CN113793149A - Off-line transaction authentication system and method, central server and client - Google Patents
Off-line transaction authentication system and method, central server and client Download PDFInfo
- Publication number
- CN113793149A CN113793149A CN202111086449.0A CN202111086449A CN113793149A CN 113793149 A CN113793149 A CN 113793149A CN 202111086449 A CN202111086449 A CN 202111086449A CN 113793149 A CN113793149 A CN 113793149A
- Authority
- CN
- China
- Prior art keywords
- client
- ticket
- electronic cash
- central server
- transaction
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3829—Payment protocols; Details thereof insuring higher security of transaction involving key management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3821—Electronic credentials
- G06Q20/38215—Use of certificates or encrypted proofs of transaction rights
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3825—Use of electronic signatures
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Computer Security & Cryptography (AREA)
- Finance (AREA)
- Strategic Management (AREA)
- Physics & Mathematics (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Theoretical Computer Science (AREA)
- Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)
Abstract
The invention discloses an off-line transaction authentication system and method, a central server and a client, which are applied to the field of finance, wherein the method comprises the following steps: a first client sends a request to a central server; the central server determines the ticket amount according to the request of the first client; integrating the ticket amount, the serial number of the electronic cash ticket, the ticket information and the electronic signature of the central server to obtain the electronic cash ticket; the method comprises the steps that a first client and a second client perform off-line transaction to generate a transaction running water, the transaction running water is encrypted by using a private key of the first client to obtain a transaction running water ciphertext, and the transaction running water ciphertext are written into an electronic cash ticket of the first client; and the second client uses the second client electronic signature to replace the first client electronic signature to obtain a second client electronic cash voucher so as to realize off-line transaction authentication. The invention can realize that the transaction link can not be forged and falsified, thereby meeting the transaction safety requirement under the high-risk and high-value transaction situation.
Description
Technical Field
The invention relates to the field of finance, in particular to an off-line transaction authentication system and method, a central server and a client.
Background
This section is intended to provide a background or context to the embodiments of the invention that are recited in the claims. The description herein is not admitted to be prior art by inclusion in this section.
With the development of technology, the application of information systems in the fields of electronic payment, bill transaction and commodity transaction is gradually deepened. However, the operation of the transaction system mostly depends on the network, and in some off-line scenarios (network connection cannot be performed), the general information system cannot provide services.
The off-line trading scene needs to be carried out by using electronic equipment under the condition of no internet connection, for example, existing applications such as a meal card swiping, a shopping card swiping, an off-line cash voucher verification and the like can adopt an off-line trading system without encryption or simple encryption, but the off-line trading system is not high in safety, can only be applied to limited fields, and cannot be applied to business scenes with high risk and high safety requirements, such as bill trading, securities trading, large-amount commodity trading and the like. In addition, the general security authentication system needs online verification, such as an online transaction system, a blockchain system, etc., but the blockchain system is also built on the basis that most nodes are always online to work normally. Therefore, the traditional transaction authentication mode can not meet the security requirement and is easy to be attacked and forged.
Disclosure of Invention
The embodiment of the invention provides an off-line transaction authentication system, which is used for solving the problem that the traditional transaction authentication mode can not meet the transaction safety requirement under the high-risk and high-value situation, and comprises the following components:
the system comprises a central server, a first client and a second client;
the central server is used for: determining the amount of the ticket according to the request of the first client; generating an electronic cash coupon serial number and a plaintext password; encrypting the ticket amount and the serial number of the electronic cash ticket by using a private key of the central server to obtain ticket information; encrypting a plaintext password by using a private key of the central server to generate an electronic signature of the central server; integrating the ticket amount, the serial number of the electronic cash ticket, the ticket information and the electronic signature of the central server to obtain the electronic cash ticket; generating a certificate by using a private key of a central server; sending the electronic cash ticket and the certificate to the first client;
the first client is used for: sending a request to a central server; receiving an electronic cash ticket and a certificate; decrypting the electronic signature of the central server in the electronic cash voucher according to the public key of the central server to obtain a plaintext password, and encrypting the plaintext password by using a private key of a first client to generate a first client electronic signature; replacing a central server electronic signature in the electronic cash ticket with the first client electronic signature to obtain a first client electronic cash ticket; performing offline transaction with a second client to generate a transaction flow, encrypting the transaction flow by using a private key of a first client to obtain a transaction flow ciphertext, writing the transaction flow and the transaction flow ciphertext into a first client electronic cash coupon, and sending the first client electronic cash coupon and a certificate to the second client;
the second client is used for: verifying that the certificate of the first client is legal by using the public key of the central server; decrypting the certificate of the first client by using the public key of the central server, and verifying the identity of the first client to be correct; verifying the first client-side electronic cash voucher to be true by using the central server public key based on the voucher information, the ticket amount and the electronic cash voucher serial number in the first client-side electronic cash voucher; verifying that the transaction flow in the electronic cash ticket of the first client is correct by using the public key of the first client; decrypting a first client electronic signature in the first client electronic cash voucher by using a public key of the first client to obtain a plaintext password, and encrypting the plaintext password by using a second client private key to generate a second client electronic signature; and replacing the first client electronic signature with the second client electronic signature to obtain a second client electronic cash voucher and realize off-line transaction authentication.
The embodiment of the invention provides an off-line transaction authentication method, which is used for solving the problem that the traditional transaction authentication mode can not meet the transaction security requirement under the high-risk and high-value situation, and comprises the following steps:
a first client sends a request to a central server;
the central server determines the ticket amount according to the request of the first client; generating an electronic cash coupon serial number and a plaintext password; encrypting the ticket amount and the serial number of the electronic cash ticket by using a private key of the central server to obtain ticket information; encrypting a plaintext password by using a private key of the central server to generate an electronic signature of the central server; integrating the ticket amount, the serial number of the electronic cash ticket, the ticket information and the electronic signature of the central server to obtain the electronic cash ticket; generating a certificate by using a private key of a central server; sending the electronic cash ticket and the certificate to the first client;
the first client receives the electronic cash ticket and the certificate; decrypting the electronic signature of the central server in the electronic cash voucher according to the public key of the central server to obtain a plaintext password, and encrypting the plaintext password by using a private key of a first client to generate a first client electronic signature; replacing a central server electronic signature in the electronic cash ticket with the first client electronic signature to obtain a first client electronic cash ticket; performing offline transaction with a second client to generate a transaction flow, encrypting the transaction flow by using a private key of a first client to obtain a transaction flow ciphertext, writing the transaction flow and the transaction flow ciphertext into a first client electronic cash coupon, and sending the first client electronic cash coupon and a certificate to the second client;
the second client side verifies that the certificate of the first client side is legal by using the public key of the central server; decrypting the certificate of the first client by using the public key of the central server, and verifying the identity of the first client to be correct; verifying the first client-side electronic cash voucher to be true by using the central server public key based on the voucher information, the ticket amount and the electronic cash voucher serial number in the first client-side electronic cash voucher; verifying that the transaction flow in the electronic cash ticket of the first client is correct by using the public key of the first client; decrypting a first client electronic signature in the first client electronic cash voucher by using a public key of the first client to obtain a plaintext password, and encrypting the plaintext password by using a second client private key to generate a second client electronic signature; and replacing the first client electronic signature with the second client electronic signature to obtain a second client electronic cash voucher and realize off-line transaction authentication.
The embodiment of the invention provides an off-line transaction authentication method, which is used for solving the problem that the traditional transaction authentication mode can not meet the transaction security requirement under the high-risk and high-value situation, and comprises the following steps:
determining the amount of the ticket according to the request of the first client;
generating an electronic cash coupon serial number and a plaintext password;
encrypting the ticket amount and the serial number of the electronic cash ticket by using a private key of the central server to obtain ticket information;
encrypting a plaintext password by using a private key of the central server to generate an electronic signature of the central server;
integrating the ticket amount, the serial number of the electronic cash ticket, the ticket information and the electronic signature of the central server to obtain the electronic cash ticket;
generating a certificate by using a private key of a central server;
the electronic cash ticket and the certificate are sent to the first client.
The embodiment of the invention provides an off-line transaction authentication method, which is used for solving the problem that the traditional transaction authentication mode can not meet the transaction security requirement under the high-risk and high-value situation, and comprises the following steps:
sending a request to a central server;
receiving an electronic cash ticket and a certificate;
decrypting the electronic signature of the central server in the electronic cash voucher according to the public key of the central server to obtain a plaintext password, and encrypting the plaintext password by using a private key of a first client to generate a first client electronic signature;
replacing a central server electronic signature in the electronic cash ticket with the first client electronic signature to obtain a first client electronic cash ticket;
and the second client performs off-line transaction to generate a transaction flow, the transaction flow is encrypted by using a private key of the first client to obtain a transaction flow ciphertext, the transaction flow and the transaction flow ciphertext are written into the first client electronic cash voucher, and the first client electronic cash voucher and the certificate are sent to the second client.
The embodiment of the invention provides an off-line transaction authentication method, which is used for solving the problem that the traditional transaction authentication mode can not meet the transaction security requirement under the high-risk and high-value situation, and comprises the following steps:
verifying that the certificate of the first client is legal by using the public key of the central server;
decrypting the certificate of the first client by using the public key of the central server, and verifying the identity of the first client to be correct;
verifying the first client-side electronic cash voucher to be true by using the central server public key based on the voucher information, the ticket amount and the electronic cash voucher serial number in the first client-side electronic cash voucher;
verifying that the transaction flow in the electronic cash ticket of the first client is correct by using the public key of the first client;
decrypting a first client electronic signature in the first client electronic cash voucher by using a public key of the first client to obtain a plaintext password, and encrypting the plaintext password by using a second client private key to generate a second client electronic signature;
and replacing the first client electronic signature with the second client electronic signature to obtain a second client electronic cash voucher and realize off-line transaction authentication.
The embodiment of the invention provides a central server, which is used for solving the problem that the traditional transaction authentication mode can not meet the transaction safety requirement under the high-risk high-value situation, and comprises the following components:
the amount generation module is used for determining the amount of the ticket according to the request of the first client;
the serial number password generating module is used for generating an electronic cash coupon serial number and a plaintext password;
the encryption module is used for encrypting the ticket amount and the serial number of the electronic cash ticket by using a private key of the central server to obtain ticket information;
the signature module is used for encrypting the plaintext password by using a private key of the central server to generate an electronic signature of the central server;
the integration module is used for integrating the ticket amount, the serial number of the electronic cash ticket, the ticket information and the electronic signature of the central server to obtain the electronic cash ticket;
the certificate generation module is used for generating a certificate by using a private key of the central server;
and the sending module is used for sending the electronic cash voucher and the certificate to the first client.
The embodiment of the invention provides a first client, which is used for solving the problem that the traditional transaction authentication mode cannot meet the transaction security requirement under the high-risk high-value situation, and comprises the following components:
the request sending module is used for sending a request to the central server;
a receiving module for receiving the electronic cash ticket and the certificate;
the first client signature module is used for decrypting the electronic signature of the central server in the electronic cash ticket according to the public key of the central server to obtain a plaintext password, and encrypting the plaintext password by using a first client private key to generate a first client electronic signature;
the first exchange module is used for replacing the electronic signature of the central server in the electronic cash ticket with the electronic signature of the first client to obtain the electronic cash ticket of the first client;
the transaction pipelining module performs offline transaction with the second client to generate a transaction pipelining, encrypts the transaction pipelining by using a private key of the first client to obtain a transaction pipelining ciphertext, writes the transaction pipelining and the transaction pipelining ciphertext into the first client electronic cash coupon, and sends the first client electronic cash coupon and the certificate to the second client.
The embodiment of the invention provides a second client, which is used for solving the problem that the traditional transaction authentication mode cannot meet the transaction security requirement under the high-risk high-value situation, and comprises the following components:
the certificate verifying module is used for verifying that the certificate of the first client side is legal by using the public key of the central server;
the first client identity verification module decrypts the certificate of the first client by using the public key of the central server to verify the identity of the first client to be correct;
the verification first client-side electronic cash ticket module is used for verifying the first client-side electronic cash ticket to be true based on the ticket information, the ticket amount and the electronic cash ticket serial number in the first client-side electronic cash ticket by using the central server public key;
the verification transaction flow module is used for verifying the correct transaction flow in the electronic cash voucher of the first client by using the public key of the first client;
the second client-side signature module is used for decrypting a first client-side electronic signature in the first client-side electronic cash voucher by using the public key of the first client-side to obtain a plaintext password, and encrypting the plaintext password by using a second client-side private key to generate a second client-side electronic signature;
and the second signature changing module is used for replacing the electronic signature of the first client by the electronic signature of the second client to obtain the electronic cash voucher of the second client and realize off-line transaction authentication.
The embodiment of the invention also provides computer equipment which comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, wherein the processor realizes the offline transaction authentication method when executing the computer program.
An embodiment of the present invention further provides a computer-readable storage medium, where a computer program for executing the offline transaction authentication method is stored in the computer-readable storage medium.
In the embodiment of the invention, the electronic signature technology is adopted, the central server generates the ticket face basic information, the chain encryption transaction flow technology is used, any client cannot delete and modify the prior transaction flow, the server public key is used for encryption, and the ownership is determined by the double encryption technology of client private key encryption.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts. In the drawings:
FIG. 1 is a schematic diagram of an offline transaction authentication system according to an embodiment of the present invention;
FIG. 2 is a diagram illustrating a central server according to an embodiment of the present invention;
FIG. 3 is a diagram illustrating an embodiment of a central server according to the present invention;
FIG. 4 is a diagram illustrating a first client according to an embodiment of the present invention;
FIG. 5 is a diagram illustrating a second client according to an embodiment of the present invention;
FIG. 6 is a flowchart of an off-line transaction authentication method according to an embodiment of the present invention;
FIG. 7 is a flowchart of an off-line transaction authentication method according to an embodiment of the present invention;
FIG. 8 is a flowchart of an off-line transaction authentication method according to an embodiment of the present invention;
FIG. 9 is a flowchart of an off-line transaction authentication method according to an embodiment of the invention;
FIG. 10 is a flowchart of an off-line transaction authentication method according to an embodiment of the invention;
FIG. 11 is a general flowchart of an off-line transaction authentication method according to an embodiment of the invention;
fig. 12 is a diagram illustrating an electronic cash ticket data structure according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the embodiments of the present invention are further described in detail below with reference to the accompanying drawings. The exemplary embodiments and descriptions of the present invention are provided to explain the present invention, but not to limit the present invention.
Interpretation of terms:
asymmetric encryption: asymmetric encryption algorithms require two keys, a public key and a private key. The public key and the private key are a pair, and if data is encrypted by the public key, the data can be decrypted only by the corresponding private key. The basic process of realizing confidential information exchange by the asymmetric encryption algorithm is as follows: the first party generates a pair of secret keys and discloses the public keys, and other roles (the second party) needing to send information to the first party encrypt the confidential information by using the secret keys (the public keys of the first party) and then send the encrypted confidential information to the first party; the first party decrypts the encrypted information by using the private key of the first party. The method is characterized in that when the party A wants to reply to the party B, the opposite is true, the public key of the party B is used for encrypting data, and similarly, the party B uses the private key of the party B for decrypting.
Electronic signature: a piece of information is encrypted using a private key. This information can be decrypted by the public key. Since the public key is available to the public, the encrypted information can be decrypted and read by all people, but cannot be generated by others. This technique is commonly used for authentication in networks.
Digital certificate: authenticating the identity of a public key holder to prevent impersonation by a third party typically involves: a public key; holder information; information of a Certificate Authority (CA); the CA digitally signs the file and the algorithm used; a certificate validity period; there is some other additional information.
An embodiment of the present invention provides an offline transaction authentication system, fig. 1 is a schematic diagram of an offline transaction authentication system in an embodiment of the present invention, and as shown in fig. 1, the system may include:
a central server 101, a first client 102 and a second client 103;
the central server is used for 101: determining the amount of the ticket according to the request of the first client; generating an electronic cash coupon serial number and a plaintext password; encrypting the ticket amount and the serial number of the electronic cash ticket by using a private key of the central server to obtain ticket information; encrypting a plaintext password by using a private key of the central server to generate an electronic signature of the central server; integrating the ticket amount, the serial number of the electronic cash ticket, the ticket information and the electronic signature of the central server to obtain the electronic cash ticket; generating a certificate by using a private key of a central server; sending the electronic cash ticket and the certificate to the first client;
the first client 102 is configured to: sending a request to a central server; receiving an electronic cash ticket and a certificate; decrypting the electronic signature of the central server in the electronic cash voucher according to the public key of the central server to obtain a plaintext password, and encrypting the plaintext password by using a private key of a first client to generate a first client electronic signature; replacing a central server electronic signature in the electronic cash ticket with the first client electronic signature to obtain a first client electronic cash ticket; performing offline transaction with a second client to generate a transaction flow, encrypting the transaction flow by using a private key of a first client to obtain a transaction flow ciphertext, writing the transaction flow and the transaction flow ciphertext into a first client electronic cash coupon, and sending the first client electronic cash coupon and a certificate to the second client;
the second client 103 is configured to: verifying that the certificate of the first client is legal by using the public key of the central server; decrypting the certificate of the first client by using the public key of the central server, and verifying the identity of the first client to be correct; verifying the first client-side electronic cash voucher to be true by using the central server public key based on the voucher information, the ticket amount and the electronic cash voucher serial number in the first client-side electronic cash voucher; verifying that the transaction flow in the electronic cash ticket of the first client is correct by using the public key of the first client; decrypting a first client electronic signature in the first client electronic cash voucher by using a public key of the first client to obtain a plaintext password, and encrypting the plaintext password by using a second client private key to generate a second client electronic signature; and replacing the first client electronic signature with the second client electronic signature to obtain a second client electronic cash voucher and realize off-line transaction authentication.
Specifically, for convenience of process description, a first client and a second client are provided, and functions of the first client and the second client may exist in one client, and different functions are executed when performing offline transactions.
In the embodiment of the invention, the electronic signature technology is adopted, the central server generates the ticket face basic information, the chain encryption transaction flow technology is used, any client cannot delete and modify the previous transaction flow, the server public key is used for encryption, and the ownership is determined by the double encryption technology of client private key encryption, so that the transaction safety requirement can be met under the high-risk high-value transaction situation.
According to the off-line transaction authentication system provided by the embodiment of the invention, the central server accords with the relevant standard of the hardware encryption machine, can provide the functions of standard symmetric encryption and decryption, asymmetric encryption and decryption and signature verification, and can generate the relevant certificate file.
In one embodiment, determining the fare amount based on the request of the first client may include: the first client may comprise a first mobile phone of the first user, and the central server may comprise a bank server, and the nominal amount is determined according to a request of the first mobile phone, for example, the bank server determines the nominal amount to be 1000 yuan according to the request of the first mobile phone.
In one embodiment, generating an electronic cash ticket serial number and a plain text password may comprise: the central server randomly generates an electronic cash ticket serial number 001 and a plain text password 666.
In one embodiment, encrypting the ticket amount and the electronic cash ticket serial number using the central server private key to obtain the ticket information may include: the central server uses the private key of the central server to encrypt the ticket amount of 1000 yuan and the serial number 001 of the electronic cash voucher, and the encrypted ticket amount of 1000 yuan and the encrypted serial number 001 of the electronic cash voucher are voucher information.
In one embodiment, encrypting the plaintext cipher using the central server private key, generating the central server electronic signature may comprise: the clear text password 666 is encrypted using the central server private key to generate the central server electronic signature.
In one embodiment, integrating the ticket amount, the electronic cash ticket serial number, the ticket information and the central server electronic signature to obtain the electronic cash ticket may include: and integrating the ticket amount of 1000 yuan, the serial number 001 of the electronic cash ticket, the encrypted ticket amount of 1000 yuan, the encrypted serial number 001 of the electronic cash ticket and the electronic signature of the central server to obtain the electronic cash ticket.
In one embodiment, the certificate is generated using a central server private key; transmitting the electronic cash ticket and the certificate to the first client may include: generating a certificate through OpenSSL (Open Secure Sockets Layer) by using a private key of a central server; the electronic cash ticket and the certificate are sent to the first mobile phone.
In one embodiment, sending the request to the central server may include: before off-line transaction, the first mobile phone generates an electronic cash coupon requesting 1000 yuan according to the information that the amount of money input by the first user is 1000 yuan, and sends the electronic cash coupon to the central server.
In one embodiment, an electronic cash ticket and a certificate are received; decrypting the electronic signature of the center server in the electronic cash ticket according to the public key of the center server to obtain a plaintext password, encrypting the plaintext password by using the private key of the first client, and generating the electronic signature of the first client may include: the first mobile phone receives the electronic cash voucher and the certificate sent by the bank server; the first mobile phone decrypts the electronic signature of the central server in the electronic cash ticket according to the public key of the central server to obtain a plaintext password 666, and encrypts the plaintext password 666 by using the first mobile phone private key to generate a first mobile phone electronic signature.
In one embodiment, replacing the central server electronic signature in the electronic cash ticket with the first client electronic signature, the obtaining the first client electronic cash ticket may include: and replacing the electronic signature of the central server in the electronic cash ticket by using the first mobile phone electronic signature to obtain the electronic cash ticket with the electronic signature of the first mobile phone, namely the first client-side electronic cash ticket.
In one embodiment, performing an offline transaction with the second client to generate a transaction flow, encrypting the transaction flow using a private key of the first client to obtain a transaction flow ciphertext, writing the transaction flow and the transaction flow ciphertext into the first client electronic cash ticket, and sending the first client electronic cash ticket and the certificate to the second client may include: the method comprises the steps that a first mobile phone and a second mobile phone carry out off-line transaction, the first mobile phone generates a transaction flow, the transaction flow content can include that two transaction parties are the first mobile phone and the second mobile phone, the transaction flow is encrypted by using a private key of the first mobile phone, the encrypted transaction flow is obtained, namely a transaction flow ciphertext, the transaction flow and the transaction flow ciphertext are written into a first mobile phone electronic cash coupon, the first mobile phone electronic cash coupon comprises the transaction flow and the transaction flow ciphertext, and a certificate transmitted to the first mobile phone by the first mobile phone electronic cash coupon and a bank server is sent to the second mobile phone.
In one embodiment, verifying that the certificate of the first client is legitimate using the central server public key may comprise: the second mobile phone uses the bank server public key to verify whether the certificate sent by the first mobile phone is issued by the bank server, i.e. whether it is legal.
In order to further improve the humanized design of the offline transaction, the second client 103 may specifically be configured to: decrypting the certificate of the first client by using the public key of the central server to obtain a certificate certification authority of the first client, and decrypting the certificate of the second client by using the public key of the central server to obtain a certificate certification authority of the second client; comparing the certificate authority of the first client with the certificate authority of the second client; if the comparison is consistent, the certificate of the first client side is legal; if the comparison is inconsistent, the certificate of the first client is illegal, and the user is prompted that the certificate is wrong and the transaction is ended.
In one embodiment, decrypting the certificate of the first client using the central server public key, verifying that the first client identity is correct may comprise: the second mobile phone uses the public key of the bank server to decrypt whether the holder information included in the certificate sent by the first mobile phone is the first mobile phone or not so as to verify whether the identity of the first mobile phone is correct or not.
In order to further improve the humanized design of the offline transaction, the second client 103 may specifically be configured to: decrypting the certificate of the first client by using the public key of the central server to obtain the holder information; comparing the holder information with first client identity information, wherein the first client electronic cash ticket comprises the first client identity information; if the comparison is consistent, the first client identity is correct; and if the comparison is inconsistent, the first client identity is incorrect, and the user is prompted that the first client identity is wrong and the transaction is ended.
In one embodiment, verifying the first client-side electronic cash ticket as genuine using the central server public key based on the ticket information, the ticket amount, and the electronic cash ticket serial number in the first client-side electronic cash ticket may include: the second mobile phone uses the public key of the bank server to decrypt the ticket information in the first mobile phone electronic cash ticket, the decrypted ticket information is compared with the ticket amount and the serial number of the electronic cash ticket, and the verification result shows that the first mobile phone electronic cash ticket is true.
In order to further improve the humanized design of the offline transaction, the second client 103 may specifically be configured to: decrypting the ticket information in the electronic cash ticket of the first client by using the public key of the central server to obtain the decrypted ticket amount and the serial number of the electronic cash ticket, and comparing the decrypted ticket amount and the serial number of the electronic cash ticket with the ticket amount and the serial number of the electronic cash ticket in the electronic cash ticket of the first client to check the ticket information; if the comparison is consistent, the electronic cash coupon of the first client side is true; and if the comparison is inconsistent, the electronic cash voucher of the first client side is false, and the user is prompted that the electronic cash voucher is wrong and the transaction is ended.
In one embodiment, verifying that the transaction flow in the first client electronic cash ticket is correct using the public key of the first client may include: and the second mobile phone decrypts the transaction running ciphertext in the electronic cash ticket of the first mobile phone by using the public key of the first mobile phone, and then the transaction running ciphertext is compared with the transaction running ciphertext to be consistent, and the verification result is that the transaction running is correct.
In order to further improve the humanized design of the offline transaction, the second client 103 may specifically be configured to: verifying the transaction flow ciphertext by using the public key of the first client to obtain the decrypted transaction flow; comparing the decrypted transaction flow with the transaction flow; if the comparison is consistent, the transaction flow is correct; if the comparison is inconsistent, the transaction flow is incorrect, and the user is prompted that the transaction flow is wrong and the transaction is ended.
In one embodiment, decrypting the first client electronic signature in the first client electronic cash ticket using the public key of the first client to obtain a plaintext password, encrypting the plaintext password using the second client private key to generate the second client electronic signature may include: the second mobile phone decrypts the first mobile phone electronic signature in the first mobile phone electronic cash ticket by using the public key of the first mobile phone to obtain a plaintext password 666, and encrypts the plaintext password 666 by using the private key of the second mobile phone to generate the second mobile phone electronic signature.
In one embodiment, replacing the first client electronic signature with the second client electronic signature to obtain a second client electronic cash ticket, and implementing offline transaction authentication may include: and the second mobile phone uses the second mobile phone electronic signature to replace the first mobile phone electronic signature in the first mobile phone electronic cash ticket to obtain the second mobile phone electronic cash ticket, and the transaction from the first mobile phone to the second mobile phone is completed at the moment to realize the off-line transaction authentication.
To further improve the security of the transaction and enable online verification of the offline transaction, the central server 101 may further be configured to: receiving an electronic cash voucher authenticity verification request sent by a second client, wherein the electronic cash voucher authenticity verification request comprises an electronic cash voucher of the second client; decrypting the ticket information in the electronic cash ticket of the second client by using the public key to obtain the decrypted ticket amount and the serial number of the electronic cash ticket, and comparing the decrypted ticket amount and the serial number of the electronic cash ticket with the ticket amount and the serial number of the electronic cash ticket in the electronic cash ticket of the second client to check whether the ticket information is correct; decrypting the transaction running ciphertext in the electronic cash ticket of the second client by using the public key of the first client to obtain a decrypted transaction running, and comparing the decrypted transaction running with the transaction running in the electronic cash ticket to verify whether the transaction running is correct or not; and decrypting a second client electronic signature in the second client electronic cash voucher by using the second client public key to obtain a plaintext password of the second client, and comparing the plaintext password of the second client with the plaintext password generated by the central server to verify the second client electronic signature.
An embodiment of the present invention provides a central server, fig. 2 is a schematic diagram of a central server in an embodiment of the present invention, and as shown in fig. 2, the central server may include:
the amount generation module 201 is configured to determine a nominal amount according to a request of the first client;
a serial number password generating module 202 for generating an electronic cash ticket serial number and a plaintext password;
the encryption module 203 is used for encrypting the ticket amount and the serial number of the electronic cash ticket by using a private key of the central server to obtain ticket information;
the signature module 204 is configured to encrypt a plaintext password using a private key of the center server to generate an electronic signature of the center server;
an integration module 205, configured to integrate the ticket amount, the serial number of the electronic cash ticket, the ticket information, and the electronic signature of the central server to obtain the electronic cash ticket;
a certificate generation module 206, configured to generate a certificate using a central server private key;
a sending module 207, configured to send the electronic cash ticket and the certificate to the first client.
An embodiment of a central server is provided in the embodiment of the present invention, fig. 3 is a schematic diagram of an embodiment of a central server in the embodiment of the present invention, and as shown in fig. 3, the central server may further include:
a receiving module 301, configured to receive an electronic cash voucher authenticity verification request sent by a second client, where the electronic cash voucher authenticity verification request includes an electronic cash voucher of the second client;
the ticket information verification module 302 is used for decrypting the ticket information in the electronic cash ticket of the second client by using the public key to obtain the decrypted ticket amount and the electronic cash ticket serial number, and comparing the decrypted ticket amount and the electronic cash ticket serial number with the ticket amount and the electronic cash ticket serial number in the electronic cash ticket of the second client to verify whether the ticket information is correct;
the transaction running verification module 303 is configured to decrypt the transaction running ciphertext in the electronic cash ticket of the second client by using the first client public key to obtain a decrypted transaction running, and compare the decrypted transaction running with the transaction running in the electronic cash ticket to verify whether the transaction running is correct;
the second client verification module 304 is configured to decrypt the second client electronic signature in the second client electronic cash ticket by using the second client public key to obtain a plaintext password of the second client, and perform second client electronic signature verification by using a comparison between the plaintext password of the second client and the plaintext password generated by the central server.
Fig. 4 is a schematic diagram of a first client according to an embodiment of the present invention, and as shown in fig. 4, the first client may include:
a request sending module 401, configured to send a request to a central server;
a receiving module 402 for receiving an electronic cash ticket and a certificate;
the first client signature module 403 is configured to decrypt, according to the public key of the central server, the electronic signature of the central server in the electronic cash ticket to obtain a plaintext password, encrypt the plaintext password using a first client private key, and generate a first client electronic signature;
a first trade-off module 404, configured to replace a central server electronic signature in the electronic cash ticket with a first client electronic signature, so as to obtain a first client electronic cash ticket;
the transaction flow module 405 performs offline transaction with the second client to generate a transaction flow, encrypts the transaction flow by using a private key of the first client to obtain a transaction flow ciphertext, writes the transaction flow and the transaction flow ciphertext into the first client electronic cash ticket, and sends the first client electronic cash ticket and the certificate to the second client.
A second client is provided in the embodiment of the present invention, fig. 5 is a schematic diagram of a second client in the embodiment of the present invention, and as shown in fig. 5, the second client may include:
a certificate verification module 501, configured to verify that the certificate of the first client is legal by using the public key of the central server;
a verify first client identity module 502, which uses the central server public key to decrypt the certificate of the first client and verify that the identity of the first client is correct;
a verify first client-side electronic cash ticket module 503 for verifying the first client-side electronic cash ticket as true based on the ticket information, the ticket amount and the electronic cash ticket serial number in the first client-side electronic cash ticket by using the central server public key;
a verification transaction flow module 504, configured to verify that the flow of transactions in the electronic cash ticket of the first client is correct by using the public key of the first client;
the second client signature module 505 is configured to decrypt the first client electronic signature in the first client electronic cash ticket using the public key of the first client to obtain a plaintext password, encrypt the plaintext password using the second client private key, and generate a second client electronic signature;
and the second signature changing module 506 is used for replacing the first client electronic signature with the second client electronic signature to obtain a second client electronic cash voucher so as to realize offline transaction authentication.
In an embodiment, the certificate verification module 501 may be specifically configured to:
decrypting the certificate of the first client by using the public key of the central server to obtain a certificate certification authority of the first client, and decrypting the certificate of the second client by using the public key of the central server to obtain a certificate certification authority of the second client; comparing the certificate authority of the first client with the certificate authority of the second client; if the comparison is consistent, the certificate of the first client side is legal; if the comparison is inconsistent, the certificate of the first client is illegal, and the user is prompted that the certificate is wrong and the transaction is ended.
In an embodiment, the first client identity module 502 may be specifically configured to:
decrypting the certificate of the first client by using the public key of the central server to obtain the holder information; comparing the holder information with first client identity information, wherein the first client electronic cash ticket comprises the first client identity information; if the comparison is consistent, the first client identity is correct; and if the comparison is inconsistent, the first client identity is incorrect, and the user is prompted that the first client identity is wrong and the transaction is ended.
In an embodiment, the verifying the first client-side electronic cash ticket module 503 may be specifically configured to:
decrypting the ticket information in the electronic cash ticket of the first client by using the public key of the central server to obtain the decrypted ticket amount and the serial number of the electronic cash ticket, and comparing the decrypted ticket amount and the serial number of the electronic cash ticket with the ticket amount and the serial number of the electronic cash ticket in the electronic cash ticket of the first client to check the ticket information; if the comparison is consistent, the electronic cash coupon of the first client side is true; and if the comparison is inconsistent, the electronic cash voucher of the first client side is false, and the user is prompted that the electronic cash voucher is wrong and the transaction is ended.
In an embodiment, the verification transaction pipelining module 504 may be specifically configured to:
verifying the transaction flow ciphertext by using the public key of the first client to obtain the decrypted transaction flow; comparing the decrypted transaction flow with the transaction flow; if the comparison is consistent, the transaction flow is correct; if the comparison is inconsistent, the transaction flow is incorrect, and the user is prompted that the transaction flow is wrong and the transaction is ended.
An embodiment of the present invention provides an offline transaction authentication method, fig. 6 is a flowchart of an offline transaction authentication method in an embodiment of the present invention, and as shown in fig. 6, the offline transaction authentication method may include:
601, the first client sends a request to a central server;
An embodiment of an offline transaction authentication method is provided in the embodiment of the present invention, fig. 7 is a flowchart of an embodiment of an offline transaction authentication method in the embodiment of the present invention, and as shown in fig. 7, the offline transaction authentication method may include:
and step 704, the central server decrypts the electronic signature of the second client by using the public key of the second client to obtain the plaintext password of the second client, and the plaintext password of the second client is compared with the plaintext password generated by the central server to verify the electronic signature of the second client.
An embodiment of the present invention provides an offline transaction authentication method, fig. 8 is a flowchart of an offline transaction authentication method in an embodiment of the present invention, and as shown in fig. 8, the offline transaction authentication method may include:
An embodiment of the present invention provides an offline transaction authentication method, fig. 9 is a flowchart of an offline transaction authentication method in an embodiment of the present invention, and as shown in fig. 9, the offline transaction authentication method may include:
and 905, performing off-line transaction with the second client to generate a transaction flow, encrypting the transaction flow by using a private key of the first client to obtain a transaction flow ciphertext, writing the transaction flow and the transaction flow ciphertext into the first client electronic cash ticket, and sending the first client electronic cash ticket and the certificate to the second client.
An embodiment of the present invention provides an offline transaction authentication method, fig. 10 is a flowchart of an offline transaction authentication method in an embodiment of the present invention, and as shown in fig. 10, the offline transaction authentication method may include:
and 1006, replacing the first client electronic signature with the second client electronic signature to obtain a second client electronic cash voucher, and realizing the offline transaction authentication.
In one embodiment, the step 1001 may include the steps of:
decrypting the certificate of the first client by using the public key of the central server to obtain a certificate certification authority of the first client, and decrypting the certificate of the second client by using the public key of the central server to obtain a certificate certification authority of the second client;
comparing the certificate authority of the first client with the certificate authority of the second client;
if the comparison is consistent, the certificate of the first client side is legal;
if the comparison is inconsistent, the certificate of the first client is illegal, and the user is prompted that the certificate is wrong and the transaction is ended.
In one embodiment, the step 1002 may include the following steps:
decrypting the certificate of the first client by using the public key of the central server to obtain the holder information;
comparing the holder information with first client identity information, wherein the first client electronic cash ticket comprises the first client identity information;
if the comparison is consistent, the first client identity is correct;
and if the comparison is inconsistent, the first client identity is incorrect, and the user is prompted that the first client identity is wrong and the transaction is ended.
In one embodiment, the step 1003 may include the following steps:
decrypting the ticket information in the electronic cash ticket of the first client by using the public key of the central server to obtain the decrypted ticket amount and the serial number of the electronic cash ticket, and comparing the decrypted ticket amount and the serial number of the electronic cash ticket with the ticket amount and the serial number of the electronic cash ticket in the electronic cash ticket of the first client to check the ticket information;
if the comparison is consistent, the electronic cash coupon of the first client side is true;
and if the comparison is inconsistent, the electronic cash voucher of the first client side is false, and the user is prompted that the electronic cash voucher is wrong and the transaction is ended.
In one embodiment, the step 1004 may include the following steps:
verifying the transaction flow ciphertext by using the public key of the first client to obtain the decrypted transaction flow;
comparing the decrypted transaction flow with the transaction flow;
if the comparison is consistent, the transaction flow is correct;
if the comparison is inconsistent, the transaction flow is incorrect, and the user is prompted that the transaction flow is wrong and the transaction is ended.
Fig. 11 is a general flowchart of an offline transaction authentication method according to an embodiment of the present invention, as shown in fig. 11, the general flowchart includes:
firstly, a system basic process:
1. the system has a central server, the server stores its own public key PubKey-center and private key PrintKey-center, and the server stores the public keys PubKey-x of all users at the same time. The client A, B, C is a registered client, and A has a public and private key PubKey-A, PriKey-A. B has a public and private key PubKey-B, PriKey-B. C has a public and private key PubKey-C, PriKey-C. Public key PubKey-center of each client simultaneous storage server
2. Customer a has an electronic cash voucher with 1000 yuan of denomination, which is issued directly by the central system. As shown in fig. 12, the electronic cash ticket data structure contains the following information: the method comprises the steps of firstly, the ticket amount is 1000 yuan Balance (1000), secondly, the electronic Signature-center of a central server, thirdly, the electronic cash ticket serial number SerialNo, fourthly, the electronic Signature-A of a current owner (A client), sixth, the ticket information Sec-center (Balance (1000) + SerialNo) encrypted by a central private key and other related information.
Second, transaction process I (a pays 1000 dollars in full to B):
and 1, the B user verifies the public key certificate and the electronic signature of the A user. The B-user verifies that the a-user certificate is legitimate (the confirmation certificate is issued by the central server) using the central public key PubKey-center. And verifying that the identity of the user A is correct.
And 2, verifying the authenticity of the bill by the user B. The user B decrypts the ticket information Sec-center (Balance (1000) + SerialNo) using the central public key, and the obtained amount and the ticket serial number are matched with the plain text, and the authenticity verification is passed.
And 3.A user generates a transaction pipeline Tran (A- > B). And encrypts the content using the private key of a, generating a transaction stream Sec-a (Tran (a- > B)). B uses the public key of A to verify that the transaction is correct.
And 4, the user B uses the public key of the user A to remove the electronic Signature Signature-A, and then signs the electronic Signature Signature-B for the received electronic cash coupon.
Third, transaction process II (B pays 500 yuan to C)
And 1, the C user verifies the public key certificate and the electronic signature of the B user. The C user verifies that the B user certificate is valid (the confirmation certificate is issued by the central server) using the central public key PubKey-center. And verifying the identity of the user B to be correct.
And 2, verifying the authenticity of the bill by the user C. And C, the user decrypts the ticket information Sec-center (Balance (1000) + SerialNo) by using the central public key, and the obtained sum and the ticket serial number are consistent with the plaintext, so that the authenticity verification is passed.
And 3.B, generating a transaction pipeline Tran (B- > C) by the user B. And encrypts the content using the private key of B, generating transaction stream Sec-B (Tran (B- > C)).
B user is Tran (A- > B), Tran (B- > C), Sec-A (Tran (A- > B)), and Sec-B (Tran (B- > C)). And C, verifying the last transaction flow to be correct by using the public key of B.
And 5, the C user uses the public key of the B to remove the electronic Signature Signature-B, and then signs the received electronic cash coupon Signature-C.
Fourth, online verification process I (B user online verification true and false)
And the user B can verify the authenticity of the remaining 500-element electronic cash ticket after connecting the network. At this time, the cash ticket owned by the user B includes the following information: initial ticket information Sec-center (Balance (1000) + SerialNo); clear text transaction pipeline Tran (A- > B); ciphertext trade pipelining Sec-A (Tran (A- > B)); b own electronic Signature Signature-B.
2. After receiving the verification request, the central server first checks the initial ticket information Sec-center (Balance (1000) + SerialNo), which is an electronic cash ticket with the denomination of 1000 yuan issued to a by the central system.
3. The central server verifies the transaction pipeline Tran (A- > B) and decrypts Sec-A (Tran (A- > B)) using A's public key. The coincidence of the two shows that A pays 500 yuan to B by using the cash ticket.
4. The central server verifies Signature-B and confirms that the 500 yuan is owned by B.
5. After the verification is completed, the central server determines that the transaction is valid, and then the subsequent operation can be completed (500 yuan can be transferred from the real account A to the real account B).
Fifth, online verification process II (C user online verification true and false)
And 1.C, the user can verify the authenticity of the 500-element electronic cash coupon in hand after connecting the network. At this time, the cash ticket of the user C contains the following information: initial ticket information Sec-center (Balance (1000) + SerialNo); clear text transaction streamTran (A- > B) and Tran (B- > C); ciphertext trading pipelining Sec-A (Tran (A- > B)), Sec-B (Tran (B- > C)); c own electronic Signature Signature-C.
2. After receiving the verification request, the central server first checks the initial ticket information Sec-center (Balance (1000) + SerialNo), which is an electronic cash ticket with the denomination of 1000 yuan issued to a by the central system.
3. The central server verifies the transaction pipeline Tran (A- > B) and simultaneously decrypts Sec-A (Tran (A- > B)) by using the public key of A, and the coincidence of the two results shows that A pays 500 yuan to B by using the cash ticket. And (5) verifying Tran (B- > C) again, and decrypting Sec-B (Tran (B- > C)) by using the public key of B, wherein the two are consistent, namely B pays 500 yuan to C by using the cash ticket.
4. The central server verifies Signature-C and confirms that the 500 yuan is owned by C.
5. After the verification is completed, the central server determines that the transaction is valid, and then the subsequent operation can be completed (500 yuan can be divided from the real account A to the real account B).
Sixth, anti-counterfeiting mechanism design
1. Initial ticket information Sec-center (Balance (1000) + SerialNo). The plaintext content is the initial denomination + random sequence number. This information is encrypted using the private key of the central server. Anyone can read the plaintext content using the central server's public key, but cannot forge the encrypted data (since the private key used for encryption is owned only by the central server).
2. And (4) a digital signature file. The server randomly generates a plaintext password SignPassWord-P and stores the plaintext password SignPassWord-P in the server database, and then the server public key is used for encrypting the password to generate an encrypted password SignPassWord-E. A uses private key to sign the encrypted code SignPassWord-E to form Signature-A. When the instrument is transacted to B or C, B and C can use the original owner's public key to obtain SignPassWord-P, and then encrypt with their own private key to obtain ownership. When verification is needed, the server can obtain SignPassWord-E by using the public key of the final owner X, then uses the private key of the server to solve the SignPassWord-P, and finally verifies that the signature is valid, wherein X is the legal owner of the ticket.
3.A chained transaction record.
The first flow is Tran (A- > B) and contains information such as time and amount of transaction. When the private key of A is used for encryption, the hash code of Tran (A- > B) and initial ticket information Sec-center (Balance (1000) + SerialNo) needs to be packed and encrypted. Namely Sec-A (Tran (A- > B)) -Sec-A (Tran (A- > B) + Hash (Sec-center (Balance (1000) + SerialNo))).
The second transaction flow is Tran (B- > C), and the hash codes of Tran (B- > C) and Sec-A (Tran (A- > B)) need to be packaged and encrypted by using the private key of B during encryption.
Namely Sec-B (Tran (B- > C)) ═ Sec-B (Tran (B- > C) + Hash (Sec-A (Tran (A- > B))).
It can be seen that each ring in the chain encryption structure contains the numerical index information of the previous ring. The design ensures that a trader in each trading link can only verify that the trading information in the link is correct, but cannot change the previous trading and only can really transmit the information. The central server, by having the public keys of all clients, can verify the authenticity of all transactions from back to front (the central server can only verify the authenticity of all transactions and cannot deny or modify any ring of transactions as well). If any user tampers with the data in the whole transaction chain, the central server can also find the user according to the process of the decryption chain.
The embodiment of the invention also provides computer equipment which comprises a memory, a processor and a computer program which is stored on the memory and can run on the processor, wherein the processor realizes the offline transaction authentication method when executing the computer program.
An embodiment of the present invention further provides a computer-readable storage medium, where a computer program for executing the offline transaction authentication method is stored in the computer-readable storage medium.
In the embodiment of the invention, the electronic signature technology is adopted, the central server generates the ticket face basic information, the chain encryption transaction flow technology is used, any client cannot delete and modify the prior transaction flow, the server public key is used for encryption, and the ownership is determined by the double encryption technology of client private key encryption.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above-mentioned embodiments are intended to illustrate the objects, technical solutions and advantages of the present invention in further detail, and it should be understood that the above-mentioned embodiments are only exemplary embodiments of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.
Claims (25)
1. An offline transaction authentication system, comprising: the system comprises a central server, a first client and a second client;
the central server is used for: determining the amount of the ticket according to the request of the first client; generating an electronic cash coupon serial number and a plaintext password; encrypting the ticket amount and the serial number of the electronic cash ticket by using a private key of the central server to obtain ticket information; encrypting a plaintext password by using a private key of the central server to generate an electronic signature of the central server; integrating the ticket amount, the serial number of the electronic cash ticket, the ticket information and the electronic signature of the central server to obtain the electronic cash ticket; generating a certificate by using a private key of a central server; sending the electronic cash ticket and the certificate to the first client;
the first client is used for: sending a request to a central server; receiving an electronic cash ticket and a certificate; decrypting the electronic signature of the central server in the electronic cash voucher according to the public key of the central server to obtain a plaintext password, and encrypting the plaintext password by using a private key of a first client to generate a first client electronic signature; replacing a central server electronic signature in the electronic cash ticket with the first client electronic signature to obtain a first client electronic cash ticket; performing offline transaction with a second client to generate a transaction flow, encrypting the transaction flow by using a private key of a first client to obtain a transaction flow ciphertext, writing the transaction flow and the transaction flow ciphertext into a first client electronic cash coupon, and sending the first client electronic cash coupon and a certificate to the second client;
the second client is used for: verifying that the certificate of the first client is legal by using the public key of the central server; decrypting the certificate of the first client by using the public key of the central server, and verifying the identity of the first client to be correct; verifying the first client-side electronic cash voucher to be true by using the central server public key based on the voucher information, the ticket amount and the electronic cash voucher serial number in the first client-side electronic cash voucher; verifying that the transaction flow in the electronic cash ticket of the first client is correct by using the public key of the first client; decrypting a first client electronic signature in the first client electronic cash voucher by using a public key of the first client to obtain a plaintext password, and encrypting the plaintext password by using a second client private key to generate a second client electronic signature; and replacing the first client electronic signature with the second client electronic signature to obtain a second client electronic cash voucher and realize off-line transaction authentication.
2. The system of claim 1, wherein the central server is further configured to:
receiving an electronic cash voucher authenticity verification request sent by a second client, wherein the electronic cash voucher authenticity verification request comprises an electronic cash voucher of the second client;
decrypting the ticket information in the electronic cash ticket of the second client by using the public key to obtain the decrypted ticket amount and the serial number of the electronic cash ticket, and comparing the decrypted ticket amount and the serial number of the electronic cash ticket with the ticket amount and the serial number of the electronic cash ticket in the electronic cash ticket of the second client to check whether the ticket information is correct;
decrypting the transaction running ciphertext in the electronic cash ticket of the second client by using the public key of the first client to obtain a decrypted transaction running, and comparing the decrypted transaction running with the transaction running in the electronic cash ticket to verify whether the transaction running is correct or not;
and decrypting a second client electronic signature in the second client electronic cash voucher by using the second client public key to obtain a plaintext password of the second client, and comparing the plaintext password of the second client with the plaintext password generated by the central server to verify the second client electronic signature.
3. The system of claim 1, wherein the second client is specifically configured to:
decrypting the certificate of the first client by using the public key of the central server to obtain a certificate certification authority of the first client, and decrypting the certificate of the second client by using the public key of the central server to obtain a certificate certification authority of the second client;
comparing the certificate authority of the first client with the certificate authority of the second client;
if the comparison is consistent, the certificate of the first client side is legal;
if the comparison is inconsistent, the certificate of the first client is illegal, and the user is prompted that the certificate is wrong and the transaction is ended.
4. The system of claim 1, wherein the second client is specifically configured to:
decrypting the certificate of the first client by using the public key of the central server to obtain the holder information;
comparing the holder information with first client identity information, wherein the first client electronic cash ticket comprises the first client identity information;
if the comparison is consistent, the first client identity is correct;
and if the comparison is inconsistent, the first client identity is incorrect, and the user is prompted that the first client identity is wrong and the transaction is ended.
5. The system of claim 1, wherein the second client is specifically configured to:
decrypting the ticket information in the electronic cash ticket of the first client by using the public key of the central server to obtain the decrypted ticket amount and the serial number of the electronic cash ticket, and comparing the decrypted ticket amount and the serial number of the electronic cash ticket with the ticket amount and the serial number of the electronic cash ticket in the electronic cash ticket of the first client to check the ticket information;
if the comparison is consistent, the electronic cash coupon of the first client side is true;
and if the comparison is inconsistent, the electronic cash voucher of the first client side is false, and the user is prompted that the electronic cash voucher is wrong and the transaction is ended.
6. The system of claim 1, wherein the second client is further to:
verifying the transaction flow ciphertext by using the public key of the first client to obtain the decrypted transaction flow;
comparing the decrypted transaction flow with the transaction flow;
if the comparison is consistent, the transaction flow is correct;
if the comparison is inconsistent, the transaction flow is incorrect, and the user is prompted that the transaction flow is wrong and the transaction is ended.
7. A central server, characterized in that the central server comprises:
the amount generation module is used for determining the amount of the ticket according to the request of the first client;
the serial number password generating module is used for generating an electronic cash coupon serial number and a plaintext password;
the encryption module is used for encrypting the ticket amount and the serial number of the electronic cash ticket by using a private key of the central server to obtain ticket information;
the signature module is used for encrypting the plaintext password by using a private key of the central server to generate an electronic signature of the central server;
the integration module is used for integrating the ticket amount, the serial number of the electronic cash ticket, the ticket information and the electronic signature of the central server to obtain the electronic cash ticket;
the certificate generation module is used for generating a certificate by using a private key of the central server;
and the sending module is used for sending the electronic cash voucher and the certificate to the first client.
8. The central server of claim 7, further comprising:
the receiving module is used for receiving an electronic cash voucher authenticity verification request sent by a second client, wherein the electronic cash voucher authenticity verification request comprises an electronic cash voucher of the second client;
the ticket information verification module is used for decrypting the ticket information in the electronic cash ticket of the second client by using the public key to obtain the decrypted ticket amount and the electronic cash ticket serial number, and comparing the decrypted ticket amount and the electronic cash ticket serial number with the ticket amount and the electronic cash ticket serial number in the electronic cash ticket of the second client to verify whether the ticket information is correct or not;
the transaction running verification module is used for decrypting the transaction running ciphertext in the electronic cash ticket of the second client by using the first client public key to obtain a decrypted transaction running, and comparing the decrypted transaction running with the transaction running in the electronic cash ticket to verify whether the transaction running is correct or not;
and the second client verification module is used for decrypting a second client electronic signature in the second client electronic cash voucher by using the second client public key to obtain a plaintext password of the second client, and performing second client electronic signature verification by comparing the plaintext password of the second client with the plaintext password generated by the central server.
9. A first client, comprising:
the request sending module is used for sending a request to the central server;
a receiving module for receiving the electronic cash ticket and the certificate;
the first client signature module is used for decrypting the electronic signature of the central server in the electronic cash ticket according to the public key of the central server to obtain a plaintext password, and encrypting the plaintext password by using a first client private key to generate a first client electronic signature;
the first exchange module is used for replacing the electronic signature of the central server in the electronic cash ticket with the electronic signature of the first client to obtain the electronic cash ticket of the first client;
the transaction pipelining module performs offline transaction with the second client to generate a transaction pipelining, encrypts the transaction pipelining by using a private key of the first client to obtain a transaction pipelining ciphertext, writes the transaction pipelining and the transaction pipelining ciphertext into the first client electronic cash coupon, and sends the first client electronic cash coupon and the certificate to the second client.
10. A second client, comprising:
the certificate verifying module is used for verifying that the certificate of the first client side is legal by using the public key of the central server;
the first client identity verification module decrypts the certificate of the first client by using the public key of the central server to verify the identity of the first client to be correct;
the verification first client-side electronic cash ticket module is used for verifying the first client-side electronic cash ticket to be true based on the ticket information, the ticket amount and the electronic cash ticket serial number in the first client-side electronic cash ticket by using the central server public key;
the verification transaction flow module is used for verifying the correct transaction flow in the electronic cash voucher of the first client by using the public key of the first client;
the second client-side signature module is used for decrypting a first client-side electronic signature in the first client-side electronic cash voucher by using the public key of the first client-side to obtain a plaintext password, and encrypting the plaintext password by using a second client-side private key to generate a second client-side electronic signature;
and the second signature changing module is used for replacing the electronic signature of the first client by the electronic signature of the second client to obtain the electronic cash voucher of the second client and realize off-line transaction authentication.
11. The second client of claim 10, wherein the certificate of authenticity module is specifically configured to:
decrypting the certificate of the first client by using the public key of the central server to obtain a certificate certification authority of the first client, and decrypting the certificate of the second client by using the public key of the central server to obtain a certificate certification authority of the second client;
comparing the certificate authority of the first client with the certificate authority of the second client;
if the comparison is consistent, the certificate of the first client side is legal;
if the comparison is inconsistent, the certificate of the first client is illegal, and the user is prompted that the certificate is wrong and the transaction is ended.
12. The second client of claim 10, wherein the verify-first-client identity module is specifically configured to:
decrypting the certificate of the first client by using the public key of the central server to obtain the holder information;
comparing the holder information with first client identity information, wherein the first client electronic cash ticket comprises the first client identity information;
if the comparison is consistent, the first client identity is correct;
and if the comparison is inconsistent, the first client identity is incorrect, and the user is prompted that the first client identity is wrong and the transaction is ended.
13. The second client of claim 10, wherein the validate first client electronic cash-ticket module is specifically configured to:
decrypting the ticket information in the electronic cash ticket of the first client by using the public key of the central server to obtain the decrypted ticket amount and the serial number of the electronic cash ticket, and comparing the decrypted ticket amount and the serial number of the electronic cash ticket with the ticket amount and the serial number of the electronic cash ticket in the electronic cash ticket of the first client to check the ticket information;
if the comparison is consistent, the electronic cash coupon of the first client side is true;
and if the comparison is inconsistent, the electronic cash voucher of the first client side is false, and the user is prompted that the electronic cash voucher is wrong and the transaction is ended.
14. The second client of claim 10, wherein the validate transaction flow module is specifically configured to:
verifying the transaction flow ciphertext by using the public key of the first client to obtain the decrypted transaction flow;
comparing the decrypted transaction flow with the transaction flow;
if the comparison is consistent, the transaction flow is correct;
if the comparison is inconsistent, the transaction flow is incorrect, and the user is prompted that the transaction flow is wrong and the transaction is ended.
15. An off-line transaction authentication method, comprising:
a first client sends a request to a central server;
the central server determines the ticket amount according to the request of the first client; generating an electronic cash coupon serial number and a plaintext password; encrypting the ticket amount and the serial number of the electronic cash ticket by using a private key of the central server to obtain ticket information; encrypting a plaintext password by using a private key of the central server to generate an electronic signature of the central server; integrating the ticket amount, the serial number of the electronic cash ticket, the ticket information and the electronic signature of the central server to obtain the electronic cash ticket; generating a certificate by using a private key of a central server; sending the electronic cash ticket and the certificate to the first client;
the first client receives the electronic cash ticket and the certificate; decrypting the electronic signature of the central server in the electronic cash voucher according to the public key of the central server to obtain a plaintext password, and encrypting the plaintext password by using a private key of a first client to generate a first client electronic signature; replacing a central server electronic signature in the electronic cash ticket with the first client electronic signature to obtain a first client electronic cash ticket; performing offline transaction with a second client to generate a transaction flow, encrypting the transaction flow by using a private key of a first client to obtain a transaction flow ciphertext, writing the transaction flow and the transaction flow ciphertext into a first client electronic cash coupon, and sending the first client electronic cash coupon and a certificate to the second client;
the second client side verifies that the certificate of the first client side is legal by using the public key of the central server; decrypting the certificate of the first client by using the public key of the central server, and verifying the identity of the first client to be correct; verifying the first client-side electronic cash voucher to be true by using the central server public key based on the voucher information, the ticket amount and the electronic cash voucher serial number in the first client-side electronic cash voucher; verifying that the transaction flow in the electronic cash ticket of the first client is correct by using the public key of the first client; decrypting a first client electronic signature in the first client electronic cash voucher by using a public key of the first client to obtain a plaintext password, and encrypting the plaintext password by using a second client private key to generate a second client electronic signature; and replacing the first client electronic signature with the second client electronic signature to obtain a second client electronic cash voucher and realize off-line transaction authentication.
16. The method of claim 15, further comprising:
the center server receives an electronic cash voucher authenticity verification request sent by a second client, wherein the electronic cash voucher authenticity verification request comprises an electronic cash voucher of the second client;
the central server decrypts the ticket information in the electronic cash ticket of the second client by using the public key to obtain the decrypted ticket amount and the serial number of the electronic cash ticket, and compares the decrypted ticket amount and the serial number of the electronic cash ticket with the ticket amount and the serial number of the electronic cash ticket in the electronic cash ticket of the second client to check whether the ticket information is correct or not;
the central server decrypts the transaction running ciphertext in the electronic cash voucher of the second client by using the first client public key to obtain the decrypted transaction running, and compares the decrypted transaction running with the transaction running in the electronic cash voucher to verify whether the transaction running is correct or not;
and the central server decrypts the electronic signature of the second client by using the public key of the second client to obtain the plaintext password of the second client, and compares the plaintext password of the second client with the plaintext password generated by the central server to verify the electronic signature of the second client.
17. An off-line transaction authentication method, comprising:
determining the amount of the ticket according to the request of the first client;
generating an electronic cash coupon serial number and a plaintext password;
encrypting the ticket amount and the serial number of the electronic cash ticket by using a private key of the central server to obtain ticket information;
encrypting a plaintext password by using a private key of the central server to generate an electronic signature of the central server;
integrating the ticket amount, the serial number of the electronic cash ticket, the ticket information and the electronic signature of the central server to obtain the electronic cash ticket;
generating a certificate by using a private key of a central server;
the electronic cash ticket and the certificate are sent to the first client.
18. An off-line transaction authentication method, comprising:
sending a request to a central server;
receiving an electronic cash ticket and a certificate;
decrypting the electronic signature of the central server in the electronic cash voucher according to the public key of the central server to obtain a plaintext password, and encrypting the plaintext password by using a private key of a first client to generate a first client electronic signature;
replacing a central server electronic signature in the electronic cash ticket with the first client electronic signature to obtain a first client electronic cash ticket;
and the second client performs off-line transaction to generate a transaction flow, the transaction flow is encrypted by using a private key of the first client to obtain a transaction flow ciphertext, the transaction flow and the transaction flow ciphertext are written into the first client electronic cash voucher, and the first client electronic cash voucher and the certificate are sent to the second client.
19. An off-line transaction authentication method, comprising:
verifying that the certificate of the first client is legal by using the public key of the central server;
decrypting the certificate of the first client by using the public key of the central server, and verifying the identity of the first client to be correct;
verifying the first client-side electronic cash voucher to be true by using the central server public key based on the voucher information, the ticket amount and the electronic cash voucher serial number in the first client-side electronic cash voucher;
verifying that the transaction flow in the electronic cash ticket of the first client is correct by using the public key of the first client;
decrypting a first client electronic signature in the first client electronic cash voucher by using a public key of the first client to obtain a plaintext password, and encrypting the plaintext password by using a second client private key to generate a second client electronic signature;
and replacing the first client electronic signature with the second client electronic signature to obtain a second client electronic cash voucher and realize off-line transaction authentication.
20. The method of claim 19, wherein verifying that the certificate of the first client is legitimate using the central server public key comprises:
decrypting the certificate of the first client by using the public key of the central server to obtain a certificate certification authority of the first client, and decrypting the certificate of the second client by using the public key of the central server to obtain a certificate certification authority of the second client;
comparing the certificate authority of the first client with the certificate authority of the second client;
if the comparison is consistent, the certificate of the first client side is legal;
if the comparison is inconsistent, the certificate of the first client is illegal, and the user is prompted that the certificate is wrong and the transaction is ended.
21. The method of claim 19, wherein verifying the client electronic signature using the public key of the first client verifies that the first client identity is correct comprises:
decrypting the certificate of the first client by using the public key of the central server to obtain the holder information;
comparing the holder information with first client identity information, wherein the first client electronic cash ticket comprises the first client identity information;
if the comparison is consistent, the first client identity is correct;
and if the comparison is inconsistent, the first client identity is incorrect, and the user is prompted that the first client identity is wrong and the transaction is ended.
22. The method of claim 19, wherein verifying the first client-side electronic cash ticket as authentic using the central server public key based on the ticket information, the ticket amount, and the electronic cash ticket serial number comprises:
decrypting the ticket information in the electronic cash ticket of the first client by using the public key of the central server to obtain the decrypted ticket amount and the serial number of the electronic cash ticket, and comparing the decrypted ticket amount and the serial number of the electronic cash ticket with the ticket amount and the serial number of the electronic cash ticket in the electronic cash ticket of the first client to check the ticket information;
if the comparison is consistent, the electronic cash coupon of the first client side is true;
and if the comparison is inconsistent, the electronic cash voucher of the first client side is false, and the user is prompted that the electronic cash voucher is wrong and the transaction is ended.
23. The method of claim 19, wherein verifying that the transaction is streamlined using the public key of the first client comprises:
verifying the transaction flow ciphertext by using the public key of the first client to obtain the decrypted transaction flow;
comparing the decrypted transaction flow with the transaction flow;
if the comparison is consistent, the transaction flow is correct;
if the comparison is inconsistent, the transaction flow is incorrect, and the user is prompted that the transaction flow is wrong and the transaction is ended.
24. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any of claims 15 to 23 when executing the computer program.
25. A computer-readable storage medium, characterized in that the computer-readable storage medium stores a computer program for executing the method of any of claims 15 to 23.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111086449.0A CN113793149B (en) | 2021-09-16 | 2021-09-16 | Off-line transaction authentication system, method, central server and client |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111086449.0A CN113793149B (en) | 2021-09-16 | 2021-09-16 | Off-line transaction authentication system, method, central server and client |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN113793149A true CN113793149A (en) | 2021-12-14 |
| CN113793149B CN113793149B (en) | 2024-10-25 |
Family
ID=79183564
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111086449.0A Active CN113793149B (en) | 2021-09-16 | 2021-09-16 | Off-line transaction authentication system, method, central server and client |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113793149B (en) |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2007174248A (en) * | 2005-12-21 | 2007-07-05 | Dainippon Printing Co Ltd | Method for storing cash voucher image picture data |
| CN102075522A (en) * | 2010-12-22 | 2011-05-25 | 北京航空航天大学 | Secure certification and transaction method with combination of digital certificate and one-time password |
| CN104463567A (en) * | 2013-09-16 | 2015-03-25 | 航天信息股份有限公司 | Secure electronic transaction method and system |
| CN104881781A (en) * | 2015-05-11 | 2015-09-02 | 福建联迪商用设备有限公司 | Method, system, and client based on secure transaction |
| WO2017182601A1 (en) * | 2016-04-22 | 2017-10-26 | Bundesdruckerei Gmbh | Electronic method for the cryptographically secure transmission of a cryptocurrency amount |
| CN107994995A (en) * | 2017-11-29 | 2018-05-04 | 深圳市文鼎创数据科技有限公司 | A kind of method of commerce, system and the terminal device of lower security medium |
| CN110070443A (en) * | 2019-04-23 | 2019-07-30 | 深圳前海微众银行股份有限公司 | A kind of bill processing method and device based on block chain |
| CN111210287A (en) * | 2019-12-26 | 2020-05-29 | 大象慧云信息技术有限公司 | Tax UKey-based invoicing method and system |
| KR20200121706A (en) * | 2019-04-16 | 2020-10-26 | 김훈 | Method for payment crytocurrency, apparatus and system for executint the method |
-
2021
- 2021-09-16 CN CN202111086449.0A patent/CN113793149B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2007174248A (en) * | 2005-12-21 | 2007-07-05 | Dainippon Printing Co Ltd | Method for storing cash voucher image picture data |
| CN102075522A (en) * | 2010-12-22 | 2011-05-25 | 北京航空航天大学 | Secure certification and transaction method with combination of digital certificate and one-time password |
| CN104463567A (en) * | 2013-09-16 | 2015-03-25 | 航天信息股份有限公司 | Secure electronic transaction method and system |
| CN104881781A (en) * | 2015-05-11 | 2015-09-02 | 福建联迪商用设备有限公司 | Method, system, and client based on secure transaction |
| WO2017182601A1 (en) * | 2016-04-22 | 2017-10-26 | Bundesdruckerei Gmbh | Electronic method for the cryptographically secure transmission of a cryptocurrency amount |
| CN107994995A (en) * | 2017-11-29 | 2018-05-04 | 深圳市文鼎创数据科技有限公司 | A kind of method of commerce, system and the terminal device of lower security medium |
| KR20200121706A (en) * | 2019-04-16 | 2020-10-26 | 김훈 | Method for payment crytocurrency, apparatus and system for executint the method |
| CN110070443A (en) * | 2019-04-23 | 2019-07-30 | 深圳前海微众银行股份有限公司 | A kind of bill processing method and device based on block chain |
| CN111210287A (en) * | 2019-12-26 | 2020-05-29 | 大象慧云信息技术有限公司 | Tax UKey-based invoicing method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN113793149B (en) | 2024-10-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| AU751404B2 (en) | Symmetrically-secured electronic communication system | |
| EP0824814B1 (en) | Methods and apparatus for authenticating an originator of a message | |
| US9258296B2 (en) | System and method for generating a strong multi factor personalized server key from a simple user password | |
| CN117579281A (en) | Method and system for ownership verification using blockchain | |
| CN110612547A (en) | System and method for information protection | |
| CN116802661A (en) | Token-based out-of-chain interaction authorization | |
| US20100153273A1 (en) | Systems for performing transactions at a point-of-sale terminal using mutating identifiers | |
| US20020073045A1 (en) | Off-line generation of limited-use credit card numbers | |
| GB2549118A (en) | Electronic payment system using identity-based public key cryptography | |
| US10657523B2 (en) | Reconciling electronic transactions | |
| CN108805574B (en) | Transaction method and system based on privacy protection | |
| Iwasokun et al. | Encryption and tokenization-based system for credit card information security | |
| Wang et al. | A consumer scalable anonymity payment scheme with role based access control | |
| CN113793149B (en) | Off-line transaction authentication system, method, central server and client | |
| EP4485324A1 (en) | Secure onboarding unit, electronic token transaction system, method of securely managing transactions and non-transitory computer readable storage medium | |
| Tso et al. | An off-line mobile payment protocol providing double-spending detection | |
| Elkamchouchi | An Improvement to the SET Protocol Based On Signcryption | |
| David et al. | Augmenting integrity and scalability in mobile payment applications using blockchain | |
| Al-Bastaki et al. | Task based Interdisciplinary E-Commerce Course with UML Sequence Diagrams, Algorithm Transformations and Spatial Circuits to Boost Learning Information Security Concepts | |
| ASAMN | Design Combination Encryption for Mobile Banking data security: The Case of Ethiopian Banks | |
| Zhang et al. | A novel off-line anonymous and divisible digital cash protocol utilizing smart card for mobile payment | |
| CN114819955A (en) | Intermediate bridge platform applied to encrypted digital asset passing transaction process safety verification | |
| Hui | Research on security framework for mobile commerce | |
| CA2295603C (en) | Symmetrically-secured electronic communication system | |
| CN116342265A (en) | Block chain-based non-homogeneous digital asset data processing method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |