Method, apparatus and system for decrypting cloud payment limiting key

A cloud payment and key technology, applied in transmission systems, digital transmission systems, secure communication devices, etc., to resist malicious attacks and solve security problems

Active Publication Date: 2017-10-20
吕文华
View PDF5 Cites 4 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0019] The main purpose of the present invention is to provide a method, device and system for decrypting the cloud payment restricted key, which solves the security problem of storing and using the private key in a non-trusted environment such as a mobile terminal, so as to encrypt the application digital certificate Technology realizes the safe distribution and use of cloud payment restriction keys and provides technical guarantee

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, apparatus and system for decrypting cloud payment limiting key
  • Method, apparatus and system for decrypting cloud payment limiting key
  • Method, apparatus and system for decrypting cloud payment limiting key

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0069] refer to figure 1 , figure 1 A flowchart of an embodiment of a method for decrypting a cloud payment restriction key provided by the present invention is shown. The method of this embodiment is applied to a server, and the method includes: Step S110.

[0070] In step S110, use multiple private key fragments to iteratively restore the elliptic curve points and then perform private key decryption; the calculation results of the multiple private key fragments are equivalent to the corresponding private key calculation results, and the decryption process is not complete. The private key appears.

[0071] Due to the fragility of mobile terminals, there is a risk of private key exposure no matter whether the private key is stored or used. In the technical solution of the present invention, there is no complete private key in the decryption process, which solves the security of the key in an untrusted environment, so that the key does not appear completely in the process of...

Embodiment 2

[0115] refer to figure 2 , figure 2 A structural block diagram of an embodiment of a system 200 for decrypting a cloud payment restriction key provided by the present invention is shown. The method of this embodiment is applied in the server, including:

[0116] The iterative recovery module 21 is used to iteratively restore the elliptic curve points using a plurality of private key fragments to perform private key decryption; the operation results of the respective iterations of the plurality of private key fragments are equivalent to the operation results of the corresponding private key, and the decryption process No full private key present. The functions and implementation methods of this module can refer to Embodiment 1 and figure 1 .

[0117] Further, the iterative recovery module includes:

[0118] a receiving unit, configured to receive the elliptic curve points sent by the input device;

[0119] a judging unit for sequentially judging the type of the private ...

Embodiment 3

[0139] refer to image 3 , image 3 It shows an apparatus 300 for decrypting a cloud payment restriction key provided by the present invention, including the system 200 described in any one of the second embodiment.

[0140] Embodiment 3 of the present invention provides a device for decrypting the cloud payment restriction key, which uses multiple private key fragments to iteratively restore the elliptic curve point and then performs private key decryption; the multiple private key fragments respectively iterate the operation The result is equivalent to the operation result of the corresponding private key, and there is no technical solution for the complete private key in the decryption process, which can effectively resist malicious attacks of unauthorized access to private data. The technology of multi-fragment iterative operation is adopted, and no complete private key appears in the whole decryption process, thereby solving the security problem of mobile terminal privat...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides a method, apparatus and system for decrypting a cloud payment limiting key. The method comprises the following steps: separately performing iteration on a plurality of private key fragments to restore an elliptic curve point, and performing private key decryption. The operation result of separate iteration of the plurality of private key fragments is equivalent operation result of the corresponding private key, and no complete private key occurs in the decryption process, thereby effectively defending the attack of privacy data access beyond the authority. The technology of separate iteration of a plurality of fragment is adopted, no complete private key occurs in the decryption process, thereby solving the security problem that the private key of a mobile terminal is leaked; and on the basis that the problem that the security problem that the private key of a mobile terminal is leaked is solved, secure allocation and use of the cloud payment limiting key is realized, and thus the security problem of Access PIN and symmetrical encryption protection limiting key are effectively solved.

Description

technical field [0001] The present invention relates to the technical field of mobile payment security, in particular to a method, device and system for decrypting a cloud payment restriction key. Background technique [0002] HCE (Host Card Emulation) technology is also called host card emulation technology. In HCE mode, the terminal security module SE is replaced by a remotely hosted cloud SE (Cloud Secure Element or SE on the Cloud), and mobile devices can implement cloud payment applications even without SE hardware modules. [0003] The core principle of the cloud payment card is: the cloud payment platform distributes the limit key (LUK, Limit UsageKey) to the mobile application client in advance; Send it to the cloud payment platform for verification through the non-acceptance terminal. [0004] The key is restricted as a sensitive parameter, and a protection mechanism based on Access PIN is adopted in the key distribution process. Access PIN is a user password set...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/08
CPCH04L9/0825H04L9/0861H04L9/0866H04L9/0869H04L9/088H04L9/0891
Inventor 吕文华宛海加刘永
Owner 吕文华
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap