Unlock instant, AI-driven research and patent intelligence for your innovation.

Injection method, architecture and system of rsa key pair and certificate

A key management system and key pair technology, applied in the field of electronic payment, can solve the problems of increasing the construction and maintenance costs of safe rooms, a large amount of human resource expenditure, and large differences in terminal performance, so as to achieve low efficiency and reduce manual operations , the effect of ensuring confidentiality and integrity

Active Publication Date: 2020-09-04
上海汇尔通信息技术有限公司
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] Disadvantage 1: The injection of the certificate needs to be carried out in a security computer room with high security control, and the centralized injection is done manually, which increases the construction and maintenance costs of the security room
[0010] Disadvantage 2: The terminal performance varies greatly, and for most terminals, the generation time of the RSA key pair is very random, and the longest time can reach about ten minutes, which greatly affects the production efficiency
[0011] Disadvantage 3: In order to preset a shared secret information in the payment terminal and the authentication center, manual methods are usually used, and the number of terminals is huge. To ensure that the secret information is unique for each device, a large amount of human resource expenditure is required, and the secret is carried out. The control must reach a very high level of security, otherwise once the secret information is leaked, the private key of the terminal will also be leaked

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Injection method, architecture and system of rsa key pair and certificate
  • Injection method, architecture and system of rsa key pair and certificate
  • Injection method, architecture and system of rsa key pair and certificate

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0091] Embodiment 1 of the present invention is: a method for injecting RSA key pairs and certificates, which can remotely and safely inject RSA key pairs and certificates into payment terminals; the method is based on asymmetric key technology, and based on figure 2 The shown RSA key pair and certificate injection architecture includes a payment terminal 100 , a key management system 200 and a CA center 300 that are sequentially connected by communication.

[0092] Since it is necessary to obtain the RSA key pair and certificate from the CA center, it is necessary to deploy the CA center and build its own KPI system. There are two options. One is to rely on a "trusted third-party CA organization" Affiliated institutions, the so-called "third-party CA institutions" are also commercial CAs, such as CFCA (China Financial Certification Center), CTCA (Citic Security Certification Center), etc.; the second is that the manufacturer establishes its own CA center, which involves this ...

Embodiment 2

[0106] Please refer to Figure 4 , this embodiment is a further extension of steps S2-S3 in Embodiment 1.

[0107] Described step S2 comprises:

[0108] S201: The payment terminal generates request data, and packages the request data with the first public key to obtain a request data packet;

[0109] S202: Use the first private key to sign the request data packet, and send the request data packet and its signature to a key management system.

[0110] Described step S3 comprises:

[0111] S301: The key management system receives the request data packet and its signature, and uses the first public key to verify the validity of the signature of the request data packet;

[0112] S302: If the verification is passed, send the request data to the CA center.

[0113] In this embodiment, by using the private key in the asymmetric key pair to digitally sign the request and the public key, the key management system uses the public key to verify the legitimacy of the payment terminal ...

Embodiment 3

[0115] Please refer to Image 6 , this embodiment is an injection system of a RSA key pair and a certificate corresponding to the above-mentioned embodiments, including:

[0116] The first generation module 1 is used to generate an asymmetric key pair for the payment terminal, and the asymmetric key pair includes a first public key and a first private key;

[0117] The first sending module 2 is used for the payment terminal to initiate a request, and send the request and the first public key to the key management system;

[0118] The second sending module 3 is used for the key management system to receive the request and the first public key, and send the request to the CA center;

[0119] The second generating module 4 is used for the CA center to generate an RSA private key and a certificate according to the request, and send the RSA private key and the certificate to the key management system through a secure link, including the RSA public key in the certificate;

[0120]...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an injection method of an RSA secret key pair and a certificate, a framework and a system thereof. The method comprises the following steps that a payment terminal generates an asymmetric secret key pair which includes a first public key and a first private key; the payment terminal initiates a request and sends the request and the first public key to a secret key management system; the secret key management system sends the request to a CA center; the CA center generates an RSA private key and a certificate according to the request and sends to the secret key management system through a safety link, and the certificate includes an RSA public key; the secret key management system uses the first public key to encrypt the RSA private key and the certificate, and sends encrypted data to the payment terminal; and the payment terminal uses the first private key to decrypt the encrypted data so as to acquire the RSA private key and the certificate. In the invention, a problem that efficiency for the payment terminal to generate the RSA secret key pair is low is effectively solved; through using an asymmetric secret key technology, secret information does not need to be shared with the CA center in advance; and manual operation is reduced, cost is saved and safety is guaranteed.

Description

technical field [0001] The invention relates to the field of electronic payment, in particular to a method, framework and system for injecting RSA key pairs and certificates. Background technique [0002] With the rapid development of the electronic payment industry, such as bank card payment, consumer card payment, industry card payment and other electronic payment technologies through the network, electronic payment is more and more popular due to its fast and convenient features. The electronic payment system includes terminal equipment for consumers, as well as payment platforms and key management equipment. In order to ensure the safety of consumption, consumers input consumption information (such as account password, etc.) through a dedicated payment terminal, and then the payment terminal transmits it to the payment platform. [0003] For payment terminals, taking POS (Point of Sale, POS) as an example, the principle of protecting consumer account security is as foll...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/08H04L9/30H04L29/06G06Q20/20G06Q20/38
CPCG06Q20/20G06Q20/382H04L9/0822H04L9/0825H04L9/085H04L9/0861H04L9/302H04L63/045H04L63/06H04L63/0823H04L63/083
Inventor 谢芳铭林培春
Owner 上海汇尔通信息技术有限公司