[go: up one dir, main page]

CN114565382A - Transaction account anonymous payment method and system - Google Patents

Transaction account anonymous payment method and system Download PDF

Info

Publication number
CN114565382A
CN114565382A CN202210192720.7A CN202210192720A CN114565382A CN 114565382 A CN114565382 A CN 114565382A CN 202210192720 A CN202210192720 A CN 202210192720A CN 114565382 A CN114565382 A CN 114565382A
Authority
CN
China
Prior art keywords
merchant
payment
public key
client
customer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210192720.7A
Other languages
Chinese (zh)
Other versions
CN114565382B (en
Inventor
汪泽希
李超
周小琴
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu Yaoer Lingjiu Technology Service Co ltd
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to CN202210192720.7A priority Critical patent/CN114565382B/en
Publication of CN114565382A publication Critical patent/CN114565382A/en
Application granted granted Critical
Publication of CN114565382B publication Critical patent/CN114565382B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/383Anonymous user system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/02Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP]
    • G06Q20/027Payment architectures, schemes or protocols involving a neutral party, e.g. certification authority, notary or trusted third party [TTP] involving a payment switch or gateway
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3825Use of electronic signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3827Use of message hashing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management

Landscapes

  • Business, Economics & Management (AREA)
  • Engineering & Computer Science (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Finance (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

本发明涉及一种交易账户匿名支付方法、系统,该系统包括:客户端、商户服务端、安全管理中心、客户认证中心、商户认证中心、支付网关、付款银行终端、收款银行终端;在安全管理中心监管下执行交易参与方之间的环式认证链,在完成一个商品订单支付过程中,分别由商户节点负责对客户节点身份认证、支付网关负责对商户节点身份认证、客户节点与付款银行节点之间执行最终支付程序的认证,将以往全权由支付网关承担交易双方身份认证的工作分散到各参与方之间分布式完成,降低了支付网关或第三方支付平台的工作负担,同时避免了支付网关出现变节或遭受攻击时导致的灾难性后果。

Figure 202210192720

The invention relates to a transaction account anonymous payment method and system. The system includes: a client, a merchant server, a security management center, a customer authentication center, a merchant authentication center, a payment gateway, a payment bank terminal, and a collection bank terminal; Under the supervision of the management center, the circular authentication chain between transaction participants is executed. In the process of completing a commodity order payment, the merchant node is responsible for the identity authentication of the customer node, the payment gateway is responsible for the identity authentication of the merchant node, the customer node and the payment bank. The authentication of the final payment procedure between the nodes will disperse the work of identity authentication of both parties of the transaction that was solely undertaken by the payment gateway in the past to be distributed among the participating parties, which reduces the workload of the payment gateway or third-party payment platform, while avoiding the need for Disastrous consequences when payment gateways defect or are attacked.

Figure 202210192720

Description

一种交易账户匿名支付方法及系统An anonymous payment method and system for a transaction account

技术领域technical field

本发明涉及电子支付技术领域,具体涉及一种交易账户匿名支付方法及系统。The invention relates to the technical field of electronic payment, in particular to a transaction account anonymous payment method and system.

背景技术Background technique

电子支付是指消费者、商家和金融机构之间使用安全电子手段把支付信息通过信息网络安全地传送到银行或相应的处理机构,用来实现货币支付或资金流转的行为,将互联网、终端设备、金融机构有效地联合起来,形成了一个新型的支付体系。可构建支付系统的技术很多,对于远程运营模式来说,相比于短信、智能卡为媒介的支付验证模式而言,目前客户端方案占据着主流位置。该方案是用户使用客户端接收用户需要进行的支付请求,通过互联网将支付请求发送给相关服务器,并由账号管理系统进行用户和商家之间的资金转移,将转移完成的结果进行反馈,最后由商家向用户提供支付请求中对应的商品或服务。Electronic payment refers to the use of secure electronic means between consumers, merchants and financial institutions to securely transmit payment information to banks or corresponding processing institutions through information networks to realize currency payment or capital flow. , Financial institutions are effectively united to form a new payment system. There are many technologies that can build a payment system. For the remote operation mode, compared to the payment verification mode mediated by SMS and smart cards, the client-side solution currently occupies the mainstream position. The solution is that the user uses the client to receive the payment request that the user needs to make, sends the payment request to the relevant server through the Internet, and the account management system transfers the funds between the user and the merchant, and feeds back the result of the transfer. The merchant provides the user with the product or service corresponding to the payment request.

考虑到电子支付系统的资金安全性、身份隐私性、交易数据完整性等问题,应当尽可能选择安全性较高的支付协议,支付协议主要进行安全通信和身份认证两个工作。目前市面上主流的协议有SSL和SET。SSL(Secure Sockets Layer安全套接字协议)为Netscape所研发,用以保障在Internet上数据传输的安全,利用数据加密技术,可确保数据在网络上的传输过程中不会被截取及窃听,但是其基于商家对消费者信息保密的承诺,这就有利于商家而不利于消费者,且不具备交易双方的身份鉴别功能,对于双方都有资金损失的危险,安全漏洞明显且交易机制决定很难进行改进。在电子商务初级阶段,由于运作电子商务的企业大多是信誉较高的大公司,因此这种问题还没有充分暴露出来。但随着电子商务的发展,各中小型公司也参与进来,这样在电子支付过程中的单一认证问题就越来越突出。Considering the financial security, identity privacy, transaction data integrity and other issues of the electronic payment system, a payment protocol with higher security should be selected as much as possible. The payment protocol mainly performs two tasks: secure communication and identity authentication. At present, the mainstream protocols on the market are SSL and SET. SSL (Secure Sockets Layer Secure Sockets Protocol) was developed by Netscape to ensure the security of data transmission on the Internet. Using data encryption technology, it can ensure that data will not be intercepted and eavesdropped during the transmission process on the network. It is based on the commitment of merchants to keep consumer information confidential, which is beneficial to merchants and not beneficial to consumers, and does not have the identity authentication function of both parties to the transaction. There is a danger of capital loss for both parties, and the security loopholes are obvious and the transaction mechanism is difficult to decide. Make improvements. In the initial stage of e-commerce, since most of the enterprises operating e-commerce are large companies with high reputation, this kind of problem has not been fully exposed. However, with the development of e-commerce, various small and medium-sized companies have also participated, so the problem of single authentication in the electronic payment process has become more and more prominent.

由于SSL协议的诸多不足导致其不能大规模地推广运用,为了适应市场需求由美国Visa和MasterCard两大信用卡组织联合国际上多家科技机构,共同定制了SET协议(Secure Electronic Transaction),该协议克服了SSL的不足,为了保障客户的利益提供了客户对商家的认证功能。但是现有的电子网银支付方式一般都采用了第三方支付平台,交易过程中的商品订单、交易双方的身份及收付款账户信息均被第三方支付平台获知,交易数据的安全性完全取决于第三方支付平台的信誉、系统的可靠性,因此存在着用户信息被泄露的风险。另外,SET安全协议以固定网络为基础,在使用前要求交易方预先安装好相应的程序。交易过程中,需要进行的加、解密和数字签名、验证的运算次数过多,证书的传递和身份认证程序繁琐。如此复杂的操作与繁琐的程序必然导致SET协议效率低下,同时影响客户的使用体验,增大了网络负担。Due to the shortcomings of the SSL protocol, it cannot be widely used. In order to meet the market demand, the two major credit card organizations, Visa and MasterCard in the United States, and many international scientific and technological institutions jointly customized the SET protocol (Secure Electronic Transaction), which overcomes the To address the shortcomings of SSL, in order to protect the interests of customers, it provides a customer-to-business authentication function. However, the existing electronic online banking payment methods generally use a third-party payment platform. During the transaction process, the commodity order, the identities of the transaction parties and the account information of the payment and receipt are all known to the third-party payment platform. The security of transaction data depends entirely on the third-party payment platform. The credibility of the third-party payment platform and the reliability of the system, so there is a risk of user information being leaked. In addition, the SET security protocol is based on a fixed network, and requires the transaction party to pre-install the corresponding program before use. During the transaction process, there are too many operations for encryption, decryption, digital signature and verification, and the procedures for certificate delivery and identity authentication are cumbersome. Such complex operations and cumbersome procedures will inevitably lead to low efficiency of the SET protocol, and at the same time affect the user experience and increase the network burden.

发明内容SUMMARY OF THE INVENTION

为了解决上述电子支付系统存在的交易安全问题,本发明提供了一种交易账户匿名支付方法及系统,本发明能够实现交易双方银行账户的匿名支付,将网络上的用户身份与真实交易账户身份隔离,提高交易资金的安全性,为此,本发明提供的交易账户匿名支付方法,该方法具体包括:In order to solve the transaction security problem existing in the above electronic payment system, the present invention provides an anonymous payment method and system for a transaction account. The present invention can realize anonymous payment of the bank accounts of both parties in the transaction, and isolate the user identity on the network from the real transaction account identity. , improve the security of transaction funds, for this reason, the anonymous payment method of the transaction account provided by the present invention specifically includes:

客户节点从电商平台的支付页面生成商品订单后,由安全管理中心为客户节点提供多个客户节点的客户公钥集合;After the customer node generates a commodity order from the payment page of the e-commerce platform, the security management center provides the customer node with a collection of customer public keys of multiple customer nodes;

客户节点利用客户公钥集合为商品订单生成第一环签名数据,商品订单包括订单编号、客户身份标识、付款银行身份标识、商品明细、支付金额、由第一主控密钥加密的付款账户信息,客户公钥集合与客户身份标识、第一主控密钥在安全管理中心形成第一映射关系,利用商户节点的公钥对第一环签名数据、商品订单加密,将密文随商品采购请求消息一起发送给商户节点;The customer node uses the customer public key set to generate the first ring signature data for the commodity order, and the commodity order includes the order number, the customer ID, the payment bank ID, the product details, the payment amount, and the payment account information encrypted by the first master key. , the customer public key set, the customer identity, and the first master key form a first mapping relationship in the security management center, use the public key of the merchant node to encrypt the first ring signature data and the commodity order, and attach the ciphertext to the commodity purchase request. The message is sent to the merchant node together;

商户节点解密后获得第一环签名数据和商品订单,从客户认证中心查询客户公钥集合中所有的公钥是否存在,如果不存在则表明验签失败,向客户节点反馈客户认证失败消息,否则对第一环签名执行验签,如果验签结果不正确,向客户节点反馈客户认证失败消息,否则由安全管理中心为商户节点提供多个商户节点的商户公钥集合;After decryption, the merchant node obtains the first-ring signature data and the commodity order, and checks whether all the public keys in the customer public key set exist from the customer authentication center. Perform signature verification on the first ring signature, if the signature verification result is incorrect, feedback the client authentication failure message to the client node, otherwise, the security management center will provide the merchant node with the merchant public key set of multiple merchant nodes;

商户节点利用商户公钥集合为客户公钥集合、商品订单、商户结算单签名,生成第二环签名数据,商户结算单包括商户身份标识、收款银行身份标识、由第二主控密钥加密的收款账户信息,商户公钥集合与商户身份标识、第二主控密钥在安全管理中心形成第二映射关系;利用支付网关的公钥对第二环签名数据、客户公钥集合、商品订单、商户结算单再次加密,将密文随支付请求消息一起发送给支付网关;The merchant node uses the merchant public key set to sign the customer public key set, the commodity order, and the merchant settlement slip, and generates the second ring signature data. The merchant settlement slip includes the merchant identification, the receiving bank identification, and is encrypted by the second master key. The collection account information of the payment gateway, the merchant public key set, the merchant identity, and the second master key form a second mapping relationship in the security management center; use the payment gateway's public key to sign the second ring data, customer public key set, commodity Orders and merchant settlements are encrypted again, and the ciphertext is sent to the payment gateway along with the payment request message;

支付网关解密后获得第二环签名数据、客户公钥集合、商品订单、商户结算单,从商户认证中心查询商户公钥集合中所有的公钥是否存在,如果不存在则验签失败,向商户节点反馈商户认证失败消息,否则对第二环签名执行验签,如果验签结果不正确,向商户节点反馈商户认证失败消息,否则利用付款银行节点的公钥对客户公钥集合、商户公钥集合、商品订单、商户结算单加密后发送给付款银行节点;After decryption, the payment gateway obtains the second ring signature data, customer public key set, commodity order, and merchant settlement statement, and checks whether all public keys in the merchant public key set exist from the merchant authentication center. The node feeds back the merchant authentication failure message, otherwise the second ring signature is verified. If the verification result is incorrect, the merchant authentication failure message is fed back to the merchant node. Collections, commodity orders, and merchant settlements are encrypted and sent to the payment bank node;

付款银行节点解密后获得客户公钥集合、商户公钥集合、商品订单、商户结算单,提取客户公钥集合和商户公钥集合并发送给安全管理中心,安全管理中心根据客户公钥集合和商户公钥集合索引对应的客户身份标识、第一主控密钥、商户身份标识、第二主控密钥,并通过两者的共享密钥加密后发送给付款银行节点;After decryption, the paying bank node obtains the customer public key set, the merchant public key set, the commodity order, and the merchant settlement statement, extracts the customer public key set and the merchant public key set and sends it to the security management center. The customer ID, the first master key, the merchant ID, and the second master key corresponding to the public key set index are encrypted by the shared key of the two and sent to the paying bank node;

付款银行节点解密后提取第一主控密钥和第二主控密钥,利用第一主控密钥从商品订单中解密获得付款账户信息,利用第二主控密钥从商户结算单中解密获得收款账户信息,向客户节点发送支付确认请求消息,支付确认请求消息由第一主控密钥加密;After decryption, the paying bank node extracts the first master key and the second master key, uses the first master key to decrypt the commodity order to obtain payment account information, and uses the second master key to decrypt the merchant's settlement slip Obtain the payment account information, send a payment confirmation request message to the client node, and the payment confirmation request message is encrypted by the first master key;

客户节点解密后在验证支付确认请求消息无误后,将含有支付密码口令的支付确认消息反馈给付款银行节点,支付确认消息由第一主控密钥加密;After decryption, the client node returns the payment confirmation message containing the payment password to the paying bank node after verifying that the payment confirmation request message is correct, and the payment confirmation message is encrypted by the first master key;

付款银行节点解密后在验证支付确认消息无误后,按客户指定的付款账户向商户指定的收款账户转账,在支付成功后,付款银行节点和收款银行节点分别向客户节点和商户节点发送对应的支付成功消息和收款成功消息。After decryption, the paying bank node verifies that the payment confirmation message is correct, and transfers the money to the payment account designated by the merchant according to the payment account designated by the customer. After successful payment, the paying bank node and the receiving bank node send corresponding messages to the customer node and the merchant node respectively. payment success message and payment success message.

进一步优选地,客户公钥集合的生成过程为:Further preferably, the generation process of the client public key set is:

客户节点在本地生成随机数rc,利用自身的私钥对随机数rc、客户身份标识IDc进行签名获得客户签名数据SIGc,并利用安全管理中心的公钥对客户签名数据SIGc、随机数rc、客户身份标识IDc进行加密后发送给安全管理中心;The client node generates a random number rc locally, uses its own private key to sign the random number rc and the client identity ID c to obtain the client signature data SIG c , and uses the public key of the security management center to sign the client signature data SIG c , The random number rc and the customer identification ID c are encrypted and sent to the security management center;

安全管理中心解密后提取客户身份标识IDc对应的公钥对客户签名数据SIGc验签,在确认为真时在本地生成随机数rs_1,将随机数rc与随机数rs_1级联后执行N次哈希迭代运算,以每次哈希运算获得的哈希值hi作为指针索引位数组中对应位,并提取所在位索引的公钥,所述的位数组按位索引数据库中存储的不同客户节点所属的公钥;After decryption, the security management center extracts the public key corresponding to the customer identity ID c to verify the signature of the customer signature data SIG c , and generates a random number rs_1 locally when the confirmation is true, and concatenates the random number rc and the random number rs_1 . Perform N hash iterative operations, use the hash value hi obtained by each hash operation as a pointer to index the corresponding bit in the bit array, and extract the public key of the bit index, and the bit array is stored in the bit-by-bit index database The public keys to which different client nodes belong to;

将提取的N个公钥组成客户公钥集合。The extracted N public keys are formed into a client public key set.

进一步优选地,第一主控密钥的生成过程为:Further preferably, the generation process of the first master key is:

客户节点设置秘密值xc,计算公开参数

Figure BDA0003525537060000031
将公开参数yc和随机数rc一起发送给安全管理中心;The client node sets the secret value x c , calculates the public parameter
Figure BDA0003525537060000031
Send the public parameter y c and the random number rc to the security management center;

安全管理中心设置秘密值xs_1,计算公开参数

Figure BDA0003525537060000032
然后结合公开参数yc和随机数rs_1进一步生成第一主控密钥:The security management center sets the secret value x s_1 and calculates the public parameters
Figure BDA0003525537060000032
Then combine the public parameter y c and the random number rs_1 to further generate the first master key:

Figure BDA0003525537060000041
Figure BDA0003525537060000041

安全管理中心将公开参数ys_1和随机数rs_1一起发送给客户节点;The security management center sends the public parameter y s_1 together with the random number r s_1 to the client node;

客户节点根据秘密值xc、公开参数ys_1和随机数rc进一步生成第一主控密钥:The client node further generates the first master key according to the secret value x c , the public parameter y s_1 and the random number rc:

Figure BDA0003525537060000042
Figure BDA0003525537060000042

其中,ksc=kcs,q表示大素数,g表示有限域GF(q)上的一个生成元。Among them, k sc =k cs , q represents a large prime number, and g represents a generator on the finite field GF(q).

进一步优选地,商户公钥集合的生成过程为:Further preferably, the generation process of the merchant public key set is:

商户节点在本地生成随机数rm,利用自身的私钥对随机数rm、商户身份标识IDm进行签名获得商户签名数据SIGm,并利用安全管理中心的公钥对商户签名数据SIGm、随机数rm、商户身份标识IDm进行加密后发送给安全管理中心;The merchant node generates a random number rm locally, uses its own private key to sign the random number rm and the merchant identity ID m to obtain the merchant signature data SIG m , and uses the public key of the security management center to sign the merchant signature data SIG m , The random number rm and the merchant identity ID m are encrypted and sent to the security management center;

安全管理中心解密后提取商户身份标识IDm对应的公钥对商户签名数据SIGm验签,在确认为真时在本地生成随机数rs_2,将随机数rm与随机数rs_2级联后执行M次哈希迭代运算,以每次哈希运算获得的哈希值hj作为指针索引位数组中对应位,并提取所在位索引的公钥,所述的位数组按位索引数据库中存储的不同商户节点所属的公钥;After decryption, the security management center extracts the public key corresponding to the merchant's identity ID m to verify the signature of the merchant's signature data SIG m , generates a random number rs_2 locally when it is confirmed to be true, and concatenates the random number rm and the random number rs_2 Perform M hash iteration operations, use the hash value h j obtained by each hash operation as a pointer to index the corresponding bit in the bit array, and extract the public key of the bit index, and the bit array is stored in the bit index database. The public keys to which different merchant nodes belong to;

将提取的M个公钥组成商户公钥集合。The extracted M public keys are formed into a merchant public key set.

进一步优选地,第二主控密钥的生成过程为:Further preferably, the generation process of the second master key is:

商户节点设置秘密值xm,计算公开参数

Figure BDA0003525537060000043
将公开参数ym和随机数rm一起发送给安全管理中心;The merchant node sets the secret value x m and calculates the public parameters
Figure BDA0003525537060000043
Send the public parameter y m together with the random number r m to the security management center;

安全管理中心设置秘密值xs_2,计算公开参数

Figure BDA0003525537060000044
然后结合公开参数ym和随机数rs_2进一步生成第二主控密钥:The security management center sets the secret value x s_2 and calculates the public parameters
Figure BDA0003525537060000044
Then combine the public parameter y m and the random number rs_2 to further generate the second master key:

Figure BDA0003525537060000045
Figure BDA0003525537060000045

安全管理中心将公开参数ys_2和随机数rs_2一起发送给商户节点;The security management center sends the public parameter y s_2 and the random number r s_2 to the merchant node together;

商户节点根据公开参数ys_2、秘密值xm和随机数rm进一步生成第二主控密钥:The merchant node further generates the second master key according to the public parameter y s_2 , the secret value x m and the random number rm :

Figure BDA0003525537060000046
Figure BDA0003525537060000046

其中,ksm=kms,q表示大素数,g表示有限域GF(q)上的一个生成元。Among them, k sm =k ms , q represents a large prime number, and g represents a generator on the finite field GF(q).

进一步优选地,安全管理中心为客户节点和商户节点分别设置客户安全参数映射表和商户安全参数映射表;Further preferably, the security management center sets the customer security parameter mapping table and the merchant security parameter mapping table for the customer node and the merchant node respectively;

客户安全参数映射表中的表项包括:第一表项标识、客户公钥集合、客户身份标识、第一主控密钥,通过将客户公钥集合级联后执行哈希运算,以计算获得的哈希值作为第一表项标识,用于索引对应的表项;The entries in the client security parameter mapping table include: the first entry identifier, the client public key set, the client identity identifier, and the first master key. By concatenating the client public key set and performing a hash operation, the calculation is obtained. The hash value is used as the first entry identifier to index the corresponding entry;

商户安全参数映射表中的表项包括:第二表项标识、商户公钥集合、商户身份标识、第二主控密钥,通过将商户公钥集合级联后执行哈希运算,以计算获得的哈希值作为第二表项标识,用于索引对应的表项。The entries in the merchant security parameter mapping table include: the second entry identifier, the merchant public key set, the merchant identity identifier, and the second master key. By concatenating the merchant public key sets and performing a hash operation, the calculation is obtained. The hash value is used as the second entry identifier to index the corresponding entry.

本发明还提供了一种交易账户匿名支付系统,该系统具体包括:客户端、商户服务端、安全管理中心、客户认证中心、商户认证中心、支付网关、付款银行终端、收款银行终端;The invention also provides an anonymous payment system for a transaction account, which specifically includes: a client, a merchant server, a security management center, a customer authentication center, a merchant authentication center, a payment gateway, a payment bank terminal, and a collection bank terminal;

客户端:设置于用户终端设备内,客户节点通过客户端获取电商平台提供的商品选购服务,利用客户公钥集合为商品订单生成第一环签名数据,并通过加密方式向商户服务端发送含有第一环签名数据和商品订单的商品采购请求消息,验证支付确认请求消息真伪,在确定为真后将含有支付密码口令的支付确认消息通过加密方式发送给付款银行终端;Client: Set in the user terminal equipment, the client node obtains the commodity purchase service provided by the e-commerce platform through the client, uses the client public key set to generate the first ring signature data for the commodity order, and sends it to the merchant server through encryption. The commodity purchase request message containing the first ring signature data and the commodity order, verify the authenticity of the payment confirmation request message, and send the payment confirmation message containing the payment password to the payment bank terminal in an encrypted manner after it is determined to be true;

商户服务端:设置于商户节点的远程终端,通过设计的电商平台在网络中为客户端提供商品选购服务,利用客户认证中心提供的客户公钥查询端口验证商品采购请求消息中的第一环签名数据真伪,利用商户公钥集合为第一环签名数据验证为真的客户公钥集合、商品订单、商户结算单签名,生成第二环签名数据,并通过加密方式向支付网关发送含有第二环签名数据、客户公钥集合、商品订单、商户结算单的支付请求消息,接收并根据收款成功消息为客户端提供指定的商品;Merchant server: a remote terminal set at the merchant node, which provides the client with commodity purchase services in the network through the designed e-commerce platform, and uses the customer public key query port provided by the customer authentication center to verify the first item in the commodity purchase request message. The authenticity of the ring signature data is verified by using the merchant public key set to verify that the first ring signature data is true. The customer public key set, the commodity order, and the merchant settlement form are signed, and the second ring signature data is generated, and sent to the payment gateway by encryption. The second ring signature data, customer public key set, commodity order, payment request message of the merchant's settlement statement, receive and provide the client with the specified commodity according to the payment success message;

安全管理中心:负责为客户端和商户服务端提供用于环签名的公钥数据集、用于收付款账户信息加密的主控密钥参数,为客户认证中心和商户认证中心提供实时更新的客户公钥和商户公钥,验证付款银行终端提供的客户公钥集合和商户公钥集合真伪,在确定为真后根据客户公钥集合和商户公钥集合索引对应的客户身份标识、第一主控密钥、商户身份标识、第二主控密钥,并通过加密方式发送给付款银行终端;Security Management Center: Responsible for providing the client and merchant server with the public key data set used for ring signature, the master key parameters used for encryption of payment account information, and providing real-time updated customers for the customer authentication center and the merchant authentication center The public key and the merchant public key are used to verify the authenticity of the customer public key set and the merchant public key set provided by the payment bank terminal. control key, merchant identification, and second master control key, and send them to the payment bank terminal through encryption;

支付网关:利用商户认证中心提供的商户公钥查询端口验证支付请求消息中的第二环签名数据真伪,通过加密方式将第二环签名数据验证为真的客户公钥集合、商户公钥集合、商品订单、商户结算单发送给付款银行终端;Payment gateway: use the merchant public key query port provided by the merchant authentication center to verify the authenticity of the second ring signature data in the payment request message, and verify the second ring signature data as the true customer public key set and merchant public key set by encryption , commodity orders, and merchant settlement slips are sent to the payment bank terminal;

付款银行终端:通过安全管理中心验证客户公钥集合和商户公钥集合真伪,利用安全管理中心提供的第一主控密钥和第二主控密钥解密获得付款账户信息和收款账户信息,通过加密方式向客户端发送支付确认请求消息,验证客户端反馈的支付确认消息真伪,在确定为真后按客户指定的付款账户向商户指定的收款账户转账,同时将支付成功消息发送给客户端;Paying bank terminal: verify the authenticity of the customer public key set and the merchant public key set through the security management center, and use the first master key and the second master key provided by the security management center to decrypt to obtain payment account information and collection account information , send a payment confirmation request message to the client through encryption, verify the authenticity of the payment confirmation message fed back by the client, and transfer the payment to the payment account designated by the merchant according to the payment account designated by the customer after it is confirmed to be true, and send the payment success message at the same time. to the client;

收款银行终端:接收付款银行终端的付款,同时将收款成功消息发送给商户服务端;Receiving bank terminal: Receive the payment from the paying bank terminal, and at the same time send the payment success message to the merchant server;

客户认证中心:接收安全管理中心提供的客户公钥,并完成本地客户公钥集的更新,为商户服务端提供用于客户公钥查询的端口;Customer Authentication Center: Receive the customer public key provided by the security management center, complete the update of the local customer public key set, and provide the merchant server with a port for customer public key query;

商户认证中心:接收安全管理中心提供的商户公钥,并完成本地商户公钥集的更新,为支付网关提供用于商户公钥查询的端口。Merchant Authentication Center: Receive the merchant public key provided by the security management center, complete the update of the local merchant public key set, and provide the payment gateway with a port for merchant public key query.

本发明所提供的交易账户匿名支付方法及系统的优点在于:The advantages of the anonymous payment method and system for a transaction account provided by the present invention are:

在安全管理中心监管下执行交易参与方之间的环式认证链,在完成一个商品订单支付过程中,分别由商户节点负责对客户节点身份认证、支付网关负责对商户节点身份认证、客户节点与付款银行节点之间执行最终支付程序的认证,将以往全权由支付网关承担交易双方身份认证的工作分散到各参与方之间分布式完成,降低了支付网关的工作负担,同时避免了支付网关出现变节或被攻击时导致的灾难性后果;Under the supervision of the security management center, the circular authentication chain between transaction participants is executed. In the process of completing the payment of a commodity order, the merchant node is responsible for the identity authentication of the customer node, the payment gateway is responsible for the identity authentication of the merchant node, the customer node and the The authentication of the final payment procedure between the payment bank nodes, the payment gateway has the full authority to undertake the identity authentication of both parties to the transaction and is distributed among the participants, which reduces the workload of the payment gateway and avoids the appearance of the payment gateway. catastrophic consequences of defecting or being attacked;

由安全管理中心分配的公钥集合给客户节点和商户节点,交易双方以此生成能够验证客户和商户合法身份的环签名数据,同时根据环签名的匿名特性避免节点公钥被直接暴露于网络上,为不法分子伪造签名提供契机;而对于高度可信的安全管理中心可以根据公钥组合信息反向推算环签名数据的签名者真实身份,使得任何合法签名均可被追溯;The public key set allocated by the security management center is distributed to the customer node and the merchant node, and the two parties of the transaction generate the ring signature data that can verify the legal identity of the customer and the merchant. At the same time, according to the anonymous nature of the ring signature, the public key of the node is prevented from being directly exposed to the network. , providing an opportunity for criminals to forge signatures; and for a highly credible security management center, the true identity of the signer of the ring signature data can be reversely calculated based on the public key combination information, so that any legal signature can be traced;

将收付款账户信息隐匿在商品订单和商户结算单中,客户与商户的实际交易账户对支付网关均不可见,只有通过安全管理中心对环签名数据的验签为真后,才能在付款银行节点获得真实的客户支付账户信息和商户收款账户信息,最后由客户的发卡银行与客户端完成支付确认操作,在整个交易过程中交易双方的银行账户对于支付网关来说是透明的;另外,对于安全管理中心而言,其只是以高信任度为要素为参与支付流程的各个对象提供安全参数或认证服务,不直接参与具体的支付活动,即无从获取具体的商品订单和商户信息,不对具体的订单标的物做核验,保证了交易实体业务与安全认证工作的相互独立运作。The payment account information is hidden in the commodity order and merchant settlement, and the actual transaction accounts of the customer and the merchant are invisible to the payment gateway. Only after the ring signature data is verified by the security management center, the payment bank node can be used. Obtain the real customer payment account information and merchant collection account information, and finally complete the payment confirmation operation between the customer's card issuing bank and the client. During the entire transaction process, the bank accounts of both parties are transparent to the payment gateway; in addition, for As far as the security management center is concerned, it only provides security parameters or authentication services for each object participating in the payment process based on high trust, and does not directly participate in specific payment activities, that is, it cannot obtain specific commodity orders and merchant information. The subject matter of the order is verified to ensure the independent operation of the transaction entity business and the security certification work.

附图说明Description of drawings

图1为本发明提供的交易账户匿名支付方法流程图;1 is a flowchart of an anonymous payment method for a transaction account provided by the present invention;

图2为安全管理中心中的客户/商户公钥集合生成过程;Fig. 2 is the customer/merchant public key set generation process in the security management center;

图3为本发明提供的交易账户匿名支付系统架构图。FIG. 3 is a structural diagram of an anonymous payment system for a transaction account provided by the present invention.

具体实施方式Detailed ways

下面将参照附图更详细地描述本公开的实施例。虽然附图中显示了本公开的某些实施例,然而应当理解的是,本公开可以通过各种形式来实现,而且不应该被解释为限于这里阐述的实施例,相反提供这些实施例是为了更加透彻和完整地理解本公开。应当理解的是,本公开的附图及实施例仅用于示例性作用,并非用于限制本公开的保护范围。Embodiments of the present disclosure will be described in more detail below with reference to the accompanying drawings. While certain embodiments of the present disclosure are shown in the drawings, it should be understood that the present disclosure may be embodied in various forms and should not be construed as limited to the embodiments set forth herein, but rather are provided for the purpose of A more thorough and complete understanding of the present disclosure. It should be understood that the drawings and embodiments of the present disclosure are only for exemplary purposes, and are not intended to limit the protection scope of the present disclosure.

本发明提供了一种基于电商平台应用的交易账户匿名支付方法,由安全管理中心作为安全向导,执行用户和商户身份合法性的匿名签名认证、匿名交易账户验证,在第三方支付平台实施交易业务数据与交易账户信息相隔离,避免因关联引起的网银账户资金易被窃取盗刷的问题,使用户个人信息实现隐私保护。The invention provides a transaction account anonymous payment method based on the application of the e-commerce platform. The security management center is used as a security guide to perform anonymous signature verification and anonymous transaction account verification of the legitimacy of user and merchant identities, and implement transactions on a third-party payment platform. The business data is isolated from the transaction account information to avoid the problem of easy theft and theft of funds in the online banking account caused by the association, so that the user's personal information can be protected.

如图1所示,本发明提供的交易账户匿名支付方法具体包括以下内容:As shown in Figure 1, the transaction account anonymous payment method provided by the present invention specifically includes the following contents:

首先,客户可通过浏览器模式或客户端程序模式登录电商平台网站,在电商平台的商品展示页面由用户搜索、选择需要的商品或服务类型,在选择完成后由客户节点从电商平台的支付页面生成商品订单。商品订单主要包括订单编号、客户身份标识、付款银行身份标识、商品明细、支付金额、付款账户信息。客户节点表示客户在电商平台的登录身份,包含用户在注册阶段自拟定的用户名、用户密码、绑定的手机或邮箱信息,由系统生成的唯一性用户身份标识(或称ID标识)等信息。First, customers can log in to the e-commerce platform website through browser mode or client program mode. On the product display page of the e-commerce platform, users can search and select the type of goods or services they need. The payment page of the product order is generated. Commodity orders mainly include order number, customer ID, payment bank ID, product details, payment amount, and payment account information. The customer node represents the login identity of the customer on the e-commerce platform, including the user name, user password, bound mobile phone or email information prepared by the user during the registration stage, and the unique user identity identifier (or ID identifier) generated by the system, etc. information.

在生成商品订单之后,客户节点需要将商品采购请求消息发送给商户节点,由商户节点完成订单确认操作,商户节点用于表示商家在电商平台的登录身份。本发明在执行商品订单确认过程中,对于客户身份验签用到的公钥采用环签名机制。环签名实现的就是利用公钥集合,包含签名者的公钥和签名者自身的私钥对消息进行签名,验证者不能判断公钥集合中实际的签名者具体是谁。本发明的不同之处在于:客户的所有公钥均由安全管理中心分配和管理,客户节点在本地保存自身的公私钥对,客户节点的环签名用到的公钥集合由安全管理中心提供,集合中的所有公钥均属不同客户的合法公钥,环签名数据对于任意第三方虽然是匿名的,但安全管理中心可以通过不同的公钥集合组成回溯签名者的真实身份,并利用这一功能为付款银行节点反馈本次交易是否真正安全的结果,完成支付认证确认。After the commodity order is generated, the customer node needs to send the commodity purchase request message to the merchant node, and the merchant node completes the order confirmation operation. The merchant node is used to indicate the login identity of the merchant on the e-commerce platform. The present invention adopts a ring signature mechanism for the public key used for customer identity verification in the process of executing commodity order confirmation. The realization of ring signature is to use the public key set, including the signer's public key and the signer's own private key to sign the message. The verifier cannot determine who the actual signer in the public key set is. The difference of the present invention lies in that: all public keys of clients are distributed and managed by the security management center, the client node saves its own public-private key pair locally, and the public key set used in the ring signature of the client node is provided by the security management center, All the public keys in the set belong to the legal public keys of different customers. Although the ring signature data is anonymous to any third party, the security management center can form the true identity of the signer through different sets of public keys, and use this The function is for the payment bank node to feed back the result of whether the transaction is really safe, and complete the payment authentication confirmation.

安全管理中心由具有高信誉度的机构提供服务,如政府的银行等的金融监管机构或网络安全管理机构,由于这些部门拥有国家信誉做担保,相比于传统的第三方支付平台(如支付宝)具有更高的安全性和系统可靠性。客户节点和商户节点的身份标识与公钥一一对应,用于确定客户和商户的真实身份。The security management center is provided by institutions with high reputation, such as government banks and other financial regulators or network security management institutions. Because these departments have national reputation as a guarantee, compared to traditional third-party payment platforms (such as Alipay) Has higher security and system reliability. The identities of customer nodes and merchant nodes correspond one-to-one with public keys, which are used to determine the real identities of customers and merchants.

客户公钥集合的具体生成过程为:The specific generation process of the client public key set is as follows:

在生成商品订单之后,客户节点c在本地生成随机数rc,利用自身的私钥对随机数rc、客户身份标识IDc进行签名获得客户签名数据SIGc,并利用安全管理中心的公钥对客户签名数据SIGc、随机数rc、客户身份标识IDc进行加密后发送给安全管理中心。After the commodity order is generated, the client node c generates a random number rc locally, uses its own private key to sign the random number rc and the client identity ID c to obtain the client signature data SIG c , and uses the public key of the security management center The customer signature data SIG c , random number rc , and customer identity ID c are encrypted and sent to the security management center .

安全管理中心s利用私钥解密后,提取客户身份标识IDc对应的公钥对客户签名数据SIGc验签,在确认为真时在本地生成随机数rs_1,将随机数rc与随机数rs_1级联后执行N次哈希迭代运算,以每次哈希运算获得的哈希值hi(1≤i≤N)作为指针索引位数组中对应位,并提取所在位索引的公钥,将提取的N个公钥组成客户公钥集合,然后利用客户的公钥再次加密后回传给客户节点,客户节点利用自身的私钥解密获取客户公钥集合。After decrypting with the private key, the security management center s extracts the public key corresponding to the customer's identity ID c to verify the signature of the customer's signature data SIG c , generates a random number rs_1 locally when the confirmation is true, and compares the random number rc with the random number After r s_1 is cascaded, perform N hash iteration operations, take the hash value h i (1≤i≤N) obtained by each hash operation as the corresponding bit in the pointer index bit array, and extract the public key of the bit index , the extracted N public keys are formed into a client public key set, and then encrypted again with the client's public key and sent back to the client node, and the client node decrypts with its own private key to obtain the client public key set.

如图2所示位数组结构,位数组是按位索引数据库中存储的不同客户节点或商户节点所属的公钥。以图2为例,设定位数组的长度为2t位,其中每一位在数据库中指向一个客户公钥或商户公钥,因此,位数组的长度需要不小于所有已注册客户公钥或商户公钥的个数,且位数组中的位不能留空避免提取出空值的情况,多个位可以指向同一个客户公钥或商户公钥,公钥的指引规则可由随机算法自动生成也可由人工选择分派。将第i次哈希迭代运算获得的哈希值hi取整后,将转换的十进制散列数指向位数组中对应位,然后继续从数据库中提取该位保存的公钥数据。当已注册客户公钥和商户公钥不断增多时,通过对位数组扩展能够使其满足签名用户需求。The bit array structure is shown in Figure 2. The bit array is the public key of different customer nodes or merchant nodes stored in the bit-by-bit index database. Taking Figure 2 as an example, the length of the bit array is set to 2 t bits, each of which points to a customer public key or merchant public key in the database. Therefore, the length of the bit array needs to be no less than all registered customer public keys or The number of merchant public keys, and the bits in the bit array cannot be left blank to avoid extraction of null values. Multiple bits can point to the same customer public key or merchant public key. The guidelines for public keys can be automatically generated by random algorithms. Assignments can be manually selected. After rounding the hash value h i obtained by the ith hash iteration operation, point the converted decimal hash number to the corresponding bit in the bit array, and then continue to extract the public key data stored in this bit from the database. When the number of registered customer public keys and merchant public keys continue to increase, the expansion of the bit array can make it meet the needs of signature users.

安全管理中心对客户公钥集和商户公钥集实施物理隔离,客户公钥集和商户公钥集分别由客户认证中心和商户认证中心负责管理,并为交易中的各参与方提供不同的使用权限。安全管理中心为客户节点和商户节点提供签名所需的公钥集合,客户认证中心和商户认证中心分别为商户节点和支付网关提供指定的查询端口,用于完成环签名验签工作。The security management center physically isolates the customer public key set and the merchant public key set. The customer public key set and the merchant public key set are managed by the customer authentication center and the merchant authentication center respectively, and provide different usages for each participant in the transaction. permissions. The security management center provides the customer node and the merchant node with the public key set required for signature, and the customer authentication center and the merchant authentication center respectively provide the merchant node and the payment gateway with designated query ports to complete the ring signature verification work.

客户节点利用客户公钥集合为商品订单生成第一环签名数据。假设签名者在创建环签名时任意选取了N个用户,每一个用户Ai都拥有一个公钥PKi和私钥SKi,我们可以定义一个混合函数,如

Figure BDA0003525537060000091
Figure BDA0003525537060000092
Ck,v(y1,y2,...,yN)对于任意一组输入(y1,y2,...,yN)均可解,但是对于攻击者而言,如果不能求出陷门函数g1,g2,...,gN的逆函数,则给定Ck,v(g1(x1),g2(x2),...,gN(xN))无法求出x1,x2,...,xN。此过程具体需要执行以下3个算法keyGen()、Sign()和Verify()。The client node uses the client public key set to generate first ring signature data for the commodity order. Assuming that the signer arbitrarily selects N users when creating a ring signature, and each user A i has a public key PK i and a private key SK i , we can define a mixing function, such as
Figure BDA0003525537060000091
Figure BDA0003525537060000092
C k, v (y 1 , y 2 , ..., y N ) can be solved for any set of inputs (y 1 , y 2 , ..., y N ), but for the attacker, if not Find the inverse function of the trapdoor functions g 1 , g 2 , ..., g N , then given C k, v (g 1 (x 1 ), g 2 (x 2 ), ..., g N ( x N )) cannot find x 1 , x 2 , ..., x N . This process specifically needs to execute the following three algorithms keyGen(), Sign() and Verify().

密钥生成算法:keyGen()Key generation algorithm: keyGen()

假设keyGen()是一个概率多项式函数,其中输入为设定的安全参数λ,输出为公钥PKi和私钥SKi,此密钥对由安全管理中心生成并分配给指定的客户或商户节点,可采用如RSA、ElGamal等经典公钥加密算法。Assuming that keyGen() is a probability polynomial function, the input is the set security parameter λ, and the output is the public key PKi and the private key SKi. This key pair is generated by the security management center and assigned to the specified customer or merchant node. Classic public key encryption algorithms such as RSA and ElGamal are used.

签名算法:Sign()Signature algorithm: Sign()

客户节点使用自身的私钥SKc和客户公钥集对信息M进行签名,此时的M即为商品订单数据,生成环签名σ。The client node uses its own private key SK c and the client public key set to sign the information M, where M is the commodity order data, and a ring signature σ is generated.

1、由安全管理中心为签名者提供环公钥集合L={PK1,PK2,...PKN},其中每一个PKi与一个变换的yi相关;1. The security management center provides the signer with a ring public key set L={PK 1 , PK 2 , ... PK N }, where each PK i is related to a transformed y i ;

2、计算k=H(M),其中H表示哈希运算,k作为对称加密算法Ek的密钥;2. Calculate k=H(M), where H represents the hash operation, and k is the key of the symmetric encryption algorithm E k ;

3、选择一个随机数v,初始值v∈{0,1}b3. Select a random number v, the initial value v∈{0, 1} b ;

4、生成随机数xi(i=1,2,...N,i≠c),即签名者为除自身以外的其他所有客户公钥分配随机数xi,根据xi计算对应的yi=g(xi);4. Generate a random number xi (i=1, 2,...N, i≠c), that is, the signer assigns a random number xi to all customer public keys except itself, and calculates the corresponding y according to xi i =g(x i );

5、求解方程Ck,v(y1,y2,...,yN)=v,得出签名者的对应值yc5. Solve the equation C k, v (y 1 , y 2 , ..., y N )=v, and obtain the corresponding value y c of the signer;

6、签名者根据陷门知识,求解对应的

Figure BDA0003525537060000093
6. According to the trapdoor knowledge, the signer solves the corresponding
Figure BDA0003525537060000093

7、生成一个(2N+1)元组的环签名σ=(PK1,PK2,...PKN,v,x1,x2,...,xN)。7. Generate a ring signature σ=(PK 1 , PK 2 , . . . PK N , v, x 1 , x 2 , . . . , x N ) of a (2N+1) tuple.

验签算法:Verify()Signature verification algorithm: Verify()

1、根据xi计算yi=g(xi),获得(y1,y2,...,yN);1. Calculate y i =g(x i ) according to x i to obtain (y 1 , y 2 ,...,y N );

2、计算k=H(M);2. Calculate k=H(M);

3、将上述参数代入环方程Ck,v(y1,y2,...,yN)=v,验证此等式是否成立,如果成立则表明验证成功,输出“True”,否则表明验证失败,输出“False”。3. Substitute the above parameters into the ring equation C k, v (y 1 , y 2 , ..., y N )=v, and verify whether this equation holds. If it holds, it indicates that the verification is successful, and outputs "True", otherwise it indicates that Validation fails with "False" output.

对于攻击者来说,即便获得所有环成员的私钥,其能够正确判断出真正签名者的概率不超过1/N。For an attacker, even if he obtains the private keys of all ring members, the probability that he can correctly determine the true signer does not exceed 1/N.

客户节点在执行第一环签名之后,需要将本次交易选择的付款账户信息隐藏,并随商品订单一起发送给商户节点,具体通过与安全管理中心协商的第一主控密钥对付款账户信息执行加密操作。After the client node executes the first ring signature, it needs to hide the payment account information selected for this transaction and send it to the merchant node together with the commodity order. Specifically, the payment account information is paired with the first master key negotiated with the security management center. Perform cryptographic operations.

本发明采用的是Diffie-Hellman密钥交换算法,实现的密钥交换过程为:The present invention adopts the Diffie-Hellman key exchange algorithm, and the realized key exchange process is:

客户节点设置秘密值xc,计算公开参数

Figure BDA0003525537060000101
q表示大素数,g表示有限域GF(q)上的一个生成元,将公开参数yc和随机数rc一起发送给安全管理中心;The client node sets the secret value x c , calculates the public parameter
Figure BDA0003525537060000101
q represents a large prime number, g represents a generator on the finite field GF(q), and the public parameter y c and the random number rc are sent to the security management center together;

安全管理中心设置秘密值xs_1,计算公开参数

Figure BDA0003525537060000102
然后结合公开参数yc和随机数rs_1进一步生成第一主控密钥:The security management center sets the secret value x s_1 and calculates the public parameters
Figure BDA0003525537060000102
Then combine the public parameter y c and the random number rs_1 to further generate the first master key:

Figure BDA0003525537060000103
Figure BDA0003525537060000103

安全管理中心将公开参数ys_1和随机数rs_1一起发送给客户节点;The security management center sends the public parameter y s_1 together with the random number r s_1 to the client node;

客户节点根据秘密值xc、公开参数ys_1和随机数rc进一步生成第一主控密钥:The client node further generates the first master key according to the secret value x c , the public parameter y s_1 and the random number rc:

Figure BDA0003525537060000104
Figure BDA0003525537060000104

即ksc=kcs,以此作为双方交换得共享密钥,上述DH算法中添加了随机数作为密钥参数变量,使得生成主动密钥随机性更高,提高被破解的难度。That is, k sc = k cs , which is used as a shared key exchanged by both parties. The random number is added as a key parameter variable in the above DH algorithm, so that the generated active key has a higher randomness and is more difficult to be cracked.

在完成付款账户信息的加密操作后,客户节点利用商户节点的公钥对第一环签名数据、商品订单加密,将密文随商品采购请求消息一起发送给商户节点。After completing the encryption operation of the payment account information, the client node encrypts the first ring signature data and the commodity order using the public key of the merchant node, and sends the ciphertext to the merchant node together with the commodity purchase request message.

商户节点解密后获得第一环签名数据和商品订单,从客户认证中心查询客户公钥集合中所有的公钥是否存在,如果集合中存在未能识别的客户公钥,则表明签名数据存在错误或者被恶意篡改,向客户节点反馈客户认证失败消息,否则继续对第一环签名执行验签操作,如果验签结果不正确,同样向客户节点反馈客户认证失败消息,如果验签结果正确,表明客户节点身份合法且商品订单的数据完整。After decryption, the merchant node obtains the first-ring signature data and the commodity order, and checks whether all the public keys in the customer public key set exist from the customer certification center. If it is maliciously tampered with, feedback the client authentication failure message to the client node. Otherwise, continue to perform the signature verification operation on the first ring signature. If the signature verification result is incorrect, it also returns the client authentication failure message to the client node. If the signature verification result is correct, it indicates that the client The node identity is legal and the data of the commodity order is complete.

进一步地,商户节点需要向支付网关(或第三支付平台)发送支付请求消息,由支付网关对商户节点进行验证。支付请求消息中包括商户结算单、客户公钥集合、商品订单及签名数据。商户节点利用商户公钥集合为客户公钥集合、商品订单、商户结算单签名,生成第二环签名数据。商户结算单包括商户身份标识、收款银行身份标识、由第二主控密钥加密的收款账户信息,即对商户节点设定的收款账户信息实施隐藏,并利用支付网关的公钥对第二环签名数据、客户公钥集合、商品订单、商户结算单再次加密,将密文随支付请求消息一起发送给支付网关。Further, the merchant node needs to send a payment request message to the payment gateway (or the third payment platform), and the payment gateway verifies the merchant node. The payment request message includes the merchant settlement slip, the customer public key set, the commodity order and the signature data. The merchant node uses the merchant public key set to sign the customer public key set, the commodity order, and the merchant settlement slip, and generates the second ring signature data. The merchant settlement form includes the merchant identification, the receiving bank identification, and the collection account information encrypted by the second master key, that is, the collection account information set by the merchant node is hidden, and the public key of the payment gateway is used to pair the payment gateway. The second ring signature data, customer public key set, commodity order, and merchant settlement are encrypted again, and the ciphertext is sent to the payment gateway together with the payment request message.

商户公钥集合的具体生成过程为:The specific generation process of the merchant public key set is as follows:

在生成商户结算单之后,商户节点m在本地生成随机数rm,利用自身的私钥对随机数rm、商户身份标识IDm进行签名获得商户签名数据SIGm,并利用安全管理中心的公钥对商户签名数据SIGm、随机数rm、商户身份标识IDm进行加密后发送给安全管理中心。After generating the merchant settlement slip, the merchant node m generates a random number rm locally, uses its own private key to sign the random number rm and the merchant identity IDm to obtain the merchant signature data SIG m , and uses the public key of the security management center The merchant signature data SIG m , the random number rm , and the merchant identity ID m are encrypted and sent to the security management center.

安全管理中心s利用私钥解密后,提取商户身份标识IDm对应的公钥对商户签名数据SIGm验签,在确认为真时在本地生成随机数rs_2,将随机数rm与随机数rs_2级联后执行M次哈希迭代运算,以每次哈希运算获得的哈希值hj(1≤j≤M)作为指针索引位数组中对应位,并提取所在位索引的公钥,将提取的M个公钥组成商户公钥集合。然后利用商户的公钥再次加密后回传给商户节点,商户节点利用自身的私钥解密获取商户公钥集合。其中位数组按位索引数据库中存储的不同商户节点所属的公钥。After decrypting with the private key, the security management center s extracts the public key corresponding to the merchant's identity ID m to verify the signature of the merchant's signature data SIG m , generates a random number rs_2 locally when it is confirmed to be true, and combines the random number r m with the random number After r s_2 is cascaded, perform M hash iteration operations, use the hash value h j (1≤j≤M) obtained by each hash operation as the corresponding bit in the pointer index bit array, and extract the public key of the bit index , and the extracted M public keys form a merchant public key set. Then use the merchant's public key to encrypt again and send it back to the merchant node, and the merchant node decrypts it with its own private key to obtain the merchant public key set. The bit array bit-by-bit indexes the public keys of different merchant nodes stored in the database.

第二主控密钥与前述密钥交换算法一致,具体的密钥交换过程为:The second master key is consistent with the aforementioned key exchange algorithm, and the specific key exchange process is:

商户节点设置秘密值xm,计算公开参数

Figure BDA0003525537060000111
将公开参数ym和随机数rm一起发送给安全管理中心;The merchant node sets the secret value x m and calculates the public parameters
Figure BDA0003525537060000111
Send the public parameter y m together with the random number r m to the security management center;

安全管理中心设置秘密值xs_2,计算公开参数

Figure BDA0003525537060000112
然后结合公开参数ym和随机数rs_2进一步生成第二主控密钥:The security management center sets the secret value x s_2 and calculates the public parameters
Figure BDA0003525537060000112
Then combine the public parameter y m and the random number rs_2 to further generate the second master key:

Figure BDA0003525537060000113
Figure BDA0003525537060000113

安全管理中心将公开参数ys_2和随机数rs_2一起发送给商户节点;The security management center sends the public parameter y s_2 and the random number r s_2 to the merchant node together;

商户节点根据公开参数ys_2、秘密值xm和随机数rm进一步生成第二主控密钥:The merchant node further generates the second master key according to the public parameter y s_2 , the secret value x m and the random number rm :

Figure BDA0003525537060000114
Figure BDA0003525537060000114

其中,ksm=kms,以此作为安全管理中心与商户之间交换的共享密钥。Wherein, k sm =k ms , which is used as the shared key exchanged between the security management center and the merchant.

在完成收款账户信息的加密操作后,商户节点利用支付网关的公钥对第二环签名数据、客户公钥集合、商品订单、商户结算单再次加密,将密文支付请求消息一起发送给支付网关。After completing the encryption operation of the receiving account information, the merchant node uses the public key of the payment gateway to encrypt the second ring signature data, the customer public key set, the commodity order, and the merchant settlement again, and sends the ciphertext payment request message to the payment gateway. gateway.

支付网关利用自身私钥解密后,获得第二环签名数据、客户公钥集合、商品订单、商户结算单,从商户认证中心查询商户公钥集合中所有的公钥是否存在,如果其中存在非法商户公钥,则向商户节点反馈商户认证失败消息,否则继续对第二环签名执行验签,如果验签结果不正确,则向商户节点反馈商户认证失败消息,如果验签结果正确,利用付款银行节点的公钥对客户公钥集合、商户公钥集合、商品订单、商户结算单加密后发送给付款银行节点。After the payment gateway decrypts with its own private key, it obtains the second ring signature data, customer public key set, commodity order, and merchant settlement statement, and checks whether all public keys in the merchant public key set exist from the merchant authentication center. If there is an illegal merchant If the public key is used, the merchant's authentication failure message will be fed back to the merchant node. Otherwise, the second ring signature will continue to be verified. If the signature verification result is incorrect, the merchant's authentication failure message will be fed back to the merchant node. If the signature verification result is correct, use the payment bank. The public key of the node encrypts the customer public key set, the merchant public key set, the commodity order, and the merchant settlement slip and sends it to the paying bank node.

支付网关只负责执行对商户身份合法性的认证,以及商品订单、商户结算单的数据完整性的检验,并不参与客户节点的身份认证,支付网关虽然能够通过订单获知客户的身份标识信息,但无法将其与对应的公钥关联,保护了客户的隐私,且交易双方的银行账户对支付网关是不可见的,攻击者即便入侵支付网关或第三方支付平台也无法获取具体的交易账户信息。The payment gateway is only responsible for the verification of the legitimacy of the merchant's identity and the verification of the data integrity of the commodity order and the merchant's settlement statement, and does not participate in the identity authentication of the customer node. Although the payment gateway can obtain the customer's identity information through the order, It cannot be associated with the corresponding public key, which protects the privacy of customers, and the bank accounts of both parties to the transaction are invisible to the payment gateway. Even if the attacker invades the payment gateway or third-party payment platform, the specific transaction account information cannot be obtained.

付款银行节点在解密密文后,获得客户公钥集合、商户公钥集合、商品订单、商户结算单,提取商品订单中的客户身份标识、商户结算单中的商户身份标识、客户公钥集合和商户公钥集合并发送给安全管理中心,安全管理中心根据客户公钥集合和商户公钥集合索引对应的客户身份标识、第一主控密钥、商户身份标识、第二主控密钥,并通过两者的共享密钥加密后发送给付款银行节点。所述的共享密钥可由双方在初始签约服务时共同协商完成,或通过线下更为安全的方式通过物理存储器传递。After decrypting the ciphertext, the paying bank node obtains the customer public key set, the merchant public key set, the commodity order, the merchant settlement slip, and extracts the customer ID in the commodity order, the merchant identification in the merchant settlement, the customer public key set and Merchant public key set and sent to the security management center. It is encrypted by the shared key of the two and sent to the paying bank node. The shared key can be negotiated and completed by both parties during the initial signing of the service, or it can be transmitted through a physical memory in a more secure offline manner.

安全管理中心为客户节点和商户节点分别设置客户安全参数映射表和商户安全参数映射表。The security management center sets the customer security parameter mapping table and the merchant security parameter mapping table for the customer node and the merchant node respectively.

客户安全参数映射表中的表项包括:第一表项标识、客户公钥集合、客户身份标识、第一主控密钥,通过将客户公钥集合级联后执行哈希运算,以计算获得的哈希值hcThe entries in the client security parameter mapping table include: the first entry identifier, the client public key set, the client identity identifier, and the first master key. By concatenating the client public key set and performing a hash operation, the calculation is obtained. The hash value h c :

he=Hash(PKi||PK2||...PKN-1||PKN)h e =Hash(PK i ||PK 2 ||...PK N-1 ||PK N )

将hc作为第一表项标识,用于索引对应的表项,使得客户公钥集合与客户身份标识、第一主控密钥在安全管理中心形成第一映射关系,上述公钥是按位数组中所在位的顺序级联。以客户安全参数映射表为例,每个表项可表示为:Take h c as the first entry identifier, which is used to index the corresponding entry, so that the client public key set, the client identity identifier, and the first master key form a first mapping relationship in the security management center, and the above public key is a bitwise The order of the bits in the array is concatenated. Taking the customer security parameter mapping table as an example, each table entry can be expressed as:

第一表项标识first entry identifier 客户公钥集合client public key set 客户身份标识Customer ID 第一主控密钥first master key h<sub>c</sub>h<sub>c</sub> LL ID<sub>c</sub>ID<sub>c</sub> k<sub>sc</sub>k<sub>sc</sub>

商户安全参数映射表中的表项包括:第二表项标识、商户公钥集合、商户身份标识、第二主控密钥,采用上述同样的方式,通过将商户公钥集合级联后执行哈希运算,以计算获得的哈希值作为第二表项标识,用于索引对应的表项,使得商户公钥集合与商户身份标识、第二主控密钥在安全管理中心形成第二映射关系。The entries in the merchant security parameter mapping table include: the second entry identifier, the merchant public key set, the merchant identity identifier, and the second master key. In the same way as above, the hash is executed by concatenating the merchant public key set. The hash value obtained by the calculation is used as the second entry identifier, which is used to index the corresponding entry, so that the merchant public key set, the merchant identity identifier, and the second master key form a second mapping relationship in the security management center .

当安全管理中心同时查询到第一表项标识和第二表项标识对应的表项时,从中提取客户身份标识、第一主控密钥、商户身份标识、第二主控密钥,在进一步确认接收到的客户身份标识、商户身份标识与映射表中记录一致时,将第一、第二主控密钥通过秘密方式发送给付款银行节点。When the security management center simultaneously queries the entries corresponding to the first entry identifier and the second entry identifier, it extracts the customer identity identifier, the first master control key, the merchant identity identifier, and the second master control key. When it is confirmed that the received customer ID and merchant ID are consistent with the records in the mapping table, the first and second master keys are sent to the paying bank node in a secret way.

付款银行节点解密后提取第一主控密钥和第二主控密钥,利用第一主控密钥从商品订单中解密获得付款账户信息,利用第二主控密钥从商户结算单中解密获得收款账户信息,然后,向客户节点发送支付确认请求消息,此时支付确认请求消息由第一主控密钥加密。After decryption, the paying bank node extracts the first master key and the second master key, uses the first master key to decrypt the commodity order to obtain payment account information, and uses the second master key to decrypt the merchant's settlement slip Obtain the payment account information, and then send a payment confirmation request message to the client node. At this time, the payment confirmation request message is encrypted by the first master key.

客户节点解密后在验证支付确认请求消息无误后,将含有支付密码口令的支付确认消息反馈给付款银行节点,支付确认消息同样由第一主控密钥加密。支付密码口令可以包含具有用户生物特征的人脸识别数据或由移动网络提供的短信等的验证消息。After decryption, the client node returns the payment confirmation message containing the payment password to the paying bank node after verifying that the payment confirmation request message is correct, and the payment confirmation message is also encrypted by the first master key. The payment password password may contain facial recognition data with the user's biometric features or a verification message such as a text message provided by the mobile network.

付款银行节点再次解密密文后,在验证支付确认消息无误后,按客户指定的付款账户向商户指定的收款账户转账,在转账凭证或存单中记录有本次交易的订单编号等摘要消息。在支付成功后,付款银行节点向客户节点发送支付成功消息,收款银行节点向商户节点发送收款成功消息并附有本次交易的订单编号消息,由商户节点根据订单向指定的客户提供商品或服务。After the payment bank node decrypts the ciphertext again, and after verifying that the payment confirmation message is correct, it transfers money to the payment account designated by the merchant according to the payment account designated by the customer, and the order number and other summary messages of the transaction are recorded in the transfer certificate or deposit certificate. After the payment is successful, the paying bank node sends a payment success message to the customer node, and the receiving bank node sends a payment success message to the merchant node with the order number message of this transaction, and the merchant node provides the specified customer with the goods according to the order. or service.

为实现上述电子支付方法,本发明还提供了一种交易账户匿名支付系统,如图3所示,该系统具体包括:客户端、商户服务端、安全管理中心、客户认证中心、商户认证中心、支付网关、付款银行终端、收款银行终端。In order to realize the above electronic payment method, the present invention also provides a transaction account anonymous payment system, as shown in Figure 3, the system specifically includes: a client, a merchant server, a security management center, a customer authentication center, a merchant authentication center, Payment gateway, payment bank terminal, receiving bank terminal.

客户端:设置于用户终端设备内,如手机终端或个人计算机终端,客户节点通过客户端获取电商平台提供的商品选购服务,利用客户公钥集合为商品订单生成第一环签名数据,并通过加密方式向商户服务端发送含有第一环签名数据和商品订单的商品采购请求消息,验证支付确认请求消息真伪,在确定为真后将含有支付密码口令的支付确认消息通过加密方式发送给付款银行终端。Client: Set in the user terminal equipment, such as mobile phone terminal or personal computer terminal, the client node obtains the commodity purchase service provided by the e-commerce platform through the client, and uses the customer public key set to generate the first ring signature data for the commodity order, and Send the commodity purchase request message containing the first ring signature data and commodity order to the merchant server through encryption, verify the authenticity of the payment confirmation request message, and send the payment confirmation message containing the payment password to the merchant server by encryption. Payment bank terminal.

商户服务端:设置于商户节点的远程终端,通过设计的电商平台在网络中为客户端提供商品选购服务,利用客户认证中心提供的客户公钥查询端口验证商品采购请求消息中的第一环签名数据真伪,利用商户公钥集合为第一环签名数据验证为真的客户公钥集合、商品订单、商户结算单签名,生成第二环签名数据,并通过加密方式向支付网关发送含有第二环签名数据、客户公钥集合、商品订单、商户结算单的支付请求消息,接收并根据收款成功消息为客户端提供指定的商品。Merchant server: a remote terminal set at the merchant node, which provides the client with commodity purchase services in the network through the designed e-commerce platform, and uses the customer public key query port provided by the customer authentication center to verify the first item in the commodity purchase request message. The authenticity of the ring signature data is verified by using the merchant public key set to verify that the first ring signature data is true. The customer public key set, the commodity order, and the merchant settlement form are signed, and the second ring signature data is generated, and sent to the payment gateway by encryption. The second ring signature data, the customer public key set, the commodity order, the payment request message of the merchant's settlement statement, receive and provide the client with the specified commodity according to the payment success message.

安全管理中心:负责为客户端和商户服务端提供用于环签名的公钥数据集、用于收付款账户信息加密的主控密钥参数,为客户认证中心和商户认证中心提供实时更新的客户公钥和商户公钥,验证付款银行终端提供的客户公钥集合和商户公钥集合真伪,在确定为真后根据客户公钥集合和商户公钥集合索引对应的客户身份标识、第一主控密钥、商户身份标识、第二主控密钥,并通过加密方式发送给付款银行终端。Security Management Center: Responsible for providing the client and merchant server with the public key data set used for ring signature, the master key parameters used for encryption of payment account information, and providing real-time updated customers for the customer authentication center and the merchant authentication center The public key and the merchant public key are used to verify the authenticity of the customer public key set and the merchant public key set provided by the payment bank terminal. control key, merchant identification, and second master control key, and send them to the payment bank terminal in an encrypted manner.

支付网关:利用商户认证中心提供的商户公钥查询端口验证支付请求消息中的第二环签名数据真伪,通过加密方式将第二环签名数据验证为真的客户公钥集合、商户公钥集合、商品订单、商户结算单发送给付款银行终端。Payment gateway: use the merchant public key query port provided by the merchant authentication center to verify the authenticity of the second ring signature data in the payment request message, and verify the second ring signature data as the true customer public key set and merchant public key set by encryption , commodity orders, and merchant settlement slips are sent to the payment bank terminal.

付款银行终端:通过安全管理中心验证客户公钥集合和商户公钥集合真伪,利用安全管理中心提供的第一主控密钥和第二主控密钥解密获得付款账户信息和收款账户信息,通过加密方式向客户端发送支付确认请求消息,验证客户端反馈的支付确认消息真伪,在确定为真后按客户指定的付款账户向商户指定的收款账户转账,同时将支付成功消息发送给客户端。Paying bank terminal: verify the authenticity of the customer public key set and the merchant public key set through the security management center, and use the first master key and the second master key provided by the security management center to decrypt to obtain payment account information and collection account information , send a payment confirmation request message to the client through encryption, verify the authenticity of the payment confirmation message fed back by the client, and transfer the payment to the payment account designated by the merchant according to the payment account designated by the customer after it is confirmed to be true, and send the payment success message at the same time. to the client.

收款银行终端:接收付款银行终端的付款,同时将收款成功消息发送给商户服务端。Receiving bank terminal: Receive the payment from the paying bank terminal, and send the payment success message to the merchant server at the same time.

客户认证中心:接收安全管理中心提供的客户公钥,并完成本地客户公钥集的更新,为商户服务端提供用于客户公钥查询的端口。Customer Authentication Center: Receive the customer public key provided by the security management center, complete the update of the local customer public key set, and provide the merchant server with a port for customer public key query.

商户认证中心:接收安全管理中心提供的商户公钥,并完成本地商户公钥集的更新,为支付网关提供用于商户公钥查询的端口。Merchant Authentication Center: Receive the merchant public key provided by the security management center, complete the update of the local merchant public key set, and provide the payment gateway with a port for merchant public key query.

尽管已经采用特定于结构特征和/或方法逻辑动作的语言描述了本主题,但是应当理解所附权利要求书中所限定的主题未必局限于上面描述的特定特征或动作。相反,上面所描述的特定特征和动作仅仅是实现权利要求书的示例形式。Although the subject matter has been described in language specific to structural features and/or logical acts of method, it is to be understood that the subject matter defined in the appended claims is not necessarily limited to the specific features or acts described above. Rather, the specific features and acts described above are merely example forms of implementing the claims.

Claims (7)

1. A method for anonymous payment of a transaction account, comprising:
after the customer nodes generate commodity orders from payment pages of the e-commerce platform, a safety management center provides a customer public key set of a plurality of customer nodes for the customer nodes;
the method comprises the steps that a customer node generates first ring signature data for a commodity order by utilizing a customer public key set, the commodity order comprises an order number, a customer identity, a payment bank identity, commodity details, payment amount and payment account information encrypted by a first master control key, the customer public key set, the customer identity and the first master control key form a first mapping relation in a security management center, the first ring signature data and the commodity order are encrypted by utilizing a public key of a merchant node, and a ciphertext is sent to the merchant node along with a commodity purchasing request message;
the merchant node obtains first ring signature data and a commodity order after decryption, whether all public keys in a customer public key set exist is inquired from a customer authentication center, if not, the signature verification fails, a customer authentication failure message is fed back to the customer node, otherwise, the signature verification is executed on the first ring signature, if the signature verification result is incorrect, the customer authentication failure message is fed back to the customer node, otherwise, the security management center provides the merchant public key set of a plurality of merchant nodes for the merchant node;
the merchant node utilizes the merchant public key set to sign a customer public key set, a commodity order and a merchant settlement list to generate second ring signature data, the merchant settlement list comprises a merchant identity, a payment bank identity and payment account information encrypted by a second master control key, and the merchant public key set, the merchant identity and the second master control key form a second mapping relation in the security management center; encrypting the second ring signature data, the client public key set, the commodity order and the merchant settlement list again by using the public key of the payment gateway, and sending the ciphertext to the payment gateway along with the payment request message;
the payment gateway obtains second ring signature data, a customer public key set, a commodity order and a merchant settlement list after decryption, whether all public keys in the merchant public key set exist is inquired from a merchant authentication center, if not, the signature verification fails, a merchant authentication failure message is fed back to a merchant node, otherwise, the signature verification is executed on the second ring signature, if the signature verification result is incorrect, the merchant authentication failure message is fed back to the merchant node, otherwise, the public key of the payment bank node is used for encrypting the customer public key set, the merchant public key set, the commodity order and the merchant settlement list and then sending the encrypted second ring signature data, the customer public key set, the merchant public key set, the commodity order and the merchant settlement list to the payment bank node;
the payment bank node obtains a customer public key set, a merchant public key set, a commodity order and a merchant settlement list after decryption, extracts the customer public key set and the merchant public key set and sends the customer public key set and the merchant public key set to the security management center, and the security management center indexes a corresponding customer identity, a first master key, a merchant identity and a second master key according to the customer public key set and the merchant public key set and sends the customer identity, the first master key, the merchant identity and the second master key to the payment bank node after encryption by a shared key of the customer public key set and the merchant public key set;
after the payment bank node decrypts the commodity order, a first main control key and a second main control key are extracted, the first main control key is used for decrypting the commodity order to obtain payment account information, the second main control key is used for decrypting the merchant settlement order to obtain collection account information, a payment confirmation request message is sent to the client node, and the payment confirmation request message is encrypted by the first main control key;
after the client node decrypts the payment confirmation request message and verifies that the payment confirmation request message is correct, the payment confirmation message containing the payment password is fed back to the payment bank node, and the payment confirmation message is encrypted by the first master key;
and after the payment confirmation message is verified to be correct after the payment bank node is decrypted, transferring the account to a collection account appointed by the merchant according to the payment account appointed by the customer, and after the payment is successful, respectively sending a payment success message and a collection success message to the customer node and the merchant node by the payment bank node and the collection bank node.
2. The method for anonymous payment on a transaction account according to claim 1, wherein the generation process of the client public key set comprises:
the client node locally generates a random number rcUsing its own private key to match the random number rcCustomer IDcSigning to obtain client signature data SIGcAnd signing the client signature data SIG by using a public key of a security management centercA random number rcCustomer identification IDcEncrypting and sending the encrypted data to a security management center;
the security management center extracts the customer identification ID after decryptioncCorresponding public key-to-client signature data SIGcChecking the label, and locally generating a random number r when the confirmation is trues_1A random number rcAnd a random number rs_1After cascading, executing N times of Hash iterative operations to obtain Hash value h by each time of Hash operationiThe public key of the index of the position is extracted as the corresponding position in the pointer index position array, and the position array is used for indexing the public keys of different client nodes stored in the database according to the position;
and composing the extracted N public keys into a client public key set.
3. The method for anonymously paying for a transaction account according to claim 2, wherein the first master key is generated by:
client node sets secret value xcCalculating public parameters
Figure FDA0003525537050000021
Will disclose the parameter ycAnd a random number rcSending the data to a safety management center;
security management center sets secret value xs_1Calculating public parameters
Figure FDA0003525537050000022
Then combining the public parameter ycAnd a random number rs_1Further generating a first master key:
Figure FDA0003525537050000023
the security management center will disclose the parameter ys_1And a random number rs_1Sent to the customer node together;
the client node depends on the secret value xcPublic parameter ys_1And a random number rcFurther generating a first master key:
Figure FDA0003525537050000024
wherein k issc=kcsQ denotes the large prime number and g denotes a generator over the finite field gf (q).
4. The anonymous payment method for transaction account as set forth in claim 1, wherein the generation process of the merchant public key set comprises:
commercial tenant node locally generates random number rmUsing its own private key to match the random number rmMerchant identity IDmSigning to obtain merchant signature data SIGmAnd signing the merchant signature data SIG by using the public key of the security management centermA random number rmMerchant identity IDmEncrypting and sending the encrypted data to a security management center;
extracting the identity ID of the merchant after decryption by the security management centermCorresponding public key pair merchant signature data SIGmChecking the label, and locally generating a random number r when the confirmation is trues_2A random number rmAnd a random number rs_2Executing M times of Hash iterative operation after cascade connection, and obtaining Hash value h by Hash operation each timejThe public key of the index bit array is extracted as the corresponding bit in the pointer index bit array, and the bit array is used for storing the public keys of different merchant nodes in a bit index database;
and forming a merchant public key set by the extracted M public keys.
5. The method for anonymous payment from a transaction account as claimed in claim 4, wherein the second key is generated by:
merchant node setting secret value xmCalculating public parameters
Figure FDA0003525537050000031
Will disclose the parameter ymAnd a random number rmSending the data to a safety management center;
security management center sets secret value xs_2Calculating public parameters
Figure FDA0003525537050000032
Then combining the public parameter ymAnd a random number rs_2Further generating a second master key:
Figure FDA0003525537050000033
the security management center will disclose the parameter ys_2And a random number rs_2Sending the data to the merchant node together;
the merchant node is according to the public parameter ys_2Secret value xmAnd a random number rmFurther generating a second master key:
Figure FDA0003525537050000034
wherein k issm=kmsQ denotes the large prime number and g denotes a generator over the finite field gf (q).
6. The anonymous payment method for transaction account as set forth in claim 1, wherein the security management center sets a customer security parameter mapping table and a merchant security parameter mapping table for the customer node and the merchant node, respectively;
the entries in the client security parameter mapping table include: the method comprises the steps that a first table item identifier, a client public key set, a client identity identifier and a first master key are used for performing hash operation after the client public key set is cascaded, and a hash value obtained through calculation is used as the first table item identifier and used for indexing a corresponding table item;
the entries in the merchant security parameter mapping table include: and the second table item identifier, the merchant public key set, the merchant identity identifier and the second master key are used for performing hash operation after the merchant public key set is cascaded, and taking a hash value obtained by calculation as the second table item identifier for indexing the corresponding table item.
7. A transaction account anonymous payment system, the system comprising: the system comprises a client, a merchant server, a safety management center, a client authentication center, a merchant authentication center, a payment gateway, a payment bank terminal and a collection bank terminal;
a client: the system comprises a client node, a payment bank terminal and a payment password server, wherein the client node is arranged in the user terminal equipment, acquires a commodity purchasing service provided by a merchant platform through a client, generates first ring signature data for a commodity order by using a client public key set, sends a commodity purchasing request message containing the first ring signature data and the commodity order to the merchant server in an encryption mode, verifies the authenticity of the payment confirmation request message, and sends the payment confirmation message containing the payment password to the payment bank terminal in the encryption mode after the payment confirmation message is determined to be authentic;
the merchant server side: the system comprises a remote terminal arranged at a merchant node, a client side is provided with commodity purchasing service in a network through a designed e-commerce platform, a client public key inquiry port provided by a client authentication center is used for verifying the authenticity of first ring signature data in a commodity purchasing request message, a merchant public key set is used for verifying a client public key set, a commodity order and a merchant settlement order signature which are true for the first ring signature data, second ring signature data is generated, a payment request message containing the second ring signature data, the client public key set, the commodity order and the merchant settlement order is sent to a payment gateway in an encryption mode, and specified commodities are received and provided for the client side according to a successful payment message;
the safety management center: the system comprises a client side, a merchant server side, a client public key data set, a master key data set, a client public key set, a merchant public key set, a client identity identification, a merchant identity identification and a second master key, wherein the client side and the merchant server side are responsible for providing a public key data set for ring signature and master key parameters for encrypting payment account information, providing a client public key and a merchant public key which are updated in real time for a client authentication center and a merchant authentication center, verifying whether a client public key set and a merchant public key set provided by a payment bank terminal are true or false, indexing a corresponding client identity identification, a first master key, a merchant identity identification and a second master key according to the client public key set and the merchant public key set after the client public key set and the merchant public key set are determined to be true, and sending the client identity identification, the first master key, the merchant identity identification and the second master key to the payment bank terminal in an encryption mode;
the payment gateway: verifying the authenticity of the second ring signature data in the payment request message by utilizing a merchant public key query port provided by a merchant authentication center, and verifying the second ring signature data as a true customer public key set, a merchant public key set, a commodity order and a merchant settlement order in an encryption mode to send to a payment bank terminal;
payment bank terminal: verifying the authenticity of the client public key set and the merchant public key set through a security management center, decrypting by using a first master key and a second master key provided by the security management center to obtain payment account information and collection account information, sending a payment confirmation request message to a client in an encryption mode, verifying the authenticity of the payment confirmation message fed back by the client, transferring the payment to a collection account appointed by the merchant according to a payment account appointed by the client after the payment confirmation is true, and sending a payment success message to the client;
the collection bank terminal: receiving payment of a payment bank terminal, and sending a successful payment message to a merchant server;
the client authentication center: receiving a customer public key provided by a security management center, completing the update of a local customer public key set, and providing a port for customer public key inquiry for a merchant server;
the merchant authentication center: and receiving a merchant public key provided by the security management center, completing the update of the local merchant public key set, and providing a port for merchant public key query for the payment gateway.
CN202210192720.7A 2022-03-01 2022-03-01 A transaction account anonymous payment method and system Active CN114565382B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210192720.7A CN114565382B (en) 2022-03-01 2022-03-01 A transaction account anonymous payment method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210192720.7A CN114565382B (en) 2022-03-01 2022-03-01 A transaction account anonymous payment method and system

Publications (2)

Publication Number Publication Date
CN114565382A true CN114565382A (en) 2022-05-31
CN114565382B CN114565382B (en) 2025-04-25

Family

ID=81715109

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210192720.7A Active CN114565382B (en) 2022-03-01 2022-03-01 A transaction account anonymous payment method and system

Country Status (1)

Country Link
CN (1) CN114565382B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115760082A (en) * 2022-11-23 2023-03-07 中国银联股份有限公司 Digital payment processing method, device, equipment, system and medium
WO2024149000A1 (en) * 2023-01-13 2024-07-18 中国银联股份有限公司 Payment method and apparatus, and device, medium and product

Citations (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1635525A (en) * 2003-12-31 2005-07-06 中国银联股份有限公司 A secure online payment system and a secure online payment authentication method
CN101616146A (en) * 2009-07-28 2009-12-30 西安电子科技大学 Digital signature authentication system and authentication method based on third party
CN103491533A (en) * 2013-09-23 2014-01-01 上海翰鑫信息科技有限公司 WAP gateway, user WAP terminal, WAP payment system and WAP payment method
CN104574049A (en) * 2013-10-15 2015-04-29 航天信息股份有限公司 Real-time electronic payment and settlement system based on SET (security electronic transaction) protocol
CN104980276A (en) * 2014-04-10 2015-10-14 中国银联股份有限公司 Identity authentication method for security information interaction
CN105761078A (en) * 2016-02-04 2016-07-13 中城智慧科技有限公司 Electronic currency payment system and method thereof
CN105809417A (en) * 2014-12-29 2016-07-27 航天信息股份有限公司 Safe reliable real-time electronic payment settlement merchant terminal, user terminal, bank front-end system, system, and method
CN107067250A (en) * 2015-09-09 2017-08-18 三星电子株式会社 For performing the method and apparatus paid
CN107491944A (en) * 2017-07-25 2017-12-19 贵州眯果创意科技有限公司 It is a kind of using the electronic payment system of set protocol and the payment flow of set protocol
CN108830587A (en) * 2018-04-28 2018-11-16 广东工业大学 A kind of NFC method of mobile payment based on no certificate signature
CN109937557A (en) * 2018-11-27 2019-06-25 阿里巴巴集团控股有限公司 System and method for information protection
US20200184467A1 (en) * 2018-12-07 2020-06-11 MobileCoin System and method for providing a secure transaction network
CN111372248A (en) * 2020-02-27 2020-07-03 南通大学 An efficient anonymous identity authentication method in the Internet of Vehicles environment
CN111784341A (en) * 2019-02-01 2020-10-16 阿里巴巴集团控股有限公司 Block chain transaction method and device, electronic equipment and storage medium
US20210081935A1 (en) * 2019-09-13 2021-03-18 MobileCoin System and method for providing privacy-preserving proofs of membership
US20210160068A1 (en) * 2018-12-14 2021-05-27 Advanced New Technologies Co., Ltd. Data sharing method, apparatus, and system, and electronic device
CN113360867A (en) * 2021-06-18 2021-09-07 厦门时代风科技有限公司 Safe transaction system based on mobile electronic commerce support and collaborative application technology
CN113411384A (en) * 2021-06-10 2021-09-17 华中科技大学 System and method for privacy protection in data security sharing process of Internet of things
CN114565386A (en) * 2022-03-07 2022-05-31 潘林浪 Blockchain custody transaction method and system for multi-party collaborative privacy protection

Patent Citations (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1635525A (en) * 2003-12-31 2005-07-06 中国银联股份有限公司 A secure online payment system and a secure online payment authentication method
CN101616146A (en) * 2009-07-28 2009-12-30 西安电子科技大学 Digital signature authentication system and authentication method based on third party
CN103491533A (en) * 2013-09-23 2014-01-01 上海翰鑫信息科技有限公司 WAP gateway, user WAP terminal, WAP payment system and WAP payment method
CN104574049A (en) * 2013-10-15 2015-04-29 航天信息股份有限公司 Real-time electronic payment and settlement system based on SET (security electronic transaction) protocol
CN104980276A (en) * 2014-04-10 2015-10-14 中国银联股份有限公司 Identity authentication method for security information interaction
CN105809417A (en) * 2014-12-29 2016-07-27 航天信息股份有限公司 Safe reliable real-time electronic payment settlement merchant terminal, user terminal, bank front-end system, system, and method
CN107067250A (en) * 2015-09-09 2017-08-18 三星电子株式会社 For performing the method and apparatus paid
CN105761078A (en) * 2016-02-04 2016-07-13 中城智慧科技有限公司 Electronic currency payment system and method thereof
CN107491944A (en) * 2017-07-25 2017-12-19 贵州眯果创意科技有限公司 It is a kind of using the electronic payment system of set protocol and the payment flow of set protocol
CN108830587A (en) * 2018-04-28 2018-11-16 广东工业大学 A kind of NFC method of mobile payment based on no certificate signature
CN109937557A (en) * 2018-11-27 2019-06-25 阿里巴巴集团控股有限公司 System and method for information protection
US20200184467A1 (en) * 2018-12-07 2020-06-11 MobileCoin System and method for providing a secure transaction network
US20210160068A1 (en) * 2018-12-14 2021-05-27 Advanced New Technologies Co., Ltd. Data sharing method, apparatus, and system, and electronic device
CN111784341A (en) * 2019-02-01 2020-10-16 阿里巴巴集团控股有限公司 Block chain transaction method and device, electronic equipment and storage medium
US20210081935A1 (en) * 2019-09-13 2021-03-18 MobileCoin System and method for providing privacy-preserving proofs of membership
CN111372248A (en) * 2020-02-27 2020-07-03 南通大学 An efficient anonymous identity authentication method in the Internet of Vehicles environment
CN113411384A (en) * 2021-06-10 2021-09-17 华中科技大学 System and method for privacy protection in data security sharing process of Internet of things
CN113360867A (en) * 2021-06-18 2021-09-07 厦门时代风科技有限公司 Safe transaction system based on mobile electronic commerce support and collaborative application technology
CN114565386A (en) * 2022-03-07 2022-05-31 潘林浪 Blockchain custody transaction method and system for multi-party collaborative privacy protection

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
李佩丽;徐海霞;: "区块链用户匿名与可追踪技术", 电子与信息学报, no. 05, 15 May 2020 (2020-05-15), pages 1061 - 1067 *
李晋: ""基于身份密码体制的移动支付安全协议研究"", 《中国优秀硕士学位论文全文数据库信息科技辑》, 15 February 2017 (2017-02-15), pages 138 - 183 *
涂因子 等: ""基于区块链的共享充电粧平台方案设计"", 《数字中国 能源互联——2018电力行业信息化年会论文集》, 15 September 2018 (2018-09-15), pages 221 - 226 *
王宗慧;张胜利;金石;王晖;: "区块链数据隐私保护研究", 物联网学报, no. 03, 30 September 2018 (2018-09-30), pages 75 - 85 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115760082A (en) * 2022-11-23 2023-03-07 中国银联股份有限公司 Digital payment processing method, device, equipment, system and medium
CN115760082B (en) * 2022-11-23 2024-05-17 中国银联股份有限公司 Digital payment processing method, device, equipment, system and medium
WO2024149000A1 (en) * 2023-01-13 2024-07-18 中国银联股份有限公司 Payment method and apparatus, and device, medium and product

Also Published As

Publication number Publication date
CN114565382B (en) 2025-04-25

Similar Documents

Publication Publication Date Title
US11687924B2 (en) Cryptocurrency infrastructure system
US12021850B2 (en) Efficient methods for authenticated communication
JP7602539B2 (en) Quantum Safe Networking
US11349645B2 (en) Determining a common secret for the secure exchange of information and hierarchical, deterministic cryptographic keys
CN109687963B (en) Anti-quantum computing alliance chain transaction method and system based on public key pool
JP7148933B2 (en) Anonymity and traceability of digital property transactions on decentralized transaction agreement networks
JP2023535013A (en) Quantum secure payment system
EP1984890A2 (en) A point-of-sale terminal transaction using mutating identifiers
CN107392603A (en) Use the method for commerce and device of digital cash
GB2549118A (en) Electronic payment system using identity-based public key cryptography
CN106897879A (en) Block chain encryption method based on the PKI CLC close algorithms of isomerization polymerization label
CN114270780A (en) Gateway agnostic tokenization
CN110599164B (en) Supervision-capable quick payment method for any payee under chain
CN114565382B (en) A transaction account anonymous payment method and system
CN115423457A (en) Cross-border financial payment settlement method and system based on block chain
CN107403310A (en) Payment system and its method of payment under quantum Metropolitan Area Network (MAN)
Asmitha et al. Decentralized User Wallet: Transforming Digital Banking with Blockchain
CN114548986A (en) Payment method, payment security code generation method, device, equipment and storage medium
US20250088353A1 (en) Quantum-secure digital currency
Al-Bastaki et al. Task based Interdisciplinary E-Commerce Course with UML Sequence Diagrams, Algorithm Transformations and Spatial Circuits to Boost Learning Information Security Concepts
Tso et al. An off-line mobile payment protocol providing double-spending detection
Tiwari et al. An Efficient and Secure Micro-payment Transaction Using Shell Cryptography
Akinyede et al. A security model for preventing e-commerce related crimes
Nanang et al. How Important is Security Authentication in the Mobile Payment System
WO2025054009A1 (en) Tokenization and detokenization

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right

Effective date of registration: 20250331

Address after: Room 602, Building 13-B, Zilang Science and Technology City, Nantong Innovation Zone, No. 60 Chongzhou Avenue, Nantong City, Jiangsu Province, China 226000

Applicant after: Jiangsu Yaoer Lingjiu Technology Service Co.,Ltd.

Country or region after: China

Address before: 516699 floor 3, Jiexin building, Southeast of Kuishan section, Shanwei Avenue, Shanwei City, Guangdong Province

Applicant before: Wang Zexi

Country or region before: China

TA01 Transfer of patent application right
GR01 Patent grant
GR01 Patent grant