certificate is obtained after the server signs the first certificate with the signing private key, and the first certificate is issued by the server, the first certificate includes a first public key;
  • a channel establishment module configured to create a random number RA, and send a secure channel establishment request to the server, wherein the secure channel establishment request includes the random number RA and the signed first certificate;
  • the signature public key to perform identity verification on the signed second certificate, and if the identity verification is passed, obtain a second public key in the second certificate, wherein the second public key is the same as the first public key.
  • the second private key is a pair of asymmetric public and private keys;
  • a secure channel is established with the server, and the second key EK is determined as the session key of the secure channel.
  • the encryption module is further configured to encrypt the access control data to be uploaded based on the first key K to obtain a second data ciphertext; use the second key EK to pair The second data ciphertext is encrypted to obtain the first data ciphertext.
  • the encryption module is further configured to calculate a digest value based on the random factor S, and determine an initial vector based on the digest value;
  • the access control data to be uploaded is encrypted to obtain the first data ciphertext.
  • the present application further provides a chip to implement the aforementioned data downloading method, which is applied to an electronic device, and the chip includes:
  • a request module configured to send a data acquisition request to the server, wherein the data acquisition request is used to acquire the first data ciphertext
  • a download module configured to receive an encapsulated data packet and a random factor S sent by the server, wherein the encapsulated data packet includes the first data ciphertext;
  • an acquisition module configured to acquire a PIN, and determine a first key K based on the PIN and the random factor S;
  • a decryption module configured to decrypt the encapsulated data packet based on the first key K to obtain access control data plaintext.
  • the data acquisition request includes a PIN
  • the PIN is used to verify whether the user's identity is legal.
  • the download module is further configured to obtain a second key EK; receive an encrypted packaged data packet sent by the server; Decrypt to get the encapsulated data packet.
  • the encapsulated data packet further includes executable instructions
  • the decryption module is further configured to obtain the first data ciphertext in the encapsulated data packet, based on the first key K pair Decrypt the first data ciphertext to obtain access control data plaintext; obtain executable instructions in the encapsulated data packet, and perform a write operation on the access control data plaintext based on the executable instructions.
  • an embodiment of the present application provides an electronic device, including: a memory, a processor, and a computer program stored on the memory and executable on the processor, when the processor executes the computer program, the electronic device A method as described in the first aspect or the second aspect is performed.
  • embodiments of the present application provide a computer-readable storage medium, where a computer program is stored in the computer-readable storage medium, and when it runs on a computer, causes the computer to execute as described in the first aspect or the second aspect Methods.
  • an embodiment of the present application provides a computer program, which is used to execute the method described in the first aspect or the second aspect when the computer program is executed by a computer.
  • the program in the seventh aspect may be stored in whole or in part on a storage medium packaged with the processor, or may be stored in part or in part in a memory not packaged with the processor.
  • Fig. 1 is the schematic diagram of symmetric encryption technology
  • Fig. 2 is the schematic diagram of asymmetric encryption technology
  • FIG. 3 is a schematic diagram of an application scenario architecture provided by an embodiment of the present application.
  • FIG. 4 is a schematic flowchart of a data uploading method and a data downloading method provided by an embodiment of the present application
  • FIG. 5 is an encryption flowchart provided by an embodiment of the present application.
  • FIG. 6 is a flowchart for establishing a secure channel provided by an embodiment of the present application.
  • FIG. 7 is a decryption flowchart provided by the embodiment of the present application.
  • FIG. 10 is a schematic structural diagram of an electronic device provided by an embodiment of the present application.
  • the data transmission parties do not want the transmitted data to be acquired by a third party, and it is convenient to use encryption technology to encrypt the data.
  • the data to be transmitted is called the original text
  • the cipher text can be obtained by encrypting the original text
  • the cipher text is usually in the form of garbled characters. If the ciphertext is transmitted on an open channel, even if a third party intercepts the information, only the ciphertext can be obtained, but the original text cannot be obtained.
  • the sender uses encryption technology to encrypt the original text and sends the ciphertext to the receiver.
  • the receiver needs to decrypt the ciphertext to restore the ciphertext to the original text, thereby realizing encrypted transmission of data from the sender to the receiver.
  • Encryption technology includes two important factors: encryption algorithm and key.
  • the encryption algorithm calculates the original text and the key to obtain the ciphertext.
  • encryption technology can be divided into two categories, one is symmetric encryption technology, and the other is asymmetric encryption technology.
  • FIG. 1 is a schematic diagram of symmetric encryption technology.
  • the same key is used for data encryption and decryption, that is, the sender uses the same key when encrypting and the receiver uses the same key when decrypting.
  • the intercepted ciphertext can be decrypted using the key, and the encryption technology is broken. Therefore, in symmetric encryption technology, the key can only be known by the sender and receiver, and different senders and receivers will use different keys during data transmission.
  • FIG. 2 is a schematic diagram of asymmetric encryption technology.
  • asymmetric encryption technology data encryption and decryption are completed using a set of key pairs, and a set of keys includes a public key and a private key.
  • the public key is disclosed to the public by the receiver, and the sender uses the public key disclosed by the receiver to encrypt the original text when transmitting data with the receiver.
  • the receiver After receiving the ciphertext, the receiver decrypts the ciphertext using the private key corresponding to the public key.
  • data transmission with multiple senders can be encrypted using a set of key pairs.
  • the public key and the private key form a set of key pairs, the public key and the private key are different, and the corresponding private key cannot be determined based on the public key.
  • the public key is used for encryption, and the corresponding private key can be used for decryption. If the private key is used for encryption, the corresponding public key can also be used for decryption. That is to say, in a set of key pairs, the distinction between the public key and the private key lies not in whether they are used for encryption or decryption, but in whether they are open to the public. is called the private key.
  • the embodiments of the present application propose a method for uploading data and a method for downloading data. After encrypting the access control card data to be migrated through a mobile phone, the data is sent to a server, and the access control card data is encrypted in another mobile phone. The data is downloaded, thereby completing the migration of the access control card data, which can ensure the safe transmission of the access control card data.
  • FIG. 3 is an application scenario diagram of an embodiment of the present application.
  • the access control card 30 contains access control card data
  • the access control card 30 may be a physical card (eg, an IC card or a chip card, etc.).
  • the first device 311 and the first device 312 may be mobile terminals (eg, cell phones).
  • the second device 32 may be a server.
  • the first device 311 can read the access control card data from the access control card 30, encrypt the access control card data and upload it to the second device 32, and the first device 312 can download the encrypted access control card data from the second device 32, and upload the encrypted access control card data to the second device 32.
  • the encrypted access control card data is decrypted to obtain the access control card data, thereby completing the secure migration of the access control card data.
  • the mobile terminal may also be referred to as terminal equipment, user equipment (User Equipment, UE), access terminal, subscriber unit, subscriber station, mobile station, mobile station, remote station, remote terminal, mobile device, user terminal, wireless communication device, user agent, or user device.
  • the mobile terminal may be a cellular telephone, a cordless telephone, a Personal Digital Assistant (PDA) device, a handheld device with wireless communication capabilities, a computing device or a handheld communication device, a handheld computing device, a satellite wireless device, and/or Other devices for communicating on wireless systems and next-generation communication systems, such as mobile terminals in 5G networks or mobile terminals in a future evolved Public Land Mobile Network (PLMN) network, etc.
  • PLMN Public Land Mobile Network
  • the mobile terminal may also be a wearable device.
  • Wearable devices can also be called wearable smart devices, which are the general term for the intelligent design of daily wear and the development of wearable devices using wearable technology, such as glasses, gloves, watches, clothing and shoes.
  • a wearable device is a portable device that is worn directly on the body or integrated into the user's clothing or accessories. Wearable device is not only a hardware device, but also realizes powerful functions through software support, data interaction, and cloud interaction.
  • wearable smart devices include full-featured, large-scale, complete or partial functions without relying on smart phones, such as smart watches or smart glasses, and only focus on a certain type of application function, which needs to be used in conjunction with other devices such as smart phones. , such as various types of smart bracelets and smart jewelry that monitor physical signs.
  • FIG. 4 is a schematic flowchart of a data uploading method and a data downloading method provided by an embodiment of the present application.
  • the steps that various roles and devices in the entire system such as the access control card 30, the first device 311, the first device 312, and the second device 32 need to be performed at different stages are listed according to the timeline. Incorporated into the description of the process, these stages include but are not limited to the user registration stage, device registration stage, data reading stage, data uploading stage and data downloading stage.
  • the terminal device for example, the first device 311 or the first device 312 .
  • the terminal device for example, the first device 311 or the first device 312 .
  • Step 401 the first device 311 sends a user registration request to the second device 32 .
  • the user may operate in an application (APP) of the first device 311 (eg, a mobile phone) to complete the user's identity registration on the second device 32 (eg, a server), where the second device 32 may Corresponding to the application, for example, the second device 32 may be a server providing the application service.
  • the user can open an application (APP) in the first device 311 , the application can be used to read the access card data in the access card 30 , and can send the access card data to the second device 32 .
  • the application may be a wallet application, or may be other types of applications having the same functions as described above, which are not particularly limited in this embodiment of the present application.
  • the user can input user information (for example, user account and password) and personal identification number (Personal Identification Number, PIN) in the above-mentioned application, and can click the registration function; it can be understood that the above-mentioned PIN can be a secret value, This PIN can be used to authenticate the user's identity.
  • the PIN may be hashed in the first device 311, thereby obtaining the hash value of the PIN.
  • the first device 311 may send a user registration request to the second device 32, where the user registration request may include the above-mentioned user information and PIN. It should be noted that, if the first device 311 obtains the hash value of the PIN by performing a hash operation on the PIN, the user registration request may also include user information and the hash value of the PIN.
  • Step 402 the second device 32 feeds back confirmation information to the first device 311 .
  • the second device 32 can obtain the user information and PIN in the user registration request, and can complete the user registration on the second device 32 based on the user information and PIN. register.
  • the second device 32 can create a user account based on the above-mentioned user information and PIN, and can store the above-mentioned user account and PIN in the local database, and then, The second device 32 may feed back confirmation information to the first device 311, and the confirmation information may be used to notify the first device 311 whether the user registration is successful.
  • the confirmation information may include success or failure. If the first device 311 receives the success message, it can confirm that the user registration is successful, and if the first device 311 receives the failure message, it can confirm that the user registration fails.
  • the second device 32 can complete the registration of the user on the second device 32 based on the above-mentioned user information and the hash value of the PIN.
  • the process reference may be made to the above-mentioned process of completing the registration on the second device 32 through the user information and the PIN, and details are not repeated here.
  • Step 403 the first device 311 obtains the signed security chip certificate CERT.SE.CA.
  • the security chip certificate CERT.SE may be issued by the second device 32, and the security chip certificate CERT.SE may contain the SE public key PK.SE.
  • the above-mentioned secure chip certificate CERT.SE can be used to negotiate the session key of the secure channel between the first device 311 and the second device 32, so as to establish the secure channel between the first device 311 and the second device 32.
  • the above-mentioned second device 32 issues the above-mentioned security chip certificate CERT.SE, it can also use the signature private key SK.CA to sign the above-mentioned security chip certificate CERT.SE, thereby obtaining the signed security chip certificate CERT.SE .CA.
  • the first device 311 may send the SE public key PK.SE to the second device 32 in advance, and the second device 32 may generate the security chip certificate CERT.SE based on the above SE public key PK.SE, that is, The above-mentioned security chip certificate CERT.SE may contain the above-mentioned SE public key PK.SE.
  • the second device 32 can create a pair of asymmetric signature public and private keys, for example, the signature private key SK.CA and the signature public key PK.CA, wherein the signature private key SK.CA is used to verify the above-mentioned security chip certificate CERT.SE
  • the signature is performed to obtain the signed security chip certificate CERT.SE.CA; the signature public key PK.CA is used to de-sign the above-mentioned signed security chip certificate CERT.SE.CA to verify the identity of the security chip certificate CERT.SE. Therefore, the second device 32 can use the above-mentioned signature private key SK.CA to sign the above-mentioned security chip certificate CERT.SE, and obtain the signed security chip certificate CERT.SE.CA.
  • the first device 311 may preset the above-mentioned signed security chip certificate CERT.SE.CA in the security chip of the first device 311 when it leaves the factory.
  • a secure channel can also be established between the first device 312 and the second device 32 , that is, the first device 312 can also be preset in the security chip of the first device 312 when it leaves the factory.
  • Step 404 the first device 311 sends a read instruction to the access control card 30 to read the access control card data in the access control card 30 .
  • the user can perform operations in the first device 311 to read the access control card data in the access control card 30 .
  • the user operates in an application (eg, a wallet application) in the first device 311 (eg, clicks on a control for reading access card data).
  • the first device 311 sends a read instruction to the access control card 30 to read the access control card data in the access control card 30 .
  • the first device 311 can send a read instruction to the access control card 30 through the SE, so that the SE can read the access control card data in the access control card 30, and can read the obtained data.
  • Access card data is stored in SE.
  • the access control card data stored in the access control card 30 may be plaintext data or ciphertext data, and the ciphertext data may be data encrypted with a preset key. After acquiring the above-mentioned ciphertext data, the first device 311 can decrypt it according to the preset key, thereby obtaining plaintext data. Therefore, whether the access control card data stored in the access control card 30 is in plaintext or ciphertext does not constitute a limitation on the embodiments of the present application. The embodiments of the present application are described by taking an example of finally reading the plaintext data of the access control card.
  • the SE can also encapsulate the access control card data, thereby obtaining a data format that can be recognized and processed by the server.
  • Step 405 the first device 311 sends a verification request to the second device 32 .
  • the first device 311 acquires the access control card data in the access control card 30, it can further verify whether the user's identity is legal.
  • an input box may be displayed on a display interface of an application (eg, a wallet application) of the first device 311, and the input box may be used to input user information and a PIN. The user can input user information and PIN in the above input box.
  • the first device 311 may send a verification request to the second device 32, where the verification request may be used to verify whether the user's identity is legal, and the verification request includes user information and a PIN.
  • the first device 311 may also perform a hash operation on the above-mentioned PIN, thereby obtaining a hash value of the PIN, that is, the above-mentioned verification request may include user information and a hash value of the PIN.
  • Step 406 the second device 32 receives the verification request sent by the first device 311, and verifies the user identity.
  • the second device 32 can obtain the user information and PIN in the above verification request, and can verify the user's identity based on the above user information and PIN to determine the user's identity. Whether the identity is legal.
  • the second device 32 may query the local database based on the user information in the authentication request, so that the PIN corresponding to the user information may be found. Then, the PIN obtained by the above query can be compared with the PIN in the verification request. If the PIN obtained by the query is consistent with the PIN in the verification request, it can be determined that the user's identity is legal; if the PIN obtained by the query is consistent with the PIN in the verification request If the PINs are inconsistent, it can be determined that the user's identity is illegal.
  • the second device 32 can query in the local database based on the user information in the verification request, so that the PIN corresponding to the user information can be found. hash value.
  • the second device 32 can perform a hash operation on the hash value of the PIN corresponding to the user information obtained through the query, thereby obtaining the PIN corresponding to the user information obtained through the query; and can verify the PIN in the request.
  • the PIN in the verification request can be obtained by hashing the hash value of .
  • the PIN corresponding to the user information obtained by the above query can be compared with the PIN in the verification request.
  • the identity of the user can be determined. Legal; if the obtained PIN corresponding to the user information is inconsistent with the PIN in the verification request, it can be determined that the user's identity is illegal.
  • Step 407 the second device 32 feeds back the verification result to the first device 311 .
  • the second device 32 determines that the user identity is valid, it can feed back a verification success message to the first device 311; if the second device 32 determines that the user identity is illegal, it can feed back a verification failure message to the first device 311.
  • step 408 the first device 311 receives the verification result sent by the second device 32, encrypts the data of the access control card, and obtains the ciphertext of the access control card.
  • the first device 311 After the first device 311 receives the verification result sent by the second device 32 and determines that the user identity verification is successful, it can encrypt the access card data, thereby obtaining the access card ciphertext.
  • the application of the first device 311 can call the interface of the SE and send a data request to the SE if it is determined that the user identity verification is successful.
  • Obtain the ciphertext of the access control card wherein the above data request may include a PIN.
  • the SE can obtain the PIN in the above data request, and can encrypt the access control card data in the SE according to the PIN, thereby obtaining the ciphertext of the access control card.
  • Fig. 5 is a flow chart of data encryption of the access control card, including the following sub-steps:
  • Step 4081 the SE creates a random factor S, and generates a first key K based on the random factor S and the PIN.
  • SE can arbitrarily create a random factor S, where S can be any string of data. It can be understood that the data length of the random factor S can be arbitrarily specified.
  • the SE can use the S as the salt value, the PIN as the secret value, and generate the first key K through the KDF function.
  • the above KDF function may be PBKDF2. It can be understood that the above examples exemplarily show the manner of generating the first key by using the PBKDF2 function, which does not constitute a limitation on the embodiments of the present application. In some embodiments, other KDF functions may also be used to implement.
  • Step 4082 the SE generates an initial vector (Initial Vector, IV) based on the random factor S.
  • the SE can use the SM3 algorithm to perform digest calculation on the random factor S, thereby obtaining a digest value. Then, the lower 16 bytes of the above digest value can be taken as an initial vector.
  • the digest calculation algorithm in the embodiment of the present application may be any known digest calculation algorithm, which is not limited in the embodiment of the present application.
  • Step 4083 the SE encrypts the data of the access control card based on the first key K and the initial vector to obtain the ciphertext of the access control card.
  • the SM4 algorithm can be used to encrypt the access control card data based on the first key K and the initial vector, and the encryption mode can be performed in the CBC mode.
  • the length of the access control card data may be an integer multiple of 16 bytes.
  • the access control card data can be encrypted in the following two ways.
  • the access control card data may be an access control card Data
  • the data length of the Data may be 1024 bytes.
  • the access control card ciphertext Cipher can be obtained, and the length of the access control card ciphertext Cipher can also be 1024 bytes.
  • the corresponding access control card ciphertexts Cipher1, Cipher2...CipherN can be obtained, wherein the length of each access control card ciphertext Cipher can be is 128 bytes.
  • the encryption algorithm in the embodiment of the present application may be any known encryption algorithm, for example, AES, DES, etc., which is not limited in the embodiment of the present application.
  • the foregoing encryption mode may also be any known encryption mode, for example, GCM, ECB, etc., which is not limited in this embodiment of the present application.
  • Step 409 the first device 311 sends the ciphertext of the access control card and the random factor S to the second device 32 .
  • the first device 311 may send the ciphertext of the access control card and the random factor S to the second device 32 .
  • the SE in the first device 311 encrypts the access control card data and obtains the ciphertext of the access control card
  • the ciphertext of the access control card and the random factor S can be sent to an application (for example, a wallet application).
  • the above-mentioned application receives the ciphertext of the access control card and the random factor S sent by the SE, it can send the above-mentioned ciphertext of the access control card and the random factor S to the second device 32.
  • a security channel may also be established between the first device 311 and the second device 32, wherein the security channel may be used to ensure the first Secure transmission of data between device 311 and second device 32 .
  • the first device 311 and the second device 32 may negotiate a session key before data transmission, and after negotiating to obtain the session key, use the session key to encrypt the transmitted data, and use the session key to encrypt the transmitted data. This ensures the security of data transmission.
  • FIG. 6 is a flowchart of the establishment of the security channel, including the following sub-steps:
  • Step 4091 the application obtains the signed security chip certificate CERT.SE.CA in the SE.
  • the application can call the interface of the SE, and obtain the signed security chip certificate CERT.SE.CA in the SE through the interface.
  • Step 4092 the application generates a random number RA.
  • the random number RA is used as the first random number.
  • step 4092 and step 4091 can be in no particular order.
  • step 4092 can be executed before step 4091, step 4092 can also be executed after step 4091, and step 4092 can also be executed simultaneously with step 4091.
  • This application implements This example does not make any special restrictions.
  • Step 4093 the application sends a secure channel establishment request to the second device 32 .
  • the application After the application obtains the above random number RA and the signed security chip certificate CERT.SE.CA, it sends a secure channel establishment request to the second device 32 , and the secure channel establishment request can be used to establish a relationship between the above application and the second device 32 .
  • the secure channel between the two, the secure channel establishment request may include the above random number RA and the signature secure chip certificate CERT.SE.CA.
  • Step 4094 the second device 32 receives the secure channel establishment request sent by the above application, verifies the secure channel establishment request, and generates feedback information based on the verification result.
  • the second device 32 After receiving the secure channel establishment request sent by the above-mentioned application, the second device 32 obtains the random number RA and the signed security chip certificate CERT.SE.CA in the above-mentioned secure channel establishment request, and verifies the above-mentioned secure channel establishment request .
  • the above verification method may be to verify the identity of the signed security chip certificate CERT.SE.
  • the signed security chip certificate CERT.SE.CA since the signed security chip certificate CERT.SE.CA is signed and issued by the second device 32, the local database of the second device 32 stores the signature public certificate corresponding to the above signed security chip certificate CERT.SE.CA. key PK.CA.
  • the second device 32 can perform identity verification on the above-mentioned signed security chip certificate CERT.SE.CA according to the above-mentioned signature public key PK.CA, if the above-mentioned signed security chip certificate CERT.SE.CA is authenticated by the above-mentioned signature public key PK.CA If the CA is correctly de-signed, it can be determined that the identity of the security chip certificate CERT.SE is the first device 311; if the de-signature of the above-mentioned signed security chip certificate CERT.SE.CA through the above-mentioned signature public key PK.CA fails, it can be determined that The identity of the security chip certificate CERT.SE is an illegal device.
  • the second device 32 determines that the identity of the security chip certificate CERT.SE is the first device 311, it can obtain the SE public key PK.SE in the security chip certificate CERT.SE, and can generate a random number RB, The random number RB is used as the second random number.
  • the second device 32 can use the SM2 algorithm to calculate based on the random number RA, the random number RB, the SE public key PK.SE and the second device private key SK.SERVER to obtain the second key EK, where SK.SE. SERVER is the second device private key preset in the second device 32 .
  • the key generation algorithm in the embodiment of the present application may be any known key generation algorithm, which is not limited in the embodiment of the present application.
  • the above-mentioned random number RA can be encrypted by using the above-mentioned EK, thereby obtaining the random number ciphertext CRA.
  • the above-mentioned algorithm for encrypting the random number RA may be SM4, and the encryption mode may be ECB.
  • the encryption algorithm in the embodiment of the present application may be any known encryption algorithm, which is not limited in the embodiment of the present application.
  • the encryption mode in the embodiment of the present application may be any known encryption algorithm except ECB, for example, CBC, GCM, etc., which is not limited in the embodiment of the present application.
  • Step 4095 the second device 32 sends feedback information to the application.
  • the above feedback information may include the random number RB, the random number ciphertext CRA, and the signed second device certificate CERT.SERVER.CA.
  • the above-mentioned signed second device certificate CERT.SERVER.CA may be obtained after the second device 32 signs the above-mentioned second device certificate CERT.SERVER using the private key signature SK.CA, and the above-mentioned second device certificate CERT.SERVER may include The second device public key PK.SERVER.
  • Step 4096 the application receives the feedback information sent by the second device 32, and forwards the feedback information to the SE.
  • the application may forward the feedback information and the random number RA to the SE.
  • the application may completely forward the foregoing feedback information and the random number RA to the SE.
  • the above-mentioned application can forward the random number RB, the random number ciphertext CRA and the signed second device certificate CERT.SERVER.CA in the above-mentioned feedback information to the SE, in addition, the above-mentioned application can also send the above-mentioned random number RA to the SE. SE.
  • Step 4097 the SE receives the feedback information and random number RA forwarded by the application, performs identity verification on the signed second device certificate CERT.SERVER.CA in the above feedback information, and obtains the second device public key PK.SERVER.
  • the SE after receiving the feedback information forwarded by the above application, the SE obtains the signed second device certificate CERT.SERVER.CA in the above feedback information, and can perform identity verification on the above signed second device certificate CERT.SERVER.CA.
  • the above-mentioned way of verifying the signed second device certificate CERT.SERVER.CA may be to use the signature public key PK.CA to de-sign the above-mentioned signed second device certificate CERT.SERVER.CA to verify the second device certificate CERT.SERVER.CA.
  • the signature public key PK.CA may be sent to the first device 311 by the second device 32 in advance.
  • the identity of the second device certificate CERT.SERVER is a legal server, and the first device certificate CERT.SERVER can be obtained.
  • the second device certificate CERT.SERVER if the above-mentioned SE fails to de-sign the above-mentioned signed second device certificate CERT.SERVER.CA using the above-mentioned signature public key PK.CA, the second device certificate CERT.SERVER cannot be obtained, and it can be determined that the second device certificate CERT.SERVER cannot be obtained.
  • the identity of the second device certificate CERT.SERVER is an illegal server.
  • the SE determines that the identity of the second device certificate CERT.SERVER is a legitimate server, the second device public key PK.SERVER in the second device certificate CERT.SERVER can be obtained.
  • Step 4098 the SE determines the session key of the secure channel.
  • the SE can determine the second key EK based on the random number RA, the random number RB, the SE private key SK.SE, and the second device public key PK.SERVER, And a session key may be determined based on the above-mentioned second key EK, wherein the session key is used to encrypt and decrypt the data transmitted in the secure channel.
  • the above-mentioned way of determining the session key may be: according to the random number RA, the random number RB, the SE private key SK.SE and the second device public key PK.SERVER, calculate through the key agreement algorithm in the SM2 algorithm Get the second key EK.
  • the random number ciphertext CRA may be decrypted using the second key EK, thereby obtaining the random number RA, and the random number RA obtained by the decryption may be compared with the random number RA generated locally by the above application . If the random number RA obtained by the above decryption is consistent with the random number RA generated locally by the above application, a secure channel can be established between the first device 311 and the second device 32, and the above second key EK can be used as the above security The session key for the channel. If the random number RA obtained by the above decryption is inconsistent with the random number RA generated locally by the above application, the session key cannot be obtained, that is, the establishment of the secure channel between the first device 311 and the second device 32 fails.
  • the above-mentioned SE private key SK.SE and the above-mentioned SE public key PK.SE are a pair of asymmetric public and private keys
  • the above-mentioned second device private key SK.SERVER and the above-mentioned second device public key PK.SERVER are a pair.
  • Step 4099 based on the determined session key, send channel establishment response information to the second device 32 to establish a secure channel with the second device 32 .
  • the first device 311 determines the session key, it can feed back success information to the second device 32, thereby establishing a secure channel between the first device 311 and the second device 32, that is, the first device 311 can use the above-mentioned session key (for example, the second key EK) to re-encrypt the above-mentioned ciphertext of the access control card, and send the encrypted ciphertext of the access control card to the second device 32, so that the access control card data can be encrypted. double protection.
  • the above-mentioned session key for example, the second key EK
  • the first device 311 can obtain the encrypted cipher text of the access control card Cipher_EK after re-encrypting the cipher text of the access control card with the second key EK.
  • the first device 311 may feed back failure information to the second device 32, where the failure message is used to notify the second device 32 that the establishment of the secure channel fails.
  • Step 410 the first device 312 sends a data acquisition request to the second device 32 .
  • the first device 312 may send a data acquisition request to the second device 32 to acquire access control card data.
  • the data acquisition request may include user information and PIN.
  • the first device 311 can also send a data acquisition request to the second device 32 to acquire access control card data.
  • the difference between the first device 311 and the first device 312 is that if the first device 311 just uploads the access card data to the second device 32, the first device 311 requests the second device 32 to download the access card data, because the user The user information and PIN have been input when uploading the above-mentioned access control card data, so the user does not need to input the above-mentioned user information and PIN when requesting to download the access control card data to the second device 32.
  • the first device 311 can upload the above-mentioned access control card data according to the user. Create a data acquisition request with the user information and PIN entered at the time, and send the data acquisition request to the second device 32, thereby simplifying the user's operation
  • a secure channel may also be established between the first device 312 and the second device 32.
  • the method for establishing the secure channel may refer to the method shown in FIG. 6 , which will not be repeated here.
  • Step 411 the second device 32 verifies the data acquisition request.
  • the second device 32 can acquire the user information and PIN in the data acquisition request, and can perform verification based on the above user information and PIN, thereby determining the identity of the user is it legal. For example, if the PIN in the above data acquisition request is consistent with the PIN stored locally by the second device 32, it can be determined that the user's identity is legitimate; if the PIN in the above data acquisition request is inconsistent with the PIN stored locally by the second device 32, it can be It is determined that the user identity is illegal.
  • the second device 32 can use the second key EK to decrypt the above-mentioned data acquisition request, and can obtain the data acquisition request after successfully decrypting the above-mentioned data acquisition request.
  • user information and PIN can be used to decrypt the above-mentioned data acquisition request.
  • Step 412 the second device 32 sends the encapsulated data packet and the random factor S to the first device 312 based on the verification result.
  • the second device 32 can send the encapsulated data packet and the random factor S to the first device 312, where the encapsulated data packet can include the instruction and the ciphertext of the access control card.
  • the second device 32 may encapsulate the above-mentioned ciphertext of the access control card into data packets, wherein each encapsulated data packet may include an SE executable instruction and an access control card ciphertext.
  • the number of encapsulated data packets may be consistent with the number of ciphertexts of the access control card that have been stored in the second device 32 .
  • the second device 32 may encapsulate the cipher into a data packet.
  • the second device 32 may encapsulate the N pieces of access control card ciphertext into N data packets.
  • Table 1 is the access control card ciphertext encapsulation table.
  • the ciphertext of the access control card includes N ciphertexts such as Cipher1, Cipher2...CipherN. Since data cannot be directly read and stored in SE, it is necessary to add SE-executable instructions (for example, instruction 1, instruction 2... instruction N, etc.) to each of the above ciphertexts. Next, the above-mentioned instruction and the corresponding ciphertext may be encapsulated, thereby obtaining N encapsulated data packets, that is, one encapsulated data packet corresponds to one instruction and one access control card ciphertext.
  • N ciphertexts such as Cipher1, Cipher2...CipherN. Since data cannot be directly read and stored in SE, it is necessary to add SE-executable instructions (for example, instruction 1, instruction 2... instruction N, etc.) to each of the above ciphertexts.
  • SE-executable instructions for example, instruction 1, instruction 2... instruction N, etc.
  • the second device 32 may send each of the foregoing encapsulated data packets to the first device 312 in sequence.
  • the order of sending may be in the order of the instructions.
  • the above-mentioned encapsulated data packet may also be encrypted in the secure channel (for example, encrypted by using the second key EK), thereby The security of the above encapsulated data packet transmission can be guaranteed.
  • Step 413 the first device 312 receives the encapsulated data packet and the random factor S sent by the second device 32, processes the encapsulated data packet, and obtains and stores the access control card data.
  • the first device 312 may receive the encapsulated data packet and the random factor S sent by the second device 32 through an application (eg, a wallet application).
  • an application eg, a wallet application
  • the above-mentioned application receives the encapsulated data packet and the random factor S sent by the second device 32, it can send the PIN to the SE through a preset instruction, so that the SE can store the above-mentioned PIN.
  • the above-mentioned application can decrypt the above-mentioned encrypted and encapsulated data packet through the second key EK, thereby obtaining the encapsulated data packet.
  • the above application may forward the received encapsulated data packets to the SE in sequence, and may send the random factor S to the SE.
  • the sequence in which the application forwards the encapsulated data packets may be the sequence in which the encapsulated data packets are received. For example, if the above-mentioned application receives the encapsulated data packet 1 sent by the second device 32 at the earliest, the application may forward the encapsulated data packet 1 to the SE. Next, if the above-mentioned application receives the encapsulated data packet 2 sent by the second device 32, the application can forward the encapsulated data packet 2 to the SE, and so on.
  • the SE After receiving the encapsulated data packet and the random factor S forwarded by the above application, the SE can obtain the ciphertext of the access control card in the encapsulated data packet, and can decrypt the above ciphertext of the access control card.
  • FIG. 7 is a flow chart of decryption, including the following sub-steps:
  • Step 4131 the SE generates a first key K based on the random factor S and the PIN.
  • the SE can use the KDF function (for example, PBKDF2) to generate the first key K based on the random factor S and the PIN.
  • KDF function for example, PBKDF2
  • Step 4132 the SE determines an initial vector based on the random factor S.
  • an algorithm eg, SM3 can be used to calculate a digest value based on a random factor S, and the lower 16 bytes of the above digest value can be taken as an initial vector.
  • Step 4133 the SE decrypts based on the first key K and the initial vector to obtain access control card data.
  • an algorithm for example, SM4 can be used to decrypt the ciphertext of the access control card based on the first key K and the initial vector in the CBC mode, thereby obtaining the access control card data.
  • the above-mentioned access control card data can be written into the SE through the instruction (eg, Write) in the above-mentioned encapsulated data packet, so that the task of copying the access control card data to the first device 312 can be completed.
  • the instruction eg, Write
  • the security of the access control card data can be realized. Migration to improve the security of access card data transmission.
  • FIG. 8 is a schematic structural diagram of a chip 80 according to an embodiment of the present application.
  • the chip 80 includes: an acquisition module 81 , a transmission module 82 , a reception module 83 , an encryption module 84 and an upload module 85 ; wherein,
  • an acquisition module 81 used to acquire the access control data to be uploaded
  • the sending module 82 is used to send a PIN to the server in response to the user's input, wherein the PIN is used to verify whether the user's identity is legal;
  • the receiving module 83 is configured to receive the first confirmation information sent by the server, and create a random factor S, and the first confirmation information is used to confirm whether the verification of the user identity is successful;
  • An encryption module 84 configured to determine a first key K based on the PIN and the random factor S, and encrypt the access control data to be uploaded based on the first key K to obtain a first data ciphertext;
  • the uploading module 85 is configured to upload the first data ciphertext and the random factor S to the server.
  • the chip 80 further includes: a registration module 86; wherein,
  • the registration module 86 is configured to send a user registration request to the server, wherein the user registration request is used to register a user identity on the server, and the user registration request includes the PIN; Second confirmation information, wherein the second confirmation information is used to confirm whether the registration of the user is successful.
  • the electronic device includes a signature public key
  • the server includes a signature private key and a second private key
  • the chip 80 further includes: a channel establishment module 88; wherein,
  • a channel establishment module 88 configured to obtain a signed first certificate, wherein the signed first certificate is obtained after the server signs the first certificate with the signed private key, and the first certificate is issued by the server , the first certificate includes a first public key;
  • the signature public key to perform identity verification on the signed second certificate, and if the identity verification is passed, obtain a second public key in the second certificate, wherein the second public key is the same as the first public key.
  • the second private key is a pair of asymmetric public and private keys;
  • a secure channel is established with the server, and the second key EK is determined as the session key of the secure channel.
  • the encryption module 84 is further configured to encrypt the access control data to be uploaded based on the first key K to obtain a second data ciphertext; use the second key EK The second data ciphertext is encrypted to obtain the first data ciphertext.
  • the encryption module 84 is further configured to calculate a digest value based on the random factor S, and determine an initial vector based on the digest value; based on the first key K and the initial vector pair
  • the access control data to be uploaded is encrypted to obtain the first data ciphertext.
  • FIG. 9 is a schematic structural diagram of a chip 90 provided by an embodiment of the present application.
  • the chip 90 includes: a request module 91, a download module 92, an acquisition module 93 and a decryption module 94; wherein,
  • a request module 91 configured to send a data acquisition request to the server, wherein the data acquisition request is used to acquire the first data ciphertext;
  • a downloading module 92 configured to receive an encapsulated data packet and a random factor S sent by the server, wherein the encapsulated data packet includes the first data ciphertext;
  • an obtaining module 93 configured to obtain a PIN, and determine a first key K based on the PIN and the random factor S;
  • the decryption module 94 is configured to decrypt the encapsulated data packet based on the first key K to obtain the plaintext of the access control data.
  • the data acquisition request includes a PIN
  • the PIN is used to verify whether the user's identity is legal.
  • the downloading module 92 is further configured to obtain a second key EK; receive an encrypted packaged data packet sent by the server; Decrypt to get the encapsulated data packet.
  • the encapsulated data packet further includes executable instructions
  • the decryption module 94 is further configured to obtain the first data ciphertext in the encapsulated data packet, based on the first key K Decrypt the first data ciphertext to obtain access control data plaintext; obtain executable instructions in the encapsulated data packet, and perform a write operation on the access control data plaintext based on the executable instructions.
  • each module of the chip shown in FIG. 8 and FIG. 9 above is only a division of logical functions, and may be fully or partially integrated into a physical entity in actual implementation, or may be physically separated.
  • these modules can all be implemented in the form of software calling through processing elements; they can also all be implemented in hardware; some modules can also be implemented in the form of software calling through processing elements, and some modules can be implemented in hardware.
  • the detection module may be a separately established processing element, or may be integrated in a certain chip of the terminal.
  • the implementation of other modules is similar.
  • all or part of these modules can be integrated together, and can also be implemented independently.
  • each step of the above-mentioned method or each of the above-mentioned modules can be completed by an integrated logic circuit of hardware in the processor element or an instruction in the form of software.
  • the above modules may be one or more integrated circuits configured to implement the above methods, such as: one or more specific integrated circuits (Application Specific Integrated Circuit; hereinafter referred to as: ASIC), or, one or more microprocessors Digital Singnal Processor (hereinafter referred to as: DSP), or, one or more Field Programmable Gate Array (Field Programmable Gate Array; hereinafter referred to as: FPGA), etc.
  • ASIC Application Specific Integrated Circuit
  • DSP Digital Singnal Processor
  • FPGA Field Programmable Gate Array
  • these modules can be integrated together and implemented in the form of a system-on-a-chip (System-On-a-Chip; hereinafter referred to as: SOC).
  • FIG. 10 exemplarily shows a schematic structural diagram of an electronic device 100 provided by an embodiment of the present application, and the electronic device 100 may be the first device 311 or the first device 312 described above.
  • the electronic device 100 may include a processor 110, an external memory interface 120, an internal memory 121, an antenna 1, an antenna 2, a mobile communication module 150, a wireless communication module 160, a display screen 194, and a subscriber identification module (subscriber). identification module, SIM) card interface 195, etc.
  • a processor 110 an external memory interface 120, an internal memory 121, an antenna 1, an antenna 2, a mobile communication module 150, a wireless communication module 160, a display screen 194, and a subscriber identification module (subscriber). identification module, SIM) card interface 195, etc.
  • SIM subscriber identification module
  • the structures illustrated in the embodiments of the present invention do not constitute a specific limitation on the electronic device 100 .
  • the electronic device 100 may include more or less components than shown, or some components are combined, or some components are separated, or different components are arranged.
  • the illustrated components may be implemented in hardware, software, or a combination of software and hardware.
  • the processor 110 may include one or more processing units, for example, the processor 110 may include an application processor (application processor, AP), a modem processor, a graphics processor (graphics processing unit, GPU), an image signal processor (image signal processor, ISP), controller, video codec, digital signal processor (digital signal processor, DSP), baseband processor, and/or neural-network processing unit (neural-network processing unit, NPU), etc. Wherein, different processing units may be independent devices, or may be integrated in one or more processors.
  • application processor application processor, AP
  • modem processor graphics processor
  • ISP image signal processor
  • controller video codec
  • digital signal processor digital signal processor
  • baseband processor baseband processor
  • neural-network processing unit neural-network processing unit
  • the controller can generate an operation control signal according to the instruction operation code and timing signal, and complete the control of fetching and executing instructions.
  • a memory may also be provided in the processor 110 for storing instructions and data.
  • the memory in processor 110 is cache memory. This memory may hold instructions or data that have just been used or recycled by the processor 110 . If the processor 110 needs to use the instruction or data again, it can be called directly from the memory. Repeated accesses are avoided and the latency of the processor 110 is reduced, thereby increasing the efficiency of the system.
  • the wireless communication function of the electronic device 100 may be implemented by the antenna 1, the antenna 2, the mobile communication module 150, the wireless communication module 160, the modulation and demodulation processor, the baseband processor, and the like.
  • Both antenna 1 and antenna 2 can be used to transmit and receive electromagnetic wave signals.
  • Each antenna in electronic device 100 may be used to cover a single or multiple communication frequency bands. Different antennas can also be reused to improve antenna utilization.
  • the antenna 1 can be multiplexed into the diversity antenna of the wireless local area network.
  • each communication mode can also be equipped with a separate antenna.
  • the antenna may be used in conjunction with a tuning switch.
  • the mobile communication module 150 may provide wireless communication solutions including 2G/3G/4G/5G etc. applied on the electronic device 100 .
  • the mobile communication module 150 may include at least one filter, switch, power amplifier, low noise amplifier (LNA) and the like.
  • the mobile communication module 150 can receive electromagnetic waves from the antenna 1, filter and amplify the received electromagnetic waves, and transmit them to the modulation and demodulation processor for demodulation.
  • the mobile communication module 150 can also amplify the signal modulated by the modulation and demodulation processor, and then turn it into an electromagnetic wave for radiation through the antenna 1 .
  • at least part of the functional modules of the mobile communication module 150 may be provided in the processor 110 .
  • at least part of the functional modules of the mobile communication module 150 may be provided in the same device as at least part of the modules of the processor 110 .
  • the wireless communication module 160 can provide applications on the electronic device 100 including wireless local area networks (WLAN) (such as wireless fidelity (Wi-Fi) networks), bluetooth (BT), global navigation satellites Wireless communication solutions such as global navigation satellite system (GNSS), frequency modulation (FM), near field communication (NFC), and infrared technology (IR).
  • WLAN wireless local area networks
  • BT Bluetooth
  • GNSS global navigation satellite system
  • FM frequency modulation
  • NFC near field communication
  • IR infrared technology
  • the wireless communication module 160 may be one or more devices integrating at least one communication processing module.
  • the wireless communication module 160 receives electromagnetic waves via the antenna 2 , frequency modulates and filters the electromagnetic wave signals, and sends the processed signals to the processor 110 .
  • the wireless communication module 160 can also receive the signal to be sent from the processor 110 , perform frequency modulation on it, amplify it, and convert it into electromagnetic waves for radiation through the antenna 2 .
  • the antenna 1 of the electronic device 100 is coupled with the mobile communication module 150, and the antenna 2 is coupled with the wireless communication module 160, so that the electronic device 100 can communicate with the network and other devices through wireless communication technology.
  • the wireless communication technology may include global system for mobile communications (GSM), general packet radio service (GPRS), code division multiple access (CDMA), broadband Code Division Multiple Access (WCDMA), Time Division Code Division Multiple Access (TD-SCDMA), Long Term Evolution (LTE), BT, GNSS, WLAN, NFC , FM, and/or IR technology, etc.
  • the GNSS may include global positioning system (global positioning system, GPS), global navigation satellite system (global navigation satellite system, GLONASS), Beidou navigation satellite system (beidou navigation satellite system, BDS), quasi-zenith satellite system (quasi -zenith satellite system, QZSS) and/or satellite based augmentation systems (SBAS).
  • global positioning system global positioning system, GPS
  • global navigation satellite system global navigation satellite system, GLONASS
  • Beidou navigation satellite system beidou navigation satellite system, BDS
  • quasi-zenith satellite system quadsi -zenith satellite system, QZSS
  • SBAS satellite based augmentation systems
  • the electronic device 100 implements a display function through a GPU, a display screen 194, an application processor, and the like.
  • the GPU is a microprocessor for image processing, and is connected to the display screen 194 and the application processor.
  • the GPU is used to perform mathematical and geometric calculations for graphics rendering.
  • Processor 110 may include one or more GPUs that execute program instructions to generate or alter display information.
  • Display screen 194 is used to display images, videos, and the like.
  • Display screen 194 includes a display panel.
  • the display panel can be a liquid crystal display (LCD), an organic light-emitting diode (OLED), an active-matrix organic light-emitting diode or an active-matrix organic light-emitting diode (active-matrix organic light).
  • LED diode AMOLED
  • flexible light-emitting diode flexible light-emitting diode (flex light-emitting diode, FLED), Miniled, MicroLed, Micro-oLed, quantum dot light-emitting diode (quantum dot light emitting diodes, QLED) and so on.
  • the electronic device 100 may include one or N display screens 194 , where N is a positive integer greater than one.
  • Internal memory 121 may be used to store computer executable program code, which includes instructions.
  • the internal memory 121 may include a storage program area and a storage data area.
  • the storage program area can store an operating system, an application program required for at least one function (such as a sound playback function, an image playback function, etc.), and the like.
  • the storage data area may store data (such as audio data, phone book, etc.) created during the use of the electronic device 100 and the like.
  • the internal memory 121 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, universal flash storage (UFS), and the like.
  • the processor 110 executes various functional applications and data processing of the electronic device 100 by executing instructions stored in the internal memory 121 and/or instructions stored in a memory provided in the processor.
  • the SIM card interface 195 is used to connect a SIM card.
  • the SIM card can be contacted and separated from the electronic device 100 by inserting into the SIM card interface 195 or pulling out from the SIM card interface 195 .
  • the electronic device 100 may support 1 or N SIM card interfaces, where N is a positive integer greater than 1.
  • the SIM card interface 195 can support Nano SIM card, Micro SIM card, SIM card and so on. Multiple cards can be inserted into the same SIM card interface 195 at the same time. The types of the plurality of cards may be the same or different.
  • the SIM card interface 195 can also be compatible with different types of SIM cards.
  • the SIM card interface 195 is also compatible with external memory cards.
  • the electronic device 100 interacts with the network through the SIM card to implement functions such as call and data communication.
  • the electronic device 100 employs an eSIM, ie: an embedded SIM card.
  • the eSIM card can be embedded in the electronic device 100 and cannot be separated from the electronic device 100 .
  • Embodiments of this specification provide a non-transitory computer-readable storage medium, where the non-transitory computer-readable storage medium stores computer instructions, and when the computer instructions are executed on a computer, the computer instructions cause the computer to execute The data uploading method and the data downloading method provided by the embodiments shown in FIG. 1 to FIG. 7 of this specification.
  • “at least one” refers to one or more, and “multiple” refers to two or more.
  • “And/or”, which describes the association relationship of the associated objects, indicates that there can be three kinds of relationships, for example, A and/or B, which can indicate the existence of A alone, the existence of A and B at the same time, and the existence of B alone. where A and B can be singular or plural.
  • the character “/” generally indicates that the associated objects are an “or” relationship.
  • “At least one of the following” and similar expressions refer to any combination of these items, including any combination of single or plural items.
  • At least one of a, b, and c may represent: a, b, c, a and b, a and c, b and c or a and b and c, where a, b, c may be single, or Can be multiple.
  • any function is implemented in the form of a software functional unit and sold or used as an independent product, it can be stored in a computer-readable storage medium.
  • the technical solution of the present application can be embodied in the form of a software product in essence, or the part that contributes to the prior art or the part of the technical solution.
  • the computer software product is stored in a storage medium, including Several instructions are used to cause a computer device (which may be a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of the present application.
  • the aforementioned storage medium includes: U disk, mobile hard disk, Read-Only Memory (Read-Only Memory; hereinafter referred to as: ROM), Random Access Memory (Random Access Memory; hereinafter referred to as: RAM), magnetic disk or optical disk and other various A medium on which program code can be stored.
  • ROM Read-Only Memory
  • RAM Random Access Memory
  • magnetic disk or optical disk and other various A medium on which program code can be stored.

