CN103731827B - A kind of hand-held audio communication device and method for electronic certificate authentication - Google Patents

A kind of hand-held audio communication device and method for electronic certificate authentication Download PDF

Info

Publication number
CN103731827B
CN103731827B CN201210385749.3A CN201210385749A CN103731827B CN 103731827 B CN103731827 B CN 103731827B CN 201210385749 A CN201210385749 A CN 201210385749A CN 103731827 B CN103731827 B CN 103731827B
Authority
CN
China
Prior art keywords
hand
communication device
held
audio
user terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201210385749.3A
Other languages
Chinese (zh)
Other versions
CN103731827A (en
Inventor
李岩
罗幸福
邵九洲
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
BEIJING WEIPASS PANORAMA INFORMATION TECHNOLOGY Co Ltd
Original Assignee
BEIJING WEIPASS PANORAMA INFORMATION TECHNOLOGY Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by BEIJING WEIPASS PANORAMA INFORMATION TECHNOLOGY Co Ltd filed Critical BEIJING WEIPASS PANORAMA INFORMATION TECHNOLOGY Co Ltd
Priority to CN201210385749.3A priority Critical patent/CN103731827B/en
Publication of CN103731827A publication Critical patent/CN103731827A/en
Application granted granted Critical
Publication of CN103731827B publication Critical patent/CN103731827B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Telephonic Communication Services (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The present invention relates to a kind of hand-held audio communication device,, by being authenticated to the electronic certificate of user terminal with the indirect communication of certificate server, the hand-held audio communication device includes for which:Memory element, the identifier and the multidate information related to certification of the hand-held audio communication device;Authentication data signal generating unit, the identifier and the multidate information related to certification based on the hand-held audio communication device generate the first authentication data;Converting unit, for being converted to the first audio signal by first authentication data;Speaker, sends first audio signal to user terminal by voice communication channel;And wireless communication unit, it is consistent with the retention time time synchronized to be carried out periodically by radio communication and certificate server.

Description

A kind of hand-held audio communication device and method for electronic certificate authentication
Technical field
Usually, the present invention relates to the communications field, and relate more specifically to enter using audio signal in a communication network The hand-held audio communication device of row terminal unit electronic certificate authentication and method.
Background technology
Present communication era brings wired and wireless network tremendous expansion.Inter-machine communication is due to its growth potential Have been changed to the field that technological innovation is all paid close attention to.As inter-machine communication is for connecting the latent of the equipment of many different purposes Power, inter-machine communication also make many users and developer feel excited, and different purposes are, for example, electronic certificate, intelligent authentication, net Network certification, smart home, intelligent electric meter, fleet management, tele-medicine, access network operation management and many other uses.
Inter-machine communication typically relates to the connection of equipment or equipment group and remote server or computer system, the company Connect the remote reporting that can realize remote authentication or information.In some cases, inter-machine communication is related to one or more terminals Equipment or the use of other nodes or equipment, can be passed to network or calculating via some form of gateway device to collect The information of equipment.At present, near field voice communication is applied to the technical field of inter-machine communication.Sound wave is a kind of mould originally Intend signal, it is difficult to be communicated with smart mobile phone or other electronic equipments.But through certain coding and debugging, using specific Speaker can be converted into sound wave analogue signal digital signal.These analogue signals are sent out by way of sound wave, The mike of digital device receives sound wave and the information that analogue signal is carried can be converted into digital signal again.It is achieved thereby that Communication between different digital equipment.Sound wave has the feature of Decay Rate, cannot just receive more than certain distance miscellaneous equipment, only Have in relatively short distance effectively, this ensure that the safety of short-range communication to a great extent.
Due to the wide overlay area that cellular communication system is provided at present, inter-machine communication application can utilize cellular communication system System is communicated with remote authentication system.Typical endpoint device in inter-machine communication system is with relatively low through-put power The equipment of the relatively small battery operation of ability.Therefore, by with the nearby users end for being connectable to cellular communication system Hold into line interface, endpoint device can be using low power run and by user terminal as mobile internet access gateway, such as Accessed by cellular network, remote computation or storage device can be provided information to.Although in these cases, it is evident that be The connection between gateway and access point is provided by cellular network resource, but as the connection between the user terminal and end points of gateway It is some short squares typical from communication.Therefore, for the past, some inter-machine communications are typically, and need user terminal and end points to set Short square is carried out from communication between standby two equipment, two equipment access mobile Internet by cellular based communication respectively, therefore end points Equipment is typically not the equipment of smaller batteries operation, but more powerful machine.
Therefore, there are the needs that electronic certificate authentication is realized using near field audio communication device in prior art.
Content of the invention
According to the first aspect of the invention, there is provided a kind of hand-held audio communication device, which is by between certificate server Connect letter to be authenticated the electronic certificate of user terminal, the hand-held audio communication device includes:Memory element, described hand-held The identifier of formula audio communication device and the multidate information related to certification, the multidate information related to certification include with At least one of lower content:The License Info of hand-held audio communication device, the status information of hand-held audio communication device and The class information of hand-held audio communication device;Authentication data signal generating unit, the mark based on the hand-held audio communication device Symbol and the multidate information related to certification, generate the first authentication data;Converting unit, for turning first authentication data It is changed to the first audio signal;Speaker, sends first audio signal to user terminal by voice communication channel;And Wireless communication unit, carries out time synchronized periodically by radio communication and certificate server consistent with the retention time.
According to a further aspect in the invention, there is provided a kind of authentication method, the hand-held audio communication device by with certification The indirect communication of server is authenticated to the electronic certificate of user terminal, and methods described includes:From hand-held audio communication device Memory element read the identifier and the multidate information related to certification of the hand-held audio communication device, described with recognize The related multidate information of card includes at least one of herein below:The License Info of hand-held audio communication device, hand-held audio frequency The status information of communication equipment and the class information of hand-held audio communication device;Based on the hand-held audio communication device Identifier and the multidate information related to certification, generate the first authentication data;For first authentication data is converted to First audio signal;First audio signal is sent to user terminal by voice communication channel;And periodically lead to Crossing radio communication, to carry out time synchronized with certificate server consistent with the retention time.
Preferably, further include, the first audio signal for receiving is converted to the first certification number by the user terminal According to, and the second authentication data is generated based on first authentication data, the identifier of user terminal and electronic certificate, will be described Second authentication data is sent to certificate server.Preferably, further include, the certificate server is according to second certification The first authentication data in data and user terminal identification accord with being authenticated electronic certificate, if certification success, will recognize Card success message is sent to the user terminal;If authentification failure, authentification failure message is sent to the user terminal. Preferably, the certification success message or authentification failure message are converted to the second audio signal by wherein described user terminal, will Second audio signal is sent to the hand-held audio communication device, described in the hand-held audio communication device will be received Second audio signal is converted to certification success message or authentification failure message, and the display screen in hand-held audio communication device Upper show the certification success message or authentification failure message, or by the LED of hand-held audio communication device indicate described in recognize Card success message or authentification failure message distinguish corresponding state, or pass through sound using the speaker of hand-held audio communication device To export the certification success message or authentification failure message.Preferably, wherein first audio signal is led to by audio frequency Letter channel sends user terminal to and is specially:First audio signal is encrypted using 3DES algorithms, and will be passed through First audio signal of encryption sends user terminal to by voice communication channel;And/or wherein by second audio signal It is sent to the hand-held audio communication device to be specially:Second audio signal is encrypted using 3DES algorithms, and The second audio signal for passing through encryption is sent to the hand-held audio communication device.Preferably, further include, described hand-held Audio communication device is encrypted to current time according to AES to generate time encryption factor, by the time encryption because Son increases in first authentication data, to guarantee that the time is authenticated by the electronic certificate is consistent.
Description of the drawings
The present invention is generally described, and referring now to accompanying drawing, which is drawn not necessarily in regulation ratio, wherein:
Fig. 1 shows the schematic diagram of the communication system of the example embodiment according to the present invention;
Fig. 2 shows the schematic diagram of the hand-held audio communication device of the example embodiment according to the present invention;
Fig. 3 shows the schematic diagram of the hand-held audio communication device according to another example embodiment of the invention;
The flow chart that Fig. 4 shows the authentication method according to example embodiment of the present invention;
The flow chart that Fig. 5 shows the method for the generation electronic certificate according to example embodiment of the present invention;And
The flow chart that Fig. 6 shows the authentication method according to another example embodiment of the invention.
Specific embodiment
Hereinafter, describe embodiment of the present invention more fully with reference to the accompanying drawings, some enforcements of the present invention in the accompanying drawings, are shown Mode, and simultaneously not all embodiments.Certainly, various embodiments of the present invention can be realized by many multi-forms, and not It is interpreted as being limited to embodiments set forth herein;And be to provide these embodiments and the disclosure will be met Legitimate claim applicatory.The label being wherein similar to represents similar element.Wherein, term " data ", " content ", " information " and Similar terms are used interchangeably, to represent the data that can be sent according to embodiment of the present invention, receive and/or store.Therefore, The use of arbitrarily so term should not be taken as limiting the spirit and scope of embodiment of the present invention.
Additionally, as it is used herein, term " circuit " is referred to(a)Only hardware circuit scheme(For example with analog circuit and/ Or the scheme of digital circuit);(b)It is included in the software and/or firmware that store on one or more computer-readable memory to refer to The combination of the circuit and computer program of order, its operate such that together be carrying out described here one or more Function;And(c)Need the software or firmware for operating(Even if software or firmware non-physical are present)Circuit, for example micro- place Reason device or a part for microprocessor.This definition of " circuit " is applied to here, including any claim, to this term All uses.Used as other examples, here, term " circuit " is also included containing one or more processors and/or its part And with software and/or the scheme of firmware.Used as another example, term " circuit " used herein also includes, for example, is used for The based band integrated circuit of mobile phone or application processor integrated circuit, or server, cellular network device, other networks set Similar integrated circuit in standby, and/or other computing devices.
As defined herein, physical storage medium is referred to(For example, volatibility or non-volatile memory devices)" calculate Machine readable storage medium storing program for executing ", may be different from " the computer-readable transmission medium " that refer to electromagnetic signal.
As indicated on, Machine To Machine is usually required that(M2M, Machine-to-Machine)Serve as in communication system The user terminal of gateway device use two different radio, especially when with include relative low-power(For example, low transmission work( Rate)Sensor or the M2M communication systems of sensor network when being used together.Some embodiments of the present invention can provide one The mechanism of kind, can be that sensor or sensor network distribute specific wireless network resource by access point by the mechanism, make Two radio must not needed.In some cases, in the wireless network using cellular network resource, cellular network access point Can be in one or more endpoint machines(For example, sensor)The allocation of communications carried out between access point and gateway device is concrete Cellular network resource.For example, access point can be from access point to machine and gateway device(Or repeater)With machine it Between downlink direction allocation of communications cellular downlink channel resource.Then, can be route slave by gateway device Device is supplied to the communication of access point, and gateway device can relay these communications via cellular network uplink resource.
Fig. 1 shows the schematic diagram of the communication system of the example embodiment according to the present invention.As shown in figure 1, described logical Letter system includes:Certificate server, hand-held audio communication device and user terminal.Preferably, the certificate server according to from The authentication data that user terminal is received is authenticated to user terminal.Preferably, the certification can be to user terminal Electronic certificate is authenticated(For example, access of the user to website, the authentication to user), the certification can be right The certification of the application run on user terminal(For example, whether user terminal has the access rights applied by certain).Preferably, The hand-held audio communication device realizes the certification to user terminal by sending the data related to certification to user terminal. For example, the hand-held audio communication device can be E-seal or point-of-sale terminal(POS).Preferably, the user terminal Can be any type device that can run and store various applications, such as personal digital assistant(PDA), smart mobile phone, flat Plate computer, radio telephone, mobile computing device, photographing unit, video recorder, audio/video player, location equipment(Example Such as, global positioning system(GPS)Equipment), game station, radio or various other similar equipment or its combine.
According to the preferred embodiment of the present invention, divide by function and/or hardware configuration, the hand-held voice communication sets Standby can include:Clock unit, wireless communication unit, time ciphering unit, audio output unit, audio input unit, output Equipment, encrypting and decrypting unit, memory element, converting unit, modem module and authentication data signal generating unit.The clock list Unit is used for the internal clocking for producing hand-held audio communication device, by the internal clocking to the current of hand-held audio communication device Time carries out timing.Preferably, the wireless communication unit is included for launching and receive the transmitter and receiver of signal, or Person is transceiver.The wireless communication unit is used for for the current time of hand-held audio communication device being sent to certificate server, And the current time from certificate server reception certificate server, so as to realize hand-held audio communication device and certificate server Between time synchronized.Preferably, the time ciphering unit is used for working as hand-held audio communication device according to AES The front time is encrypted to generate time encryption factor, and the time encryption factor is increased to first authentication data In.So as to receive the first authentication data in certificate server(Which is included in the second authentication data)When, the time can be added The close factor is decrypted to obtain the current time of hand-held audio communication device, ageing so as to authentication verification.Preferably, institute Stating the first authentication data can include:The identifier of the hand-held audio communication device multidate information related to certification, and/or when Between encryption factor.The identifier of wherein hand-held audio communication device can be that the device id or equipment of hand-held audio communication device are hard Part is identified, and the identifier of the hand-held audio communication device is globally unique.Preferably, the dynamic letter related to certification Breath includes at least one of herein below:The License Info of hand-held audio communication device, the state of hand-held audio communication device Information and the class information of hand-held audio communication device.Preferably, the License Info of hand-held audio communication device can include Provider(Represented by hand-held audio communication device)Electronic certificate License Info(For example, tolerance band, allowable level Deng).Preferably, the status information of the hand-held audio communication device can include that provider provides the shape of related service or mandate State(For example, failed, do not failed yet), and the identity of authenticating party, the ID of authenticating party etc., such as carrying in ecommerce ID for business.Preferably, the class information of the hand-held audio communication device includes providing the rank of related service or authorizes level Not etc..Preferably, the identifier and the multidate information related to certification of hand-held audio communication device are stored using memory element. The memory element can be volatibility or nonvolatile memory, for example, random access memory or read only memory.It is preferred that Ground, identifier and to certification related dynamic of the authentication data signal generating unit based on the hand-held audio communication device Information, generates the first authentication data
Preferably, encrypting and decrypting unit utilizes 3DES algorithms, i.e., triple DEAs(TDEA, Triple Data Encryption Algorithm)Block encryption, to be encrypted to above-mentioned first authentication data.Triple DES, also known as 3DES, It is a kind of pattern of des encryption algorithm, it carries out Tertiary infilling using the key of 3 56 to 3DES data.Data encryption mark Accurate(DES)It is a kind of long-standing encryption standard in the U.S., it uses symmetric key cryptography, and ANSI organizational norms are ANSIX.3.92.DES is using 56 keys and the method for cryptographic block, and in the method for cryptographic block, text is divided into 64 greatly Then little text block is encrypted again.Compared with initial DES, 3DES is safer.Preferably, after converting unit is to encryption First authentication data carries out digital-to-analogue conversion, so as to generate the first audio signal.Preferably, the converting unit is believed to the second audio frequency Number analog digital conversion is carried out, so as to generate the digital signal of correlation(For example encrypted certification return information).Preferably, the sound Frequency output unit is used for exporting the first audio signal to user terminal, and the audio input unit is used for from user terminal Receive the second audio signal.Preferably, the audio input unit can be mike, and the audio output unit can be Speaker.
According to the preferred embodiment of the present invention, also include outut device, the original authentication is replied message and is supplied to User.Preferably, the outut device is display, speaker, indicator or printer, and will be described using outut device Original authentication replies message and is supplied to user and is specially:Show the content, profit that the original authentication replies message using display Content that the original authentication replies message is exported with speaker by sound, indicated by display lamp mode using indicator The content that the original authentication is replied message corresponding authentication state or replied message using original authentication described in printer output. Wherein described certification return information may include certification success message or authentification failure message.Preferably, the display can show Show the information of certification success or failure.For example, user terminal identification symbol, electronic certificate and authentication result are shown(Success is lost Lose).Preferably, the speaker can point out the information of certification success or failure using sound, for example, played using sound and used Family terminal identifier, electronic certificate and authentication result(Success or failure).Preferably, the indicator may indicate that certification success or The information of failure, such as indicator represent authentification failure with redness, with green mark certification success, and represent do not have with yellow Response.Preferably, the printer can say the information printout for indicating certification success or failure, for example, printing user's end End identifier, electronic certificate and authentication result(Success or failure).Preferably, also include modem module, for signal It is modulated and demodulates.
According to the preferred embodiment of the present invention, divide by function and/or hardware configuration, the user terminal can be wrapped Include:Wireless communication unit, audio output unit, audio input unit, encrypting and decrypting unit, memory element, converting unit and tune Demodulating unit processed.Preferably, the wireless communication unit include for launch and receive signal transmitter and receiver or receive The machine of sending out.Preferably, the wireless communication unit is used for for the second authentication data being sent to authentication service by radio communication channel Device, and the certification by radio communication channel from after certificate server reception encryption is replied message or original authentication is replied and disappeared Breath.Preferably, second authentication data includes the first authentication data, the identifier of user terminal and electronic certificate(For example block Number).Wherein, the certification message indicates certification success or authentification failure.Preferably, encrypting and decrypting unit is used for passing through encryption The first audio signal be decrypted.Preferably, memory element is used for the identifier and electronic certificate for storing user terminal.It is preferred that Ground, the electronic certificate electronic certificate that e.g. server of website, bank server or third-party server are issued. Preferably, the converting unit is used for for the first audio signal being converted to the first authentication data, and for will indicate certification into The encrypted certification of work(or authentification failure is replied message or original authentication is replied message and is converted to the second audio signal.It is preferred that Ground, the audio input unit are used for receiving the first audio signal, and the audio output list from hand-held audio communication device Second audio signal is sent to the hand-held audio communication device by unit.Preferably, the audio input unit can be Mike, and the audio output unit can be speaker.Preferably, also include modem module, for entering to signal Row modulation and demodulation system.
According to the preferred embodiment of the present invention, certificate server includes authentication ' unit, wireless communication unit and clock list Unit.Preferably, the clock unit is used for the internal clocking for producing certificate server, certification is taken by the internal clocking The current time of business device carries out timing.Preferably, certificate server synchronous, the tool that periodically enters row clock with hand-held audio communication device Body is:Its internal clocking is sent to certificate server by wireless communication unit by hand-held audio communication device definition, and certification takes Business device determines according to the internal clocking and transmission delay whether the internal clocking of hand-held audio communication device is taken with certification The internal clocking synchronization of business device.Preferably, the internal clocking of the certificate server can be that gps clock, circuit are used and shaken Swing device clock.Preferably, the wireless communication unit is used for entering row clock with hand-held audio communication device synchronous, and and user Terminal carries out data interaction.
Preferably, electronic certificate of the second authentication data that the authentication ' unit is sent according to user terminal to user terminal It is authenticated.For example, authentication ' unit includes according to the second authentication data the first authentication data, the identifier of user terminal come The electronic certificate of user terminal is authenticated.Preferably, first authentication data also includes:The hand-held voice communication sets The standby identifier multidate information related to certification and/or time encryption factor.That is, authentication ' unit is according to hand-held voice communication The identifier of the equipment multidate information related to certification, time encryption factor, the identifier of user terminal are carried out to electronic certificate Certification.Preferably, the identifier of hand-held audio communication device is used for the identity for identifying hand-held audio communication device, and is used for marking Know the authorized party of electronic certificate.Preferably, the multidate information related to certification includes the information of authenticating party, the letter of such as trade company Breath, the type of electronic certificate, species etc..Preferably, time encryption factor identifies the time of hand-held audio communication device, prevents multiple The electronic certificate of system or expired electronic certificate.Preferably, the device id of the identifier of user terminal e.g. user terminal, example As mobile phone has its unique device coding as user terminal, using media access control(MAC, Media Access Control)Address and International Mobile Equipment Identity code(IMEI, International Mobile Equipment Identity)The uniqueness of definable equipment.Preferably, the installation identifier ID of definable application when installing application every time.Separately Outward, the log-on message of user can be bundled in mobile phone terminal, so that unique user identifiers UID is generated for user, and pass through note Check code user bound cell-phone number, it is ensured that user identity is truly unique.Preferably, corresponding for user account electronic certificate is stored Server beyond the clouds, it is local to be buffered in mobile phone, corresponding for user identity electronic certificate is downloaded by the data communication of mobile phone and Update mobile phone local.
Fig. 2 shows the circuit diagram of the hand-held audio communication device of the example embodiment according to the present invention.It is preferred that Ground, the hand-held audio communication device shown in Fig. 2 is E-seal.The E-seal includes:MCU single-chip microcomputers, Audio Codec Built-in power amplifier, ISO7816 controller ICs, PSAM cards, speaker, mike(MIC), reserve battery, RTC controllers, 32.768K Crystal, main battery, battery conversion and charging circuit.Preferably, MCU chip microcontrollers are controlled to the entirety of E-seal.Audio The built-in power amplifiers of Codec realize that audio analog signals are converted to digital signal and digital signal is converted to audio analog signals, and Realize to volume, noise reduction, echo suppression, the amplification of the audio analog signals of input and output.Preferably, the controls of ISO 7816 IC is used Communication interface is set up between MCU single-chip microcomputers and PSAM cards.Preferably, PSAM(Purchase Secure Access Module)Card is a kind of encryption IC chip, for terminal units such as trade company POS, site terminal, direct connection terminals, is responsible for device Safety control.Preferably, it supports many applications of a card, separate between respectively applying(Many applications, firewall functionality).Support Multiple file types, including binary file, fixed-length record file, variable-length record file, circular file, wallet file.Logical Multiple safety protecting mechanisms are supported during news(The confidentiality and integrity protection of information).Support multiple secure access modes and Authority(Authentication function and password protection).Support Single DES, the Triple DES algorithms of People's Bank of China's accreditation.Support Multistage key dispersal mechanism, produces《China's finance integrated circuit(IC)Calliper model》Defined in MAC1 and verification MAC2.Available This module realizes the proof of identity of financial security rank.
Preferably, speaker is used for exports audio signal.Mike is used for receiving audio signal.Preferably, main battery is used Family provides electric power for E-seal, and electric power is supplied to MCU single-chip microcomputers by Power convert by which.Preferably, charging circuit is used for It is charged for main battery, so as to ensure the supply of electric power of main battery.Preferably, reserve battery is additionally provided with, for controlling for RTC Device processed provides electric power.Preferably, the RTC controllers provide the control to real-time clock for E-seal, so as to keep electronics The internal time of seal.Preferably, the 32.768K crystal is used for producing underlying clock, and the RTC controllers root Real-time clock is controlled according to underlying clock.
Fig. 3 shows the circuit diagram of the hand-held audio communication device according to another example embodiment of the invention.Fig. 3 The hand-held audio communication device for illustrating is hand-held audio communication device machine(For example it is used for the POS of certification).The hand-held audio frequency of Fig. 3 Communication equipment has identical part with the hand-held audio communication device of Fig. 2, for purposes of simplicity and clarity, only introduces and figure The different part of 2 hand-held audio communication device.Preferably, external power source realized by the adapter(Such as alternating current)Input To the interface conversion between power conversion unit.
The flow chart that Fig. 4 shows the authentication method according to example embodiment of the present invention.Preferably, methods described is suitable for In being authenticated to electronic certificate in a communication network, wherein described communication network includes user terminal, certificate server and handss Hold audio communication device.Methods described starts at step 500.Preferably,
Preferably, at step 401, the identifier of the hand-held audio communication device and related to certification is obtained Multidate information, the multidate information related to certification include at least one of herein below:Hand-held audio communication device The class information of License Info, the status information of hand-held audio communication device and hand-held audio communication device.
Preferably, at step 402, identifier based on the hand-held audio communication device and related to certification Multidate information, generates the first authentication data.Preferably, at step 403, to being used for for first authentication data being converted to the One audio signal.Preferably, digital-to-analogue conversion is carried out to first authentication data, to generate the first audio signal.Preferably, exist Step 404 place, sends first audio signal to user terminal by voice communication channel.Preferably, periodically lead to Crossing radio communication, to carry out time synchronized with certificate server consistent with the retention time.
Preferably, also included before step 401:Electronic certificate is converted to audio frequency letter through digital-to-analogue conversion by user terminal Number, hand-held audio communication device, the hand-held audio communication device to are sent the audio signal by voice communication channel Audio signal is received, and electronic certificate is converted into by analog digital conversion.Preferably, first authentication data includes: The identifier and the multidate information related to certification of the hand-held audio communication device.Preferably, related to certification dynamic letter Breath includes at least one of herein below:The License Info of hand-held audio communication device, the state of hand-held audio communication device Information and the class information of hand-held audio communication device.
Preferably, the multidate information related to certification includes at least one of herein below:Hand-held voice communication The class information of the License Info of equipment, the status information of hand-held audio communication device and hand-held audio communication device.It is preferred that Ground, the License Info of hand-held audio communication device can include provider(Represented by hand-held audio communication device)Electronics The License Info of voucher(For example, tolerance band, allowable level etc.).Preferably, the state letter of the hand-held audio communication device Breath can include that provider provides the state of related service or mandate(For example, failed, do not failed yet), and authenticating party Identity, ID of authenticating party etc., the such as ID in ecommerce for provider.Preferably, the hand-held audio communication device Class information includes providing rank or authority levels of related service etc..
Preferably, before digital-to-analogue conversion is carried out to first authentication data, also include using 3DES algorithms to described First authentication data is encrypted.Alternatively or additionally, the later step in step 401, i.e., to first authentication data Digital-to-analogue conversion is carried out, is the first certification number through encrypting to generate involved the first authentication data in the first audio signal According to.Preferably, when the first authentication data is generated, hand-held audio communication device is encrypted to the time according to AES To generate time encryption factor, the time encryption factor is increased in first authentication data.Preferably, described hand-held By time encryption factor, audio communication device and the certificate server determine whether the time is consistent.Preferably, recognizing Card server receives the first authentication data(Which is included in the second authentication data)When, time encryption factor can be solved The close current time to obtain hand-held audio communication device, ageing so as to authentication verification.
In accordance with another preferred embodiment of the present invention, first audio frequency is believed by the user terminal through analog digital conversion The first authentication data number is converted to, and is generated based on first authentication data, the identifier of user terminal and electronic certificate Second authentication data.It follows that the second authentication data includes:(Encrypted or not encrypted)First authentication data, use The identifier and electronic certificate of family terminal.Preferably, second authentication data is sent to certificate server.Preferably, will Second authentication data is sent to certificate server and is carried out by wireless channel.
Preferably, certificate server is accorded with according to the first authentication data in second authentication data and user terminal identification To be authenticated to electronic certificate, and generate and indicate that the original authentication of certification success or authentification failure is replied message, according to plus Close algorithm original authentication is replied message be encrypted and by encryption after certification reply message and be sent to user terminal.It is preferred that Encrypted certification is replied message digital-to-analogue conversion for the second audio signal by ground, the user terminal, and second audio frequency is believed Number the hand-held audio communication device is sent to, the hand-held audio communication device enters to second audio signal for receiving Row analog digital conversion, is replied message with being converted to encrypted certification, the encrypted certification is replied message be decrypted with Generate original authentication to reply message, and the original authentication is replied message using outut device and be supplied to user.Preferably, The outut device is display, speaker, indicator or printer, and replys the original authentication using outut device Message is supplied to user and is specially:Show content that the original authentication replies message using display, passed through using speaker Sound is exporting content that the original authentication is replied message, indicate the original authentication using indicator by display lamp mode The content for replying message corresponding authentication state or being replied message using original authentication described in printer output.
According to the preferred embodiment of the present invention, when the hand-held audio communication device is kept with certificate server identical Between.Preferably, the hand-held audio communication device and the certificate server pass through the radio communication periodic synchronization time to keep Time consistency.It is synchronous that certificate server periodically enters row clock with hand-held audio communication device, specially:Hand-held audio communication device Its internal clocking is sent to certificate server by wireless communication unit by definition, certificate server according to the internal clocking with And whether transmission delay is synchronous with the internal clocking of certificate server come the internal clocking that determines hand-held audio communication device.It is preferred that Ground, the internal clocking of the certificate server can be gps clock, circuit use and oscillator clock.
In accordance with another preferred embodiment of the present invention, the hand-held audio communication device and user terminal of voice communication are carried out Generally there is following fundamental characteristics:1)Sample rate 44.1k(Most general sample rate, most hand-held audio communication devices and User terminal supports this sample rate);2)Carrier frequency 17.6k(The mankind are difficult the sound for hearing this frequency);3)Using half Duplex mode both-way communication.
Preferably, hand-held audio communication device sends audio signal(Audio communication is sent)Flow process:
1)By the device identifier of hand-held audio communication device, there is provided business's identifier, timestamp are encoded;
2)Coded data is carried out 3DES encryption;3)The hash values of encrypted data are calculated, is saved backup;
4)Plus data packet head and flag data before encryption data, followed by upper verification data set into packet;
5)2ASK is carried out to packet(Binary amplitude keying)Modulation, obtains audio volume control sampled data;
6)Sounding.
Preferably, user terminal receives audio signal(Audio communication is received)Flow process:1)To audio volume control hits According to filtering;2)2ASK is demodulated;3)Judge packet header and mark;4)The correctness of verification data;5)The hash values of packet are calculated, is protected Deposit standby;6)Decoding data out constitute authentication data packet plus user terminal identification symbol and electronic certificate;7)Encryption certification Packet simultaneously uploads to certificate server.
Preferably, user terminal sends audio signal(Audio communication is sent)Flow process:1)User terminal receives certification The response data packet of server;2)Decryption;3)Plus data packet head and the hash for preserving before data, followed by upper verification data Composition data bag;4)2ASK modulation is carried out to packet, audio volume control sampled data is obtained;5)Sounding.
Preferably, hand-held audio communication device receives audio signal(Audio communication is received)Flow process:
1)Audio volume control sampled data is filtered;2)2ASK is demodulated;3)Judge that packet header is whether correct, hash whether with preservation Hash consistent;4)The correctness of verification data;5)3DES is decrypted;6)Judge the packet whether effective response number of this certification According to bag;7)Decoding data bag obtains authentication result of the certificate server to this certification;8)Show authentication result over the display (Or utilize printer output authentication result).
The flow chart that Fig. 5 shows the method for the generation electronic certificate according to example embodiment of the present invention.Step 501, Hand-held audio communication device user terminal provides electronic certificate, is provided using sound wave checking and confirms instruction and key;Step 502, The application of user terminal is instructed by acoustic receiver, and the identifier of the identifier of user terminal, hand-held audio communication device is led to Cross mobile Internet and be sent to server;Step 503, electronic certificate identity verifying system decrypt the device keyses of provider, really Recognize provider's identity, while confirming user identity;And step 504, electronic certificate content verifying system is by the electricity of the provider The identifier of sub- voucher and user terminal is bound, and electronic certificate is generated.
The flow chart that Fig. 6 shows the authentication method according to another example embodiment of the invention.Step 601, user's end The application at end is updated electronic certificate and sends hand-held audio communication device by server.Step 602, hand-held voice communication set Standby sound wave checking equipment transmits the hand-held audio communication device identifier and handss of hand-held audio communication device near user terminal Hold audio communication device key.Step 603, the applying electronic voucher of user terminal receive the hand-held sound of hand-held audio communication device Frequency communication device identifier and key, and it is sent to server.Step 604, electronic certificate identity verifying system decruption key, really Recognize hand-held audio communication device identity, user terminal identity.Step 605, electronic certificate content verifying system detect user end Whether end has corresponding rights and interests in the hand-held audio communication device, and whether electronic certificate content is consistent, is consistent, and electronic certificate is tested Demonstrate,prove successfully.Step 606, server return data to user terminal application, the application show the change of electronic certificate content.Step 607, successful information is returned to sound wave checking equipment by the application, and sound wave checking equipment confirms to be proved to be successful signal, and prints Output related data.
Under the teaching presented in description previously and relevant drawings, those of ordinary skill in field according to the present invention Will be appreciated that many modifications and the other embodiment of the present invention set forth herein.It is, therefore, to be understood that embodiment of the present invention is not Be limited to particular implementation disclosed herein, and which changes the model that claims are also included in other embodiment In enclosing.Although additionally, description above and relevant drawings describe the environment of some example combinations in element and/or function Under illustrative embodiments, it should be understood that the various combination of element and/or function can be provided by alternate embodiment, and Without departing from scope of the following claims.At this point, for example, as can be illustrated in the following claims, can also set Want the various combination in addition to above clearly described element and/or function.Although specific terms be employed herein, but it Only can be used by general and descriptive concept, the purpose being not intended to limit.

Claims (10)

1. a kind of hand-held audio communication device, which is by entering to the electronic certificate of user terminal with the indirect communication of certificate server Row certification, the hand-held audio communication device include:
Memory element, stores the identifier and the multidate information related to certification of the hand-held audio communication device, described The multidate information related to certification includes at least one of herein below:The License Info of hand-held audio communication device, hand-held The status information of audio communication device and the class information of hand-held audio communication device;
Authentication data signal generating unit, the identifier and the dynamic letter related to certification based on the hand-held audio communication device Breath, generates the first authentication data;
Converting unit, for being converted to the first audio signal by first authentication data;
Speaker, sends first audio signal to user terminal by voice communication channel;And
Wireless communication unit, carries out time synchronized periodically by radio communication and certificate server consistent with the retention time;
Further include, the first audio signal for receiving is converted to the first authentication data by the user terminal, and is based on First authentication data, the identifier of user terminal and electronic certificate generate the second authentication data, by the second certification number According to being sent to certificate server.
2. equipment according to claim 1, further includes, the certificate server is according in second authentication data The first authentication data and user terminal identification symbol being authenticated to electronic certificate, if certification success, by certification success Message is sent to the user terminal;If authentification failure, authentification failure message is sent to the user terminal.
3. the certification success message or authentification failure are disappeared by equipment according to claim 2, wherein described user terminal Breath is converted to the second audio signal, and second audio signal is sent to the hand-held audio communication device, the hand-held sound Second audio signal for receiving is converted to certification success message or authentification failure message by frequency communication equipment, and in handss Hold, or logical by hand-held audio frequency The LED of letter equipment indicates that the certification success message or authentification failure message distinguish corresponding state, or utilizes hand-held audio frequency The speaker of communication equipment exports the certification success message or authentification failure message by sound.
4. equipment according to claim 3, wherein sends first audio signal to use by voice communication channel Family terminal is specially:First audio signal is encrypted using 3DES algorithms, and the first audio frequency of encryption will be passed through Signal sends user terminal to by voice communication channel;And/or wherein second audio signal is sent to described hand-held Audio communication device is specially:Second audio signal is encrypted using 3DES algorithms, and the of encryption will be passed through Two audio signals are sent to the hand-held audio communication device.
5. equipment as claimed in any of claims 1 to 3, further includes, the hand-held audio communication device root Current time is encrypted according to AES to generate time encryption factor, the time encryption factor is increased to described In one authentication data, to guarantee that the time is authenticated by the electronic certificate is consistent.
6. a kind of authentication method, hand-held audio communication device is by the electronics with the indirect communication of certificate server to user terminal Voucher is authenticated, and methods described includes:
From the memory element of hand-held audio communication device read the hand-held audio communication device identifier and with certification Related multidate information, the multidate information related to certification include at least one of herein below:Hand-held voice communication The class information of the License Info of equipment, the status information of hand-held audio communication device and hand-held audio communication device;
Identifier and the multidate information related to certification based on the hand-held audio communication device, generates the first certification number According to;
For first authentication data is converted to the first audio signal;
First audio signal is sent to user terminal by voice communication channel;And
Time synchronized is carried out periodically by radio communication and certificate server consistent with the retention time;
Wherein, the first audio signal for receiving is converted to the first authentication data by the user terminal, and based on described the One authentication data, the identifier of user terminal and electronic certificate generate the second authentication data, and second authentication data is sent Arrive certificate server.
7. method according to claim 6, further includes, the certificate server is according in second authentication data The first authentication data and user terminal identification symbol being authenticated to electronic certificate, if certification success, by certification success Message is sent to the user terminal;If authentification failure, authentification failure message is sent to the user terminal.
8. the certification success message or authentification failure are disappeared by method according to claim 7, wherein described user terminal Breath is converted to the second audio signal, and second audio signal is sent to the hand-held audio communication device, the hand-held sound Second audio signal for receiving is converted to certification success message or authentification failure message by frequency communication equipment, and in handss Hold, or logical by hand-held audio frequency The LED of letter equipment indicates that the certification success message or authentification failure message distinguish corresponding state, or utilizes hand-held audio frequency The speaker of communication equipment exports the certification success message or authentification failure message by sound.
9. method according to claim 8, wherein sends first audio signal to use by voice communication channel Family terminal is specially:First audio signal is encrypted using 3DES algorithms, and the first audio frequency of encryption will be passed through Signal sends user terminal to by voice communication channel;And/or wherein second audio signal is sent to described hand-held Audio communication device is specially:Second audio signal is encrypted using 3DES algorithms, and the of encryption will be passed through Two audio signals are sent to the hand-held audio communication device.
10. the method according to any one in claim 6 to 8, further includes, the hand-held audio communication device root Current time is encrypted according to AES to generate time encryption factor, the time encryption factor is increased to described In one authentication data, to guarantee that the time is authenticated by the electronic certificate is consistent.
CN201210385749.3A 2012-10-12 2012-10-12 A kind of hand-held audio communication device and method for electronic certificate authentication Active CN103731827B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201210385749.3A CN103731827B (en) 2012-10-12 2012-10-12 A kind of hand-held audio communication device and method for electronic certificate authentication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210385749.3A CN103731827B (en) 2012-10-12 2012-10-12 A kind of hand-held audio communication device and method for electronic certificate authentication

Publications (2)

Publication Number Publication Date
CN103731827A CN103731827A (en) 2014-04-16
CN103731827B true CN103731827B (en) 2017-03-15

Family

ID=50455719

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210385749.3A Active CN103731827B (en) 2012-10-12 2012-10-12 A kind of hand-held audio communication device and method for electronic certificate authentication

Country Status (1)

Country Link
CN (1) CN103731827B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106911633B (en) * 2015-12-22 2021-03-23 阿里巴巴集团控股有限公司 Data transmission method and device
CN112104781B (en) * 2019-06-17 2021-12-21 深圳市同行者科技有限公司 Method and system for carrying out equipment authorization activation through sound waves
CN110769419B (en) * 2019-10-21 2020-09-15 南京创维信息技术研究院有限公司 Voice network distribution method and system for intelligent equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101546401A (en) * 2008-03-28 2009-09-30 海尔集团公司 Electronic payment method and system based on NFC mobile terminal
CN101567108A (en) * 2008-04-24 2009-10-28 北京爱奥时代信息科技有限公司 Method and system for payment of NFC mobile phone-POS machine
CN101958026A (en) * 2010-09-15 2011-01-26 宇龙计算机通信科技(深圳)有限公司 User authentication module setting method and system
CN102299747A (en) * 2010-06-22 2011-12-28 上海云途信息技术有限公司 Device, system and method for performing safe data communication based on sound waves
CN203289647U (en) * 2012-10-12 2013-11-13 北京微智全景信息技术有限公司 Handheld audio communication equipment for electronic certificate authentication

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101546401A (en) * 2008-03-28 2009-09-30 海尔集团公司 Electronic payment method and system based on NFC mobile terminal
CN101567108A (en) * 2008-04-24 2009-10-28 北京爱奥时代信息科技有限公司 Method and system for payment of NFC mobile phone-POS machine
CN102299747A (en) * 2010-06-22 2011-12-28 上海云途信息技术有限公司 Device, system and method for performing safe data communication based on sound waves
CN101958026A (en) * 2010-09-15 2011-01-26 宇龙计算机通信科技(深圳)有限公司 User authentication module setting method and system
CN203289647U (en) * 2012-10-12 2013-11-13 北京微智全景信息技术有限公司 Handheld audio communication equipment for electronic certificate authentication

Also Published As

Publication number Publication date
CN103731827A (en) 2014-04-16

Similar Documents

Publication Publication Date Title
CN103731266B (en) Method and system for authenticating electronic certificate
CN108270571B (en) Internet of Things identity authorization system and its method based on block chain
CN105050081B (en) Method, device and system for connecting network access device to wireless network access point
CN103039035B (en) Close-distance safety data communication method based on sound wave or audio frequency
CN101662765B (en) Encryption system and method of short message of mobile telephone
CN101789865B (en) Dedicated server used for encryption and encryption method
CN101720071B (en) Short message two-stage encryption transmission and secure storage method based on safety SIM card
US9762567B2 (en) Wireless communication of a user identifier and encrypted time-sensitive data
US20070257813A1 (en) Secure network bootstrap of devices in an automatic meter reading network
CN101247407B (en) Network authentication service system and method
CN112788042B (en) Method for determining device identifier of Internet of things and device of Internet of things
US20150372813A1 (en) System and method for generating a random number
CN103095457A (en) Login and verification method for application program
CN103686589A (en) Safe check-in method and system facing mobile terminal
WO2012024872A1 (en) Method, system and related apparatus for encrypting communication in mobile internet
CN102480713A (en) Method, system and device for communication between sink node and mobile communication network
CN110446177B (en) Communication method, device and system of Internet of things meter
CN112672342B (en) Data transmission method, device, equipment, system and storage medium
CN203104783U (en) Terminal device for authentication of electronic certificate
CN103731828B (en) A kind of terminal unit and method for electronic certificate authentication
CN101931561A (en) Remote control network equipment management system and management end and network equipment operation method
KR20180000220A (en) Method providing secure message service and apparatus therefor
CN103731827B (en) A kind of hand-held audio communication device and method for electronic certificate authentication
CN203289647U (en) Handheld audio communication equipment for electronic certificate authentication
JP6447949B1 (en) Authentication system, authentication server, authentication method, and authentication program

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant