CN101465732B - Method and terminal for ensuring digital certificate safety - Google Patents

Method and terminal for ensuring digital certificate safety Download PDF

Info

Publication number
CN101465732B
CN101465732B CN2007101799030A CN200710179903A CN101465732B CN 101465732 B CN101465732 B CN 101465732B CN 2007101799030 A CN2007101799030 A CN 2007101799030A CN 200710179903 A CN200710179903 A CN 200710179903A CN 101465732 B CN101465732 B CN 101465732B
Authority
CN
China
Prior art keywords
certificate
unit
sub
digital certificate
hardware security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN2007101799030A
Other languages
Chinese (zh)
Other versions
CN101465732A (en
Inventor
李希喆
田宏萍
谢巍
谷云
毛兴中
于辰涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Lenovo Beijing Ltd
Original Assignee
Lenovo Beijing Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Lenovo Beijing Ltd filed Critical Lenovo Beijing Ltd
Priority to CN2007101799030A priority Critical patent/CN101465732B/en
Publication of CN101465732A publication Critical patent/CN101465732A/en
Application granted granted Critical
Publication of CN101465732B publication Critical patent/CN101465732B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

The invention discloses a method for guaranteeing security of digital certificate, which includes that a fixed hardware security unit is registered in a first server; wherein, a bidirectional communication channel exists between the fixed hardware security unit and a mobile hardware security unit which are in binding relation; a digital certificate allocated for the fixed hardware security unit from the first server is received, and the digital certificate is a root certificate; the root certificate generates a sub certificate; the sub certificate is registered in the first server, and is allocated to the mobile hardware safety unit. The invention provides a method and a terminal for guaranteeing security of digital certificate; the security of digital certificate is guaranteed; meanwhile, users can update or delete the digital certificate conveniently.

Description

Guarantee the method for digital certificate safety and guarantee the digital certificate safe terminal
Technical field
The present invention relates to a kind of certificate safety system, refer to a kind of method and assurance digital certificate safe terminal that guarantees digital certificate safety especially.
Background technology
Certificate, the key of existing USBKey and smart card are placed in the safety chip of USBKey and smart card, and this safety chip is as a black box, and this safety chip externally provides authentication and cryptography service function.In typical Net silver was used, USBKey and smart card used as user's identify label.Have a safety chip in the USBKey, and this safety chip need obtain the authentication of bank or server.The digital certificate of server distribution is contained the key that stamped signature uses by the USBKey that is downloaded to of safety in the digital certificate.In the stage that the user is connected with bank or server, obtain the right to use of key by user's identity of affirmation USBKey such as password or other authentication means such as fingerprint.When server is submitted data to, for example " transfer into XX account XX unit " the user, this information will be by the digital certificate stamped signature of USBKey, as the important evidence of confirming user's operation.Simultaneously, the safety chip in the USBKey can also produce user's key, with the data of this secret key encryption, and this secret key decryption that can only be authorized by the user.
Existing USBKey, smart card solution sign user identity, for guaranteeing fail safe, existing digital certificate all is server unified management and the download by the publisher, operations such as the user can't upgrade the digital certificate of USBKey, smart card, newly-increased or granting.Because digital certificate can only be write by publisher's server, this has caused the digital certificate in user's hand, can only be by publisher's server update or destruction.
How a kind of method that guarantees digital certificate safety being provided and guaranteeing the digital certificate safe terminal, can either guarantee the safety of digital certificate, can make things convenient for the user that digital certificate is upgraded again or delete, is those skilled in the art's technical issues that need to address.
Summary of the invention
The purpose of this invention is to provide a kind of method that guarantees digital certificate safety and guarantee the digital certificate safe terminal, be used for to guarantee the safety of digital certificate, can make things convenient for the user that digital certificate is upgraded again or delete.
The invention provides a kind of method that guarantees digital certificates safety, described method comprises:
On first server, register fixed hardware security unit, have both-way communication pipeline between wherein said fixed hardware security unit and mobile hardware safe unit and be mutual binding relationship; Wherein, described fixed hardware security unit is used for the characterization platform identity; Described hardware safe unit is used to characterize user's identity;
The digital certificate that reception and storage issue to described fixed hardware security unit from described first server, described digital certificate is the root certificate;
Described certificate generated sub-certificate;
Described sub-certificate is registered to described first server;
Distribute described sub-certificate to described mobile hardware safe unit.
Preferably, the strategy of described certificate is by the server decision of downloading described certificate, the strategy of described certificate comprises at least: whether the timeliness of digital certificate, digital certificate transportable sign, and whether digital certificate can produce the sign of sub-certificate, and digital certificate produces the restriction of sub-certificate.
Preferably, the relation of described mobile hardware safe unit and fixed hardware security unit binding is specially ad-hoc mode, and the strategy of described certificate comprises whether transportable sign of digital certificate;
Whether digital certificate transportable be masked as transportable, as described digital certificate migration between described fixed hardware security unit and the binding of mobile hardware safe unit of root certificate.
Preferably, the relation of described mobile hardware safe unit and fixed hardware security unit binding is specially collaboration mode, the sub-certificate of described certificate or described certificate generation is split as two parts, is deposited respectively by described mobile hardware safe unit and fixed hardware security unit; Described mobile hardware safe unit is deciphered after described fixed hardware security unit mandate and is obtained described sub-certificate.
Preferably, the relation of described mobile hardware safe unit and fixed hardware security unit binding is specially master slave mode, and promptly described fixed hardware security unit is in the master control status, and described mobile hardware safe unit lays under tribute;
Whether described certificate can produce being masked as of sub-certificate can produce sub-certificate, described fixed hardware security unit produces sub-certificate, and with described sub-certificate to described server or other server registration, the described mobile hardware safe unit lay under tribute is given in the issue of the sub-certificate safety after the registration or migration;
Described certificate has dominant right to control the destruction of described sub-certificate, renewal or granting again.
Preferably, whether digital certificate can produce being masked as of sub-certificate can produce sub-certificate, and the strategy of the described sub-certificate of generation comprises at least: key, described certificates identified, the scope of application, use limit.
Preferably, in the application model of high safety grade, described sub-certificate is stored in described fixed hardware security unit by root certificate or association key encryption;
When sub-certificate need use, determine the legitimacy of described sub-certificate by described fixed hardware security unit, after verification, described fixed hardware security unit deciphering or decruption key is provided.
Preferably, the sub-certificate that digital certificate produced as the root certificate comprises two kinds of forms: pure certificate format and module certificate format;
The sub-certificate of described pure certificate format is identical with the ordinary electronic certificate;
At least comprise in the sub-certificate of described module certificate format: certificate data, certificate calling interface, certificate call executive program, certificate policy, certificate check information, certificate storage user's check information, module encryption/decryption element.
Preferably, described sub-certificate migrates to described mobile hardware safe unit to described server or other server registration;
For the sub-certificate of pure certificate format, described mobile hardware safe unit is directly visited described sub-certificate content;
For the sub-certificate of module certificate format, described mobile hardware safe unit is realized the visit and the modification of described sub-certificate by the certificate calling interface.
Preferably, described mobile hardware safe unit receives described sub-certificate, and described sub-certificate is used as identification identifier;
Described mobile hardware safe unit has journal function, and described fixed hardware security unit is inquired about by the daily record of described mobile hardware safe unit and recalled.
The invention provides a kind of assurance digital certificate safe terminal, comprising:
Fixed hardware security unit is used for the characterization platform identity and preserves the digital certificate that described terminal is downloaded from first server, and described digital certificate is the root certificate; And described certificate generated sub-certificate;
Creating unit is used for creating both-way communication pipeline between mobile hardware safe unit and described fixed hardware security unit; Wherein, described hardware safe unit is used to characterize user's identity;
The binding unit is used for setting up mutual binding relationship between described mobile hardware safe unit and fixed hardware security unit;
Transmitting element is used for sending to described first server register requirement of described fixed hardware security unit, and the register requirement of the sub-certificate that derives from according to described certificate of the described fixed hardware security unit that sends to described first server;
Download unit is used for downloading described digital certificate from described first server;
Memory cell is used to store described digital certificate, and described digital certificate is the root certificate;
Dispatch unit is used for and will distributes described mobile hardware safe unit to the sub-certificate of described first server registration.
Preferably, the strategy of described digital certificate is by the server decision of providing described digital certificate;
The strategy of described digital certificate comprises at least: whether the timeliness of digital certificate, digital certificate transportable sign, and whether digital certificate can produce the sign of sub-certificate, and digital certificate produces the restriction of sub-certificate.
Preferably, the relation of binding between the described mobile hardware safe unit of described binding unit setting and the described fixed hardware security unit is specially ad-hoc mode, and the strategy of described digital certificate comprises the sign whether digital certificate can move;
Whether digital certificate transportable be masked as transportable, as described digital certificate migration between described fixed hardware security unit and the binding of mobile hardware safe unit of root certificate.
Preferably, the relation of binding between the described mobile hardware safe unit of described binding unit setting and the described fixed hardware security unit is specially collaboration mode, the sub-certificate that described digital certificate or described digital certificate produce is split as two parts, is deposited respectively by described mobile hardware safe unit and fixed hardware security unit; Described mobile hardware safe unit is deciphered described sub-certificate after described fixed hardware security unit mandate.
Preferably, the relation of binding between the described mobile hardware safe unit of described binding unit setting and the described fixed hardware security unit is specially master slave mode, be that described fixed hardware security unit is in the master control status, described mobile hardware safe unit lays under tribute;
Whether described certificate can produce being masked as of sub-certificate can produce sub-certificate, described fixed hardware security unit produces sub-certificate, and with described sub-certificate to described server or other server registration, the described mobile hardware safe unit lay under tribute is given in the issue of the sub-certificate safety after the registration or migration;
Described certificate has dominant right to control the destruction of described sub-certificate, renewal or granting again.
Compare with above-mentioned prior art, the method of the described assurance digital certificate of embodiment of the invention safety, described fixed hardware security unit is before the described server downloading digital certificate, be included in the step of setting up both-way communication pipeline between mobile hardware safe unit and the fixed hardware security unit, owing between mobile hardware safe unit and fixed hardware security unit, set up both-way communication pipeline, make between mobile hardware safe unit and the fixed hardware security unit can safety transfer files, and described mobile hardware safe unit and fixed hardware security unit are bound, after binding relationship was established, described fixed hardware security unit was registered to first server end.Described fixed hardware security unit can generate the digital certificate as the root certificate certificate, more described sub-certificate is registered to first server.The described fixed hardware security unit in registration back can be distributed described sub-certificate to described mobile hardware safe unit.Therefore, described hardware safe unit is stored as the root certificate from the described first server downloading digital certificate.Under the prerequisite that guarantees fail safe, the user is transferred in the distribution ﹠ management of digital certificate realize, reduce the server cost.
Description of drawings
Fig. 1 is first kind of execution mode flow chart of method of assurance digital certificate safety of the present invention;
Fig. 2 is second kind of execution mode flow chart of method of assurance digital certificate safety of the present invention;
Fig. 3 is a communication pipe structural representation of the present invention;
Fig. 4 is the third execution mode flow chart of method of assurance digital certificate safety of the present invention;
Fig. 5 is first kind of execution mode structure chart of assurance digital certificate safe terminal of the present invention;
Fig. 6 is first kind of execution mode structure chart of system of assurance digital certificate safety of the present invention;
Fig. 7 is second kind of execution mode structure chart of system of assurance digital certificate safety of the present invention.
Embodiment
The invention provides a kind of method that guarantees digital certificate safety, be used for both guaranteeing the safety of digital certificate, make things convenient for renewal or the deletion of user simultaneously digital certificate.
Referring to Fig. 1, this figure is first kind of execution mode flow chart of method of assurance digital certificate safety of the present invention.
S1000, on first server, register fixed hardware security unit, have both-way communication pipeline between wherein said fixed hardware security unit and mobile hardware safe unit and be mutual binding relationship.
Fixed hardware security unit is registered on first server, has both-way communication pipeline between wherein said fixed hardware security unit and mobile hardware safe unit and is mutual binding relationship.
The digital certificate that S2000, reception issue to described fixed hardware security unit from described first server, described digital certificate is the root certificate.
Described first server is to described fixed hardware security unit issuing digital certificate, and described digital certificate is the root certificate.
S3000, described certificate generated sub-certificate.
Described fixed hardware security unit generates sub-certificate with described certificate.
S4000, described sub-certificate is registered to described first server.
Described fixed hardware security unit is registered described sub-certificate to first server.
S5000, distribute described sub-certificate to described mobile hardware safe unit.
Described fixed hardware security unit is distributed described sub-certificate to the mobile hardware safe unit.
