CN103731827B - A kind of hand-held audio communication device and method for electronic certificate authentication - Google Patents
A kind of hand-held audio communication device and method for electronic certificate authentication Download PDFInfo
- Publication number
- CN103731827B CN103731827B CN201210385749.3A CN201210385749A CN103731827B CN 103731827 B CN103731827 B CN 103731827B CN 201210385749 A CN201210385749 A CN 201210385749A CN 103731827 B CN103731827 B CN 103731827B
- Authority
- CN
- China
- Prior art keywords
- hand
- communication device
- held
- audio
- user terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Telephonic Communication Services (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The present invention relates to a kind of hand-held audio communication device,, by being authenticated to the electronic certificate of user terminal with the indirect communication of certificate server, the hand-held audio communication device includes for which:Memory element, the identifier and the multidate information related to certification of the hand-held audio communication device;Authentication data signal generating unit, the identifier and the multidate information related to certification based on the hand-held audio communication device generate the first authentication data;Converting unit, for being converted to the first audio signal by first authentication data;Speaker, sends first audio signal to user terminal by voice communication channel;And wireless communication unit, it is consistent with the retention time time synchronized to be carried out periodically by radio communication and certificate server.
Description
Technical field
Usually, the present invention relates to the communications field, and relate more specifically to enter using audio signal in a communication network
The hand-held audio communication device of row terminal unit electronic certificate authentication and method.
Background technology
Present communication era brings wired and wireless network tremendous expansion.Inter-machine communication is due to its growth potential
Have been changed to the field that technological innovation is all paid close attention to.As inter-machine communication is for connecting the latent of the equipment of many different purposes
Power, inter-machine communication also make many users and developer feel excited, and different purposes are, for example, electronic certificate, intelligent authentication, net
Network certification, smart home, intelligent electric meter, fleet management, tele-medicine, access network operation management and many other uses.
Inter-machine communication typically relates to the connection of equipment or equipment group and remote server or computer system, the company
Connect the remote reporting that can realize remote authentication or information.In some cases, inter-machine communication is related to one or more terminals
Equipment or the use of other nodes or equipment, can be passed to network or calculating via some form of gateway device to collect
The information of equipment.At present, near field voice communication is applied to the technical field of inter-machine communication.Sound wave is a kind of mould originally
Intend signal, it is difficult to be communicated with smart mobile phone or other electronic equipments.But through certain coding and debugging, using specific
Speaker can be converted into sound wave analogue signal digital signal.These analogue signals are sent out by way of sound wave,
The mike of digital device receives sound wave and the information that analogue signal is carried can be converted into digital signal again.It is achieved thereby that
Communication between different digital equipment.Sound wave has the feature of Decay Rate, cannot just receive more than certain distance miscellaneous equipment, only
Have in relatively short distance effectively, this ensure that the safety of short-range communication to a great extent.
Due to the wide overlay area that cellular communication system is provided at present, inter-machine communication application can utilize cellular communication system
System is communicated with remote authentication system.Typical endpoint device in inter-machine communication system is with relatively low through-put power
The equipment of the relatively small battery operation of ability.Therefore, by with the nearby users end for being connectable to cellular communication system
Hold into line interface, endpoint device can be using low power run and by user terminal as mobile internet access gateway, such as
Accessed by cellular network, remote computation or storage device can be provided information to.Although in these cases, it is evident that be
The connection between gateway and access point is provided by cellular network resource, but as the connection between the user terminal and end points of gateway
It is some short squares typical from communication.Therefore, for the past, some inter-machine communications are typically, and need user terminal and end points to set
Short square is carried out from communication between standby two equipment, two equipment access mobile Internet by cellular based communication respectively, therefore end points
Equipment is typically not the equipment of smaller batteries operation, but more powerful machine.
Therefore, there are the needs that electronic certificate authentication is realized using near field audio communication device in prior art.
Content of the invention
According to the first aspect of the invention, there is provided a kind of hand-held audio communication device, which is by between certificate server
Connect letter to be authenticated the electronic certificate of user terminal, the hand-held audio communication device includes:Memory element, described hand-held
The identifier of formula audio communication device and the multidate information related to certification, the multidate information related to certification include with
At least one of lower content:The License Info of hand-held audio communication device, the status information of hand-held audio communication device and
The class information of hand-held audio communication device;Authentication data signal generating unit, the mark based on the hand-held audio communication device
Symbol and the multidate information related to certification, generate the first authentication data;Converting unit, for turning first authentication data
It is changed to the first audio signal;Speaker, sends first audio signal to user terminal by voice communication channel;And
Wireless communication unit, carries out time synchronized periodically by radio communication and certificate server consistent with the retention time.
According to a further aspect in the invention, there is provided a kind of authentication method, the hand-held audio communication device by with certification
The indirect communication of server is authenticated to the electronic certificate of user terminal, and methods described includes:From hand-held audio communication device
Memory element read the identifier and the multidate information related to certification of the hand-held audio communication device, described with recognize
The related multidate information of card includes at least one of herein below:The License Info of hand-held audio communication device, hand-held audio frequency
The status information of communication equipment and the class information of hand-held audio communication device;Based on the hand-held audio communication device
Identifier and the multidate information related to certification, generate the first authentication data;For first authentication data is converted to
First audio signal;First audio signal is sent to user terminal by voice communication channel;And periodically lead to
Crossing radio communication, to carry out time synchronized with certificate server consistent with the retention time.
Preferably, further include, the first audio signal for receiving is converted to the first certification number by the user terminal
According to, and the second authentication data is generated based on first authentication data, the identifier of user terminal and electronic certificate, will be described
Second authentication data is sent to certificate server.Preferably, further include, the certificate server is according to second certification
The first authentication data in data and user terminal identification accord with being authenticated electronic certificate, if certification success, will recognize
Card success message is sent to the user terminal;If authentification failure, authentification failure message is sent to the user terminal.
Preferably, the certification success message or authentification failure message are converted to the second audio signal by wherein described user terminal, will
Second audio signal is sent to the hand-held audio communication device, described in the hand-held audio communication device will be received
Second audio signal is converted to certification success message or authentification failure message, and the display screen in hand-held audio communication device
Upper show the certification success message or authentification failure message, or by the LED of hand-held audio communication device indicate described in recognize
Card success message or authentification failure message distinguish corresponding state, or pass through sound using the speaker of hand-held audio communication device
To export the certification success message or authentification failure message.Preferably, wherein first audio signal is led to by audio frequency
Letter channel sends user terminal to and is specially:First audio signal is encrypted using 3DES algorithms, and will be passed through
First audio signal of encryption sends user terminal to by voice communication channel;And/or wherein by second audio signal
It is sent to the hand-held audio communication device to be specially:Second audio signal is encrypted using 3DES algorithms, and
The second audio signal for passing through encryption is sent to the hand-held audio communication device.Preferably, further include, described hand-held
Audio communication device is encrypted to current time according to AES to generate time encryption factor, by the time encryption because
Son increases in first authentication data, to guarantee that the time is authenticated by the electronic certificate is consistent.
Description of the drawings
The present invention is generally described, and referring now to accompanying drawing, which is drawn not necessarily in regulation ratio, wherein:
Fig. 1 shows the schematic diagram of the communication system of the example embodiment according to the present invention;
Fig. 2 shows the schematic diagram of the hand-held audio communication device of the example embodiment according to the present invention;
Fig. 3 shows the schematic diagram of the hand-held audio communication device according to another example embodiment of the invention;
The flow chart that Fig. 4 shows the authentication method according to example embodiment of the present invention;
The flow chart that Fig. 5 shows the method for the generation electronic certificate according to example embodiment of the present invention;And
The flow chart that Fig. 6 shows the authentication method according to another example embodiment of the invention.
Specific embodiment
Hereinafter, describe embodiment of the present invention more fully with reference to the accompanying drawings, some enforcements of the present invention in the accompanying drawings, are shown
Mode, and simultaneously not all embodiments.Certainly, various embodiments of the present invention can be realized by many multi-forms, and not
It is interpreted as being limited to embodiments set forth herein;And be to provide these embodiments and the disclosure will be met
Legitimate claim applicatory.The label being wherein similar to represents similar element.Wherein, term " data ", " content ", " information " and
Similar terms are used interchangeably, to represent the data that can be sent according to embodiment of the present invention, receive and/or store.Therefore,
The use of arbitrarily so term should not be taken as limiting the spirit and scope of embodiment of the present invention.
Additionally, as it is used herein, term " circuit " is referred to(a)Only hardware circuit scheme(For example with analog circuit and/
Or the scheme of digital circuit);(b)It is included in the software and/or firmware that store on one or more computer-readable memory to refer to
The combination of the circuit and computer program of order, its operate such that together be carrying out described here one or more
Function;And(c)Need the software or firmware for operating(Even if software or firmware non-physical are present)Circuit, for example micro- place
Reason device or a part for microprocessor.This definition of " circuit " is applied to here, including any claim, to this term
All uses.Used as other examples, here, term " circuit " is also included containing one or more processors and/or its part
And with software and/or the scheme of firmware.Used as another example, term " circuit " used herein also includes, for example, is used for
The based band integrated circuit of mobile phone or application processor integrated circuit, or server, cellular network device, other networks set
Similar integrated circuit in standby, and/or other computing devices.
As defined herein, physical storage medium is referred to(For example, volatibility or non-volatile memory devices)" calculate
Machine readable storage medium storing program for executing ", may be different from " the computer-readable transmission medium " that refer to electromagnetic signal.
As indicated on, Machine To Machine is usually required that(M2M, Machine-to-Machine)Serve as in communication system
The user terminal of gateway device use two different radio, especially when with include relative low-power(For example, low transmission work(
Rate)Sensor or the M2M communication systems of sensor network when being used together.Some embodiments of the present invention can provide one
The mechanism of kind, can be that sensor or sensor network distribute specific wireless network resource by access point by the mechanism, make
Two radio must not needed.In some cases, in the wireless network using cellular network resource, cellular network access point
Can be in one or more endpoint machines(For example, sensor)The allocation of communications carried out between access point and gateway device is concrete
Cellular network resource.For example, access point can be from access point to machine and gateway device(Or repeater)With machine it
Between downlink direction allocation of communications cellular downlink channel resource.Then, can be route slave by gateway device
Device is supplied to the communication of access point, and gateway device can relay these communications via cellular network uplink resource.
Fig. 1 shows the schematic diagram of the communication system of the example embodiment according to the present invention.As shown in figure 1, described logical
Letter system includes:Certificate server, hand-held audio communication device and user terminal.Preferably, the certificate server according to from
The authentication data that user terminal is received is authenticated to user terminal.Preferably, the certification can be to user terminal
Electronic certificate is authenticated(For example, access of the user to website, the authentication to user), the certification can be right
The certification of the application run on user terminal(For example, whether user terminal has the access rights applied by certain).Preferably,
The hand-held audio communication device realizes the certification to user terminal by sending the data related to certification to user terminal.
For example, the hand-held audio communication device can be E-seal or point-of-sale terminal(POS).Preferably, the user terminal
Can be any type device that can run and store various applications, such as personal digital assistant(PDA), smart mobile phone, flat
Plate computer, radio telephone, mobile computing device, photographing unit, video recorder, audio/video player, location equipment(Example
Such as, global positioning system(GPS)Equipment), game station, radio or various other similar equipment or its combine.
According to the preferred embodiment of the present invention, divide by function and/or hardware configuration, the hand-held voice communication sets
Standby can include:Clock unit, wireless communication unit, time ciphering unit, audio output unit, audio input unit, output
Equipment, encrypting and decrypting unit, memory element, converting unit, modem module and authentication data signal generating unit.The clock list
Unit is used for the internal clocking for producing hand-held audio communication device, by the internal clocking to the current of hand-held audio communication device
Time carries out timing.Preferably, the wireless communication unit is included for launching and receive the transmitter and receiver of signal, or
Person is transceiver.The wireless communication unit is used for for the current time of hand-held audio communication device being sent to certificate server,
And the current time from certificate server reception certificate server, so as to realize hand-held audio communication device and certificate server
Between time synchronized.Preferably, the time ciphering unit is used for working as hand-held audio communication device according to AES
The front time is encrypted to generate time encryption factor, and the time encryption factor is increased to first authentication data
In.So as to receive the first authentication data in certificate server(Which is included in the second authentication data)When, the time can be added
The close factor is decrypted to obtain the current time of hand-held audio communication device, ageing so as to authentication verification.Preferably, institute
Stating the first authentication data can include:The identifier of the hand-held audio communication device multidate information related to certification, and/or when
Between encryption factor.The identifier of wherein hand-held audio communication device can be that the device id or equipment of hand-held audio communication device are hard
Part is identified, and the identifier of the hand-held audio communication device is globally unique.Preferably, the dynamic letter related to certification
Breath includes at least one of herein below:The License Info of hand-held audio communication device, the state of hand-held audio communication device
Information and the class information of hand-held audio communication device.Preferably, the License Info of hand-held audio communication device can include
Provider(Represented by hand-held audio communication device)Electronic certificate License Info(For example, tolerance band, allowable level
Deng).Preferably, the status information of the hand-held audio communication device can include that provider provides the shape of related service or mandate
State(For example, failed, do not failed yet), and the identity of authenticating party, the ID of authenticating party etc., such as carrying in ecommerce
ID for business.Preferably, the class information of the hand-held audio communication device includes providing the rank of related service or authorizes level
Not etc..Preferably, the identifier and the multidate information related to certification of hand-held audio communication device are stored using memory element.
The memory element can be volatibility or nonvolatile memory, for example, random access memory or read only memory.It is preferred that
Ground, identifier and to certification related dynamic of the authentication data signal generating unit based on the hand-held audio communication device
Information, generates the first authentication data
Preferably, encrypting and decrypting unit utilizes 3DES algorithms, i.e., triple DEAs(TDEA, Triple Data
Encryption Algorithm)Block encryption, to be encrypted to above-mentioned first authentication data.Triple DES, also known as 3DES,
It is a kind of pattern of des encryption algorithm, it carries out Tertiary infilling using the key of 3 56 to 3DES data.Data encryption mark
Accurate(DES)It is a kind of long-standing encryption standard in the U.S., it uses symmetric key cryptography, and ANSI organizational norms are
ANSIX.3.92.DES is using 56 keys and the method for cryptographic block, and in the method for cryptographic block, text is divided into 64 greatly
Then little text block is encrypted again.Compared with initial DES, 3DES is safer.Preferably, after converting unit is to encryption
First authentication data carries out digital-to-analogue conversion, so as to generate the first audio signal.Preferably, the converting unit is believed to the second audio frequency
Number analog digital conversion is carried out, so as to generate the digital signal of correlation(For example encrypted certification return information).Preferably, the sound
Frequency output unit is used for exporting the first audio signal to user terminal, and the audio input unit is used for from user terminal
Receive the second audio signal.Preferably, the audio input unit can be mike, and the audio output unit can be
Speaker.
According to the preferred embodiment of the present invention, also include outut device, the original authentication is replied message and is supplied to
User.Preferably, the outut device is display, speaker, indicator or printer, and will be described using outut device
Original authentication replies message and is supplied to user and is specially:Show the content, profit that the original authentication replies message using display
Content that the original authentication replies message is exported with speaker by sound, indicated by display lamp mode using indicator
The content that the original authentication is replied message corresponding authentication state or replied message using original authentication described in printer output.
Wherein described certification return information may include certification success message or authentification failure message.Preferably, the display can show
Show the information of certification success or failure.For example, user terminal identification symbol, electronic certificate and authentication result are shown(Success is lost
Lose).Preferably, the speaker can point out the information of certification success or failure using sound, for example, played using sound and used
Family terminal identifier, electronic certificate and authentication result(Success or failure).Preferably, the indicator may indicate that certification success or
The information of failure, such as indicator represent authentification failure with redness, with green mark certification success, and represent do not have with yellow
Response.Preferably, the printer can say the information printout for indicating certification success or failure, for example, printing user's end
End identifier, electronic certificate and authentication result(Success or failure).Preferably, also include modem module, for signal
It is modulated and demodulates.
According to the preferred embodiment of the present invention, divide by function and/or hardware configuration, the user terminal can be wrapped
Include:Wireless communication unit, audio output unit, audio input unit, encrypting and decrypting unit, memory element, converting unit and tune
Demodulating unit processed.Preferably, the wireless communication unit include for launch and receive signal transmitter and receiver or receive
The machine of sending out.Preferably, the wireless communication unit is used for for the second authentication data being sent to authentication service by radio communication channel
Device, and the certification by radio communication channel from after certificate server reception encryption is replied message or original authentication is replied and disappeared
Breath.Preferably, second authentication data includes the first authentication data, the identifier of user terminal and electronic certificate(For example block
Number).Wherein, the certification message indicates certification success or authentification failure.Preferably, encrypting and decrypting unit is used for passing through encryption
The first audio signal be decrypted.Preferably, memory element is used for the identifier and electronic certificate for storing user terminal.It is preferred that
Ground, the electronic certificate electronic certificate that e.g. server of website, bank server or third-party server are issued.
Preferably, the converting unit is used for for the first audio signal being converted to the first authentication data, and for will indicate certification into
The encrypted certification of work(or authentification failure is replied message or original authentication is replied message and is converted to the second audio signal.It is preferred that
Ground, the audio input unit are used for receiving the first audio signal, and the audio output list from hand-held audio communication device
Second audio signal is sent to the hand-held audio communication device by unit.Preferably, the audio input unit can be
Mike, and the audio output unit can be speaker.Preferably, also include modem module, for entering to signal
Row modulation and demodulation system.
According to the preferred embodiment of the present invention, certificate server includes authentication ' unit, wireless communication unit and clock list
Unit.Preferably, the clock unit is used for the internal clocking for producing certificate server, certification is taken by the internal clocking
The current time of business device carries out timing.Preferably, certificate server synchronous, the tool that periodically enters row clock with hand-held audio communication device
Body is:Its internal clocking is sent to certificate server by wireless communication unit by hand-held audio communication device definition, and certification takes
Business device determines according to the internal clocking and transmission delay whether the internal clocking of hand-held audio communication device is taken with certification
The internal clocking synchronization of business device.Preferably, the internal clocking of the certificate server can be that gps clock, circuit are used and shaken
Swing device clock.Preferably, the wireless communication unit is used for entering row clock with hand-held audio communication device synchronous, and and user
Terminal carries out data interaction.
Preferably, electronic certificate of the second authentication data that the authentication ' unit is sent according to user terminal to user terminal
It is authenticated.For example, authentication ' unit includes according to the second authentication data the first authentication data, the identifier of user terminal come
The electronic certificate of user terminal is authenticated.Preferably, first authentication data also includes:The hand-held voice communication sets
The standby identifier multidate information related to certification and/or time encryption factor.That is, authentication ' unit is according to hand-held voice communication
The identifier of the equipment multidate information related to certification, time encryption factor, the identifier of user terminal are carried out to electronic certificate
Certification.Preferably, the identifier of hand-held audio communication device is used for the identity for identifying hand-held audio communication device, and is used for marking
Know the authorized party of electronic certificate.Preferably, the multidate information related to certification includes the information of authenticating party, the letter of such as trade company
Breath, the type of electronic certificate, species etc..Preferably, time encryption factor identifies the time of hand-held audio communication device, prevents multiple
The electronic certificate of system or expired electronic certificate.Preferably, the device id of the identifier of user terminal e.g. user terminal, example
As mobile phone has its unique device coding as user terminal, using media access control(MAC, Media Access
Control)Address and International Mobile Equipment Identity code(IMEI, International Mobile Equipment
Identity)The uniqueness of definable equipment.Preferably, the installation identifier ID of definable application when installing application every time.Separately
Outward, the log-on message of user can be bundled in mobile phone terminal, so that unique user identifiers UID is generated for user, and pass through note
Check code user bound cell-phone number, it is ensured that user identity is truly unique.Preferably, corresponding for user account electronic certificate is stored
Server beyond the clouds, it is local to be buffered in mobile phone, corresponding for user identity electronic certificate is downloaded by the data communication of mobile phone and
Update mobile phone local.
Fig. 2 shows the circuit diagram of the hand-held audio communication device of the example embodiment according to the present invention.It is preferred that
Ground, the hand-held audio communication device shown in Fig. 2 is E-seal.The E-seal includes:MCU single-chip microcomputers, Audio Codec
Built-in power amplifier, ISO7816 controller ICs, PSAM cards, speaker, mike(MIC), reserve battery, RTC controllers, 32.768K
Crystal, main battery, battery conversion and charging circuit.Preferably, MCU chip microcontrollers are controlled to the entirety of E-seal.Audio
The built-in power amplifiers of Codec realize that audio analog signals are converted to digital signal and digital signal is converted to audio analog signals, and
Realize to volume, noise reduction, echo suppression, the amplification of the audio analog signals of input and output.Preferably, the controls of ISO 7816 IC is used
Communication interface is set up between MCU single-chip microcomputers and PSAM cards.Preferably, PSAM(Purchase Secure Access
Module)Card is a kind of encryption IC chip, for terminal units such as trade company POS, site terminal, direct connection terminals, is responsible for device
Safety control.Preferably, it supports many applications of a card, separate between respectively applying(Many applications, firewall functionality).Support
Multiple file types, including binary file, fixed-length record file, variable-length record file, circular file, wallet file.Logical
Multiple safety protecting mechanisms are supported during news(The confidentiality and integrity protection of information).Support multiple secure access modes and
Authority(Authentication function and password protection).Support Single DES, the Triple DES algorithms of People's Bank of China's accreditation.Support
Multistage key dispersal mechanism, produces《China's finance integrated circuit(IC)Calliper model》Defined in MAC1 and verification MAC2.Available
This module realizes the proof of identity of financial security rank.
Preferably, speaker is used for exports audio signal.Mike is used for receiving audio signal.Preferably, main battery is used
Family provides electric power for E-seal, and electric power is supplied to MCU single-chip microcomputers by Power convert by which.Preferably, charging circuit is used for
It is charged for main battery, so as to ensure the supply of electric power of main battery.Preferably, reserve battery is additionally provided with, for controlling for RTC
Device processed provides electric power.Preferably, the RTC controllers provide the control to real-time clock for E-seal, so as to keep electronics
The internal time of seal.Preferably, the 32.768K crystal is used for producing underlying clock, and the RTC controllers root
Real-time clock is controlled according to underlying clock.
Fig. 3 shows the circuit diagram of the hand-held audio communication device according to another example embodiment of the invention.Fig. 3
The hand-held audio communication device for illustrating is hand-held audio communication device machine(For example it is used for the POS of certification).The hand-held audio frequency of Fig. 3
Communication equipment has identical part with the hand-held audio communication device of Fig. 2, for purposes of simplicity and clarity, only introduces and figure
The different part of 2 hand-held audio communication device.Preferably, external power source realized by the adapter(Such as alternating current)Input
To the interface conversion between power conversion unit.
The flow chart that Fig. 4 shows the authentication method according to example embodiment of the present invention.Preferably, methods described is suitable for
In being authenticated to electronic certificate in a communication network, wherein described communication network includes user terminal, certificate server and handss
Hold audio communication device.Methods described starts at step 500.Preferably,
Preferably, at step 401, the identifier of the hand-held audio communication device and related to certification is obtained
Multidate information, the multidate information related to certification include at least one of herein below:Hand-held audio communication device
The class information of License Info, the status information of hand-held audio communication device and hand-held audio communication device.
Preferably, at step 402, identifier based on the hand-held audio communication device and related to certification
Multidate information, generates the first authentication data.Preferably, at step 403, to being used for for first authentication data being converted to the
One audio signal.Preferably, digital-to-analogue conversion is carried out to first authentication data, to generate the first audio signal.Preferably, exist
Step 404 place, sends first audio signal to user terminal by voice communication channel.Preferably, periodically lead to
Crossing radio communication, to carry out time synchronized with certificate server consistent with the retention time.
Preferably, also included before step 401:Electronic certificate is converted to audio frequency letter through digital-to-analogue conversion by user terminal
Number, hand-held audio communication device, the hand-held audio communication device to are sent the audio signal by voice communication channel
Audio signal is received, and electronic certificate is converted into by analog digital conversion.Preferably, first authentication data includes:
The identifier and the multidate information related to certification of the hand-held audio communication device.Preferably, related to certification dynamic letter
Breath includes at least one of herein below:The License Info of hand-held audio communication device, the state of hand-held audio communication device
Information and the class information of hand-held audio communication device.
Preferably, the multidate information related to certification includes at least one of herein below:Hand-held voice communication
The class information of the License Info of equipment, the status information of hand-held audio communication device and hand-held audio communication device.It is preferred that
Ground, the License Info of hand-held audio communication device can include provider(Represented by hand-held audio communication device)Electronics
The License Info of voucher(For example, tolerance band, allowable level etc.).Preferably, the state letter of the hand-held audio communication device
Breath can include that provider provides the state of related service or mandate(For example, failed, do not failed yet), and authenticating party
Identity, ID of authenticating party etc., the such as ID in ecommerce for provider.Preferably, the hand-held audio communication device
Class information includes providing rank or authority levels of related service etc..
Preferably, before digital-to-analogue conversion is carried out to first authentication data, also include using 3DES algorithms to described
First authentication data is encrypted.Alternatively or additionally, the later step in step 401, i.e., to first authentication data
Digital-to-analogue conversion is carried out, is the first certification number through encrypting to generate involved the first authentication data in the first audio signal
According to.Preferably, when the first authentication data is generated, hand-held audio communication device is encrypted to the time according to AES
To generate time encryption factor, the time encryption factor is increased in first authentication data.Preferably, described hand-held
By time encryption factor, audio communication device and the certificate server determine whether the time is consistent.Preferably, recognizing
Card server receives the first authentication data(Which is included in the second authentication data)When, time encryption factor can be solved
The close current time to obtain hand-held audio communication device, ageing so as to authentication verification.
In accordance with another preferred embodiment of the present invention, first audio frequency is believed by the user terminal through analog digital conversion
The first authentication data number is converted to, and is generated based on first authentication data, the identifier of user terminal and electronic certificate
Second authentication data.It follows that the second authentication data includes:(Encrypted or not encrypted)First authentication data, use
The identifier and electronic certificate of family terminal.Preferably, second authentication data is sent to certificate server.Preferably, will
Second authentication data is sent to certificate server and is carried out by wireless channel.
Preferably, certificate server is accorded with according to the first authentication data in second authentication data and user terminal identification
To be authenticated to electronic certificate, and generate and indicate that the original authentication of certification success or authentification failure is replied message, according to plus
Close algorithm original authentication is replied message be encrypted and by encryption after certification reply message and be sent to user terminal.It is preferred that
Encrypted certification is replied message digital-to-analogue conversion for the second audio signal by ground, the user terminal, and second audio frequency is believed
Number the hand-held audio communication device is sent to, the hand-held audio communication device enters to second audio signal for receiving
Row analog digital conversion, is replied message with being converted to encrypted certification, the encrypted certification is replied message be decrypted with
Generate original authentication to reply message, and the original authentication is replied message using outut device and be supplied to user.Preferably,
The outut device is display, speaker, indicator or printer, and replys the original authentication using outut device
Message is supplied to user and is specially:Show content that the original authentication replies message using display, passed through using speaker
Sound is exporting content that the original authentication is replied message, indicate the original authentication using indicator by display lamp mode
The content for replying message corresponding authentication state or being replied message using original authentication described in printer output.
According to the preferred embodiment of the present invention, when the hand-held audio communication device is kept with certificate server identical
Between.Preferably, the hand-held audio communication device and the certificate server pass through the radio communication periodic synchronization time to keep
Time consistency.It is synchronous that certificate server periodically enters row clock with hand-held audio communication device, specially:Hand-held audio communication device
Its internal clocking is sent to certificate server by wireless communication unit by definition, certificate server according to the internal clocking with
And whether transmission delay is synchronous with the internal clocking of certificate server come the internal clocking that determines hand-held audio communication device.It is preferred that
Ground, the internal clocking of the certificate server can be gps clock, circuit use and oscillator clock.
In accordance with another preferred embodiment of the present invention, the hand-held audio communication device and user terminal of voice communication are carried out
Generally there is following fundamental characteristics:1)Sample rate 44.1k(Most general sample rate, most hand-held audio communication devices and
User terminal supports this sample rate);2)Carrier frequency 17.6k(The mankind are difficult the sound for hearing this frequency);3)Using half
Duplex mode both-way communication.
Preferably, hand-held audio communication device sends audio signal(Audio communication is sent)Flow process:
1)By the device identifier of hand-held audio communication device, there is provided business's identifier, timestamp are encoded;
2)Coded data is carried out 3DES encryption;3)The hash values of encrypted data are calculated, is saved backup;
4)Plus data packet head and flag data before encryption data, followed by upper verification data set into packet;
5)2ASK is carried out to packet(Binary amplitude keying)Modulation, obtains audio volume control sampled data;
6)Sounding.
Preferably, user terminal receives audio signal(Audio communication is received)Flow process:1)To audio volume control hits
According to filtering;2)2ASK is demodulated;3)Judge packet header and mark;4)The correctness of verification data;5)The hash values of packet are calculated, is protected
Deposit standby;6)Decoding data out constitute authentication data packet plus user terminal identification symbol and electronic certificate;7)Encryption certification
Packet simultaneously uploads to certificate server.
Preferably, user terminal sends audio signal(Audio communication is sent)Flow process:1)User terminal receives certification
The response data packet of server;2)Decryption;3)Plus data packet head and the hash for preserving before data, followed by upper verification data
Composition data bag;4)2ASK modulation is carried out to packet, audio volume control sampled data is obtained;5)Sounding.
Preferably, hand-held audio communication device receives audio signal(Audio communication is received)Flow process:
1)Audio volume control sampled data is filtered;2)2ASK is demodulated;3)Judge that packet header is whether correct, hash whether with preservation
Hash consistent;4)The correctness of verification data;5)3DES is decrypted;6)Judge the packet whether effective response number of this certification
According to bag;7)Decoding data bag obtains authentication result of the certificate server to this certification;8)Show authentication result over the display
(Or utilize printer output authentication result).
The flow chart that Fig. 5 shows the method for the generation electronic certificate according to example embodiment of the present invention.Step 501,
Hand-held audio communication device user terminal provides electronic certificate, is provided using sound wave checking and confirms instruction and key;Step 502,
The application of user terminal is instructed by acoustic receiver, and the identifier of the identifier of user terminal, hand-held audio communication device is led to
Cross mobile Internet and be sent to server;Step 503, electronic certificate identity verifying system decrypt the device keyses of provider, really
Recognize provider's identity, while confirming user identity;And step 504, electronic certificate content verifying system is by the electricity of the provider
The identifier of sub- voucher and user terminal is bound, and electronic certificate is generated.
The flow chart that Fig. 6 shows the authentication method according to another example embodiment of the invention.Step 601, user's end
The application at end is updated electronic certificate and sends hand-held audio communication device by server.Step 602, hand-held voice communication set
Standby sound wave checking equipment transmits the hand-held audio communication device identifier and handss of hand-held audio communication device near user terminal
Hold audio communication device key.Step 603, the applying electronic voucher of user terminal receive the hand-held sound of hand-held audio communication device
Frequency communication device identifier and key, and it is sent to server.Step 604, electronic certificate identity verifying system decruption key, really
Recognize hand-held audio communication device identity, user terminal identity.Step 605, electronic certificate content verifying system detect user end
Whether end has corresponding rights and interests in the hand-held audio communication device, and whether electronic certificate content is consistent, is consistent, and electronic certificate is tested
Demonstrate,prove successfully.Step 606, server return data to user terminal application, the application show the change of electronic certificate content.Step
607, successful information is returned to sound wave checking equipment by the application, and sound wave checking equipment confirms to be proved to be successful signal, and prints
Output related data.
Under the teaching presented in description previously and relevant drawings, those of ordinary skill in field according to the present invention
Will be appreciated that many modifications and the other embodiment of the present invention set forth herein.It is, therefore, to be understood that embodiment of the present invention is not
Be limited to particular implementation disclosed herein, and which changes the model that claims are also included in other embodiment
In enclosing.Although additionally, description above and relevant drawings describe the environment of some example combinations in element and/or function
Under illustrative embodiments, it should be understood that the various combination of element and/or function can be provided by alternate embodiment, and
Without departing from scope of the following claims.At this point, for example, as can be illustrated in the following claims, can also set
Want the various combination in addition to above clearly described element and/or function.Although specific terms be employed herein, but it
Only can be used by general and descriptive concept, the purpose being not intended to limit.
Claims (10)
1. a kind of hand-held audio communication device, which is by entering to the electronic certificate of user terminal with the indirect communication of certificate server
Row certification, the hand-held audio communication device include:
Memory element, stores the identifier and the multidate information related to certification of the hand-held audio communication device, described
The multidate information related to certification includes at least one of herein below:The License Info of hand-held audio communication device, hand-held
The status information of audio communication device and the class information of hand-held audio communication device;
Authentication data signal generating unit, the identifier and the dynamic letter related to certification based on the hand-held audio communication device
Breath, generates the first authentication data;
Converting unit, for being converted to the first audio signal by first authentication data;
Speaker, sends first audio signal to user terminal by voice communication channel;And
Wireless communication unit, carries out time synchronized periodically by radio communication and certificate server consistent with the retention time;
Further include, the first audio signal for receiving is converted to the first authentication data by the user terminal, and is based on
First authentication data, the identifier of user terminal and electronic certificate generate the second authentication data, by the second certification number
According to being sent to certificate server.
2. equipment according to claim 1, further includes, the certificate server is according in second authentication data
The first authentication data and user terminal identification symbol being authenticated to electronic certificate, if certification success, by certification success
Message is sent to the user terminal;If authentification failure, authentification failure message is sent to the user terminal.
3. the certification success message or authentification failure are disappeared by equipment according to claim 2, wherein described user terminal
Breath is converted to the second audio signal, and second audio signal is sent to the hand-held audio communication device, the hand-held sound
Second audio signal for receiving is converted to certification success message or authentification failure message by frequency communication equipment, and in handss
Hold, or logical by hand-held audio frequency
The LED of letter equipment indicates that the certification success message or authentification failure message distinguish corresponding state, or utilizes hand-held audio frequency
The speaker of communication equipment exports the certification success message or authentification failure message by sound.
4. equipment according to claim 3, wherein sends first audio signal to use by voice communication channel
Family terminal is specially:First audio signal is encrypted using 3DES algorithms, and the first audio frequency of encryption will be passed through
Signal sends user terminal to by voice communication channel;And/or wherein second audio signal is sent to described hand-held
Audio communication device is specially:Second audio signal is encrypted using 3DES algorithms, and the of encryption will be passed through
Two audio signals are sent to the hand-held audio communication device.
5. equipment as claimed in any of claims 1 to 3, further includes, the hand-held audio communication device root
Current time is encrypted according to AES to generate time encryption factor, the time encryption factor is increased to described
In one authentication data, to guarantee that the time is authenticated by the electronic certificate is consistent.
6. a kind of authentication method, hand-held audio communication device is by the electronics with the indirect communication of certificate server to user terminal
Voucher is authenticated, and methods described includes:
From the memory element of hand-held audio communication device read the hand-held audio communication device identifier and with certification
Related multidate information, the multidate information related to certification include at least one of herein below:Hand-held voice communication
The class information of the License Info of equipment, the status information of hand-held audio communication device and hand-held audio communication device;
Identifier and the multidate information related to certification based on the hand-held audio communication device, generates the first certification number
According to;
For first authentication data is converted to the first audio signal;
First audio signal is sent to user terminal by voice communication channel;And
Time synchronized is carried out periodically by radio communication and certificate server consistent with the retention time;
Wherein, the first audio signal for receiving is converted to the first authentication data by the user terminal, and based on described the
One authentication data, the identifier of user terminal and electronic certificate generate the second authentication data, and second authentication data is sent
Arrive certificate server.
7. method according to claim 6, further includes, the certificate server is according in second authentication data
The first authentication data and user terminal identification symbol being authenticated to electronic certificate, if certification success, by certification success
Message is sent to the user terminal;If authentification failure, authentification failure message is sent to the user terminal.
8. the certification success message or authentification failure are disappeared by method according to claim 7, wherein described user terminal
Breath is converted to the second audio signal, and second audio signal is sent to the hand-held audio communication device, the hand-held sound
Second audio signal for receiving is converted to certification success message or authentification failure message by frequency communication equipment, and in handss
Hold, or logical by hand-held audio frequency
The LED of letter equipment indicates that the certification success message or authentification failure message distinguish corresponding state, or utilizes hand-held audio frequency
The speaker of communication equipment exports the certification success message or authentification failure message by sound.
9. method according to claim 8, wherein sends first audio signal to use by voice communication channel
Family terminal is specially:First audio signal is encrypted using 3DES algorithms, and the first audio frequency of encryption will be passed through
Signal sends user terminal to by voice communication channel;And/or wherein second audio signal is sent to described hand-held
Audio communication device is specially:Second audio signal is encrypted using 3DES algorithms, and the of encryption will be passed through
Two audio signals are sent to the hand-held audio communication device.
10. the method according to any one in claim 6 to 8, further includes, the hand-held audio communication device root
Current time is encrypted according to AES to generate time encryption factor, the time encryption factor is increased to described
In one authentication data, to guarantee that the time is authenticated by the electronic certificate is consistent.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210385749.3A CN103731827B (en) | 2012-10-12 | 2012-10-12 | A kind of hand-held audio communication device and method for electronic certificate authentication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210385749.3A CN103731827B (en) | 2012-10-12 | 2012-10-12 | A kind of hand-held audio communication device and method for electronic certificate authentication |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103731827A CN103731827A (en) | 2014-04-16 |
| CN103731827B true CN103731827B (en) | 2017-03-15 |
Family
ID=50455719
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210385749.3A Active CN103731827B (en) | 2012-10-12 | 2012-10-12 | A kind of hand-held audio communication device and method for electronic certificate authentication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103731827B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106911633B (en) * | 2015-12-22 | 2021-03-23 | 阿里巴巴集团控股有限公司 | Data transmission method and device |
| CN112104781B (en) * | 2019-06-17 | 2021-12-21 | 深圳市同行者科技有限公司 | Method and system for carrying out equipment authorization activation through sound waves |
| CN110769419B (en) * | 2019-10-21 | 2020-09-15 | 南京创维信息技术研究院有限公司 | Voice network distribution method and system for intelligent equipment |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101546401A (en) * | 2008-03-28 | 2009-09-30 | 海尔集团公司 | Electronic payment method and system based on NFC mobile terminal |
| CN101567108A (en) * | 2008-04-24 | 2009-10-28 | 北京爱奥时代信息科技有限公司 | Method and system for payment of NFC mobile phone-POS machine |
| CN101958026A (en) * | 2010-09-15 | 2011-01-26 | 宇龙计算机通信科技(深圳)有限公司 | User authentication module setting method and system |
| CN102299747A (en) * | 2010-06-22 | 2011-12-28 | 上海云途信息技术有限公司 | Device, system and method for performing safe data communication based on sound waves |
| CN203289647U (en) * | 2012-10-12 | 2013-11-13 | 北京微智全景信息技术有限公司 | Handheld audio communication equipment for electronic certificate authentication |
-
2012
- 2012-10-12 CN CN201210385749.3A patent/CN103731827B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101546401A (en) * | 2008-03-28 | 2009-09-30 | 海尔集团公司 | Electronic payment method and system based on NFC mobile terminal |
| CN101567108A (en) * | 2008-04-24 | 2009-10-28 | 北京爱奥时代信息科技有限公司 | Method and system for payment of NFC mobile phone-POS machine |
| CN102299747A (en) * | 2010-06-22 | 2011-12-28 | 上海云途信息技术有限公司 | Device, system and method for performing safe data communication based on sound waves |
| CN101958026A (en) * | 2010-09-15 | 2011-01-26 | 宇龙计算机通信科技(深圳)有限公司 | User authentication module setting method and system |
| CN203289647U (en) * | 2012-10-12 | 2013-11-13 | 北京微智全景信息技术有限公司 | Handheld audio communication equipment for electronic certificate authentication |
Also Published As
| Publication number | Publication date |
|---|---|
| CN103731827A (en) | 2014-04-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103731266B (en) | Method and system for authenticating electronic certificate | |
| CN108270571B (en) | Internet of Things identity authorization system and its method based on block chain | |
| CN105050081B (en) | Method, device and system for connecting network access device to wireless network access point | |
| CN103039035B (en) | Close-distance safety data communication method based on sound wave or audio frequency | |
| CN101662765B (en) | Encryption system and method of short message of mobile telephone | |
| CN101789865B (en) | Dedicated server used for encryption and encryption method | |
| CN101720071B (en) | Short message two-stage encryption transmission and secure storage method based on safety SIM card | |
| US9762567B2 (en) | Wireless communication of a user identifier and encrypted time-sensitive data | |
| US20070257813A1 (en) | Secure network bootstrap of devices in an automatic meter reading network | |
| CN101247407B (en) | Network authentication service system and method | |
| CN112788042B (en) | Method for determining device identifier of Internet of things and device of Internet of things | |
| US20150372813A1 (en) | System and method for generating a random number | |
| CN103095457A (en) | Login and verification method for application program | |
| CN103686589A (en) | Safe check-in method and system facing mobile terminal | |
| WO2012024872A1 (en) | Method, system and related apparatus for encrypting communication in mobile internet | |
| CN102480713A (en) | Method, system and device for communication between sink node and mobile communication network | |
| CN110446177B (en) | Communication method, device and system of Internet of things meter | |
| CN112672342B (en) | Data transmission method, device, equipment, system and storage medium | |
| CN203104783U (en) | Terminal device for authentication of electronic certificate | |
| CN103731828B (en) | A kind of terminal unit and method for electronic certificate authentication | |
| CN101931561A (en) | Remote control network equipment management system and management end and network equipment operation method | |
| KR20180000220A (en) | Method providing secure message service and apparatus therefor | |
| CN103731827B (en) | A kind of hand-held audio communication device and method for electronic certificate authentication | |
| CN203289647U (en) | Handheld audio communication equipment for electronic certificate authentication | |
| JP6447949B1 (en) | Authentication system, authentication server, authentication method, and authentication program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |