CN103178953A - Secure chip key issuing system and secure chip key issuing method - Google Patents
Secure chip key issuing system and secure chip key issuing method Download PDFInfo
- Publication number
- CN103178953A CN103178953A CN2013100610173A CN201310061017A CN103178953A CN 103178953 A CN103178953 A CN 103178953A CN 2013100610173 A CN2013100610173 A CN 2013100610173A CN 201310061017 A CN201310061017 A CN 201310061017A CN 103178953 A CN103178953 A CN 103178953A
- Authority
- CN
- China
- Prior art keywords
- chip
- key
- keys
- issued
- distribution
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention provides a secure chip key issuing system and a secure chip key issuing method. The system comprises a chip key issuer, a chip key issuing mainframe, a key management server and a cipher machine. A certain improvement is made to the chip key issuer and the cipher machine, namely, in the chip key issuer, a chip key reading-writing mechanism is directly fixed on the chip key issuer, and a chip fixing device is embedded in the chip reading-writing mechanism to enable the chip fixing device to be directly in physical connection with a pin of an issued chip so as to effectively prevent information monitoring and key interception of the chip key issuer from the outside. In the system and the method, a secure chip and the cipher machine of the chip key issuer are supportive of the symmetric encryption technology and the asymmetric encryption technology and have a data encryption and decryption operation function, an SSL (safety session link) is established between the chip key issuer and a server cipher machine by performing session key negotiation through the symmetric encryption technology and the asymmetric encryption technology, and safety of a chip key issuing system is effectively improved.
Description
Technical field
The present invention relates to information security field, be specifically related to a kind of safety-type chip keys publishing system and method thereof.
Background technology
Along with developing rapidly of computer and Internet technology, information security issue becomes increasingly conspicuous, and the encrypted transmission of critical data becomes the most basic means of security protection.Yet the safety of the transmission of data not only depends on cryptographic algorithm, more depends on the safety of encryption key.Because software cryptography exists the poor major defect of secret key safety performance, hardware encipher becomes new selection.At present, various encryption chips go on the market, but in encryption chip, the distribution of the safety of key remains a key issue.Traditional chip keys distribution process is, at first logins PC by the operator and selects business application module according to service needed, then utilizes the various keys of key management software invitation to subscribe.Key plain due to what transmit between PC in the chip keys publishing system and key issuing machine, and between key issuing machine and encryption chip mainly by network service, the assailant is easy to obtain key information by technological means such as eavesdropping, supervision or decodings, has very large potential safety hazard.
For the problems referred to above, the present invention has designed a kind of safer chip keys publishing system and application process thereof, the chip keys publishing system of model safety, and this system mainly comprises the chip keys issuing machine, chip keys distribution main frame, Key Management server and cipher machine; In this system, mainly chip keys issuing machine and cipher machine are made certain improvements, namely in the chip keys issuing machine, the chip keys read write device directly is fixed on the chip keys issuing machine, and chip fixture apparatus is embedded the chip read write device, make it direct and released chip pin physical connection, intercept and capture with the monitoring and the key that effectively prevent outer bound pair card sender information; The safety chip of chip keys issuing machine and cipher machine are supported symmetric cryptosystem and asymmetric encryption techniques and are had the data encrypting and deciphering calculation function, by symmetric cryptosystem and asymmetric encryption techniques consulting session key, set up the SSL secure communications links between chip keys issuing machine and server cipher machine, effectively strengthened the fail safe of chip keys publishing system.
Summary of the invention
In order to solve the safety issue that exists in existing chip keys publishing system, one of purpose of the present invention is to propose a kind of safety-type chip keys publishing system, and this system is achieved by the following technical solution:
A kind of safety-type chip keys publishing system comprises:
The chip keys issuing machine is used for sending key distribution request instruction, writes required all kinds of keys in chip to be issued, with the cipher machine consulting session key;
Chip keys distribution main frame is used for storage key file transfers key and key distribution request instruction, and whether the distribution of control chip key also detects and issue successfully;
Key Management server is used for receiving key distribution request instruction, extracts key and carry out the dispensing tube reason from the key readiness database; And
Cipher machine is used for session key agreement and key is carried out encryption and decryption process.
Its improvements are, described chip keys issuing machine can comprise control unit, performance element, man-machine interaction unit, communication unit and power subsystem, described power subsystem is respectively other each unit power supply, described man-machine interaction unit is used for demonstration key distribution state and sends instruction by communication unit to control unit, and described control unit is controlled the required all kinds of keys of performance element distribution chip according to the instruction of man-machine interaction unit.
Its improvements are, described performance element comprises:
Chip keys distribution indicating mechanism is used for the state that shows that key is issued;
The chip connecting gear is used for transmitting chip extremely chip key read write device to be issued place, and the pin of chip to be issued directly is connected with the chip keys read write device;
The chip keys read write device, be used for will be to be issued key write chip to be issued, and the key distribution result that chip keys is issued Host Detection is sent to the control unit of chip keys issuing machine;
Die grading mechanism is used for issuing successful chip and the failed chip of distribution is deposited respectively; And
Base is used for supporting above-mentioned each mechanism.
Its improvements are, described chip keys distribution indicating mechanism comprises the three kinds of status indicator lamps of red, yellow, and green that are arranged on base side wall, and each status indicator lamp is connected with control unit respectively; During when red, the distribution of expression chip keys stops; When amber light was bright, the distribution of expression chip keys was broken down; When green light was bright, the distribution of expression chip keys was normally carried out.
Its improvements are, described chip connecting gear comprises chip feed mechanism, chip transport sector and chip fixed mechanism; Described chip feed mechanism is sent to chip to be issued on the chip transport sector that is positioned at chip feed mechanism discharging opening below, described chip transport sector reaches chip to be issued on the chip keys read write device, and be fixed by the chip fixed mechanism, the pin of chip to be issued directly is connected with the chip keys read write device.
Its improvements are, described chip feed mechanism can comprise the material pipe that is obliquely installed, and are provided with the convex guide rail of axially arranging along the material pipe in described material pipe, and the top of material pipe is that feeding port, its bottom are discharging opening; Chip to be issued slides to downwards on the chip transport sector along the convex guide rail in the material pipe.
Its improvements are, described chip transport sector can comprise the transmission crawler belt, is positioned at the material-receiving device on the transmission crawler belt and is positioned at the biography conveying pipeline that transmits the laterally inclined setting of crawler belt, be equipped with in described material-receiving device be used to driving chip to be issued and enter the driver that passes conveying pipeline, the convex guide rail that arranges along its axis direction is installed in described biography conveying pipeline, and position, top feeding port, its bottom of passing conveying pipeline are discharging opening; Described material-receiving device receive from the chip feed mechanism send after issuing chip, together by extremely relative with the feeding port that the passes conveying pipeline position of transmission crawler-tread, by driver, chip to be issued is pushed in the biography conveying pipeline, and slides to downwards on the chip fixed mechanism along the convex guide rail that passes in conveying pipeline.
Its improvements are, described chip fixed mechanism comprises the position transducer that is embedded in the chip keys read write device and is installed on positioning element on the chip keys read write device; Described position transducer is used for judging the position of chip to be issued, and passes to control unit, controls positioning element action by this control unit; Described positioning element is used for treating the distribution chip and carries out the crimping location, so that the pin of chip to be issued directly is connected with the chip keys read write device.
Its improvements are, described chip keys read write device can comprise safety chip, and the algorithm of described safety chip support comprises the close SM1 of state and SM2 cryptographic algorithm.
Its improvements are, the algorithm of supporting in described cipher machine comprises the close SM1 of state and SM2 cryptographic algorithm.
