CPK-based digital bank, digital currency, and payment method
11301842 · 2022-04-12
Assignee
Inventors
Cpc classification
H04L9/3073
ELECTRICITY
H04L2209/56
ELECTRICITY
H04L9/3263
ELECTRICITY
International classification
G06Q20/40
PHYSICS
G06Q20/06
PHYSICS
H04L9/32
ELECTRICITY
H04L9/30
ELECTRICITY
Abstract
Disclosed are a CPK-based digital bank, a digital currency and a payment method. The digital currency is a core component of the digital bank. The digital currency is realized by means of a CPK digital signature, and a payer provides an account authenticity certification, an amount authenticity certification and a fund allocation authenticity certification, thereby effectively preventing crimes inside or outside a bank. The digital currency directly takes an account identifier as an account number. The digital currency can be used in on-line operations, as well as off-line operations, thereby satisfying face-to-face trade requirements between a great number of retail accounts. The CPK digital bank is realized by means of a CPK chip without support of other devices, such that everyone can check the authenticity of the digital currency.
Claims
1. A combination public key based digital currency payment method, comprising the following steps: S1: a payee notifies a payment account of a payee amount, and the account determines an amount of a digital currency that needs to be paid; and the notification method is implemented by an authenticity certification of the account and an authenticity certification of an amount: SIG.sub.firm(time1)=(s5, c5)=sign5; SIG.sub.firm(amount)=(s6, c6)=sign6; wherein SIG is a signature function, firm is a private key of a identity corresponding to the payee, the private key of the firm identity is indicated by lowercase and italic alphabetic symbols; and time1 indicates a signature time, and amount indicates the amount; S2: the payee packs the above data into data1 and a quick response code 1, and sends the data1 and the quick response code 1 to the payment account; data1={Firm, time1, sign1, sign2, amount}; wherein Firm is a firm identity corresponding to the payee: S3: the payment account checks authenticity of the firm and authenticity of the amount according to the following formulas: VER.sub.FIRM(time1, s5)=c5′; VER.sub.FIRM(amount, s6)=c6′; wherein VER is a verification function, and FIRM is a public key of the firm identity corresponding the payee, the public key of the firm identity is indicated by lowercase and italic alphabetic symbols; S4: the payment account calls out data2 and a quick response code 2 of an authenticity certification a valueless digital currency, and the authenticity certification of the valueless digital currency comprises an authenticity certification of an issuer and an authenticity certification of a serial number: SIG.sub.bank(time2)=(s1, c1)=sign1; SIG.sub.bank(serial-no)=(s2, c2)=sign2; data2={Bank,time2,sign1,serial-no,sign2}; wherein bank is a private key of the bank identity of the issuer, the private key of the bank is identity is indicated by lowercase and italic alphabetic symbols, and Bank is the bank identity of the issuer; time2 indicates a signature time; serial-no is the serial number of the valueless digital currency; S5: the payment account fills in the amount in the valueless digital currency, and provides an authenticity certification of a valuable digital currency which constitutes a data packet data3 and a quick response code 3: SIG.sub.account(time3)=(s3, c3)=sign3; SIG.sub.account(amount)=(s4, c4)=sign4; data3={Account, time3, sign3, amount, sign4}; evidence of an authenticity certification of a fund flow is provided by the payment account according to the following formulas: SIG.sub.account(Firm)=sign7; wherein account is a private key of the payment account, and the private key of the payment account is indicated by lowercase and italic alphabetic, symbols; time3 indicates a signature time; S6: the payment account sends a data packet data to the bank, and the data comprises data2, data3, and the authenticity certification of the fund flow {Firm, sign7}; the data packet can be sent in an encryption manner: rG=key; E.sub.key(data)=code1; ENC.sub.BANK(key)=β1; wherein E is a symmetric encryption function, and ENC is an asymmetric encryption function; and Bank is a public key of the bank identity, and the public key of the bank identity is indicated by uppercase and italic alphabetic symbols; the account sends code1 and β1 to the bank; S7: the bank receives the data, and if the data is encrypted, decryption is first performed: DEC.sub.bank(β1)=key; D.sub.key(code1)=data; data={data2, data3, Firm, sign7}; wherein data2={Bank, time2, sign1, serial-no, sign 2}; data3={Account, time3, sign3, amount, sign4}; wherein DEC is an asymmetric decryption function, and D is a symmetric decryption function; the bank checks authenticity item by item, comprising authenticity of the valueless digital currency; authenticity of the valuable digital currency and authenticity of the fund flow; S8: after verification is completed, the bank makes a settlement; when making a settlement, the bank must keep an authenticity certification of the payment account, a fund withdrawal of amount authenticity certification of the payment account, and a fund flow of fund flow authenticity certification of the payment account; and then the bank issues a settlement notification to the payee, and contents of the settlement notification comprise the authenticity certification of the bank and the authenticity certification of the amount which constitute a data packet data4; and specifics are as follows: SIG.sub.bank(time4)=(s8, c8)=sign8; SIG.sub.bank(amount)=(s9, c9)=sign9; data4={Bank, time4, sign8, amount, sign9}; S9: data4 is sent in an encryption manner: rG=key; E.sub.key(data4)=code2; ENC.sub.FIRM(key)=β2; the bank sends code 2 and β2 to Firm; wherein r is a random integer, G is a base point of an elliptic curve, key is a randomly generated symmetric key and used for data encryption; under an action of the key, the data data4 is encrypted to obtain a password code2; and then the key is encrypted by using a public key FIRM of the payee to obtain a key β2 of a symmetric key; S10: after receiving the settlement notification of the bank, the payee verifies authenticity of the settlement notification of the bank, and issues a receipt to the payment; and if the notification is encrypted, decryption is performed: DEC.sub.firm(β2)=key D.sub.key(code2)=data4; data4={Bank, time4, sign8, amount, sign9}; wherein sign8 is the authenticity certification of the bank, and sign9 is the authenticity certification of the amount; S11: the payee verifies the authenticity certification of the bank and the authenticity certification of the amount in the settlement notification of the bank: VER.sub.BANK(time4,s8)=c8′; VER.sub.BANK(amount,s9)=c9′; S12: the payee issues the receipt, wherein the receipt comprises an authenticity certification of a firm and the authenticity certification of the amount, which are made into a data packet data5 and provide a quick response code 5, wherein the quick response code 5 is indicated by QR5: SIG.sub.firm(time5)=(s10, c10)=sign10; SIG.sub.firm(amount)=(s11, c11)=sign111; data5={Firm, time5, sign10, amount, sign 11} wherein sign10 indicates the authenticity certification of the firm; and sign11 indicates the authenticity certification of the amount.
2. The combination public key based digital currency payment method according to claim 1, further comprising the following step: S13: the receipt is printed on paper or an invoice.
3. The combination public key based digital currency payment method according to claim 1, wherein the quick response code is printed on paper, or stored in an electronic device.
Description
BRIEF DESCRIPTION OF DRAWINGS
(1) To make the objectives, technical solutions, and beneficial effects of the present invention clearer, the present invention provides the following accompanying drawing for description.
(2)
DETAILED DESCRIPTION OF THE EMBODIMENTS
(3) The following describes the preferred embodiments of the present invention in detail with reference to the accompany drawing.
(4) The embodiments provide a digital bank based on a combination public key (CPK) system.
(5) The CPK is an identifier-based combination public key, and is composed of a combination matrix. The matrix is divided into a public key matrix and a private key matrix. On an elliptic curve, G is a base point. If any integer a is a private key, then aG=A, and A is a public key corresponding to a. Assuming that an identifier is Alice, then public and private keys of Alice are obtained in the following manner the identifier is transformed into a random number sequence through Hash transformation, the random number sequence is taken as coordinates of the matrix, and variables on the 32 coordinates are separately accumulated to obtain the public and private keys. For example:
(6) ALICE.fwdarw.Σ.sub.i=1.sup.32Σ.sub.j=i.sup.32R.sub.i,j.fwdarw.ALICE (uppercase, italic, indicating the public key);
(7) ALICE.fwdarw.Σ.sub.i=1.sup.32Σ.sub.j=1.sup.32r.sub.i,j.fwdarw.alice (lowercase, italic indicating the private key).
(8) Because the public key matrix (R.sub.i,j) is available to everyone, the public key can be calculated provided that the identifier is known. However, the private key matrix (r.sub.i,j)) is kept only in a key management center (KMC).
(9) The CPK has a digital signature function and a key encryption function. Key encryption is used for secret delivery of the keys.
(10) The digital bank is established on an autonomously controllable virtual network.
(11) The virtual network is an identifier-to-identifier interconnection authentication network, which is referred to as an I to I authentication mode. A basic identifier used by the digital bank is an account name (an account number), and further relates to a bank name and a firm name. The identifier used in the virtual network must meet uniqueness, recognition, and provability. The virtual network is independent and traceable. Independence separates networks from each other, separates events from each other, and blocks transfer of any trust relationship, so that takeover of system rights is prevented, autonomous control of the network is ensured, illegal access is directly prevented at the same time.
(12) A digital currency is a core component of the digital bank.
(13) Issuance of the digital currency is carried out by a digital bank system. The digital currency and a current currency are exactly the same in properties, but are different in management methods. As far as the current currency is concerned, when funds are placed in a bank, the bank has a right to save the funds and perhaps also has a right to control the funds. Therefore, the bank cannot prevent a possibility of internal crimes. As far as the digital currency is concerned, funds are always placed in a bank, and the bank only has a right to save the funds, but has no right to control the funds, so that a possibility of internal crimes is prevented. Because only a payment account has a full right to control the funds, loss of the digital currency does not affect security.
(14) Various authenticity certifications of the digital currency are implemented by digital signatures.
(15) There are two kinds of digital signatures: one is an identifier signature, and the other is a data signature. The identifier signature is a signature that certifies identifier authenticity, and is implemented by a signature on a time performed by an identifier. The data signature is a signature that certifies data authenticity, and is implemented by a signature on a data feature performed by an identifier.
(16) In the digital bank payment system, incoming and outgoing data packets can be encrypted. Encryption of data is generally performed by using a traditional password. A symmetric key used for encryption is randomly generated, and the CPK is used to encrypt the key for delivery, and only a specified receiver can perform decryption.
(17) For the digital currency provided in this embodiment, at least authenticity of the digital currency issuing bank, authenticity of the currency, authenticity of the account (the account number), and authenticity of an amount need to be certificated.
(18) Issuance of a blank digital currency:
(19) the blank digital currency is issued by a digital bank (bank). Each digital currency has an issuance time and a serial number (serial-no).
(20) An authenticity certification of the blank digital currency includes an issuer authenticity certification and a serial number authenticity certification.
(21) The issuer authenticity certification is a signature on a time performed by the issuer, and the serial number authenticity certification is a signature on a serial number performed by the issuer.
(22) The digital currency authenticity certification provides a quick response code 1 for automated verification.
(23) Validity of the digital currency:
(24) a blank digital currency holder must turn a real blank digital currency into a valid digital currency.
(25) A digital currency validity certification includes an account authenticity certification and an amount authenticity certification. The digital currency system no longer sets an account, and an account identifier can be directly used as an account number.
(26) The account authenticity certification is a signature on a time performed by the account, and the amount authenticity certification is a signature on an amount performed by the account.
(27) The digital currency validity certification provides a quick response code 2 for automated verification.
(28) Payment of the digital currency:
(29) a payer must provide evidence of the authenticity of the digital currency, evidence of the validity of the digital currency, and evidence of the fund flow to the bank. The evidence of the fund flow is a signature on a payee account performed by the payment account.
(30) All signatures and verifications are implemented by using the CPK. The system has a CPK public key matrix, and anyone can calculate the public key. Therefore, verification can be done by everyone without a special device.
(31) The digital currency in this embodiment is divided into a valueless currency, a valuable currency, and a valid currency.
(32) The valueless digital currency:
(33) the valueless currency is a blank currency that is composed of an issuing bank (bank) and a serial number (serial-no). The issuer authenticity certification is a signature on a time (time) performed by the issuing bank (bank). The digital currency authenticity certification is a signature on a serial number (serial-no) performed by the issuing bank:
(34) SIG.sub.bank(time1)=(s1, c1)=sign1;
(35) SIG.sub.bank(serial-no)=(s2, c2)=sign2.
(36) The blank digital currency provides a quick response code, and anyone can perform offline verification to verify authenticity of the blank digital currency:
(37) QR1={bank, time1, sign1, serial-no, sign2}; wherein
(38) SIG is a signature function, and lowercase and italic bank is a private key of the bank.
(39) Verifying of authenticity of the issuing bank and authenticity of the serial number is as follows:
(40) VER.sub.BANK(time1, s1)=c1;
(41) VER.sub.BANK(serial-no, s2)=c2′.
(42) If c1=c1′, it proves that the issuer is true. If c2=c2′, it proves that the serial number is true, and it proves that the blank digital currency is true.
(43) Wherein VER is a verification function, and uppercase and italic BANK is a public key of the bank.
(44) The valuable digital currency:
(45) the valuable digital currency is composed of an account and an amount, and the amount is filled in by the account on a basis of a blank digital currency. The valuable digital currency provides the authenticity of the account and the authenticity of the amount.
(46) SIG.sub.account(time2)=(s3, c3)=sign3;
(47) SIG.sub.account(amount)=(s4, c4)=sign4.
(48) The valuable digital currency provides a quick response code, and anyone can perform offline verification to verify authenticity of the valuable digital currency:
(49) QR2={account, time2, sign3, amount, sign4}.
(50) Verification of the valid digital currency is carried out on a basis of the authenticity verification of the blank digital currency, to verify the authenticity of the account and verifying the authenticity of the amount.
(51) VER.sub.ACCOUNT(time2, s3)=c3′;
(52) VER.sub.ACCOUNT(amount, s4)=c4′.
(53) If c3=c3′, it proves that the account is true, and if c4=c4′, it proves that the amount is true. The valueless currency and the valuable quick response code together form a valid digital currency.
(54) The valid digital currency:
(55) the valid digital currency is made up of a valueless currency and a valuable currency.
(56) Payment of the digital currency:
(57) no matter whether the valid digital currency is an electronic digital currency or a paper digital currency, the valid digital currency has a same circulation function as the current fixed currency.
(58) As shown in
(59) Payment is used as an example. 500 RMB is spent by an account in a firm, and a payment process is as follows:
(60) A payee firm will notify the payment account of the payee amount of 500 RMB, and a method of notification is to provide a firm authenticity certification and an amount authenticity certification:
(61) SIG.sub.firm(time)=(s5, c5)=sign5;
(62) SIG.sub.firm(500 RMB)=(s6, c6)=sign6.
(63) The firm sends data1 to the payment account.
(64) data1=(firm,time,sign1,sign2, 500 RMB);
(65) Data1 can be encrypted in an encryption manner
(66) rG=key;
(67) E.sub.key(data1)=code1;
(68) ENC.sub.ACCOUNT(key)=β.
(69) The firm sends code1 and β to the account.
(70) E is a symmetric encryption function, and ENC is an asymmetric encryption function.
(71) The account verifies authenticity of the firm and the amount, if the data is encrypted, current decryption is performed:
(72) DEC.sub.account(β)=key;
(73) D.sub.key(code1)=data1;
(74) Data1={firm, time, sign1, sign2, 500 RMB}.
(75) If the data is encrypted, whether the data is decrypted or not can be used as a basis for a provable connection.
(76) DEC is an asymmetric decryption function, and D is a symmetric decryption function.
(77) The account verifies the authenticity of the firm and the authenticity of the amount:
(78) VER.sub.FIRM(time, s5)=c5′;
(79) VER.sub.FIRM(500 RMB, s6)=c6′.
(80) The firm authenticity certification is actually a basis of a provable connection.
(81) The account calls out a blank currency. The bank authenticity certification and the serial number authenticity certification have been provided in a quick response code 1. There is no need to repeat. For example:
(82) SIG.sub.bank(time1)=(s1, c1)=sign1;
(83) SIG.sub.bank(serial-no)=(s2, c2)=sign2.
(84) The account fills in the amount in the blank currency, and provides the account authenticity certification and the amount authenticity certification, to form a quick response code 2:
(85) SIG.sub.account(time2)=(s3, c3)=sign3;
(86) SIG.sub.account(500 RMB)=(s4, c4)=sign4.
(87) Evidence of the fund flow is provided:
(88) SIG.sub.account(firm)=sign5.
(89) The account sends data2={a quick response code 1, a quick response code 2, a flow certification} to the bank. Data2 can be sent in an encryption manner:
(90) rG=key;
(91) E.sub.key(data2)=code2;
(92) ENC.sub.BANK(key)=β.
(93) The account sends code2 and β to the bank.
(94) A specific process of submitting data described in this embodiment is as follows:
(95) A provable connection is established between an account and a bank:
(96) the account sends an account authenticity certification:
(97) SIG.sub.account(time3)=(s6, c6)=sign6.
(98) The bank verifies authenticity of the account:
(99) VER.sub.ACCOUNT(time3, s6)=c6′.
(100) If c6=c6′, the bank sends a random number r as a measure for an anti-DOS attack measure; the account responds to a signature of r:
(101) SIG.sub.account(r)=(s7, c7)=sign7;
(102) the bank checks the response to r:
(103) VER.sub.ACCOUNT(r, s7)=c7;
(104) If c7=c7′, it proves that the account is true, and data2={code2, β}, sent by the account is received; and if the data is encrypted, decryption is first performed:
(105) DEC.sub.bank(β)=key:
(106) D.sub.key(code2)=data2;
(107) Data2={a quick response code 1, a quick response code 2, a fund flow certification sign5};
(108) the bank checks the quick response code 1: QR1={bank, time1, sign1, serial-no, sign2};
(109) VER.sub.BANK(time1, s1)=c1′;
(110) VER.sub.BANK(serial-no, s2)=c2′;
(111) the bank checks the quick response code 2: QR2={account, time2, sign3, 500 RMB, sign4, firm};
(112) VER.sub.ACCOUNT(time2, s3)=c3′;
(113) VER.sub.ACCOUNT(500 RMB, s4)=c4′;
(114) VER.sub.FIRM(time2, s3)=c3′.
(115) The bank checks the fund flow:
(116) VER.sub.ACCOUNT(500 RMB, s5)=c5′.
(117) The bank has obtained evidence of account authenticity, evidence of amount authenticity, and evidence of flow authenticity by checking data2. The above three pieces of evidence constitute a basic chain of evidence, and the bank must keep them properly. All the evidence is provided by using a signature of the payment account, and is invalid without the signature code, so that autonomous control of the payment account is implemented. A bank statement includes, for example:
(118) TABLE-US-00002 account authenticity Amount authenticity Flow authenticity Time2 Sign3 500.sub.RMB Sign4 firm Sign5
(119) After closing the transaction, the bank sends a notification that the amount 500 RMB is received to the firm, including:
(120) a bank authenticity certification:
(121) SIG.sub.bank(time4)=(s8, c8)=sign8;
(122) an amount authenticity certification:
(123) SIG.sub.bank(500 RMB)=(s9, c9)=sign9.
(124) The bank sends a data packet to the firm:
(125) data3={bank, time4, sign8, 500, sign9}.
(126) Data3 can be sent in an encryption manner
(127) rG=key;
(128) E.sub.key(data3)=code3;
(129) ENC.sub.FIRM(key)=β;
(130) the bank sends code3 and β to the firm.
(131) A process of establishing a connection between the bank and the firm is as follows:
(132) the bank sends the bank authenticity certification:
(133) SIG.sub.bank(time5)=(s10, c10)=sign10;
(134) the firm checks the bank authenticity:
(135) VER.sub.BANK(time5, s10)=c10′;
(136) if c10=c10′, the firm receives a bank settlement notification data3. If the settlement notification is encrypted, decryption is first performed:
(137) DEC.sub.firm((3)=key;
(138) D.sub.key(code3)=data3;
(139) Data3={bank, time4, sign8, 500 RMB, sign9}.
(140) The firm first verifies authenticity of the bank settlement notification:
(141) VER.sub.BANK(time4)+(s8, c8)=sign8;
(142) VER.sub.BANK(500 RMB)+(s9, c9)=sign9;
(143) the firm issues a receipt (or an invoice), including the firm authenticity and the amount authenticity:
(144) SIG.sub.firm(time6)=(s10, c10)=sign10;
(145) SIG.sub.firm(500 RMB)=(s11, c11)=sign11;
(146) the receipt provides a quick response code:
(147) Data4={firm, time6, sign10, 500 RMB, sign11}.
(148) At this point, a payment process is successfully completed. In a payment operation, the account can submit data to the bank in two manners. In a first manner, the payment account is responsible for submitting, which is similar to the example described above, it is impossible to generate a copy attack in this manner, but inconvenience is brought to circulation of the digital currency; in a second manner, the payee account is responsible for submitting, and convenience is brought to circulation of the digital currency, but the copy attack easily occurs. However, it is easy to find this kind of copy attack provided that the repetitive account is checked when the bank makes a settlement.
(149) Finally, it should be noted that the foregoing preferred embodiments are only intended for describing the technical solutions of the present invention other than limiting the present invention. Although the present invention is described in detail with reference to the foregoing preferred embodiments, persons of ordinary skill in the art should understand that they may still make various modifications to forms and details without departing from the scope specified in claims of the present invention.