Abstract

Provided in the embodiments of the present application are a data uploading method, a data downloading method and a related device. The data uploading method comprises: acquiring access control data to be uploaded; sending a PIN to a server in response to an input of a user, wherein the PIN is used for verifying whether the identity of the user is legitimate; receiving first confirmation information sent by the server, and creating a random factor, wherein the first confirmation information is used for confirming whether the verification for the identity of the user is successful; determining a first secret key on the basis of the PIN and the random factor, and encrypting, on the basis of the first secret key, the access control data to be uploaded so as to obtain first data ciphertext; and uploading the first data ciphertext and the random factor to the server. Therefore, secure transmission of data is realized.

Description

数据上传方法、数据下载方法及相关设备Data upload method, data download method and related equipment 技术领域technical field
本申请实施例涉及信息安全技术领域,特别涉及一种数据上传方法、数据下载方法及相关设备。The embodiments of the present application relate to the technical field of information security, and in particular, to a method for uploading data, a method for downloading data, and related equipment.
背景技术Background technique
目前,随着手机功能的不断强大,门禁卡在手机中的应用也越来越普遍,市场上的高端手机大多都内置了安装门禁卡和复制门禁卡的功能。At present, with the increasingly powerful functions of mobile phones, the application of access control cards in mobile phones is becoming more and more common. Most of the high-end mobile phones on the market have built-in functions for installing access control cards and copying access control cards.
然而,在手机中复制门禁卡的过程中通常会遇到以下问题:However, the following problems are usually encountered in the process of copying the access control card in the mobile phone:
在将一个手机中的门禁卡数据迁移到另一个手机中时,可能会被攻击人员截获,由此可能造成门禁卡信息的泄露。而门禁卡信息可用于开启门禁,由此可能造成企业的财产损失及人身安全隐患,危险性极大。When migrating the access control card data from one mobile phone to another mobile phone, it may be intercepted by attackers, which may result in the disclosure of access control card information. The access card information can be used to open the access control, which may cause property damage and personal safety hazards of the enterprise, which is extremely dangerous.
发明内容SUMMARY OF THE INVENTION
本申请实施例提供了一种数据上传方法、数据下载方法及相关设备,以实现对门禁卡数据的安全迁移。The embodiments of the present application provide a method for uploading data, a method for downloading data, and related equipment, so as to realize safe migration of access control card data.
第一方面,本申请实施例提供了一种数据上传方法,应用于电子设备,包括:获取待上传门禁数据;响应于用户的输入,向服务器发送PIN,其中,所述PIN用于验证用户的身份是否合法;接收所述服务器发送的第一确认信息,创建随机因子S,所述第一确认信息用于确认用户身份验证是否成功;基于所述PIN及所述随机因子S确定第一密钥K,基于所述第一密钥K对所述待上传门禁数据进行加密,得到第一数据密文;将所述第一数据密文及所述随机因子S上传至所述服务器。由此,实现了对门禁卡数据的安全上传。In a first aspect, the embodiments of the present application provide a data uploading method, which is applied to an electronic device, including: acquiring access control data to be uploaded; and sending a PIN to a server in response to a user's input, wherein the PIN is used to verify the user's Whether the identity is legal; receive the first confirmation information sent by the server, and create a random factor S, the first confirmation information is used to confirm whether the user identity verification is successful; determine the first key based on the PIN and the random factor S K, encrypting the access control data to be uploaded based on the first key K to obtain a first data ciphertext; uploading the first data ciphertext and the random factor S to the server. Thus, the secure uploading of the access control card data is realized.
在上述数据上传方法中,为了验证用户的身份,一种可能的实现方式是,所述获取待上传门禁数据之前,所述方法还包括:In the above data uploading method, in order to verify the identity of the user, a possible implementation manner is that, before the acquiring the access control data to be uploaded, the method further includes:
向所述服务器发送用户注册请求,其中,所述用户注册请求用于在所述服务器上注册用户身份,所述用户注册请求包括所述PIN;sending a user registration request to the server, wherein the user registration request is used to register a user identity on the server, and the user registration request includes the PIN;
接收所述服务器发送的第二确认信息,其中,所述第二确认信息用于确认所述用户的注册是否成功。Receive second confirmation information sent by the server, where the second confirmation information is used to confirm whether the user's registration is successful.
为了建立安全通道,以提高数据传输的安全,一种可能的实现方式是,所述电子设备包括签名公钥,所述服务器包括签名私钥及第二私钥,还包括:In order to establish a secure channel to improve the security of data transmission, a possible implementation manner is that the electronic device includes a signature public key, the server includes a signature private key and a second private key, and further includes:
获取签名第一证书,其中,所述签名第一证书由所述服务器使用所述签名私钥对第一证书进行签名后获得,所述第一证书由所述服务器签发,所述第一证书包括第一公钥;Obtain a signed first certificate, wherein the signed first certificate is obtained after the server signs the first certificate with the signing private key, the first certificate is issued by the server, and the first certificate includes the first public key;
创建随机数RA,向所述服务器发送安全通道建立请求,其中,所述安全通道建立 请求包括所述随机数RA及所述签名第一证书;Create a random number RA, and send a secure channel establishment request to the server, wherein the secure channel establishment request includes the random number RA and the signed first certificate;
接收所述服务器发送的随机数RB、随机数密文CRA及签名第二证书,其中,所述随机数RB由所述服务器创建,所述随机数密文CRA由所述服务器使用第二密钥EK加密后获得,所述第二密钥EK基于所述随机数RA、所述随机数RB、所述第一公钥及所述第二私钥确定;Receive a random number RB, a random number ciphertext CRA and a signed second certificate sent by the server, wherein the random number RB is created by the server, and the random number ciphertext CRA is used by the server with a second key Obtained after EK encryption, the second key EK is determined based on the random number RA, the random number RB, the first public key and the second private key;
使用所述签名公钥对所述签名第二证书进行身份验证,若所述身份验证通过,则获取所述第二证书中的第二公钥,其中,所述第二公钥与所述第二私钥为一对非对称公私钥;Use the signature public key to perform identity verification on the signed second certificate, and if the identity verification is passed, obtain a second public key in the second certificate, wherein the second public key is the same as the first public key. The second private key is a pair of asymmetric public and private keys;
获取第一私钥,基于所述随机数RA、所述随机数RB、所述第一私钥及所述第二公钥确定第二密钥EK,其中,所述第一私钥与所述第一公钥为一对非对称公私钥;Obtain a first private key, and determine a second key EK based on the random number RA, the random number RB, the first private key and the second public key, wherein the first private key and the The first public key is a pair of asymmetric public and private keys;
使用所述第二密钥EK对所述随机数密文CRA进行解密,得到随机数RA’;Use the second key EK to decrypt the random number ciphertext CRA to obtain a random number RA';
若所述随机数RA与解密得到的随机数RA’一致,则与所述服务器建立安全通道,并确定所述第二密钥EK为所述安全通道的会话密钥。If the random number RA is consistent with the random number RA' obtained by decryption, a secure channel is established with the server, and the second key EK is determined as the session key of the secure channel.
为了保证数据上传的安全性,一种可能的实现方式是,所述基于所述第一密钥K对所述待上传门禁数据进行加密,得到第一数据密文包括:In order to ensure the security of data uploading, a possible implementation manner is that, encrypting the access control data to be uploaded based on the first key K, and obtaining the first data ciphertext includes:
基于所述第一密钥K对所述待上传门禁数据进行加密,得到第二数据密文;Encrypting the access control data to be uploaded based on the first key K to obtain a second data ciphertext;
使用所述第二密钥EK对所述第二数据密文进行加密,得到第一数据密文。The second data ciphertext is encrypted by using the second key EK to obtain the first data ciphertext.
为了保证数据上传的安全性,一种可能的实现方式是,所述基于所述第一密钥K对所述待上传门禁数据进行加密,得到第一数据密文包括:In order to ensure the security of data uploading, a possible implementation manner is that, encrypting the access control data to be uploaded based on the first key K, and obtaining the first data ciphertext includes:
基于所述随机因子S计算摘要值,基于所述摘要值确定初始向量;Calculate a digest value based on the random factor S, and determine an initial vector based on the digest value;
基于所述第一密钥K及所述初始向量对所述待上传门禁数据进行加密,得到第一数据密文。The access control data to be uploaded is encrypted based on the first key K and the initial vector to obtain a first data ciphertext.
第二方面,本申请实施例提供了一种数据下载方法,所述方法包括:向服务器发送数据获取请求,其中,所述数据获取请求用于获取第一数据密文;接收所述服务器发送的封装数据包及随机因子S,其中,所述封装数据包包括所述第一数据密文;获取PIN,基于所述PIN及所述随机因子S确定第一密钥K;基于所述第一密钥K对所述封装数据包进行解密,得到门禁数据明文。由此,实现了对门禁卡数据的安全下载。In a second aspect, an embodiment of the present application provides a data download method, the method includes: sending a data acquisition request to a server, where the data acquisition request is used to acquire a first data ciphertext; encapsulating a data packet and a random factor S, wherein the encapsulating data packet includes the first data ciphertext; obtaining a PIN, and determining a first key K based on the PIN and the random factor S; based on the first ciphertext The key K decrypts the encapsulated data packet to obtain the plaintext of the access control data. Thus, the secure download of the access control card data is realized.
在上述数据下载方法中,为了验证用户身份的合法性,一种可能的实现方式是,所述数据获取请求包括PIN,所述PIN用于验证用户的身份是否合法。In the above data downloading method, in order to verify the legitimacy of the user's identity, a possible implementation manner is that the data acquisition request includes a PIN, and the PIN is used to verify whether the user's identity is legal.
为了提高数据下载的安全性,一种可能的实现方式是,所述接收所述服务器发送的封装数据包包括:In order to improve the security of data download, a possible implementation manner is that the receiving the encapsulated data packet sent by the server includes:
获取第二密钥EK;Obtain the second key EK;
接收所述服务器发送的加密封装数据包;receiving the encrypted encapsulated data packet sent by the server;
使用所述第二密钥EK对所述加密封装数据包进行解密,得到封装数据包。The encrypted encapsulated data packet is decrypted using the second key EK to obtain an encapsulated data packet.
为了实现数据明文的正常写入,一种可能的实现方式是,所述封装数据包还包括可执行指令,所述基于所述第一密钥K对所述封装数据包进行解密,得到门禁数据明文包括:In order to realize normal writing of data plaintext, a possible implementation manner is that the encapsulated data packet further includes executable instructions, and the encapsulated data packet is decrypted based on the first key K to obtain access control data The plaintext includes:
获取所述封装数据包中的第一数据密文,基于所述第一密钥K对所述第一数据密 文进行解密,得到门禁数据明文;Obtain the first data ciphertext in the encapsulated data packet, decrypt the first data ciphertext based on the first key K, and obtain the access control data plaintext;
获取所述封装数据包中的可执行指令,基于所述可执行指令对所述门禁数据明文执行写入操作。Obtain executable instructions in the encapsulated data package, and perform a write operation on the plaintext of the access control data based on the executable instructions.
第三方面,本申请实施例提供了一种芯片,来实现前述的数据上传方法,应用于电子设备,所述芯片包括:In a third aspect, an embodiment of the present application provides a chip to implement the aforementioned data uploading method, which is applied to an electronic device, and the chip includes:
获取模块,用于获取待上传门禁数据;The acquisition module is used to acquire the access control data to be uploaded;
发送模块,用于响应于用户的输入,向服务器发送PIN,其中,所述PIN用于验证用户的身份是否合法;a sending module, configured to send a PIN to the server in response to the user's input, wherein the PIN is used to verify whether the user's identity is legal;
接收模块,用于接收所述服务器发送的第一确认信息,创建随机因子S,所述第一确认信息用于确认用户身份的验证是否成功;a receiving module, configured to receive the first confirmation information sent by the server, create a random factor S, and the first confirmation information is used to confirm whether the verification of the user identity is successful;
加密模块,用于基于所述PIN及所述随机因子S确定第一密钥K,基于所述第一密钥K对所述待上传门禁数据进行加密,得到第一数据密文;an encryption module, configured to determine a first key K based on the PIN and the random factor S, and encrypt the access control data to be uploaded based on the first key K to obtain a first data ciphertext;
上传模块,用于将所述第一数据密文及所述随机因子S上传至所述服务器。An uploading module, configured to upload the first data ciphertext and the random factor S to the server.
其中一种可能的实现方式中,所述芯片还包括:In one possible implementation manner, the chip further includes:
注册模块,用于向所述服务器发送用户注册请求,其中,所述用户注册请求用于在所述服务器上注册用户身份,所述用户注册请求包括所述PIN;接收所述服务器发送的第二确认信息,其中,所述第二确认信息用于确认所述用户的注册是否成功。a registration module, configured to send a user registration request to the server, wherein the user registration request is used to register a user identity on the server, and the user registration request includes the PIN; Confirmation information, wherein the second confirmation information is used to confirm whether the registration of the user is successful.
其中一种可能的实现方式中,所述电子设备包括签名公钥,所述服务器包括签名私钥及第二私钥所述芯片还包括:In one possible implementation manner, the electronic device includes a signature public key, the server includes a signature private key and a second private key, and the chip further includes:
证书获取模块,用于获取签名第一证书,其中,所述签名第一证书由所述服务器使用所述签名私钥对第一证书进行签名后获得,所述第一证书由所述服务器签发,所述第一证书包括第一公钥;a certificate obtaining module, configured to obtain a signed first certificate, wherein the signed first certificate is obtained after the server signs the first certificate with the signing private key, and the first certificate is issued by the server, the first certificate includes a first public key;
通道建立模块,用于创建随机数RA,向所述服务器发送安全通道建立请求,其中,所述安全通道建立请求包括所述随机数RA及所述签名第一证书;a channel establishment module, configured to create a random number RA, and send a secure channel establishment request to the server, wherein the secure channel establishment request includes the random number RA and the signed first certificate;
接收所述服务器发送的随机数RB、随机数密文CRA及签名第二证书,其中,所述随机数RB由所述服务器创建,所述随机数密文CRA由所述服务器使用第二密钥EK加密后获得,所述第二密钥EK基于所述随机数RA、所述随机数RB、所述第一公钥及所述第二私钥确定;Receive a random number RB, a random number ciphertext CRA and a signed second certificate sent by the server, wherein the random number RB is created by the server, and the random number ciphertext CRA is used by the server with a second key Obtained after EK encryption, the second key EK is determined based on the random number RA, the random number RB, the first public key and the second private key;
使用所述签名公钥对所述签名第二证书进行身份验证,若所述身份验证通过,则获取所述第二证书中的第二公钥,其中,所述第二公钥与所述第二私钥为一对非对称公私钥;Use the signature public key to perform identity verification on the signed second certificate, and if the identity verification is passed, obtain a second public key in the second certificate, wherein the second public key is the same as the first public key. The second private key is a pair of asymmetric public and private keys;
获取第一私钥,基于所述随机数RA、所述随机数RB、所述第一私钥及所述第二公钥确定第二密钥EK,其中,所述第一私钥与所述第一公钥为一对非对称公私钥;Obtain a first private key, and determine a second key EK based on the random number RA, the random number RB, the first private key and the second public key, wherein the first private key and the The first public key is a pair of asymmetric public and private keys;
使用所述第二密钥EK对所述随机数密文CRA进行解密,得到随机数RA’;Use the second key EK to decrypt the random number ciphertext CRA to obtain a random number RA';
若所述随机数RA与解密得到的随机数RA’一致,则与所述服务器建立安全通道,并确定所述第二密钥EK为所述安全通道的会话密钥。If the random number RA is consistent with the random number RA' obtained by decryption, a secure channel is established with the server, and the second key EK is determined as the session key of the secure channel.
其中一种可能的实现方式中,所述加密模块还用于基于所述第一密钥K对所述待上传门禁数据进行加密,得到第二数据密文;使用所述第二密钥EK对所述第二数据 密文进行加密,得到第一数据密文。In one possible implementation manner, the encryption module is further configured to encrypt the access control data to be uploaded based on the first key K to obtain a second data ciphertext; use the second key EK to pair The second data ciphertext is encrypted to obtain the first data ciphertext.
其中一种可能的实现方式中,所述加密模块还用于基于所述随机因子S计算摘要值,基于所述摘要值确定初始向量;基于所述第一密钥K及所述初始向量对所述待上传门禁数据进行加密,得到第一数据密文。In one possible implementation manner, the encryption module is further configured to calculate a digest value based on the random factor S, and determine an initial vector based on the digest value; The access control data to be uploaded is encrypted to obtain the first data ciphertext.
第四方面,本申请还提供了一种芯片,来实现前述的数据下载方法,应用于电子设备,所述芯片包括:In a fourth aspect, the present application further provides a chip to implement the aforementioned data downloading method, which is applied to an electronic device, and the chip includes:
请求模块,用于向服务器发送数据获取请求,其中,所述数据获取请求用于获取第一数据密文;a request module, configured to send a data acquisition request to the server, wherein the data acquisition request is used to acquire the first data ciphertext;
下载模块,用于接收所述服务器发送的封装数据包及随机因子S,其中,所述封装数据包包括所述第一数据密文;a download module, configured to receive an encapsulated data packet and a random factor S sent by the server, wherein the encapsulated data packet includes the first data ciphertext;
获取模块,用于获取PIN,基于所述PIN及所述随机因子S确定第一密钥K;an acquisition module, configured to acquire a PIN, and determine a first key K based on the PIN and the random factor S;
解密模块,用于基于所述第一密钥K对所述封装数据包进行解密,得到门禁数据明文。A decryption module, configured to decrypt the encapsulated data packet based on the first key K to obtain access control data plaintext.
其中一种可能的实现方式中,所述数据获取请求包括PIN,所述PIN用于验证用户的身份是否合法。In one possible implementation manner, the data acquisition request includes a PIN, and the PIN is used to verify whether the user's identity is legal.
其中一种可能的实现方式中,所述下载模块还用于获取第二密钥EK;接收所述服务器发送的加密封装数据包;使用所述第二密钥EK对所述加密封装数据包进行解密,得到封装数据包。In one possible implementation manner, the download module is further configured to obtain a second key EK; receive an encrypted packaged data packet sent by the server; Decrypt to get the encapsulated data packet.
其中一种可能的实现方式中,所述封装数据包还包括可执行指令,所述解密模块还用于获取所述封装数据包中的第一数据密文,基于所述第一密钥K对所述第一数据密文进行解密,得到门禁数据明文;获取所述封装数据包中的可执行指令,基于所述可执行指令对所述门禁数据明文执行写入操作。In one possible implementation manner, the encapsulated data packet further includes executable instructions, and the decryption module is further configured to obtain the first data ciphertext in the encapsulated data packet, based on the first key K pair Decrypt the first data ciphertext to obtain access control data plaintext; obtain executable instructions in the encapsulated data packet, and perform a write operation on the access control data plaintext based on the executable instructions.
第五方面,本申请实施例提供一种电子设备,包括:存储器、处理器及存储在存储器上并可在处理器上运行的计算机程序,所述处理器执行所述计算机程序时,使得电子设备执行如第一方面或第二方面所述的方法。In a fifth aspect, an embodiment of the present application provides an electronic device, including: a memory, a processor, and a computer program stored on the memory and executable on the processor, when the processor executes the computer program, the electronic device A method as described in the first aspect or the second aspect is performed.
第六方面,本申请实施例提供一种计算机可读存储介质,该计算机可读存储介质中存储有计算机程序,当其在计算机上运行时,使得计算机执行如第一方面或第二方面所述的方法。In a sixth aspect, embodiments of the present application provide a computer-readable storage medium, where a computer program is stored in the computer-readable storage medium, and when it runs on a computer, causes the computer to execute as described in the first aspect or the second aspect Methods.
第七方面,本申请实施例提供一种计算机程序,当上述计算机程序被计算机执行时,用于执行第一方面或第二方面所述的方法。In a seventh aspect, an embodiment of the present application provides a computer program, which is used to execute the method described in the first aspect or the second aspect when the computer program is executed by a computer.
在一种可能的设计中,第七方面中的程序可以全部或者部分存储在与处理器封装在一起的存储介质上,也可以部分或者全部存储在不与处理器封装在一起的存储器上。In a possible design, the program in the seventh aspect may be stored in whole or in part on a storage medium packaged with the processor, or may be stored in part or in part in a memory not packaged with the processor.
附图说明Description of drawings
图1为对称加密技术的示意图;Fig. 1 is the schematic diagram of symmetric encryption technology;
图2为非对称加密技术的示意图;Fig. 2 is the schematic diagram of asymmetric encryption technology;
图3为本申请实施例提供的应用场景架构示意图;FIG. 3 is a schematic diagram of an application scenario architecture provided by an embodiment of the present application;
图4为本申请实施例提供的数据上传方法及数据下载方法的流程示意图;4 is a schematic flowchart of a data uploading method and a data downloading method provided by an embodiment of the present application;
图5为本申请实施例提供的加密流程图;FIG. 5 is an encryption flowchart provided by an embodiment of the present application;
图6为本申请实施例提供的安全通道建立流程图;6 is a flowchart for establishing a secure channel provided by an embodiment of the present application;
图7为本申请实施例提供的解密流程图;FIG. 7 is a decryption flowchart provided by the embodiment of the present application;
图8和图9为本申请实施例提供的芯片的结构示意图;8 and 9 are schematic structural diagrams of chips provided by embodiments of the present application;
图10为本申请实施例提供的电子设备的结构示意图。FIG. 10 is a schematic structural diagram of an electronic device provided by an embodiment of the present application.
具体实施方式Detailed ways
下面详细描述本申请的实施例,所述实施例的示例在附图中示出,其中自始至终相同或类似的标号表示相同或类似的元件或具有相同或类似功能的元件。下面通过参考附图描述的实施例是示例性的,旨在用于解释本申请技术方案,而不能理解为对本申请的限制。The following describes in detail the embodiments of the present application, examples of which are illustrated in the accompanying drawings, wherein the same or similar reference numerals refer to the same or similar elements or elements having the same or similar functions throughout. The embodiments described below with reference to the accompanying drawings are exemplary, and are intended to be used to explain the technical solutions of the present application, but should not be construed as limitations on the present application.
下面参考附图描述本申请实施例的数据上传方法及数据下载方法,以及电子设备、计算机可读存储介质。The data uploading method and the data downloading method, the electronic device, and the computer-readable storage medium of the embodiments of the present application are described below with reference to the accompanying drawings.
为了清楚地说明本申请实施例所提供的数据上传方法及数据下载方法,首先对加密技术进行说明。In order to clearly describe the data uploading method and the data downloading method provided by the embodiments of the present application, the encryption technology will be described first.
在数据从发送方传输到接收方的过程中,数据传输双方不希望被传输的数据被第三方获取,发送方便使用加密技术对数据进行加密。In the process of data transmission from the sender to the receiver, the data transmission parties do not want the transmitted data to be acquired by a third party, and it is convenient to use encryption technology to encrypt the data.
在加密过程中,将要传输的数据称为原文,对原文进行加密,即可得到密文,密文通常为乱码的形式。将密文在公开信道上进行传输,即便第三方拦截了信息,也只能得到密文,无法获取原文。In the encryption process, the data to be transmitted is called the original text, and the cipher text can be obtained by encrypting the original text, and the cipher text is usually in the form of garbled characters. If the ciphertext is transmitted on an open channel, even if a third party intercepts the information, only the ciphertext can be obtained, but the original text cannot be obtained.
发送方使用加密技术对原文进行加密,将密文发送给接收方。相应地,接收方收到密文后,需要对密文进行解密,即可将密文还原为原文,从而实现将数据从发送方加密传输至接收方。The sender uses encryption technology to encrypt the original text and sends the ciphertext to the receiver. Correspondingly, after receiving the ciphertext, the receiver needs to decrypt the ciphertext to restore the ciphertext to the original text, thereby realizing encrypted transmission of data from the sender to the receiver.
加密技术包括两个重要因素:加密算法和密钥,加密算法将原文与密钥进行运算,即可得到密文。Encryption technology includes two important factors: encryption algorithm and key. The encryption algorithm calculates the original text and the key to obtain the ciphertext.
相关技术中,加密技术可以分为两类,一类是对称加密技术,一类是非对称加密技术。In the related art, encryption technology can be divided into two categories, one is symmetric encryption technology, and the other is asymmetric encryption technology.
图1为对称加密技术的示意图。如图1所示,在对称加密技术中,数据加密和解密时使用的密钥相同,也就是说,发送方在加密时,接收方在解密时使用相同的密钥。一旦密钥被第三方获知,即可使用该密钥对截获的密文进行解密,加密技术即被破解。因此,对称加密技术中,密钥只能由发送方和接收方获知,不同的发送方和接收方在数据传输过程中会使用不同的密钥。FIG. 1 is a schematic diagram of symmetric encryption technology. As shown in Figure 1, in symmetric encryption technology, the same key is used for data encryption and decryption, that is, the sender uses the same key when encrypting and the receiver uses the same key when decrypting. Once the key is known to a third party, the intercepted ciphertext can be decrypted using the key, and the encryption technology is broken. Therefore, in symmetric encryption technology, the key can only be known by the sender and receiver, and different senders and receivers will use different keys during data transmission.
图2为非对称加密技术的示意图。如图2所示,在非对称加密技术中,使用一组密钥对完成数据加密和解密,一组密钥包括公钥和私钥。公钥由接收方向公众公开,发送方在与接收方进行数据传输时,使用接收方公开的公钥,对原文进行加密。接收方收到密文后,使用与公钥对应的私钥对密文进行解密。对于接收方来说,使用一组密钥对即可实现与多个发送方之间的数据传输加密。FIG. 2 is a schematic diagram of asymmetric encryption technology. As shown in Figure 2, in asymmetric encryption technology, data encryption and decryption are completed using a set of key pairs, and a set of keys includes a public key and a private key. The public key is disclosed to the public by the receiver, and the sender uses the public key disclosed by the receiver to encrypt the original text when transmitting data with the receiver. After receiving the ciphertext, the receiver decrypts the ciphertext using the private key corresponding to the public key. For the receiver, data transmission with multiple senders can be encrypted using a set of key pairs.
需要说明的是,与对称加密技术不同的是,非对称加密技术中,公钥和私钥形成一组密钥对,公钥和私钥不同,且无法根据公钥确定对应的私钥。It should be noted that, unlike symmetric encryption technology, in asymmetric encryption technology, the public key and the private key form a set of key pairs, the public key and the private key are different, and the corresponding private key cannot be determined based on the public key.
此外,与对称加密技术相似的是,非对称加密技术中,使用公钥进行加密,可以 使用对应的私钥进行解密,若使用私钥进行加密,则也可以使用对应的公钥进行解密。也就是说,一组密钥对中,公钥和私钥的区分不在于用于加密还是解密,而是在于是否向公众公开,向公众公开的即被称为公钥,不能被他人知悉的被称为私钥。In addition, similar to the symmetric encryption technology, in the asymmetric encryption technology, the public key is used for encryption, and the corresponding private key can be used for decryption. If the private key is used for encryption, the corresponding public key can also be used for decryption. That is to say, in a set of key pairs, the distinction between the public key and the private key lies not in whether they are used for encryption or decryption, but in whether they are open to the public. is called the private key.
目前,手机的功能越来越强大,门禁卡在手机中的应用也越来越普遍。市场上的高端手机大多具有安装门禁卡和复制门禁卡的功能。然而,当一台手机中的门禁卡数据在向另一台手机进行迁移时,由于在迁移过程中可能受到攻击,导致门禁卡信息泄露,因此,存在信息安全风险,由此可能对企业造成经济损失以及带来安全隐患。At present, the functions of mobile phones are becoming more and more powerful, and the application of access control cards in mobile phones is becoming more and more common. Most of the high-end mobile phones on the market have the function of installing access control cards and copying access control cards. However, when the access control card data in one mobile phone is migrated to another mobile phone, the access control card information may be leaked due to possible attacks during the migration process. Therefore, there is an information security risk, which may cause economic losses to the enterprise. losses and safety hazards.
为了解决上述问题,本申请实施例提出了一种数据上传方法及数据下载方法,通过一台手机对待迁移的门禁卡数据进行加密后,发送至服务器,并在另一台手机中对上述门禁卡数据进行下载,由此完成门禁卡数据的迁移,可以保证门禁卡数据的安全传输。In order to solve the above problems, the embodiments of the present application propose a method for uploading data and a method for downloading data. After encrypting the access control card data to be migrated through a mobile phone, the data is sent to a server, and the access control card data is encrypted in another mobile phone. The data is downloaded, thereby completing the migration of the access control card data, which can ensure the safe transmission of the access control card data.
图3为本申请实施例的应用场景图。如图3所示,门禁卡30包含门禁卡数据,该门禁卡30可以是一张实体卡片(例如,IC卡或芯片卡等)。第一设备311及第一设备312可以是移动终端(例如,手机)。第二设备32可以是服务器。第一设备311可以从门禁卡30出读取门禁卡数据,并将门禁卡数据加密后上传至第二设备32,第一设备312可以从第二设备32出下载加密的门禁卡数据,并对加密的门禁卡数据进行解密,由此可以获得门禁卡数据,进而完成门禁卡数据的安全迁移。FIG. 3 is an application scenario diagram of an embodiment of the present application. As shown in FIG. 3 , the access control card 30 contains access control card data, and the access control card 30 may be a physical card (eg, an IC card or a chip card, etc.). The first device 311 and the first device 312 may be mobile terminals (eg, cell phones). The second device 32 may be a server. The first device 311 can read the access control card data from the access control card 30, encrypt the access control card data and upload it to the second device 32, and the first device 312 can download the encrypted access control card data from the second device 32, and upload the encrypted access control card data to the second device 32. The encrypted access control card data is decrypted to obtain the access control card data, thereby completing the secure migration of the access control card data.
可以理解的是,上述示例仅示例性的示出了门禁卡数据的场景,并不构成对本申请实施例的限定。在一些实施例中,也可以包括其他安全数据的场景,也就是说,上述门禁卡30也可以是包括其他安全数据的实体卡片或设备。It can be understood that, the above examples merely illustrate the scenario of access control card data, and do not constitute a limitation to the embodiments of the present application. In some embodiments, scenarios of other security data may also be included, that is, the above-mentioned access control card 30 may also be a physical card or device including other security data.
其中,移动终端也可以称为终端设备、用户设备(User Equipment,UE)、接入终端、用户单元、用户站、移动站、移动台、远方站、远程终端、移动设备、用户终端、无线通信设备、用户代理或用户装置。移动终端可以是蜂窝电话、无绳电话、个人数字处理(Personal Digital Assistant,PDA)设备、具有无线通信功能的手持设备、计算设备或手持式通信设备、手持式计算设备、卫星无线设备、和/或用于在无线系统上进行通信的其它设备以及下一代通信系统,例如,5G网络中的移动终端或者未来演进的公共陆地移动网络(Public Land Mobile Network,PLMN)网络中的移动终端等。该移动终端还可以是可穿戴设备。可穿戴设备也可以称为穿戴式智能设备,是应用穿戴式技术对日常穿戴进行智能化设计、开发出可以穿戴的设备的总称,如眼镜、手套、手表、服饰及鞋等。可穿戴设备即直接穿在身上,或是整合到用户的衣服或配件的一种便携式设备。可穿戴设备不仅仅是一种硬件设备,更是通过软件支持以及数据交互、云端交互来实现强大的功能。广义穿戴式智能设备包括功能全、尺寸大、可不依赖智能手机实现完整或者部分的功能,如智能手表或智能眼镜等,以及只专注于某一类应用功能,需要和其它设备如智能手机配合使用,如各类进行体征监测的智能手环、智能首饰等。The mobile terminal may also be referred to as terminal equipment, user equipment (User Equipment, UE), access terminal, subscriber unit, subscriber station, mobile station, mobile station, remote station, remote terminal, mobile device, user terminal, wireless communication device, user agent, or user device. The mobile terminal may be a cellular telephone, a cordless telephone, a Personal Digital Assistant (PDA) device, a handheld device with wireless communication capabilities, a computing device or a handheld communication device, a handheld computing device, a satellite wireless device, and/or Other devices for communicating on wireless systems and next-generation communication systems, such as mobile terminals in 5G networks or mobile terminals in a future evolved Public Land Mobile Network (PLMN) network, etc. The mobile terminal may also be a wearable device. Wearable devices can also be called wearable smart devices, which are the general term for the intelligent design of daily wear and the development of wearable devices using wearable technology, such as glasses, gloves, watches, clothing and shoes. A wearable device is a portable device that is worn directly on the body or integrated into the user's clothing or accessories. Wearable device is not only a hardware device, but also realizes powerful functions through software support, data interaction, and cloud interaction. In a broad sense, wearable smart devices include full-featured, large-scale, complete or partial functions without relying on smart phones, such as smart watches or smart glasses, and only focus on a certain type of application function, which needs to be used in conjunction with other devices such as smart phones. , such as various types of smart bracelets and smart jewelry that monitor physical signs.
下文以门禁卡数据为例进行说明,图4为本申请实施例所提供的一种数据上传方法及数据下载方法的流程示意图。为方便公众完整理解本申请的完整方案,将门禁卡30、第一设备311、第一设备312及第二设备32等整个系统中各种角色和设备在不同阶段需要执行的步骤,按照时间线整合到该流程的描述中,这些阶段包括但不限于用 户注册阶段、设备注册阶段、数据读取阶段、数据上传阶段及数据下载阶段,应该理解,对于实施数据上传或数据下载的设备而言,其在正常的数据上传或数据下载过程中只需要执行该流程中终端设备(例如,第一设备311或第一设备312)所需要执行的那些步骤即可,即可以理解本申请实施例提供的数据上传方法或数据下载方法的执行主体主要为终端设备。如图4所示,该方法包括:The following description takes the access control card data as an example. FIG. 4 is a schematic flowchart of a data uploading method and a data downloading method provided by an embodiment of the present application. In order to facilitate the public to fully understand the complete scheme of this application, the steps that various roles and devices in the entire system such as the access control card 30, the first device 311, the first device 312, and the second device 32 need to be performed at different stages are listed according to the timeline. Incorporated into the description of the process, these stages include but are not limited to the user registration stage, device registration stage, data reading stage, data uploading stage and data downloading stage. It should be understood that for devices that implement data uploading or data downloading, In the normal data upload or data download process, it only needs to perform those steps that the terminal device (for example, the first device 311 or the first device 312 ) needs to perform in the process, that is, it can be understood that the The execution subject of the data uploading method or the data downloading method is mainly a terminal device. As shown in Figure 4, the method includes:
步骤401,第一设备311向第二设备32发送用户注册请求。Step 401 , the first device 311 sends a user registration request to the second device 32 .
具体地,用户可以在第一设备311(例如,手机)的应用(APP)中进行操作,以完成用户在第二设备32(例如,服务器)上的身份注册,其中,该第二设备32可以与该应用对应,例如,该第二设备32可以是提供该应用服务的服务器。示例性的,用户可以在第一设备311中打开一个应用(APP),该应用可以用于读取门禁卡30中的门禁卡数据,并可以将门禁卡数据发送给第二设备32。在具体实现时,该应用可以是钱包应用,也可以是具有上述相同功能的其他类型的应用,本申请实施例对此不作特殊限定。接着,用户可以在上述应用中输入用户信息(例如,用户账号及密码)及个人身份号(Personal Identification Number,PIN),并可以点击注册功能;可以理解的是,上述PIN可以是一个秘密值,该PIN可以用于验证用户的身份。可选地,该PIN可以在第一设备311中进行哈希运算,由此可以得到该PIN的哈希值。响应于用户的操作,第一设备311可以向第二设备32发送用户注册请求,其中,该用户注册请求可以包括上述用户信息及PIN。需要说明的是,如果上述第一设备311通过对PIN进行哈希运算得到PIN的哈希值后,上述用户注册请求也可以包括用户信息及PIN的哈希值。Specifically, the user may operate in an application (APP) of the first device 311 (eg, a mobile phone) to complete the user's identity registration on the second device 32 (eg, a server), where the second device 32 may Corresponding to the application, for example, the second device 32 may be a server providing the application service. Exemplarily, the user can open an application (APP) in the first device 311 , the application can be used to read the access card data in the access card 30 , and can send the access card data to the second device 32 . During specific implementation, the application may be a wallet application, or may be other types of applications having the same functions as described above, which are not particularly limited in this embodiment of the present application. Then, the user can input user information (for example, user account and password) and personal identification number (Personal Identification Number, PIN) in the above-mentioned application, and can click the registration function; it can be understood that the above-mentioned PIN can be a secret value, This PIN can be used to authenticate the user's identity. Optionally, the PIN may be hashed in the first device 311, thereby obtaining the hash value of the PIN. In response to the user's operation, the first device 311 may send a user registration request to the second device 32, where the user registration request may include the above-mentioned user information and PIN. It should be noted that, if the first device 311 obtains the hash value of the PIN by performing a hash operation on the PIN, the user registration request may also include user information and the hash value of the PIN.
步骤402,第二设备32向第一设备311反馈确认信息。Step 402 , the second device 32 feeds back confirmation information to the first device 311 .
具体地,第二设备32接收到上述第一设备311的用户注册请求后,可以获取上述用户注册请求中的用户信息及PIN,并可以基于上述用户信息及PIN完成用户在第二设备32上的注册。在具体实现时,第二设备32接收到上述用户注册请求中的用户信息及PIN后,可以基于上述用户信息及PIN创建用户账号,并可以将上述用户账号及PIN存储在本地数据库中,接着,第二设备32可以向第一设备311反馈确认信息,该确认信息可以用于通知第一设备311,用户是否注册成功。示例性的,该确认信息可以包括成功或失败,若第一设备311接收到成功消息,则可以确认用户注册成功,若第一设备311接收到失败消息,则可以确认用户注册失败。Specifically, after receiving the user registration request from the first device 311, the second device 32 can obtain the user information and PIN in the user registration request, and can complete the user registration on the second device 32 based on the user information and PIN. register. In specific implementation, after receiving the user information and PIN in the above-mentioned user registration request, the second device 32 can create a user account based on the above-mentioned user information and PIN, and can store the above-mentioned user account and PIN in the local database, and then, The second device 32 may feed back confirmation information to the first device 311, and the confirmation information may be used to notify the first device 311 whether the user registration is successful. Exemplarily, the confirmation information may include success or failure. If the first device 311 receives the success message, it can confirm that the user registration is successful, and if the first device 311 receives the failure message, it can confirm that the user registration fails.
可选地,若上述用户注册请求中包括用户信息及PIN的哈希值,则第二设备32可以基于上述用户信息及PIN的哈希值完成用户在第二设备32上的注册,具体注册的过程可以参考上述通过用户信息及PIN完成在第二设备32上的注册的过程,在此不再赘述。Optionally, if the above-mentioned user registration request includes the hash value of the user information and the PIN, the second device 32 can complete the registration of the user on the second device 32 based on the above-mentioned user information and the hash value of the PIN. For the process, reference may be made to the above-mentioned process of completing the registration on the second device 32 through the user information and the PIN, and details are not repeated here.
步骤403,第一设备311获取签名安全芯片证书CERT.SE.CA。Step 403, the first device 311 obtains the signed security chip certificate CERT.SE.CA.
具体地,安全芯片证书CERT.SE可以由第二设备32签发,上述安全芯片证书CERT.SE中可以包含SE公钥PK.SE。上述安全芯片证书CERT.SE可以用于协商第一设备311与第二设备32之间的安全通道的会话密钥,以在第一设备311与第二设备 32之间建立安全通道。此外,上述第二设备32对上述安全芯片证书CERT.SE进行签发时,还可以使用签名私钥SK.CA对上述安全芯片证书CERT.SE进行签名,由此可以得到签名安全芯片证书CERT.SE.CA。Specifically, the security chip certificate CERT.SE may be issued by the second device 32, and the security chip certificate CERT.SE may contain the SE public key PK.SE. The above-mentioned secure chip certificate CERT.SE can be used to negotiate the session key of the secure channel between the first device 311 and the second device 32, so as to establish the secure channel between the first device 311 and the second device 32. In addition, when the above-mentioned second device 32 issues the above-mentioned security chip certificate CERT.SE, it can also use the signature private key SK.CA to sign the above-mentioned security chip certificate CERT.SE, thereby obtaining the signed security chip certificate CERT.SE .CA.
在具体实现时,第一设备311可以预先将SE公钥PK.SE发送给第二设备32,第二设备32可以基于上述SE公钥PK.SE生成安全芯片证书CERT.SE,也就是说,上述安全芯片证书CERT.SE中可以包含上述SE公钥PK.SE。接着,第二设备32可以创建一对非对称签名公私钥,例如,签名私钥SK.CA及签名公钥PK.CA,其中,签名私钥SK.CA用于对上述安全芯片证书CERT.SE进行签名,以得到签名安全芯片证书CERT.SE.CA;签名公钥PK.CA用于对上述签名安全芯片证书CERT.SE.CA进行解签,以验证该安全芯片证书CERT.SE的身份。因此,第二设备32可以使用上述签名私钥SK.CA对上述安全芯片证书CERT.SE进行签名,得到签名安全芯片证书CERT.SE.CA。第一设备311在出厂时可以将上述签名安全芯片证书CERT.SE.CA预置在第一设备311的安全芯片中。During specific implementation, the first device 311 may send the SE public key PK.SE to the second device 32 in advance, and the second device 32 may generate the security chip certificate CERT.SE based on the above SE public key PK.SE, that is, The above-mentioned security chip certificate CERT.SE may contain the above-mentioned SE public key PK.SE. Next, the second device 32 can create a pair of asymmetric signature public and private keys, for example, the signature private key SK.CA and the signature public key PK.CA, wherein the signature private key SK.CA is used to verify the above-mentioned security chip certificate CERT.SE The signature is performed to obtain the signed security chip certificate CERT.SE.CA; the signature public key PK.CA is used to de-sign the above-mentioned signed security chip certificate CERT.SE.CA to verify the identity of the security chip certificate CERT.SE. Therefore, the second device 32 can use the above-mentioned signature private key SK.CA to sign the above-mentioned security chip certificate CERT.SE, and obtain the signed security chip certificate CERT.SE.CA. The first device 311 may preset the above-mentioned signed security chip certificate CERT.SE.CA in the security chip of the first device 311 when it leaves the factory.
此外,第一设备312与第二设备32之间也可以建立安全通道,也就是说,第一设备312在出厂时也可以在第一设备312的安全芯片中预置上述由第二设备32签发的签名安全芯片证书CERT.SE.CA。In addition, a secure channel can also be established between the first device 312 and the second device 32 , that is, the first device 312 can also be preset in the security chip of the first device 312 when it leaves the factory. The signed security chip certificate CERT.SE.CA.
步骤404,第一设备311向门禁卡30发送读取指令,读取门禁卡30中的门禁卡数据。Step 404 , the first device 311 sends a read instruction to the access control card 30 to read the access control card data in the access control card 30 .
具体地,用户可以在第一设备311中进行操作,以读取门禁卡30中的门禁卡数据。示例性的,用户在第一设备311中的应用(例如,钱包应用)中进行操作(例如,点击用于读取门禁卡数据的控件)。响应于用户的操作,第一设备311向门禁卡30发送读取指令,以读取门禁卡30中的门禁卡数据。在具体实现时,响应于用户的操作,第一设备311可以通过SE向门禁卡30发送读取指令,以使得该SE可以读取门禁卡30中的门禁卡数据,并可以将读取得到的门禁卡数据存储在SE中。Specifically, the user can perform operations in the first device 311 to read the access control card data in the access control card 30 . Exemplarily, the user operates in an application (eg, a wallet application) in the first device 311 (eg, clicks on a control for reading access card data). In response to the user's operation, the first device 311 sends a read instruction to the access control card 30 to read the access control card data in the access control card 30 . In specific implementation, in response to the user's operation, the first device 311 can send a read instruction to the access control card 30 through the SE, so that the SE can read the access control card data in the access control card 30, and can read the obtained data. Access card data is stored in SE.
需要说明的是,在门禁卡30中存储的门禁卡数据可以是明文数据,也可以是密文数据,该密文数据可以是通过预置的密钥进行加密的数据。第一设备311获取到上述密文数据后,可以根据预置的密钥进行解密,由此可以得到明文数据。因此,上述门禁卡30中存储的门禁卡数据是否是明文或密文并不构成对本申请实施例的限定。本申请实施例以最终读取得到门禁卡明文数据为例进行说明。It should be noted that the access control card data stored in the access control card 30 may be plaintext data or ciphertext data, and the ciphertext data may be data encrypted with a preset key. After acquiring the above-mentioned ciphertext data, the first device 311 can decrypt it according to the preset key, thereby obtaining plaintext data. Therefore, whether the access control card data stored in the access control card 30 is in plaintext or ciphertext does not constitute a limitation on the embodiments of the present application. The embodiments of the present application are described by taking an example of finally reading the plaintext data of the access control card.
进一步的,SE读取到上述门禁卡30中的门禁卡数据后,还可以对上述门禁卡数据进行封装,由此可以得到服务器能够识别及处理的数据格式。Further, after reading the access control card data in the access control card 30, the SE can also encapsulate the access control card data, thereby obtaining a data format that can be recognized and processed by the server.
步骤405,第一设备311向第二设备32发送验证请求。Step 405 , the first device 311 sends a verification request to the second device 32 .
具体地,当第一设备311获取到门禁卡30中的门禁卡数据后,可以进一步验证用户的身份是否合法。示例性的,在第一设备311的应用(例如,钱包应用)的显示界面可以显示输入框,该输入框可以用于输入用户信息及PIN。用户可以在上述输入框中输入用户信息及PIN。响应于用户的输入,第一设备311可以向第二设备32发送验证请求,该验证请求可以用于验证用户的身份是否合法,该验证请求包括用户信息及 PIN。Specifically, after the first device 311 acquires the access control card data in the access control card 30, it can further verify whether the user's identity is legal. Exemplarily, an input box may be displayed on a display interface of an application (eg, a wallet application) of the first device 311, and the input box may be used to input user information and a PIN. The user can input user information and PIN in the above input box. In response to the user's input, the first device 311 may send a verification request to the second device 32, where the verification request may be used to verify whether the user's identity is legal, and the verification request includes user information and a PIN.
可选地,第一设备311也可以对上述PIN进行哈希运算,由此可以得到PIN的哈希值,也就是说,上述验证请求可以包括用户信息及PIN的哈希值。Optionally, the first device 311 may also perform a hash operation on the above-mentioned PIN, thereby obtaining a hash value of the PIN, that is, the above-mentioned verification request may include user information and a hash value of the PIN.
步骤406,第二设备32接收到第一设备311发送的验证请求,对用户身份进行验证。Step 406, the second device 32 receives the verification request sent by the first device 311, and verifies the user identity.
具体地,第二设备32接收到第一设备311发送的验证请求后,可以获取上述验证请求中的用户信息及PIN,并可以基于上述用户信息及PIN对用户的身份进行验证,以确定用户的身份是否合法。Specifically, after receiving the verification request sent by the first device 311, the second device 32 can obtain the user information and PIN in the above verification request, and can verify the user's identity based on the above user information and PIN to determine the user's identity. Whether the identity is legal.
示例性的,第二设备32可以基于验证请求中的用户信息在本地数据库中进行查询,由此可以查到与该用户信息对应的PIN。接着,可以将上述查询得到的PIN与验证请求中的PIN进行比对,若查询得到的PIN与验证请求中的PIN一致,则可以确定用户的身份合法;若查询得到的PIN与验证请求中的PIN不一致,则可以确定用户的身份非法。Exemplarily, the second device 32 may query the local database based on the user information in the authentication request, so that the PIN corresponding to the user information may be found. Then, the PIN obtained by the above query can be compared with the PIN in the verification request. If the PIN obtained by the query is consistent with the PIN in the verification request, it can be determined that the user's identity is legal; if the PIN obtained by the query is consistent with the PIN in the verification request If the PINs are inconsistent, it can be determined that the user's identity is illegal.
可选地,若上述验证请求包括用户信息及PIN的哈希值,则第二设备32可以基于验证请求中的用户信息在本地数据库中进行查询,由此可以查到与该用户信息对应的PIN的哈希值。接着,第二设备32可以对查询得到的与该用户信息对应的PIN的哈希值进行哈希运算,由此可以得到查询得到的与该用户信息对应的PIN;并可以对验证请求中的PIN的哈希值进行哈希运算,由此可以得到验证请求中的PIN。然后,可以将上述查询得到的与该用户信息对应的PIN与验证请求中的PIN进行比对,若查询得到的与该用户信息对应的PIN与验证请求中的PIN一致,则可以确定用户的身份合法;若查询得到的与该用户信息对应的PIN与验证请求中的PIN不一致,则可以确定用户的身份非法。Optionally, if the above verification request includes the user information and the hash value of the PIN, then the second device 32 can query in the local database based on the user information in the verification request, so that the PIN corresponding to the user information can be found. hash value. Next, the second device 32 can perform a hash operation on the hash value of the PIN corresponding to the user information obtained through the query, thereby obtaining the PIN corresponding to the user information obtained through the query; and can verify the PIN in the request. The PIN in the verification request can be obtained by hashing the hash value of . Then, the PIN corresponding to the user information obtained by the above query can be compared with the PIN in the verification request. If the PIN corresponding to the user information obtained by the query is consistent with the PIN in the verification request, the identity of the user can be determined. Legal; if the obtained PIN corresponding to the user information is inconsistent with the PIN in the verification request, it can be determined that the user's identity is illegal.
步骤407,第二设备32向第一设备311反馈验证结果。Step 407 , the second device 32 feeds back the verification result to the first device 311 .
具体地,若第二设备32确定用户身份合法,则可以向第一设备311反馈验证成功消息;若第二设备32确定用户身份非法,则可以向第一设备311反馈验证失败消息。Specifically, if the second device 32 determines that the user identity is valid, it can feed back a verification success message to the first device 311; if the second device 32 determines that the user identity is illegal, it can feed back a verification failure message to the first device 311.
步骤408,第一设备311接收第二设备32发送的验证结果,对门禁卡数据进行加密,得到门禁卡密文。In step 408, the first device 311 receives the verification result sent by the second device 32, encrypts the data of the access control card, and obtains the ciphertext of the access control card.
具体地,第一设备311接收到第二设备32发送的验证结果后,若确定用户身份验证成功,则可以对门禁卡数据进行加密,由此可以得到门禁卡密文。Specifically, after the first device 311 receives the verification result sent by the second device 32 and determines that the user identity verification is successful, it can encrypt the access card data, thereby obtaining the access card ciphertext.
在具体实现时,第一设备311的应用(例如,钱包应用)接收到第二设备32发送的验证结果后,若确定用户身份验证成功,则可以调用SE的接口,向SE发送数据请求,以获得门禁卡密文,其中,上述数据请求可以包括PIN。当SE接收到上述数据请求后,可以获取上述数据请求中的PIN,并可以根据PIN对SE中的门禁卡数据进行加密,由此可以得到门禁卡密文。In specific implementation, after receiving the verification result sent by the second device 32, the application of the first device 311 (for example, the wallet application) can call the interface of the SE and send a data request to the SE if it is determined that the user identity verification is successful. Obtain the ciphertext of the access control card, wherein the above data request may include a PIN. After receiving the above data request, the SE can obtain the PIN in the above data request, and can encrypt the access control card data in the SE according to the PIN, thereby obtaining the ciphertext of the access control card.
现结合图5对上述SE的加密过程进行说明,图5为门禁卡数据加密流程图,包括以下子步骤:Now, the encryption process of the above-mentioned SE will be described in conjunction with Fig. 5. Fig. 5 is a flow chart of data encryption of the access control card, including the following sub-steps:
步骤4081,SE创建随机因子S,基于随机因子S和PIN生成第一密钥K。 Step 4081, the SE creates a random factor S, and generates a first key K based on the random factor S and the PIN.
具体地,SE可以任意创建一个随机因子S,其中,该S可以是任意的一串数据。可以理解的是,该随机因子S的数据长度可以任意指定。接着,SE可以将该S作为盐值,将PIN作为秘密值,并通过KDF函数生成第一密钥K。优选地,上述KDF函数可以是PBKDF2。可以理解的是,上述示例示例性的示出了通过PBKDF2函数生成第一密钥的方式,并不构成对本申请实施例的限定,在一些实施例中,也可以通过其他KDF函数实现。Specifically, SE can arbitrarily create a random factor S, where S can be any string of data. It can be understood that the data length of the random factor S can be arbitrarily specified. Next, the SE can use the S as the salt value, the PIN as the secret value, and generate the first key K through the KDF function. Preferably, the above KDF function may be PBKDF2. It can be understood that the above examples exemplarily show the manner of generating the first key by using the PBKDF2 function, which does not constitute a limitation on the embodiments of the present application. In some embodiments, other KDF functions may also be used to implement.
步骤4082,SE基于随机因子S生成初始向量(Initial Vector,IV)。 Step 4082, the SE generates an initial vector (Initial Vector, IV) based on the random factor S.
具体地,SE可以使用SM3算法对随机因子S进行摘要计算,由此可以获得摘要值,接着,可以取上述摘要值中的低16字节作为初始向量。Specifically, the SE can use the SM3 algorithm to perform digest calculation on the random factor S, thereby obtaining a digest value. Then, the lower 16 bytes of the above digest value can be taken as an initial vector.
需要说明的是,本申请实施例中的摘要计算算法可以是任一种已知的摘要计算算法,本申请实施例对此不做限定。It should be noted that, the digest calculation algorithm in the embodiment of the present application may be any known digest calculation algorithm, which is not limited in the embodiment of the present application.
步骤4083,SE基于第一密钥K及初始向量对门禁卡数据进行加密,得到门禁卡密文。 Step 4083, the SE encrypts the data of the access control card based on the first key K and the initial vector to obtain the ciphertext of the access control card.
具体地,当SE计算得到第一密钥K及初始向量后,可以基于第一密钥K及初始向量,使用SM4算法对门禁卡数据进行加密,上述加密的模式可以是在CBC模式下进行。Specifically, after the SE calculates and obtains the first key K and the initial vector, the SM4 algorithm can be used to encrypt the access control card data based on the first key K and the initial vector, and the encryption mode can be performed in the CBC mode.
其中,上述门禁卡数据的长度可以是16字节的整数倍。在具体实现时,可以通过以下两种方式对门禁卡数据进行加密。Wherein, the length of the access control card data may be an integer multiple of 16 bytes. In the specific implementation, the access control card data can be encrypted in the following two ways.
方式1way 1
将所有门禁卡数据作为一个整体,将16个扇区的数据统一进行加密处理。示例性的,上述门禁卡数据可以是一个门禁卡Data,该Data的数据长度可以是1024字节。当通过上述第一密钥K及初始向量对该Data进行加密后,由此可以得到门禁卡密文Cipher,该门禁卡密文Cipher的长度也可以是1024字节。Take all access control card data as a whole, and encrypt the data of 16 sectors uniformly. Exemplarily, the access control card data may be an access control card Data, and the data length of the Data may be 1024 bytes. After the Data is encrypted by the above-mentioned first key K and the initial vector, the access control card ciphertext Cipher can be obtained, and the length of the access control card ciphertext Cipher can also be 1024 bytes.
方式2way 2
将所有门禁卡数据分为8个数据块,其中,每个数据块包含2个扇区的数据。示例性的,上述门禁卡数据可以是Data1、Data2…DataN,其中,N=8,每个数据块的长度可以是128字节。当通过上述第一密钥K及初始向量对上述Data1、Data2…DataN进行加密后,由此可以得到对应的门禁卡密文Cipher1、Cipher2…CipherN,其中,每个门禁卡密文Cipher的长度可以是128字节。Divide all access control card data into 8 data blocks, each of which contains 2 sectors of data. Exemplarily, the access control card data may be Data1, Data2...DataN, where N=8, and the length of each data block may be 128 bytes. After the above-mentioned Data1, Data2...DataN are encrypted by the above-mentioned first key K and the initial vector, the corresponding access control card ciphertexts Cipher1, Cipher2...CipherN can be obtained, wherein the length of each access control card ciphertext Cipher can be is 128 bytes.
需要说明的是,本申请实施例中的加密算法可以是任一种已知的加密算法,例如,AES、DES等,本申请实施例对此不做限定。此外,上述加密模式也可以是任一种已知的加密模式,例如,GCM、ECB等,本申请实施例对此不做限定。It should be noted that the encryption algorithm in the embodiment of the present application may be any known encryption algorithm, for example, AES, DES, etc., which is not limited in the embodiment of the present application. In addition, the foregoing encryption mode may also be any known encryption mode, for example, GCM, ECB, etc., which is not limited in this embodiment of the present application.
步骤409,第一设备311将门禁卡密文及随机因子S发送至第二设备32。Step 409 , the first device 311 sends the ciphertext of the access control card and the random factor S to the second device 32 .
具体地,第一设备311获取到门禁卡密文后,可以将上述门禁卡密文及随机因子S发送给第二设备32。在具体实现时,第一设备311中的SE通过对门禁卡数据进行加密,并获得门禁卡密文后,可以将该门禁卡密文及随机因子S发送给应用(例如,钱包应用)。当上述应用接收到SE发送的门禁卡密文及随机因子S后,可以将上述 门禁密文及随机因子S发送给第二设备32。Specifically, after acquiring the ciphertext of the access control card, the first device 311 may send the ciphertext of the access control card and the random factor S to the second device 32 . In specific implementation, after the SE in the first device 311 encrypts the access control card data and obtains the ciphertext of the access control card, the ciphertext of the access control card and the random factor S can be sent to an application (for example, a wallet application). After the above-mentioned application receives the ciphertext of the access control card and the random factor S sent by the SE, it can send the above-mentioned ciphertext of the access control card and the random factor S to the second device 32.
可选地,第一设备311将门禁卡密文发送至第二设备32之前,还可以在第一设备311与第二设备32之间建立安全通道,其中,该安全通道可以用于保证第一设备311与第二设备32之间的数据的安全传输。示例性的,第一设备311可以与第二设备32之间在数据传输前协商一个会话密钥,并可以在协商得到该会话密钥后,使用该会话密钥对传输的数据进行加密,由此可以保证数据传输的安全性。Optionally, before the first device 311 sends the ciphertext of the access control card to the second device 32, a security channel may also be established between the first device 311 and the second device 32, wherein the security channel may be used to ensure the first Secure transmission of data between device 311 and second device 32 . Exemplarily, the first device 311 and the second device 32 may negotiate a session key before data transmission, and after negotiating to obtain the session key, use the session key to encrypt the transmitted data, and use the session key to encrypt the transmitted data. This ensures the security of data transmission.
在具体实现时,上述安全通道可以在第一设备311中的应用(例如,钱包应用)与第二设备32之间建立。现结合图6对上述安全通道的建立过程进行说明,图6为安全通道建立流程图,包括以下子步骤:During specific implementation, the above-mentioned secure channel may be established between an application (eg, a wallet application) in the first device 311 and the second device 32 . The establishment process of the above-mentioned security channel will now be described with reference to FIG. 6 . FIG. 6 is a flowchart of the establishment of the security channel, including the following sub-steps:
步骤4091,应用获取SE中的签名安全芯片证书CERT.SE.CA。Step 4091, the application obtains the signed security chip certificate CERT.SE.CA in the SE.
具体地,应用可以调用SE的接口,通过该接口获取SE中的签名安全芯片证书CERT.SE.CA。Specifically, the application can call the interface of the SE, and obtain the signed security chip certificate CERT.SE.CA in the SE through the interface.
步骤4092,应用生成一个随机数RA。Step 4092, the application generates a random number RA.
随机数RA作为第一随机数。The random number RA is used as the first random number.
具体地,本步骤4092与步骤4091的顺序可以不分先后,例如,步骤4092可以在步骤4091之前执行,步骤4092也可以在步骤4091之后执行,步骤4092也可以与步骤4091同时执行,本申请实施例对此不作特殊限定。Specifically, the order of step 4092 and step 4091 can be in no particular order. For example, step 4092 can be executed before step 4091, step 4092 can also be executed after step 4091, and step 4092 can also be executed simultaneously with step 4091. This application implements This example does not make any special restrictions.
步骤4093,应用向第二设备32发送安全通道建立请求。Step 4093 , the application sends a secure channel establishment request to the second device 32 .
具体地,应用获取到上述随机数RA及签名安全芯片证书CERT.SE.CA后,向第二设备32发送安全通道建立请求,该安全通道建立请求可以用于建立上述应用与第二设备32之间的安全通道,该安全通道建立请求可以包括上述随机数RA及签名安全芯片证书CERT.SE.CA。Specifically, after the application obtains the above random number RA and the signed security chip certificate CERT.SE.CA, it sends a secure channel establishment request to the second device 32 , and the secure channel establishment request can be used to establish a relationship between the above application and the second device 32 . The secure channel between the two, the secure channel establishment request may include the above random number RA and the signature secure chip certificate CERT.SE.CA.
步骤4094,第二设备32接收上述应用发送的安全通道建立请求,对该安全通道建立请求进行验证,基于验证结果生成反馈信息。Step 4094, the second device 32 receives the secure channel establishment request sent by the above application, verifies the secure channel establishment request, and generates feedback information based on the verification result.
具体地,第二设备32接收到上述应用发送的安全通道建立请求后,获取上述安全通道建立请求中的随机数RA及签名安全芯片证书CERT.SE.CA,并对上述安全通道建立请求进行验证。Specifically, after receiving the secure channel establishment request sent by the above-mentioned application, the second device 32 obtains the random number RA and the signed security chip certificate CERT.SE.CA in the above-mentioned secure channel establishment request, and verifies the above-mentioned secure channel establishment request .
在具体实现时,上述验证的方式可以是验证签名安全芯片证书CERT.SE的身份。示例性的,由于该签名安全芯片证书CERT.SE.CA由第二设备32签名颁发,因此,第二设备32的本地数据库中存储有与上述签名安全芯片证书CERT.SE.CA对应的签名公钥PK.CA。由此可以使得第二设备32根据上述签名公钥PK.CA对上述签名安全芯片证书CERT.SE.CA进行身份验证,若通过上述签名公钥PK.CA对上述签名安全芯片证书CERT.SE.CA正确解签,则可以确定该安全芯片证书CERT.SE的身份为第一设备311;若通过上述签名公钥PK.CA对上述签名安全芯片证书CERT.SE.CA解签失败,则可以确定该安全芯片证书CERT.SE的身份为非法设备。In specific implementation, the above verification method may be to verify the identity of the signed security chip certificate CERT.SE. Exemplarily, since the signed security chip certificate CERT.SE.CA is signed and issued by the second device 32, the local database of the second device 32 stores the signature public certificate corresponding to the above signed security chip certificate CERT.SE.CA. key PK.CA. Therefore, the second device 32 can perform identity verification on the above-mentioned signed security chip certificate CERT.SE.CA according to the above-mentioned signature public key PK.CA, if the above-mentioned signed security chip certificate CERT.SE.CA is authenticated by the above-mentioned signature public key PK.CA If the CA is correctly de-signed, it can be determined that the identity of the security chip certificate CERT.SE is the first device 311; if the de-signature of the above-mentioned signed security chip certificate CERT.SE.CA through the above-mentioned signature public key PK.CA fails, it can be determined that The identity of the security chip certificate CERT.SE is an illegal device.
接着,若第二设备32确定该安全芯片证书CERT.SE的身份为第一设备311,则可以获取该安全芯片证书CERT.SE中的SE公钥PK.SE,并可以生成一个随机数RB,随机数RB作为第二随机数。Next, if the second device 32 determines that the identity of the security chip certificate CERT.SE is the first device 311, it can obtain the SE public key PK.SE in the security chip certificate CERT.SE, and can generate a random number RB, The random number RB is used as the second random number.
然后,第二设备32可以基于上述随机数RA、随机数RB、SE公钥PK.SE及第二 设备私钥SK.SERVER,使用SM2算法进行计算,得到第二密钥EK,其中,SK.SERVER为第二设备32中预置的第二设备私钥。Then, the second device 32 can use the SM2 algorithm to calculate based on the random number RA, the random number RB, the SE public key PK.SE and the second device private key SK.SERVER to obtain the second key EK, where SK.SE. SERVER is the second device private key preset in the second device 32 .
需要说明的是,本申请实施例中的密钥生成算法可以是任一种已知的密钥生成算法,本申请实施例对此不做限定。It should be noted that the key generation algorithm in the embodiment of the present application may be any known key generation algorithm, which is not limited in the embodiment of the present application.
当第二设备32得到上述第二密钥EK后,可以使用上述EK对上述随机数RA进行加密,由此可以得到随机数密文CRA。优选地,上述对随机数RA进行加密的算法可以是SM4,加密模式可以是ECB。After the second device 32 obtains the above-mentioned second key EK, the above-mentioned random number RA can be encrypted by using the above-mentioned EK, thereby obtaining the random number ciphertext CRA. Preferably, the above-mentioned algorithm for encrypting the random number RA may be SM4, and the encryption mode may be ECB.
需要说明的是,本申请实施例中的加密算法可以是任一种已知的加密算法,本申请实施例对此不做限定。此外,本申请实施例中的加密模式可以是除ECB之外的任一种已知的加密算法,例如,CBC、GCM等,本申请实施例对此不做限定。It should be noted that the encryption algorithm in the embodiment of the present application may be any known encryption algorithm, which is not limited in the embodiment of the present application. In addition, the encryption mode in the embodiment of the present application may be any known encryption algorithm except ECB, for example, CBC, GCM, etc., which is not limited in the embodiment of the present application.
步骤4095,第二设备32向应用发送反馈信息。Step 4095, the second device 32 sends feedback information to the application.
具体地,上述反馈信息可以包括随机数RB、随机数密文CRA及签名第二设备证书CERT.SERVER.CA。其中,上述签名第二设备证书CERT.SERVER.CA可以是第二设备32使用私钥签名SK.CA对上述第二设备证书CERT.SERVER进行签名后获得,上述第二设备证书CERT.SERVER可以包括第二设备公钥PK.SERVER。Specifically, the above feedback information may include the random number RB, the random number ciphertext CRA, and the signed second device certificate CERT.SERVER.CA. The above-mentioned signed second device certificate CERT.SERVER.CA may be obtained after the second device 32 signs the above-mentioned second device certificate CERT.SERVER using the private key signature SK.CA, and the above-mentioned second device certificate CERT.SERVER may include The second device public key PK.SERVER.
步骤4096,应用接收第二设备32发送的反馈信息,将该反馈信息转发给SE。Step 4096, the application receives the feedback information sent by the second device 32, and forwards the feedback information to the SE.
具体地,应用接收到第二设备32发送的反馈信息后,可以将该反馈信息及随机数RA转发给SE。在具体实现时,应用接收到第二设备32发送的反馈信息后,可以完整的将上述反馈信息以及随机数RA转发给SE。示例性的,上述应用可以将上述反馈信息中的随机数RB、随机数密文CRA及签名第二设备证书CERT.SERVER.CA转发给SE,此外,上述应用还可以将上述随机数RA发送给SE。Specifically, after receiving the feedback information sent by the second device 32, the application may forward the feedback information and the random number RA to the SE. During specific implementation, after receiving the feedback information sent by the second device 32, the application may completely forward the foregoing feedback information and the random number RA to the SE. Exemplarily, the above-mentioned application can forward the random number RB, the random number ciphertext CRA and the signed second device certificate CERT.SERVER.CA in the above-mentioned feedback information to the SE, in addition, the above-mentioned application can also send the above-mentioned random number RA to the SE. SE.
步骤4097,SE接收应用转发的反馈信息及随机数RA,对上述反馈信息中的签名第二设备证书CERT.SERVER.CA进行身份验证,获得第二设备公钥PK.SERVER。Step 4097, the SE receives the feedback information and random number RA forwarded by the application, performs identity verification on the signed second device certificate CERT.SERVER.CA in the above feedback information, and obtains the second device public key PK.SERVER.
具体地,SE接收到上述应用转发的反馈信息后,获取上述反馈信息中的签名第二设备证书CERT.SERVER.CA,并可以对上述签名第二设备证书CERT.SERVER.CA进行身份验证。Specifically, after receiving the feedback information forwarded by the above application, the SE obtains the signed second device certificate CERT.SERVER.CA in the above feedback information, and can perform identity verification on the above signed second device certificate CERT.SERVER.CA.
在具体实现时,上述对签名第二设备证书CERT.SERVER.CA进行验证的方式可以是使用签名公钥PK.CA对上述签名第二设备证书CERT.SERVER.CA进行解签,以验证第二设备证书CERT.SERVER的身份。其中,签名公钥PK.CA可以由第二设备32预先发送给第一设备311。示例性的,若上述SE使用上述签名公钥PK.CA对上述签名第二设备证书CERT.SERVER.CA正确解签,则第二设备证书CERT.SERVER的身份为合法的服务器,并可以得到第二设备证书CERT.SERVER;若上述SE使用上述签名公钥PK.CA对上述签名第二设备证书CERT.SERVER.CA解签失败,则无法获取到第二设备证书CERT.SERVER,且可以确定该第二设备证书CERT.SERVER的身份为非法的服务器。In a specific implementation, the above-mentioned way of verifying the signed second device certificate CERT.SERVER.CA may be to use the signature public key PK.CA to de-sign the above-mentioned signed second device certificate CERT.SERVER.CA to verify the second device certificate CERT.SERVER.CA. The identity of the device certificate CERT.SERVER. The signature public key PK.CA may be sent to the first device 311 by the second device 32 in advance. Exemplarily, if the above-mentioned SE uses the above-mentioned signature public key PK.CA to correctly de-sign the above-mentioned signed second device certificate CERT.SERVER.CA, then the identity of the second device certificate CERT.SERVER is a legal server, and the first device certificate CERT.SERVER can be obtained. The second device certificate CERT.SERVER; if the above-mentioned SE fails to de-sign the above-mentioned signed second device certificate CERT.SERVER.CA using the above-mentioned signature public key PK.CA, the second device certificate CERT.SERVER cannot be obtained, and it can be determined that the second device certificate CERT.SERVER cannot be obtained. The identity of the second device certificate CERT.SERVER is an illegal server.
接着,若上述SE判定上述第二设备证书CERT.SERVER的身份为合法的服务器,则可以获取该第二设备证书CERT.SERVER中的第二设备公钥PK.SERVER。Next, if the SE determines that the identity of the second device certificate CERT.SERVER is a legitimate server, the second device public key PK.SERVER in the second device certificate CERT.SERVER can be obtained.
步骤4098,SE确定安全通道的会话密钥。Step 4098, the SE determines the session key of the secure channel.
具体地,上述SE获取到上述第二设备公钥PK.SERVER后,可以基于随机数RA、 随机数RB、SE私钥SK.SE及第二设备公钥PK.SERVER确定第二密钥EK,并可以基于上述第二密钥EK确定会话密钥,其中,该会话密钥用于对在安全通道中传输的数据进行加解密。在具体实现时,上述确定会话密钥的方式可以是:根据随机数RA、随机数RB、SE私钥SK.SE及第二设备公钥PK.SERVER,通过SM2算法中的密钥协商算法计算得到第二密钥EK。接着,可以使用上述第二密钥EK对上述随机数密文CRA进行解密,由此可以得到随机数RA,并可以将上述解密得到的随机数RA与上述应用在本地生成的随机数RA进行比较。若上述解密得到的随机数RA与上述应用在本地生成的随机数RA一致,则可以在第一设备311与第二设备32之间建立安全通道,并可以将上述第二密钥EK作为上述安全通道的会话密钥。若上述解密得到的随机数RA与上述应用在本地生成的随机数RA不一致,则无法获取会话密钥,也就是说,第一设备311与第二设备32之间的安全通道建立失败。Specifically, after obtaining the second device public key PK.SERVER, the SE can determine the second key EK based on the random number RA, the random number RB, the SE private key SK.SE, and the second device public key PK.SERVER, And a session key may be determined based on the above-mentioned second key EK, wherein the session key is used to encrypt and decrypt the data transmitted in the secure channel. In specific implementation, the above-mentioned way of determining the session key may be: according to the random number RA, the random number RB, the SE private key SK.SE and the second device public key PK.SERVER, calculate through the key agreement algorithm in the SM2 algorithm Get the second key EK. Next, the random number ciphertext CRA may be decrypted using the second key EK, thereby obtaining the random number RA, and the random number RA obtained by the decryption may be compared with the random number RA generated locally by the above application . If the random number RA obtained by the above decryption is consistent with the random number RA generated locally by the above application, a secure channel can be established between the first device 311 and the second device 32, and the above second key EK can be used as the above security The session key for the channel. If the random number RA obtained by the above decryption is inconsistent with the random number RA generated locally by the above application, the session key cannot be obtained, that is, the establishment of the secure channel between the first device 311 and the second device 32 fails.
可以理解的是,上述SE私钥SK.SE及上述SE公钥PK.SE是一对非对称公私钥,上述第二设备私钥SK.SERVER及上述第二设备公钥PK.SERVER是一对非对称公私钥。It can be understood that the above-mentioned SE private key SK.SE and the above-mentioned SE public key PK.SE are a pair of asymmetric public and private keys, and the above-mentioned second device private key SK.SERVER and the above-mentioned second device public key PK.SERVER are a pair. Asymmetric public and private keys.
步骤4099,基于确定的会话密钥向第二设备32发送通道建立响应信息,与第二设备32建立安全通道。Step 4099 , based on the determined session key, send channel establishment response information to the second device 32 to establish a secure channel with the second device 32 .
具体地,若第一设备311确定会话密钥,则可以向第二设备32反馈成功信息,由此可以建立第一设备311与第二设备32之间的安全通道,也就是说,第一设备311可以使用上述会话密钥(例如,第二密钥EK)对上述门禁卡密文进行再次加密,并将加密后的门禁卡密文发送给第二设备32,由此可以实现对门禁卡数据的双重保护。举例来说,若Cipher为门禁卡密文,则第一设备311可以使用第二密钥EK对门禁卡密文Cipher进行再次加密后,可以得到加密后的门禁卡密文Cipher_EK。Specifically, if the first device 311 determines the session key, it can feed back success information to the second device 32, thereby establishing a secure channel between the first device 311 and the second device 32, that is, the first device 311 can use the above-mentioned session key (for example, the second key EK) to re-encrypt the above-mentioned ciphertext of the access control card, and send the encrypted ciphertext of the access control card to the second device 32, so that the access control card data can be encrypted. double protection. For example, if Cipher is the cipher text of the access control card, the first device 311 can obtain the encrypted cipher text of the access control card Cipher_EK after re-encrypting the cipher text of the access control card with the second key EK.
若第一设备311未获取到会话密钥,则第一设备311可以向第二设备32反馈失败信息,该失败消息用于通知第二设备32安全通道建立失败。If the first device 311 does not obtain the session key, the first device 311 may feed back failure information to the second device 32, where the failure message is used to notify the second device 32 that the establishment of the secure channel fails.
步骤410,第一设备312向第二设备32发送数据获取请求。Step 410 , the first device 312 sends a data acquisition request to the second device 32 .
具体地,当门禁卡数据上传至第二设备32之后。第一设备312可以向第二设备32发送数据获取请求,以获取门禁卡数据。其中,该数据获取请求可以包括用户信息及PIN。Specifically, after the access control card data is uploaded to the second device 32 . The first device 312 may send a data acquisition request to the second device 32 to acquire access control card data. Wherein, the data acquisition request may include user information and PIN.
可以理解的是,第一设备311也可以向第二设备32发送数据获取请求,以获得门禁卡数据。第一设备311与第一设备312之间的区别在于:若第一设备311刚向第二设备32上传门禁卡数据,此时第一设备311向第二设备32请求下载门禁卡数据,由于用户已经在上传上述门禁卡数据时输入过用户信息及PIN,因此用户在向第二设备32请求下载门禁卡数据时无需输入上述用户信息及PIN,第一设备311可以根据用户在上述上传门禁卡数据时输入的用户信息及PIN创建数据获取请求,并将该数据获取请求发送给第二设备32,由此可以简便用户的操作It can be understood that the first device 311 can also send a data acquisition request to the second device 32 to acquire access control card data. The difference between the first device 311 and the first device 312 is that if the first device 311 just uploads the access card data to the second device 32, the first device 311 requests the second device 32 to download the access card data, because the user The user information and PIN have been input when uploading the above-mentioned access control card data, so the user does not need to input the above-mentioned user information and PIN when requesting to download the access control card data to the second device 32. The first device 311 can upload the above-mentioned access control card data according to the user. Create a data acquisition request with the user information and PIN entered at the time, and send the data acquisition request to the second device 32, thereby simplifying the user's operation
可选地,第一设备312向第二设备32发送数据获取请求之前,还可以在第一设备312与第二设备32之间建立安全通道。其中,安全通道的建立方式可以参考图6所示的方法,在此不再赘述。Optionally, before the first device 312 sends the data acquisition request to the second device 32, a secure channel may also be established between the first device 312 and the second device 32. The method for establishing the secure channel may refer to the method shown in FIG. 6 , which will not be repeated here.
步骤411,第二设备32对数据获取请求进行验证。Step 411, the second device 32 verifies the data acquisition request.
具体地,第二设备32接收到第一设备312发送的数据获取请求后,可以获取数据获取请求中的用户信息及PIN,并可以基于上述用户信息及PIN进行验证,由此可以确定用户的身份是否合法。例如,若上述数据获取请求中的PIN与第二设备32本地存储的PIN一致,则可以确定该用户身份合法;若上述数据获取请求中的PIN与第二设备32本地存储的PIN不一致,则可以确定该用户身份非法。Specifically, after receiving the data acquisition request sent by the first device 312, the second device 32 can acquire the user information and PIN in the data acquisition request, and can perform verification based on the above user information and PIN, thereby determining the identity of the user is it legal. For example, if the PIN in the above data acquisition request is consistent with the PIN stored locally by the second device 32, it can be determined that the user's identity is legitimate; if the PIN in the above data acquisition request is inconsistent with the PIN stored locally by the second device 32, it can be It is determined that the user identity is illegal.
可选地,若上述数据获取请求经过安全通道发送,则第二设备32可以使用第二密钥EK对上述数据获取请求进行解密,并可以在对上述数据获取请求成功解密后获取数据获取请求中的用户信息及PIN。Optionally, if the above-mentioned data acquisition request is sent through a secure channel, the second device 32 can use the second key EK to decrypt the above-mentioned data acquisition request, and can obtain the data acquisition request after successfully decrypting the above-mentioned data acquisition request. user information and PIN.
步骤412,第二设备32基于验证结果向第一设备312发送封装数据包及随机因子S。Step 412, the second device 32 sends the encapsulated data packet and the random factor S to the first device 312 based on the verification result.
具体地,若第二设备32确定用户身份合法,则可以向第一设备312发送封装数据包及随机因子S,其中,封装数据包可以包括指令及门禁卡密文。在具体实现时,第二设备32可以将上述门禁卡密文封装成数据包,其中,每个封装数据包可以包括一条SE可执行的指令及一条门禁卡密文。Specifically, if the second device 32 determines that the user's identity is legitimate, it can send the encapsulated data packet and the random factor S to the first device 312, where the encapsulated data packet can include the instruction and the ciphertext of the access control card. During specific implementation, the second device 32 may encapsulate the above-mentioned ciphertext of the access control card into data packets, wherein each encapsulated data packet may include an SE executable instruction and an access control card ciphertext.
可以理解的是,封装数据包的数目可以与第二设备32已存储的门禁卡密文的数量一致。示例性的,若第二设备32仅收到一条门禁卡密文(例如,Cipher),则第二设备32可以将该Cipher封装成一个数据包。若第二设备32收到N条门禁卡密文(例如,Cipher1、Cipher2…CipherN),则第二设备32可以将该N条门禁卡密文封装成N个数据包。It can be understood that the number of encapsulated data packets may be consistent with the number of ciphertexts of the access control card that have been stored in the second device 32 . Exemplarily, if the second device 32 receives only one ciphertext of the access control card (for example, Cipher), the second device 32 may encapsulate the cipher into a data packet. If the second device 32 receives N pieces of access control card ciphertext (for example, Cipher1, Cipher2...CipherN), the second device 32 may encapsulate the N pieces of access control card ciphertext into N data packets.
现以N条门禁卡密文为例进行说明,表1为门禁卡密文封装表。Now take N pieces of access control card ciphertext as an example to illustrate, Table 1 is the access control card ciphertext encapsulation table.
表1Table 1
封装数据包IDEncapsulation Packet ID 数据包内容packet content
封装数据包1encapsulated packet 1 指令1+密文Cipher1Instruction 1 + Cipher1
封装数据包2encapsulated packet 2 指令2+密文Cipher2Instruction 2 + Cipher2
封装数据包Nencapsulated packet N 指令N+密文CipherNInstruction N+ciphertext CipherN
如表1所示,门禁卡密文包括Cipher1、Cipher2…CipherN等N条密文。由于SE中无法对数据直接进行读取及存储,因此,需要对上述每条密文添加SE可执行的指令(例如,指令1、指令2…指令N等)。接着,可以将上述指令与对应的密文进行封装,由此可以得到N个封装数据包,也就是说,一个封装数据包对应一条指令及一条门禁卡密文。As shown in Table 1, the ciphertext of the access control card includes N ciphertexts such as Cipher1, Cipher2...CipherN. Since data cannot be directly read and stored in SE, it is necessary to add SE-executable instructions (for example, instruction 1, instruction 2... instruction N, etc.) to each of the above ciphertexts. Next, the above-mentioned instruction and the corresponding ciphertext may be encapsulated, thereby obtaining N encapsulated data packets, that is, one encapsulated data packet corresponds to one instruction and one access control card ciphertext.
接着,第二设备32可以将上述每个封装数据包依次发送给第一设备312。其中,发送的顺序可以是按照指令的先后顺序。Next, the second device 32 may send each of the foregoing encapsulated data packets to the first device 312 in sequence. The order of sending may be in the order of the instructions.
可以理解的是,当第二设备32向第一设备312发送上述封装数据包时,还可以在安全通道中对上述封装数据包进行加密(例如,使用第二密钥EK进行加密),由此 可以保证上述封装数据包传输的安全性。It can be understood that when the second device 32 sends the above-mentioned encapsulated data packet to the first device 312, the above-mentioned encapsulated data packet may also be encrypted in the secure channel (for example, encrypted by using the second key EK), thereby The security of the above encapsulated data packet transmission can be guaranteed.
步骤413,第一设备312接收第二设备32发送的封装数据包及随机因子S,对封装数据包进行处理,得到并存储门禁卡数据。Step 413, the first device 312 receives the encapsulated data packet and the random factor S sent by the second device 32, processes the encapsulated data packet, and obtains and stores the access control card data.
具体地,第一设备312可以通过应用(例如,钱包应用)接收第二设备32发送的封装数据包及随机因子S。当上述应用接收到第二设备32发送的封装数据包及随机因子S后,可以通过预置指令将PIN发送给SE,使得SE可以存储上述PIN。Specifically, the first device 312 may receive the encapsulated data packet and the random factor S sent by the second device 32 through an application (eg, a wallet application). After the above-mentioned application receives the encapsulated data packet and the random factor S sent by the second device 32, it can send the PIN to the SE through a preset instruction, so that the SE can store the above-mentioned PIN.
可选地,若上述应用通过安全通道接收第二设备32发送的加密封装数据包,则上述应用可以通过第二密钥EK对上述加密封装数据包进行解密,由此可以得到封装数据包。Optionally, if the above-mentioned application receives the encrypted and encapsulated data packet sent by the second device 32 through the secure channel, the above-mentioned application can decrypt the above-mentioned encrypted and encapsulated data packet through the second key EK, thereby obtaining the encapsulated data packet.
接着,上述应用可以将接收到的封装数据包依次转发给SE,并可以将随机因子S发送给SE。其中,上述应用转发上述封装数据包的顺序可以是按照接收上述封装数据包的顺序。举例来说,若上述应用最早接收到第二设备32发送的封装数据包1,则该应用可以将封装数据包1转发给SE。接着,若上述应用接收到第二设备32发送的封装数据包2,则该应用可以将封装数据包2转发给SE,以此类推。Next, the above application may forward the received encapsulated data packets to the SE in sequence, and may send the random factor S to the SE. The sequence in which the application forwards the encapsulated data packets may be the sequence in which the encapsulated data packets are received. For example, if the above-mentioned application receives the encapsulated data packet 1 sent by the second device 32 at the earliest, the application may forward the encapsulated data packet 1 to the SE. Next, if the above-mentioned application receives the encapsulated data packet 2 sent by the second device 32, the application can forward the encapsulated data packet 2 to the SE, and so on.
当SE接收到上述应用转发的封装数据包及随机因子S后,可以获取封装数据包中的门禁卡密文,并可以对上述门禁卡密文进行解密。After receiving the encapsulated data packet and the random factor S forwarded by the above application, the SE can obtain the ciphertext of the access control card in the encapsulated data packet, and can decrypt the above ciphertext of the access control card.
现结合图7对上述解密过程进行说明,图7为解密流程图,包括以下子步骤:The above-mentioned decryption process will now be described in conjunction with FIG. 7, which is a flow chart of decryption, including the following sub-steps:
步骤4131,SE基于随机因子S及PIN生成第一密钥K。 Step 4131, the SE generates a first key K based on the random factor S and the PIN.
具体地,当SE获取到随机因子S及PIN后,可以使用KDF函数(例如,PBKDF2),基于随机因子S及PIN生成第一密钥K。Specifically, after obtaining the random factor S and the PIN, the SE can use the KDF function (for example, PBKDF2) to generate the first key K based on the random factor S and the PIN.
步骤4132,SE基于随机因子S确定初始向量。 Step 4132, the SE determines an initial vector based on the random factor S.
具体地,可以使用算法(例如,SM3),基于随机因子S计算摘要值,并可以取上述摘要值中的低16个字节作为初始向量。Specifically, an algorithm (eg, SM3) can be used to calculate a digest value based on a random factor S, and the lower 16 bytes of the above digest value can be taken as an initial vector.
步骤4133,SE基于第一密钥K及初始向量进行解密,得到门禁卡数据。 Step 4133, the SE decrypts based on the first key K and the initial vector to obtain access control card data.
具体地,可以使用算法(例如,SM4),在CBC模式下,基于第一密钥K及初始向量对门禁卡密文进行解密,由此可以获得门禁卡数据。Specifically, an algorithm (for example, SM4) can be used to decrypt the ciphertext of the access control card based on the first key K and the initial vector in the CBC mode, thereby obtaining the access control card data.
接着,可以通过上述封装数据包中的指令(例如,Write),将上述门禁卡数据写入SE,由此可以完成将门禁卡数据复制到第一设备312的任务。Next, the above-mentioned access control card data can be written into the SE through the instruction (eg, Write) in the above-mentioned encapsulated data packet, so that the task of copying the access control card data to the first device 312 can be completed.
本申请实施例中,通过在一台手机中对门禁卡数据进行安全加密后上传至服务器,并在另一台手机中从服务器进行门禁卡密文的下载,由此可以实现门禁卡数据的安全迁移,提高门禁卡数据传输的安全性。In the embodiment of the present application, by securely encrypting the access control card data in one mobile phone and uploading it to the server, and downloading the ciphertext of the access control card from the server in another mobile phone, the security of the access control card data can be realized. Migration to improve the security of access card data transmission.
为了实现上述实施例,本申请实施例还提出了一种芯片,应用于电子设备,该电子设备可以是上述第一设备311或第一设备312。图8为本申请实施例所提供的一种芯片80的结构示意图。如图8所示,该芯片80包括:获取模块81、发送模块82、接收模块83、加密模块84及上传模块85;其中,In order to implement the above embodiments, the embodiments of the present application further propose a chip, which is applied to an electronic device, and the electronic device may be the above-mentioned first device 311 or the first device 312 . FIG. 8 is a schematic structural diagram of a chip 80 according to an embodiment of the present application. As shown in FIG. 8 , the chip 80 includes: an acquisition module 81 , a transmission module 82 , a reception module 83 , an encryption module 84 and an upload module 85 ; wherein,
获取模块81,用于获取待上传门禁数据;an acquisition module 81, used to acquire the access control data to be uploaded;
发送模块82,用于响应于用户的输入,向服务器发送PIN,其中,所述PIN用于 验证用户的身份是否合法;The sending module 82 is used to send a PIN to the server in response to the user's input, wherein the PIN is used to verify whether the user's identity is legal;
接收模块83,用于接收所述服务器发送的第一确认信息,创建随机因子S,所述第一确认信息用于确认用户身份的验证是否成功;The receiving module 83 is configured to receive the first confirmation information sent by the server, and create a random factor S, and the first confirmation information is used to confirm whether the verification of the user identity is successful;
加密模块84,用于基于所述PIN及所述随机因子S确定第一密钥K,基于所述第一密钥K对所述待上传门禁数据进行加密,得到第一数据密文;An encryption module 84, configured to determine a first key K based on the PIN and the random factor S, and encrypt the access control data to be uploaded based on the first key K to obtain a first data ciphertext;
上传模块85,用于将所述第一数据密文及所述随机因子S上传至所述服务器。The uploading module 85 is configured to upload the first data ciphertext and the random factor S to the server.
其中一种可能的实现方式中,所述芯片80还包括:注册模块86;其中,In one possible implementation manner, the chip 80 further includes: a registration module 86; wherein,
注册模块86,用于向所述服务器发送用户注册请求,其中,所述用户注册请求用于在所述服务器上注册用户身份,所述用户注册请求包括所述PIN;接收所述服务器发送的第二确认信息,其中,所述第二确认信息用于确认所述用户的注册是否成功。The registration module 86 is configured to send a user registration request to the server, wherein the user registration request is used to register a user identity on the server, and the user registration request includes the PIN; Second confirmation information, wherein the second confirmation information is used to confirm whether the registration of the user is successful.
其中一种可能的实现方式中,所述电子设备包括签名公钥,所述服务器包括签名私钥及第二私钥,,所述芯片80还包括:通道建立模块88;其中,In one possible implementation manner, the electronic device includes a signature public key, the server includes a signature private key and a second private key, and the chip 80 further includes: a channel establishment module 88; wherein,
通道建立模块88,用于获取签名第一证书,其中,所述签名第一证书由所述服务器使用所述签名私钥对第一证书进行签名后获得,所述第一证书由所述服务器签发,所述第一证书包括第一公钥;A channel establishment module 88, configured to obtain a signed first certificate, wherein the signed first certificate is obtained after the server signs the first certificate with the signed private key, and the first certificate is issued by the server , the first certificate includes a first public key;
创建随机数RA,向所述服务器发送安全通道建立请求,其中,所述安全通道建立请求包括所述随机数RA及所述签名第一证书;Create a random number RA, and send a secure channel establishment request to the server, wherein the secure channel establishment request includes the random number RA and the signed first certificate;
接收所述服务器发送的随机数RB、随机数密文CRA及签名第二证书,其中,所述随机数RB由所述服务器创建,所述随机数密文CRA由所述服务器使用第二密钥EK加密后获得,所述第二密钥EK基于所述随机数RA、所述随机数RB、所述第一公钥及所述第二私钥确定;Receive a random number RB, a random number ciphertext CRA and a signed second certificate sent by the server, wherein the random number RB is created by the server, and the random number ciphertext CRA is used by the server with a second key Obtained after EK encryption, the second key EK is determined based on the random number RA, the random number RB, the first public key and the second private key;
使用所述签名公钥对所述签名第二证书进行身份验证,若所述身份验证通过,则获取所述第二证书中的第二公钥,其中,所述第二公钥与所述第二私钥为一对非对称公私钥;Use the signature public key to perform identity verification on the signed second certificate, and if the identity verification is passed, obtain a second public key in the second certificate, wherein the second public key is the same as the first public key. The second private key is a pair of asymmetric public and private keys;
获取第一私钥,基于所述随机数RA、所述随机数RB、所述第一私钥及所述第二公钥确定第二密钥EK,其中,所述第一私钥与所述第一公钥为一对非对称公私钥;Obtain a first private key, and determine a second key EK based on the random number RA, the random number RB, the first private key and the second public key, wherein the first private key and the The first public key is a pair of asymmetric public and private keys;
使用所述第二密钥EK对所述随机数密文CRA进行解密,得到随机数RA’,随机数RA’作为第三随机数;Use the second key EK to decrypt the random number ciphertext CRA to obtain a random number RA', and the random number RA' is used as the third random number;
若所述随机数RA与解密得到的随机数RA’一致,则与所述服务器建立安全通道,并确定所述第二密钥EK为所述安全通道的会话密钥。If the random number RA is consistent with the random number RA' obtained by decryption, a secure channel is established with the server, and the second key EK is determined as the session key of the secure channel.
其中一种可能的实现方式中,所述加密模块84还用于基于所述第一密钥K对所述待上传门禁数据进行加密,得到第二数据密文;使用所述第二密钥EK对所述第二数据密文进行加密,得到第一数据密文。In one possible implementation manner, the encryption module 84 is further configured to encrypt the access control data to be uploaded based on the first key K to obtain a second data ciphertext; use the second key EK The second data ciphertext is encrypted to obtain the first data ciphertext.
其中一种可能的实现方式中,所述加密模块84还用于基于所述随机因子S计算摘要值,基于所述摘要值确定初始向量;基于所述第一密钥K及所述初始向量对所述待上传门禁数据进行加密,得到第一数据密文。In one possible implementation manner, the encryption module 84 is further configured to calculate a digest value based on the random factor S, and determine an initial vector based on the digest value; based on the first key K and the initial vector pair The access control data to be uploaded is encrypted to obtain the first data ciphertext.
为了实现上述实施例,本申请实施例还提出了一种芯片,图9为本申请实施例所提供的一种芯片90的结构示意图。如图9所示,该芯片90包括:请求模块91、下载 模块92、获取模块93及解密模块94;其中,In order to realize the above-mentioned embodiments, an embodiment of the present application further proposes a chip, and FIG. 9 is a schematic structural diagram of a chip 90 provided by an embodiment of the present application. As shown in Figure 9, the chip 90 includes: a request module 91, a download module 92, an acquisition module 93 and a decryption module 94; wherein,
请求模块91,用于向服务器发送数据获取请求,其中,所述数据获取请求用于获取第一数据密文;a request module 91, configured to send a data acquisition request to the server, wherein the data acquisition request is used to acquire the first data ciphertext;
下载模块92,用于接收所述服务器发送的封装数据包及随机因子S,其中,所述封装数据包包括所述第一数据密文;A downloading module 92, configured to receive an encapsulated data packet and a random factor S sent by the server, wherein the encapsulated data packet includes the first data ciphertext;
获取模块93,用于获取PIN,基于所述PIN及所述随机因子S确定第一密钥K;an obtaining module 93, configured to obtain a PIN, and determine a first key K based on the PIN and the random factor S;
解密模块94,用于基于所述第一密钥K对所述封装数据包进行解密,得到门禁数据明文。The decryption module 94 is configured to decrypt the encapsulated data packet based on the first key K to obtain the plaintext of the access control data.
其中一种可能的实现方式中,所述数据获取请求包括PIN,所述PIN用于验证用户的身份是否合法。In one possible implementation manner, the data acquisition request includes a PIN, and the PIN is used to verify whether the user's identity is legal.
其中一种可能的实现方式中,所述下载模块92还用于获取第二密钥EK;接收所述服务器发送的加密封装数据包;使用所述第二密钥EK对所述加密封装数据包进行解密,得到封装数据包。In one possible implementation manner, the downloading module 92 is further configured to obtain a second key EK; receive an encrypted packaged data packet sent by the server; Decrypt to get the encapsulated data packet.
其中一种可能的实现方式中,所述封装数据包还包括可执行指令,所述解密模块94还用于获取所述封装数据包中的第一数据密文,基于所述第一密钥K对所述第一数据密文进行解密,得到门禁数据明文;获取所述封装数据包中的可执行指令,基于所述可执行指令对所述门禁数据明文执行写入操作。In one possible implementation manner, the encapsulated data packet further includes executable instructions, and the decryption module 94 is further configured to obtain the first data ciphertext in the encapsulated data packet, based on the first key K Decrypt the first data ciphertext to obtain access control data plaintext; obtain executable instructions in the encapsulated data packet, and perform a write operation on the access control data plaintext based on the executable instructions.
应理解,以上图8和图9所示的芯片的各个模块的划分仅仅是一种逻辑功能的划分,实际实现时可以全部或部分集成到一个物理实体上,也可以物理上分开。且这些模块可以全部以软件通过处理元件调用的形式实现;也可以全部以硬件的形式实现;还可以部分模块以软件通过处理元件调用的形式实现,部分模块通过硬件的形式实现。例如,检测模块可以为单独设立的处理元件,也可以集成在终端的某一个芯片中实现。其它模块的实现与之类似。此外这些模块全部或部分可以集成在一起,也可以独立实现。在实现过程中,上述方法的各步骤或以上各个模块可以通过处理器元件中的硬件的集成逻辑电路或者软件形式的指令完成。It should be understood that the division of each module of the chip shown in FIG. 8 and FIG. 9 above is only a division of logical functions, and may be fully or partially integrated into a physical entity in actual implementation, or may be physically separated. And these modules can all be implemented in the form of software calling through processing elements; they can also all be implemented in hardware; some modules can also be implemented in the form of software calling through processing elements, and some modules can be implemented in hardware. For example, the detection module may be a separately established processing element, or may be integrated in a certain chip of the terminal. The implementation of other modules is similar. In addition, all or part of these modules can be integrated together, and can also be implemented independently. In the implementation process, each step of the above-mentioned method or each of the above-mentioned modules can be completed by an integrated logic circuit of hardware in the processor element or an instruction in the form of software.
例如,以上这些模块可以是被配置成实施以上方法的一个或多个集成电路,例如:一个或多个特定集成电路(Application Specific Integrated Circuit;以下简称:ASIC),或,一个或多个微处理器(Digital Singnal Processor;以下简称:DSP),或,一个或者多个现场可编程门阵列(Field Programmable Gate Array;以下简称:FPGA)等。再如,这些模块可以集成在一起,以片上系统(System-On-a-Chip;以下简称:SOC)的形式实现For example, the above modules may be one or more integrated circuits configured to implement the above methods, such as: one or more specific integrated circuits (Application Specific Integrated Circuit; hereinafter referred to as: ASIC), or, one or more microprocessors Digital Singnal Processor (hereinafter referred to as: DSP), or, one or more Field Programmable Gate Array (Field Programmable Gate Array; hereinafter referred to as: FPGA), etc. For another example, these modules can be integrated together and implemented in the form of a system-on-a-chip (System-On-a-Chip; hereinafter referred to as: SOC).
图10示例性的示出了本申请实施例所提供的电子设备100的结构示意图,该电子设备100可以是上述第一设备311或第一设备312。FIG. 10 exemplarily shows a schematic structural diagram of an electronic device 100 provided by an embodiment of the present application, and the electronic device 100 may be the first device 311 or the first device 312 described above.
如图10所示,电子设备100可以包括处理器110,外部存储器接口120,内部存储器121,天线1,天线2,移动通信模块150,无线通信模块160,显示屏194,以及用户标识模块(subscriber identification module,SIM)卡接口195等。As shown in FIG. 10, the electronic device 100 may include a processor 110, an external memory interface 120, an internal memory 121, an antenna 1, an antenna 2, a mobile communication module 150, a wireless communication module 160, a display screen 194, and a subscriber identification module (subscriber). identification module, SIM) card interface 195, etc.
可以理解的是,本发明实施例示意的结构并不构成对电子设备100的具体限定。在本申请另一些实施例中,电子设备100可以包括比图示更多或更少的部件,或者组 合某些部件,或者拆分某些部件,或者不同的部件布置。图示的部件可以以硬件,软件或软件和硬件的组合实现。It can be understood that, the structures illustrated in the embodiments of the present invention do not constitute a specific limitation on the electronic device 100 . In other embodiments of the present application, the electronic device 100 may include more or less components than shown, or some components are combined, or some components are separated, or different components are arranged. The illustrated components may be implemented in hardware, software, or a combination of software and hardware.
处理器110可以包括一个或多个处理单元,例如:处理器110可以包括应用处理器(application processor,AP),调制解调处理器,图形处理器(graphics processing unit,GPU),图像信号处理器(image signal processor,ISP),控制器,视频编解码器,数字信号处理器(digital signal processor,DSP),基带处理器,和/或神经网络处理器(neural-network processing unit,NPU)等。其中,不同的处理单元可以是独立的器件,也可以集成在一个或多个处理器中。The processor 110 may include one or more processing units, for example, the processor 110 may include an application processor (application processor, AP), a modem processor, a graphics processor (graphics processing unit, GPU), an image signal processor (image signal processor, ISP), controller, video codec, digital signal processor (digital signal processor, DSP), baseband processor, and/or neural-network processing unit (neural-network processing unit, NPU), etc. Wherein, different processing units may be independent devices, or may be integrated in one or more processors.
控制器可以根据指令操作码和时序信号,产生操作控制信号,完成取指令和执行指令的控制。The controller can generate an operation control signal according to the instruction operation code and timing signal, and complete the control of fetching and executing instructions.
处理器110中还可以设置存储器,用于存储指令和数据。在一些实施例中,处理器110中的存储器为高速缓冲存储器。该存储器可以保存处理器110刚用过或循环使用的指令或数据。如果处理器110需要再次使用该指令或数据,可从所述存储器中直接调用。避免了重复存取,减少了处理器110的等待时间,因而提高了系统的效率。A memory may also be provided in the processor 110 for storing instructions and data. In some embodiments, the memory in processor 110 is cache memory. This memory may hold instructions or data that have just been used or recycled by the processor 110 . If the processor 110 needs to use the instruction or data again, it can be called directly from the memory. Repeated accesses are avoided and the latency of the processor 110 is reduced, thereby increasing the efficiency of the system.
电子设备100的无线通信功能可以通过天线1,天线2,移动通信模块150,无线通信模块160,调制解调处理器以及基带处理器等实现。The wireless communication function of the electronic device 100 may be implemented by the antenna 1, the antenna 2, the mobile communication module 150, the wireless communication module 160, the modulation and demodulation processor, the baseband processor, and the like.
天线1和天线2均可用于发射和接收电磁波信号。电子设备100中的每个天线可用于覆盖单个或多个通信频带。不同的天线还可以复用,以提高天线的利用率。例如:可以将天线1复用为无线局域网的分集天线,当然考虑到设计的简单和其他因素的影响,也可以给每种通信方式配备单独的天线。在另外一些实施例中,天线可以和调谐开关结合使用。Both antenna 1 and antenna 2 can be used to transmit and receive electromagnetic wave signals. Each antenna in electronic device 100 may be used to cover a single or multiple communication frequency bands. Different antennas can also be reused to improve antenna utilization. For example, the antenna 1 can be multiplexed into the diversity antenna of the wireless local area network. Of course, considering the simplicity of the design and the influence of other factors, each communication mode can also be equipped with a separate antenna. In other embodiments, the antenna may be used in conjunction with a tuning switch.
移动通信模块150可以提供应用在电子设备100上的包括2G/3G/4G/5G等无线通信的解决方案。移动通信模块150可以包括至少一个滤波器,开关,功率放大器,低噪声放大器(low noise amplifier,LNA)等。移动通信模块150可以由天线1接收电磁波,并对接收的电磁波进行滤波,放大等处理,传送至调制解调处理器进行解调。移动通信模块150还可以对经调制解调处理器调制后的信号放大,经天线1转为电磁波辐射出去。在一些实施例中,移动通信模块150的至少部分功能模块可以被设置于处理器110中。在一些实施例中,移动通信模块150的至少部分功能模块可以与处理器110的至少部分模块被设置在同一个器件中。The mobile communication module 150 may provide wireless communication solutions including 2G/3G/4G/5G etc. applied on the electronic device 100 . The mobile communication module 150 may include at least one filter, switch, power amplifier, low noise amplifier (LNA) and the like. The mobile communication module 150 can receive electromagnetic waves from the antenna 1, filter and amplify the received electromagnetic waves, and transmit them to the modulation and demodulation processor for demodulation. The mobile communication module 150 can also amplify the signal modulated by the modulation and demodulation processor, and then turn it into an electromagnetic wave for radiation through the antenna 1 . In some embodiments, at least part of the functional modules of the mobile communication module 150 may be provided in the processor 110 . In some embodiments, at least part of the functional modules of the mobile communication module 150 may be provided in the same device as at least part of the modules of the processor 110 .
无线通信模块160可以提供应用在电子设备100上的包括无线局域网(wireless local area networks,WLAN)(如无线保真(wireless fidelity,Wi-Fi)网络),蓝牙(bluetooth,BT),全球导航卫星系统(global navigation satellite system,GNSS),调频(frequency modulation,FM),近距离无线通信技术(near field communication,NFC),红外技术(infrared,IR)等无线通信的解决方案。无线通信模块160可以是集成至少一个通信处理模块的一个或多个器件。无线通信模块160经由天线2接收电磁波,将电磁波信号调频以及滤波处理,将处理后的信号发送到处理器110。无线通信模块160还可以从处理器110接收待发送的信号,对其进行调频,放大,经天线2转为电磁波辐射出去。The wireless communication module 160 can provide applications on the electronic device 100 including wireless local area networks (WLAN) (such as wireless fidelity (Wi-Fi) networks), bluetooth (BT), global navigation satellites Wireless communication solutions such as global navigation satellite system (GNSS), frequency modulation (FM), near field communication (NFC), and infrared technology (IR). The wireless communication module 160 may be one or more devices integrating at least one communication processing module. The wireless communication module 160 receives electromagnetic waves via the antenna 2 , frequency modulates and filters the electromagnetic wave signals, and sends the processed signals to the processor 110 . The wireless communication module 160 can also receive the signal to be sent from the processor 110 , perform frequency modulation on it, amplify it, and convert it into electromagnetic waves for radiation through the antenna 2 .
在一些实施例中,电子设备100的天线1和移动通信模块150耦合,天线2和无 线通信模块160耦合,使得电子设备100可以通过无线通信技术与网络以及其他设备通信。所述无线通信技术可以包括全球移动通讯系统(global system for mobile communications,GSM),通用分组无线服务(general packet radio service,GPRS),码分多址接入(code division multiple access,CDMA),宽带码分多址(wideband code division multiple access,WCDMA),时分码分多址(time-division code division multiple access,TD-SCDMA),长期演进(long term evolution,LTE),BT,GNSS,WLAN,NFC,FM,和/或IR技术等。所述GNSS可以包括全球卫星定位系统(global positioning system,GPS),全球导航卫星系统(global navigation satellite system,GLONASS),北斗卫星导航系统(beidou navigation satellite system,BDS),准天顶卫星系统(quasi-zenith satellite system,QZSS)和/或星基增强系统(satellite based augmentation systems,SBAS)。In some embodiments, the antenna 1 of the electronic device 100 is coupled with the mobile communication module 150, and the antenna 2 is coupled with the wireless communication module 160, so that the electronic device 100 can communicate with the network and other devices through wireless communication technology. The wireless communication technology may include global system for mobile communications (GSM), general packet radio service (GPRS), code division multiple access (CDMA), broadband Code Division Multiple Access (WCDMA), Time Division Code Division Multiple Access (TD-SCDMA), Long Term Evolution (LTE), BT, GNSS, WLAN, NFC , FM, and/or IR technology, etc. The GNSS may include global positioning system (global positioning system, GPS), global navigation satellite system (global navigation satellite system, GLONASS), Beidou navigation satellite system (beidou navigation satellite system, BDS), quasi-zenith satellite system (quasi -zenith satellite system, QZSS) and/or satellite based augmentation systems (SBAS).
电子设备100通过GPU,显示屏194,以及应用处理器等实现显示功能。GPU为图像处理的微处理器,连接显示屏194和应用处理器。GPU用于执行数学和几何计算,用于图形渲染。处理器110可包括一个或多个GPU,其执行程序指令以生成或改变显示信息。The electronic device 100 implements a display function through a GPU, a display screen 194, an application processor, and the like. The GPU is a microprocessor for image processing, and is connected to the display screen 194 and the application processor. The GPU is used to perform mathematical and geometric calculations for graphics rendering. Processor 110 may include one or more GPUs that execute program instructions to generate or alter display information.
显示屏194用于显示图像,视频等。显示屏194包括显示面板。显示面板可以采用液晶显示屏(liquid crystal display,LCD),有机发光二极管(organic light-emitting diode,OLED),有源矩阵有机发光二极体或主动矩阵有机发光二极体(active-matrix organic light emitting diode的,AMOLED),柔性发光二极管(flex light-emitting diode,FLED),Miniled,MicroLed,Micro-oLed,量子点发光二极管(quantum dot light emitting diodes,QLED)等。在一些实施例中,电子设备100可以包括1个或N个显示屏194,N为大于1的正整数。Display screen 194 is used to display images, videos, and the like. Display screen 194 includes a display panel. The display panel can be a liquid crystal display (LCD), an organic light-emitting diode (OLED), an active-matrix organic light-emitting diode or an active-matrix organic light-emitting diode (active-matrix organic light). emitting diode, AMOLED), flexible light-emitting diode (flex light-emitting diode, FLED), Miniled, MicroLed, Micro-oLed, quantum dot light-emitting diode (quantum dot light emitting diodes, QLED) and so on. In some embodiments, the electronic device 100 may include one or N display screens 194 , where N is a positive integer greater than one.
内部存储器121可以用于存储计算机可执行程序代码,所述可执行程序代码包括指令。内部存储器121可以包括存储程序区和存储数据区。其中,存储程序区可存储操作系统,至少一个功能所需的应用程序(比如声音播放功能,图像播放功能等)等。存储数据区可存储电子设备100使用过程中所创建的数据(比如音频数据,电话本等)等。此外,内部存储器121可以包括高速随机存取存储器,还可以包括非易失性存储器,例如至少一个磁盘存储器件,闪存器件,通用闪存存储器(universal flash storage,UFS)等。处理器110通过运行存储在内部存储器121的指令,和/或存储在设置于处理器中的存储器的指令,执行电子设备100的各种功能应用以及数据处理。Internal memory 121 may be used to store computer executable program code, which includes instructions. The internal memory 121 may include a storage program area and a storage data area. The storage program area can store an operating system, an application program required for at least one function (such as a sound playback function, an image playback function, etc.), and the like. The storage data area may store data (such as audio data, phone book, etc.) created during the use of the electronic device 100 and the like. In addition, the internal memory 121 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, universal flash storage (UFS), and the like. The processor 110 executes various functional applications and data processing of the electronic device 100 by executing instructions stored in the internal memory 121 and/or instructions stored in a memory provided in the processor.
SIM卡接口195用于连接SIM卡。SIM卡可以通过插入SIM卡接口195,或从SIM卡接口195拔出,实现和电子设备100的接触和分离。电子设备100可以支持1个或N个SIM卡接口,N为大于1的正整数。SIM卡接口195可以支持Nano SIM卡,Micro SIM卡,SIM卡等。同一个SIM卡接口195可以同时插入多张卡。所述多张卡的类型可以相同,也可以不同。SIM卡接口195也可以兼容不同类型的SIM卡。SIM卡接口195也可以兼容外部存储卡。电子设备100通过SIM卡和网络交互,实现通话以及数据通信等功能。在一些实施例中,电子设备100采用eSIM,即:嵌入式SIM卡。eSIM卡可以嵌在电子设备100中,不能和电子设备100分离。The SIM card interface 195 is used to connect a SIM card. The SIM card can be contacted and separated from the electronic device 100 by inserting into the SIM card interface 195 or pulling out from the SIM card interface 195 . The electronic device 100 may support 1 or N SIM card interfaces, where N is a positive integer greater than 1. The SIM card interface 195 can support Nano SIM card, Micro SIM card, SIM card and so on. Multiple cards can be inserted into the same SIM card interface 195 at the same time. The types of the plurality of cards may be the same or different. The SIM card interface 195 can also be compatible with different types of SIM cards. The SIM card interface 195 is also compatible with external memory cards. The electronic device 100 interacts with the network through the SIM card to implement functions such as call and data communication. In some embodiments, the electronic device 100 employs an eSIM, ie: an embedded SIM card. The eSIM card can be embedded in the electronic device 100 and cannot be separated from the electronic device 100 .
本说明书实施例提供一种非暂态计算机可读存储介质,所述非暂态计算机可读存储介 质存储计算机指令,当所述计算机指令在计算机上运行时,所述计算机指令使所述计算机执行本说明书图1-图7所示实施例提供的数据上传方法及数据下载方法。Embodiments of this specification provide a non-transitory computer-readable storage medium, where the non-transitory computer-readable storage medium stores computer instructions, and when the computer instructions are executed on a computer, the computer instructions cause the computer to execute The data uploading method and the data downloading method provided by the embodiments shown in FIG. 1 to FIG. 7 of this specification.
本申请实施例中,“至少一个”是指一个或者多个,“多个”是指两个或两个以上。“和/或”,描述关联对象的关联关系,表示可以存在三种关系,例如,A和/或B,可以表示单独存在A、同时存在A和B、单独存在B的情况。其中A,B可以是单数或者复数。字符“/”一般表示前后关联对象是一种“或”的关系。“以下至少一项”及其类似表达,是指的这些项中的任意组合,包括单项或复数项的任意组合。例如,a,b和c中的至少一项可以表示:a,b,c,a和b,a和c,b和c或a和b和c,其中a,b,c可以是单个,也可以是多个。In the embodiments of the present application, "at least one" refers to one or more, and "multiple" refers to two or more. "And/or", which describes the association relationship of the associated objects, indicates that there can be three kinds of relationships, for example, A and/or B, which can indicate the existence of A alone, the existence of A and B at the same time, and the existence of B alone. where A and B can be singular or plural. The character "/" generally indicates that the associated objects are an "or" relationship. "At least one of the following" and similar expressions refer to any combination of these items, including any combination of single or plural items. For example, at least one of a, b, and c may represent: a, b, c, a and b, a and c, b and c or a and b and c, where a, b, c may be single, or Can be multiple.
本领域普通技术人员可以意识到,本文中公开的实施例中描述的各单元及算法步骤,能够以电子硬件、计算机软件和电子硬件的结合来实现。这些功能究竟以硬件还是软件方式来执行,取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超出本申请的范围。Those of ordinary skill in the art can realize that the units and algorithm steps described in the embodiments disclosed herein can be implemented by a combination of electronic hardware, computer software and electronic hardware. Whether these functions are performed in hardware or software depends on the specific application and design constraints of the technical solution. Skilled artisans may implement the described functionality using different methods for each particular application, but such implementations should not be considered beyond the scope of this application.
所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述描述的系统、装置和单元的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。Those skilled in the art can clearly understand that, for the convenience and brevity of description, the specific working process of the above-described systems, devices and units may refer to the corresponding processes in the foregoing method embodiments, which will not be repeated here.
在本申请所提供的几个实施例中,任一功能如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本申请各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(Read-Only Memory;以下简称:ROM)、随机存取存储器(Random Access Memory;以下简称:RAM)、磁碟或者光盘等各种可以存储程序代码的介质。In the several embodiments provided in this application, if any function is implemented in the form of a software functional unit and sold or used as an independent product, it can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present application can be embodied in the form of a software product in essence, or the part that contributes to the prior art or the part of the technical solution. The computer software product is stored in a storage medium, including Several instructions are used to cause a computer device (which may be a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of the present application. The aforementioned storage medium includes: U disk, mobile hard disk, Read-Only Memory (Read-Only Memory; hereinafter referred to as: ROM), Random Access Memory (Random Access Memory; hereinafter referred to as: RAM), magnetic disk or optical disk and other various A medium on which program code can be stored.
以上所述,仅为本申请的具体实施方式,任何熟悉本技术领域的技术人员在本申请揭露的技术范围内,可轻易想到变化或替换,都应涵盖在本申请的保护范围之内。本申请的保护范围应以所述权利要求的保护范围为准。The above are only specific embodiments of the present application. Any person skilled in the art can easily think of changes or substitutions within the technical scope disclosed in the present application, which should be covered by the protection scope of the present application. The protection scope of the present application shall be subject to the protection scope of the claims.

Claims (11)

  1. 一种数据上传方法,应用于电子设备,其特征在于,包括:A data uploading method, applied to electronic equipment, is characterized in that, comprising:
    获取待上传门禁数据;Get access control data to be uploaded;
    响应于用户的输入,向服务器发送个人身份号PIN,其中,所述PIN用于验证用户的身份是否合法;In response to the user's input, send a personal identification number PIN to the server, wherein the PIN is used to verify whether the user's identity is legal;
    接收所述服务器发送的第一确认信息,创建随机因子,所述第一确认信息用于确认所述用户身份的验证是否成功;Receive the first confirmation information sent by the server, create a random factor, and the first confirmation information is used to confirm whether the verification of the user identity is successful;
    基于所述PIN及所述随机因子确定第一密钥,基于所述第一密钥对所述待上传门禁数据进行加密,得到第一数据密文;Determine a first key based on the PIN and the random factor, and encrypt the access control data to be uploaded based on the first key to obtain a first data ciphertext;
    将所述第一数据密文及所述随机因子上传至所述服务器。Upload the first data ciphertext and the random factor to the server.
  2. 根据权利要求1所述的方法,其特征在于,所述获取待上传门禁数据之前,所述方法还包括:The method according to claim 1, wherein before acquiring the access control data to be uploaded, the method further comprises:
    向所述服务器发送用户注册请求,其中,所述用户注册请求用于在所述服务器上注册用户身份,所述用户注册请求包括所述PIN;sending a user registration request to the server, wherein the user registration request is used to register a user identity on the server, and the user registration request includes the PIN;
    接收所述服务器发送的第二确认信息,其中,所述第二确认信息用于确认所述用户的注册是否成功。Receive second confirmation information sent by the server, where the second confirmation information is used to confirm whether the user's registration is successful.
  3. 根据权利要求1所述的方法,其特征在于,所述电子设备包括签名公钥,所述服务器包括签名私钥及第二私钥,所述方法还包括:The method according to claim 1, wherein the electronic device comprises a signature public key, the server comprises a signature private key and a second private key, and the method further comprises:
    获取签名第一证书,其中,所述签名第一证书由所述服务器使用所述签名私钥对第一证书进行签名后获得,所述第一证书由所述服务器签发,所述第一证书包括第一公钥;Obtain a signed first certificate, wherein the signed first certificate is obtained after the server signs the first certificate with the signing private key, the first certificate is issued by the server, and the first certificate includes the first public key;
    创建第一随机数,向所述服务器发送安全通道建立请求,其中,所述安全通道建立请求包括所述第一随机数及所述签名第一证书;Create a first random number, and send a secure channel establishment request to the server, wherein the secure channel establishment request includes the first random number and the signed first certificate;
    接收所述服务器发送的第二随机数、随机数密文及签名第二证书,其中,所述第二随机数由所述服务器创建,所述随机数密文由所述服务器使用第二密钥加密后获得,所述第二密钥基于所述第一随机数、所述第二随机数、所述第一公钥及所述第二私钥确定;Receive a second random number, a random number ciphertext and a signed second certificate sent by the server, wherein the second random number is created by the server, and the random number ciphertext is used by the server with a second key Obtained after encryption, the second key is determined based on the first random number, the second random number, the first public key and the second private key;
    使用所述签名公钥对所述签名第二证书进行身份验证,若所述身份验证通过,则获取所述第二证书中的第二公钥,其中,所述第二公钥与所述第二私钥为一对非对称公私钥;Use the signature public key to perform identity verification on the signed second certificate, and if the identity verification is passed, obtain a second public key in the second certificate, wherein the second public key is the same as the first public key. The second private key is a pair of asymmetric public and private keys;
    获取第一私钥,基于所述第一随机数、所述第二随机数、所述第一私钥及所述第二公钥确定第二密钥,其中,所述第一私钥与所述第一公钥为一对非对称公私钥;Obtain a first private key, and determine a second key based on the first random number, the second random number, the first private key, and the second public key, where the first private key and all The first public key is a pair of asymmetric public and private keys;
    使用所述第二密钥对所述随机数密文进行解密,得到第三随机数;Decrypting the random number ciphertext using the second key to obtain a third random number;
    若所述第一随机数与解密得到的第三随机数一致,则与所述服务器建立安全通道,并确定所述第二密钥为所述安全通道的会话密钥。If the first random number is consistent with the third random number obtained by decryption, a secure channel is established with the server, and the second key is determined as the session key of the secure channel.
  4. 根据权利要求3所述的方法,其特征在于,所述基于所述第一密钥对所述待上传门禁数据进行加密,得到第一数据密文包括:The method according to claim 3, wherein the encrypting the access control data to be uploaded based on the first key to obtain the first data ciphertext comprises:
    基于所述第一密钥对所述待上传门禁数据进行加密,得到第二数据密文;Encrypting the access control data to be uploaded based on the first key to obtain a second data ciphertext;
    使用所述第二密钥对所述第二数据密文进行加密,得到第一数据密文。The second data ciphertext is encrypted using the second key to obtain the first data ciphertext.
  5. 根据权利要求1所述的方法,其特征在于,所述基于所述第一密钥对所述待上传门禁数据进行加密,得到第一数据密文包括:The method according to claim 1, wherein the encrypting the access control data to be uploaded based on the first key to obtain the first data ciphertext comprises:
    基于所述随机因子计算摘要值,基于所述摘要值确定初始向量;Calculate a digest value based on the random factor, and determine an initial vector based on the digest value;
    基于所述第一密钥及所述初始向量对所述待上传门禁数据进行加密,得到第一数据密文。The access control data to be uploaded is encrypted based on the first key and the initial vector to obtain a first data ciphertext.
  6. 一种数据下载方法,其特征在于,包括:A method for downloading data, comprising:
    向服务器发送数据获取请求,其中,所述数据获取请求用于获取第一数据密文;sending a data acquisition request to the server, wherein the data acquisition request is used to acquire the first data ciphertext;
    接收所述服务器发送的封装数据包及随机因子,其中,所述封装数据包包括所述第一数据密文;receiving an encapsulated data packet and a random factor sent by the server, wherein the encapsulated data packet includes the first data ciphertext;
    获取PIN,基于所述PIN及所述随机因子确定第一密钥;obtaining a PIN, and determining a first key based on the PIN and the random factor;
    基于所述第一密钥对所述封装数据包进行解密,得到门禁数据明文。The encapsulated data packet is decrypted based on the first key to obtain access control data plaintext.
  7. 根据权利要求6所述的方法,其特征在于,所述数据获取请求包括PIN,所述PIN用于验证用户的身份是否合法。The method according to claim 6, wherein the data acquisition request includes a PIN, and the PIN is used to verify whether the user's identity is legal.
  8. 根据权利要求6所述的方法,其特征在于,所述接收所述服务器发送的封装数据包包括:The method according to claim 6, wherein the receiving the encapsulated data packet sent by the server comprises:
    获取第二密钥;Get the second key;
    接收所述服务器发送的加密封装数据包;receiving the encrypted encapsulated data packet sent by the server;
    使用所述第二密钥对所述加密封装数据包进行解密,得到封装数据包。Decrypt the encrypted encapsulated data packet using the second key to obtain an encapsulated data packet.
  9. 根据权利要求6所述的方法,其特征在于,所述封装数据包还包括可执行指令,所述基于所述第一密钥对所述封装数据包进行解密,得到门禁数据明文包括:The method according to claim 6, wherein the encapsulated data packet further comprises executable instructions, and the decrypting the encapsulated data packet based on the first key to obtain the plaintext of the access control data comprises:
    获取所述封装数据包中的第一数据密文,基于所述第一密钥对所述第一数据密文进行解密,得到门禁数据明文;obtaining the first data ciphertext in the encapsulated data packet, and decrypting the first data ciphertext based on the first key to obtain access control data plaintext;
    获取所述封装数据包中的可执行指令,基于所述可执行指令对所述门禁数据明文执行写入操作。Obtain executable instructions in the encapsulated data package, and perform a write operation on the plaintext of the access control data based on the executable instructions.
  10. 一种芯片,应用于电子设备,其特征在于,用于执行如权利要求1-9中任一项所述的方法。A chip, applied to an electronic device, characterized in that it is used for executing the method according to any one of claims 1-9.
  11. 一种电子设备,其特征在于,包括如权利要求10所述的芯片。An electronic device, characterized by comprising the chip of claim 10 .
PCT/CN2021/079784 2021-03-09 2021-03-09 Data uploading method, data downloading method and related device WO2022188033A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2021/079784 WO2022188033A1 (en) 2021-03-09 2021-03-09 Data uploading method, data downloading method and related device
CN202180004124.5A CN114026820A (en) 2021-03-09 2021-03-09 Data uploading method, data downloading method and related equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2021/079784 WO2022188033A1 (en) 2021-03-09 2021-03-09 Data uploading method, data downloading method and related device

Publications (1)

Publication Number Publication Date
WO2022188033A1 true WO2022188033A1 (en) 2022-09-15

Family

ID=80069665

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/079784 WO2022188033A1 (en) 2021-03-09 2021-03-09 Data uploading method, data downloading method and related device

Country Status (2)

Country Link
CN (1) CN114026820A (en)
WO (1) WO2022188033A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115632880A (en) * 2022-12-07 2023-01-20 国网信息通信产业集团有限公司 Reliable data transmission and storage method and system based on state cryptographic algorithm

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114978694A (en) * 2022-05-23 2022-08-30 深圳云创数安科技有限公司 Data volume generation method, device, equipment and storage medium based on digital signature
CN117436043A (en) * 2023-12-20 2024-01-23 鼎铉商用密码测评技术(深圳)有限公司 Method and device for verifying source of file to be executed and readable storage medium

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102571702A (en) * 2010-12-22 2012-07-11 中兴通讯股份有限公司 Key generation method, system and equipment in Internet of things
CN104361667A (en) * 2014-12-05 2015-02-18 国家电网公司 Door access control system based on 4G communication and door access authorization method of door access control system
CN107004315A (en) * 2014-12-02 2017-08-01 开利公司 Utilize the metering-in control system of virtual card data
CN206877390U (en) * 2017-05-16 2018-01-12 兰鹰 Access card information collecting device and acquisition system
US20190182240A1 (en) * 2017-12-11 2019-06-13 Ssh Communications Security Oyj Access security in computer networks
CN110097358A (en) * 2019-04-28 2019-08-06 北京小米支付技术有限公司 Virtual card generation method, device, equipment and storage medium

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150339662A1 (en) * 2014-05-23 2015-11-26 LoopPay Inc. Systems and methods for linking devices to user accounts
CN106101068B (en) * 2016-05-27 2019-06-11 宇龙计算机通信科技(深圳)有限公司 Terminal communicating method and system
SG10201900198SA (en) * 2019-01-09 2020-08-28 Mastercard International Inc Methods and systems for cryptographic keys exchange
CN112187709B (en) * 2019-07-05 2022-07-05 荣耀终端有限公司 Authentication method, device and server

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102571702A (en) * 2010-12-22 2012-07-11 中兴通讯股份有限公司 Key generation method, system and equipment in Internet of things
CN107004315A (en) * 2014-12-02 2017-08-01 开利公司 Utilize the metering-in control system of virtual card data
CN104361667A (en) * 2014-12-05 2015-02-18 国家电网公司 Door access control system based on 4G communication and door access authorization method of door access control system
CN206877390U (en) * 2017-05-16 2018-01-12 兰鹰 Access card information collecting device and acquisition system
US20190182240A1 (en) * 2017-12-11 2019-06-13 Ssh Communications Security Oyj Access security in computer networks
CN110097358A (en) * 2019-04-28 2019-08-06 北京小米支付技术有限公司 Virtual card generation method, device, equipment and storage medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115632880A (en) * 2022-12-07 2023-01-20 国网信息通信产业集团有限公司 Reliable data transmission and storage method and system based on state cryptographic algorithm
CN115632880B (en) * 2022-12-07 2023-03-21 国网信息通信产业集团有限公司 Reliable data transmission and storage method and system based on state cryptographic algorithm

Also Published As

Publication number Publication date
CN114026820A (en) 2022-02-08

Similar Documents

Publication Publication Date Title
US11849048B2 (en) Mutually authenticated ECDHE key exchange for a device and a network using multiple PKI key pairs
US11777719B2 (en) Public key exchange with authenicated ECDHE and security against quantum computers
WO2022188033A1 (en) Data uploading method, data downloading method and related device
US8331567B2 (en) Methods and apparatuses for generating dynamic pairwise master keys using an image
WO2019029471A1 (en) Bluetooth network and network configuration method
US7983656B2 (en) Method and apparatus for end-to-end mobile user security
US9781085B2 (en) Device to device security using NAF key
EP1976322A1 (en) An authentication method
US10250578B2 (en) Internet key exchange (IKE) for secure association between devices
US20150244685A1 (en) Generalized cryptographic framework
JP2008252883A (en) Method for loading secured service access data in nfc chipset
US11108548B2 (en) Authentication method, server, terminal, and gateway
CN108012264A (en) The scheme based on encrypted IMSI for 802.1x carriers hot spot and Wi-Fi call authorizations
CN114944925B (en) Signaling secure transmission method and device, server and SE chip
WO2017133021A1 (en) Security processing method and relevant device
WO2010023506A1 (en) Methods, apparatuses, computer program products, and systems for providing secure pairing and association for wireless devices
CN105407109A (en) Data secure transmission method between Bluetooth devices
WO2021155482A1 (en) Data transmission method and ble device
CN105827601A (en) Data encryption application method and system of mobile device
US11363455B2 (en) Near field communication forum data exchange format (NDEF) messages with authenticated encryption
WO2016176902A1 (en) Terminal authentication method, management terminal and application terminal
KR20130109560A (en) Encryption method of database of mobile communication device
US20230362631A1 (en) Secure storage and processing of sim data
JP2015039079A (en) Radio communication device and radio communication method
TW202411865A (en) Method for requesting and signing certificate, certificate system and computer-readable medium thereof

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21929515

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 21929515

Country of ref document: EP

Kind code of ref document: A1