1.1 Digital Certificate Introduction
The digital certificate uses a public key system to encrypt and decrypt each other with a pair of mutually matched keys. Each user yourself set a specific private key (private key) known only to use it, decrypt and sign it; at the same time set a public key (public key), and is open to a group The user is shared, used to encrypt and verify the signature. When a confidential file is sent, the sender uses the recipient's public key to encrypt the data, and the recipient uses its own private key to decrypt, so information can be safe and unmracted. Destination. The encryption process ensures that the encryption process is an irreversible process, that is, only the private key can be decrypted. In the public key cryptographic system, one of the common use is the RSA system. The public key technology solves the management problem of the key release, and the user can disclose its public key, but retain its private key. Under normal circumstances, the certificate also includes the key time of the key, the name of the certificate (certificate authority center), the serial number of the certificate, etc., the format of the certificate follows the ITUT X.509 international standard.
Digital certificates are the identity of various terminal entities and end users to communicate online and business activities. All parties in electronic transactions, all parties to the transaction need to verify the effectiveness of the other party's digital certificate, thereby solving the problem of mutual trust .
The user's digital certificate is the core of X.509, and the certificate is established by a trusted certificate issuing agency (CA) and places itself into a public directory by CA or the user for other users to access. The directory server itself is not responsible for creating public key certificates for users, and its role is only to provide users with access to public key certificates.
In the X.509, the data fields containing the digital certificate are:
(1). Version number
(2). Serial number: As an integer value, the serial number of each certificate issued by the same issuer (CA) is unique.
(3). Signature algorithm identifier: The algorithm used by the certificate and the corresponding parameters used.
(4). Publisher Name: Refers to the CA name of establishing and signing the certificate.
(5). Validity: The start time and termination time including the validity period of the certificate.
(6). Subject Name: Refers to the name of the user belonging to the certificate, and this certificate is used to demonstrate the public key corresponding to the private key user.
(7). The public key information of the body: The disclosure key including the body, the identifier of the algorithm of this disclosure key and the corresponding parameters.
(8). Publisher unique identifier: This data item is optional. When the CA name is reused for other entities, use this identifier to uniquely identify the issuer.
(9). Subject unique identifier: This data item is also optional, and when the name of the body is reused for other entities, this identifier is used to uniquely identify the body.
(10). Expansion domain: which includes one or more expanded data items. Use only in the third edition.
(11). Signature: The result of digital signature of the above domain with its own private key.
1.2 Certificate acquisition
CAs should have the following features for the user:
(1). Other users can result in the public key signed by the user as long as the public key is obtained by the CA.
(2). In addition to CA, other people cannot modify the content of the certificate in a way that is not perceived.
Because the certificate is unable to create a special protection for the directory of the storage certificate.
If all users are signed by the same CA, this CA must obtain trust in all users. The user certificate can also be sent directly to other users directly from the directory to others. User B gets the certificate of A, the message of the public key encryption of the meticulous credit A will not be learned by others, and the message that the private key signed by the letter A is unable to be used.
If the number of users is large, only one CA is responsible for signing a certificate for the user, usually there should be multiple CAs, each CA is issued, and the certificate is signed. The user A has acquired a public key certificate from the certificate issuance mechanism X1, and the user B has obtained a certificate from X2. If A does not know the public key of x2, he can read the certificate of B, but it is not possible to verify the signature of X2 in the user B certificate, so the certificate of B is not used by A. However, if the two certificate issuance mechanisms X1 and X2 have been securely exchanged with each other, A can acquire B's public key by following the process:
(1). A From the directory, the certificate X1 "X2" signed by the X1 is obtained, and the public key of X1 can be verified by a disclosure key of X1, and the public key of X2 is obtained.
(2). A Further, acquire the certificate X2 "B" signed by the X2, and verify this by the public key of the X2, and then the public key of B is obtained.
In the above process, a is the public key of B by a certificate chain, and the certificate chain can be expressed as
X1 "x2" x2 "b"
Similarly, B can obtain a public key of A by the opposite certificate chain, indicating
X2 "x1" x1 "a"
Only two certificates are involved in the above certificate chains, and the certificate chains of n certificates can be expressed as
X1 "x2" x2 "x3" ... XN "b"
At this time, any two adjacent CAXI and CAXI 1 have established a certificate to each other. For each CA, all certificates established by other CAs should be stored in the directory, and the user knows All certificates are connected to each other, so that another user's public key certificate can be obtained. X.509 recommends that all CAs organizes in hierarchies, and user A can get the corresponding certificate from the directory to establish the following certificate chain of B:
X "w" w "v" V "u" u "y" y "z" z "b"
The public key of B is obtained through the certificate chain.
Similarly, b can establish the following certificate chain to obtain the public key of A:
X "w" w "v" V "u" u "y" y "z" z "a"
1.3 revocation of the certificate
As can be seen from the format of the certificate, each certificate has a validity period, but some certificates have not been revoked by the CA revocation of the certificate without the date, which may be due to the user's private key has been leaked, or the user It is no longer authenticated by this CA, or the CA has leaked the private key to the user's certificate. To this end, each CA must also maintain a certificate revocation list, where all the certificates that have been revoked in advance are stored, including the CA to the user and the certificate issued to other CAs. CRL must also sign this CA and then stored in the directory for others to query.
The data fields in the CRL include the name of the issuer CA, establish the date of the CRL, which is planned to publish the date of the next CRL and each revocated certificate data domain. The revocated certificate data is included in the serial number of the certificate and the date of revocation. For a CA, it is unique, so the serial number is available to identify each certificate.
Therefore, when each user receives the certificate in the news, it must be checked by the directory to check whether this certificate has been revoked. In order to avoid the latency caused by the search directory and therefore increased, the user can maintain a valid certificate and The local buffer area of the revocation certificate.
1.4 SHTTP and SET
1.4.1 SHTTP
At present, driven by economic interests, information in online transmission of commercial data is often blocked, stealing, tampering, and even malicious damage, bringing significant losses to business activities. Therefore, establish a secure electronic trading system, improve the transmission of network data, has become the basic guarantee for the normal development of e-commerce.
1. The development of safety electronic transactions
The first stage: The original ordering method passes HTML, the customer can fill in, print and send back the order through ordinary mail. The vendor catalog is online, and the ordering handler is not. The second phase: the seller builds customers can be submitted online. Simple orders require users to enter data in one or more HTML forms, and the HTML front end usually generates according to the product database.
The third stage: Adopt sales cars applications, by using HTTPCookies and HTTP headers, allow users to browse the online directory, and add items to virtual sales to virtual sales from multiple pages, and the backend system saves all selected items to end at the end of the virtual trading session. buy.
Due to the enhancement of the exchange capacity of the transaction, data transmission security in interactive operation is increasingly important, and the e-commerce security mechanism has also experienced the development of the security mechanism that is integrated by the expressive transmission, digital signature and safety certification.
(1) Ming Text HTTP WEB-based transaction uses standard Web protocols and standard credit cards to complete payment. Customers send payment information using the HTTP page and HTTP form vendors. HTTP is a plaintext text agreement, and the network analyst has the opportunity to obtain a clear text and get billing information, such as a credit card number.
(1) Safety HTTP (SecureHTTP, That is, SHTTP) is an extension of the HTTP protocol, the purpose is to ensure the transmission of commercial trade and promote the development of e-commerce. SHTTP failed to be widely used due to the rapid emergence of SSL.
(3) HTTP and SSL are a cryptographic technology developed by Netscape for TCP / IP sockets, which is a channel-based encryption method for improving security, such as HTTP, TELNET, and FTP. Enhance the confidentiality and reliability between communication applications. Its features include data encryption, server authentication, information integrity, and optional customer TCP / IP connection verification.
SSL can use various types of encryption algorithms and key authentication mechanisms, similar to SHTTP, SSL provides the ability to encrypt HTTP network packets. SHTTP works in the HTTP protocol layer, SSL works in the socket layer, enters a variety of other other-socket-based Internet protocols. The negotiation between the SSL client and the server is similar to the processing of the socket negotiation. SSL is different from SHTTP: the latter is a super-collection of HTTP, which is limited to the use of the web; the former is sent via Socket, SSL is a protocol for safe processing between the client and the server through the socket layer. Applications in all TCP / IP applications. SSL includes information and exchange certificate and key information of the negotiated algorithm type between the client and the server.
At present, SSL basically replaces SHTTP. Most web trade uses a traditional web protocol and uses SSL encrypted HTTP to transmit sensitive billing information. Various web trading applications provide similar functions, and its backend system is being replaced by commercially used commercial server products. More complex real-time payment confirmation systems need to integrate with commercial systems in commercial banks. The smaller complex system delays paying confirmation until the required transaction moves to the conventional bill of business.
2. The security of online payment
In the process of online transactions, electronic payment is the most important link, and the security of network payment methods is the core content of e-commerce security. Digital currency is also constantly improving in addition to more popular currency forms (such as credit cards).
1. Credit card electronic payment
The purpose of electronic payment is to make the network's consumers pay convenient to pay for commercial agencies. Taking a credit card payment system as an example, commercial sales company purchases installed electronic payment server software to the bank to register to use it. The software runs on the WWW and accepts the user's shopping request. The user installs a "wallet" software on a personal computer to encrypt multiple credit card information stored in the user to ensure that the information is securely transmitted in the network. The insufficient electronic payment of the credit card is that it cannot hide the identity of the consumer, and the consumer's transaction information will leave a record. In addition, the operation and maintenance cost of credit card has increased the additional burden of consumers. 2. Digital currency
Digital currency is a more simple and secure payment tool that uses encryption techniques or to store it on cards with encryption and anti-corrosion. Some digital currencies require software execution, others require new hardware (such as smart cards). Smart cards are similar to the information card with a microprocessor with a storage information, which uses digital signatures and other encryption forms, thus safer than ordinary credit cards.
Most types of digital currencies have their own agreements for exchange of financial applications between consumers, sellers and issuers. The protocol is executed by the backend server software and the customer's "wallet" software. Wallet software can be used to generate the serial number of digital currency, encrypt communication with banks. There are some problems with digital currencies, such as digital currency is easy to copy, so it can only be used one-time; in addition, it requires direct participation in banks in circulation, traders, consumer and bank trip The "receipt" of digital signatures is retained each other for future verification; and if the digital currency is equal to loss and cannot be retrieved.
In summary, SHTTP uses a different method of SSL. It operates by expanding the HTTP protocol (application layer), better than a lower layer. Therefore, although SSL can be applied to all network services, SHTTP is a specific web protocol. In addition, the advantage of SHTTP is a more flexible protocol for HTTP extensions, SHTTP full compatible browsers and servers.
1.4.2 Safety Electronics Trading (SET)
The set itself is not a payment system, but a collection of security protocols and formats such that users can configure the existing credit card payment infrastructure on open network in a safe way, such as Internet.
In essence, SET provides 3 services:
l Provides a secure communication channel between the parties involved in the transaction
l Provide trust by using X.509 digital certificate
l Guarantee confidentiality because information is only necessary when necessary, the necessary places can be used for transactions.
Demand
The demand for SET comes from business activities that use credit cards on Internet and other networks, such as
l Provides confidentiality for system and ordering information
l Guarantee all the integrity of data
l Whether the owner of the card is the legal user of the credit card account
l Whether the businessman can accept credit card transaction with financial institutions
l Guarantee all legal parties in e-commerce transactions using the best security strategy and system design technology.
l Create an agreement that does not depend on transportation layer security mechanisms and does not prevent them from using
l Convenient and encourage interoperability between software and network providers: SET protocol and format independently of hardware, operating system, and web software.
2. Key features of SET
l Concession of information:
l The integrity of data:
l Card user account identification:
l Businessman's identification:
3. Participants of SET
L card users
L businessman
l Pseudon: That is, a bank L: Financial institution: Building an account between businessmen and handles authorization and payment of the payment card.
l Payment Gateway: It is the function of processing business payment packets operating by the winner or assigned third party.
l Certificate Management Institution (CA): is a trusted to card user, businessman and payment gateway to issue an entity of the X.509V3 public key certificate
4. Trading process
(1) (Consumers) Open the account: obtain a credit card account from the bank supporting the electronic payment and SET.
(2) (Consumers) Received the certificate: received X for the bank. 509V3 Digital Certificate (which determined the customer's RSA public key and its validity period, and also established a relationship with the bank's guarantee between the customer's key pair with its credit card.
(3) Businessmen have their own certificate: a businessman who accepts a specific credit card must obtain two certificates of the two public keys it own; one for signature, one for key exchange. The merchant also needs to pay the copy of the public key certificate of the gateway.
(4) Customer proposes a subscription: The customer sends a list of goods to the merchant, and the merchant returns a table containing the list, the price, the total price, and the order number, and the copy of its certificate.
(5) Businessman is verified: the customer's copy of the merchant certificate verifies that it is dealing with legal stores.
(6) Send order and payment news: Customers will order orders, payment information, and their own certificates.
(7) The businessman requests payment recognition: the merchant issues the payment information to the payment gateway (requested to approve if the customer's deposit is enough to pay this purchase).
(8) Businessman confirms the order: The merchant will send the subscription to the customer.
(9) The businessman provides goods or services.
(10) Businessman request payment: This payment request is sent to the payment gateway, the latter handles all payment processing.
5. Transaction details
The details of the transaction are divided into three steps, that is, the purchase request, payment recognition and payment.
(1) Purchase request
In the second work (ie before it is used): Card users have completed browsing, select, and order. When the merchant sends a complete order form to the customer, this initial phase is the end.
Packets for purchasing request exchange consists: initiating requests, initiating responding, purchasing requests, and purchase responses.
1 initiated request: In order to send SET packets to the merchant, the card user must have a copy of the businessman and payment gateway certificate. The customer requested these certificates in the initiative request packet sent to the merchant. The message includes a trademark of a credit card used by a customer, as well as a customer gives this request / response to one id and a timestamp that guarantees timeline.
2 initiated a response: businessman generates a response, and sign it with your own private key. Respond
l Time stamp from customers
L Another timing returned for the customer in the next message
l This purchase transaction is a transaction ID
L businessman's signature certificate
l Key exchange certificate for payment gateway
3 Purchase request: Card users are logged by the corresponding CA, and then create Order Information (OI) and Payments Information (PI). The transaction ID given by the merchant is placed in Oi and Pi. OI does not include significant order data (such as quantity, price, etc.). Instead, it contains a reference to the order generated during the exchange between the merchant and the customer before the shopping phase of the first SET message. Next, the card user is ready to purchase the request message, for this, the card user generates a disposable symmetric encryption key KS. The packets include the following three aspects a) information related to the purchase: will forward the merchant to the payment gateway, the components are:
l pi
l Twolbly signature, calculated on PI and Oi, using customers private signature key for signing
l IO Packet Summary (OIMD) (the payment gateway requires Oimd to verify that the two-way signature is the same as the signature explanation. The above three items are encrypted with KS
L Digital Envelope: It is formed by encrypting a key exchanged with the public key of the KS and the payment gateway (the reason being referred to as a digital envelope, because other items listed above must be opened (decrypt) this envelope.
For business people, the value of KS is unavailable. Therefore, he cannot read any news related to this payment.
b) Information related to the order: businessman needs, consists of the above part:
l IO
l Twolbly signature, calculated on PI and Oi, using customers private signature key for signing
l pi packet summary (PIMD)
Business people need PIMD to verify bidirectional signatures. Note that OI is empty.
c) Card user's certificate: contains the public signature key for the user. Businessmen and payment gateways need it.
4 Purchase Response: The merchant receives the purchase request, verifies the user's certificate through the CA signature of the card user.
l Verify the bidirectional signature using the customer's public signature key. (Make sure that the ordering information is not tampered with during the transmission, and it has been signed using the private signature key of the card user).
l Handle the order information and transfer the payment information to the payment gateway.
l Send a purchase response to the card user.
The purchase response message includes a response block that confirms the order and references the corresponding transaction number. Businessmen use their own private signatures to sign this block. This block and its signature plus the businessman's signature certificate to the customer.
When the software of the card user receives the purchase response message, it verifies the businessman's certificate and then verifies the signature on the response block. Finally, it takes certain actions based on the response (such as displaying a message or modifying the status of the item in the database)
(2) Payment recognition
During a subscription from the card user, the merchant requests the payment gateway to approve the transaction. The payment of the accreditation ensures that the transaction has been approved by the issuer, which can be paid by the merchant, so merchants can provide services or goods to customers. The payment of the accreditation exchange consists of two packets that are recognized and approved.
1 The businessman sends a recognition request message to the payment gateway, the content is
l Information related to the purchase: is obtained from the customer.
l and recognized information is generated by the businessman.
l Certificate: including the signature key certificate of the card user (used to verify the two-way signature), the businessman's signature key certificate (for verifying the signature of the businessman) and the businessman's key exchange certificate (to be used in the response of the payment gateway) .
2 payment gateway to complete the following tasks
l Verify all certificates.
l Decrypt the digital envelope of the approved data block to obtain a symmetrical key, then decrypt the approved data block. l Verify the signature of the merchant in the recognized data block.
l Decipong the digital envelope of the payment data block to obtain a symmetric key, then decrypt the payment data block.
l Verify the two-way signature of the payment data block.
l Verify that the transaction ID received from the merchant is matched with the transaction ID (non-direct) in the PI received from the customer.
l Request and receive an approved issuer.
After obtaining a recognition from the issuer, the payment gateway returns the businessman to the businessman, including
l and recognized information: including the approved approved data block, using the private signature key for the payment gateway, and encrypts the disposable symmetry key generated by the gateway. A digital envelope is also included, which includes a one-time key that encrypts a key exchanged key exchange using a public key.
l Get the authority information. This information will be used to affect future payments. The form of this data block is the same as the same - ie the signature encrypted acquisition is added with a digital envelope. Businessmen do not deal with this weight, but must return in the payment request.
l Certificate. The signature key certificate for the gateway.
After obtaining the approve of the gateway, the merchant can provide the goods or service to the customer.
(3) Payment acquisition
In order to obtain payment, the merchant hires the payment gateway in the payment acquisition transaction, consists of obtaining requests and acquisition packets.
For getting request messages, merchants generated, signed, and encrypted request data blocks, the block contains the number and transaction ID of the payment. The message also includes encrypted acquisition with the previously received transaction (in an approved response), as well as a certificate of the logo key and key exchange key.
When the payment gateway receives the acquisition request message, it decrypts and verifies the acquisition request data block, decrypt and verify the acquisition barrier block. Then check the consistency of the acquisition request and access to the request. Then, create a clear request and send it to the issuer through a private payment network. This request causes the account of the merchant being allocated.
Next, the payment gateway notifies the businessman payment in the acquisition response message. The message includes a gateway signature and an encrypted acquisition response data block. Also includes the signature key certificate for the gateway. The software's software saves this response to the payment associated with the winner.
(Excerpt from Western Army Electric Network and Information Security Report)