Another object of the present invention is to propose a kind of safety-type chip keys distributing method, comprise the steps:
(1) the chip keys issuing machine is issued main frame by chip keys and is sent key distribution request instruction to Key Management server;
(2) Key Management server extracts key ciphertext to be issued from the key readiness database, and passes to cipher machine;
(3) cipher machine is key plain with described key decrypt ciphertext;
(4) store public affairs, private key pair in the chip keys issuing machine, send cipher machine by chip keys distribution main frame with pre-buried symmetric key after with public key encryption;
(5) obtain PKI expressly after the cipher machine deciphering, and produce random number;
(6) after cipher machine is encrypted described random number by the PKI of chip keys issuing machine, issues main frame by chip keys and send to the chip keys issuing machine;
(7) chip keys issuing machine and cipher machine negotiate session key by ssl protocol;
(8) Key Management server calls cipher machine and will issue main frame by chip keys after the key plain of issuing becomes ciphertext through session key and send to the chip keys issuing machine;
(9) the chip keys issuing machine obtains key plain to be issued after with decrypt ciphertext, then this key is write chip to be issued;
(10) whether chip keys distribution Host Detection key is issued successfully, and testing result is passed to the chip keys issuing machine;
(11) after the chip keys issuing machine will be issued successful chip and deposit with the failed sorting chips of distribution, then carry out next round key issuing working.
Compared with prior art, beneficial effect of the present invention is:
(1) in the present invention, the issuing working by chip keys distribution main frame and chip keys issuing machine co-controlling chip keys has the advantages such as simple in structure, easy to operate, that fail safe is high;
(2) in the present invention, the structural design advantages of simple of chip keys issuing machine, the position sensing of this chip fixed mechanism is directly embedded in the chip keys read write device and with positioning element is arranged on the chip keys read write device, both can dwindle the volume of whole system, the pin that can make again chip to be issued directly and the chip fixed mechanism carry out physical connection, can effectively prevent monitoring and the intercepting and capturing of outer bound pair key information;
(3) in the present invention; chip keys issuing machine and cipher machine all support to comprise the close SM1 of state and SM2 DEA in interior several data cryptographic algorithm; both mutually negotiate session key; and write chip by all kinds of key informations of this session key protection, further strengthened the fail safe of chip keys publishing system and method.
(4) in the present invention, the chip keys issuing machine has also been set up man-machine interaction unit, makes chip keys distribution state show more clear intuitively.
(5) in the present invention, the chip keys distributing method is simple to operate, and design cycle is comparatively rigorous, safety, can prevent effectively that key is illegally listened or intercepts and captures.
Description of drawings
Fig. 1 is the structure principle chart of chip keys publishing system of the present invention.
Fig. 2 is the structure principle chart of chip keys issuing machine of the present invention.
Fig. 3 is the structural representation of performance element in chip keys issuing machine of the present invention.
Fig. 4 is the flow chart of chip keys distributing method of the present invention.
Embodiment
Below in conjunction with accompanying drawing, chip keys publishing system of the present invention and method thereof are described in further detail.
As shown in Figure 1, this routine chip keys publishing system comprises the chip keys issuing machine, chip keys distribution main frame, Key Management server and cipher machine.The chip keys issuing machine is mainly used in sending key distribution request instruction, writes required all kinds of keys in chip to be issued, and with the cipher machine consulting session key; On chip keys distribution main frame, the chip keys distributed software is installed, be mainly used in the storage key file, control the keying of the data communication port that is connected with the chip keys issuing machine, transmit key and key distribution solicited message, whether the distribution of control chip key information also detects and issues successfully; Key Management server is mainly used in receiving key distribution solicited message, gets key packet and key is distributed control and management from chip keys distribution main frame; Described cipher machine is mainly used in the key encryption and decryption and processes and session key agreement.
As shown in Figure 2, this routine chip keys issuing machine mainly is made of control unit, performance element, man-machine interaction unit, communication unit and power subsystem.Power subsystem is control unit, performance element, man-machine interaction unit and communication unit power supply; Man-machine interaction unit is used for showing key distribution state and sends instruction by communication unit to control unit; Control unit controls according to the instruction of man-machine interaction unit the issuing working that performance element is carried out chip keys.
Control unit comprises single-chip microcomputer and clock circuit; Single-chip microcomputer is the core component of control unit, and it can be processed data message, sends control command by analyzing backward performance element, man-machine interaction unit and communication unit.Its control program can upgrade by USB interface, infrared interface or GPRS interface.
As shown in Figure 3, this routine performance element mainly comprises chip connecting gear, chip keys read write device, die grading mechanism and base, and in order to show more intuitively key distribution state, this performance element can also comprise chip keys distribution indicating mechanism.
chip keys distribution indicating mechanism is arranged at red on base side wall, yellow, green three kinds of status indicator lamps, the man-machine interaction unit of chip keys issuing machine is connected with control unit respectively with three kinds of status indicator lamps, the corresponding state indicator light that sends respectively man-machine interaction unit and indicating mechanism for the state that chip keys is present to shows, so that the distribution of the understanding chip keys at any time state that operating personnel are convenient, during when red, the distribution of expression chip keys stops, operating personnel can pass through man-machine interaction unit bootrom key issuing working again, when amber light was bright, the distribution of expression chip keys was broken down, and operating personnel can keep in repair by interpersonal interactive unit, when green light was bright, the distribution of expression chip keys was normally carried out, and issuing working is normal.
The chip connecting gear can further comprise chip feed mechanism, chip transport sector and chip fixed mechanism.The chip feed mechanism mainly adopts the material pipe of an inclination, the top of this material pipe is that feeding port, its bottom are discharging opening, " protruding " shape guide rail that axially arranges along the material pipe is installed, so that chip to be issued relies on deadweight to slide on the chip transport sector along convex guide rail in this material inside pipe wall.this routine chip transport sector is to adopt double track chip transport sector shown in Figure 3 to describe as example, this chip transport sector is positioned at the discharging opening below of chip feed mechanism, mainly by the transmission crawler belt, material-receiving device and biography conveying pipeline form, the transmission crawler belt of this chip transport sector can move left and right, a material-receiving device is respectively installed at its left side and middle part, this material-receiving device can adopt slab construction, also can adopt the rectangular configuration of top and a lateral opening, respectively be equipped with one on each material-receiving device and be used for driving the driver that chip to be issued enters the biography conveying pipeline, when moving right along with transmitting crawler belt after issuing the material-receiving device that is positioned at the middle part when discharging opening of chip from the chip feed mechanism skids off to receive this chip, when moving to the feeding port of right side biography conveying pipeline, utilize the driver in this material-receiving device that this chip is pushed in the biography conveying pipeline of right side, the material-receiving device in left side just in time moves on in the middle part of crawler belt simultaneously, receive the next one after issuing chip, along with the transmission crawler belt is moved to the left, when moving on to the feeding port of left side biography conveying pipeline, utilize equally the driver in this material-receiving device that this chip is pushed in the biography conveying pipeline of left side again, left and right side passes conveying pipeline and also adopts the material pipe that is obliquely installed, and " protruding " shape guide rail that axially arranges along transmission material pipe is installed in this material pipe equally, so that chip relies on deadweight to slide on the chip fixed mechanism.The chip fixed mechanism is connected with the chip transport sector, comprise position transducer and positioning element, position transducer can be directly embedded in the chip keys read write device, is mainly used in judging the position of chip to be issued, and send to control unit, control the positioning element action by control unit; Positioning element is mainly used in fixed chip, makes it pin and chip fixed mechanism and directly carries out physical connection; Positioning element can adopt location depression bar or known other structure of those skilled in the art, and an end of this positioning element can be around the axle rotation of being fixed on the chip keys read write device, and its other end is free end, is used for treating the distribution chip and carries out the crimping location; In this example, the position transducer of this chip fixed mechanism is directly embedded in the chip keys read write device and with positioning element is arranged on the chip keys read write device, can prevent effectively that the monitoring of outer bound pair card sender information and key from intercepting and capturing.
The chip keys read write device is connected with the communication port of chip keys distribution main frame, be mainly used in will be to be issued key information (being key plain) be written in chip to be issued, and whether detection chip issue successfully, then testing result passed to the control unit of chip keys issuing machine; Adopt safety chip as the capital equipment that plays function of safety protection in the chip keys read write device, this safety chip is supported the close SM1 of state and SM2 DEA, being mainly used in data encrypting and deciphering reaches and the cipher machine consulting session key, write chip by all kinds of keys of session key protection, and to storing through the key information (being key plain) after authentication or deciphering; What transmit between the chip keys read write device of chip keys distribution main frame and chip keys issuing machine is the key ciphertext, can prevent effectively that key information from being revealed; The chip keys distribution instruction that the chip keys read write device sends is 7816 instructions.
Die grading mechanism mainly comprises the sorting shuttle, and this sorting shuttle is mainly used in the successful chip of distribution and the failed chip of distribution are divided in the different chip memory that opens into additional configuration.
Man-machine interaction unit comprises liquid crystal touch screen; This liquid crystal touch screen is connected with control unit, is used for display chip key distribution state, and when breaking down or can manually controlling or debug the chip keys issuing machine during other situations;
Key Management server is mainly used in the distribution cipher key request information that receiving chip key distribution main frame is sent, and carry out protocol analysis according to request content, key packet is got in the calling data storehouse, call cipher machine and realize the encryption and decryption of user's identity discriminating, key agreement and the transmission of data, and safeguard the needed data messages of chip keys publishing system such as chip keys distribution of information, mission bit stream;
The cipher machine support comprises the close SM1 of state and SM2 DEA in interior multiple encryption algorithms, is mainly used in the function such as data encrypting and deciphering protection, MAC calculating, data check of user's identity discriminating, key agreement, task record.
As shown in Figure 4, the step of this routine chip keys distributing method is as follows:
(1) the chip keys issuing machine is issued main frame by chip keys and is sent key distribution request instruction to Key Management server;
(2) Key Management server extracts key ciphertext to be issued from the key readiness database, and passes to cipher machine;
(3) cipher machine is key plain with described key decrypt ciphertext;
(4) store public affairs, private key pair in the chip keys issuing machine, send cipher machine by chip keys distribution main frame with pre-buried symmetric key after with public key encryption;
(5) obtain PKI expressly after the cipher machine deciphering, and produce random number;
(6) after cipher machine is encrypted described random number by the PKI of chip keys issuing machine, issues main frame by chip keys and send to the chip keys issuing machine;
(7) chip keys issuing machine and cipher machine negotiate session key by ssl protocol, and session key is for adopting the symmetric key of the close SM1 cryptographic algorithm of state;
(8) Key Management server calls cipher machine and will issue main frame by chip keys after the key plain of issuing becomes ciphertext through session key and send to the chip keys issuing machine;
(9) the chip keys issuing machine obtains key plain to be issued after with decrypt ciphertext, then this key is write chip to be issued;
(10) whether chip keys distribution Host Detection key is issued successfully, and testing result is passed to the chip keys issuing machine;
(11) the chip keys issuing machine will be issued successful chip and issue failed sorting chips and deposit, and then carry out the key issuing working of a new round according to actual conditions.
In order to improve the fail safe of key distribution, the key of issuing host stores and transmission by chip keys in this example all adopts key ciphertext form.
In this routine chip keys publishing system, mainly chip keys issuing machine and cipher machine are made certain improvements, namely in the chip keys issuing machine, the chip keys read write device directly is fixed on the chip keys issuing machine, and chip fixture apparatus is embedded the chip read write device, make it direct and released chip pin physical connection, intercept and capture with the monitoring and the key that effectively prevent outer bound pair card sender information; The chip of chip keys issuing machine and cipher machine are supported symmetric cryptosystem and asymmetric encryption techniques and are had the data encrypting and deciphering calculation function, by symmetric cryptosystem and asymmetric encryption techniques consulting session key, set up the SSL secure communications links between chip keys issuing machine and server cipher machine, effectively strengthened the fail safe of chip keys publishing system.
Should be noted that at last: above embodiment is only in order to illustrate that technical scheme of the present invention is not intended to limit, although with reference to above-described embodiment, the present invention is had been described in detail, those of ordinary skill in the field are to be understood that: still can modify or be equal to replacement the specific embodiment of the present invention, and do not break away from any modification of spirit and scope of the invention or be equal to replacement, it all should be encompassed in the middle of claim scope of the present invention.
Claims (11)
1. a safety-type chip keys publishing system, is characterized in that, this system comprises:
The chip keys issuing machine is used for sending key distribution request instruction, writes key in chip to be issued, with the cipher machine consulting session key;
Chip keys distribution main frame is used for the storage key file, transmits key and key distribution request instruction, and whether the distribution of control chip key also detects and issue successfully;
Key Management server is used for receiving key distribution request instruction, extracts key and carry out the dispensing tube reason from the key readiness database; And
Cipher machine is used for session key agreement and key is carried out encryption and decryption process.
2. safety-type chip keys publishing system as claimed in claim 1, it is characterized in that, described chip keys issuing machine comprises control unit, performance element, man-machine interaction unit, communication unit and power subsystem, described power subsystem is respectively other each unit power supply, described man-machine interaction unit is used for demonstration key distribution state and sends instruction by communication unit to control unit, and described control unit is controlled the required all kinds of keys of performance element distribution chip according to the instruction of man-machine interaction unit.
3. safety-type chip keys publishing system as claimed in claim 2, is characterized in that, described performance element comprises:
Chip keys distribution indicating mechanism is used for the state that shows that key is issued;
The chip connecting gear is used for transmitting chip extremely chip key read write device to be issued place, and the pin of chip to be issued directly is connected with the chip keys read write device;
The chip keys read write device, be used for will be to be issued key write chip to be issued, and the key distribution result that chip keys is issued Host Detection is sent to the control unit of chip keys issuing machine;
Die grading mechanism is used for issuing successful chip and the failed chip of distribution is deposited respectively; And
Base is used for supporting above-mentioned each mechanism.
4. safety-type chip keys publishing system as claimed in claim 3, is characterized in that, described chip keys is issued indicating mechanism and comprised the three kinds of status indicator lamps of red, yellow, and green that are arranged on base side wall, and each status indicator lamp is connected with control unit respectively; During when red, the distribution of expression chip keys stops; When amber light was bright, the distribution of expression chip keys was broken down; When green light was bright, the distribution of expression chip keys was normally carried out.
5. safety-type chip keys publishing system as claimed in claim 3, is characterized in that,
Described chip connecting gear comprises chip feed mechanism, chip transport sector and chip fixed mechanism; Described chip feed mechanism is sent to chip to be issued on the chip transport sector that is positioned at chip feed mechanism discharging opening below, described chip transport sector reaches chip to be issued on the chip keys read write device, and be fixed by the chip fixed mechanism, the pin of chip to be issued directly is connected with the chip keys read write device.
6. safety-type chip keys publishing system as claimed in claim 5, is characterized in that,
Described chip feed mechanism comprises the material pipe that is obliquely installed, and is provided with the convex guide rail of axially arranging along the material pipe in described material pipe, and the top of material pipe is that feeding port, its bottom are discharging opening; Chip to be issued slides to downwards on the chip transport sector along the convex guide rail in the material pipe.
7. safety-type chip keys publishing system as claimed in claim 5, is characterized in that,
Described chip transport sector comprises the transmission crawler belt, is positioned at the material-receiving device on the transmission crawler belt and is positioned at the biography conveying pipeline that transmits the laterally inclined setting of crawler belt, be equipped with in described material-receiving device be used to driving chip to be issued and enter the driver that passes conveying pipeline, the convex guide rail that arranges along its axis direction is installed in described biography conveying pipeline, and the top that passes conveying pipeline is that feeding port, its bottom are discharging opening; Described material-receiving device receive from the chip feed mechanism send after issuing chip, together by extremely relative with the feeding port that the passes conveying pipeline position of transmission crawler-tread, by driver, chip to be issued is pushed in the biography conveying pipeline, and slides to downwards on the chip fixed mechanism along the convex guide rail that passes in conveying pipeline.
8. safety-type chip keys publishing system as claimed in claim 5, is characterized in that,
Described chip fixed mechanism comprises the position transducer that is embedded in the chip keys read write device and the positioning element that is installed on the chip keys read write device; Described position transducer is used for judging the position of chip to be issued, and passes to control unit, controls positioning element action by this control unit; Described positioning element is used for treating the distribution chip and carries out the crimping location, so that the pin of chip to be issued directly is connected with the chip keys read write device.
9. safety-type chip keys publishing system as claimed in claim 3, is characterized in that,
Described chip keys read write device comprises safety chip, and the algorithm of described safety chip support comprises the close SM1 of state and SM2 cryptographic algorithm.
10. safety-type chip keys publishing system as claimed in claim 1, is characterized in that,
The algorithm of described cipher machine support comprises the close SM1 of state and SM2 algorithm.
11. a safety-type chip keys distributing method is characterized in that, comprises the steps:
(1) the chip keys issuing machine is issued main frame by chip keys and is sent key distribution request instruction to Key Management server;
(2) Key Management server extracts key ciphertext to be issued from the key readiness database, and passes to cipher machine;
(3) cipher machine is key plain with described key decrypt ciphertext;
(4) store public affairs, private key pair in the chip keys issuing machine, send cipher machine by chip keys distribution main frame with pre-buried symmetric key after with public key encryption;
(5) obtain PKI expressly after the cipher machine deciphering, and produce random number;
(6) after cipher machine is encrypted described random number by the PKI of chip keys issuing machine, issues main frame by chip keys and send to the chip keys issuing machine;
(7) chip keys issuing machine and cipher machine negotiate session key by ssl protocol;
(8) Key Management server calls cipher machine and will issue main frame by chip keys after the key plain of issuing becomes ciphertext through session key and send to the chip keys issuing machine;
(9) the chip keys issuing machine obtains key plain to be issued after with decrypt ciphertext, then this key is write chip to be issued;
(10) whether chip keys distribution Host Detection key is issued successfully, and testing result is passed to the chip keys issuing machine;
(11) after the chip keys issuing machine will be issued successful chip and deposit with the failed sorting chips of distribution, then carry out next round key issuing working.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310061017.3A CN103178953B (en) | 2013-02-27 | 2013-02-27 | A kind of secure chip key issuing system and secure chip key issuing method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310061017.3A CN103178953B (en) | 2013-02-27 | 2013-02-27 | A kind of secure chip key issuing system and secure chip key issuing method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103178953A true CN103178953A (en) | 2013-06-26 |
| CN103178953B CN103178953B (en) | 2016-09-21 |
Family
ID=48638589
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310061017.3A Active CN103178953B (en) | 2013-02-27 | 2013-02-27 | A kind of secure chip key issuing system and secure chip key issuing method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103178953B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107276756A (en) * | 2017-07-27 | 2017-10-20 | 深圳市金立通信设备有限公司 | A kind of method and server for obtaining root key |
| CN108388152A (en) * | 2018-01-05 | 2018-08-10 | 郑州信大捷安信息技术股份有限公司 | A kind of automated production equipment control system and control method for realizing that chip is filling |
| CN111147260A (en) * | 2019-12-26 | 2020-05-12 | 国汽(北京)智能网联汽车研究院有限公司 | Vehicle key generation and distribution method and device |
| CN112436937A (en) * | 2020-11-25 | 2021-03-02 | 公安部交通管理科学研究所 | Radio frequency tag initialization key distribution system and method |
| CN115102700A (en) * | 2022-08-25 | 2022-09-23 | 北京智芯微电子科技有限公司 | Secure communication method, device, chip, electronic equipment and readable storage medium |
| CN116633546A (en) * | 2022-09-15 | 2023-08-22 | 北京市燃气集团有限责任公司 | Intelligent gas meter safety chip issuing system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1954345A (en) * | 2004-05-28 | 2007-04-25 | 国际商业机器公司 | Smart card data transaction system and method for providing storage and transmission security |
| US20090060197A1 (en) * | 2007-08-31 | 2009-03-05 | Exegy Incorporated | Method and Apparatus for Hardware-Accelerated Encryption/Decryption |
| CN102111265A (en) * | 2011-01-13 | 2011-06-29 | 中国电力科学研究院 | Method for encrypting embedded secure access module (ESAM) of power system acquisition terminal |
-
2013
- 2013-02-27 CN CN201310061017.3A patent/CN103178953B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1954345A (en) * | 2004-05-28 | 2007-04-25 | 国际商业机器公司 | Smart card data transaction system and method for providing storage and transmission security |
| US20090060197A1 (en) * | 2007-08-31 | 2009-03-05 | Exegy Incorporated | Method and Apparatus for Hardware-Accelerated Encryption/Decryption |
| CN102111265A (en) * | 2011-01-13 | 2011-06-29 | 中国电力科学研究院 | Method for encrypting embedded secure access module (ESAM) of power system acquisition terminal |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107276756A (en) * | 2017-07-27 | 2017-10-20 | 深圳市金立通信设备有限公司 | A kind of method and server for obtaining root key |
| CN108388152A (en) * | 2018-01-05 | 2018-08-10 | 郑州信大捷安信息技术股份有限公司 | A kind of automated production equipment control system and control method for realizing that chip is filling |
| CN108388152B (en) * | 2018-01-05 | 2019-07-16 | 郑州信大捷安信息技术股份有限公司 | A kind of automated production equipment control system and control method for realizing that chip is filling |
| CN111147260A (en) * | 2019-12-26 | 2020-05-12 | 国汽(北京)智能网联汽车研究院有限公司 | Vehicle key generation and distribution method and device |
| CN111147260B (en) * | 2019-12-26 | 2023-01-20 | 国汽(北京)智能网联汽车研究院有限公司 | Vehicle key generation and issuance method and device |
| CN112436937A (en) * | 2020-11-25 | 2021-03-02 | 公安部交通管理科学研究所 | Radio frequency tag initialization key distribution system and method |
| CN115102700A (en) * | 2022-08-25 | 2022-09-23 | 北京智芯微电子科技有限公司 | Secure communication method, device, chip, electronic equipment and readable storage medium |
| CN116633546A (en) * | 2022-09-15 | 2023-08-22 | 北京市燃气集团有限责任公司 | Intelligent gas meter safety chip issuing system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103178953B (en) | 2016-09-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103714635B (en) | A kind of POS terminal and terminal master key downloading mode collocation method thereof | |
| CN103178953A (en) | Secure chip key issuing system and secure chip key issuing method | |
| CN102479412B (en) | Processing method and system of network invoicing data as well as tax control device and handling server | |
| US20160036793A1 (en) | Key downloading method, management method, downloading management method, device and system | |
| CN101594227B (en) | Methods and devices for data encrypting and decrypting and communication system | |
| CN102118426B (en) | Network security payment terminal and network security payment method thereof | |
| CN105871873A (en) | Security encryption authentication module for power distribution terminal communication and method thereof | |
| CN103873440A (en) | Application program upgrading method and system | |
| CN107180175A (en) | Allocator and dispenser and delivery system | |
| CN104967612A (en) | Data encryption storage method, server and system | |
| CN105574445A (en) | Safety communication method and device for self-service terminal equipment hardware | |
| CN101741823B (en) | Cross-validation safety communication method and system | |
| CN109257347A (en) | Communication means and relevant apparatus, storage medium suitable for data interaction between bank | |
| CN107493189A (en) | A kind of remote failure processing method and system | |
| CN104506497A (en) | Information issuing method and system | |
| EP3816952A1 (en) | Dual device point of sale system using short-range wireless connection | |
| CN108667820B (en) | Shared electronic whiteboard encryption method, system, electronic equipment and storage medium | |
| CN203166950U (en) | Safety chip key issuing system | |
| CN108111546A (en) | A kind of document transmission method and system | |
| CN106452752A (en) | Method and system of modifying cipher, client, server and smart device | |
| CN102360407A (en) | Communication method for mobile phone and computer | |
| CN109981530A (en) | A kind of server based on digital certificate is made out an invoice authorization management method and system | |
| CN110460562A (en) | A kind of long-range Activiation method of POS terminal and system | |
| CN105120425A (en) | M2M identification method and apparatus, internet of things terminal and M2M identification system | |
| CN113407931A (en) | Password management method and device and input terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |