KEY MANAGEMENT METHOD AND SYSTEM

US 20160028539A1
Filed: 01/23/2014
Published: 01/28/2016
Est. Priority Date: 03/15/2013
Status: Active Grant

First Claim

Patent Images

1. A key management method, characterized by comprising:

calling a first hardware and security module to generate a public key Pu and a private key Pr, storing the private key Pr in the first hardware and security module and sending the public key Pu to the security module of the POS terminal, by a MTMS system;

calling the first hardware and security module by the MTMS system and calling the second hardware and security module by a KMS system to respectively combine MTMS access components and KMS access components into a protective key PK and a MAC key MAK in the respective hardware and security module and store the protective key PK and the MAC key MAK in the first hardware and security module and the second hardware and security module;

controlling by the operating terminal to generate a transmission key TK and store the transmission key in the security module of the POS terminal, by an operating terminal, wherein the transmission key TK consists of a transmission encryption key TEK and an authentication key AUK;

encrypting the transmission key TK by using the public key Pu to generate the first transmission key cipher text Ctk_Pu in the security module, by the POS terminal;

sending the first transmission key cipher text Ctk_Pu and the terminal sequence number SN to the MTMS system through the operating terminal by the POS terminal;

storing the received terminal sequence number SN and the first transmission key cipher text Ctk_Pu connectedly in the SN-Key_MTMS database by the MTMS system;

calling the hardware and security module to decrypt the first transmission key cipher text Ctk_Pu by using the private key Pr so as to obtain the transmission key TK, then encrypting the transmission key TK by using the protective key PK and calculating the MAC value by using the MAC key MAK so as to generate the second transmission key cipher text Ctk_Pk by the MTMS system;

sending the terminal sequence number SN and the second transmission key cipher text Ctk_Pk to the KMS system by the MTMS system;

connectedly storing the terminal sequence number SN and the second transmission key cipher text Ctk_Pk sent from the MTMS system in the SN-TK_KMS database by the KMS system;

sending the terminal sequence number SN and a downloading master key application to the KMS system by the POS terminal;

inquiring about the second transmission key cipher text Ctk_Pk corresponding to the terminal sequence number SN by the KMS system after receiving the terminal sequence number and the downloading master key application sent by the POS terminal;

calling the second hardware and security module to verify the MAC validity of the inquired-about second transmission key cipher text Ctk_Pk by using the MAC key MAK, and if the verification is passed, decrypting the second transmission key cipher text Ctk_Pk by using the protective key PK to obtain the transmission key TK, and storing the transmission key in the second hardware and security module, by the KMS system;

calling the second hardware and security module to perform bidirectional authentication by using the authentication key AUK and the POS terminal by the KMS system after obtaining the transmission key TK, and if the authentication is passed, calling the second hardware and security module to encrypt the terminal master key TMK by using the transmission decryption key TEK so as to generate the master key cipher text Ctmk, and sending the master key cipher text to the POS terminal, by the KMS system;

decrypting the master key cipher text Ctmk by using the transmission encryption key TEK to obtain the terminal master key TMK and storing the TMK in the security module, by the POS terminal after receiving the master key cipher text Ctmk sent by the KSM system.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Disclosed are a key management method and system. A master key is remotely downloaded to avoid the problem that the master key is not issued to a merchant until the master key needs be downloaded on a POS terminal, so as to reduce logistics costs and maintenance costs. When a key is remotely downloaded, a KMS system uses a symmetric algorithm to encrypt the key to be transmitted to ensure that the encrypted key can only be decrypted by a corresponding POS terminal, thereby ensuring the security of data transmission. During bidirectional authentication, an application program of the POS terminal can only contact an encrypted text form of the key instead of a plain text key needing to be remotely downloaded to the POS terminal, thereby ensuring security in reproduction.

9 Citations

View as Search Results

10 Claims

1. A key management method, characterized by comprising:
- calling a first hardware and security module to generate a public key Pu and a private key Pr, storing the private key Pr in the first hardware and security module and sending the public key Pu to the security module of the POS terminal, by a MTMS system;
  
  calling the first hardware and security module by the MTMS system and calling the second hardware and security module by a KMS system to respectively combine MTMS access components and KMS access components into a protective key PK and a MAC key MAK in the respective hardware and security module and store the protective key PK and the MAC key MAK in the first hardware and security module and the second hardware and security module;
  
  controlling by the operating terminal to generate a transmission key TK and store the transmission key in the security module of the POS terminal, by an operating terminal, wherein the transmission key TK consists of a transmission encryption key TEK and an authentication key AUK;
  
  encrypting the transmission key TK by using the public key Pu to generate the first transmission key cipher text Ctk_Pu in the security module, by the POS terminal;
  
  sending the first transmission key cipher text Ctk_Pu and the terminal sequence number SN to the MTMS system through the operating terminal by the POS terminal;
  
  storing the received terminal sequence number SN and the first transmission key cipher text Ctk_Pu connectedly in the SN-Key_MTMS database by the MTMS system;
  
  calling the hardware and security module to decrypt the first transmission key cipher text Ctk_Pu by using the private key Pr so as to obtain the transmission key TK, then encrypting the transmission key TK by using the protective key PK and calculating the MAC value by using the MAC key MAK so as to generate the second transmission key cipher text Ctk_Pk by the MTMS system;
  
  sending the terminal sequence number SN and the second transmission key cipher text Ctk_Pk to the KMS system by the MTMS system;
  
  connectedly storing the terminal sequence number SN and the second transmission key cipher text Ctk_Pk sent from the MTMS system in the SN-TK_KMS database by the KMS system;
  
  sending the terminal sequence number SN and a downloading master key application to the KMS system by the POS terminal;
  
  inquiring about the second transmission key cipher text Ctk_Pk corresponding to the terminal sequence number SN by the KMS system after receiving the terminal sequence number and the downloading master key application sent by the POS terminal;
  
  calling the second hardware and security module to verify the MAC validity of the inquired-about second transmission key cipher text Ctk_Pk by using the MAC key MAK, and if the verification is passed, decrypting the second transmission key cipher text Ctk_Pk by using the protective key PK to obtain the transmission key TK, and storing the transmission key in the second hardware and security module, by the KMS system;
  
  calling the second hardware and security module to perform bidirectional authentication by using the authentication key AUK and the POS terminal by the KMS system after obtaining the transmission key TK, and if the authentication is passed, calling the second hardware and security module to encrypt the terminal master key TMK by using the transmission decryption key TEK so as to generate the master key cipher text Ctmk, and sending the master key cipher text to the POS terminal, by the KMS system;
  
  decrypting the master key cipher text Ctmk by using the transmission encryption key TEK to obtain the terminal master key TMK and storing the TMK in the security module, by the POS terminal after receiving the master key cipher text Ctmk sent by the KSM system.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The key management method according to claim 1, characterized in that, the step of “
    - calling the first hardware and security module to generate the public key Pu and the private key Pr, storing the private key Pr in the first hardware and security module and sending the public key Pu to the security module of the POS terminal, via the MTMS system”
      
      specifically comprises;
      
      calling the first hardware and security module to generate the public key Pu and the private key Pr, storing the private key Pr in the first hardware and security module, recording the index number of the private key Pr in the first hardware and security module and sending the public key Pu to the CA center, via the MTMS system;
      
      obtaining the generated working certificate HsmWCRT from the CA center and storing the working certificate in the database via the MTMS system, wherein the working certificate HsmWCRT is generated by signing the public key with the root certificate HsmRCRT;
      
      obtaining the working certificate HsmWCRT from the database of the MTMS system, and sending the working certificate HsmWCRT to the POS terminal, via an operating system;
      
      verifying the validity of the working certificate HsmWCRT by using the root certificate HsmRCRT preloaded in the record, by the POS terminal;
      
      after the verification is passed, extracting the public key Pu and storing the public key Pu in the security module, by the POS terminal.
  - 3. The key management method according to claim 2, characterized in that, the step of “
    - sending the first transmission key cipher text Ctk_Pu and the terminal sequence number SN to the MTMS system through the operating terminal by the POS terminal, and storing the received terminal sequence number SN and the first transmission key cipher text Ctk_Pu connectedly in the SN-Key_MTMS database via the MTMS system”
      
      specifically comprises;
      
      sending the first transmission key cipher text Ctk_Pu and the terminal sequence number SN to the operating terminal, via the POS terminal;
      
      packaging the received first transmission key cipher text Ctk_Pu and the terminal sequence number SN, signing with the operator card, and sending the signed first transmission key cipher text Ctk_Pu and the terminal sequence number SN to the MTMS system via the operating system;
      
      verifying the validity of the signature, and if the signature is valid, connectedly storing the received terminal sequence number SN and the first transmission key cipher text Ctk_pu into the SN-TK_KMS database, via the MTMS system.
  - 4. The key management method according to claim 3, characterized by also comprising the step of extracting the terminal sequence number SN and the first transmission key cipher text Ctk_Pu to be sent from the SN-Key_MTMS database, verifying the validity of the signature, and if the signature is valid, executing the step of calling the hardware and security module to decrypt the first transmission key cipher text Ctk_Pu by using the private key Pr so as to obtain the transmission key TK, via the MTMS system.
  - 5. The key management method according to claim 3, characterized in that, the step of “
    - after obtaining the transmission key TK, calling the second hardware and security module to perform bidirectional authentication by using the authentication key AUK and the POS terminal, via the KMS system”
      
      specifically comprises;
      
      generating a first random number Rnd1 and sending the first random number Rnd1 to the KMS system via the POS terminal;
      
      generating a second random number Rnd2, calling the second hardware and security module to encrypt the first random number by using the authentication key AUK so as to obtain a first random number text Crnd1, and sending the first random number text Crnd1 and the second random number Rnd2 to the POS terminal via the KMS system after receiving the first random number Rnd1;
      
      decrypting the received first random number text Crnd1 by using the authentication key AUK to obtain a third random number Rnd1′
      
      , and judging if the third random number Rnd1′
      
      is consistent with the first random number Rnd1 or not, via the POS terminal;
      
      if the third random number Rnd1′
      
      is consistent with the first random number Rnd1, encrypting the second random number Rnd2 by using the authentication key AUK to generate a second random number text Crnd2, and sending the second random number text Crnd2 to the KMS system via the POS terminal;
      
      decrypting the received second random number text Crnd2 by using the authentication key AUK so as to obtain a fourth random number Rnd2′
      
      , and judging if the fourth random number Rnd′
      
      is consistent with the second random number Rnd2 or not, via the KMS system;
      
      and if the fourth random number Rnd′
      
      is consistent with the second random number Rnd2, confirming the KMS system and the POS terminal pass the authentication.

6. A key management system, comprising a first hardware and security module, a second hardware and security module, an operating terminal, a POS terminal, an MMS system and a KMS system;
- the first hardware and security module used to allow calls by the MTMS system, and the second hardware and security module used to allow calls by the KMS system;
  
  wherein,the MTMS is used for calling a first hardware and security module to generate a public key Pu and a private key Pr, storing the private key Pr in the first hardware and security module and sending the public key Pu to the security module of the POS terminal;
  
  the MTMS system is used for calling the first hardware and security module and the KMS system is used for calling the second hardware and security module to respectively combine MTMS access components and KMS access components into a protective key PK and a MAC key MAK in the respective hardware and security module and store the protective key PK and the MAC key MAK in the first hardware and security module and the second hardware and security module;
  
  the operating system is used for controlling the POS terminal to generate a transmission key TK and store the transmission key in the security module of the POS terminal, wherein the transmission key TK consists of a transmission encryption key TEK and an authentication key AUK;
  
  the POS terminal is used for encrypting the transmission key TK by using the public key Pu in the security module so as to generate the first transmission key cipher text Ctk_Pu, and sending the first transmission key cipher text Ctk_Pu and the terminal sequence number SN to the MTMS system through the operating terminal;
  
  the MTMS system is used for storing the received terminal sequence number SN and the first transmission key cipher text Ctk_Pu connectedly in the SN-Key_MTMS database, and calling the first hardware and security module to decrypt the first transmission key cipher text Ctk_Pu by using the private key Pr so as to obtain the transmission key TK, then encrypting the transmission key TK by using the protective key PK and calculating the MAC value by using the MAC key MAK so as to generate the second transmission key cipher text Ctk_Pk, and sending the terminal sequence number SN and the second transmission key cipher text Ctk_Pk to the KMS system;
  
  the KMS system is used to connectedly store the terminal sequence number SN and the second transmission key cipher text Ctk_pk sent by the MTMS system into the SN-TK_KMS database;
  
  the POS terminal is used to send the terminal sequence number SN and the downloading master key application to the KMS system;
  
  the KMS system is used to inquire about the second transmission key cipher text Ctk_Pk corresponding to the terminal sequence number SN after receiving the terminal sequence number and the downloading master key application sent by the POS terminal;
  
  the KMS system is also used to inquire about the second hardware and security module to verify the MAC validity of the inquired-about second transmission key cipher text Ctk_Pk by using the MAC key MAK, and if the verification is passed, decrypts the second transmission key cipher text Ctk_Pk by using the protective key PK to obtain the transmission key TK, and store the transmission key in the second hardware and security module;
  
  the KMS system is also used for calling the second hardware and security module to perform bidirectional authentication by using the authentication key AUK and the POS terminal, and if the authentication is passed, the KMS system calls the second hardware and security module to encrypt the terminal master key TMK by using the transmission decryption key TEK so as to generate the master key cipher text Ctmk and send the master key cipher text to the POS terminal;
  
  the POS terminal is also used for decrypting the master key cipher text Ctmk by using the transmission encryption key TEK to obtain the terminal master key TMK after receiving the master key cipher text Ctmk sent by the KSM system, and storing the terminal master key TMK in the security module.
- View Dependent Claims (7, 8, 9, 10)
- - 7. A key management system according claim 6, characterized in that, the MTMS system is used for calling the first hardware and security module to generate the public key Pu and the private key Pr, storing the private key Pr in the first hardware and security module, recording the index number of the private key Pr in the first hardware and security module and sending the public key Pu to the CA center by the MTMS system;
    - the MTMS system is also used to obtain the generated working certificate HsmWCRT from the CA center and store the working certificate in the database;
      
      the working certificate HsmWCRT is generated by signing the public key with the root certificate HsmRCRT;
      
      the operating system is used to obtain the working certificate HsmWCRT from the database of the MTMS system, and send the working certificate HsmWCRT to the POS terminal;
      
      the POS terminal is used to verify the validity of the working certificate HsmWCRT by using the root certificate HsmRCRT preloaded in the record, and used to extract the public key Pu after the verification is passed and store the public key Pu in the security module.
  - 8. The key management system according to claim 7, characterized in that,the POS terminal is used to send the first transmission key cipher text Ctk_Pu and the terminal sequence number SN to the operating terminal;
    - the operating system packages the received first transmission key cipher text Ctk_Pu and the terminal sequence number SN, signs with the operator card, and sends the signed first transmission key cipher text Ctk_Pu and the terminal sequence number SN to the MTMS system;
      
      the MTMS system is used to verifies the validity of the signature, and if the signature is valid, connectedly stores the received terminal sequence number SN and the first transmission key cipher text Ctk_pu into the SN-TK_KMS database.
  - 9. The key management system according to claim 8, characterized in that,the MTMS system is used for extracting the terminal sequence number SN and the first transmission key cipher text Ctk_Pu to be sent from the SN-Key_MTMS database, verifying the validity of the signature, and if the signature is valid, and executing the step of calling the hardware and security module by MTMS system to decrypt the first transmission key cipher text Ctk_Pu by using the private key Pr so as to obtain the transmission key TK.
  - 10. The key management system according to claim 8, characterized in that,the POS terminal is used for generating a first random number Rnd1 and sending the first random number Rnd1 to the KMS system;
    - the KMS system is used for generating a second random number Rnd2 receiving the first random number Rnd1, calling the second hardware and security module to encrypt the first random number by using the authentication key AUK so as to obtain a first random number text Crnd1, and sending the first random number text Crnd1 and the second random number Rnd2 to the POS terminal;
      
      the POS terminal is used for decrypting the received first random number text Crnd1 by using the authentication key AUK to obtain a third random number Rnd1′
      
      , and judging if the third random number Rnd1′
      
      is consistent with the first random number Rnd1 or not;
      
      the POS terminal is used for encrypting the second random number Rnd2 by using the authentication key AUK to generate a second random number text Crnd2, and sending the second random number text Crnd2 to the KMS system, when judging that the third random number Rnd1′
      
      is consistent with the first random number Rnd1;
      
      the KMS system is used for decrypting the received second random number text Crnd2 by using the authentication key AUK so as to obtain a fourth random number Rnd2′
      
      , and judging if the fourth random number Rnd′
      
      is consistent with the second random number Rnd2 or not;
      
      and the KMS system is also used for confirming that the KMS system and the POS terminal pass the authentication when judging that the fourth random number Rnd′
      
      is consistent with the second random number Rnd2.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ingenico Technology Company Limited
Original Assignee
Fujian Landi Commercial Equipment Co., Ltd. (Ingenico Group SA)
Inventors
SU, Wenlong, MENG, Luqiang, YAO, Chengyong, CHEN, Ruibing

Granted Patent

US 9,705,672 B2
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 2209/56   Financial cryptography, e.g...

H04L 63/062   for key distribution, e.g. ...

H04L 9/0825   using asymmetric-key encryp...

H04L 9/0836   using tree structure or hie...

H04L 9/0861   Generation of secret inform...

H04L 9/0869   involving random numbers or...

H04L 9/32   including means for verifyi...

H04L 9/3247   involving digital signatures

H04L 9/3265   using certificate chains, t...

KEY MANAGEMENT METHOD AND SYSTEM

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

9 Citations

10 Claims

Specification

Use Cases

Quick Links

Others

KEY MANAGEMENT METHOD AND SYSTEM

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

9 Citations

10 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others