The method of the described assurance digital certificate of embodiment of the invention safety, described fixed hardware security unit is before the described server downloading digital certificate, be included in the step of setting up both-way communication pipeline between mobile hardware safe unit and the fixed hardware security unit, owing between mobile hardware safe unit and fixed hardware security unit, set up both-way communication pipeline, make between mobile hardware safe unit and the fixed hardware security unit can safety transfer files, and described mobile hardware safe unit and fixed hardware security unit are bound, after binding relationship was established, described fixed hardware security unit was registered to first server end.Described fixed hardware security unit can generate the digital certificate as the root certificate certificate, more described sub-certificate is registered to first server.The described fixed hardware security unit in registration back can be distributed described sub-certificate to described mobile hardware safe unit.Therefore, described hardware safe unit is stored as the root certificate from the described first server downloading digital certificate.Under the prerequisite that guarantees fail safe, the user is transferred in the distribution ﹠ management of digital certificate realize, reduce the server cost.
Referring to Fig. 2, this figure is second kind of execution mode flow chart of method of assurance digital certificate safety of the present invention.
The method of second kind of described assurance digital certificate of execution mode of the present invention safety may further comprise the steps:
S100, the mobile hardware safe unit that characterizes user's identity is set.
The mobile hardware safe unit can be the identification safety chip in USBKey or the smart card, and USBKey or smart card can be by the USBKey of server authorizes identity or smart card.
Have an identification safety chip in USBKey or the smart card, this identification safety chip can obtain the authentication of server.
Server is to the verification process of identification safety chip: the digital certificate that comprises the key that stamped signature uses of this identification safety chip Download Server distribution, the user is by password or other authentication means fingerprint recognition for example, confirm user's identity of USBKey, obtain the right to use of key.
When the user when described server is submitted data to, need carry out the digital certificate stamped signature to these data, this stamped signature will be as the important evidence of confirming the described operation of user.
Above-mentioned identification safety chip can be used as the described mobile hardware safe unit of the embodiment of the invention.
Identification safety chip in the USBKey can produce user's key, this ciphered data of secret key decryption that can only use this user to authorize.
S200, the fixed hardware security unit based on computer or other equipment of characterization platform identity is set.
Computer or other device interiors are provided with the land identification safety chip, and land identification safety chip inside is written into platform credential, are responsible for externally providing the platform identify label.This land identification safety chip can be used as the described fixed hardware security unit of the embodiment of the invention.
S300, described mobile hardware safe unit and fixed hardware security unit are created both-way communication pipeline.
Described mobile hardware safe unit and fixed hardware security unit can be created both-way communication pipeline by the means of exchange of public keys.
So-called exchange of public keys, PKI Ka with fixed hardware security unit gives the mobile hardware safe unit exactly, give fixed hardware security unit the PKI Kb of mobile hardware safe unit, mobile hardware safe unit and fixed hardware security unit private key Ka ', Kb ' separately oneself keeps.
Referring to Fig. 3, this figure is a communication pipe structural representation of the present invention.The process that makes up shown in Fig. 3 is the process of " exchange of public keys ".
Fixed hardware security unit will need the plaintext M that the sends PKI Ka by fixed hardware security unit to encrypt, and generate ciphertext C.Fixed hardware security unit is sent to the mobile hardware safe unit with described ciphertext C.The mobile hardware safe unit is decrypted by the private key Kb ' of mobile hardware safe unit self, obtains plaintext M.Just set up the one-way communication pipeline of a fixed hardware security unit this moment to the mobile hardware safe unit.
The mobile hardware safe unit will need the plaintext M that the sends PKI Kb by the mobile hardware safe unit to encrypt, and generate ciphertext C.The mobile hardware safe unit is sent to fixed hardware security unit with described ciphertext C.Fixed hardware security unit is decrypted by the private key Ka ' of fixed hardware security unit self, obtains plaintext M.Just set up the one-way communication pipeline of a mobile hardware safe unit this moment to fixed hardware security unit.
The one-way communication pipeline of fixed hardware security unit to the one-way communication pipeline of mobile hardware safe unit and mobile hardware safe unit to fixed hardware security unit constituted the both-way communication pipeline between fixed hardware security unit and the mobile hardware safe unit jointly.
The means that the establishment of above-mentioned both-way communication pipeline is described mobile hardware safe unit and fixed hardware security unit by exchange of public keys realize.
Described mobile hardware safe unit and fixed hardware security unit can also be created both-way communication pipeline by the means of key agreement.
In unsafe environment, cipher key system is through being usually used in to the information encryption that sends needing corresponding decruption key to decrypts information to reach fail safe and integrality requirement the receiving party.
Traditional cipher key system is called as single cipher key system, is characterized in encryption key and decruption key can derive the mutually sender and the recipient of information.
In single cipher key system, the member can enough cipher key shared enciphered messages pass to other members again, if but both sides' distance is far, just be not easy to set up the key session.
The key session establish dual mode: encryption key distribution and key agreement.
Encryption key distribution is a kind of mechanism, the member can select with secret key safety pass to other members.
Key agreement then is to want the member of session to unite to set up public key, and in network environment, the advantage that the key agreement relative key distributes: participant can be set up key at random, and does not need encryption key distribution and management organization.
Group key agreement (Group Key Agreement) is based on distributed thought, and its feature is: 1) a plurality of members of group participate in the key generation together; 2) key in the group is to be determined jointly by parameter and key schedule that each member provides; 3) any member all can not determine key in advance in the group.
Several popular group key agreement and distribution methods are arranged, comprise CKD (Centralized Group Key Distribution), BD (Burmester-Desmedt), STR (Steer et al.), GDH (Group Diffie-Hellman) and TGDH (Tree-Based Group Diffie-Hellman).
Whit Diffie and Martin Hellman have proposed Diffie-Hellman algorithm (being called for short DH) jointly, and this is a kind of two side's IKEs, is used for two peer-entities negotiating about cipher key shared safely.DH algorithm essence is the agreement that a communicating pair carries out cryptographic key agreement, and the DH algorithm security is based on the difficulty of calculating discrete logarithm on the finite field.
The Diffie-Hellman IKE is as follows:
At first, Alice and Bob both sides arrange 2 big Integer n and g, 1<g<n wherein, and these two integers need not to maintain secrecy, and then, carry out following processes:
1) Alice selects a big integer x (maintaining secrecy) at random, and calculates X=gx mod n;
2) Bob selects a big integer y (maintaining secrecy) at random, and calculates Y=gy mod n;
3) Alice sends to Bob with X, and Bob sends to ALICE with Y;
4) Alice calculating K=Yx mod n;
5) Bob calculating K=Xy mod n.
K promptly is a cipher key shared.
The prison hearer can only listen to X and Y on network, but can't pass through X, and Y calculates x and y, and therefore, the prison hearer can't calculate K=gxy mod n.
Described communication pipe can be upgraded or abolishment by described mobile hardware safe unit or fixed hardware security unit.Described communication pipe also can or be abolished by described mobile hardware safe unit and the common renewal of fixed hardware security unit.
The communication pipe renewal process: described mobile hardware safe unit or fixed hardware security unit send to the other side by described communication pipe with former encryption keys new key, re-use new cipher key communication, and described communication pipe has been realized renewal.
The communication pipe delete procedure: directly original key deletion, described communication pipe is discarded for described mobile hardware safe unit or fixed hardware security unit.
The condition that certain described communication pipe can also be set according to described mobile hardware safe unit or fixed hardware security unit is predetermined amount of time or pre-determined number for example, upgrades or abolishes.When time or data interaction number of times reached predetermined amount of time or pre-determined number, described communication pipe upgraded or abolishes.
Described communication pipe can also be according to the common condition of setting of described mobile hardware safe unit and fixed hardware security unit such as predetermined amount of time or pre-determined number, upgrades or abolishes.When time or data interaction number of times reached predetermined amount of time or pre-determined number, described communication pipe upgraded or abolishes.
S400, described mobile hardware safe unit and fixed hardware security unit are mutual by unique identifying information, realize binding mutually.
The described mobile hardware safe unit that is specially alternately of described unique identifying information sends to described fixed hardware security unit with self unique identifying information, described fixed hardware security unit identification and write down the unique identifying information of described mobile hardware safe unit.Simultaneously described fixed hardware security unit sends to described mobile hardware safe unit with self unique identifying information, described mobile hardware safe unit identification and write down the unique identifying information of described fixed hardware security unit.
The unique identifying information of described mobile hardware safe unit or the unique identifying information of described fixed hardware security unit carry out mutual after can handling by cryptography method earlier again.Mutual content can be by cryptographic method, carries out some assorted, encryptions of mixing, expansion, operations such as HASH, HMAC, the result who handles.With result's mutual " exchange " of described processing, be re-used as the foundation of binding, identification.Certainly, raw information can not handled yet, and directly carries out " exchange ".
Described mobile hardware safe unit and described fixed hardware security unit can be undertaken alternately by unique identifying informations such as certificate, key, ID, passwords, realize binding mutually.
Because after above-mentioned communication pipe was set up, all communication all was required to carry out in described communication pipe.And described communication pipe is through encrypting, and in fact binding is exactly a process of identification and record mutually, remembers the other side's fixing, unique and identifiable information separately from each other, or the HASH value of these information.
Binding between described mobile hardware safe unit and the described fixed hardware security unit can be created, inquires about, delete, also the condition that can be set as regularly, upgrade for fixed time or discarded, to guarantee the safety of binding.
Binding pattern between described mobile hardware safe unit and the fixed hardware security unit comprises ad-hoc mode, collaboration mode, three kinds of patterns of master slave mode.
Binding pattern between described mobile hardware safe unit and the fixed hardware security unit is to pass through the mutual of unique identifying information by described mobile hardware safe unit and fixed hardware security unit, bind antagonistic relations by setting between described mobile hardware safe unit and the fixed hardware security unit, thereby determine described binding pattern.
S500, described fixed hardware security unit are to server registration.
After binding relationship is established, need described fixed hardware security unit, can submit separately relevant information or key in the lump to all to server registration.
As long as this relevant information can guarantee that server can this hardware safe unit of accurate recognition, can only be a PKI as the checking foundation of signature, also having can be the binding identifying information, can be the set of above-mentioned these information in addition.
When the user need need described mobile hardware safe unit and fixed hardware security unit common stamped signature, characterization platform identity and user's identity simultaneously under binding relationship when server characterizes identity.Two kinds of signs are indispensable, otherwise server is refused this service.
When mobile hardware safe unit and fixed hardware security unit under binding relationship, when server sends service request, need be under the binding relationship common stamped signature of described mobile hardware safe unit and fixed hardware security unit, characterization platform identity and user's identity simultaneously.
When the user when server is submitted data to, for example " transfer into XX account XX unit ", this informational needs by described mobile hardware safe unit for example USBKey carry out the digital certificates stamped signature.Need equally fixed hardware security unit for example the TPM (Trusted Platform Module, trusted root) on the computer carry out the digital certificates authentication, perhaps carry out stamped signature.Behind described mobile hardware safe unit and the common stamped signature of fixed hardware security unit, be sent to described server again.
The content that the described server of described mobile hardware safe unit and fixed hardware security unit subtend sends is carried out superencipher.
The plaintext that the described server of described mobile hardware safe unit and fixed hardware security unit subtend sends carries out the superencipher of described mobile hardware safe unit and fixed hardware security unit.
The signature of the sign identity information that the described server of described mobile hardware safe unit and fixed hardware security unit subtend sends carries out the dual signature of described mobile hardware safe unit and fixed hardware security unit.
Under the prerequisite that adopts unsymmetrical key, the plaintext that the described server of described mobile hardware safe unit and fixed hardware security unit subtend sends can carry out the secondary public key encryption of described mobile hardware safe unit and fixed hardware security unit.The signature of the sign identity information that the described server of described mobile hardware safe unit and fixed hardware security unit subtend sends can carry out the secondary encrypted private key of described mobile hardware safe unit and fixed hardware security unit.
Encryption, decryption oprerations about significant data, for example digital certificates, extremely important data etc., must under the prerequisite of described mobile hardware safe unit and fixed hardware security unit binding, be undertaken adding for twice, deciphering by described mobile hardware safe unit and fixed hardware security unit.Perhaps, by described mobile hardware safe unit and fixed hardware security unit some data is not repeatedly encrypted separately respectively, finish ciphering process, to improve fail safe.
Described significant data can be set or determines according to applicable cases or user's needs.
The adding of significant data, decruption key should not move between the both sides in binding relationship, can further guarantee safety of data like this.But critical keys is moved storage after can be encrypted again.Key except that the adding of significant data, decruption key can move, and also can back up between described mobile hardware safe unit and fixed hardware security unit.
Can set the flag bit whether expression moves on the key.For example " No " or " Yes ".The flag bit that whether moves when key is during for " No ", and expression can not be moved.The flag bit that whether moves when key is during for " Yes ", and expression can be moved.
When this key is created, can set attribute by founder's (user or upper layer application).Certainly, if necessary, this attribute can be changed as required.
S600, described fixed hardware security unit is from described server downloading digital certificate and store described digital certificate, and described digital certificate is the root certificate.
The strategy of described certificate is by downloading this described server decision with certificate.The strategy of described certificate comprises at least: whether the timeliness of digital certificate, digital certificate transportable sign, and whether digital certificate can produce the sign of sub-certificate, and digital certificate produces the restriction of sub-certificate.
The restriction that digital certificate produces sub-certificate comprises restrictions such as time, access times, payment amount.
When the pass of described mobile hardware safe unit and fixed hardware security unit binding is ad-hoc mode, and the strategy of described certificate comprises the sign whether digital certificate can move, and whether described digital certificate transportable be masked as transportable, as described digital certificate migration between described fixed hardware security unit and the binding of mobile hardware safe unit of root certificate.This migration is identical with existing online payment pattern.
When the relation of described mobile hardware safe unit and fixed hardware security unit binding is specially collaboration mode, the sub-certificate of described certificate or described certificate generation can be split as two parts, is deposited respectively by described fixed hardware security unit and mobile hardware safe unit; Described mobile hardware safe unit need could be deciphered the described sub-certificate of the part that obtains its storage after described fixed hardware security unit mandate.
When the relation of described mobile hardware safe unit and fixed hardware security unit binding is specially master slave mode, be that described fixed hardware security unit is in the master control status, when described mobile hardware safe unit lays under tribute, whether described digital certificate can produce being masked as of sub-certificate can produce sub-certificate, initiate by the user, described fixed hardware security unit produces sub-certificate, and with described sub-certificate to described server or other server registration, the sub-certificate after the registration can be issued safely or move to the described mobile hardware safe unit that lays under tribute.
Described sub-certificate is when other server registration, and described other server need just can be registered then to the legitimacy of the sub-certificate of server lookup of root certificate issued.
Whether digital certificate can produce being masked as of sub-certificate can produce sub-certificate, and the strategy of the sub-certificate of described generation comprises at least: key, described certificates identified, the scope of application, whether need copy, use restriction.
When the described method of the embodiment of the invention was applied to Net silver, the described scope of application can comprise: amount of money scope, payment purposes scope, whether can the sub-certificate of regeneration, wrong password is promptly by qualifications such as destructions several times.
Described use restriction can be to use the restriction of number of times or time etc.
The sub-certificate that digital certificate produced as the root certificate comprises two kinds of forms: pure certificate format and module certificate format.
The sub-certificate of described pure certificate format is identical with the ordinary electronic certificate.
At least comprise in the sub-certificate of described module certificate format: certificate data, certificate calling interface, certificate call executive program, certificate policy, certificate check information, certificate storage user's check information, module encryption/decryption element.
In the application model of high safety grade, described sub-certificate can be stored in the described fixed hardware security unit by root certificate or association key encryption.
When sub-certificate need use, certificate carrier by described fixed hardware security unit, determine the legitimacy of described sub-certificate by hardware information verification or binding relationship verification, after verification, the certificate carrier of described fixed hardware security unit deciphering or decruption key is provided.
Described sub-certificate migrates to described mobile hardware safe unit behind described server registration, and is stored in the certificate carrier of described mobile hardware safe unit.
For the sub-certificate of pure certificate format, described mobile hardware safe unit can directly be visited described sub-certificate content.
For the sub-certificate of module certificate format, described mobile hardware safe unit must be realized the visit and the modification of described sub-certificate by the certificate calling interface.The certificate carrier of described mobile hardware safe unit can not the antithetical phrase certificate content, usage policy directly visit and revise.
The sub-certificate of module certificate format when being called, the regulative strategy of the described sub-certificate of obligated inspection, and make corresponding feedback, feedbacks such as certificate are destroyed in for example denial of service.
When the relation of described mobile hardware safe unit and fixed hardware security unit binding is specially master slave mode, be that described fixed hardware security unit is in the master control status, when described mobile hardware safe unit laid under tribute, described certificate had destruction, the renewal of the described sub-certificate of control or the dominant right of providing again.
The fixed hardware security unit that has the root certificate has control to greatest extent to the mobile hardware safe unit that has sub-certificate.The root certificate has completely dominant right carry out destruction, renewal or the operation such as granting again of sub-certificate.
Described mobile hardware safe unit promptly can use as the identification identifier of paying by mails after receiving described sub-certificate.
Described mobile hardware safe unit can have journal function, and described fixed hardware security unit can be by the daily record of described mobile hardware safe unit, inquires about and recalls sub-certificate in the certificate carrier that is stored in described mobile hardware safe unit.
When a sub-certificate went out of use or deletes, its relevant data were also removed by described mobile hardware safe unit, and this clear operation can be described fixed hardware security unit inquiry, monitoring by the owner of described certificate and compare.
The method of the described assurance digital certificate of embodiment of the invention safety, described fixed hardware security unit is before the described first server downloading digital certificate, be included in the step of setting up both-way communication pipeline between mobile hardware safe unit and the fixed hardware security unit, owing between mobile hardware safe unit and fixed hardware security unit, set up both-way communication pipeline, make between mobile hardware safe unit and the fixed hardware security unit can safety transfer files, and described mobile hardware safe unit and fixed hardware security unit are bound, after binding relationship was established, described fixed hardware security unit was registered to first server end.Described fixed hardware security unit can generate the digital certificate as the root certificate certificate, more described sub-certificate is registered to first server.The described fixed hardware security unit in registration back can be distributed described sub-certificate to described mobile hardware safe unit.Therefore, described fixed hardware security unit is stored as the root certificate from the described first server downloading digital certificate.Under the prerequisite that guarantees fail safe, the user is transferred in the distribution ﹠ management of digital certificate realize, reduce the server cost.
Referring to reference to figure 4, this figure is the third execution mode flow chart of method of assurance digital certificate safety of the present invention.
The method of the described assurance digital certificate of the third execution mode of the present invention safety may further comprise the steps:
S100, the mobile hardware safe unit that characterizes user's identity is set.
The mobile hardware safe unit can be the identification safety chip in USBKey or the smart card, and USBKey or smart card can be by the USBKey of server authorizes identity or smart card.
Have an identification safety chip in USBKey or the smart card, this identification safety chip can obtain the authentication of server.Server is to the verification process of identification safety chip: the digital certificate that comprises the key that stamped signature uses of this identification safety chip Download Server distribution, the user is by password or other authentication means fingerprint recognition for example, confirm user's identity of USBKey, obtain the exercise of power of key.
Identification safety chip in the USBKey can produce user's key, can only decipher this ciphered data with the key that this user authorizes.
S200, the fixed hardware security unit based on computer or other equipment of characterization platform identity is set.
Computer or other device interiors are provided with the land identification safety chip, and land identification safety chip inside is written into platform credential, are responsible for externally providing the platform identify label.This land identification safety chip can be used as fixed hardware security unit.
S300, described mobile hardware safe unit and fixed hardware security unit are created both-way communication pipeline.
S400, described mobile hardware safe unit and fixed hardware security unit are mutual by unique identifying information, realize binding mutually.
The described mobile hardware safe unit unique identifying information that is specially alternately of described unique identifying information sends to described fixed hardware security unit, and described mobile hardware safe unit unique identifying information is discerned and write down to described fixed hardware security unit.Described fixed hardware security unit unique identifying information sends to described mobile hardware safe unit simultaneously, and described fixed hardware security unit unique identifying information is discerned and write down to described mobile hardware safe unit.
Described mobile hardware safe unit unique identifying information or described fixed hardware security unit unique identifying information carry out mutual after can handling by cryptography method again.Mutual content can be by cryptographic method, carries out some assorted, encryptions of mixing, expansion, operations such as HASH, HMAC, the result who handles.With result's mutual " exchange " of described processing, be re-used as the foundation of binding, identification.Certainly, raw information can not handled yet, and directly carries out " exchange ".
Described mobile hardware safe unit unique identifying information and described fixed hardware security unit unique identifying information carry out mutual after all can handling by cryptography method again.
Described mobile hardware safe unit and described fixed hardware security unit can be undertaken alternately by unique identifying informations such as certificate, key, ID, passwords, realize binding mutually.
In fact binding is exactly a process of discerning and writing down mutually, remembers the other side's fixing, unique and identifiable information separately from each other, or the HASH value of these information.
Binding pattern between described mobile hardware safe unit and the fixed hardware security unit comprises ad-hoc mode, collaboration mode, three kinds of patterns of master slave mode.
Binding pattern between described mobile hardware safe unit and the fixed hardware security unit is to pass through the mutual of unique identifying information by described mobile hardware safe unit and fixed hardware security unit, set that nation decides antagonistic relations between described mobile hardware safe unit and the fixed hardware security unit, determine described binding pattern.
S500A, described fixed hardware security unit are at least to two server registrations.
Described fixed hardware security unit can be registered to two or more server.
After binding relationship was established, described fixed hardware security unit can be registered at least two servers, and submitted separately relevant information or key to.
As long as described relevant information can guarantee each server and can discern this hardware safe unit exactly.Described relevant information can only be a PKI as the checking foundation of signature, and also having can be the binding identifying information, can be the set of above-mentioned these information in addition.
When the user need need described mobile hardware safe unit and fixed hardware security unit common stamped signature, characterization platform identity and user's identity simultaneously under binding relationship when certain server characterizes identity.Two kinds of signs are indispensable, otherwise this server can be refused this service.
When the user when certain server is submitted data to, for example " transfer into XX account XX unit ", this informational needs is carried out stamped signature by described mobile hardware safe unit, needs fixed hardware security unit to carry out certificate verification equally, perhaps carries out stamped signature.Behind described mobile hardware safe unit and the common stamped signature of fixed hardware security unit, be sent to this server again.
The content that each server of described mobile hardware safe unit and fixed hardware security unit subtend sends can be carried out superencipher.
The plaintext that the described server of described mobile hardware safe unit and fixed hardware security unit subtend sends carries out the superencipher of described mobile hardware safe unit and fixed hardware security unit.
The signature of the sign identity information that the described server of described mobile hardware safe unit and fixed hardware security unit subtend sends carries out the dual signature of described mobile hardware safe unit and fixed hardware security unit.
Encryption, decryption oprerations about significant data, for example digital certificates, extremely important data etc., must under the prerequisite of described mobile hardware safe unit and fixed hardware security unit binding, be undertaken adding for twice, deciphering by described mobile hardware safe unit and fixed hardware security unit.Perhaps, by described mobile hardware safe unit and fixed hardware security unit some data is not repeatedly encrypted separately respectively, finish ciphering process, to improve fail safe.Described significant data can be set or determines according to applicable cases or user's needs.
S600A, described fixed hardware security unit are from each server downloading digital certificate and store described digital certificate respectively, and described digital certificate is the root certificate.
The strategy of described certificate is by the server decision of downloading described certificate.The strategy of described certificate comprises at least: whether the timeliness of digital certificate, digital certificate transportable sign, and whether digital certificate can produce the sign of sub-certificate, and digital certificate produces the restriction of sub-certificate.
The restriction that digital certificate produces sub-certificate comprises the restriction of aspects such as time, access times.
When the pass of described mobile hardware safe unit and fixed hardware security unit binding is ad-hoc mode, and the strategy of described digital certificate comprises the sign whether digital certificate can move, and whether described digital certificate transportable be masked as transportable, as described digital certificate migration between described fixed hardware security unit and the binding of mobile hardware safe unit of root certificate.
When the relation of described mobile hardware safe unit and fixed hardware security unit binding is specially collaboration mode, the sub-certificate that described digital certificate or described digital certificate produce can be split as two parts, is deposited respectively by described fixed hardware security unit and mobile hardware safe unit; Described mobile hardware safe unit need could be deciphered the described sub-certificate of the part that obtains its storage after described fixed hardware security unit mandate.
When the relation of described mobile hardware safe unit and fixed hardware security unit binding is specially master slave mode, be that described fixed hardware security unit is in the master control status, when described mobile hardware safe unit lays under tribute, whether described digital certificate can produce being masked as of sub-certificate can produce sub-certificate, initiate by the user, described fixed hardware security unit produces sub-certificate, and with the server registration of described sub-certificate to the needs registration, the sub-certificate after the registration can be issued safely or move to the described mobile hardware safe unit that lays under tribute.
Whether digital certificate can produce being masked as of sub-certificate can produce sub-certificate, and the strategy of the sub-certificate of described generation comprises at least: key, described certificates identified, the scope of application, whether need copy, use restriction etc.
When the described method of the embodiment of the invention was applied to Net silver, the scope of application can comprise: amount of money scope, payment purposes scope, whether can generate sub-certificate, wrong password is promptly by qualifications such as destructions several times.
Described use restriction can be to use the restriction of number of times or time etc.
The sub-certificate that digital certificate produced as the root certificate comprises two kinds of forms: pure certificate format and module certificate format.
Described pure certificate format is identical with the ordinary electronic certificate.
At least comprise in the described module certificate: certificate data, certificate calling interface, certificate call executive program, certificate policy, certificate check information, certificate storage user's check information, module encryption/decryption element.
In the application model of high safety grade, described sub-certificate can be stored in the described fixed hardware security unit by root certificate or association key encryption.
When sub-certificate need use, certificate carrier by described fixed hardware security unit, determine the legitimacy of described sub-certificate by hardware information verification or binding relationship verification, after verification, the certificate carrier of described fixed hardware security unit deciphering or decruption key is provided.
Described sub-certificate migrates to described mobile hardware safe unit, and is kept at the certificate carrier of described mobile hardware safe unit behind the server registration of needs registration.
For the sub-certificate of pure certificate format, described mobile hardware safe unit can directly be visited described sub-certificate content.
For the sub-certificate of module certificate format, described mobile hardware safe unit need be realized the visit and the modification of described sub-certificate by the certificate calling interface.The certificate carrier of described mobile hardware safe unit can not the antithetical phrase certificate content, usage policy directly visit and revise.
The sub-certificate of module certificate format when being called, the regulative strategy of the described sub-certificate of obligated inspection, and make corresponding feedback, for example: denial of service, destroy feedbacks such as certificate.
Because sub-certificate is provisional, loses when the certificate carrier of mobile hardware safe unit, can not influence the fail safe of root certificate, improve safe class.
During multiserver, how sub-certificate management, more convenient user's audit operation can be managed concentratedly.
When the relation of described mobile hardware safe unit and fixed hardware security unit binding is specially master slave mode, be that described fixed hardware security unit is in the master control status, when described mobile hardware safe unit laid under tribute, described certificate had dominant right to control the destruction of described sub-certificate, renewal or granting again.
The fixed hardware security unit that has the root certificate has control to greatest extent to the mobile hardware safe unit that has sub-certificate.The root certificate has completely dominant right carry out destruction, renewal or the operation such as granting again of sub-certificate.
Described mobile hardware safe unit promptly can use as the identification identifier of paying by mails after receiving described sub-certificate.
Described mobile hardware safe unit can have journal function, and described fixed hardware security unit can be by the daily record of described mobile hardware safe unit, inquires about and recalls sub-certificate in the certificate carrier that is stored in described mobile hardware safe unit.
When a sub-certificate went out of use or deletes, its relevant data were also removed by described mobile hardware safe unit, and this clear operation can be described fixed hardware security unit inquiry, monitoring by the owner of described certificate and compare.
The method of the described assurance digital certificate of embodiment of the invention safety, described fixed hardware security unit is before at least two server downloading digital certificates, be included in the step of setting up both-way communication pipeline between mobile hardware safe unit and the fixed hardware security unit, owing between mobile hardware safe unit and fixed hardware security unit, set up both-way communication pipeline, make between mobile hardware safe unit and the fixed hardware security unit can safety transfer files, and described mobile hardware safe unit and fixed hardware security unit bound.After binding relationship was established, described fixed hardware security unit was to described whole server end registrations.Described fixed hardware security unit can generate the digital certificate as the root certificate certificate, more described sub-certificate is registered to described whole servers.The described fixed hardware security unit in registration back can be distributed described sub-certificate to described mobile hardware safe unit.Therefore, described fixed hardware security unit is stored as the root certificate from described whole server downloading digital certificates.Under the prerequisite that guarantees fail safe, the user is transferred in the distribution ﹠ management of digital certificate realize, reduce the server cost.
The user can only realize operation that move, multiserver with a mobile hardware safe unit, reduces user cost.For example can realize the E-Payment operation of multi-bank.
The invention provides a kind of assurance digital certificate safe terminal, be used for to guarantee the safety of digital certificate, can make things convenient for the user that digital certificate is upgraded again or delete.
Referring to Fig. 5, this figure is first kind of execution mode structure chart of assurance digital certificate safe terminal of the present invention.
First kind of described assurance digital certificate of execution mode of the present invention safe terminal comprises fixed hardware security unit 1a, creating unit 2a, binding unit 3a, transmitting element 4a, download unit 5a, memory cell 6a and dispatch unit 7a.
Described fixed hardware security unit 1a is used for the characterization platform identity and preserves the digital certificate that described terminal is downloaded from the first server 15a, and described digital certificate is the root certificate; And described certificate generated sub-certificate.
Described creating unit 2a is used for creating both-way communication pipeline between mobile hardware safe unit 8a and described fixed hardware security unit 1a.
Described binding unit 3a is used for setting up mutual binding relationship between described mobile hardware safe unit 8a and fixed hardware security unit 1a.
Described transmitting element 4a is used for sending to the first server 15a register requirement of described fixed hardware security unit 1a, and the register requirement of the sub-certificate that derives from according to described certificate of the described fixed hardware security unit 1a that sends to the first server 15a.
Described download unit 5a is used for downloading described digital certificate from the first server 15a.
Described memory cell 6a is used to store the described digital certificate that described download unit 5a downloads, and described digital certificate is the root certificate.
Described dispatch unit 7a is used for and will distributes described mobile hardware safe unit 8a to the sub-certificate of first server 15a registration.
The described assurance digital certificate of embodiment of the invention safe terminal, described fixed hardware security unit 1a is before the first server 15a downloading digital certificate, described creating unit 2a sets up both-way communication pipeline between mobile hardware safe unit 8a and fixed hardware security unit 1a, owing to set up both-way communication pipeline between mobile hardware safe unit 8a and fixed hardware security unit 1a, making can safe transfer files between mobile hardware safe unit 8a and the fixed hardware security unit 1a.And described binding unit 3a binds described mobile hardware safe unit 8a and fixed hardware security unit 1a.After binding relationship was established, described transmitting element 4a registered described fixed hardware security unit 1a to first server end.Described download unit 5a downloads described digital certificate from the first server 15a.Described fixed hardware security unit 1a can generate the digital certificate as the root certificate certificate, and described transmitting element 4a registers described sub-certificate to the first server 15a.Described dispatch unit 7a distributes described sub-certificate to described mobile hardware safe unit 15a.Therefore, described fixed hardware security unit 1a stores as the root certificate from the described first server 15a downloading digital certificate.Under the prerequisite that guarantees fail safe, the user is transferred in the distribution ﹠ management of digital certificate realize, reduce the server cost.
The invention provides a kind of system that guarantees digital certificate safety, be used for to guarantee the safety of digital certificate, can make things convenient for the user that digital certificate is upgraded again or delete.
Referring to Fig. 6, this figure is first kind of execution mode structure chart of system of assurance digital certificate safety of the present invention.
The system of first kind of described assurance digital certificate of execution mode of the present invention safety, described system comprise server 15, mobile hardware safe unit 11, fixed hardware security unit 12, communication pipe creating unit 13 and binding unit 14.
Described mobile hardware safe unit 11 is used to characterize the hardware safe unit of user's identity.
Described fixed hardware security unit 12 based on computer or other equipment, is used for the hardware safe unit of characterization platform identity.Described fixed hardware security unit 12 is from described server 15 downloading digital certificates and store described digital certificate, and described digital certificate is the root certificate.
The strategy of described digital certificate is by described server 15 decisions.The strategy of described digital certificate should comprise at least: whether the timeliness of digital certificate, digital certificate transportable sign, and whether digital certificate can produce the sign of sub-certificate, and digital certificate produces the restriction of sub-certificate.
The restriction that digital certificate produces sub-certificate comprises the restriction of aspects such as time, access times, payment amount.
When the pass of described mobile hardware safe unit 11 and fixed hardware security unit 12 bindings is ad-hoc mode, and the strategy of described digital certificate comprises the sign whether digital certificate can move, and whether described digital certificate transportable be masked as transportable, as described digital certificate migration between described mobile hardware safe unit 11 and fixed hardware security unit 12 bindings of root certificate.This migration is identical with existing online payment pattern.
When the relation of described mobile hardware safe unit 11 and fixed hardware security unit 12 bindings is specially collaboration mode, the sub-certificate that described digital certificate or described digital certificate produce can be split as two parts, is deposited respectively by described mobile hardware safe unit 11 and fixed hardware security unit 12; Described mobile hardware safe unit 11 need could be deciphered the described sub-certificate of the part that obtains its storage after described fixed hardware security unit 12 is authorized.
When the relation of described mobile hardware safe unit 11 and fixed hardware security unit 12 bindings is specially master slave mode, be that described fixed hardware security unit 12 is in the master control status, when described mobile hardware safe unit 11 lays under tribute, whether described digital certificate can produce being masked as of sub-certificate can produce sub-certificate, initiate by the user, described fixed hardware security unit 12 produces sub-certificate, and with described sub-certificate to described server or other server registrations, the sub-certificate after the registration can be issued safely or move to the described mobile hardware safe unit 11 that lays under tribute.
Whether digital certificate can produce being masked as of sub-certificate can produce sub-certificate, and the strategy of the sub-certificate of described generation comprises at least: key, described certificates identified, the scope of application, whether need copy, use restriction.
When the described system applies of the embodiment of the invention when the Net silver, the described scope of application can comprise: amount of money scope, payment purposes scope, whether can generate sub-certificate, wrong password is promptly by qualifications such as destructions several times.
Described use restriction can be to use the restriction of number of times or time etc.
The sub-certificate that digital certificate produced as the root certificate comprises two kinds of forms: pure certificate format and module certificate format.
Described pure certificate format is identical with the ordinary electronic certificate.
At least comprise in the described module certificate: certificate data, certificate calling interface, certificate call executive program, certificate policy, certificate check information, certificate storage user's check information, module encryption/decryption element.
In the application model of high safety grade, described sub-certificate can be stored in the described fixed hardware security unit by root certificate or association key encryption.
When sub-certificate need use, the certificate carrier of described fixed hardware security unit 12, determine the legitimacy of described sub-certificate by hardware information verification or binding relationship verification, after verification, the certificate carrier of described fixed hardware security unit 12 deciphering or decruption key is provided.
Described sub-certificate migrates to described mobile hardware safe unit 11, and is kept at the certificate carrier of described mobile hardware safe unit 11 after described server 15 registrations.
For the sub-certificate of pure certificate format, described mobile hardware safe unit 11 can directly be visited described sub-certificate content.
For the sub-certificate of module certificate format, described mobile hardware safe unit 11 must be realized the visit and the modification of described sub-certificate by the certificate calling interface.The certificate carrier of described mobile hardware safe unit 11 can not the antithetical phrase certificate content, usage policy directly visit and revise.
The sub-certificate of module certificate format when being called, the regulative strategy of the described sub-certificate of obligated inspection, and make corresponding feedback, for example: denial of service, destroy feedbacks such as certificate.
When the relation of described mobile hardware safe unit 11 and fixed hardware security unit 12 bindings is specially master slave mode, be that described fixed hardware security unit 12 is in the master control status, when described mobile hardware safe unit 11 laid under tribute, described certificate had dominant right to control the destruction of described sub-certificate, renewal or granting again.
The mobile hardware safe unit 11 that 12 pairs of fixed hardware security units that have a root certificate have sub-certificate has control to greatest extent.The root certificate has completely dominant right carry out destruction, renewal or the operation such as granting again of sub-certificate.
Described mobile hardware safe unit 11 promptly can use as the identification identifier of paying by mails after receiving described sub-certificate.
Described mobile hardware safe unit 11 can have journal function, and described fixed hardware security unit 12 can be by the daily record of described mobile hardware safe unit 11, inquires about and recalls sub-certificate in the certificate carrier that is stored in described mobile hardware safe unit 11.
When a sub-certificate went out of use or deletes, its relevant data were also removed by described mobile hardware safe unit 11, and this clear operation can be described fixed hardware security unit 12 inquiries, monitoring by the owner of described certificate and compare.
Described communication pipe creating unit 13 is created communication pipe by the means of key agreement or exchange of public keys between described mobile hardware safe unit 11 and fixed hardware security unit 12.
Described binding unit 14, described mobile hardware safe unit 11 and fixed hardware security unit 12 pass through the unique identifying information of self alternately, realize binding mutually.
After described mobile hardware safe unit 11 and fixed hardware security unit 12 are bound in described binding unit 14, described mobile hardware safe unit 11 and fixed hardware security unit 12 are registered to server 15 simultaneously, and submit separately relevant information or key to separately.
As long as this relevant information can guarantee that server 15 can this hardware safe unit of accurate recognition.
When the user need need described mobile hardware safe unit 11 and fixed hardware security unit 12 common stamped signature, characterization platform identity and user's identity simultaneously under binding relationship when server 15 characterizes identity.Two kinds of signs are indispensable, otherwise server 15 these services of refusal.
When the user when server 15 is submitted data to, for example " transfer into XX account XX unit ", this informational needs by described mobile hardware safe unit 11 for example USBKey carry out the digital certificates stamped signature.Need equally fixed hardware security unit 12 for example the TPM (Trusted Platform Module, trusted root) on the computer carry out the digital certificates authentication, perhaps carry out stamped signature.Through described mobile hardware safe unit 11 and fixed hardware security unit 12 common stamped signatures, can be sent to described server 15 again.
The content that the described server 15 of described mobile hardware safe unit 11 and fixed hardware security unit 12 subtends sends is carried out superencipher.
The plaintext that the described server 15 of described mobile hardware safe unit 11 and fixed hardware security unit 12 subtends sends carries out the superencipher of described mobile hardware safe unit 11 and fixed hardware security unit 12.
The signature of the sign identity information that the described server 15 of described mobile hardware safe unit 11 and fixed hardware security unit 12 subtends sends carries out the dual signature of described mobile hardware safe unit 11 and fixed hardware security unit 12.
Encryption, cryptographic operation about significant data, for example digital certificates, extremely important data etc., need under the prerequisite of described mobile hardware safe unit 11 and fixed hardware security unit 12 bindings, be undertaken adding for twice, deciphering and finish by described mobile hardware safe unit 11 and fixed hardware security unit 12.Perhaps, by described mobile hardware safe unit 11 and fixed hardware security unit 12 some data is not repeatedly encrypted separately respectively, finish ciphering process, to improve fail safe.
Described significant data can be set or determines according to applicable cases or user's needs.
The adding of described significant data, decruption key should not move between the both sides in described mobile hardware safe unit 11 and fixed hardware security unit 12 binding relationships, can further guarantee safety of data like this.But critical keys is moved storage after can be encrypted again.Key except that the adding of described significant data, decruption key can move, also can be in described mobile hardware safe unit 11 and 12 backups of fixed hardware security unit.
When this key is created, can set attribute by founder's (user or upper layer application).Certainly, if necessary, this attribute can be changed as required.
Described server 15, all communicate with described mobile hardware safe unit 11, described fixed hardware security unit 12 and described binding unit 14, be used for after described mobile hardware safe unit 11 and described fixed hardware security unit 12 binding relationships are established, the registration of described mobile hardware safe unit 11 and fixed hardware security unit 12 is provided, and the digital certificate of download is provided for described fixed hardware security unit.
Referring to Fig. 7, this figure is second kind of execution mode structure chart of system of assurance digital certificate safety of the present invention.
The relative first kind of execution mode of second kind of execution mode of the system of assurance digital certificate safety of the present invention, described server 15 comprises the first server 15a and second server 15b.
Described mobile hardware safe unit 11 is used to characterize the hardware safe unit of user's identity.
Described fixed hardware security unit 12 based on computer or other equipment, is used for the hardware safe unit of characterization platform identity.Described fixed hardware security unit 12 can be from the described first server 15a and second server 15b downloading digital certificate and store described digital certificate respectively, with described digital certificate as the root certificate.
The strategy of first digital certificate of downloading from the described first server 15a is determined by the described first server 15a.The strategy of second digital certificate of downloading from described second server 15b is determined by described second server 15b.
The strategy of described first digital certificate, second digital certificate should comprise at least: whether the timeliness of digital certificate, digital certificate transportable sign, and whether digital certificate can produce the sign of sub-certificate, and digital certificate produces the restriction of sub-certificate.
Described communication pipe creating unit 13 is created communication pipe by the means of key agreement or exchange of public keys between described mobile hardware safe unit 11 and fixed hardware security unit 12.
Described binding unit 14, described mobile hardware safe unit 11 and fixed hardware security unit 12 pass through the unique identifying information of self alternately, realize binding mutually.
After described mobile hardware safe unit 11 and fixed hardware security unit 12 are bound in described binding unit 14, described mobile hardware safe unit 11 and fixed hardware security unit 12 are registered to the first server 15a and second server 15b simultaneously, and submit separately relevant information or key to separately.
As long as this relevant information can guarantee that the described first server 15a and second server 15b can this hardware safe units of accurate recognition, can only be a PKI as the checking foundation of signature, also having can be the binding identifying information; It can also be the set of above-mentioned these information.
When the user need need described mobile hardware safe unit 11 and fixed hardware security unit 12 common stamped signature, characterization platform identity and user's identity simultaneously under binding relationship when the first server 15a characterizes identity.Two kinds of signs are indispensable, otherwise the first server 15a refuses this service.
When the user need need described mobile hardware safe unit 11 and fixed hardware security unit 12 common stamped signature, characterization platform identity and user's identity simultaneously under binding relationship when second server 15b characterizes identity.Two kinds of signs are indispensable, otherwise second server 15b refuses this service.
Described mobile hardware safe unit 11 and fixed hardware security unit 12 under binding relationship when the first server 15a sends service request, need be under the binding relationship common stamped signature of described mobile hardware safe unit 11 and fixed hardware security unit 12, characterization platform identity and user's identity simultaneously.
When the user when the first server 15a submits data to, for example " transfer into XX account XX unit ", this informational needs by described mobile hardware safe unit 11 for example USBKey carry out the digital certificates stamped signature.Need equally fixed hardware security unit 12 for example the TPM (Trusted Platform Module, trusted root) on the computer carry out the digital certificates authentication, perhaps carry out stamped signature.Through described mobile hardware safe unit 11 and fixed hardware security unit 12 common stamped signatures, can be sent to the described first server 15a again.
Described first server 15a and described mobile hardware safe unit 11, described fixed hardware security unit 12 and described binding unit 14 all communicate, be used for after described mobile hardware safe unit 11 and described fixed hardware security unit 12 binding relationships are established, the registration of described mobile hardware safe unit 11 and fixed hardware security unit 12 is provided, and the digital certificate of download is provided for described fixed hardware security unit 11.
Described second server 15b also all communicates with described mobile hardware safe unit 11, described fixed hardware security unit 12 and described binding unit 14, be used for after described mobile hardware safe unit 11 and described fixed hardware security unit 12 binding relationships are established, the registration of described mobile hardware safe unit 11 and fixed hardware security unit 12 is provided, and the digital certificate of download is provided for described fixed hardware security unit 11.
Described fixed hardware security unit 12 can also be to third-party server or other server downloading digital certificate, as the root certificate.The strategy of root certificate just need be relevant with third-party server or other server like this.
Described mobile hardware safe unit 11 and fixed hardware security unit 12 can be registered to the server of three or more.As long as can guarantee that described three or more server can this hardware safe unit of accurate recognition.
Described first server 15a and described second server 15b can be ebanking server.
The above only is a preferred implementation of the present invention, does not constitute the qualification to protection range of the present invention.Any any modification of being done within the spirit and principles in the present invention, be equal to and replace and improvement etc., all should be included within the claim protection range of the present invention.

Claims (15)

1. a method that guarantees digital certificate safety is characterized in that, described method comprises:
On first server, register fixed hardware security unit, have both-way communication pipeline between wherein said fixed hardware security unit and mobile hardware safe unit and be mutual binding relationship; Wherein, described fixed hardware security unit is used for the characterization platform identity; Described mobile hardware safe unit is used to characterize user's identity;
The digital certificate that reception and storage issue to described fixed hardware security unit from described first server, described digital certificate is the root certificate;
Described certificate generated sub-certificate;
Described sub-certificate is registered to described first server;
Distribute described sub-certificate to described mobile hardware safe unit.
2. the method for assurance digital certificate safety according to claim 1, it is characterized in that, the strategy of described certificate is by the server decision of downloading described certificate, the strategy of described certificate comprises at least: whether the timeliness of digital certificate, digital certificate transportable sign, whether digital certificate can produce the sign of sub-certificate, and digital certificate produces the restriction of sub-certificate.
3. the method for assurance digital certificate safety according to claim 2 is characterized in that,
The relation of described mobile hardware safe unit and fixed hardware security unit binding is specially ad-hoc mode, and the strategy of described certificate comprises whether transportable sign of digital certificate;
Whether digital certificate transportable be masked as transportable, as described digital certificate migration between described fixed hardware security unit and the binding of mobile hardware safe unit of root certificate.
4. the method for assurance digital certificate safety according to claim 2, it is characterized in that, the relation of described mobile hardware safe unit and fixed hardware security unit binding is specially collaboration mode, the sub-certificate of described certificate or described certificate generation is split as two parts, is deposited respectively by described mobile hardware safe unit and fixed hardware security unit; Described mobile hardware safe unit is deciphered after described fixed hardware security unit mandate and is obtained described sub-certificate.
5. the method for assurance digital certificate safety according to claim 2, it is characterized in that, the relation of described mobile hardware safe unit and fixed hardware security unit binding is specially master slave mode, be that described fixed hardware security unit is in the master control status, described mobile hardware safe unit lays under tribute;
Whether described certificate can produce being masked as of sub-certificate can produce sub-certificate, described fixed hardware security unit produces sub-certificate, and with described sub-certificate to described server or other server registration, the described mobile hardware safe unit lay under tribute is given in the issue of the sub-certificate safety after the registration or migration;
Described certificate has dominant right to control the destruction of described sub-certificate, renewal or granting again.
6. the method for assurance digital certificate safety according to claim 2, it is characterized in that, whether digital certificate can produce being masked as of sub-certificate can produce sub-certificate, and the strategy of the described sub-certificate of generation comprises at least: key, described certificates identified, the scope of application, use limit.
7. the method for assurance digital certificate safety according to claim 6 is characterized in that, in the application model of high safety grade, described sub-certificate is stored in described fixed hardware security unit by root certificate or association key encryption;
When sub-certificate need use, determine the legitimacy of described sub-certificate by described fixed hardware security unit, after verification, described fixed hardware security unit deciphering or decruption key is provided.
8. the method for assurance digital certificate safety according to claim 6 is characterized in that, comprises two kinds of forms as the sub-certificate that digital certificate produced of root certificate: pure certificate format and module certificate format;
The sub-certificate of described pure certificate format is identical with the ordinary electronic certificate;
At least comprise in the sub-certificate of described module certificate format: certificate data, certificate calling interface, certificate call executive program, certificate policy, certificate check information, certificate storage user's check information, module encryption/decryption element.
9. the method for assurance digital certificate safety according to claim 8 is characterized in that, described sub-certificate migrates to described mobile hardware safe unit to described server or other server registration;
For the sub-certificate of pure certificate format, described mobile hardware safe unit is directly visited described sub-certificate content;
For the sub-certificate of module certificate format, described mobile hardware safe unit is realized the visit and the modification of described sub-certificate by the certificate calling interface.
10. the method for assurance digital certificate safety according to claim 8 is characterized in that, described mobile hardware safe unit receives described sub-certificate, and described sub-certificate is used as identification identifier;
Described mobile hardware safe unit has journal function, and described fixed hardware security unit is inquired about by the daily record of described mobile hardware safe unit and recalled.
11. one kind guarantees the digital certificate safe terminal, it is characterized in that, comprising:
Fixed hardware security unit is used for the characterization platform identity and preserves the digital certificate that described terminal is downloaded from first server, and described digital certificate is the root certificate; And described certificate generated sub-certificate;
Creating unit is used for creating both-way communication pipeline between mobile hardware safe unit and described fixed hardware security unit; Wherein, described mobile hardware safe unit is used to characterize user's identity;
The binding unit is used for setting up mutual binding relationship between described mobile hardware safe unit and fixed hardware security unit;
Transmitting element is used for sending to described first server register requirement of described fixed hardware security unit, and the register requirement of the sub-certificate that derives from according to described certificate of the described fixed hardware security unit that sends to described first server;
Download unit is used for downloading described digital certificate from described first server;
Memory cell is used to store described digital certificate, and described digital certificate is the root certificate;
Dispatch unit is used for and will distributes described mobile hardware safe unit to the sub-certificate of described first server registration.
12. assurance digital certificate safe terminal according to claim 11 is characterized in that, the strategy of described digital certificate is by the server decision of providing described digital certificate;
The strategy of described digital certificate comprises at least: whether the timeliness of digital certificate, digital certificate transportable sign, and whether digital certificate can produce the sign of sub-certificate, and digital certificate produces the restriction of sub-certificate.
13. assurance digital certificate safe terminal according to claim 12, it is characterized in that, the relation of binding between the described mobile hardware safe unit of described binding unit setting and the described fixed hardware security unit is specially ad-hoc mode, and the strategy of described digital certificate comprises the sign whether digital certificate can move;
Whether digital certificate transportable be masked as transportable, as described digital certificate migration between described fixed hardware security unit and the binding of mobile hardware safe unit of root certificate.
14. assurance digital certificate safe terminal according to claim 12, it is characterized in that, the relation of binding between the described mobile hardware safe unit of described binding unit setting and the described fixed hardware security unit is specially collaboration mode, the sub-certificate that described digital certificate or described digital certificate produce is split as two parts, is deposited respectively by described mobile hardware safe unit and fixed hardware security unit; Described mobile hardware safe unit is deciphered described sub-certificate after described fixed hardware security unit mandate.
15. the system of assurance digital certificate safety according to claim 12, it is characterized in that, the relation of binding between the described mobile hardware safe unit of described binding unit setting and the described fixed hardware security unit is specially master slave mode, be that described fixed hardware security unit is in the master control status, described mobile hardware safe unit lays under tribute;
Whether described certificate can produce being masked as of sub-certificate can produce sub-certificate, described fixed hardware security unit produces sub-certificate, and with described sub-certificate to described server or other server registration, the described mobile hardware safe unit lay under tribute is given in the issue of the sub-certificate safety after the registration or migration;
Described certificate has dominant right to control the destruction of described sub-certificate, renewal or granting again.
CN2007101799030A 2007-12-19 2007-12-19 Method and terminal for ensuring digital certificate safety Active CN101465732B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN2007101799030A CN101465732B (en) 2007-12-19 2007-12-19 Method and terminal for ensuring digital certificate safety

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN2007101799030A CN101465732B (en) 2007-12-19 2007-12-19 Method and terminal for ensuring digital certificate safety

Publications (2)

Publication Number Publication Date
CN101465732A CN101465732A (en) 2009-06-24
CN101465732B true CN101465732B (en) 2011-04-27

Family

ID=40806109

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2007101799030A Active CN101465732B (en) 2007-12-19 2007-12-19 Method and terminal for ensuring digital certificate safety

Country Status (1)

Country Link
CN (1) CN101465732B (en)

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101674304B (en) * 2009-10-15 2013-07-10 浙江师范大学 Network identity authentication system and method
CN102387122A (en) * 2010-09-02 2012-03-21 南京壹进制信息技术有限公司 Method for encrypting multi-user data backup
CN104917741B (en) * 2014-07-19 2018-10-02 国家电网公司 A kind of plain text document public network secure transmission system based on USBKEY
CN104200148B (en) * 2014-08-25 2017-06-09 浪潮集团有限公司 A kind of smart card redundancy switching method based on autonomous domestic redundant server
CN104579689B (en) * 2015-01-20 2018-02-13 中城智慧科技有限公司 A kind of soft cipher key system and implementation method
CN107508796B (en) * 2017-07-28 2019-01-04 北京明朝万达科技股份有限公司 A kind of data communications method and device
CN109379179B (en) * 2018-12-19 2022-11-18 北京百度网讯科技有限公司 Method and apparatus for updating digital certificates
CN109714218B (en) * 2019-03-05 2021-11-23 佛山点度物联科技有限公司 Internet of things server configuration information synchronization method
CN112311718B (en) 2019-07-24 2023-08-22 华为技术有限公司 Method, device, equipment and storage medium for detecting hardware
CN114006699B (en) * 2020-10-28 2023-11-07 北京八分量信息科技有限公司 Certificate issuing method in zero trust architecture

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1351789A (en) * 1999-05-21 2002-05-29 国际商业机器公司 Method and apparatus for initializing secure communications among and for exclusively pairing wireless devices
US20040059916A1 (en) * 2002-09-11 2004-03-25 Nagamasa Mizushima Memory card
CN1866816A (en) * 2006-01-25 2006-11-22 华为技术有限公司 Mobile terminal root certificate maintaining method, system and mobile terminal
WO2007117131A1 (en) * 2006-04-10 2007-10-18 Trust Integration Services B.V. Arrangement of and method for secure data transmission.

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1351789A (en) * 1999-05-21 2002-05-29 国际商业机器公司 Method and apparatus for initializing secure communications among and for exclusively pairing wireless devices
US20040059916A1 (en) * 2002-09-11 2004-03-25 Nagamasa Mizushima Memory card
CN1866816A (en) * 2006-01-25 2006-11-22 华为技术有限公司 Mobile terminal root certificate maintaining method, system and mobile terminal
WO2007117131A1 (en) * 2006-04-10 2007-10-18 Trust Integration Services B.V. Arrangement of and method for secure data transmission.

Also Published As

Publication number Publication date
CN101465732A (en) 2009-06-24

Similar Documents

Publication Publication Date Title
CN101465732B (en) Method and terminal for ensuring digital certificate safety
CN101464932B (en) Cooperation method and system for hardware security units, and its application apparatus
CN101515319B (en) Cipher key processing method, cipher key cryptography service system and cipher key consultation method
CN1939028B (en) Accessing protected data on network storage from multiple devices
JP4800624B2 (en) System, apparatus and method for exchanging encryption key
EP0755598B1 (en) Computer network cryptographic key distribution system
US9686072B2 (en) Storing a key in a remote security module
RU2300845C2 (en) Method and system for safe distribution of data transferred through public data network
CN111324881B (en) Data security sharing system and method fusing Kerberos authentication server and block chain
CN101872399A (en) Dynamic digital copyright protection method based on dual identity authentication
CN114036539A (en) Safety auditable Internet of things data sharing system and method based on block chain
JP2010231404A (en) System, method, and program for managing secret information
CN115883154A (en) Access certificate issuing method, block chain-based data access method and device
US8161565B1 (en) Key release systems, components and methods
CN112565294A (en) Identity authentication method based on block chain electronic signature
CN111431880B (en) Information processing method and device
JP4058035B2 (en) Public key infrastructure system and public key infrastructure method
CN113329003A (en) Access control method, user equipment and system for Internet of things
CN112906032A (en) File secure transmission method, system and medium based on CP-ABE and block chain
KR100681005B1 (en) Key roaming method, and method for the same
CN101107610A (en) A method for discouraging illegal distribution of content within a drm system for commercial and personal content
CN101667995B (en) Method and system for managing digital copyright, hardware security unit and computer
CN117118759B (en) Method for reliable use of user control server terminal key
CN101470643B (en) Fixed hardware security unit backup and recovery method and system
JPH09130376A (en) User password authentication method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant