CN201583963U

CN201583963U - Signing device supporting medium continuous endorsement signature containing electronic parts

Info

Publication number: CN201583963U
Application number: CN2009202468241U
Authority: CN
Inventors: 须清
Original assignee: Beijing Paragon Technology Co Ltd
Current assignee: Beijing Paragon Technology Co Ltd
Priority date: 2009-11-04
Filing date: 2009-11-04
Publication date: 2010-09-15
Anticipated expiration: 2019-11-04

Abstract

The utility model provides a signing device supporting medium continuous endorsement signature containing electronic parts, which comprises an information processing part, an information sensing module and a reading and writing module, wherein the information sensing module is used for collecting prior endorsement signature data on media and transmitting the data to the information processing part, the information processing part decodes the prior endorsement signature data to obtain prior signature information by employing public key information of an prior endorser and private key information of an endorser as keys, an encryption algorithm module is used for carrying out encryption calculation for the signature information and the prior signature information to obtain cryptograph information by employing the private key information of the endorser and public key information of the endorsee as passwords, and the information processing part converts the cryptograph information into signature data for the reading and writing module to write into an electronic part. The signing device supporting medium continuous endorsement signature containing electronic parts can improve the uniqueness and uncloneability of the signature information, and the use of electronic bills can be safer. An easily recognized and used mode is adopted for realizing effective signature of the electronic bills, the risk in electronic bill use can be prominently reduced, and development of modern financial industry can be prompted.

Description

Support contains the signature apparatus of the medium continuous endorsement signature of electronic unit

Technical field

The utility model relates to the signature apparatus of the medium continuous endorsement signature of supporting to contain electronic unit, particularly relates to passing to the signature apparatus that the electronic unit that is embedded in the medium such as radio electronic label are used for bill identification after endorsement continuous endorsement signature information encrypted.

Background technology

Along with the development of modern economy, the health of financial circles, orderly, safe development are significant for current economic development.In the financial circles development, popularize to the comprehensive of various financial documents gradually from money transaction, become the main means of payment that miscellaneous service is carried out in the modern economy as the letter of credit, cashier's cheque, check etc.But because the value of financial document itself and circulation are subjected to very big challenge for the security of financial document.Report is arranged when forging case that the letter of credit, cashier's cheque, check carry out financial swindling all over the world.And owing to the circulation of the letter of credit, cashier's cheque, check can repeatedly be transferred the possession of, and wherein any once transfer appearance forgery all may bring massive losses to the related side.

With regard to the antifalsification of the present employed letter of credit, cashier's cheque, check normally based on some anti-false signs on concession manufacturing and the ticket; The validation of the letter of credit, cashier's cheque, check is based on the person's that provides the bill signature or endorsement.And based on the reason of cost and technology, the anti-false sign of the letter of credit, cashier's cheque, check is also uncomplicated, is easy to be copied by the fake producer.And there are two problems in the signature or the endorsement that are used for the validation of the letter of credit, cashier's cheque, check: be that signature or the endorsement that same individual carries out in decentraction situation attitude, different time points can not guarantee in full accord on the one hand, cause effective signature or endorsement to be rejected acceptance, be because signature that requires to carry out or endorsement must be basic identical at every turn on the other hand, for the fake producer provides the chance of faking.Signer or endorsement person's signature or endorsement information is no matter how unique, in case seen signature or endorsement information by illegal person, the exercise by certain hour can realize the imitation for signature or endorsement information fully.And be to compare by human eye to judge for the validation of the letter of credit, cashier's cheque, check now.The safety technique that obvious existing ticket adopted can not provide safeguard for the Secure Transaction function that realizes bill.

Use the replacement that carves a seal for many years to sign in China, though guaranteed the consistance of each signature, owing to carve a seal too easily by imitated, so and dangerous.Even by the administrative intervention of government, take the administrative authorization mode to specify and have only professional could carry out the business of carving a seal, but can not stop illegal person's imitated behavior owing to the technical not high of itself through authorizing.Though extensively popularizing of the development of modern network technology and internet is for the development of financial circles brings new opportunity.As Internet-based banking services and for the electronic key authentication techniques that guarantee Internet-based banking services safety are just becoming the important directions that modern finance already develops, but the safety that also greatly threatening Web bank such as network hacker, virus, fishing program simultaneously.Be still the major transaction instrument of modern finance industry based on the business transaction of financial document.

Summary of the invention

Technical matters to be solved by this invention is how to strengthen the safety of electronic bill and how to guarantee the signing messages of electronic bill and/or the security and the validity of endorsement information, and realize effective circulation of electronic bill in the mode of a kind of easy identification and use, to reduce the risk in the electronic bill use, promote the development of modern finance industry.

Term explanation: during technical solution of the present invention is described, " Electronic Paper " be meant comprise have that bistable state or multistable electronic material constitute can display message equipment or parts or flexible display material, can change its displaying contents by electronization.The electrodeless Electronic Paper of Beijing Pai Ruigen scientific and technological invention, the electric wetting Electronic Paper of Beijing Pai Ruigen scientific and technological invention, the electric ink of E-ink company, the electrophoresis cartridge of SIPIX company etc. are typically arranged.

The term explanation: during technical solution of the present invention was described, financial document was to be used to carry out the voucher relevant with financial business in the financial business field.Write down at least one information relevant on the bill with financial business.

The term explanation: during technical solution of the present invention was described, electronic bill was to be applied to every field and professional relevant voucher.Write down at least one information relevant on the bill with business.Comprise passenger ticket in financial document, the communications and transportation and shipping ticket, film ticket, food and drink ticket, coupons, lottery ticket etc.

Term explanation: among the present invention, endorsement is meant that the owner of bill transfers other people with bill and the behavior confirmed.Show as and on bill, stay at least one and prove information or the sign of bill owner in order to confirm.

The term explanation: during technical solution of the present invention was described, radio electronic label, RFID, RFTag, RFID tag, electronic tag etc. had identical implication.

The term explanation: during technical solution of the present invention was described, the implication of " endorsement " was meant in industries such as financial field, and electronic bill is expressed the proof information that realizes relevant proprietorial transfer of electronic bill or payment respective value fund by information specific.The implication of " remote holder endorsement " is to show that the bill that the electronic bill holder is obtained is that its bill supplier transfers the bill holder by " endorsement ", and the information of " remote holder endorsement " is that the validity of this transfer proves.

For addressing the above problem, the technical solution that proposes is at first to design a kind of Electronic Signature, employing presents the information of Electronic Signature in a kind of visible mode, even be that the information of Electronic Signature is not easy imitated or has imitated the thinking of dealing with problems that can not effectively use simultaneously.At first, the electronic bill that technical solution of the present invention adopted and the electronic bill of prior art have difference, and the present invention is adopted as the special technology scheme of the present invention that realizes.

1, a kind of electronic bill that comprises electronic unit comprises information medium, has embedded electronic unit in described information medium, signing messages is encrypted the cipher-text information that obtains write in the described electronic unit.

2, a kind of electronic bill that comprises electronic unit comprises information medium, has embedded electronic unit in information medium, with signing messages with encrypt the cipher-text information that obtains from the data message that electronic unit reads and write the electronic unit.

3, to comprise the private key with the electronic bill supplier be that key adopts asymmetric enciphering and deciphering algorithm result calculated to described signing messages to preferably described cipher-text information.

4, preferably described cipher-text information comprise the private key with the electronic bill supplier be after key adopts first algoritic module of asymmetric enciphering and deciphering algorithm to calculate to described signing messages again the PKI with the electronic bill recipient be the second algoritic module result calculated that password adopts asymmetric enciphering and deciphering algorithm.

5, preferably described cipher-text information comprise the PKI with the electronic bill recipient be after key adopts first algoritic module of asymmetric enciphering and deciphering algorithm to calculate to described signing messages again the private key with the electronic bill supplier be the second algoritic module result calculated that password adopts asymmetric enciphering and deciphering algorithm.

6, preferably described cipher-text information first result of calculation that to comprise the private key with the electronic bill supplier be key calculates first algoritic module of the asymmetric enciphering and deciphering algorithm of part or all of employing of described signing messages and be second result of calculation that password adopts second algoritic module of asymmetric enciphering and deciphering algorithm to calculate partly or entirely with electronic bill recipient's PKI to described signing messages.

7, preferably one of following information or several combinations have been write down with the plaintext form in the surface of described information medium: the amount of money, the term of validity, the date of making out an invoice, the date of payment, drawer, payer, accepter, income people, whether negotiable.

8, preferably described signing messages comprises endorsement information, and described endorsement information comprises endorsement person's information and by endorsement person's information.Described endorsement information can further comprise one of following information or several combinations: date of endorsement, the term of validity, whether negotiable.Perhaps described signing messages comprises one of following information of electronic bill or several combinations: the amount of money, the term of validity, the date of making out an invoice, the date of payment, drawer, payer, accepter, income people, whether negotiable.Perhaps described signing messages can further comprise remote holder endorsement person signing messages partly or entirely.

9, preferably described electronic unit is a radio electronic label; Perhaps described electronic unit is contact type smart card chip or module; Perhaps described electronic unit is contact type intelligent card chip or module; Perhaps described electronic unit is contact storage card chip or module; Perhaps described electronic unit is contactless storage card chip or module.

Carry out reendorse when signature for comprising above-mentioned endorsement signing messages, need obtain the clear data of remote holder endorsement person signature by endorsement person, and then carry out signing after the computing with endorsement person's private key with by endorsement person's PKI, continuity with the endorsement in security signature, owing to must could decipher remote holder endorsement person's signing messages, can effectively avoid other people non-authorized reendorse or use simultaneously with endorsement person's private key.The function that therefore, also should have identification remote holder endorsement signing messages for the Electronic Signature of dorsal support bookmark name.Specific implementation is described below:

1, a kind of signature apparatus of supporting to contain the medium continuous endorsement signature of electronic unit is signed comprising on the medium of electronic unit, comprises:

Information processing apparatus, described information processing apparatus comprise enciphering algorithm module and have stored signing messages, remote holder endorsement person's public key information, endorsement person's private key information and by endorsement person's public key information; Module for reading and writing, described module for reading and writing is connected with described information processing apparatus, and described module for reading and writing writes data and/or reading of data from electronic unit in electronic unit; The information sensing module, described information sensing module is connected with described information processing apparatus, remote holder endorsement signed data on the described information sensing module collection medium also is sent to described information processing apparatus, is that deciphering obtains the remote holder signing messages to key to remote holder endorsement signed data by the public key information of the back of the hand book person before the described information processing apparatus and endorsement person's private key information; To be password carry out cryptographic calculation to described signing messages, described remote holder signing messages handles and obtain cipher-text information with described endorsement person's private key information with by endorsement person's public key information by described enciphering algorithm module, by described information processing apparatus described cipher-text information is converted to the signed data that described module for reading and writing writes in electronic unit.

In this scheme, become enciphered message after described signing messages handled by endorsement person's public key information so that endorsement person's private key information is described by described enciphering algorithm module and be delivered to electronic unit such as the radio electronic label that in medium, embeds by electronic mode, can guarantee endorsement person stamped signature uniqueness and by endorsement person's determinacy.Can adopt corresponding electronic unit information sensing parts such as radio frequency electronic label reader to carry out automatic reading easily.And with endorsement person's public key information with can be deciphered this information by endorsement person's private key information and obtain original signature information, owing to belonged to exclusive, therefore also have only and to decipher this information simultaneously by endorsement person by endorsement person institute by endorsement person's private key information.Even therefore the adulterator has copied this signing messages, because not by endorsement person's private key information, so the adulterator can't be known the content of described signing messages.Security, the reliability of endorsement signature have greatly been improved.Simultaneously the radio frequency module for reading and writing can be gathered remote holder endorsement person's signed data and obtain the remote holder signing messages by described information processing apparatus decrypted signature data, can realize the reendorse signature and prevent other people illegal use or reendorse.And in case need confirm the time, can confirm own validity of signing by obtaining the remote holder signing messages to the continuity of endorsement by each endorsement person that signs.

2, a kind of signature apparatus of supporting to contain the medium continuous endorsement signature of electronic unit is signed comprising on the medium of electronic unit, comprises:

Information processing apparatus, information processing apparatus comprise enciphering algorithm module and have stored signing messages, remote holder endorsement person's public key information, endorsement person's private key information and by endorsement person's public key information; Module for reading and writing, described module for reading and writing is connected with described information processing apparatus, and described module for reading and writing writes data and/or reading of data from electronic unit in electronic unit; The information sensing module, the information sensing module is connected with described information processing apparatus, remote holder endorsement signed data on the described information sensing module collection medium also is sent to described information processing apparatus, is that deciphering obtains the remote holder signing messages to key to remote holder endorsement signed data by the public key information of the back of the hand book person before the described information processing apparatus and endorsement person's private key information; To be password carry out cryptographic calculation to described signing messages, described remote holder signing messages and the data that read from electronic unit handle and obtain cipher-text information with described endorsement person's private key information with by endorsement person's public key information by described enciphering algorithm module, by described information processing apparatus described cipher-text information is converted to the signed data that described module for reading and writing writes in electronic unit.

3, preferably described enciphering algorithm module is supported rivest, shamir, adelman;

It is to be that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with signing messages with quilt endorsement person's PKI that described cryptographic calculation is handled, and is that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data to described first operation result with endorsement person's private key; Perhaps

It is to be that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with signing messages with endorsement person's private key that described cryptographic calculation is handled, and is that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data to described first operation result with quilt endorsement person's PKI; Perhaps

With signing messages is that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with endorsement person's private key partly or entirely, with signing messages is that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain second operation result, described first operation result and described second operation result are combined in certain sequence as encrypt data with quilt endorsement person's PKI partly or entirely.

4, preferably module for reading and writing comprises radio-frequency communication interface and wire communication interface, and module for reading and writing is undertaken by radio-frequency communication interface and described electronic unit that signal is connected and communication; Perhaps module for reading and writing comprises wired communication interface, and described module for reading and writing is undertaken by wire communication interface and described electronic unit that signal is connected and communication; Perhaps described module for reading and writing comprises radio-frequency communication interface and wire communication interface, and module for reading and writing carries out signal by radio-frequency communication interface and described electronic unit and is connected and carries out with communication and/or by wire communication interface and described electronic unit that signal is connected and communication.

5, the preferably described first computing mould comprises one of algorithm as described below in the rivest, shamir, adelman or combination: cryptographic calculation, signature computing, decrypt operation.The described second computing mould comprises one of algorithm as described below in the rivest, shamir, adelman or combination: cryptographic calculation, signature computing, decrypt operation.

6, preferably further comprise keyboard device, information processing apparatus is handled the input information of keyboard device.In signing messages, comprise the information that signer is imported by this keyboard device, as information such as the amount of money, date, signer names.

7, preferably further comprise radio receiving transmitting module, information processing apparatus is handled the information from the information of described radio receiving transmitting module and the described radio receiving transmitting module transmission of control.Can in signing messages, comprise the information that signer is imported by this radio receiving transmitting module, as the information such as password of the amount of money, date, signer name, use Electronic Signature.

8, preferably such scheme further comprises:

Display unit, described information processing apparatus is controlled the displaying contents of described display unit.Display unit can be used for the information of display keyboard input block input or information that radio receiving transmitting module receives or the raw information of preparing signature.Preferably the information of signature demonstration can be used alternatives.Replace with " * " character during such as the password of, input Electronic Signature.

9, preferably such scheme further comprises the fixedly support of Electronic Signature.Increase support and be convenient to printed signature information or carry out electronization or carry out communication, play fixing, balance and stabilization with electronic unit for Electronic Paper.

10, preferably the described raw data of such scheme comprises the identification information of described signature owner and described medium recipient's identification information; Perhaps described raw data comprises the identification information of described signature owner, described medium recipient's identification information and timestamp.

11, preferably described medium is a paper medium or to comprise the medium of fibrous material.

Adopt the endorse method of signature of the Electronic Signature of above-mentioned dorsal support bookmark name as follows:

1, a kind of method that the information medium endorsement that comprises electronic unit is signed comprises following steps:

Is that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with signing messages with endorsement person's private key, is that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data to described first operation result with quilt endorsement person's PKI; Perhaps

Is that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with signing messages with quilt endorsement person's PKI, is that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data to described first operation result with endorsement person's private key; Perhaps

With signing messages is that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with the private key of signer partly or entirely, with signing messages is that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain second operation result, described first operation result and described second operation result are combined in certain sequence as encrypt data with quilt endorsement person's PKI partly or entirely;

Encrypt data is converted to the signed data that writes to electronic unit; Signed data is write described electronic unit.

2, a kind of method that the information medium endorsement that comprises electronic unit is signed, described information medium has embedded electronic unit, and signature comprises following steps:

Read data information from electronic unit;

Is that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with signing messages and described data message with endorsement person's private key, is that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data to described first operation result with quilt endorsement person's PKI; Perhaps

Is that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with signing messages and described data message with quilt endorsement person's PKI, is that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data to described first operation result with endorsement person's private key; Perhaps

With signing messages and data message is that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with the private key of signer partly or entirely, with signing messages and described data message is that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain second operation result, described first operation result and described second operation result are combined in certain sequence as encrypt data with quilt endorsement person's PKI partly or entirely; Encrypt data is converted to the signed data that writes to electronic unit; Signed data is write described electronic unit.

3, a kind of method that the information medium endorsement that comprises electronic unit is signed comprises following steps:

Described encrypt data is converted to the signed data that writes to described electronic unit;

Described signed data is write described electronic unit; With partly or entirely being printed on the information medium of signing messages.

4, a kind of method that the information medium endorsement that comprises electronic unit is signed, described information medium has embedded electronic unit, and signature comprises following steps:

Read data information from electronic unit;

With signing messages with what it is believed that breath is that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with the private key of signer partly or entirely, with signing messages and described data message is that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain second operation result, described first operation result and described second operation result are combined in certain sequence as encrypt data with quilt endorsement person's PKI partly or entirely; Encrypt data is converted to the signed data that writes to described electronic unit; Signed data is write described electronic unit; With partly or entirely being printed on the information medium of the part or all of and/or described data message of signing messages.

5, the preferably described first computing mould comprises one of algorithm as described below in the rivest, shamir, adelman or combination: cryptographic calculation, signature computing, decrypt operation; The described second computing mould comprises one of algorithm as described below in the rivest, shamir, adelman or combination: cryptographic calculation, signature computing, decrypt operation.

6, preferably described signing messages comprises the amount of money, date, endorsement person's name information; Perhaps described signing messages comprises endorsement person's identification information and by endorsement person's identification information; Perhaps described signing messages comprises endorsement person's identification information, by endorsement person's identification information and timestamp; Perhaps described signing messages comprises Transaction Information, endorsement person's identification information and by endorsement person's identification information; Perhaps described signing messages comprises Transaction Information, endorsement person's identification information, by endorsement person's identification information and timestamp.

7, the preferably described signed data data symbol that is described encrypt data; Perhaps described signed data is the bar code information of described encrypt data correspondence; The bar code figure that perhaps described signed data is described encrypt data correspondence; The two-dimensional bar code figure that perhaps described signed data is described encrypt data correspondence.

8, preferably described cryptographic algorithm is supported elliptic curve; And/or described cryptographic algorithm support RSA Algorithm; And/or described cryptographic algorithm supports the commercial cipher algorithm of China national approval; And/or described cryptographic algorithm support rivest, shamir, adelman; And/or described cryptographic algorithm support symmetric encipherment algorithm.

9, preferably described from electronic unit read data information comprise the identification information of electronic unit.

10, preferably described electronic unit is a radio electronic label; Perhaps described electronic unit is contact type smart card chip or module; Perhaps described electronic unit is contact type intelligent card chip or module; Perhaps described electronic unit is contact storage card chip or module; Perhaps described electronic unit is contactless storage card chip or module.As follows to the system schema that the endorsement signing messages authenticates:

1, a kind of system that endorsement signature on the information medium is authenticated comprises:

Certificate server, described certificate server comprise information acquisition parts, data back, safety dress back of the body interface unit;

Information medium, described information medium surface has pair signing messages to encrypt the cipher-text information that obtains;

Safety feature, described safety feature comprise by endorsement person's key and decipherment algorithm realizes module;

Described certificate server is undertaken by described safety feature interface unit and described safety feature that wire signal is connected or wireless signal connects; Stored described information medium owner's approval signing messages in the described data back;

Described information acquisition parts are gathered described cipher-text information and described cipher-text information are converted to the cipher-text information data of being handled by described certificate server; Described certificate server is given described safety feature with the cipher-text information data transfer, by described safety feature described cipher-text information data is decrypted the plaintext that obtains signing messages and the plaintext of signing messages is passed to described certificate server; The whether consistent authentication that realizes information medium of the approval signing messages of storage in advance in the plaintext of described certificate server by more described signing messages and the described data back.

2, a kind of system that endorsement signature on the information medium is authenticated comprises:

Certificate server, described certificate server comprise information acquisition parts, data back, safety feature interface unit;

Information medium has embedded electronic unit in the described information medium, has write in described electronic unit signing messages is encrypted the cipher-text information that obtains; Safety feature, described safety feature comprise by endorsement person's key and decipherment algorithm realizes module; Described certificate server is undertaken by described safety feature interface unit and described safety feature that wire signal is connected or wireless signal connects; Stored described information medium owner's approval signing messages in the described data back;

3, a kind of system that endorsement signature on the information medium is authenticated comprises:

Information medium, described information medium comprises Electronic Paper, has in the described Electronic Paper signing messages is encrypted the cipher-text information that obtains; Safety feature, described safety feature comprise by endorsement person's key and decipherment algorithm realizes module;

4, a kind of system that endorsement signature on the information medium is authenticated comprises:

Information medium, embedded electronic unit in the described information medium, write the first of signing messages being encrypted the cipher-text information that obtains in described electronic unit, described information medium surface has pair signing messages to encrypt the second portion of the cipher-text information that obtains; Safety feature, described safety feature comprise by endorsement person's key and decipherment algorithm realizes module; Described certificate server is undertaken by described safety feature interface unit and described safety feature that wire signal is connected or wireless signal connects; Stored described information medium owner's approval signing messages in the described data back;

Described information acquisition parts are gathered the second portion of the first of described cipher-text information and cipher-text information and the first of described cipher-text information and the second portion of cipher-text information are converted to the cipher-text information data of being handled by described certificate server; Described certificate server is given described safety feature with the cipher-text information data transfer, by described safety feature described cipher-text information data is decrypted the plaintext that obtains signing messages and the plaintext of signing messages is passed to described certificate server;

The whether consistent authentication that realizes information medium of the approval signing messages of storage in advance in the plaintext of described certificate server by more described signing messages and the described data back.

5, a kind of system that endorsement signature on the information medium is authenticated comprises:

Information medium, embedded electronic unit in the described information medium, in described electronic unit, write the first of signing messages being encrypted the cipher-text information that obtains, described information medium comprises Electronic Paper, has the second portion of signing messages being encrypted the cipher-text information that obtains in the described Electronic Paper; Safety feature, described safety feature comprise by endorsement person's key and decipherment algorithm realizes module; Described certificate server is undertaken by described safety feature interface unit and described safety feature that wire signal is connected or wireless signal connects; Stored described information medium owner's approval signing messages in the described data back; Described information acquisition parts are gathered the second portion of the first of described cipher-text information and cipher-text information and the first of described cipher-text information and the second portion of cipher-text information are converted to the cipher-text information data of being handled by described certificate server; Described certificate server is given described safety feature with the cipher-text information data transfer, by described safety feature described cipher-text information data is decrypted the plaintext that obtains signing messages and the plaintext of signing messages is passed to described certificate server; The whether consistent authentication that realizes information medium of the approval signing messages of storage in advance in the plaintext of described certificate server by more described signing messages and the described data back.

6, a kind of system that endorsement signature on the information medium is authenticated comprises:

Information medium, embedded electronic unit in the described information medium, in described electronic unit, write the first of signing messages being encrypted the cipher-text information that obtains, described information medium comprises Electronic Paper, have the second portion of signing messages being encrypted the cipher-text information that obtains in the described Electronic Paper, described information medium surface has pair signing messages to encrypt the third part of the cipher-text information that obtains; Safety feature, described safety feature comprise by endorsement person's key and decipherment algorithm realizes module; Described certificate server is undertaken by described safety feature interface unit and described safety feature that wire signal is connected or wireless signal connects; Stored described information medium owner's approval signing messages in the described data back; Described information acquisition parts are gathered the third part of the second portion of first, cipher-text information of described cipher-text information and cipher-text information and the first of described cipher-text information, the second portion of cipher-text information and the third part of cipher-text information are converted to the cipher-text information data of being handled by described certificate server; Described certificate server is given described safety feature with the cipher-text information data transfer, by described safety feature described cipher-text information data is decrypted the plaintext that obtains signing messages and the plaintext of signing messages is passed to described certificate server; The whether consistent authentication that realizes information medium of the approval signing messages of storage in advance in the plaintext of described certificate server by more described signing messages and the described data back.

7, preferably described data back stores endorsement person's public key information or the public key information that described secure device stores has endorsement person.

8, preferably described secure device stores has endorsement person's public key information and by endorsement person's private key information.

9, preferably described safety feature is a contact intelligent card, and described safety feature interface unit is supported intelligent card interface; Or described safety feature is the usb key card, and described safety feature interface unit is supported USB (universal serial bus); Or described safety feature is the Wireless USB key card, and described safety feature interface unit is supported the radio universal serial line interface; Or described safety feature is contact type intelligent card, and described safety feature interface unit is supported wireless radio interface; Or described safety feature is the contact safe memory card, and described safety feature interface unit is supported pcmcia interface or MicroSD interface or SF interface or memory stick (Memory Stick) interface.

As follows to the system schema that the endorsement signing messages authenticates:

11, a kind of method that endorsement signature on the information medium is authenticated comprises following steps:

The cipher-text information of the conduct signature on the Information Monitoring medium;

Certificate server passes to safety feature with described cipher-text information by wire communication mode and/or wireless communication mode, by described safety feature described cipher-text information data is decrypted the plaintext that obtains signing messages and the plaintext of signing messages is passed to described authentification of message system;

Whether the plaintext of judging described signing messages mates with the approval signing messages of described authentication server stores;

If mate then authentication success; If do not match then authentification failure.

12, a kind of method that endorsement signature on the information medium is authenticated comprises following steps:

Collection is presented on the cipher-text information of the conduct signature on the Electronic Paper of information medium;

Certificate server passes to safety feature with described cipher-text information by wire communication mode and/or wireless communication mode, by described safety feature described cipher-text information data is decrypted the plaintext that obtains signing messages and the plaintext of signing messages is passed to described authentification of message system; Whether the plaintext of judging described signing messages mates with the approval signing messages of described authentication server stores; If mate then authentication success; If do not match then authentification failure.

13, a kind of method that endorsement signature on the information medium is authenticated comprises following steps:

Collection is embedded in the cipher-text information of the conduct signature that the electronic unit in the information medium stores;

14, a kind of method that endorsement signature on the information medium is authenticated comprises following steps:

Collection be embedded in the conduct signature that the electronic unit in the information medium stores cipher-text information first and gather the second portion of the cipher-text information of the conduct signature that is printed on the information medium;

Certificate server passes to safety feature with the first of described cipher-text information and the second portion of cipher-text information by wire communication mode and/or wireless communication mode, by described safety feature the second portion of the first of described cipher-text information and cipher-text information is decrypted the plaintext that obtains signing messages and the plaintext of signing messages is passed to described authentification of message system; Whether the plaintext of judging described signing messages mates with the approval signing messages of described authentication server stores;

15, a kind of method that endorsement signature on the information medium is authenticated comprises following steps;

Collection be embedded in the conduct signature that the electronic unit in the information medium stores cipher-text information first and gather the second portion of the cipher-text information of the conduct signature on the Electronic Paper that is presented on information medium;

16, a kind of method that endorsement signature on the information medium is authenticated comprises following steps:

Collection is embedded in the first of the cipher-text information of the conduct signature that the electronic unit in the information medium stores, gather the conduct signature on the Electronic Paper that is presented on information medium cipher-text information second portion and gather the third part of the cipher-text information of the conduct signature that is printed on the information medium; Certificate server passes to safety feature with the first of described cipher-text information, the second portion of cipher-text information and the third part of cipher-text information by wire communication mode and/or wireless communication mode, by described safety feature the third part of the second portion of the first of described cipher-text information, cipher-text information and cipher-text information is decrypted the plaintext that obtains signing messages and the plaintext of signing messages is passed to described authentification of message system;

Beneficial effect of the present invention: the present invention improved signing messages uniqueness, can not copying property, make the use of electronic bill safer.Owing to adopt the mode of a kind of easy identification and use to realize effective signature of electronic bill, can significantly reduce the risk in the electronic bill use, promote the development of modern finance industry.

Description of drawings:

Fig. 1 is that Electronic Signature of the present invention is realized synoptic diagram for first kind.

Fig. 2 is that Electronic Signature of the present invention is realized synoptic diagram for second kind.

Fig. 3 is first kind of implementation principle of work of Electronic Signature of the present invention synoptic diagram.

Fig. 4 is second kind of implementation principle of work of Electronic Signature of the present invention synoptic diagram.

Fig. 5 is the third implementation principle of work synoptic diagram of Electronic Signature of the present invention.

Fig. 6 is the third realization synoptic diagram of Electronic Signature of the present invention.

Fig. 7 is that Electronic Signature of the present invention is realized synoptic diagram for the 4th kind.

Fig. 8 is the 4th kind of implementation principle of work synoptic diagram of Electronic Signature of the present invention.

Fig. 9 is the 5th kind of implementation principle of work synoptic diagram of Electronic Signature of the present invention.

Figure 10 is the 6th kind of implementation principle of work synoptic diagram of Electronic Signature of the present invention.

Figure 11 is authentification of message system of the present invention first kind of realization synoptic diagram.

Figure 12 is authentification of message system of the present invention second kind of realization synoptic diagram.

Figure 13 is the first method synoptic diagram that signs electronically.

Figure 14 is the second method synoptic diagram that signs electronically.

Figure 15 is the third method synoptic diagram that signs electronically.

Figure 16 is the 4th kind of method synoptic diagram that signs electronically.

Figure 17 is the first method synoptic diagram that carries out electronics endorsement signature.

Figure 18 is the second method synoptic diagram that carries out electronics endorsement signature.

Figure 19 is the first method synoptic diagram that carries out electronics reendorse signature.

Figure 20 is the second method synoptic diagram that carries out electronics reendorse signature.

Figure 21 is the first method synoptic diagram that carries out electron underwriting authentication.

Figure 22 is the second method synoptic diagram that carries out electron underwriting authentication.

Figure 23 is an electronic bill synoptic diagram of the present invention.

Embodiment:

Further describe specific embodiments of the present invention below in conjunction with accompanying drawing.

Fig. 1 is that Electronic Signature of the present invention is realized synoptic diagram for first kind.Electronic Signature 100 comprises information processing apparatus 101 and print module 102, and print module 102 is connected with described information processing apparatus 101, and print module 102 can print information on medium.Print module 102 has a printing surface of contact 110 to contact with medium or is close.When signing electronically, the printing surface of contact 110 of print module 102 contacts with the specific region, and signing messages is printed on specific region 2302.Described information processing apparatus 101 comprises the rivest, shamir, adelman module and has stored the private key information of signing messages, signature owner; By described rivest, shamir, adelman module described signing messages, described private key information are carried out calculation process and obtain output information, described output information is converted to the signed data that described print module 102 prints by described information processing apparatus 101.The signed data of printing can be rendered as a string data usually and be convenient to the human eye perception.But the automatic identification of the inconvenient machine of a string data, therefore the signed data of printing preferably is in modes such as bar code or two-dimensional bar codes and can adopts now corresponding bar code scanner or two-dimensional bar code reader to carry out automatic reading easily, can realize the automatic identification of signing messages.In this scheme, the public key information of signer is a public information, and can decipher this information with the public key information of signer and obtain raw information.Therefore can differentiate the true and false of the signing messages that Electronic Signature signs automatically by machinery and equipment.

Fig. 2 is that Electronic Signature of the present invention is realized synoptic diagram for second kind.Implementation than Fig. 1, in the implementation of Fig. 2, Electronic Signature 200 has increased by first fixed support 202 and second fixed support 203, and the Electronic Signature main body that comprises information processing apparatus 101 and print module 102 can be slided on first fixed support 202 and second fixed support 203.When not only printing the Electronic Signature main body, described first fixed support 202 and second fixed support 203, but also be convenient to aiming at and the location of print module 102 and specific region as the supporting ﹠ stablizing effect.Such as, on electronic bill, set a position reference point, by determining the relative position of reference point and first fixed support 202 and/or second fixed support 203, signing messages can both be printed to specific region 2302 in the time of just can guaranteeing to sign at every turn.

With the multiple implementation of being combined with of signing messages and electronic bill, Fig. 3, Fig. 4, Fig. 5 have provided the principle of work of three kinds of implementations respectively.Fig. 3 is first kind of implementation principle of work of Electronic Signature of the present invention synoptic diagram.Electronic Signature comprises information processing apparatus 302 and print module 303, and print module 303 is connected with described information processing apparatus 302, and it is the module signal of the principle of work of Fig. 1.

Fig. 4 is second kind of implementation principle of work of Electronic Signature of the present invention synoptic diagram.Electronic Signature comprises information processing apparatus 402 and radio frequency module for reading and writing 403, and radio frequency module for reading and writing 403 and described information processing apparatus 402 are connected by radiofrequency signal.This scheme requires to embed radio electronic label in electronic bill, signing messages is encrypted the back write radio electronic label by radio frequency module for reading and writing 403.After adopting radio electronic label, though its information human eye is invisible, the characteristics of its contactless identification more help the use of Electronic Signature.If people wish to have the effect that seeing is believing simultaneously or carry out double authentication, the scheme of Fig. 3 and Fig. 4 can be carried out combination, referring to Fig. 5.

Fig. 5 is the third implementation principle of work synoptic diagram of Electronic Signature of the present invention.Electronic Signature comprises information processing apparatus 502, radio frequency module for reading and writing 503, MIM message input module 505 and print module 501.In order to comprise more information in the information that makes electronic signature, as information such as the date of signing, the bill term of validity, payer, beneficiary, increased MIM message input module 505 in this programme, these information can be input to information processing apparatus 502 by MIM message input module 505, as the part of signing messages.And will both write in the radio electronic label of electronic bill by radio frequency module for reading and writing 503 after the signing messages encryption, again signing messages is encrypted the back is printed on electronic bill by print module 501 specific region.

Medium described herein refers generally to electronic bill, referring to Figure 23.Figure 23 is an electronic bill synoptic diagram of the present invention, information medium 2301 at electronic bill 2300 embeds electronic unit 2302, adopt radio electronic label and the radio-frequency antenna 2303 that is connected with radio electronic label in this specific implementation, radio-frequency antenna 2303 is used to respond to radiofrequency signal, the cipher-text information of signing messages is write be used for electronic signature in the electronic unit 2302.

Fig. 6 is the third realization synoptic diagram of Electronic Signature of the present invention.Electronic Signature 600 comprise information processing apparatus 601, interface unit 603 and print module 602 and with external safety component (not drawing in the drawings), print module 602 is connected with described information processing apparatus 601, and print module 102 can print information on medium; Interface unit 603 is connected with described information processing apparatus 601, simultaneously interface unit 603 comprises connector and is connected with external safety component, to carry out encrypted secret key information and cryptographic algorithm focuses on external safety component, and can make the use of Electronic Signature more flexible.Print module 602 has a printing surface of contact 610 to contact with medium or is close.Compare with the realization of Fig. 1, the realization of Fig. 6 is that the security-related part of Electronic Signature is realized by external safety component.Described safety component comprises security information processing module, rivest, shamir, adelman module and has stored the private key information of signing messages, signature owner.

Fig. 7 is that Electronic Signature of the present invention is realized synoptic diagram for the 4th kind.This programme is at the situation that comprises Electronic Paper in the electronic bill.Realize because the information of Electronic Paper presents by Electronic Paper being carried out electronization, thus its realization and Fig. 1 some is different.Electronic Signature 700 comprises first electrode surface 710 and second electrode surface 703 of information processing apparatus 701 and Electronic Paper electronization module 702 and Electronic Paper electronization, Electronic Paper electronization module 702 is connected with described information processing apparatus 701, and Electronic Paper electronization module 702 can present information in the Electronic Paper on medium by first electrode surface 710 and second electrode surface 703.First electrode surface 710 and second electrode surface 703 by one slidably web member 705 be connected; Place electronic bill between first electrode surface 710 and second electrode surface 703, and the Electronic Paper part of electronic bill is just in time placed the surface of contact of first electrode surface 710 and second electrode surface 703.Described information processing apparatus 701 comprises the rivest, shamir, adelman module and has stored the private key information of signing messages, signature owner; By described rivest, shamir, adelman module described signing messages, described private key information are carried out calculation process and obtain output information, described output information is converted to the signed data that described Electronic Paper electronization module 702 is carried out electronization by described information processing apparatus 701.The signed data of electronization can be rendered as a string data usually and be convenient to the human eye perception.But the automatic identification of the inconvenient machine of a string data, therefore the signed data of printing preferably is in modes such as bar code or two-dimensional bar codes and can adopts now corresponding bar code scanner or two-dimensional bar code reader to carry out automatic reading easily, can realize the automatic identification of signing messages.In this scheme, the public key information of signer is a public information, and can decipher this information with the public key information of signer and obtain raw information.Therefore can differentiate the true and false of the signing messages that Electronic Signature signs automatically by machinery and equipment.

Fig. 8 is the 4th kind of implementation principle of work synoptic diagram of Electronic Signature of the present invention.The smart card 804 that Electronic Signature comprises information processing apparatus 802 and print module 803 and is connected by intelligent card interface 801, it is the module signal of the principle of work of Fig. 6.Described safety component adopts intelligent card interface 801 with smart card 804, interface unit.Because smart card is popularized very wide, easy to carry, wieldy characteristics now, therefore also adopt the mode of smart card in the preferred implementation of the present invention.

Fig. 9 is the 5th kind of implementation principle of work synoptic diagram of Electronic Signature of the present invention.The smart card 904 that Electronic Signature comprises information processing apparatus 902 and radio frequency module for reading and writing 903 and is connected by intelligent card interface 901.Described safety component adopts intelligent card interface 901 with smart card 904, interface unit.Because smart card is popularized very wide, easy to carry, wieldy characteristics now, therefore also adopt the mode of smart card in the preferred implementation of the present invention.Radio frequency module for reading and writing 903 and described information processing apparatus 902 are connected by radiofrequency signal.This scheme requires to embed radio electronic label in electronic bill, signing messages is encrypted the back write radio electronic label by radio frequency module for reading and writing 903.After adopting radio electronic label, though its information human eye is invisible, the characteristics of its contactless identification more help the use of Electronic Signature.If people wish to have the effect that seeing is believing simultaneously or carry out double authentication, the scheme of Fig. 8 and Fig. 9 can be carried out combination.

Figure 10 is the 6th kind of implementation principle of work synoptic diagram of Electronic Signature of the present invention.Than Fig. 9, this specific implementation has also increased MIM message input module 1005 except that the smart card 904 that comprises information processing apparatus 902 and radio frequency module for reading and writing 903 and be connected by intelligent card interface 901.These information can be input to information processing apparatus 902 by MIM message input module 1005, as the part of signing messages.

Figure 11 is authentification of message system of the present invention first kind of realization synoptic diagram.The authentification of message system comprises certificate server 1101, information medium 1103, and described certificate server comprises information acquisition parts 1102, enciphering and deciphering algorithm calculating unit, data back.Described information medium 1103 refers generally to electronic bill, also can be other media that need sign, and the surface comprises the cipher-text information of visible signing messages; Described enciphering and deciphering algorithm calculating unit comprises the computing module of enciphering and deciphering algorithm; Stored described information medium owner's approval signing messages in the described data back; Described information acquisition parts 1102 are gathered the cipher-text information on described information medium 1103 surfaces and described cipher-text information are converted to by the cipher-text information data of described certificate server 1101 processing; Described asymmetric enciphering and deciphering algorithm calculating unit is decrypted described cipher-text information data and obtains signing messages; Described certificate server 1101 is by the whether consistent authentication that realizes information medium of the approval signing messages of storage in advance in more described signing messages and the described data back.

Figure 12 is authentification of message system of the present invention second kind of realization synoptic diagram.The authentification of message system comprises certificate server 1201, information medium 1203, safety feature 1204.Described certificate server 1201 comprises information acquisition parts 1202, data back, safety feature interface unit; Described information medium surface comprises the cipher-text information of visible signing messages; Described safety feature 1204 comprise endorsement person PKI, realized module by endorsement person's private key and decipherment algorithm; Described certificate server 1201 is undertaken by described safety feature interface unit and described safety feature 1204 that wire signal is connected or wireless signal connects; Stored described information medium 1203 owners' approval signing messages in the described data back; Described information acquisition parts 1202 are gathered the cipher-text information on described information medium surface and described cipher-text information are converted to the cipher-text information data of being handled by described certificate server; Described certificate server 1201 is given described safety feature 1204 with the cipher-text information data transfer, is decrypted by 1204 pairs of described cipher-text information data of described safety feature to obtain signing messages and signing messages is passed to described certificate server 1201; Described certificate server 1201 is by the whether consistent authentication that realizes information medium of the approval signing messages of storage in advance in more described signing messages and the described data back.

Figure 13 is the first method synoptic diagram that signs electronically.In step 1301, be that password adopts the algoritic module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data with the private key of signer at first with signing messages, in step 1302, described encrypt data is converted to the signed data that writes to described electronic unit then, when step 1303, described signed data is write described electronic unit at last.The method of this electronic signature is that the implementation with Fig. 4 is the description that Electronic Signature carries out electric endorsement method.

Figure 14 is the second method synoptic diagram that signs electronically.For electronic signature and the electronic bill that has embedded radio electronic label are bound, can be when signing electronically with the identifying information of the information of radio electronic label such as electronic tag part as signing messages.Therefore the endorsement method step is as follows: at first in step 1400 from radio electronic label read data information, entering step 1401 is that password adopts the algoritic module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data with described signing messages and described data message with the private key of signer, in step 1402, described encrypt data is converted to printed signature information then, when step 1403, described printed signature information is printed on the information medium at last.

Figure 15 is the third method synoptic diagram that signs electronically.Corresponding with the Electronic Signature implementation of Fig. 9, because Electronic Signature is divided into separable safety component and electronic signature body, therefore its electric endorsement method step is as follows: the information communication of at first safety component being carried out information connection and foundation and electronic signature body in step 1500 by the interface unit of electronic signature body, entering in the step 1301 signing messages is that password adopts the algoritic module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data with the private key of signer, in step 1302, described encrypt data is converted to the signed data that writes to described electronic unit then, when step 1303, described signed data is write described electronic unit at last.

Figure 16 is the 4th kind of method synoptic diagram that signs electronically.For electronic signature and the electronic bill that has embedded radio electronic label are bound, can be when signing electronically with the identifying information of the information of radio electronic label such as electronic tag part as signing messages.Therefore the endorsement method step is as follows: the information communication of at first safety component being carried out information connection and foundation and electronic signature body in step 1600 by the interface unit of electronic signature body, and in step 1400 from radio electronic label read data information, entering step 1401 is that password adopts the algoritic module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data with described signing messages and described data message with the private key of signer, in step 1402, described encrypt data is converted to printed signature information then, when step 1403, described printed signature information is printed on the information medium at last.

Figure 17 is the first method synoptic diagram that carries out electronics endorsement signature.In step 1701, be that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with endorsement person's private key at first with signing messages, in step 1702, be that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data with quilt endorsement person's PKI then to described first operation result, enter step 1703 described encrypt data is converted to the signed data that writes to described electronic unit, in step 1704, described signed data is write described electronic unit at last.The signing messages in when signature of generally endorsing comprises endorsement person's information, by endorsement person's information, disburser's information, the person's of honouring information, signature date, the term of validity etc., a plurality of endorsements signatures can be coupled together the continuity that forms the endorsement signature by signing messages.

Figure 18 is the second method synoptic diagram that carries out electronics endorsement signature.For electronic signature and the electronic bill that has embedded radio electronic label are bound, can be when signing electronically with the identifying information of the information of radio electronic label such as electronic tag part as signing messages.Therefore the endorsement method step of endorsing is as follows: at first in step 1800 from radio electronic label read data information, and in step 1801, be that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with endorsement person's private key with described signing messages and described data message; In step 1802, be that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data with quilt endorsement person's PKI then to described first operation result, enter step 1803 described encrypt data is converted to the signed data that writes to described electronic unit, in step 1804, described signed data is write described electronic unit at last.The signing messages in when signature of generally endorsing comprises endorsement person's information, by endorsement person's information, disburser's information, the person's of honouring information, signature date, the term of validity etc., a plurality of endorsements signatures can be coupled together the continuity that forms the endorsement signature by signing messages.

Figure 19 is the first method synoptic diagram that carries out electronics reendorse signature.Carrying out reendorse when signature, needing to obtain the information of remote holder signature, with the consistance that guarantees signing messages and prevent that the unauthorized person from carrying out the interests loss of the electronic bill that reendorse causes.Concrete grammar is described below: at first in step 1901 described remote holder signed data being decrypted and obtaining the remote holder signing messages, is that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with described remote holder signing messages, reendorse signing messages with quilt endorsement person's PKI in step 1902; In step 1903, be that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data with the private key of signer then to described first operation result; Enter step 1904 described encrypt data is converted to printed signature information, in step 1905, described printed signature information is printed on the information medium at last.

Figure 20 is the second method synoptic diagram that carries out electronics reendorse signature.When being divided into safety component and electronic signature body in the realization of Electronic Signature, when it carries out the reendorse signature, need earlier safety component and electronic body to be set up being connected of information.Concrete grammar is described below: the information communication of at first safety component being carried out information connection and foundation and electronic signature body in step 2000 by the interface unit of electronic signature body, and in step 1901, described remote holder signed data is decrypted and obtains the remote holder signing messages, in step 1902, be that password adopts first computing module of rivest, shamir, adelman to carry out calculation process to obtain first operation result with quilt endorsement person's PKI with described remote holder signing messages, reendorse signing messages; In step 1903, be that password adopts second computing module of rivest, shamir, adelman to carry out calculation process to obtain encrypt data with the private key of signer then to described first operation result; Enter step 1904 described encrypt data is converted to printed signature information, in step 1905, described printed signature information is printed on the information medium at last.

Figure 21 is the first method synoptic diagram that carries out electron underwriting authentication.Electronic Signature of the present invention is after signing on the electronic bill, when the authentification of message system among employing the present invention authenticates signing messages, its implementation is as follows: at first gather the cipher-text information of the conduct signature that is printed on the electronic bill in step 2101, in step 2102 described cipher-text information deciphering is obtained signing messages then; Then judge in step 2103 whether the approval signing messages that described signing messages and described authentification of message system store mates; If coupling enters step 2104 and shows authentication success; Enter step 2105 if do not match and show authentification failure.

Figure 22 is the second method synoptic diagram that carries out electron underwriting authentication.The public key information that the invention allows for employing signer when signing messages is carried out asymmetric encryption need use by endorsement person's private key information when therefore deciphering, and private key information belongs to endorsement person's security information as key.Proposed in the present invention and will have been made independently safety feature by endorsement person's private key information and decipherment algorithm, when carrying out authentification of message, safety feature is connected with the authentification of message system, and the deciphering of information is finished by safety feature, can guarantee can not leaked by endorsement person's security information.Concrete authentication method is: the cipher-text information of at first gathering the conduct signature that is printed on the electronic bill in step 2201, in the system of authentification of message described in the step 2202 cipher-text information is passed to safety feature by wire communication mode and/or wireless communication mode then, by described safety feature described cipher-text information data are decrypted and obtain signing messages and signing messages is passed to described authentification of message system; Then judge in step 2203 whether the approval signing messages that described signing messages and described authentification of message system store mates; If coupling enters step 2204 and shows authentication success; Enter step 2205 if do not match and show authentification failure.

Claims

1. a support contains the signature apparatus of the medium continuous endorsement signature of electronic unit, it is characterized in that signing comprising on the medium of electronic unit, comprises:

Information processing apparatus, described information processing apparatus comprise enciphering algorithm module and have stored signing messages, remote holder endorsement person's public key information, endorsement person's private key information and by endorsement person's public key information;

Module for reading and writing, described module for reading and writing is connected with described information processing apparatus, and described module for reading and writing writes data and/or reading of data from electronic unit in electronic unit;

The information sensing module, described information sensing module is connected with described information processing apparatus, remote holder endorsement signed data on the described information sensing module collection medium also is sent to described information processing apparatus, is that deciphering obtains the remote holder signing messages to key to remote holder endorsement signed data by the public key information of the back of the hand book person before the described information processing apparatus and endorsement person's private key information;

To be password carry out cryptographic calculation to described signing messages, described remote holder signing messages handles and obtain cipher-text information with described endorsement person's private key information with by endorsement person's public key information by described enciphering algorithm module, by described information processing apparatus described cipher-text information is converted to the signed data that described module for reading and writing writes in electronic unit.

2. signature apparatus according to claim 1 is characterized in that:

To be password carry out cryptographic calculation to described signing messages, described remote holder signing messages and the data that read from electronic unit handle and obtain cipher-text information with described endorsement person's private key information with by endorsement person's public key information by described enciphering algorithm module, by described information processing apparatus described cipher-text information is converted to the signed data that described module for reading and writing writes in electronic unit.

3. according to each described signature apparatus in the claim 1 to 2, it is characterized in that:

Described module for reading and writing comprises the radio-frequency communication interface, and described module for reading and writing is undertaken by radio-frequency communication interface and described electronic unit that signal is connected and communication; Perhaps

Described module for reading and writing comprises radio-frequency communication interface and wire communication interface, and described module for reading and writing is undertaken by radio-frequency communication interface and described electronic unit that signal is connected and communication; Perhaps

Described module for reading and writing comprises wired communication interface, and described module for reading and writing is undertaken by wire communication interface and described electronic unit that signal is connected and communication; Perhaps

Described module for reading and writing comprises radio-frequency communication interface and wire communication interface, and described module for reading and writing is undertaken by wire communication interface and described electronic unit that signal is connected and communication; Perhaps

Described module for reading and writing comprises radio-frequency communication interface and wire communication interface, and described module for reading and writing carries out signal by radio-frequency communication interface and described electronic unit and is connected and carries out with communication and/or by wire communication interface and described electronic unit that signal is connected and communication.

4. according to each described signature apparatus in the claim 1 to 2, it is characterized in that further comprising:

Keyboard device, described information processing apparatus is handled the input information of described keyboard device.

5. according to each described signature apparatus in the claim 1 to 2, it is characterized in that further comprising radio receiving transmitting module, described information processing apparatus is handled the information from the information of described radio receiving transmitting module and the described radio receiving transmitting module transmission of control.

6. according to each described signature apparatus in the claim 1 to 2, it is characterized in that further comprising the support of fixing described signature apparatus.

7. according to each described signature apparatus in the claim 1 to 2, it is characterized in that further comprising display unit, described information processing apparatus is controlled the displaying contents of described display unit.

8. according to each described signature apparatus in the claim 1 to 2, it is characterized in that described module for reading and writing comprises the parts of reading and writing to radio electronic label; Perhaps described module for reading and writing comprises the parts of reading and writing to contact intelligent card; Perhaps described module for reading and writing comprises the parts of reading and writing to contact type intelligent card.