Unlock instant, AI-driven research and patent intelligence for your innovation.

A method and terminal for transmitting sensitive data

A sensitive data and terminal technology, applied in the field of information security, can solve problems such as the increase in the number of superior first certificates, the inability to solve the problem of server-side directional identification terminal, and increase the difficulty of server-side management of first certificates, so as to achieve the effect of improving security

Active Publication Date: 2021-12-14
FUJIAN LANDI COMML EQUIP CO LTD
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] First of all, this method cannot solve the problem of directional identification of terminals on the server side. Assuming that server A uses the first superior certificate A, the first certificate of the legal terminal corresponding to the server must be the first certificate of the lower level of the first certificate A. If Adding a server B, if still using the superior first certificate A, then the servers A and B will not be able to identify their respective legitimate terminals (because the terminals corresponding to the two servers are both the subordinate first certificates of the superior first certificate A, For servers A and B, these first certificates can be verified)
If server B uses another superior first certificate B, although it can solve the problem of directional identification, as the number of servers increases, it will inevitably lead to a corresponding increase in the number of superior first certificates, which will inevitably increase the number of server management first certificates. Difficulty of the certificate

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A method and terminal for transmitting sensitive data
  • A method and terminal for transmitting sensitive data
  • A method and terminal for transmitting sensitive data

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0128] Please refer to figure 1 , a method of passing sensitive data, comprising the steps of:

[0129] S201. The terminal generates a pair of first public and private keys, wherein the first private key is denoted as PRK1, the above-mentioned private key is encrypted by the terminal top-level encryption key and stored in a secure area, and the first public key is denoted as PUK1;

[0130] S202. The terminal sends the terminal serial number SN and the generated first public key PUK1 to the CA center, and requests the CA center to issue a certificate for the first public key PUK1;

[0131] S203. The CA center issues a certificate to the first public key PUK1 to obtain the first certificate POS_WCRT. The format of the first certificate POS_WCRT can be determined according to the actual situation, preferably using the standard x509 format. The CA center maintains the terminal serial number SN and the first Correspondence of certificate POS_WCRT;

[0132] Preferably, the CA cent...

Embodiment 2

[0163] Please refer to figure 1 , image 3 and Figure 4 , using this embodiment as the first technical solution, the difference between this embodiment and Embodiment 1 lies in:

[0164] The S201 preceding also includes:

[0165] S101. The terminal applies for a server number Server_ID from the CA center;

[0166] S102. The CA center manages the server number Server_ID information, and assigns a unique server number Server_ID to the server, wherein the server can refer to the receiving background;

[0167] The S202 also includes: the CA center finds the corresponding acquiring background number Server_ID based on the terminal serial number SN;

[0168] The S203 also includes: writing the server ID Server_ID into the extension field of the certificate to obtain the first certificate POS_WCRT.

[0169] Said S204 includes the following steps:

[0170] (1) The terminal parses the first certificate POS_WCRT according to the certificate format, and extracts the server number ...

Embodiment 3

[0180] Please refer to figure 1 , this embodiment differs from Embodiment 1 in that:

[0181] In the S1, the first private key PRK1 is used to sign the random number R and the terminal serial number SN, and the specific signing steps to obtain the first signature value S include (wherein the formula for obtaining the first signature value S is: S=Sign(PRK1 ,R|SN)):

[0182] (1) piece together the random number R and the terminal serial number SN, and calculate the fifth digest value HASH;

[0183] (2) Use the first private key PRK1 to perform a private key operation on the fifth digest value HASH, and the operation result is the first signature value S.

[0184] In S2, using the first certificate POS_WCRT, terminal serial number SN and random number R to verify whether the first signature value is legal includes:

[0185] Using the first public key PUK1 to perform a public key operation on the first signature value to obtain a first digest value HASH1;

[0186] Putting tog...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention provides a method for transmitting sensitive data and a terminal. By sending a challenge value to the terminal, the receiving terminal uses the first private key to sign the first signature value after signing the challenge value, the challenge value and the first private key. The corresponding first certificate verifies the legitimacy of the terminal according to the first signature value, the challenge value, and the first certificate, and if it is legal, receives the second public key sent by the terminal, and uses the second Encrypt sensitive data with a public key, and send the encrypted sensitive data to the terminal; wherein the first private key and the second public key are used for signature and encryption of sensitive data respectively, following the principle of uniqueness of key usage , improving the security of sensitive data transmission.

Description

technical field [0001] The invention relates to the field of information security, in particular to a method and terminal for transmitting sensitive data. Background technique [0002] In the electronic payment industry, all online transactions are completed based on the data interaction between the server and the terminal. The data sent by the server to the terminal is often sensitive data, which requires the server to exchange data with the terminal. First, it is necessary to verify the legitimacy of the terminal, that is, the server should only send data to legal terminals, and should not send data to illegal terminals; second, it is necessary to encrypt and protect sensitive data, that is, the transmission of sensitive data must be in ciphertext form, It cannot be transmitted in plain text. How the server transmits sensitive data to the legal terminal usually has the following methods: [0003] Method 1: Using symmetric technology, the server and the legal terminal sha...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/32H04L29/06
CPCH04L9/3247H04L63/0435H04L63/0442
Inventor 万文超洪逸轩
Owner FUJIAN LANDI COMML EQUIP CO LTD