Nothing Special   »   [go: up one dir, main page]

CN103108245B - A kind of intelligent television pays cipher key system and method for payment based on intelligent television - Google Patents

A kind of intelligent television pays cipher key system and method for payment based on intelligent television Download PDF

Info

Publication number
CN103108245B
CN103108245B CN201110361720.7A CN201110361720A CN103108245B CN 103108245 B CN103108245 B CN 103108245B CN 201110361720 A CN201110361720 A CN 201110361720A CN 103108245 B CN103108245 B CN 103108245B
Authority
CN
China
Prior art keywords
module
digest value
encryption
intelligent television
dynamic code
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201110361720.7A
Other languages
Chinese (zh)
Other versions
CN103108245A (en
Inventor
刘风军
徐晓强
杨建辉
肖波
刘源
徐蓉
孙立林
金正博
王春晖
海涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Unionpay Co Ltd
Original Assignee
China Unionpay Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Unionpay Co Ltd filed Critical China Unionpay Co Ltd
Priority to CN201110361720.7A priority Critical patent/CN103108245B/en
Priority to PCT/CN2012/084565 priority patent/WO2013071858A1/en
Publication of CN103108245A publication Critical patent/CN103108245A/en
Application granted granted Critical
Publication of CN103108245B publication Critical patent/CN103108245B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/302Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the integer factorization problem, e.g. RSA or quadratic sieve [QS] schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/426Internal components of the client ; Characteristics thereof
    • H04N21/42607Internal components of the client ; Characteristics thereof for processing the incoming bitstream
    • H04N21/42623Internal components of the client ; Characteristics thereof for processing the incoming bitstream involving specific decryption arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/45Management operations performed by the client for facilitating the reception of or the interaction with the content or administrating data related to the end-user or to the client device itself, e.g. learning user preferences for recommending movies, resolving scheduling conflicts
    • H04N21/462Content or additional data management, e.g. creating a master electronic program guide from data received from the Internet and a Head-end, controlling the complexity of a video stream by scaling the resolution or bit-rate based on the client capabilities
    • H04N21/4623Processing of entitlement messages, e.g. ECM [Entitlement Control Message] or EMM [Entitlement Management Message]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/56Financial cryptography, e.g. electronic payment or e-cash
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/601Broadcast encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • Multimedia (AREA)
  • Databases & Information Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

The present invention relates to intelligent television and pay cipher key system and method for payment based on intelligent television.The payment system of the present invention includes client terminal device (100) and TVP encryption device (200), wherein, described payment client terminal device (100) possesses: public key storage module (101), subscriber interface module (102), encrypting module (103) and sending module (104), and described TVP encryption device (200) possesses: key production module (201), secret storage module (202), receiver module (203), deciphering module (204).Pay the intelligent television utilizing the present invention cipher key system and method for payment based on intelligent television can improve payment safety, cost-effective.

Description

A kind of intelligent television pays cipher key system and method for payment based on intelligent television
Technical field
The present invention relates to a kind of intelligent television and pay cipher key system and method for payment based on intelligent television, particularly relate to The intelligent television of unsymmetrical key pays cipher key system and method for payment based on intelligent television.
Background technology
TV pays main application and two kinds of scenes at present: small amount payment and wholesale pay.Small amount payment is mainly TV User is for buying the expense of movie and television play Video service, and TV service operator provides the user a virtual account, Yong Huke To supplement with money the most in advance, when needs small amount payment, the user account number virtual from this deducts the fee;Wholesale pays general Be applied to T-Commerce, management of personal money, payment are supplemented with money and the supplementing with money of user's virtual account number.TV pays and solves based on paying without card Certainly scheme, holder carries out operation by remote controller operation to the menu of telescreen and completes to pay.User can be by intelligence The remote controller of television terminal selects bank card number, input personal identification number or effect duration or the CVN2(i.e. check code bound) etc. Bank sensitive information realizes paying without card that (binding in advance needs user to input holder's assistant authentification information to send card issuer to test Card);Or directly it is manually entered the element of transaction such as bank card sensitive information and holder's assistant authentification information to realize without card transaction.
Television payment system includes: payment client terminal, payment channel front-end system (i.e. TPP), intelligent television pay preposition Device (i.e. TVP) and associated content providing platform (the most integrated Broadcast Control platform).Whole television payment system is passing During defeated transaction message, data are carried out security control.
On the other hand, the online television based on the Internet model that market has occurred pays, its transaction finance number of deals According to be by SSL and HTTPS agreement encrypt and transmission.Television terminal is mutually authenticated by digital certificate with server end, performs Key exchanges;By unsymmetrical key, the data transmitted are encrypted and hide;Reach the safe transmission purpose of data.Existing Asymmetric encryption techniques application is more that user's PIN PKI is only encrypted by terminal, carries out turning encryption at server end.
There is problem below in the prior art: can not definitely guarantee that server oneself is safe.Due to SSL and HTTPS agreement AES and authentication mechanism are all disclosed, and algorithm is relatively simple, so server end is easy to be copied; This point is not even hacked person and utilizes, and common examples is to imitate the phishing attack of bank's domain name.Simulate by copying server end Conclude the business with client, obtain the finance sensitive informations such as bank's card number, trading password.And if by the technology of two-way authentication Above defect can be avoided, but add exploitation and operation cost.It addition, block the growing of payment for nothing at present, Card issuer verifies with greater need for other key elements in addition to PIN, including CVN2, effect duration etc., and even card number, therefore handing over Easily how these key elements being carried out safe transmission in passage is that existing system cannot ensure completely.
Summary of the invention
The present invention is in view of the above problems, it is desirable to provide a kind of safety intelligent television high, cost-effective pays key system System and method of payment based on intelligent television.
The intelligent television of the present invention pays cipher key system, it is characterised in that possess payment client terminal device and TVP encryption dress Putting, described payment client terminal device possesses: public key storage module, presets following PKI;Subscriber interface module, it is thus achieved that transaction Information and sensitive data, generate message body by the Transaction Information obtained, and call PKI from described public key storage module;Encryption Module, is utilized the PKI called by described subscriber interface module to be encrypted described sensitive information and obtains client encryption number According to;And sending module, described client encryption data and described message body are filled as transaction message body to described TVP encryption Putting, described TVP encryption device possesses: key production module, be used for generating private key and with this private key PKI one to one;Private key Memory module, is used for storing described private key, receiver module, sends, from described payment client terminal device, the transaction report of coming for receiving Style;Deciphering module, calls the private key being stored in described secret storage module to the described client in described transaction message body End encryption data is decrypted.
Preferably, described sending module has the compressed encoding unit that described transaction message is compressed and is encoded and sends out The transmitting element of the described transaction message of warp let-off compression and coding, described receiver module has the reception receiving described transaction message The decoding decompression unit that unit and the described transaction message of docking are decoded and decompress.
Preferably, described encrypting module utilizes described PKI to use RSA rivest, shamir, adelman to enter described sensitive information Row encryption, described deciphering module utilizes client encryption data described in described private key to carry out asymmetric privacy keys deciphering.
Preferably, described payment client terminal device is also equipped with: for described transaction message body calculating digest value and inciting somebody to action The digest value calculated is as the first digest value computing module of described sensitive data, and described TVP encryption device is also equipped with: be used for The described transaction message body received is calculated the second digest value computing module of digest value;Digest value comparison module, compares institute State calculated digest value in the second digest value computing module and by obtaining after described decoding decompression unit decoding decompression The digest value contained in sensitive data is the most consistent.
Preferably, described first digest value computing module and the second digest value computing module utilize Secure Hash Algorithm to institute State transaction message body and calculate digest value.
Preferably, described digest value comparison module be judged as described digest value inconsistent in the case of dropping packets.
Preferably, described PKI is to have the corresponding effect duration elapsed in time and intensity elapses in time and gradually increases By force.
Preferably, described PKI is 3, respectively 1152,1408,1984.
Preferably, described private key is corresponding by call number with described PKI.
Preferably, described call number is also sent collectively to described TVP with described transaction message body and adds by described sending module Close device.
Preferably, described deciphering module is additionally operable to utilize symmetric key to the PIN BLOCK(password form after deciphering) enter Row turns encryption.
Preferably, described TVP encryption device possesses: dynamic code generation module, according to from described payment client terminal device Request generate dynamic code and store this dynamic code, and this dynamic code is sent to user;Dynamic code comparison module, compares institute State the dynamic code comprised in the dynamic code stored in dynamic code generation module and described transaction message body.
Preferably, described dynamic code comparison module has stored in judging described dynamic code generation module dynamic code and institute State the dynamic code in transaction message body inconsistent in the case of dropping packets.
The method of payment based on intelligent television of the present invention, utilizes payment client terminal device and TVP encryption device to carry out electricity Depending on paying, it is characterised in that including: obtain Transaction Information and the obtaining step of sensitive data;Utilize PKI to described acquisition The encrypting step that sensitive data is encrypted;Will encryption after sensitive data and Transaction Information from described payment client terminal apparatus It is sent to the forwarding step of described TVP encryption device;Receive and send the sensitive data come and friendship from described payment client terminal device The easily receiving step of information;By the deciphering step sensitive data received being decrypted with described PKI private key one to one Suddenly.
Preferably, in described encrypting step, utilize PKI that described sensitive information is carried out RSA asymmetric encryption, in institute State in decryption step, utilize private key that described sensitive data is carried out asymmetric privacy keys deciphering.
Preferably, in described forwarding step, it is transmitted again after described transaction message is compressed and encodes, In described receiving step, after receiving described transaction message, the described transaction message of reception is decoded and decompresses.
Preferably, the method for payment based on intelligent television of the present invention is also equipped with: at described payment client terminal device to institute State transaction message body calculate digest value and walked as the first digest value calculating of described sensitive data by the digest value calculated Suddenly;The second digest value calculation procedure of digest value is calculated at the described TVP encryption device described transaction message body to receiving;Ratio Relatively obtain by calculated digest value in described second digest value calculation procedure with by described decoding with after decompressing The digest value comparison step that the digest value that contains in sensitive data is the most consistent.
Preferably, in described first digest value calculation procedure and described second digest value calculation procedure, secure Hash is utilized Algorithm calculates digest value to described transaction message body.
Preferably, in described digest value comparison step, it is being judged as that described digest value abandons report in the case of inconsistent Literary composition.
Preferably, described PKI is to have the corresponding effect duration elapsed in time and intensity elapses in time and gradually increases By force.
Preferably, described PKI is 3, respectively 1152,1408,1984.
Preferably, described private key and described PKI are by call number one_to_one corresponding.
Preferably, in described forwarding step, also described call number and described transaction message body are sent jointly to described TVP encryption device.
Preferably, in described decryption step, utilize symmetric key to the PINBLOCK(password form after deciphering) carry out Symmetric key encryption turn encrypting step.
Preferably, the method for payment based on intelligent television of the present invention is also equipped with: fill according to from described payment client terminal The request put generates dynamic code and this dynamic code is stored in described TVP encryption device, is sent to this dynamic code use simultaneously The dynamic code generation step at family;Relatively it is stored in the dynamic code in described TVP encryption device and user to input as sensitive data To described payment client terminal device the dynamic code ratio of dynamic code that is sent in described TVP encryption device as transaction message body Relatively step.
Preferably, in described dynamic code comparison step, dropping packets in the case of dynamic code is inconsistent.
The intelligent television of the present invention pays the payment client terminal device of cipher key system, it is characterised in that public key storage module, PKI file is stored in advance;Subscriber interface module, is used for obtaining Transaction Information and sensitive data, the Transaction Information that will obtain Generate message body, and for calling PKI from described public key storage module;Encrypting module, utilizes by described user interface mould Described sensitive information is encrypted and obtains client encryption data by the PKI that block calls;Sending module, sends described client Encryption data and the transaction message of described message body composition.
Preferably, this payment client terminal device is also equipped with based on the digest value by described transaction message body calculates digest value Calculate module.
Preferably, described digest value computing module utilizes Secure Hash Algorithm that described transaction message body is calculated digest value.
Preferably, described PKI is to have the corresponding effect duration elapsed in time and intensity elapses in time and gradually increases By force.
Preferably, described PKI is 3, respectively 1152,1408,1984.
Preferably, described encrypting module uses described PKI to carry out RSA rivest, shamir, adelman and enter described sensitive information Row encryption obtains client encryption data.
Preferably, described encrypting module is transmitted after described transaction message is compressed and is encoded again.
The intelligent television of the present invention pays the TVP encryption device in cipher key system, it is characterised in that key production module, For generating private key;Secret storage module, is used for storing described private key;Receiver module, comprises client encryption number for reception According to transaction message body;Deciphering module, calls the private key being stored in described secret storage module in described transaction message body Client encryption data be decrypted.
Preferably, described deciphering module is additionally operable to utilize symmetric key to the PIN BLOCK(password form after deciphering) enter Row turns encryption.The intelligent television utilizing the invention described above pays cipher key system, method of payment based on intelligent television, owing to utilizing PKI, even if therefore transaction message person of being hacked in transmitting procedure distorts, owing to not utilizing private key, the safety after encryption Information also cannot decrypted obtain, and improves the safety of system.And, by message is calculated digest value, and compare, Therefore, even if transaction message person of being hacked in transmitting procedure distorts, by checking digest value, it becomes possible to be accurately judged to transaction Whether message is tampered.Further, on the basis of checking digest value, by checking dynamic code, it is possible to be further ensured that and hold The accuracy of people's identity.And, in the links of whole transaction, trading password is all ciphertext state, thus it is ensured that hand over The easily safety of property breath.It addition, have employed the mode of pre-arranged public in the present invention, PKI validity period is long, and encryption density is strong, energy Enough compromise between security can be with cost-effective two aspects.
Accompanying drawing explanation
Fig. 1 is to represent the schematic configuration diagram that the intelligent television of the present invention pays cipher key system.
Fig. 2 is to represent the further schematic configuration diagram that the intelligent television of the present invention pays cipher key system.
Fig. 3 is the flow chart of the method for payment based on intelligent television representing the present invention.
Detailed description of the invention
Be described below is that the multiple of the present invention may some in embodiments, it is desirable to provide basic to the present invention Solve.It is not intended as confirming the crucial of the present invention or conclusive key element or limiting scope of the claimed.
For making the object, technical solutions and advantages of the present invention clearer, below in conjunction with the accompanying drawings the present invention is made further Detailed description.
Fig. 1 is to represent the schematic configuration diagram that the intelligent television of the present invention pays cipher key system.
As it is shown in figure 1, the intelligent television of the present invention pays cipher key system by the payment client terminal i.e. television terminal of device 100() Constitute with TVP encryption device 200.Payment client terminal device 100 mainly includes public key storage module 101, subscriber interface module 102 (being referred to as UI module in figure), encrypting module 103, sending module 104, TVP encryption device 200 mainly includes key production module 201, secret storage module 202, receiver module 203, deciphering module 204.
In payment client terminal device 100, public key storage module 101 is placed into PKI in advance that will be described later. Subscriber interface module 102 obtains Transaction Information and sensitive data, the Transaction Information obtained is generated message body, and deposits from PKI Storage module calls PKI.
Transaction Information is primarily referred to as the information relevant with transaction such as dealing money, transaction content, exchange hour.Sensitive data Comprise bank card account number, trading password, digest value (i.e. HASH value, will be described later), bank card check bit (i.e. CVN2), the card information such as effect duration, dynamic code (will be described later).
Encrypting module 103 utilizes the PKI called by subscriber interface module 102 to be encrypted sensitive information, thus To client encryption data.Sending module 104 using this client encryption data and described message body as transaction message body to TVP Encryption device 200.
Here, encrypting module 103 uses RSA rivest, shamir, adelman to be encrypted when being encrypted sensitive information. RSA rivest, shamir, adelman is one of the most frequently used rivest, shamir, adelman.
Briefly describe the process of RSA asymmetric encryption, deciphering below.
First, RSA key generation step comprises three below step:
(1) choose two Big prime p and q independently, calculate n=p × q, and calculate
(n)=(p-1) (q-1);
(2) an integer e is selected, (1≤e < (n), (n) and e are coprime).Under mould (n), e has unique inverse element, calculates d=e- 1mod((n));
(3) take PKI for (n, e), private key be (n, d) and destroy p, q.
Then, rsa encryption and decryption step are as follows:
Before encryption message, first divide it into the packet less than n, then to each block encryption.
Encryption: C=Me(mod n)
Deciphering: M=Cd(mod n)
Also, in TVP encryption device 200, key production module 201 is used for generating private key and PKI.Secret storage module 202 for storing the private key that key production module 201 generates.Receiver module 203 receives and sends from payment client terminal device 100 Transaction message body.Deciphering module 204 calls the private key being stored in secret storage module 202 to the client in transaction message body End encryption data carries out asymmetric privacy keys deciphering.
In the present invention, PKI and private key that key production module 201 generates are one_to_one corresponding, and they can be by one Call number sets up corresponding relation.Private key can not obtain from outside, and PKI can be obtained by outside by the way of interface interchange. In the present invention, by the PKI generated in TVP encryption device 200 is converted into a PKI file is pre-filled with above-mentioned Payment client terminal device 100.So, when data are encrypted by payment client terminal device 100, just by subscriber interface module 102 call out this PKI is encrypted data.At the same time the sending module 104 of payment client terminal device 100 also can by with The call number that PKI is corresponding is sent collectively to TVP encryption device 200.So, in TVP encryption device 200, according to this call number Just can find and this PKI private key one to one.
In order to avoid PKI is frequently upgraded, the present inventor proposes a kind of common in the PKI file of binary format Preset the mode of 3 keys.In this approach, every public key setting is corresponding effect duration and intensity elapse in time and gradually increase Add.As an example, respectively 1152,1408,3 keys of 1984 can be set.Payment client terminal device 100 User is pointed out to input bank card sensitive information and checking key element, according to current date institute after collection by subscriber interface module 102 Which locate time period from PKI file, take out the PKI of correspondence and be encrypted by encrypting module 103.So, can not only The problem enough solving to need frequent updating key in existing encryption technology, additionally it is possible to provide passage confidentiality in time higher close Key.
In payment client terminal device 100, sending module 104 specifically includes: described transaction message is compressed and The compressed encoding unit of BASE64 coding and the transmitting element (not shown) of the compressed described transaction message with coding of transmission.
Correspondingly, in TVP encryption device 200, receiver module 203 specifically includes: receive connecing of described transaction message Receipts unit and the described transaction message of docking carry out the decoding decompression unit of BASE64 decoding and decompression.
Here, the deciphering module 204 in TVP encryption device 200 is also further with the PIN after symmetric key and deciphering BLOCK(password form) carry out turning encryption.In the present invention, needs carry out turning a reason for encryption and are, bank in financial sector The sensitive informations such as clip pin are not in application system, including resident in data base, internal memory, therefore, it is necessary in TVP encryption device Carry out performing this in 200 and turn ciphering process.
Fig. 2 is to represent the further schematic configuration diagram that the intelligent television of the present invention pays cipher key system.
For the safety of guarantee information transmission, on the architecture basics shown in Fig. 1, as in figure 2 it is shown, at payment client terminal Device 100 is also equipped with: for described transaction message body calculating digest value (i.e. HASH value) and being made by the digest value calculated The first digest value computing module 105 for described sensitive data.Correspondingly.It is also equipped with in TVP encryption device 200: be used for docking The transaction message body received calculates the second digest value computing module 205 of digest value;Digest value comparison module 206, compares second Calculated digest value and by the sensitive data that obtains after decoding decompression unit decoding decompression in digest value computing module The digest value contained is the most consistent.Here, as the method calculating digest value, use Secure Hash Algorithm.
So, at payment client terminal device 100, the first digest value computing module 105 transaction message body is calculated summary Value, and this digest value is carried out above-mentioned encryption as sensitive information.The second digest value is utilized to calculate mould in TVP encryption device 200 Block 205 also calculates digest value to the message body received, the digest value simultaneously by digest value comparison module 206, this calculated with The digest value contained in sensitive information after deciphering compares, if both are unequal, then shows that transaction message is being transmitted across Journey may be tampered, then dropping packets.
On this basis, for the safety of further guarantee information transmission, except utilizing digest value to compare it Outward, it is also possible to utilize the comparison of dynamic code to be further ensured that safety.As in figure 2 it is shown, specifically, TVP encryption device 200 is also Can be further equipped with: dynamic code generation module 208 and dynamic code comparison module 209.Dynamic code generation module 208 according to from The request of payment client terminal device 100 generates dynamic code and stores this dynamic code, simultaneously by this dynamic code by note or The mode of other grades is sent to user.User, when paying, inputs this dynamic code according to the prompting of subscriber interface module 102, and Using this dynamic code as sensitive information, after being encrypted by encrypting module 103, it is sent to TVP encryption dress by sending module 104 Put 200.Dynamic code after the receiver module 203 in TVP encryption device 200 receives and deciphered by deciphering module 204 is transfused to To dynamic code comparison module 209, meanwhile, the dynamic code stored in dynamic code generation module 208 (is generated by dynamic code the most the earliest The dynamic code that module 208 generates) be also fed to dynamic code comparison module 209, dynamic code comparison module 209 both are carried out, If both are unequal, then show that transaction message may be tampered in transmitting procedure, then dropping packets.
Intelligent television in the present invention pays in cipher key system, make use of PKI not utilize private key, even if therefore handing over Easily message person of being hacked in transmitting procedure distorts, and the safety information after encryption also cannot decrypted obtain, and improves system Safety.
And, the intelligent television in the present invention pays in cipher key system, by message is calculated digest value, and compares Relatively, therefore, even if transaction message person of being hacked in transmitting procedure distorts, by checking digest value, it is possible to judge transaction report Whether literary composition is tampered, and improves the safety of system.
And, the intelligent television in the present invention pays in cipher key system, by using dynamic code authentication mechanism, it is possible to ensure The accuracy of holder's identity, improves the safety of system.
And, in intelligent television of the present invention pays cipher key system, in the links of whole transaction, trading password is all Being ciphertext state, be all sightless, trading password also will not record in any physical medium, therefore, the most in plain text Protect the safety of transactional breath, improve the safety of system.
And, the intelligent television in the present invention pays in cipher key system, and PKI validity period is long, and encryption density is strong, it is possible to On the basis of ensureing security of system, cost-effective.
Method of payment based on intelligent television below for the present invention illustrates.
Fig. 3 is the flow chart of the method for payment based on intelligent television representing the present invention.
As it is shown on figure 3, in payment client terminal device 100 side, obtain Transaction Information composition transaction message body, to message body meter Calculate digest value.Wherein, transaction message body is by Transaction Information and sensitive data.Transaction Information is primarily referred to as in dealing money, transaction The information relevant with transaction such as appearance, exchange hour.Sensitive data comprises bank card account number, trading password, digest value, bank card school Test position (i.e. CVN2), the card information such as effect duration, dynamic code.
In payment client terminal device 100 side from obtaining other sensitive informations of bank card number, trading password etc., will calculate The digest value gone out also serves as sensitive information together by utilizing the PKI of storage in PKI file to carry out RSA asymmetric encryption, raw Become the client name sense data after encryption.Then, will encryption after client sensitive data and message body as transaction message one Rise and be sent to TVP encryption device 200.
In TVP encryption device 200 side, after receiving transaction message, sharp to client sensitive data after sending the encryption come Carry out asymmetric privacy keys deciphering with private key, by asymmetric privacy keys deciphering obtain on deliver newspaper style digest value, on send dynamic Sensitive information after code, deciphering.
Utilize deciphering after PIN BLOCK(password form) and symmetric key carry out symmetric key key and turn encryption, generation PIN BLOCK(password form after encryption).After deciphering sensitive information and encryption after PIN BLOCK(password form) can be answered For trading processing.
On the other hand, after receiving transaction message, the message body received is calculated digest value.Compare this calculated The digest value of message body is delivered newspaper the digest value of style on above-mentioned, and both are the most consistent in checking, feelings inconsistent both judge Under condition, dropping packets.In the case of consistent both judging, continue with.
On the basis of checking digest value, further after checking deciphering on the dynamic code that send with TVP encryption device 200 The dynamic code of storage is the most consistent, in the case of inconsistent both judging, and dropping packets.In the situation that both judgements are consistent Under, continuous business processes.
The method of payment based on intelligent television of the present invention utilizes payment client terminal 100 i.e. television terminal and TVP encryption dress Put 200 to realize, utilize the method for payment based on intelligent television of the present invention, use PKI, even if therefore transaction message is passing During defeated, the person of being hacked distorts, and owing to not using private key, the safety information after encryption also cannot decrypted obtain, and improves The safety of system.
And, utilize the method for payment based on intelligent television of the present invention, by message is calculated digest value, and compare Relatively, therefore, even if transaction message person of being hacked in transmitting procedure distorts, by checking digest value, it is possible to judge transaction report Whether literary composition is tampered, and improves the safety of system.
And, utilize the method for payment based on intelligent television of the present invention, by using dynamic code authentication mechanism, it is possible to protect The accuracy of card holder's identity, improves the safety of system.
And, utilize the method for payment based on intelligent television of the present invention, in the links of whole transaction, conclude the business close Code is all ciphertext state, is all sightless, and trading password also will not record in any physical medium in plain text, therefore, enters one Step ensure that the safety of transactional breath, improves the safety of system.
And, utilizing the method for payment based on intelligent television of the present invention, PKI validity period is long, and encryption density is strong, it is possible to On the basis of ensureing security of system, cost-effective.
Example above primarily illustrates the system of the present invention and various application process.Although only to the some of them present invention's Embodiment is described, but those of ordinary skill in the art it is to be appreciated that the present invention can without departing from its spirit with In the range of implement with other forms many.Therefore, the example shown and embodiment are considered schematic and unrestricted Property, in the case of without departing from spirit and scope of the present invention as defined in appended claims, the present invention may contain Various amendments and replacement.
Many can also be constituted in the case of without departing from the spirit and scope of the present invention and have the embodiment of very big difference.Should Work as understanding, except as defined by the appended claims, the invention is not restricted to specific embodiment described in the description.

Claims (18)

1. an intelligent television pays cipher key system, it is characterised in that possess payment client terminal device (100) and TVP encryption dress Put (200),
Described payment client terminal device (100) possesses:
Public key storage module (101), presets following PKI;
Subscriber interface module (102), it is thus achieved that Transaction Information and sensitive data, generates message body by the Transaction Information obtained, and Described PKI is called from described public key storage module;
Encrypting module (103), is utilized the PKI called by described subscriber interface module, is encrypted sensitive information, obtains Client encryption data;And
Sending module (104), is sent to described TVP using described client encryption data and described message body as transaction message body Encryption device,
Described TVP encryption device (200) possesses:
Key production module (201), be used for generating private key and with this private key PKI one to one;
Secret storage module (202), is used for storing described private key;
Receiver module (203), sends, from described payment client terminal device, the transaction message body of coming for receiving;
Deciphering module (204), calls the private key that is stored in described secret storage module to described in described transaction message body Client encryption data is decrypted;
Dynamic code generation module (208), generates dynamic code according to the request from described payment client terminal device (100) and deposits Store up this dynamic code, also this dynamic code be sent to user simultaneously,
Wherein, described PKI is to have the corresponding effect duration elapsed in time and intensity elapses many gradually strengthened in time PKI, described deciphering module (204) is additionally operable to utilize symmetric key to carry out turning encryption to the password form after deciphering,
Described subscriber interface module (102) also obtains this dynamic code inputted by user as sensitive data, by described encryption This dynamic code is encrypted and by described sending module (104) by moving after encryption by module (103) as described sensitive information State code is sent collectively to described TVP encryption dress with described message body as transaction message body as described client encryption data Put,
Described TVP encryption device is also equipped with dynamic code comparison module (209), relatively in described dynamic code generation module (208) The dynamic code comprised in the described dynamic code of storage and described transaction message body.
2. intelligent television as claimed in claim 1 pays cipher key system, it is characterised in that
Described sending module (104) has the compressed encoding unit that described transaction message is compressed and is encoded and sends through pressure The transmitting element of the described transaction message of contracting and coding,
Described receiver module (203) has the reception unit receiving described transaction message and is decoded with docking described transaction message With the decoding decompression unit decompressed.
3. intelligent television as claimed in claim 2 pays cipher key system, it is characterised in that
Described encrypting module (103) utilizes described PKI to use RSA rivest, shamir, adelman to be encrypted described sensitive information,
Described deciphering module (204) utilizes client encryption data described in described private key to carry out asymmetric privacy keys deciphering.
4. intelligent television as claimed in claim 2 pays cipher key system, it is characterised in that
Described payment client terminal device (100) is also equipped with: for described transaction message body being calculated digest value and will calculate Digest value as the first digest value computing module (105) of described sensitive data,
Described TVP encryption device (200) is also equipped with:
For the described transaction message body received being calculated the second digest value computing module (205) of digest value;
Calculated digest value and by described in digest value comparison module (206), relatively described second digest value computing module The digest value contained in the sensitive data obtained after decoding decompression unit decoding decompression is the most consistent.
5. intelligent television as claimed in claim 4 pays cipher key system, it is characterised in that
Described first digest value computing module (105) and the second digest value computing module (205) utilize Secure Hash Algorithm to institute State transaction message body and calculate digest value.
6. intelligent television as claimed in claim 5 pays cipher key system, it is characterised in that
Described digest value comparison module (206) be judged as described digest value inconsistent in the case of dropping packets.
7. intelligent television as claimed in claim 1 pays cipher key system, it is characterised in that
Described PKI is 3, respectively 1152,1408,1984.
8. intelligent television as claimed in claim 1 pays cipher key system, it is characterised in that
Described private key and described PKI pass through call number one_to_one corresponding,
Described call number and described transaction message body are also sent collectively to described TVP encryption device by described sending module (104).
9. intelligent television as claimed in claim 1 pays cipher key system, it is characterised in that
Dynamic code that described dynamic code comparison module (209) has stored in judging described dynamic code generation module (208) and institute State the dynamic code in transaction message body inconsistent in the case of dropping packets.
10. a method of payment based on intelligent television, utilizes payment client terminal device and TVP encryption device to carry out TV and props up Pay, it is characterised in that including:
Obtain Transaction Information and the obtaining step of sensitive data;
Utilize the encrypting step that the sensitive data of described acquisition is encrypted by PKI;
Sensitive data after encryption and Transaction Information are sent to sending out of described TVP encryption device from described payment client terminal device Send step;
Receive and send the sensitive data come and the receiving step of Transaction Information from described payment client terminal device;
By the decryption step sensitive data received being decrypted with described PKI private key one to one;
Generate dynamic code according to the request from described payment client terminal device and this dynamic code is stored in described TVP encryption Device, is sent to the dynamic code generation step of user simultaneously by this dynamic code;
Relatively being stored in the dynamic code in described TVP encryption device and user is input to described payment client terminal as sensitive data Device (100) is also sent to the dynamic code of the dynamic code in described TVP encryption device (200) as transaction message body and compares step Suddenly,
Wherein, described PKI is to have the corresponding effect duration elapsed in time and intensity elapses many gradually strengthened in time PKI,
In described decryption step, symmetric key is utilized to carry out turning encryption to the password form after deciphering.
11. methods of payment based on intelligent television as claimed in claim 10, it is characterised in that
In described encrypting step, utilize PKI that sensitive information is carried out RSA asymmetric encryption,
In described decryption step, utilize private key that described sensitive data is carried out asymmetric privacy keys deciphering.
12. methods of payment based on intelligent television as claimed in claim 11, it is characterised in that
In described forwarding step, it is transmitted again after described transaction message is compressed and encodes,
In described receiving step, after receiving described transaction message, the described transaction message of reception is decoded and decompresses.
13. methods of payment based on intelligent television as claimed in claim 12, it is characterised in that be also equipped with:
Described transaction message body calculated digest value and using the digest value that calculates as institute at described payment client terminal device State the first digest value calculation procedure of sensitive data;
The second digest value calculation procedure of digest value is calculated at the described TVP encryption device described transaction message body to receiving;
Relatively by calculated digest value in described second digest value calculation procedure and by described decoding and decompression after The digest value comparison step that the digest value that contains in the sensitive data obtained is the most consistent.
14. methods of payment based on intelligent television as claimed in claim 13, it is characterised in that
Utilize Secure Hash Algorithm to described in described first digest value calculation procedure and described second digest value calculation procedure Transaction message body calculates digest value.
15. methods of payment based on intelligent television as claimed in claim 14, it is characterised in that
In described digest value comparison step, be judged as described digest value inconsistent in the case of dropping packets.
16. methods of payment based on intelligent television as claimed in claim 10, it is characterised in that
In described dynamic code comparison step, dropping packets in the case of dynamic code is inconsistent.
17. methods of payment based on intelligent television as claimed in claim 10, it is characterised in that
Described PKI is 3, respectively 1152,1408,1984.
18. methods of payment based on intelligent television as claimed in claim 17, it is characterised in that
Described private key and described PKI pass through call number one_to_one corresponding,
In described forwarding step, also described call number and described transaction message body are sent jointly to described TVP encryption device.
CN201110361720.7A 2011-11-15 2011-11-15 A kind of intelligent television pays cipher key system and method for payment based on intelligent television Active CN103108245B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201110361720.7A CN103108245B (en) 2011-11-15 2011-11-15 A kind of intelligent television pays cipher key system and method for payment based on intelligent television
PCT/CN2012/084565 WO2013071858A1 (en) 2011-11-15 2012-11-14 Payment secret key system of intelligent tv and payment method based on intelligent tv

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201110361720.7A CN103108245B (en) 2011-11-15 2011-11-15 A kind of intelligent television pays cipher key system and method for payment based on intelligent television

Publications (2)

Publication Number Publication Date
CN103108245A CN103108245A (en) 2013-05-15
CN103108245B true CN103108245B (en) 2016-09-28

Family

ID=48315761

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201110361720.7A Active CN103108245B (en) 2011-11-15 2011-11-15 A kind of intelligent television pays cipher key system and method for payment based on intelligent television

Country Status (2)

Country Link
CN (1) CN103108245B (en)
WO (1) WO2013071858A1 (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103546454A (en) * 2013-08-28 2014-01-29 深圳市龙视传媒有限公司 Encryption method, encryption system and related equipment
CN103686437B (en) * 2013-12-06 2018-12-21 康佳集团股份有限公司 A kind of television interactive dynamic password authorization payment method and system
CN105516056B (en) * 2014-09-24 2018-10-26 腾泰科技股份有限公司 Encrypt file protecting system and its guard method
CN105654281A (en) * 2015-12-30 2016-06-08 中国银联股份有限公司 Safe payment system and safe payment method
CN111464556B (en) * 2016-10-25 2022-12-30 武汉大数据产业发展有限公司 Portable user terminal
CN109034796B (en) * 2018-06-15 2023-09-22 安达数据技术(深圳)有限公司 Alliance chain-based transaction supervision method, electronic device and readable storage medium
TWI743860B (en) * 2020-06-30 2021-10-21 瑞昱半導體股份有限公司 Communication device and network management method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1766920A (en) * 2005-11-01 2006-05-03 广州好易联支付网络有限公司 On-line safety payment system
CN101087189A (en) * 1998-05-05 2007-12-12 杰伊·C·陈 A cryptographic system and method for electronic trade
CN101098225A (en) * 2006-06-29 2008-01-02 中国银联股份有限公司 Safety data transmission method and paying method, paying terminal and paying server
CN101119471A (en) * 2007-08-29 2008-02-06 北京数码视讯科技有限公司 System and method for implementing digital television on-line payment

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4304362B2 (en) * 2002-06-25 2009-07-29 日本電気株式会社 PKI-compliant certificate confirmation processing method and apparatus, and PKI-compliant certificate confirmation processing program
CN101853453A (en) * 2009-04-03 2010-10-06 中兴通讯股份有限公司 System and method for realizing mobile payment

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101087189A (en) * 1998-05-05 2007-12-12 杰伊·C·陈 A cryptographic system and method for electronic trade
CN1766920A (en) * 2005-11-01 2006-05-03 广州好易联支付网络有限公司 On-line safety payment system
CN101098225A (en) * 2006-06-29 2008-01-02 中国银联股份有限公司 Safety data transmission method and paying method, paying terminal and paying server
CN101119471A (en) * 2007-08-29 2008-02-06 北京数码视讯科技有限公司 System and method for implementing digital television on-line payment

Also Published As

Publication number Publication date
WO2013071858A1 (en) 2013-05-23
CN103108245A (en) 2013-05-15

Similar Documents

Publication Publication Date Title
AU2021203184B2 (en) Transaction messaging
CN111079128B (en) Data processing method and device, electronic equipment and storage medium
CN103108245B (en) A kind of intelligent television pays cipher key system and method for payment based on intelligent television
CN109818749B (en) Quantum computation resistant point-to-point message transmission method and system based on symmetric key pool
CN101631305B (en) Encryption method and system
US10044684B2 (en) Server for authenticating smart chip and method thereof
CN110198295A (en) Safety certifying method and device and storage medium
CN105553654A (en) Key information query processing method and device and key information management system
CN103781064A (en) Short message verification system and verification method
CN109818741A (en) A kind of decryption calculation method and device based on elliptic curve
CN102404337A (en) Data encryption method and device
CN104200154A (en) Identity based installation package signing method and identity based installation package signing device
CN106656955A (en) Communication method and system and user terminal
CN103297230A (en) Information encryption and decryption method, device and system
CN106204034B (en) Using the mutual authentication method and system of interior payment
KR101302947B1 (en) Finance system and financial transaction data transmission method and data decryption system and method for securely delivering of financial transaction information
KR101305576B1 (en) Data transmission system and method and data decryption system and method for securely delivering of digital information
KR101269751B1 (en) Data transmission system and method and data decryption system and method for securely delivering of digital information
KR101269818B1 (en) Data transmission system and method and data decryption system and method for securely delivering of digital information
CN110572256B (en) Anti-quantum computing asymmetric key management method and system based on asymmetric key pool and implicit certificate
KR101133093B1 (en) Method for providing user with encryption and digital signature using single certificate
CN108737354B (en) Method and system for realizing mobile payment security protection
CN103780390A (en) Method and device for presenting plaintext information by user
KR101306415B1 (en) Finance system and financial transaction data transmission method and data decryption system and method for securely delivering of financial transaction information
KR101305593B1 (en) Finance system and financial transaction data transmission method and data decryption system and method for securely delivering of financial transaction information

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant