WO2023160667A1 - 一种用于数字货币交易的安全认证方法、装置和系统 - Google Patents
一种用于数字货币交易的安全认证方法、装置和系统 Download PDFInfo
- Publication number
- WO2023160667A1 WO2023160667A1 PCT/CN2023/078254 CN2023078254W WO2023160667A1 WO 2023160667 A1 WO2023160667 A1 WO 2023160667A1 CN 2023078254 W CN2023078254 W CN 2023078254W WO 2023160667 A1 WO2023160667 A1 WO 2023160667A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- digital currency
- terminal device
- certificate
- terminal
- data
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 140
- 238000004891 communication Methods 0.000 claims abstract description 73
- 238000012795 verification Methods 0.000 claims abstract description 53
- 230000008569 process Effects 0.000 claims description 107
- 238000012545 processing Methods 0.000 claims description 26
- 238000004590 computer program Methods 0.000 claims description 10
- 230000008520 organization Effects 0.000 claims description 4
- 238000004422 calculation algorithm Methods 0.000 description 20
- 238000010586 diagram Methods 0.000 description 19
- 230000006870 function Effects 0.000 description 8
- 230000005540 biological transmission Effects 0.000 description 7
- 230000003287 optical effect Effects 0.000 description 4
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000004364 calculation method Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 239000013307 optical fiber Substances 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 230000004044 response Effects 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 208000033748 Device issues Diseases 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/04—Trading; Exchange, e.g. stocks, commodities, derivatives or currency exchange
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
Definitions
- the present disclosure relates to the field of computer technology, in particular to a security authentication method, device and system for digital currency transactions.
- Digital currency is an important part of the new generation of payment methods. With the popularization of digital currency, the security protection of digital currency has become an issue that must be paid enough attention. Neither long-distance transmission nor near-field transmission on the device of the party and the payer provides sufficient protection for the security of information transmission, device security control, and user privacy, which poses certain security risks. At the same time, because the data is likely to be hijacked and forged by the middleman during the transmission process, the digital currency is likely to be stolen, and it is also subject to many external security threats. There is no good solution to the theft of sensitive data and important data. Therefore, it is very important to implement sensitive data of digital currency, access control of important data, and encryption to ensure the security of digital currency transactions.
- the embodiment of the present disclosure provides a security authentication for digital currency transactions Methods, devices and systems.
- a security authentication method for digital currency transactions is provided.
- a security authentication method for digital currency transactions comprising: a first terminal device storing a first certificate issued by a digital currency issuer and a second certificate issued by one or more digital currency operating terminals, the digital currency operating terminal and The second certificates are in one-to-one correspondence, and the first certificate is used for the first terminal device to verify the second certificate; the first terminal device receives the first A third certificate sent by a digital currency operating terminal, and using the second certificate issued by the first digital currency operating terminal after the signature verification is passed, to verify the signature of the third certificate, and the third certificate is Generated by the first digital currency operator based on the signature data of the first terminal device; after the first terminal device passes the third certificate verification, it communicates with the first digital currency operator and/or The second terminal device conducts digital currency transactions, wherein the second terminal device stores a fourth certificate sent by a second digital currency operating terminal among the one or more digital currency operating terminals.
- the second certificate issued by the digital currency operator is generated by the digital currency issuer according to the organization data of the digital currency operator and sent to the digital currency operator,
- the institution data includes an institution identification.
- the first terminal device before the first terminal device receives the third certificate sent by the first digital currency operation terminal among the one or more digital currency operation terminals, includes: Signature of the local data of the first terminal device to generate the signature data of the first terminal device, the local data of the first terminal device includes the device identifier of the first terminal device and the signature data generated by the first terminal device random number; the first terminal device sends the signature data of the first terminal device to the first digital currency operator, so that the first digital currency operator can use the signature data of the first terminal device
- the third certificate is generated.
- the step of performing the digital currency transaction between the first terminal device and the first digital currency operator includes: the first terminal device uses the first process key to pair the digital currency
- the first business data of the currency transaction is encrypted and sent to the first digital currency operation terminal, so that the first digital currency operation terminal
- the business data generates the second business data of the digital currency transaction;
- the first terminal device receives the encrypted communication data and the summary information signature sent by the first digital currency operator, and the encrypted communication data is the first digital currency
- the money operation end uses the first process key to encrypt the second business data, and the summary information signature is that the first digital currency operation end generates the first summary information for the second business data, and then Obtained by signing the first summary information;
- the first terminal device decrypts the encrypted communication data to obtain the second service data, and generates second summary information for the decrypted second service data; And, verifying the signature of the summary information to obtain the first summary information;
- the first terminal device compares the first summary information with the second summary information, and if the comparison is consistent , performing
- the first terminal device and the first digital currency operator respectively generate the first process key in the following manner: through the first terminal device and the first digital
- the key negotiation between the money operation terminals determines the first shared secret key; using the first shared secret key, the device identification of the first terminal device and the random number generated by the first terminal device are performed Encrypt to obtain the first process key.
- the step of performing the digital currency transaction between the first terminal device and the second terminal device includes: the first terminal device sends the third certificate to the second terminal device terminal device, and receive the fourth certificate sent by the second terminal device; the first terminal device determines from the one or more digital currency operators according to the signature information in the fourth certificate The second digital currency operating terminal; the first terminal device uses the second certificate issued by the second digital currency operating terminal after the signature verification to verify the signature of the fourth certificate.
- the step of conducting the digital currency transaction between the first terminal device and the second terminal device further includes: the first terminal device and the second terminal device use a second process A key, encrypting the business data communicated in the digital currency transaction, and sending it to the peer terminal device, the first terminal device and the second terminal device are the peer terminal devices, wherein: The first terminal device and the second terminal device respectively generate the second process key in the following manner: through the first The key negotiation between a terminal device and the second terminal device determines a second shared secret key, and exchanges respective random numbers; for the random numbers of both the first terminal device and the second terminal device, Processing is performed according to a preset processing rule to obtain a random number to be encrypted, and the random number to be encrypted is encrypted by using the second shared secret key to obtain the second process key.
- the first terminal device performs local operations related to the digital currency transaction in the security encryption chip, and the local operations include: the operation of generating process keys, data encryption operations, data One or more operations of decryption operation, signature operation, and signature verification operation, wherein the process key is the first process key used for the digital currency exchange with the first digital currency operator, Or the second process key used for the digital currency exchange with the second terminal device.
- a security authentication device for digital currency transactions is provided.
- a security authentication device for digital currency transactions used for a first terminal device, comprising: a certificate storage module configured to store a first certificate issued by a digital currency issuer and a first certificate issued by one or more digital currency operators. Two certificates, the digital currency operation terminal corresponds to the second certificate one by one; the signature verification module is configured to use the first certificate to verify the signature of the second certificate; the certificate receiving module is configured to receive the The third certificate sent by the first digital currency operating terminal among the one or more digital currency operating terminals; the signature verification module is also configured to use the certificate issued by the first digital currency operating terminal after the signature verification The second certificate is for verifying the signature of the third certificate, and the third certificate is generated by the first digital currency operator according to the signature data of the first terminal device; the secure transaction module is configured to After the third certificate is verified and signed, conduct digital currency transactions with the first digital currency operating terminal and/or the second terminal device, wherein the second terminal device stores the information stored in the one or more digital currency operating terminals.
- the fourth certificate sent by the second digital currency operator Two certificates, the
- the second certificate issued by the digital currency operator is generated by the digital currency issuer according to the organization data of the digital currency operator and sent to the digital currency operator,
- the institution data includes an institution identification.
- a signature module configured to: Sign the local data of the first terminal device to generate the signature data of the first terminal device, where the local data of the first terminal device includes the device identifier of the first terminal device and the random number generated by the first terminal device number; sending the signature data of the first terminal device to the first digital currency operation terminal, so that the first digital currency operation terminal generates the third certificate according to the signature data of the first terminal device.
- the secure transaction module is further configured to: use a first process key to encrypt the first business data of the digital currency transaction, and send it to the first digital currency operation terminal, Generate the second business data of the digital currency transaction by the first digital currency operating terminal according to the first business data; receive the encrypted communication data and summary information signature sent by the first digital currency operating terminal, the The encrypted communication data is obtained by encrypting the second business data by the first digital currency operating terminal using the first process key, and the summary information signature is obtained by the first digital currency operating terminal encrypting the second business data.
- the business data generates the first summary information, and then signs the first summary information; decrypts the encrypted communication data to obtain the second business data, and generates the second business data obtained by decrypting the second business data. summary information; and, verifying the signature of the summary information to obtain the first summary information; comparing the first summary information with the second summary information, and if the comparison is consistent, the Perform corresponding business processing on the second business data, and return the processing result to the first digital currency operation terminal.
- the secure transaction module is further configured to: determine a first shared secret key through key negotiation between the first terminal device and the first digital currency operator; Encrypt the device identifier of the first terminal device and a random number generated by the first terminal device by using the first shared secret key to obtain the first process key.
- the secure transaction module is further configured to: send the third certificate to the second terminal device, and receive the fourth certificate sent by the second terminal device;
- the signature verification module is further configured to: determine the second digital currency operating terminal from the one or more digital currency operating terminals according to the signature information in the fourth certificate; the first terminal device utilizes The second certificate issued by the second digital currency operation terminal after the signature verification is passed, and the signature of the fourth certificate is verified.
- the secure transaction module is further configured as: the The first terminal device and the second terminal device use the second process key to encrypt the business data communicated in the digital currency transaction and send it to the opposite terminal device, the first terminal device and the The second terminal device is the peer terminal device, wherein: the first terminal device and the second terminal device respectively generate the second process key in the following manner: through the first terminal device and the The key agreement between the second terminal device determines the second shared secret key, and exchanges their respective random numbers; for the random numbers of both the first terminal device and the second terminal device, follow the preset processing The rules are processed to obtain the random number to be encrypted, and the random number to be encrypted is encrypted by using the second shared secret key to obtain the second process key.
- the first terminal device performs local operations related to the digital currency transaction in the security encryption chip, and the local operations include: the operation of generating process keys, data encryption operations, data One or more operations of decryption operation, signature operation, and signature verification operation, wherein the process key is the first process key used for the digital currency exchange with the first digital currency operator, Or the second process key used for the digital currency exchange with the second terminal device.
- a security authentication system for digital currency transactions is provided.
- a security authentication system for digital currency transactions including: a digital currency issuing terminal, one or more digital currency operating terminals, and a first terminal device, the first terminal device includes the digital currency transaction authentication system provided by an embodiment of the present disclosure. safety authentication device.
- an electronic device is provided.
- An electronic device comprising: one or more processors; a memory configured to store one or more programs, when the one or more programs are executed by the one or more processors, the one or more or multiple processors to implement the security authentication method for digital currency transactions provided by the embodiments of the present disclosure.
- a computer-readable medium is provided.
- a computer-readable medium on which a computer program is stored, the program is processed The security authentication method for digital currency transactions provided by the embodiments of the present disclosure is implemented when the server is executed.
- the first terminal device stores the first certificate issued by the digital currency issuer and the second certificate issued by one or more digital currency operators, and the first certificate is used for the first
- the terminal device verifies the signature of the second certificate
- the first terminal device receives the third certificate sent by the first digital currency operating terminal among one or more digital currency operating terminals, and uses the third certificate issued by the first digital currency operating terminal after the signature verification is passed.
- the second certificate of the third certificate verifies the signature of the third certificate.
- the third certificate is generated by the first digital currency operator based on the signature data of the first terminal device;
- the operating terminal and/or the second terminal device conduct digital currency transactions, wherein the second terminal device stores the fourth certificate sent by the second digital currency operating terminal among the one or more digital currency operating terminals.
- FIG. 1 is a schematic diagram of main steps of a security authentication method for digital currency transactions according to an embodiment of the present disclosure
- FIG. 2 is a schematic diagram of a security authentication process for digital currency transactions according to an embodiment of the present disclosure
- FIG. 3 is a schematic diagram of a security authentication process for digital currency transactions according to another embodiment of the present disclosure.
- Fig. 4 is a schematic diagram of main modules of a security authentication device for digital currency transactions according to an embodiment of the present disclosure
- FIG. 5 is a schematic diagram of a security authentication system for digital currency transactions according to an embodiment of the present disclosure
- Figure 6 is a security authentication system for digital currency transactions according to an embodiment of the present disclosure Schematic diagram of the main components of the system;
- FIG. 7 is an exemplary system architecture diagram to which embodiments of the present disclosure can be applied.
- Fig. 8 is a schematic structural diagram of a computer system suitable for implementing a terminal device according to an embodiment of the present disclosure.
- Fig. 1 is a schematic diagram of main steps of a security authentication method for digital currency transactions according to an embodiment of the present disclosure.
- a security authentication method for digital currency transactions mainly includes the following steps S101 to S103.
- Step S101 The first terminal device stores the first certificate issued by the digital currency issuer and the second certificate issued by one or more digital currency operators.
- the digital currency operators correspond to the second certificates one by one.
- the first certificate is used for the A terminal device verifies the signature of the second certificate;
- Step S102 The first terminal device receives the third certificate sent by the first digital currency operating terminal among the one or more digital currency operating terminals, and uses the second certificate issued by the first digital currency operating terminal after the signature verification is passed, Verifying the signature of the third certificate, the third certificate is generated by the first digital currency operator based on the signature data of the first terminal device;
- Step S103 After passing the third certificate verification, the first terminal device conducts a digital currency transaction with the first digital currency operator and/or the second terminal device, wherein the second terminal device stores the one or more digital currencies The fourth certificate sent by the second digital currency operation terminal in the operation terminal.
- the foregoing first terminal device and the second terminal device are different terminal devices.
- the digital currency issuer can be the central bank's CI (Certificate Issuer certificate issuer) certificate issuance center, and the digital currency operator can be the certification system of the banking institution, including Including but not limited to the authentication systems of commercial banking institutions, UnionPay institutions, etc.
- the certificate issued by the digital currency issuing end is called the first certificate
- the certificate issued by the digital currency operating end is called the second certificate.
- Each digital currency operating end issues its own second certificate.
- the digital currency operating end and The second certificate is in one-to-one correspondence.
- the second certificate issued by the digital currency operator is generated by the digital currency issuer based on the institution data of the digital currency operator and sent to the digital currency operator.
- the institutional data includes the institution identification.
- the digital currency operator can send the institutional data including the organization identification and certificate content to the digital currency issuer, and the digital currency issuer signs the received institutional data with the private key of the digital currency issuer to obtain the second certificate. And return the second certificate to the digital currency operation terminal, so as to be issued to the first terminal device by the digital currency operation terminal.
- the first certificate contains the public key of the digital currency issuer, which can be used to verify the signature of the second certificate to determine that the second certificate is issued by the digital currency issuer.
- the first terminal device may sign the local data of the first terminal device to generate a signature of the first terminal device Data, the local data of the first terminal device includes the device identification of the first terminal device and the random number generated by the first terminal device; the first terminal device sends the signature data of the first terminal device to the first digital currency operation terminal, so that The first digital currency operator generates a third certificate based on the signature data of the first terminal device.
- the first digital currency operator can use the private key of the first digital currency operator to sign the signature data of the first terminal device to generate third certificate.
- the second certificate issued by the first digital currency operator includes the public key of the first digital currency operator, so that the first terminal device can send The incoming third certificate is verified.
- the third certificate and the fourth certificate are both wallet certificates, but the terminal devices they belong to are different.
- the second terminal device signs the local data of the second terminal device (including the device identification of the second terminal device and the random number generated by the second terminal device), generates the signature data of the second terminal device, and sends the signature data of the second terminal device to The data is sent to the second digital currency operating terminal, and the second digital currency operating terminal generates a fourth certificate according to the signature data of the second terminal device.
- the step of conducting the digital currency transaction between the first terminal device and the first digital currency operator terminal may include: the first terminal device uses the first process key to conduct the first business of digital currency transaction The data is encrypted and sent to the first digital currency operation terminal, so that the first digital currency operation terminal generates the second business data of digital currency transactions according to the first business data; the first terminal device receives the encrypted data sent by the first digital currency operation terminal The communication data and summary information signature, the encrypted communication data is obtained by encrypting the second business data by the first digital currency operation terminal using the first process key, and the summary information signature is the first digital currency operation terminal to generate the second business data.
- the summary information is obtained by signing the first summary information; the first terminal device decrypts the encrypted communication data to obtain the second service data, and generates the second summary information from the decrypted second service data; and, signs the summary information Signature verification to obtain the first summary information; the first terminal device compares the first summary information with the second summary information, and if the comparison is consistent, performs corresponding business processing on the second business data, and reports the processing result Return to the first digital currency operation terminal.
- the above-mentioned first business data refers to the business data that the first terminal equipment needs to communicate with the first digital currency operation terminal when conducting digital currency transactions
- the second business data refers to the business data that the first digital currency operation terminal needs to communicate with the first digital currency operation terminal when conducting digital currency transactions.
- the business data communicated by the terminal device, the specific content of the business data is related to the transaction type.
- the first terminal device and the first digital currency operator can respectively generate the first process key in the following manner: determine the first shared secret key through key negotiation between the first terminal device and the first digital currency operator; Using the first shared secret key, the device identifier of the first terminal device and the random number generated by the first terminal device are encrypted to obtain the first process key.
- the step of conducting digital currency transactions between the first terminal device and the second terminal device may include: the first terminal device may send the third certificate to the second terminal device, and receive the fourth certificate sent by the second terminal device; the first terminal device may According to the signature information in the fourth certificate, determine the second digital currency operator from one or more digital currency operators.
- the signature information in the fourth certificate includes the private key signature of the second digital currency operator, that is, to The data obtained by signing the signature data of the second terminal device can determine the second digital currency operator according to the private key signature; the first terminal device uses the second certificate issued by the second digital currency operator after the signature verification is passed, To verify the signature of the fourth certificate, specifically, the public key of the second digital currency operating terminal in the second certificate issued by the second digital currency operating terminal may be used to verify the signature of the fourth certificate.
- the step of the digital currency transaction between the first terminal device and the second terminal device may also include: the first terminal device and the second terminal device use the second process key to encrypt the business data communicated in the digital currency transaction, and send
- the first terminal device and the second terminal device are mutual peer terminal devices, that is, the peer terminal device of the first terminal device is the second terminal device, and vice versa.
- the first terminal device and the second terminal device respectively generate the second process key in the following manner: determine the second shared secret key through key negotiation between the first terminal device and the second terminal device, and exchange their respective random number; the random numbers of both the first terminal device and the second terminal device are processed according to preset processing rules to obtain the random number to be encrypted, and the second shared secret key is used to encrypt the random number to be encrypted to obtain the second Two process keys.
- the processing is performed according to a preset processing rule to obtain the random number to be encrypted.
- the random numbers of the first terminal device and the second terminal device may be concatenated to obtain the random number to be encrypted.
- the first terminal device performs local operations related to digital currency transactions in the security encryption chip (SE), and the local operations include: one of the operation of generating process keys, data encryption operations, data decryption operations, signature operations, and signature verification operations.
- the data encryption operation may include but not limited to the operation of encrypting the communication service data by using the process key, and the data decryption operation may be a decryption operation corresponding to the data encryption operation.
- Fig. 2 is a schematic diagram of a security authentication process for digital currency transactions according to an embodiment of the present disclosure.
- the security authentication process for digital currency transactions in an embodiment of the present disclosure includes: the digital currency issuer sends the first certificate to the digital currency operator (S201); the digital currency issuer sends the first certificate to the first terminal device
- a terminal device sends the second certificate of the institution (S205); the first terminal device sends the signature data of the local data of the first terminal device to the digital currency operator (S206);
- the digital currency operating terminal issues the third certificate of the first terminal device to the first terminal device (S207); the digital currency operating terminal and the first terminal device generate a process key to encrypt transmitted data (S208).
- the process key in this embodiment is the first process key, which will not be described one by one below.
- the central bank (central bank) CI certificate issuing center refers to the digital currency issuer, SE terminal
- SE security encryption chip
- the digital currency operation terminal receives the first certificate issued by the central bank's CI certificate issuance center, and the digital currency operation terminal sends the bank's institutional data (including institution logo, certificate content, etc.) to the central bank's CI certificate issuance center, and the central bank's CI certificate issuance center uses the central bank's
- the private key (or the first private key) signs the data of the banking institution and obtains the second certificate.
- the digital currency operator uses the central bank public key in the first certificate to verify the signature of the second certificate.
- the digital currency operator Send the second certificate to the SE terminal device, and the SE terminal device receives the first certificate issued by the CI certificate issuing center of the central bank and the second certificate sent after the digital currency operator passes the verification; the SE terminal device uses the first certificate to verify the second certificate.
- the signature data obtained by signing local data such as device identification CID and random numbers with the local private key (or third private key) of the SE terminal device is sent to the digital currency operator through the security gateway.
- the private key (or the second private key) owned by the currency operation terminal signs the signature data of the SE terminal device, obtains the third certificate, and sends it to the SE terminal device, and the SE terminal device uses the second certificate to verify the third certificate (Specifically, use the public key of the banking institution in the second certificate (that is, the public key of the digital currency operation terminal) to realize the signature verification); after the SE terminal device passes the verification of the third certificate, the digital currency operation terminal and the SE terminal device respectively form data communication key (or shared secret key).
- the SE terminal device includes a random number generator. During the security authentication process, the SE terminal device generates a random number. In a complete authentication process, the random number is the same value, and the digital currency operator and the SE terminal device form a data communication encryption respectively. key, the data communication key uses the SM2 elliptic curve key agreement protocol algorithm to create the same shared secret key (namely the first shared secret key) between the digital currency operator and the SE terminal equipment. Use the data communication key to encrypt the device identification CID and the random number to generate a process key.
- the process key can use symmetric encryption algorithm, AES (Advanced Encryption Standard, advanced encryption Encryption standard) algorithm, or national secret SM4 (SM4 cryptographic algorithm, SM4 algorithm) algorithm to encrypt and decrypt the communication data, and complete the encrypted communication between the digital currency operator terminal and the SE terminal equipment.
- AES Advanced Encryption Standard, advanced encryption Encryption standard
- SM4 national secret SM4 (SM4 cryptographic algorithm, SM4 algorithm) algorithm to encrypt and decrypt the communication data, and complete the encrypted communication between the digital currency operator terminal and the SE terminal equipment.
- the process keys generated by the digital currency operation terminal and the SE terminal equipment are the same value.
- Communication data refers to the specific business data transmitted between the digital currency operator and SE terminal equipment when conducting digital currency transactions, which may include currency string transaction information, transaction indexes, etc.
- the specific content varies depending on the business type of the transaction.
- the data sent by the digital currency operator to the SE terminal device also includes a summary information signature.
- the summary information signature is that the digital currency operator uses the second private key (that is, the private key of the digital currency operator) to sign the first summary information.
- the first summary information is obtained by calculating the communication data by using the data communication key at the digital currency operation terminal, and the summary algorithm is the SHA (Secure Hash Algorithm) 256 algorithm, or the national SM3 (SM3 Cryptographic Hash Algorithm) algorithm.
- the communication data calculated using the digest algorithm in the digital currency operation terminal and the communication data encrypted using the process key are the same data.
- the SE terminal device After the SE terminal device receives the summary information signature and the digital currency operator uses the process key to encrypt the communication data, the SE terminal device verifies the summary information signature (the public key of the digital currency operator can be used to achieve signature verification) , and decrypt the encrypted communication data to obtain the communication data.
- the SE terminal device uses the same digest algorithm to calculate the digest information of the decrypted communication data (that is, the second digest information); compare the calculated digest information with the digest information obtained from the signature verification (that is, the first digest information), if If the two are the same, it means that the communication data has not been tampered with by a third party during transmission, and the security of the received communication data can be confirmed.
- the SE terminal device processes the operation information in the communication data, such as the recharge service, then performs the terminal operation related to the recharge, and then uses the process key Encrypt the processed data (that is, the business processing result of the second business data) and return it to the digital currency operation terminal through the security gateway; (that is, the first summary information) is different, it means that the communication data may have been tampered with by a third party, the SE terminal device will refuse to execute the received communication data, and will receive the communication data The letter data is deleted.
- the private key of the SE terminal device is stored in the embedded programmable logic controller of the SE terminal device, that is, in the security encryption chip (SE), and it is forbidden to be read, and the private key is used to
- SE security encryption chip
- the process key is generated, and the communication data encryption, decryption, data signature, signature verification and other calculation processes are all completed inside the security encryption chip, ensuring the security of the key information and
- the security of communication data can be guaranteed for various businesses of digital currency transactions, such as opening, recharging, cash withdrawal, cancellation, etc.
- Fig. 3 is a schematic diagram of a security authentication process for digital currency transactions according to another embodiment of the present disclosure.
- the security authentication process for digital currency transactions in another embodiment of the present disclosure includes: the payee wallet APP sends transaction information initial data to the payer SE (S301); The APP sends transaction information, the certificate of SE device 2, the temporary public key of SE device 2 and other response data (S302); the payee wallet APP sends the response data received in S302 to the payee SE (S303); The party SE sends the certificate of the SE device 1, the temporary public key of the SE device 1, and the ciphertext of the wallet information data of the SE device 1 calculated by key negotiation to the payee's wallet APP (S304); SE sends the certificate of SE device 1, the temporary public key of SE device 1, and the ciphertext of the wallet information data of SE device 1 calculated by key negotiation (S305); the payer SE sends the SE device calculated by key negotiation to the wallet APP of the payee.
- the ciphertext of the wallet information data of device 2 (S306); the wallet APP of the payee sends the ciphertext of the wallet information data of SE device 2 calculated by key negotiation to the payee SE (S307); the transaction is successful (S308), and a corresponding notification is sent information.
- SE device 1 is the first terminal device
- SE device 2 is the second terminal device
- the first terminal device is the payee device in this embodiment
- the second terminal device is the payer device in this embodiment device
- the payee’s wallet APP is the wallet application program on the first terminal device
- the payer’s wallet APP is the wallet application program on the second terminal device
- the payee’s SE is the security encryption chip of the first terminal device
- the payer’s SE It is a security encryption chip of the second terminal device.
- the first terminal device may also be used as the payee device
- the second terminal device may be used as the payer device.
- the following is a detailed introduction to the security authentication process for digital currency transactions in this embodiment.
- the following digital currency operation end is specifically the authentication system of a banking institution, and the CI certificate issuance center of the central bank refers to the digital currency issuer.
- Both SE device 1 and SE device 2 receive the first certificate issued by the CI certificate issuing center of the central bank and the second certificate issued by the digital currency operator. Among them, the digital currency operator who issues the second certificate to SE device 1 and SE device 2 can same or different.
- SE device 1 sends its own signature certificate (that is, the third certificate) to another SE device 2 through NFC (near field communication), and SE device 2 will also send its own signature certificate (that is, the fourth certificate) to SE device 1.
- the third certificate and the fourth certificate are the wallet certificates of the corresponding terminal devices, which are used to verify each other when the two terminal devices conduct offline transactions.
- the third certificate and the fourth certificate are verified and protected by the first certificate and the second certificate issued by the corresponding digital currency operator, that is, the first certificate is used to verify the signature of the second certificate, and after the verification is passed, the second certificate is used Verifiable third certificate.
- SE device 2 receives the third certificate of SE device 1 and performs signature verification. After the signature verification is passed, it continues the subsequent offline wallet transaction (that is, sends the coin string ciphertext to the other party, and the other party receives the coin string information).
- SE device 1 sends the generated random number, temporary public key, currency string transaction information, etc.
- SE device 1 and SE device 2 respectively use the SM2 elliptic curve key agreement algorithm to form a data communication key
- SE device A shared secret key that is, a second shared secret key
- the shared secret key is the same data communication key negotiated.
- Use the data communication key to process the random numbers generated by the terminal devices (SE device 1, SE device 2) of both communication parties, for example, splicing the random numbers generated by SE device 1 and SE device 2 to obtain a new random number to be encrypted number, use the shared secret key (i.e.
- the process key in this embodiment is the second process key, which will not be described one by one below
- the process key can use the symmetric encryption algorithm, SM4 (SM4 cryptographic algorithm, SM4 algorithm), or AES (Advanced Encryption Standard, Advanced Encryption Standard) algorithm to encrypt and decrypt the communication data, and complete the SE device 1 and SE Transaction data communication such as encrypted coin string transmission of device 2.
- SM4 SM4 cryptographic algorithm, SM4 algorithm
- AES Advanced Encryption Standard, Advanced Encryption Standard
- the private key is stored in the embedded programmable logic controller (that is, the security encryption chip) of the SE terminal device, and is prohibited from being read, and the private key is used to After the private key is negotiated with the other device, the process key is generated, and the communication data encryption, decryption, data signature, verification and other calculation processes are all completed inside the security encryption chip to ensure the security of the key information .
- the embedded programmable logic controller that is, the security encryption chip
- Fig. 4 is a schematic diagram of main modules of a security authentication device for digital currency transactions according to an embodiment of the present disclosure.
- a security authentication device 400 for digital currency transactions can be used in a terminal device, and the following uses a first terminal device as an example for introduction.
- the security authentication device 400 for digital currency transactions mainly includes: a certificate storage module 401 , a signature verification module 402 , a certificate receiving module 403 , and a security transaction module 404 .
- the certificate storage module 401 is configured to store the first certificate issued by the digital currency issuer and the second certificate issued by one or more digital currency operating terminals, and the digital currency operating terminal corresponds to the second certificate;
- the signature verification module 402 is configured to use the first certificate to verify the signature of the second certificate
- the certificate receiving module 403 is configured to receive the third certificate sent by the first digital currency operating terminal among the one or more digital currency operating terminals;
- the signature verification module 402 is also configured to verify the signature of the third certificate by using the second certificate issued by the first digital currency operator after the signature verification is passed. signature data generated;
- the secure transaction module 404 is configured to conduct digital currency transactions with the first digital currency operator and/or the second terminal device after the third certificate is verified, wherein the second terminal device stores one or more digital currencies The fourth certificate sent by the second digital currency operation terminal in the operation terminal.
- the second certificate issued by the digital currency operator is generated by the digital currency issuer based on the institution data of the digital currency operator and sent to the digital currency operator.
- the institutional data includes the institution identification.
- the security authentication device 400 for digital currency transactions may also include a signature module configured to: sign the local data of the first terminal device to generate signed data of the first terminal device, the local data of the first terminal device includes the first The device identification of the terminal device and the random number generated by the first terminal device; sending the signature data of the first terminal device to the first number The digital currency operating terminal, so that the first digital currency operating terminal generates a third certificate according to the signature data of the first terminal device.
- a signature module configured to: sign the local data of the first terminal device to generate signed data of the first terminal device, the local data of the first terminal device includes the first The device identification of the terminal device and the random number generated by the first terminal device; sending the signature data of the first terminal device to the first number The digital currency operating terminal, so that the first digital currency operating terminal generates a third certificate according to the signature data of the first terminal device.
- the secure transaction module 404 is further configured to: use the first process key to encrypt the first business data of the digital currency transaction, and send it to the first digital currency operation terminal, so that the first digital currency operation terminal Generate the second business data of the digital currency transaction according to the first business data; receive the encrypted communication data and the summary information signature sent by the first digital currency operator, the encrypted communication data is the first digital currency operator using the first process key to the second
- the second business data is encrypted, and the summary information signature is obtained by the first digital currency operator generating the first summary information for the second business data, and then signing the first summary information; decrypting the encrypted communication data to obtain the second business data, And generate second abstract information for the second business data obtained by decryption; and, verify the signature of the abstract information to obtain the first abstract information; compare the first abstract information with the second abstract information, and if the comparison is consistent Next, perform corresponding business processing on the second business data, and return the processing result to the first digital currency operation terminal.
- the secure transaction module 404 is also configured to: determine the first shared secret key through key negotiation between the first terminal device and the first digital currency operator; use the first shared secret key to The device identifier and the random number generated by the first terminal device are encrypted to obtain the first process key.
- the secure transaction module 404 is further configured to: send the third certificate to the second terminal device, and receive the fourth certificate sent by the second terminal device.
- the signature verification module 402 is also configured to: determine the second digital currency operator from one or more digital currency operators according to the signature information in the fourth certificate; The second certificate issued by the currency operation terminal is used to verify the signature of the fourth certificate.
- the secure transaction module 404 is also configured as: the first terminal device and the second terminal device use the second process key to encrypt the business data communicated in the digital currency transaction and send it to the opposite terminal device, the first terminal device
- the second terminal device and the second terminal device are peer terminal devices, wherein: the first terminal device and the second terminal device respectively generate the second process key in the following manner: through the key negotiation between the first terminal device and the second terminal device determine the second shared secret key, and exchange their respective random numbers; for the first terminal device and the second terminal
- the random numbers of both devices are processed according to the preset processing rules to obtain the random numbers to be encrypted, and the random numbers to be encrypted are encrypted with the second shared secret key to obtain the second process key.
- the first terminal device in the embodiment of the present disclosure can perform local operations related to digital currency transactions in the security encryption chip, and the local operations include: the operation of generating process keys, data encryption operations, data decryption operations, signature operations, and signature verification operations.
- Fig. 5 is a schematic structural diagram of a security authentication system for digital currency transactions according to an embodiment of the present disclosure.
- the security authentication system for digital currency transactions includes a digital currency issuer 501, a digital currency operator 502, and a terminal device 504, wherein the terminal device 504 communicates with the digital currency through a security gateway 503
- the issuer 501 and the digital currency operator 502 interact.
- the digital currency issuer 501 can specifically be the CI (Certificate Issuer, certificate issuer) certificate issuing center of the central bank (central bank), and the digital currency operator 502 can be specifically the authentication system of a banking institution (referred to as a banking institution in this embodiment), and the terminal
- the device 504, which is the following SE terminal device, may be the first terminal device.
- the CI certificate issuing center of the central bank issues the first certificate to the banking institution and the SE terminal device respectively, and the banking institution issues the second certificate to the SE terminal device.
- the CI certificate issuing center of the central bank internally stores the first private key matching the first certificate (ie Central bank private key), the banking institution internally stores the second private key matching the second certificate (that is, the private key owned by the banking institution); among them, the CI certificate issuing center of the central bank issues the first certificate to the banking institution, and the banking institution issues the first certificate to the banking institution
- the SE terminal device issues the second certificate.
- the way of issuing the first certificate and the first certificate may be: directly put the certificate into the bank institution, or directly put it into the SE terminal device; or issue the first certificate and the second certificate to the bank institution and the SE terminal device respectively through the Internet.
- a unique device identification CID is stored in the SE terminal device, and the device identification CID is stored in the embedded ESIM (programmable logic controller) of the SE terminal device, that is, the security encryption chip (SE).
- the SE terminal device can be one or more of a mobile phone, a watch, a bracelet, a visual card, a special-shaped card, or other electronic wearable devices with communication functions.
- the banking institution conducts data transmission with the SE terminal equipment through the security gateway.
- random numbers are generated during the security authentication process, and the random numbers are used for data encryption operations during the security authentication process.
- the certificate authentication system based on the SM2 national secret algorithm elliptic curve encryption algorithm
- the identification CID, public key and other authentication information of the SE terminal device are obtained, and the process key generated through negotiation between the banking institution and the SE terminal device is used to transmit the certificate.
- Data is encrypted and decrypted to realize mutual authentication and secure communication between banking institutions and SE terminal devices, thereby avoiding security risks such as information leakage and illegal access.
- Fig. 6 is a schematic diagram of main components of a security authentication system for digital currency transactions according to an embodiment of the present disclosure.
- a security authentication system 600 for digital currency transactions mainly includes: a digital currency issuing terminal 601 , a digital currency operating terminal 602 , and a first terminal device 603 .
- the number of digital currency operating terminals 602 may be one or more, and the first terminal device 603 includes the security authentication device 400 for digital currency transactions according to the embodiment of the present disclosure.
- the digital currency operating terminal 602 is an authentication system of a banking institution (this embodiment is referred to as a banking institution), the digital currency issuing terminal 601 is the CI certificate issuing center of the central bank, and the first terminal device 603 is an SE terminal device as an example to introduce.
- the banking institution receives the first certificate issued by the CI certificate issuing center of the central bank (the first certificate is generated by signing the data of the central bank with the root certificate of the central bank, including the public key of the central bank), and the SE terminal device receives the first certificate issued by the CI certificate issuing center of the central bank.
- the certificate and the second certificate issued by the banking institution sends the data of the bank institution to the central bank CI certificate issuing center through the security gateway, and the central bank CI certificate issuing center uses the central bank CI certificate issuing center's own first private key to sign the data of the bank institution to obtain the second certificate;
- the bank institution uses the first certificate issued by the CI certificate issuing center of the central bank to verify the signature of the second certificate, and then sends the second certificate to the SE terminal device;
- the SE terminal device uses After the first certificate issued by the Central Bank CI Certificate Issuing Center passes the verification of the second certificate, the signature obtained by signing the device identification CID and random number with the third private key (that is, the terminal private key) is sent to the banking institution through the security gateway.
- the banking institution verifies the data signature data sent by the SE terminal device, and then uses the second private key (that is, the private key of the banking institution) to sign the device identification CID and random number and other signature data to obtain the third certificate.
- the third certificate is returned to the SE terminal device; the SE terminal device uses the second certificate to verify the third certificate; after the third certificate is verified, the banking institution and the SE terminal device respectively form a data communication key, which can be encrypted with the public key.
- SE key decryption or create a key agreement agreement between the second private key of the banking institution and the signature data public key shared secret of the SE terminal device, as the first data communication key between the banking institution and the SE terminal device Key, through the private key of the SE terminal device (that is, the third private key) and the second certificate shared secret of the banking institution to create a key agreement agreement, as the second data communication key between the banking institution and the SE terminal device , the first data communication key is the same as the second data communication key, which is the data communication key, and the data communication key is used to form a process key.
- the specific method of generating the process key has been introduced in detail in the above embodiment. I won't repeat them here.
- the banking institution uses the process key to encrypt the communication data, and sends the encrypted communication data to the SE terminal device through the security gateway; the SE terminal device processes the decrypted communication data, and then uses the process key to encrypt the processed data , and returned to the banking institution through the security gateway.
- the communication data is specifically the business data of digital currency transactions, such as opening, recharging, cash withdrawal, cancellation and other related business data.
- the SE terminal device presets the first certificate and the second certificate.
- the SE terminal device sends the wallet issuance initialization data WalletID, device type, wallet payment password ciphertext, time stamp, etc. to the banking institution.
- the SE terminal device uploads the signature data of the SE terminal device
- the banking institution can identify the SE terminal device according to the device identification in the signature data
- the banking institution verifies the signature data of the SE terminal device, and determines
- the wallet certificate that is, the third certificate
- issuance data such as transaction index and system parameter information are issued to the SE terminal device.
- the SE terminal device passes the verification of the third certificate, it can communicate with the banking institution for subsequent business data.
- FIG. 7 shows an exemplary system architecture 700 to which the security authentication method for digital currency transaction or the security authentication device for digital currency transaction according to an embodiment of the present disclosure can be applied.
- a system architecture 700 may include terminal devices 701 , 702 , and 703 , a network 704 and a server 705 .
- the network 704 is used as a medium for providing communication links between the terminal devices 701 , 702 , 703 and the server 705 .
- Network 704 may include various connection types, such as wires, wireless communication links, or fiber optic cables, among others.
- terminal devices 701, 702, 703 Users can use terminal devices 701, 702, 703 to interact with server 705 through network 704 to receive or send messages and the like.
- Various communication client applications can be installed on the terminal devices 701, 702, 703, such as shopping applications, web browser applications, search applications, instant messaging tools, email clients, social platform software, etc. (just for example).
- the terminal devices 701, 702, and 703 may be various electronic devices with display screens and supporting web browsing, including but not limited to smart phones, tablet computers, laptop computers, desktop computers, and the like.
- the server 705 may be a server that provides various services, such as a background management server that provides support for websites related to digital currency transactions browsed by users using the terminal devices 701 , 702 , and 703 (just an example).
- the background management server can analyze and process the received data such as transaction requests, and feed back the processing results (such as currency string transaction information—just an example) to the terminal device.
- the security authentication methods for digital currency transactions provided by the embodiments of the present disclosure are generally executed by terminal devices 701, 702, and 703, and correspondingly, the security authentication devices for digital currency transactions are generally set on terminal devices 701 , 702, 703.
- terminal devices, networks and servers in FIG. 7 are only illustrative. According to the implementation needs, there can be any number of terminal devices, networks and servers.
- FIG. 8 shows a schematic structural diagram of a computer system 800 suitable for implementing a terminal device according to an embodiment of the present application.
- the terminal device shown in FIG. 8 is only an example, and should not limit the functions and application scope of this embodiment of the present application.
- a computer system 800 includes a central processing unit (CPU) 801 that can be programmed according to a program stored in a read-only memory (ROM) 802 or a program loaded from a storage section 808 into a random-access memory (RAM) 803 Instead, various appropriate actions and processes are performed.
- ROM read-only memory
- RAM random-access memory
- various programs and data required for the operation of the system 800 are also stored.
- the CPU 801, ROM 802, and RAM 803 are connected to each other via a bus 804.
- An input/output (I/O) interface 805 is also connected to the bus 804 .
- the following components are connected to the I/O interface 805: an input section 806 including a keyboard, a mouse, etc.; an output section 807 including a cathode ray tube (CRT), a liquid crystal display (LCD), etc., and a speaker; a storage section 808 including a hard disk, etc. and a communication section 809 including a network interface card such as a LAN card, a modem, or the like.
- the communication section 809 performs communication processing via a network such as the Internet.
- a drive 810 is also connected to the I/O interface 805 as needed.
- a removable medium 811 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, etc., is mounted on the drive 810 as necessary so that a computer program read therefrom is installed into the storage section 808 as necessary.
- the processes described above with reference to the flowcharts can be implemented as computer software programs.
- the disclosed embodiments of the present disclosure include a computer program product, which includes a computer program carried on a computer-readable medium, where the computer program includes program codes for executing the methods shown in the flowcharts.
- the computer program may be downloaded and installed from a network via communication portion 809 and/or installed from removable media 811 .
- this computer program is executed by a central processing unit (CPU) 801
- CPU central processing unit
- the computer-readable medium shown in the present disclosure may be a computer-readable signal medium or a computer-readable storage medium or any combination of the above two.
- a computer readable storage medium may be, for example, but not limited to, an electrical, magnetic, optical, electromagnetic, infrared, or semiconductor system, device, or device, or any combination thereof. More specific examples of computer-readable storage media may include, but are not limited to, electrical connections with one or more wires, portable computer diskettes, hard disks, random access memory (RAM), read-only memory (ROM), erasable Programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), optical storage device, magnetic storage device, or any suitable combination of the above.
- computer readable storage may be any tangible medium that contains or stores a program for use by or in connection with the instruction execution system, apparatus, or device.
- a computer-readable signal medium may include a data signal propagated in baseband or as part of a carrier wave, in which computer-readable program codes are carried. Such propagated data signals may take many forms, including but not limited to electromagnetic signals, optical signals, or any suitable combination of the foregoing.
- a computer-readable signal medium may also be any computer-readable medium other than a computer-readable storage medium, which can send, propagate, or transmit a program for use by or in conjunction with an instruction execution system, apparatus, or device.
- Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
- each block in a flowchart or block diagram may represent a module, program segment, or portion of code that includes one or more logical functions for implementing specified executable instructions.
- the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or they may sometimes be executed in the reverse order, depending upon the functionality involved.
- each block in the block diagrams or flowchart illustrations, and combinations of blocks in the block diagrams or flowchart illustrations can be implemented by a dedicated hardware-based system that performs the specified function or operation, or can be implemented by a A combination of dedicated hardware and computer instructions.
- the modules involved in the embodiments described in the present disclosure may be implemented by software or by hardware.
- the described modules can also be set in a processor, for example, it can be described as: a processor includes a certificate storage module, a signature verification module, a certificate receiving module, and a secure transaction module.
- a processor includes a certificate storage module, a signature verification module, a certificate receiving module, and a secure transaction module.
- the names of these modules do not limit the module itself under certain circumstances.
- the certificate storage module can also be described as "used to store the first certificate issued by the digital currency issuer and one or more digital The module of the second certificate issued by the currency operation terminal".
- the present disclosure also provides a computer-readable medium, and the computer-readable medium may be included in the devices described in the above embodiments; or it may be a separate exists but is not incorporated into the device.
- the above-mentioned computer-readable medium carries one or more programs.
- the device When the above-mentioned one or more programs are executed by one device, the device includes: the first terminal device stores the first certificate issued by the digital currency issuer and one or more A second certificate issued by a digital currency operation terminal, the digital currency operation terminal corresponds to the second certificate one by one, and the first certificate is used for the first terminal device to verify the signature of the second certificate;
- the first terminal device receives the third certificate sent by the first digital currency operating terminal among the one or more digital currency operating terminals, and uses the third certificate issued by the first digital currency operating terminal after the signature verification is passed Two certificates, verifying the signature of the third certificate, the third certificate is generated by the first digital currency operator according to the signature data of the first terminal device; After the certificate is verified and signed, conduct digital currency transactions with the first digital currency operating terminal and/or the second terminal device, wherein the second terminal device stores the second The fourth certificate sent by the digital currency operator.
- the first terminal device stores the first certificate issued by the digital currency issuing terminal and the second certificate issued by one or more digital currency operating terminals; the first terminal device receives the certificate sent by the first digital currency operating terminal and use the second certificate issued by the first digital currency operator to verify the signature of the third certificate.
- the third certificate is generated by the first digital currency operator based on the signature data of the first terminal device After the third certificate is verified and signed, the first terminal device conducts digital currency transactions with the first digital currency operator and/or the second terminal device, and the second terminal device stores the fourth digital currency sent by the second digital currency operator terminal. Certificate. It can realize mutual authentication and secure communication between digital currency operation terminal and terminal equipment and between different terminal equipment, thereby avoiding security risks such as information theft, information leakage and illegal access.
- the first terminal device stores the first certificate issued by the digital currency issuer and the second certificate issued by one or more digital currency operators.
- Signature verification achieves the purpose of the first terminal device conducting digital currency transactions with the first digital currency operator and/or the second terminal device after the third certificate has passed the signature verification.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Business, Economics & Management (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Development Economics (AREA)
- Economics (AREA)
- Marketing (AREA)
- Strategic Management (AREA)
- Technology Law (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
本申请公开了一种用于数字货币交易的安全认证方法、装置和系统,涉及计算机技术领域。该方法的一具体实施方式包括:第一终端设备存储数字货币发行端签发的第一证书以及一个或多个数字货币运营端签发的第二证书;第一终端设备接收第一数字货币运营端发送的第三证书,并利用验签通过后的由第一数字货币运营端签发的第二证书对第三证书验签;第一终端设备在第三证书验签通过后,与第一数字货币运营端和/或第二终端设备进行数字货币交易,第二终端设备存储有第二数字货币运营端发送的第四证书。该实施方式能够实现数字货币运营端与终端设备之间以及不同终端设备之间的相互认证和安全通信,从而避免了信息窃取、信息泄露和非法访问等安全隐患。
Description
相关申请的交叉引用
本申请要求享有2022年2月24日提交的发明名称为“一种用于数字货币交易的安全认证方法、装置和系统”的中国专利申请No.202210173203.5的优先权,在此全文引用上述中国专利申请公开的内容以作为本申请的一部分或全部。
本公开涉及计算机技术领域,尤其涉及一种用于数字货币交易的安全认证方法、装置和系统。
数字货币是新一代支付方式的重要组成部分,随着数字货币的普及,数字货币的安全保护也就成了一个必须引起足够重视的问题,目前现有的数字货币交易中,目前无论是收款方和付款方设备上在远程传输还是近场距离本地传输,都没有对信息的传输安全、设备的安全控制和用户隐私等提供足够地保障,这样存在一定安全隐患。同时由于传输过程中数据很有可能被中间人劫持和伪造,数字货币很有可能被盗取,也受到外部的诸多的安全威胁,敏感数据、重要数据的窃取问题都没有很好的解决方案。因此实施对数字货币敏感数据、重要数据访问控制、加密保障数字货币交易安全非常关键。
在实现本公开过程中,公开人发现现有技术中至少存在如下问题:
在认证过程中存在信息窃取、信息泄露、安全性差的技术问题。
公开内容
有鉴于此,本公开实施例提供一种用于数字货币交易的安全认证
方法、装置和系统。
为实现上述目的,根据本公开实施例的一个方面,提供了一种用于数字货币交易的安全认证方法。
一种用于数字货币交易的安全认证方法,包括:第一终端设备存储数字货币发行端签发的第一证书以及一个或多个数字货币运营端签发的第二证书,所述数字货币运营端与所述第二证书一一对应,所述第一证书用于所述第一终端设备对所述第二证书验签;所述第一终端设备接收所述一个或多个数字货币运营端中第一数字货币运营端发送的第三证书,并利用验签通过后的由所述第一数字货币运营端签发的所述第二证书,对所述第三证书验签,所述第三证书是所述第一数字货币运营端根据所述第一终端设备的签名数据生成的;所述第一终端设备在所述第三证书验签通过后,与所述第一数字货币运营端和/或第二终端设备进行数字货币交易,其中,所述第二终端设备存储有所述一个或多个数字货币运营端中第二数字货币运营端发送的第四证书。
在本公开的一些实施例中,所述数字货币运营端签发的所述第二证书是所述数字货币发行端根据所述数字货币运营端的机构数据生成,并发送到所述数字货币运营端的,所述机构数据包括机构标识。
在本公开的一些实施例中,所述第一终端设备接收所述一个或多个数字货币运营端中第一数字货币运营端发送的第三证书之前,包括:所述第一终端设备对所述第一终端设备的本地数据签名,以生成所述第一终端设备的签名数据,所述第一终端设备的本地数据包括所述第一终端设备的设备标识和所述第一终端设备生成的随机数;所述第一终端设备将所述第一终端设备的签名数据发送至所述第一数字货币运营端,以由所述第一数字货币运营端根据所述第一终端设备的签名数据生成所述第三证书。
在本公开的一些实施例中,所述第一终端设备与所述第一数字货币运营端进行所述数字货币交易的步骤包括:所述第一终端设备利用第一过程密钥对所述数字货币交易的第一业务数据加密,并发送到所述第一数字货币运营端,以由所述第一数字货币运营端根据所述第一
业务数据生成所述数字货币交易的第二业务数据;所述第一终端设备接收所述第一数字货币运营端发送的加密通信数据以及摘要信息签名,所述加密通信数据是所述第一数字货币运营端利用所述第一过程密钥对所述第二业务数据加密得到的,所述摘要信息签名是所述第一数字货币运营端对所述第二业务数据生成第一摘要信息,再对所述第一摘要信息签名得到的;所述第一终端设备对所述加密通信数据解密,得到所述第二业务数据,并对解密得到的所述第二业务数据生成第二摘要信息;以及,对所述摘要信息签名验签,得到所述第一摘要信息;所述第一终端设备将所述第一摘要信息与所述第二摘要信息进行比对,在比对一致的情况下,对所述第二业务数据进行对应的业务处理,并将处理结果返回所述第一数字货币运营端。
在本公开的一些实施例中,所述第一终端设备和所述第一数字货币运营端分别通过如下方式生成所述第一过程密钥:通过所述第一终端设备与所述第一数字货币运营端之间的密钥协商,确定第一共享机密密钥;利用所述第一共享机密密钥,对所述第一终端设备的设备标识和所述第一终端设备生成的随机数进行加密,得到所述第一过程密钥。
在本公开的一些实施例中,所述第一终端设备与所述第二终端设备进行所述数字货币交易的步骤包括:所述第一终端设备将所述第三证书发送到所述第二终端设备,以及接收所述第二终端设备发送的所述第四证书;所述第一终端设备根据所述第四证书中的签名信息,从所述一个或多个数字货币运营端中确定所述第二数字货币运营端;所述第一终端设备利用验签通过后的由所述第二数字货币运营端签发的所述第二证书,对所述第四证书验签。
在本公开的一些实施例中,所述第一终端设备与所述第二终端设备进行所述数字货币交易的步骤还包括:所述第一终端设备与所述第二终端设备利用第二过程密钥,对所述数字货币交易中所通信的业务数据进行加密,并发送到对端终端设备,所述第一终端设备与所述第二终端设备互为所述对端终端设备,其中:所述第一终端设备与所述第二终端设备分别通过如下方式生成所述第二过程密钥:通过所述第
一终端设备与所述第二终端设备之间的密钥协商确定第二共享机密密钥,并交换各自的随机数;对所述第一终端设备和所述第二终端设备双方的随机数,按照预设的处理规则进行处理,以得到待加密随机数,并利用所述第二共享机密密钥对所述待加密随机数加密,得到所述第二过程密钥。
在本公开的一些实施例中,所述第一终端设备在安全加密芯片中执行与所述数字货币交易相关的本地操作,所述本地操作包括:生成过程密钥的操作、数据加密操作、数据解密操作、签名操作、验签操作中的一种或多种操作,其中,所述过程密钥为与所述第一数字货币运营端进行所述数字货币交易所使用的第一过程密钥,或与所述第二终端设备进行所述数字货币交易所使用的第二过程密钥。
根据本公开实施例的另一方面,提供了一种用于数字货币交易的安全认证装置。
一种用于数字货币交易的安全认证装置,用于第一终端设备,包括:证书存储模块,被配置为存储数字货币发行端签发的第一证书以及一个或多个数字货币运营端签发的第二证书,所述数字货币运营端与所述第二证书一一对应;验签模块,被配置为利用所述第一证书对所述第二证书验签;证书接收模块,被配置为接收所述一个或多个数字货币运营端中第一数字货币运营端发送的第三证书;所述验签模块还被配置为利用验签通过后的由所述第一数字货币运营端签发的所述第二证书,对所述第三证书验签,所述第三证书是所述第一数字货币运营端根据所述第一终端设备的签名数据生成的;安全交易模块,被配置为在所述第三证书验签通过后,与所述第一数字货币运营端和/或第二终端设备进行数字货币交易,其中,所述第二终端设备存储有所述一个或多个数字货币运营端中第二数字货币运营端发送的第四证书。
在本公开的一些实施例中,所述数字货币运营端签发的所述第二证书是所述数字货币发行端根据所述数字货币运营端的机构数据生成,并发送到所述数字货币运营端的,所述机构数据包括机构标识。
在本公开的一些实施例中,还包括签名模块,被配置为:对所述
第一终端设备的本地数据签名,以生成所述第一终端设备的签名数据,所述第一终端设备的本地数据包括所述第一终端设备的设备标识和所述第一终端设备生成的随机数;将所述第一终端设备的签名数据发送至所述第一数字货币运营端,以由所述第一数字货币运营端根据所述第一终端设备的签名数据生成所述第三证书。
在本公开的一些实施例中,所述安全交易模块还被配置为:利用第一过程密钥对所述数字货币交易的第一业务数据加密,并发送到所述第一数字货币运营端,以由所述第一数字货币运营端根据所述第一业务数据生成所述数字货币交易的第二业务数据;接收所述第一数字货币运营端发送的加密通信数据以及摘要信息签名,所述加密通信数据是所述第一数字货币运营端利用所述第一过程密钥对所述第二业务数据加密得到的,所述摘要信息签名是所述第一数字货币运营端对所述第二业务数据生成第一摘要信息,再对所述第一摘要信息签名得到的;对所述加密通信数据解密,得到所述第二业务数据,并对解密得到的所述第二业务数据生成第二摘要信息;以及,对所述摘要信息签名验签,得到所述第一摘要信息;将所述第一摘要信息与所述第二摘要信息进行比对,在比对一致的情况下,对所述第二业务数据进行对应的业务处理,并将处理结果返回所述第一数字货币运营端。
在本公开的一些实施例中,所述安全交易模块还被配置为:通过所述第一终端设备与所述第一数字货币运营端之间的密钥协商,确定第一共享机密密钥;利用所述第一共享机密密钥,对所述第一终端设备的设备标识和所述第一终端设备生成的随机数进行加密,得到所述第一过程密钥。
在本公开的一些实施例中,所述安全交易模块还被配置为:将所述第三证书发送到所述第二终端设备,以及接收所述第二终端设备发送的所述第四证书;所述验签模块还被配置为:根据所述第四证书中的签名信息,从所述一个或多个数字货币运营端中确定所述第二数字货币运营端;所述第一终端设备利用验签通过后的由所述第二数字货币运营端签发的所述第二证书,对所述第四证书验签。
在本公开的一些实施例中,所述安全交易模块还被配置为:所述
第一终端设备与所述第二终端设备利用第二过程密钥,对所述数字货币交易中所通信的业务数据进行加密,并发送到对端终端设备,所述第一终端设备与所述第二终端设备互为所述对端终端设备,其中:所述第一终端设备与所述第二终端设备分别通过如下方式生成所述第二过程密钥:通过所述第一终端设备与所述第二终端设备之间的密钥协商确定第二共享机密密钥,并交换各自的随机数;对所述第一终端设备和所述第二终端设备双方的随机数,按照预设的处理规则进行处理,以得到待加密随机数,并利用所述第二共享机密密钥对所述待加密随机数加密,得到所述第二过程密钥。
在本公开的一些实施例中,所述第一终端设备在安全加密芯片中执行与所述数字货币交易相关的本地操作,所述本地操作包括:生成过程密钥的操作、数据加密操作、数据解密操作、签名操作、验签操作中的一种或多种操作,其中,所述过程密钥为与所述第一数字货币运营端进行所述数字货币交易所使用的第一过程密钥,或与所述第二终端设备进行所述数字货币交易所使用的第二过程密钥。
根据本公开实施例的又一方面,提供了一种用于数字货币交易的安全认证系统。
一种用于数字货币交易的安全认证系统,包括:数字货币发行端、一个或多个数字货币运营端、第一终端设备,第一终端设备包括本公开实施例所提供的用于数字货币交易的安全认证装置。
根据本公开实施例的又一方面,提供了一种电子设备。
一种电子设备,包括:一个或多个处理器;存储器,被配置为存储一个或多个程序,当所述一个或多个程序被所述一个或多个处理器执行时,使得所述一个或多个处理器实现本公开实施例所提供的用于数字货币交易的安全认证方法。
根据本公开实施例的又一方面,提供了一种计算机可读介质。
一种计算机可读介质,其上存储有计算机程序,所述程序被处理
器执行时实现本公开实施例所提供的用于数字货币交易的安全认证方法。
上述公开中的一个实施例具有如下优点或有益效果:第一终端设备存储数字货币发行端签发的第一证书以及一个或多个数字货币运营端签发的第二证书,第一证书用于第一终端设备对第二证书验签;第一终端设备接收一个或多个数字货币运营端中第一数字货币运营端发送的第三证书,并利用验签通过后的由第一数字货币运营端签发的第二证书对第三证书验签,第三证书是第一数字货币运营端根据第一终端设备的签名数据生成的;第一终端设备在第三证书验签通过后,与第一数字货币运营端和/或第二终端设备进行数字货币交易,其中,第二终端设备存储有一个或多个数字货币运营端中第二数字货币运营端发送的第四证书。
上述的非惯用的可选方式所具有的进一步效果将在下文中结合具体实施方式加以说明。
附图用于更好地理解本公开,不构成对本公开的不当限定。其中:
图1是根据本公开一个实施例的用于数字货币交易的安全认证方法的主要步骤示意图;
图2是根据本公开一个实施例的用于数字货币交易的安全认证流程示意图;
图3是根据本公开另一个实施例的用于数字货币交易的安全认证流程示意图;
图4是根据本公开一个实施例的用于数字货币交易的安全认证装置的主要模块示意图;
图5是根据本公开一个实施例的用于数字货币交易的安全认证系统的构架示意图;
图6是根据本公开一个实施例的用于数字货币交易的安全认证系
统的主要构成示意图;
图7是本公开实施例可以应用于其中的示例性系统架构图;
图8是适于用来实现本公开实施例的终端设备的计算机系统的结构示意图。
以下结合附图对本公开的示范性实施例做出说明,其中包括本公开实施例的各种细节以助于理解,应当将它们认为仅仅是示范性的。因此,本领域普通技术人员应当认识到,可以对这里描述的实施例做出各种改变和修改,而不会背离本公开的范围和精神。同样,为了清楚和简明,以下的描述中省略了对公知功能和结构的描述。
图1是根据本公开一个实施例的用于数字货币交易的安全认证方法的主要步骤示意图。
如图1所示,本公开一个实施例的用于数字货币交易的安全认证方法主要包括如下的步骤S101至步骤S103。
步骤S101:第一终端设备存储数字货币发行端签发的第一证书以及一个或多个数字货币运营端签发的第二证书,数字货币运营端与第二证书一一对应,第一证书用于第一终端设备对第二证书验签;
步骤S102:第一终端设备接收该一个或多个数字货币运营端中第一数字货币运营端发送的第三证书,并利用验签通过后的由第一数字货币运营端签发的第二证书,对第三证书验签,第三证书是第一数字货币运营端根据第一终端设备的签名数据生成的;
步骤S103:第一终端设备在第三证书验签通过后,与第一数字货币运营端和/或第二终端设备进行数字货币交易,其中,第二终端设备存储有该一个或多个数字货币运营端中第二数字货币运营端发送的第四证书。
上述第一终端设备与第二终端设备为不同的终端设备。
数字货币发行端可以是中央银行的CI(Certificate Issuer证书发行方)证书签发中心,数字货币运营端可以是银行机构的认证系统,包
括但不限于商业银行机构、银联机构等的认证系统。本公开实施例将数字货币发行端签发的证书称为第一证书,将数字货币运营端签发的证书称为第二证书,每个数字货币运营端签发各自的第二证书,数字货币运营端与第二证书是一一对应的。
数字货币运营端签发的第二证书是数字货币发行端根据数字货币运营端的机构数据生成,并发送到数字货币运营端的,机构数据包括机构标识。具体地,数字货币运营端可以将包含机构标识、证书内容等的机构数据发送到数字货币发行端,数字货币发行端用数字货币发行端的私钥对收到的机构数据签名,得到第二证书,并将第二证书返回数字货币运营端,以由数字货币运营端签发给第一终端设备。
第一证书中包含数字货币发行端的公钥,能够用于对第二证书验签,以确定第二证书是由数字货币发行端所签发。
第一终端设备接收一个或多个数字货币运营端中第一数字货币运营端发送的第三证书之前,第一终端设备可以对第一终端设备的本地数据签名,以生成第一终端设备的签名数据,第一终端设备的本地数据包括第一终端设备的设备标识和第一终端设备生成的随机数;第一终端设备将第一终端设备的签名数据发送至第一数字货币运营端,以由第一数字货币运营端根据第一终端设备的签名数据生成第三证书,具体地,第一数字货币运营端可以利用第一数字货币运营端的私钥对第一终端设备的签名数据签名,来生成第三证书。第一数字货币运营端签发的第二证书中包括第一数字货币运营端的公钥,从而,第一终端设备通过第一数字货币运营端签发的第二证书,能够对第一数字货币运营端发送来的第三证书进行验签。
第三证书、第四证书都是钱包证书,只是所属的终端设备不同。第二终端设备将第二终端设备的本地数据(包括第二终端设备的设备标识和第二终端设备生成的随机数)签名,生成第二终端设备的签名数据,并将第二终端设备的签名数据发送至第二数字货币运营端,由第二数字货币运营端根据第二终端设备的签名数据生成第四证书。
第一终端设备与第一数字货币运营端进行数字货币交易的步骤可以包括:第一终端设备利用第一过程密钥对数字货币交易的第一业务
数据加密,并发送到第一数字货币运营端,以由第一数字货币运营端根据第一业务数据生成数字货币交易的第二业务数据;第一终端设备接收第一数字货币运营端发送的加密通信数据以及摘要信息签名,加密通信数据是第一数字货币运营端利用第一过程密钥对第二业务数据加密得到的,摘要信息签名是第一数字货币运营端对第二业务数据生成第一摘要信息,再对第一摘要信息签名得到的;第一终端设备对加密通信数据解密,得到第二业务数据,并对解密得到的第二业务数据生成第二摘要信息;以及,对摘要信息签名验签,得到第一摘要信息;第一终端设备将第一摘要信息与第二摘要信息进行比对,在比对一致的情况下,对第二业务数据进行对应的业务处理,并将处理结果返回第一数字货币运营端。
上述第一业务数据是指进行数字货币交易时第一终端设备需要与第一数字货币运营端通信的业务数据,第二业务数据是指进行数字货币交易时第一数字货币运营端需要与第一终端设备通信的业务数据,业务数据的具体内容与交易类型有关。
第一终端设备和第一数字货币运营端可分别通过如下方式生成第一过程密钥:通过第一终端设备与第一数字货币运营端之间的密钥协商,确定第一共享机密密钥;利用第一共享机密密钥,对第一终端设备的设备标识和第一终端设备生成的随机数进行加密,得到第一过程密钥。
第一终端设备与第二终端设备进行数字货币交易的步骤可以包括:第一终端设备可将第三证书发送到第二终端设备,以及接收第二终端设备发送的第四证书;第一终端设备根据第四证书中的签名信息,从一个或多个数字货币运营端中确定第二数字货币运营端,具体地,第四证书中的签名信息包括第二数字货币运营端的私钥签名,即对第二终端设备的签名数据进行签名得到的数据,根据该私钥签名可以确定第二数字货币运营端;第一终端设备利用验签通过后的由第二数字货币运营端签发的第二证书,对第四证书验签,具体可以利用第二数字货币运营端签发的第二证书中的第二数字货币运营端公钥,对第四证书验签。
第一终端设备与第二终端设备进行数字货币交易的步骤还可以包括:第一终端设备与第二终端设备利用第二过程密钥,对数字货币交易中所通信的业务数据进行加密,并发送到对端终端设备,第一终端设备与第二终端设备互为对端终端设备,即第一终端设备的对端终端设备是第二终端设备,反之,同理。其中:第一终端设备与第二终端设备分别通过如下方式生成第二过程密钥:通过第一终端设备与第二终端设备之间的密钥协商确定第二共享机密密钥,并交换各自的随机数;对第一终端设备和第二终端设备双方的随机数,按照预设的处理规则进行处理,以得到待加密随机数,并利用第二共享机密密钥对待加密随机数加密,得到第二过程密钥。
按照预设的处理规则进行处理,以得到待加密随机数,具体可以将第一终端设备和第二终端设备双方的随机数拼接,得到该待加密随机数。
第一终端设备在安全加密芯片(SE)中执行与数字货币交易相关的本地操作,本地操作包括:生成过程密钥的操作、数据加密操作、数据解密操作、签名操作、验签操作中的一种或多种操作,其中,过程密钥为与第一数字货币运营端进行数字货币交易所使用的第一过程密钥,或与第二终端设备进行数字货币交易所使用的第二过程密钥。数据加密操作可包括但不限于利用过程密钥对通信的业务数据进行加密的操作,数据解密操作可以是与数据加密操作对应的解密操作。
图2是根据本公开一个实施例的用于数字货币交易的安全认证流程示意图。
如图2所示,本公开一个实施例的用于数字货币交易的安全认证流程包括:数字货币发行端向数字货币运营端发送第一证书(S201);数字货币发行端向第一终端设备发送第一证书(S202);数字货币运营端向数字货币发行端发送数字货币运营端的机构数据(S203);数字货币发行端向数字货币运营端发送第二证书(S204);数字货币运营端向第一终端设备发送本机构的第二证书(S205);第一终端设备向数字货币运营端发送第一终端设备的本地数据的签名数据(S206);
数字货币运营端向第一终端设备签发第一终端设备的第三证书(S207);数字货币运营端与第一终端设备生成过程密钥,以对传输的数据加密(S208)。
本实施例的过程密钥即第一过程密钥,以下不再逐一说明。
下面对本实施例的用于数字货币交易的安全认证流程进行详细介绍,以下的数字货币运营端具体为银行机构的认证系统,央行(中央银行)CI证书签发中心即指数字货币发行端,SE终端设备是指设有安全加密芯片(SE)的终端设备,在本实施例中即第一终端设备。
数字货币运营端接收央行CI证书签发中心签发的第一证书,数字货币运营端将本银行机构数据(包括机构标识、证书内容等)发送到央行CI证书签发中心,央行CI证书签发中心用央行的私钥(或称第一私钥)对银行机构数据签名,得到第二证书,数字货币运营端用第一证书中的央行公钥对第二证书验签,验签通过后,数字货币运营端将第二证书发给SE终端设备,SE终端设备接收央行CI证书签发中心签发的第一证书和数字货币运营端验签通过后发送的第二证书;SE终端设备用第一证书验签第二证书后,通过安全网关向数字货币运营端发送用SE终端设备本地的私钥(或称第三私钥)对设备标识CID和随机数等本地数据签名得到的签名数据,数字货币运营端用数字货币运营端自有的私钥(或称第二私钥)对SE终端设备的签名数据进行签名,得到第三证书,并发送到SE终端设备,SE终端设备用第二证书验签第三证书(具体用第二证书中的银行机构公钥(即数字货币运营端公钥)实现验签);SE终端设备对第三证书验签通过后,数字货币运营端与SE终端设备分别形成数据通信密钥(或称共享机密密钥)。
SE终端设备包括随机数生成器,在安全认证过程中,SE终端设备生成随机数,在一次完整的认证流程中,随机数为相同的数值,数字货币运营端与SE终端设备分别形成数据通信密钥,数据通信密钥是利用SM2椭圆曲线密钥协商协议算法,使数字货币运营端与SE终端设备之间创建出相同的共享机密密钥(即第一共享机密密钥)。利用数据通信密钥对设备标识CID和随机数进行加密,生成过程密钥。过程密钥可使用对称加密算法、AES(Advanced Encryption Standard,高级加
密标准)算法、或者国密SM4(SM4 cryptographic algorithm,SM4算法)算法对通信数据进行加密和解密处理,完成数字货币运营端和SE终端设备之间的加密通信。数字货币运营端与SE终端设备分别生成的过程密钥为相同值。
通信数据是指数字货币运营端与SE终端设备进行数字货币交易时,彼此传输的具体业务数据,可以包括币串交易信息、交易索引,等等,具体内容因交易的业务类型不同而异。
数字货币运营端发送给SE终端设备的数据还包括摘要信息签名,该摘要信息签名是数字货币运营端使用第二私钥(即数字货币运营端自有的私钥)对第一摘要信息进行签名获得的,其中,第一摘要信息是数字货币运营端使用数据通信密钥,利用摘要算法对通信数据进行计算所获得的,摘要算法为SHA(Secure Hash Algorithm安全哈希算法)256算法、或者国密SM3(SM3 Cryptographic Hash Algorithm)算法。数字货币运营端中利用摘要算法计算的通信数据与利用过程密钥加密的通信数据为相同的数据。
SE终端设备接收到摘要信息签名和数字货币运营端使用过程密钥对通信数据进行加密后的数据后,SE终端设备对摘要信息签名进行验签(可利用数字货币运营端公钥实现验签),并对加密后的通信数据进行解密,得到该通信数据。SE终端设备利用相同的摘要算法计算解密得到的通信数据的摘要信息(即第二摘要信息);将计算得到的摘要信息与验签得到的摘要信息(即第一摘要信息)进行比对,如果两者相同,则说明该通信数据在传输过程中没有被第三方篡改,能够确认接收到的通信数据的安全性。
在上述第一摘要信息与第二摘要信息比对一致的情况下,SE终端设备对通信数据中的操作信息进行处理,例如充值业务,则进行与充值相关的终端操作,然后,使用过程密钥对处理后的数据(即第二业务数据的业务处理结果)进行加密,并通过安全网关返回给数字货币运营端;如果计算得到的摘要信息(即第二摘要信息)与验签得到的摘要信息(即第一摘要信息)不同,则说明该通信数据可能已被第三方篡改,SE终端设备将拒绝执行接收到的通信数据,并将接收到的通
信数据删除。
本公开实施例的安全认证方法中,SE终端设备的私钥被保存在SE终端设备的嵌入式可编程逻辑控制器,即安全加密芯片(SE)中,禁止被读取,并且利用该私钥与数字货币运营端进行密钥协商后生成过程密钥,以及对通信数据的加密、解密、数据签名、验签等运算过程,全部在安全加密芯片内部完成,确保了密钥信息的安全,并通过安全网关返回给数字货币运营端,对于数字货币交易的各类业务,例如开立、充值、提现、注销等,均可保证通信数据的安全。
图3是根据本公开另一个实施例的用于数字货币交易的安全认证流程示意图。
如图3所示,本公开另一个实施例的用于数字货币交易的安全认证流程包括:收款方钱包APP向付款方SE发送交易信息初始数据(S301);付款方SE向收款方钱包APP发送交易信息、SE设备2的证书、SE设备2的临时公钥等响应数据(S302);收款方钱包APP将S302中收到的响应数据发送到收款方SE(S303);收款方SE将SE设备1的证书、SE设备1的临时公钥、密钥协商计算的SE设备1的钱包信息数据密文发送到收款方钱包APP(S304);收款方钱包APP向付款方SE发送SE设备1的证书、SE设备1的临时公钥、密钥协商计算的SE设备1的钱包信息数据密文(S305);付款方SE向收款方钱包APP发送密钥协商计算的SE设备2的钱包信息数据密文(S306);收款方钱包APP向收款方SE发送密钥协商计算的SE设备2的钱包信息数据密文(S307);交易成功(S308),发送相应通知消息。
本实施例中,SE设备1即第一终端设备,SE设备2即第二终端设备,第一终端设备在本实施例中作为收款方设备,第二终端设备在本实施例中作为付款方设备,收款方钱包APP是第一终端设备上的钱包应用程序,付款方钱包APP是第二终端设备上的钱包应用程序,收款方SE是第一终端设备的安全加密芯片,付款方SE是第二终端设备的安全加密芯片。本领域技术人员可以理解的是,在另外的实施例中,也可以第一终端设备作为收款方设备、第二终端设备作为付款方设备。
下面对本实施例的用于数字货币交易的安全认证流程进行详细介绍,以下的数字货币运营端具体为银行机构的认证系统,央行CI证书签发中心即指数字货币发行端。
SE设备1、SE设备2均接收央行CI证书签发中心签发的第一证书和数字货币运营端签发的第二证书,其中,向SE设备1、SE设备2签发第二证书的数字货币运营端可以相同或者不同。
SE设备1通过NFC(近场通讯)向另外的SE设备2发送自己的签名证书(即第三证书),SE设备2也会向SE设备1发送自己的签名证书(即第四证书),第三证书、第四证书都是所属终端设备的钱包证书,用于两终端设备进行离线交易时彼此验证对方。第三证书、第四证书受第一证书和对应的数字货币运营端签发的第二证书的验证保护,即:第一证书用于对第二证书验签,验签通过后,用第二证书可验签第三证书。SE设备2收到SE设备1的第三证书,并进行验签,在验签通过后,继续后来的离线钱包交易(即发送币串密文给对方,对方收到币串信息)。
在安全交易过程中,SE设备1发送生成的随机数、临时公钥、币串交易信息等,SE设备1与SE设备2分别利用SM2椭圆曲线密钥协商协议算法形成数据通信密钥,SE设备1与SE设备2之间创建出共享机密密钥(即第二共享机密密钥),该共享机密密钥为协商出的相同的数据通信密钥。利用数据通信密钥对通信双方的终端设备(SE设备1、SE设备2)各自生成的随机数进行处理,例如将SE设备1、SE设备2各自生成的随机数拼接得到一个新的待加密随机数,利用共享机密密钥(即第二共享机密密钥)对该待加密随机数进行加密,生成过程密钥(本实施例的过程密钥即第二过程密钥,以下不再逐一说明),该过程密钥可使用对称加密算法、国密SM4(SM4 cryptographic algorithm,SM4算法)、或者AES(Advanced Encryption Standard,高级加密标准)算法对通信数据进行加密和解密处理,完成SE设备1与SE设备2的加密币串传送等交易数据通信。
本公开实施例的的安全认证方法中,私钥保存在SE终端设备的嵌入式可编程逻辑控制器(即安全加密芯片)中,禁止被读取,并且利
用该私钥与对方设备进行的密钥协商后生成过程密钥以及对通信数据的加密、解密、数据签名、验证签等运算过程,全部在安全加密芯片内部完成,确保了密钥信息的安全。
图4是根据本公开一个实施例的用于数字货币交易的安全认证装置的主要模块示意图。
如图4所示,本公开一个实施例的用于数字货币交易的安全认证装置400可用于终端设备,下面以用于第一终端设备为例进行介绍。用于数字货币交易的安全认证装置400主要包括:证书存储模块401、验签模块402、证书接收模块403、安全交易模块404。
证书存储模块401,被配置为存储数字货币发行端签发的第一证书以及一个或多个数字货币运营端签发的第二证书,数字货币运营端与第二证书一一对应;
验签模块402,被配置为利用第一证书对第二证书验签;
证书接收模块403,被配置为接收一个或多个数字货币运营端中第一数字货币运营端发送的第三证书;
验签模块402还被配置为利用验签通过后的由第一数字货币运营端签发的第二证书,对第三证书验签,第三证书是第一数字货币运营端根据第一终端设备的签名数据生成的;
安全交易模块404,被配置为在第三证书验签通过后,与第一数字货币运营端和/或第二终端设备进行数字货币交易,其中,第二终端设备存储有一个或多个数字货币运营端中第二数字货币运营端发送的第四证书。
数字货币运营端签发的第二证书是数字货币发行端根据数字货币运营端的机构数据生成,并发送到数字货币运营端的,机构数据包括机构标识。
用于数字货币交易的安全认证装置400还可以包括签名模块,被配置为:对第一终端设备的本地数据签名,以生成第一终端设备的签名数据,第一终端设备的本地数据包括第一终端设备的设备标识和第一终端设备生成的随机数;将第一终端设备的签名数据发送至第一数
字货币运营端,以由第一数字货币运营端根据第一终端设备的签名数据生成第三证书。
在一个实施例中,安全交易模块404还被配置为:利用第一过程密钥对数字货币交易的第一业务数据加密,并发送到第一数字货币运营端,以由第一数字货币运营端根据第一业务数据生成数字货币交易的第二业务数据;接收第一数字货币运营端发送的加密通信数据以及摘要信息签名,加密通信数据是第一数字货币运营端利用第一过程密钥对第二业务数据加密得到的,摘要信息签名是第一数字货币运营端对第二业务数据生成第一摘要信息,再对第一摘要信息签名得到的;对加密通信数据解密,得到第二业务数据,并对解密得到的第二业务数据生成第二摘要信息;以及,对摘要信息签名验签,得到第一摘要信息;将第一摘要信息与第二摘要信息进行比对,在比对一致的情况下,对第二业务数据进行对应的业务处理,并将处理结果返回第一数字货币运营端。
安全交易模块404还被配置为:通过第一终端设备与第一数字货币运营端之间的密钥协商,确定第一共享机密密钥;利用第一共享机密密钥,对第一终端设备的设备标识和第一终端设备生成的随机数进行加密,得到第一过程密钥。
在另一个实施例中,安全交易模块404还被配置为:将第三证书发送到第二终端设备,以及接收第二终端设备发送的第四证书。
验签模块402还被配置为:根据第四证书中的签名信息,从一个或多个数字货币运营端中确定第二数字货币运营端;第一终端设备利用验签通过后的由第二数字货币运营端签发的第二证书,对第四证书验签。
安全交易模块404还被配置为:第一终端设备与第二终端设备利用第二过程密钥,对数字货币交易中所通信的业务数据进行加密,并发送到对端终端设备,第一终端设备与第二终端设备互为对端终端设备,其中:第一终端设备与第二终端设备分别通过如下方式生成第二过程密钥:通过第一终端设备与第二终端设备之间的密钥协商确定第二共享机密密钥,并交换各自的随机数;对第一终端设备和第二终端
设备双方的随机数,按照预设的处理规则进行处理,以得到待加密随机数,并利用第二共享机密密钥对待加密随机数加密,得到第二过程密钥。
本公开实施例的第一终端设备可以在安全加密芯片中执行与数字货币交易相关的本地操作,该本地操作包括:生成过程密钥的操作、数据加密操作、数据解密操作、签名操作、验签操作中的一种或多种操作,其中,过程密钥为与第一数字货币运营端进行数字货币交易所使用的第一过程密钥,或与第二终端设备进行数字货币交易所使用的第二过程密钥。
另外,在本公开实施例中用于数字货币交易的安全认证装置的具体实施内容,在上面所述用于数字货币交易的安全认证方法中已经详细说明了,故在此重复内容不再说明。
图5是根据本公开一个实施例的用于数字货币交易的安全认证系统的构架示意图。
如图5所示,本公开一个实施例的用于数字货币交易的安全认证系统包括数字货币发行端501、数字货币运营端502、终端设备504,其中,终端设备504通过安全网关503与数字货币发行端501、数字货币运营端502交互。
下面详细介绍本公开实施例的用于数字货币交易的安全认证系统。数字货币发行端501具体可以为央行(中央银行)的CI(Certificate Issuer,证书发行方)证书签发中心,数字货币运营端502具体为银行机构的认证系统(本实施例中简称银行机构),终端设备504即以下的SE终端设备,可以是第一终端设备。
央行CI证书签发中心向银行机构和SE终端设备分别签发第一证书,银行机构向SE终端设备签发第二证书,央行CI证书签发中心内部保存有与第一证书相匹配的第一私钥(即央行私钥),银行机构内部保存有与第二证书相匹配的第二私钥(即银行机构自有的私钥);其中,央行CI证书签发中心向银行机构签发第一证书,银行机构向SE终端设备签发第二证书。
签发第一证书、第一证书的方式可以是:将证书直接放入银行机构,或者直接放入SE终端设备;也可以通过互联网向银行机构和SE终端设备分别签发第一证书和第二证书。SE终端设备内存储有唯一的设备标识CID,设备标识CID保存于SE终端设备的嵌入式ESIM(可编程逻辑控制器)中,即安全加密芯片(SE)。SE终端设备可以为手机、手表、手环、可视卡片、异形卡片的一种或多种,也可以为其他的具有通讯功能的电子穿戴设备。银行机构通过安全网关与SE终端设备进行数据传输。
本实施例在安全认证的过程中生成随机数,随机数用于安全认证过程中数据的加密运算。通过使用基于SM2国密算法椭圆曲线加密算法的证书认证体系,获取SE终端设备的标识CID以及公钥和其他认证信息,并根据银行机构和SE终端设备协商生成的过程密钥,对进行传输的数据进行加、解密,实现了银行机构与SE的终端设备之间的相互认证和安全通信,从而避免了信息泄露和非法访问等安全隐患。
图6是根据本公开一个实施例的用于数字货币交易的安全认证系统的主要构成示意图。
如图6所示,本公开一个实施例的用于数字货币交易的安全认证系统600主要包括:数字货币发行端601、数字货币运营端602、第一终端设备603。
数字货币运营端602的数量可以为一个或多个,第一终端设备603包括本公开实施例的用于数字货币交易的安全认证装置400。
以下以数字货币运营端602为银行机构的认证系统(本实施例简称银行机构),数字货币发行端601为央行CI证书签发中心,第一终端设备603为SE终端设备为例,进行介绍。
银行机构接收央行CI证书签发中心签发的第一证书(第一证书由央行的根证书对央行数据签名而生成,其中包括央行的公钥),SE终端设备接收央行CI证书签发中心签发的第一证书和银行机构签发的第二证书;银行机构通过安全网关向央行CI证书签发中心发送本银行机构数据,央行CI证书签发中心用央行CI证书签发中心自己的第一私
钥对银行机构数据进行签名,以得到第二证书;银行机构利用央行CI证书签发中心下发的第一证书对第二证书验签后,将第二证书发送至SE终端设备;SE终端设备用央行CI证书签发中心下发的第一证书对第二证书验签通过后,通过安全网关向银行机构发送用第三私钥(即终端私钥)对设备标识CID和随机数等签名得到的签名数据,银行机构对SE终端设备发送的数据签名数据进行验签,然后用第二私钥(即银行机构的私钥)对设备标识CID和随机数等签名数据进行签名,得到第三证书,将第三证书返回SE终端设备;SE终端设备利用第二证书对第三证书验签;第三证书验签通过后,银行机构与SE终端设备分别形成数据通信密钥,可以利用公钥加密,利用SE密钥解密,或者,通过银行机构的第二私钥与SE终端设备的签名数据公钥共享机密之间创建出密钥协商协议,作为银行机构与SE终端设备之间的第一数据通信密钥,通过SE终端设备的私钥(即第三私钥)与银行机构的第二证书共享机密之间创建出密钥协商协议,作为银行机构与SE终端设备之间的第二数据通信密钥,第一数据通信密钥与第二数据通信密钥相同,即为数据通信密钥,并利用数据通信密钥形成过程密钥,生成过程密钥的具体方法在上文实施例已经详细介绍,此处不再赘述。银行机构使用过程密钥对通信数据加密,并将加密的通信数据通过安全网关发送给SE终端设备;SE终端设备对解密得到的通信数据进行处理,再使用过程密钥对处理后的数据进行加密,并通过安全网关返回给银行机构,通信数据具体是数字货币交易的业务数据,例如开立、充值、提现、注销等相关业务数据。以开立为例,SE终端设备预置第一证书和第二证书,在开立过程中SE终端设备发送钱包开立初始化数据WalletID、设备种类、钱包支付密码密文、时间戳等至银行机构,银行机构验证通过后,开始开立过程,SE终端设备上传SE终端设备的签名数据,银行机构可以根据签名数据中的设备标识识别SE终端设备,银行机构验证SE终端设备的签名数据,并确定验证通过后,向SE终端设备下发钱包证书,即第三证书,以及交易索引、系统参数信息等开立数据。SE终端设备对第三证书验签通过后,可与银行机构进行后续的业务数据通信。
关于数字货币发行端601、数字货币运营端602、第一终端设备603的具体功能,也可参见上文各实施例的介绍。
图7示出了可以应用本公开实施例的用于数字货币交易的安全认证方法或用于数字货币交易的安全认证装置的示例性系统架构700。
如图7所示,系统架构700可以包括终端设备701、702、703,网络704和服务器705。网络704用以在终端设备701、702、703和服务器705之间提供通信链路的介质。网络704可以包括各种连接类型,例如有线、无线通信链路或者光纤电缆等等。
用户可以使用终端设备701、702、703通过网络704与服务器705交互,以接收或发送消息等。终端设备701、702、703上可以安装有各种通讯客户端应用,例如购物类应用、网页浏览器应用、搜索类应用、即时通信工具、邮箱客户端、社交平台软件等(仅为示例)。
终端设备701、702、703可以是具有显示屏并且支持网页浏览的各种电子设备,包括但不限于智能手机、平板电脑、膝上型便携计算机和台式计算机等等。
服务器705可以是提供各种服务的服务器,例如对用户利用终端设备701、702、703所浏览的与数字货币交易相关的网站提供支持的后台管理服务器(仅为示例)。后台管理服务器可以对接收到的交易请求等数据进行分析等处理,并将处理结果(例如币串交易信息--仅为示例)反馈给终端设备。
需要说明的是,本公开实施例所提供的用于数字货币交易的安全认证方法一般由终端设备701、702、703执行,相应地,用于数字货币交易的安全认证装置一般设置于终端设备701、702、703中。
应该理解,图7中的终端设备、网络和服务器的数目仅仅是示意性的。根据实现需要,可以具有任意数目的终端设备、网络和服务器。
下面参考图8,其示出了适于用来实现本申请实施例的终端设备的计算机系统800的结构示意图。图8示出的终端设备仅仅是一个示例,不应对本申请实施例的功能和使用范围带来任何限制。
如图8所示,计算机系统800包括中央处理单元(CPU)801,其可以根据存储在只读存储器(ROM)802中的程序或者从存储部分808加载到随机访问存储器(RAM)803中的程序而执行各种适当的动作和处理。在RAM 803中,还存储有系统800操作所需的各种程序和数据。CPU 801、ROM 802以及RAM 803通过总线804彼此相连。输入/输出(I/O)接口805也连接至总线804。
以下部件连接至I/O接口805:包括键盘、鼠标等的输入部分806;包括诸如阴极射线管(CRT)、液晶显示器(LCD)等以及扬声器等的输出部分807;包括硬盘等的存储部分808;以及包括诸如LAN卡、调制解调器等的网络接口卡的通信部分809。通信部分809经由诸如因特网的网络执行通信处理。驱动器810也根据需要连接至I/O接口805。可拆卸介质811,诸如磁盘、光盘、磁光盘、半导体存储器等等,根据需要安装在驱动器810上,以便于从其上读出的计算机程序根据需要被安装入存储部分808。
特别地,根据本公开公开的实施例,上文参考流程图描述的过程可以被实现为计算机软件程序。例如,本公开公开的实施例包括一种计算机程序产品,其包括承载在计算机可读介质上的计算机程序,该计算机程序包含用于执行流程图所示的方法的程序代码。在这样的实施例中,该计算机程序可以通过通信部分809从网络上被下载和安装,和/或从可拆卸介质811被安装。在该计算机程序被中央处理单元(CPU)801执行时,执行本申请的系统中限定的上述功能。
需要说明的是,本公开所示的计算机可读介质可以是计算机可读信号介质或者计算机可读存储介质或者是上述两者的任意组合。计算机可读存储介质例如可以是——但不限于——电、磁、光、电磁、红外线、或半导体的系统、装置或器件,或者任意以上的组合。计算机可读存储介质的更具体的例子可以包括但不限于:具有一个或多个导线的电连接、便携式计算机磁盘、硬盘、随机访问存储器(RAM)、只读存储器(ROM)、可擦式可编程只读存储器(EPROM或闪存)、光纤、便携式紧凑磁盘只读存储器(CD-ROM)、光存储器件、磁存储器件、或者上述的任意合适的组合。在本申请中,计算机可读存储
介质可以是任何包含或存储程序的有形介质,该程序可以被指令执行系统、装置或者器件使用或者与其结合使用。而在本申请中,计算机可读的信号介质可以包括在基带中或者作为载波一部分传播的数据信号,其中承载了计算机可读的程序代码。这种传播的数据信号可以采用多种形式,包括但不限于电磁信号、光信号或上述的任意合适的组合。计算机可读的信号介质还可以是计算机可读存储介质以外的任何计算机可读介质,该计算机可读介质可以发送、传播或者传输用于由指令执行系统、装置或者器件使用或者与其结合使用的程序。计算机可读介质上包含的程序代码可以用任何适当的介质传输,包括但不限于:无线、电线、光缆、RF等等,或者上述的任意合适的组合。
附图中的流程图和框图,图示了按照本申请各种实施例的系统、方法和计算机程序产品的可能实现的体系架构、功能和操作。在这点上,流程图或框图中的每个方框可以代表一个模块、程序段、或代码的一部分,上述模块、程序段、或代码的一部分包含一个或多个用于实现规定的逻辑功能的可执行指令。也应当注意,在有些作为替换的实现中,方框中所标注的功能也可以以不同于附图中所标注的顺序发生。例如,两个接连地表示的方框实际上可以基本并行地执行,它们有时也可以按相反的顺序执行,这依所涉及的功能而定。也要注意的是,框图或流程图中的每个方框、以及框图或流程图中的方框的组合,可以用执行规定的功能或操作的专用的基于硬件的系统来实现,或者可以用专用硬件与计算机指令的组合来实现。
描述于本公开实施例中所涉及到的模块可以通过软件的方式实现,也可以通过硬件的方式来实现。所描述的模块也可以设置在处理器中,例如,可以描述为:一种处理器包括证书存储模块、验签模块、证书接收模块、安全交易模块。其中,这些模块的名称在某种情况下并不构成对该模块本身的限定,例如,证书存储模块还可以被描述为“用于存储数字货币发行端签发的第一证书以及一个或多个数字货币运营端签发的第二证书的模块”。
作为另一方面,本公开还提供了一种计算机可读介质,该计算机可读介质可以是上述实施例中描述的设备中所包含的;也可以是单独
存在,而未装配入该设备中。上述计算机可读介质承载有一个或者多个程序,当上述一个或者多个程序被一个该设备执行时,使得该设备包括:第一终端设备存储数字货币发行端签发的第一证书以及一个或多个数字货币运营端签发的第二证书,所述数字货币运营端与所述第二证书一一对应,所述第一证书用于所述第一终端设备对所述第二证书验签;所述第一终端设备接收所述一个或多个数字货币运营端中第一数字货币运营端发送的第三证书,并利用验签通过后的由所述第一数字货币运营端签发的所述第二证书,对所述第三证书验签,所述第三证书是所述第一数字货币运营端根据所述第一终端设备的签名数据生成的;所述第一终端设备在所述第三证书验签通过后,与所述第一数字货币运营端和/或第二终端设备进行数字货币交易,其中,所述第二终端设备存储有所述一个或多个数字货币运营端中第二数字货币运营端发送的第四证书。
根据本公开实施例的技术方案,第一终端设备存储数字货币发行端签发的第一证书以及一个或多个数字货币运营端签发的第二证书;第一终端设备接收第一数字货币运营端发送的第三证书,并利用验签通过后的由第一数字货币运营端签发的第二证书对第三证书验签,第三证书是第一数字货币运营端根据第一终端设备的签名数据生成的;第一终端设备在第三证书验签通过后,与第一数字货币运营端和/或第二终端设备进行数字货币交易,第二终端设备存储有第二数字货币运营端发送的第四证书。能够实现数字货币运营端与终端设备之间以及不同终端设备之间的相互认证和安全通信,从而避免了信息窃取、信息泄露和非法访问等安全隐患。
上述具体实施方式,并不构成对本公开保护范围的限制。本领域技术人员应该明白的是,取决于设计要求和其他因素,可以发生各种各样的修改、组合、子组合和替代。任何在本公开的精神和原则之内所作的修改、等同替换和改进等,均应包含在本公开保护范围之内。
本申请实施例提供的方案可应用于计算机技术领域,在本申请实施例中,第一终端设备存储数字货币发行端签发的第一证书以及一个或多个数字货币运营端签发的第二证书,通过第一终端设备接收一个或多个数字货币运营端中第一数字货币运营端发送的第三证书,并利用验签通过后的由第一数字货币运营端签发的第二证书对第三证书验签,达到了第一终端设备在第三证书验签通过后,与第一数字货币运营端和/或第二终端设备进行数字货币交易的目的,取得了数字货币运营端与终端设备之间以及不同终端设备之间的相互认证和安全通信的技术效果,从而避免了信息窃取、信息泄露和非法访问等安全隐患。
Claims (17)
- 一种用于数字货币交易的安全认证方法,包括:第一终端设备存储数字货币发行端签发的第一证书以及一个或多个数字货币运营端签发的第二证书,其中,所述数字货币运营端与所述第二证书一一对应,所述第一证书用于所述第一终端设备对所述第二证书验签;所述第一终端设备接收所述一个或多个数字货币运营端中第一数字货币运营端发送的第三证书,并利用验签通过后的由所述第一数字货币运营端签发的所述第二证书,对所述第三证书验签,其中,所述第三证书是所述第一数字货币运营端根据所述第一终端设备的签名数据生成的;所述第一终端设备在所述第三证书验签通过后,与所述第一数字货币运营端和/或第二终端设备进行数字货币交易,其中,所述第二终端设备存储有所述一个或多个数字货币运营端中第二数字货币运营端发送的第四证书。
- 根据权利要求1所述的方法,其中,所述数字货币运营端签发的所述第二证书是所述数字货币发行端根据所述数字货币运营端的机构数据生成,并发送到所述数字货币运营端的,所述机构数据包括机构标识。
- 根据权利要求1所述的方法,其中,所述第一终端设备接收所述一个或多个数字货币运营端中第一数字货币运营端发送的第三证书之前,包括:所述第一终端设备对所述第一终端设备的本地数据签名,以生成所述第一终端设备的签名数据,其中,所述第一终端设备的本地数据包括所述第一终端设备的设备标识和所述第一终端设备生成的随机数;所述第一终端设备将所述第一终端设备的签名数据发送至所述第一数字货币运营端,以由所述第一数字货币运营端根据所述第一终端 设备的签名数据生成所述第三证书。
- 根据权利要求3所述的方法,其中,所述第一终端设备与所述第一数字货币运营端进行所述数字货币交易的步骤包括:所述第一终端设备利用第一过程密钥对所述数字货币交易的第一业务数据加密,并发送到所述第一数字货币运营端,以由所述第一数字货币运营端根据所述第一业务数据生成所述数字货币交易的第二业务数据;所述第一终端设备接收所述第一数字货币运营端发送的加密通信数据以及摘要信息签名,其中,所述加密通信数据是所述第一数字货币运营端利用所述第一过程密钥对所述第二业务数据加密得到的,所述摘要信息签名是所述第一数字货币运营端对所述第二业务数据生成第一摘要信息,再对所述第一摘要信息签名得到的;所述第一终端设备对所述加密通信数据解密,得到所述第二业务数据,并对解密得到的所述第二业务数据生成第二摘要信息;以及,对所述摘要信息签名验签,得到所述第一摘要信息;所述第一终端设备将所述第一摘要信息与所述第二摘要信息进行比对,在比对一致的情况下,对所述第二业务数据进行对应的业务处理,并将处理结果返回所述第一数字货币运营端。
- 根据权利要求4所述的方法,其中,所述第一终端设备和所述第一数字货币运营端分别通过如下方式生成所述第一过程密钥:通过所述第一终端设备与所述第一数字货币运营端之间的密钥协商,确定第一共享机密密钥;利用所述第一共享机密密钥,对所述第一终端设备的设备标识和所述第一终端设备生成的随机数进行加密,得到所述第一过程密钥。
- 根据权利要求1所述的方法,其中,所述第一终端设备与所述第二终端设备进行所述数字货币交易的步骤包括:所述第一终端设备将所述第三证书发送到所述第二终端设备,以 及接收所述第二终端设备发送的所述第四证书;所述第一终端设备根据所述第四证书中的签名信息,从所述一个或多个数字货币运营端中确定所述第二数字货币运营端;所述第一终端设备利用验签通过后的由所述第二数字货币运营端签发的所述第二证书,对所述第四证书验签。
- 根据权利要求6所述的方法,其中,所述第一终端设备与所述第二终端设备进行所述数字货币交易的步骤还包括:所述第一终端设备与所述第二终端设备利用第二过程密钥,对所述数字货币交易中所通信的业务数据进行加密,并发送到对端终端设备,所述第一终端设备与所述第二终端设备互为所述对端终端设备,其中:所述第一终端设备与所述第二终端设备分别通过如下方式生成所述第二过程密钥:通过所述第一终端设备与所述第二终端设备之间的密钥协商确定第二共享机密密钥,并交换各自的随机数;对所述第一终端设备和所述第二终端设备双方的随机数,按照预设的处理规则进行处理,以得到待加密随机数,并利用所述第二共享机密密钥对所述待加密随机数加密,得到所述第二过程密钥。
- 根据权利要求1所述的方法,其中,所述第一终端设备在安全加密芯片中执行与所述数字货币交易相关的本地操作,所述本地操作包括:生成过程密钥的操作、数据加密操作、数据解密操作、签名操作、验签操作中的一种或多种操作,其中,所述过程密钥为与所述第一数字货币运营端进行所述数字货币交易所使用的第一过程密钥,或与所述第二终端设备进行所述数字货币交易所使用的第二过程密钥。
- 一种用于数字货币交易的安全认证装置,用于第一终端设备,包括:证书存储模块,被配置为存储数字货币发行端签发的第一证书以及一个或多个数字货币运营端签发的第二证书,所述数字货币运营端 与所述第二证书一一对应;验签模块,被配置为利用所述第一证书对所述第二证书验签;证书接收模块,被配置为接收所述一个或多个数字货币运营端中第一数字货币运营端发送的第三证书;所述验签模块还被配置为利用验签通过后的由所述第一数字货币运营端签发的所述第二证书,对所述第三证书验签,所述第三证书是所述第一数字货币运营端根据所述第一终端设备的签名数据生成的;安全交易模块,被配置为在所述第三证书验签通过后,与所述第一数字货币运营端和/或第二终端设备进行数字货币交易,其中,所述第二终端设备存储有所述一个或多个数字货币运营端中第二数字货币运营端发送的第四证书。
- 根据权利要求9所述的装置,其中,还包括签名模块,被配置为:对所述第一终端设备的本地数据签名,以生成所述第一终端设备的签名数据,所述第一终端设备的本地数据包括所述第一终端设备的设备标识和所述第一终端设备生成的随机数;将所述第一终端设备的签名数据发送至所述第一数字货币运营端,以由所述第一数字货币运营端根据所述第一终端设备的签名数据生成所述第三证书。
- 根据权利要求10所述的装置,其中,所述安全交易模块还被配置为:利用第一过程密钥对所述数字货币交易的第一业务数据加密,并发送到所述第一数字货币运营端,以由所述第一数字货币运营端根据所述第一业务数据生成所述数字货币交易的第二业务数据;接收所述第一数字货币运营端发送的加密通信数据以及摘要信息签名,所述加密通信数据是所述第一数字货币运营端利用所述第一过程密钥对所述第二业务数据加密得到的,所述摘要信息签名是所述第一数字货币运营端对所述第二业务数据生成第一摘要信息,再对所述 第一摘要信息签名得到的;对所述加密通信数据解密,得到所述第二业务数据,并对解密得到的所述第二业务数据生成第二摘要信息;以及,对所述摘要信息签名验签,得到所述第一摘要信息;将所述第一摘要信息与所述第二摘要信息进行比对,在比对一致的情况下,对所述第二业务数据进行对应的业务处理,并将处理结果返回所述第一数字货币运营端。
- 根据权利要求11所述的装置,其中,所述安全交易模块还被配置为:通过所述第一终端设备与所述第一数字货币运营端之间的密钥协商,确定第一共享机密密钥;利用所述第一共享机密密钥,对所述第一终端设备的设备标识和所述第一终端设备生成的随机数进行加密,得到所述第一过程密钥。
- 根据权利要求9所述的装置,其中,所述安全交易模块还被配置为:将所述第三证书发送到所述第二终端设备,以及接收所述第二终端设备发送的所述第四证书;所述验签模块还被配置为:根据所述第四证书中的签名信息,从所述一个或多个数字货币运营端中确定所述第二数字货币运营端;所述第一终端设备利用验签通过后的由所述第二数字货币运营端签发的所述第二证书,对所述第四证书验签。
- 根据权利要求13所述的装置,其中,所述安全交易模块还被配置为:所述第一终端设备与所述第二终端设备利用第二过程密钥,对所述数字货币交易中所通信的业务数据进行加密,并发送到对端终端设备,所述第一终端设备与所述第二终端设备互为所述对端终端设备,其中:所述第一终端设备与所述第二终端设备分别通过如下方式生成所 述第二过程密钥:通过所述第一终端设备与所述第二终端设备之间的密钥协商确定第二共享机密密钥,并交换各自的随机数;对所述第一终端设备和所述第二终端设备双方的随机数,按照预设的处理规则进行处理,以得到待加密随机数,并利用所述第二共享机密密钥对所述待加密随机数加密,得到所述第二过程密钥。
- 一种用于数字货币交易的安全认证系统,包括:数字货币发行端、一个或多个数字货币运营端、第一终端设备,所述第一终端设备包括如权利要求9至14所述的用于数字货币交易的安全认证装置。
- 一种电子设备,包括:一个或多个处理器;存储器,被配置为存储一个或多个程序,当所述一个或多个程序被所述一个或多个处理器执行时,使得所述一个或多个处理器实现如权利要求1-8中任一所述的方法。
- 一种计算机可读介质,其上存储有计算机程序,所述计算机程序被处理器执行时实现如权利要求1-8中任一所述的方法。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202210173203.5 | 2022-02-24 | ||
CN202210173203.5A CN114584355B (zh) | 2022-02-24 | 2022-02-24 | 一种用于数字货币交易的安全认证方法、装置和系统 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2023160667A1 true WO2023160667A1 (zh) | 2023-08-31 |
Family
ID=81774343
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2023/078254 WO2023160667A1 (zh) | 2022-02-24 | 2023-02-24 | 一种用于数字货币交易的安全认证方法、装置和系统 |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN114584355B (zh) |
WO (1) | WO2023160667A1 (zh) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114584355B (zh) * | 2022-02-24 | 2024-03-22 | 中国人民银行数字货币研究所 | 一种用于数字货币交易的安全认证方法、装置和系统 |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2017182601A1 (de) * | 2016-04-22 | 2017-10-26 | Bundesdruckerei Gmbh | Elektronisches verfahren zur kryptographisch gesicherten überweisung eines betrags einer kryptowährung |
CN107392601A (zh) * | 2017-06-26 | 2017-11-24 | 中国人民银行数字货币研究所 | 数字货币钱包的申请方法和系统 |
CN113065856A (zh) * | 2021-02-22 | 2021-07-02 | 北京飞纳泰科信息技术有限公司 | 一种数字货币钱包安全同步方法 |
CN114037446A (zh) * | 2021-09-30 | 2022-02-11 | 中国人民银行数字货币研究所 | 一种数字货币的交易方法、交易管理方法、装置及系统 |
CN114584355A (zh) * | 2022-02-24 | 2022-06-03 | 中国人民银行数字货币研究所 | 一种用于数字货币交易的安全认证方法、装置和系统 |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107959686B (zh) * | 2017-12-13 | 2019-06-07 | 恒宝股份有限公司 | 一种物联网安全认证系统及认证方法 |
CN109302412B (zh) * | 2018-11-06 | 2021-09-21 | 晋商博创(北京)科技有限公司 | 基于CPK的VoIP通信处理方法、终端、服务器及存储介质 |
CN112291190B (zh) * | 2020-07-28 | 2022-10-14 | 国网思极网安科技(北京)有限公司 | 一种身份认证方法、终端及服务器 |
-
2022
- 2022-02-24 CN CN202210173203.5A patent/CN114584355B/zh active Active
-
2023
- 2023-02-24 WO PCT/CN2023/078254 patent/WO2023160667A1/zh active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2017182601A1 (de) * | 2016-04-22 | 2017-10-26 | Bundesdruckerei Gmbh | Elektronisches verfahren zur kryptographisch gesicherten überweisung eines betrags einer kryptowährung |
CN107392601A (zh) * | 2017-06-26 | 2017-11-24 | 中国人民银行数字货币研究所 | 数字货币钱包的申请方法和系统 |
CN113065856A (zh) * | 2021-02-22 | 2021-07-02 | 北京飞纳泰科信息技术有限公司 | 一种数字货币钱包安全同步方法 |
CN114037446A (zh) * | 2021-09-30 | 2022-02-11 | 中国人民银行数字货币研究所 | 一种数字货币的交易方法、交易管理方法、装置及系统 |
CN114584355A (zh) * | 2022-02-24 | 2022-06-03 | 中国人民银行数字货币研究所 | 一种用于数字货币交易的安全认证方法、装置和系统 |
Also Published As
Publication number | Publication date |
---|---|
CN114584355B (zh) | 2024-03-22 |
CN114584355A (zh) | 2022-06-03 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US12021850B2 (en) | Efficient methods for authenticated communication | |
Ramana et al. | A three-level gateway protocol for secure m-commerce transactions using encrypted OTP | |
EP4254860A2 (en) | Key pair infrastructure for secure messaging | |
US20180026784A1 (en) | Secure channel establishment | |
JP2011513839A (ja) | 無線による金銭取引を行うためのシステムおよび方法 | |
EP1277301A2 (en) | Method for transmitting payment information between a terminal and a third equipement | |
CN101770619A (zh) | 一种用于网上支付的多因子认证方法和认证系统 | |
WO2015158172A1 (zh) | 一种用户身份识别卡 | |
CN112055019B (zh) | 一种建立通信信道的方法及用户终端 | |
CN110740136B (zh) | 面向开放银行的网络安全控制方法及开放银行平台 | |
CN106960343B (zh) | 一种电子现金安全支付方法与装置 | |
EP4318355A1 (en) | Methods and apparatuses for generating, verifying and storing transaction voucher, device, and system | |
US20230090972A1 (en) | Online secret encryption | |
CN106033571A (zh) | 一种电子签名设备的交易方法、电子签名设备和交易系统 | |
WO2023160667A1 (zh) | 一种用于数字货币交易的安全认证方法、装置和系统 | |
CN114037447A (zh) | 离线交易的方法和装置 | |
US20240062198A1 (en) | Security Chip for Digital Currency Storage, and Application Method for Security Chip for Digital Currency Storage | |
US10715497B1 (en) | Digital safety box for secure communication between computing devices | |
US12015720B2 (en) | Integrating identity tokens and privacy-preserving identity attribute attestations into interactions | |
CN114462990A (zh) | 基于数字货币进行免密支付的方法和装置 | |
Sun et al. | The Mobile payment based on public-key security technology | |
CN114548986A (zh) | 支付方法和支付安全码生成方法、装置、设备与存储介质 | |
EP4425408A1 (en) | Digital currency transaction method and system, and related transaction terminals | |
CN117291597A (zh) | 一种数字人民币的交易方法、装置、电子设备及存储介质 | |
CN115222530A (zh) | 一种数字货币的支付方法、装置和系统 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 23759289 Country of ref document: EP Kind code of ref document: A1 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2023759289 Country of ref document: EP |
|
ENP | Entry into the national phase |
Ref document number: 2023759289 Country of ref document: EP Effective date: 20240924 |