CN104486077B - A kind of end-to-end cryptographic key negotiation method of VoIP real time datas safe transmission - Google Patents
A kind of end-to-end cryptographic key negotiation method of VoIP real time datas safe transmission Download PDFInfo
- Publication number
- CN104486077B CN104486077B CN201410669878.4A CN201410669878A CN104486077B CN 104486077 B CN104486077 B CN 104486077B CN 201410669878 A CN201410669878 A CN 201410669878A CN 104486077 B CN104486077 B CN 104486077B
- Authority
- CN
- China
- Prior art keywords
- communication
- key
- server
- encryption
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Abstract
The invention discloses a kind of end-to-end cryptographic key negotiation method suitable for mobile phone terminal VoIP real time data safe transmissions.This method is:1) transmitting the SIP signalings between stage, client and server end in signaling security uses tls protocol to carry out two-way authentication and protection;2) in end-to-end key agreement phase; by the way of two layers is encrypted; in first layer; between communication initiator and server; tls protocol is respectively adopted between server and communication receiver to be protected; in the second layer, the key agreement parameter information of communication initiator and communication receiver are protected respectively using the SM2 public keys of communication initiator and communication receiver.The present invention is protected using two layers of encryption method to key agreement parameter, and carries out two-way authentication and protection to signaling in the signalling stage, substantially increases the security of information transfer.
Description
Technical field
The present invention relates to a kind of end-to-end cryptographic key negotiation method, more particularly to a kind of end of VoIP real time datas safe transmission
To end cryptographic key negotiation method, it is adaptable to which VoIP communicates (Voice over Internet Protocol), belongs to digital network skill
Art field.
Background technology
With developing rapidly for mobile communication technology, intelligent mobile phone terminal is widely applied, operation thereon each
Application is planted, such as VoIP voice communications and instant messaging, the Working Life given people bring great convenience.In April, 2013,
Microsoft announces that Skype Global Subscriber adds up the time exchanged using Skype with other people up to 2,000,000,000 minutes daily, already takes up
The internal long distance call share of global a quarter.VoIP general principle is that speech data is compiled using voice compression algorithm
Code is compressed processing, then is transmitted by TCP/IP standard bag forms, and packet is delivered to destination by IP network, receives
Side strings together these VoPs, by decompression processing, reverts to original voice signal.
VoIP is greatly enriched the life of people, reduces rate, but VoIP is due to using IP as transmission medium,
Some safety defects of natural presence, such as it cannot be guaranteed that privacy and communication security of user.Therefore, the number transmitted for VoIP
Turn into urgent problem according to protection is encrypted.
Safety and enciphering and deciphering algorithm based on PKI systems are one of preferable safety approach generally acknowledged at present.Current
Traditional method is encrypted using RSA public keys, to protect the safety of session key.But " Snowdon event " takes off to us
Show the world cryptographic algorithm be not it is safe and reliable, the information protected using international cryptography algorithm be likely to by
The monitoring and monitoring of foreign countries' tissue.
Session initiation protocol (Session Initial Protocol, SIP) be core protocol in next generation network it
One, it is widely used in controlling the voice and video call on multimedia communication sessions, such as IP network.SIP is for creating, changing, end
The session being only made up of one or more Media Streams, and two sides can be used for or multi-party conversation (to be referred on SIP:
Rosenberg J, Schulzrinne H, Camanilo G.SIP:Session initiation protocol.Internet
RFC 3261,2002)。
Chinese patent (number of patent application CN201010111260.8) discloses a kind of end-to-end session cipher negotiating method
And system, in the network architecture separated for identity with position.This method includes:When the first access node receives first
During the call encryption request that user terminal is initiated, the identity mark of the second user terminal carried in being asked using the call encryption
Know, inquire about the Route Distinguisher and effective public key of the second access node;First access node generates end-to-end session key,
And the end-to-end session key is sent to first user terminal, and using the effective public key inquired by the end pair
Second access node is sent to after the session key of end;Second access node utilizes the effective public key correspondence
Private key decrypt and obtain the end-to-end session key, and it is whole that the end-to-end session key is sent into the second user
End.
Chinese patent CN201010243957.0 discloses a kind of Weak authentication and cryptographic key negotiation method based on symmetric cryptography,
Comprise the following steps:1) the preset long-term shared secret key k between any two apparatus for network node A and B;2) in node A and B
It is upper that a clock is each set;3) built-in encryption algorithm E and hash function H (x) between node A and B point;4) node A and B it
Between set up certification and session key, method is:Node A sends the ciphertext and A of encrypted algorithm E and long-term shared secret key k encryptions
Relevant information give node B, node A session keys;Node B is using decipherment algorithm and long-term shared secret key k to ciphertext solution
Close, node B is compareed the information after decryption with node A relevant information, if information is legal, certification passes through, then node A
Session key is shared between B;Session key is hash function H (x).
Chinese patent CN200410030855.5 discloses a kind of cryptographic key distribution method of end-to-end encrypted communication, each
User terminal and KDC are stored with respectively corresponds to user's private data of user, and this method includes:VoIP server
After the setup requests for receiving calling terminal, sent to KDC and obtain key request;KDC receives
After request, caller encryption key characteristic and called encryption key characteristic are produced respectively, and produced encryption is close
Key characteristic returns to VoIP server;VoIP server distinguishes resulting caller and called encryption key characteristic
It is sent to calling terminal and terminal called;Calling terminal and terminal called pass through currently available encryption key characteristic respectively
The encryption communication key of this calling is produced with user's private data of itself storage, and passes through produced encryption communication key
Carry out the encryption voice call of both sides.This method can realize the key distribution of high security in port-to-port encryption communication system.
Chinese patent (number of patent application:N201110390564.7) disclose a kind of based on the close of SM2 IKEs
Key machinery of consultation, it is characterised in that including:Determine the value of elliptic curve parameter rank n used in this key agreement;Calculate
During the rank n≤2x, X minimum positive integer value, and the minimum positive integer value acquisition parameter W of the X based on acquisition value;It is based on
The value of the parameter W carries out key agreement with consulting opposite end.
The scheme that existing patent is proposed is not particularly suited for the safeguard protection of VoIP data transmission.In the signalling stage, only
Tls protocol is employed to be protected, but the content of transmission is visible for server.
The content of the invention
The invention provides a kind of suitable for mobile phone terminal VoIP secure voices, the end-to-end key agreement side of video communication
Method, is protected to ensure the security of key agreement using two layers of encryption method of TLS and SM2 public keys to key agreement parameter.
The present invention uses following technical scheme:
It is a kind of be used for VoIP secure voices, the cryptographic key negotiation method of video, including:
(1) the signaling security transmission stage
The transmission of signaling is protected using tls protocol.The RSA public keys of other side are preserved at client and server end, visitor
SIP signalings between family end and server end carry out two-way authentication and protection using tls protocol.
(2) end-to-end key agreement phase
This stage using two layers encrypt by the way of, between first layer, communication initiator and server, server and communication
Tls protocol is respectively adopted between recipient to be protected, in the second layer, the key agreement ginseng of communication initiator and communication receiver
Number information is protected respectively using the SM2 public keys of communication initiator and communication receiver.Communication initiator and communication receiver
All preserve the SM2 public keys of other side.Communication initiator, communication receiver and server all preserve other side RSA public keys (on
Rsa encryption method, the content such as SM2 encryption methods and digital signature is referred to:R.L.Rivest,A.Shamir,and
L.Adleman.A method for obtaining digital signatures and public-key
Cryptosystems.Communications of the ACM, 21 (2):120-126,1978;SM2 curve public keys are close
The national Password Management offices of code algorithm, in December, 2010).
Communication initiator is carried for voice and video communication in the communication request message (INVITE message) of transmission
When used session key parameter SK1.Communication initiator first by communication receiver SM2 public keys to session key parameter
SK1 is encrypted, and is signed using the SK1 after the SM2 private key pair encryptions of oneself, then by the combination of this two parts one
Rise, form packet.Initiator is using the encryption keys packet of the TLS passages between server, the number after encryption
Signed according to bag using the RSA private keys of communication initiator.Packet after encryption and signature is sent to server by initiator,
Data between initiator and server are protected using tls protocol.
Server is received after the packet of communication initiator's transmission, and signing messages is isolated first, is initiated using communication
The RSA public keys of side are verified to signature.After being verified, server uses the encryption key decryption packet of TLS passages, it
The key with the TLS passages of communication receiver is used to be encrypted the packet of decryption again afterwards, and it is private using the RSA of server
Communication receiver is sent to after key signature.Communication receiver is received after the communication data of server transmission, and label are isolated first
Name, is verified using the RSA public keys of server to signature.After being verified, communication receiver is close using the encryption of TLS passages
Key decrypted data packet.In the data of communication receiver after decryption, the signing messages of communication initiator is isolated, and use communication
The SM2 public keys of initiator are verified to signature, after being verified, and use recipient's to the data that communication initiator encrypts
SM2 private keys are decrypted, and obtain session key parameter SK1.
Communication receiver is carried for voice and video communication when institute in the response message for answering the INVITE message
The session key parameter SK2 used.Communication receiver first by communication initiator SM2 public keys to session key parameter SK2
It is encrypted, and is signed using the SK2 after the SM2 private key pair encryptions of oneself, is then combined this two parts, shape
Into packet, the encryption key for reusing the TLS passages between server is encrypted, and the packet after encryption is connect using communication
The RSA private keys of debit are signed.Packet after encryption and signature is sent to server by communication receiver.Communication receiver
XOR is carried out to SK1 and SK2, this session key SK is generated.
Server is received after the packet of communication receiver's transmission, and signing messages is isolated first, communications reception is used
The RSA public keys of side are verified to signature.After being verified, server uses the encryption key decryption packet in TLS passages.
Then the TLS channel keys between communication initiator are used to be encrypted the data after decryption, and it is private using the RSA of server
Key is signed.Packet after encryption and signature is sent to communication initiator by server.
Communication initiator is received after the communication data of server transmission, and signature is isolated first, the RSA of server is used
Public key is verified to signature.After being verified, communication initiator uses the encryption key decryption data with server TLS passages
Bag.In the data of communication initiator after decryption, the signing messages of communication receiver is isolated, and use communication receiver's
SM2 public keys are verified to signature.After being verified, communication initiator decrypts the data after encryption using the SM2 private keys of oneself,
Obtain session key parameter SK2.Communication initiator carries out XOR to SK1 and SK2, generates this session key SK.
(3) the Security Data Transmission stage.
In communication process, communication initiator is protected using SRTP agreements to data, and session key is second stage
The SK of negotiation, AES uses the close SM4 algorithms of state.Communication initiator is signed to the packet after encryption using SM2 algorithms
Name is simultaneously sent.Communication receiver is received after packet, and signature is isolated first, using communication initiator public key to sign into
Row checking, dialog context is decrypted after being verified using session key SK.
Compared with prior art, the positive effect of the present invention is:
The present invention is protected using two layers of encryption method to key agreement parameter, and in the signalling stage to signaling
Two-way authentication and protection are carried out, the security of information transfer is substantially increased.
Brief description of the drawings
Fig. 1 is the Principle of Communication figure that the stage is transmitted in signaling security of the present invention;
Fig. 2 is that key agreement phase initiator message of the present invention sends schematic diagram;
Fig. 3 is that key agreement phase recipient message of the present invention sends schematic diagram;
Fig. 4 is Security Data Transmission stage schematic diagram of the present invention.
Embodiment
The present invention is described more fully below in conjunction with the accompanying drawings:
The present invention is a kind of end-to-end cryptographic key negotiation method for mobile phone terminal VoIP real time data safe transmissions, including
Two stages:Stage and key agreement phase are transmitted in signaling security, and the first stage is protected using tls protocol, second stage
Use two layers of encryption method of tls protocol and SM2 public keys.
As shown in figure 1, transmitting the stage in signaling security, transmitted the stage in voip signaling, client and server end is preserved
There are the RSA public keys of other side.SIP signalings between client and server end carry out two-way authentication and protection using tls protocol.It is logical
When letter is initiated, client is protected using tls protocol to Content of Communication, and is utilized after the RSA private key pair encryptions of client
Content of Communication is signed.
After the data that received server-side is sent to client, signature is isolated first, and utilize the RSA public keys of client
Signature is verified, after being verified, server end uses the encryption key decryption packet of TLS passages.Server will be solved
Packet after close is protected using tls protocol, and uses RSA private key signatures.
In end-to-end key agreement phase, by the way of two layers is encrypted.Between communication initiator and server, service
Tls protocol is respectively adopted between device and communication receiver to be protected.Key parameter information to negotiation uses communication initiator
Protected respectively with the SM2 public keys of communication receiver.The SM2 that communication initiator and communication receiver preserve other side is public
Key.Communication initiator, communication receiver and server all preserve the RSA public keys of other side.
Communication initiator is carried for voice and video communication in the communication request message (INVITE message) of transmission
When used session key parameter SK1.Communication initiator first by communication receiver SM2 public keys to session key parameter
SK1 is encrypted, and is signed using the SK1 after the SM2 private key pair encryptions of oneself, then by the combination of this two parts one
Rise, form packet.Initiator is using the encryption keys packet of the TLS passages between server, the data after encryption
Bag is signed using the RSA private keys of communication initiator.Packet after encryption and signature is sent to server by initiator, hair
The passage risen between side and server is protected using tls protocol.
Server is received after the packet of communication initiator's transmission, and signing messages is isolated first, is initiated using communication
The RSA public keys of side are verified to signature.After being verified, server uses the encryption key decryption packet of TLS passages, so
Use the TLS channel keys between communication receiver to be encrypted the data after decryption afterwards, and use the RSA private keys of server
Signed.Packet after encryption and signature is sent to communication initiator by server.
As shown in Fig. 2 communication receiver is received after the communication data of server transmission, signature is isolated first, is used
The RSA public keys of server are verified to signature.After being verified, communication receiver uses the encryption key decryption of TLS passages
Packet.In the data of communication receiver after decryption, the signing messages of communication initiator is isolated, and uses communication initiator
SM2 public keys to signature verify, after being verified, to communication initiator encrypt data use recipient SM2 private keys
It is decrypted, obtains session key parameter SK1.
Communication receiver is carried for voice and video communication when institute in the response message for answering the INVITE message
The session key parameter SK2 used.Communication receiver first by communication initiator SM2 public keys to session key parameter SK2
It is encrypted, and is signed using the SK2 after the SM2 private key pair encryptions of oneself, is then combined this two parts, shape
Into packet, the encryption key for reusing the TLS passages between server is encrypted, and the packet after encryption is connect using communication
The RSA private keys of debit are signed.Packet after encryption and signature is sent to server by communication receiver.Communication receiver
XOR is carried out to SK1 and SK2, this session key SK is generated.
Server is received after the packet of communication receiver's transmission, and signing messages is isolated first, communications reception is used
The RSA public keys of side are verified to signature.After being verified, server uses close with encryption in communication receiver's TLS passages
Key decrypted data packet.Then the data after decryption are protected using the TLS passages of server and communication initiator, and used
The RSA private keys of server are signed.Packet after encryption and signature is sent to communication initiator by server.
As shown in figure 3, communication initiator is received after the communication data of server transmission, signature is isolated first, is used
The RSA public keys of server are verified to signature.After being verified, communication initiator uses the encryption key decryption of TLS passages
Packet.In the data of communication initiator after decryption, the signing messages of communication receiver is isolated, and uses communication receiver
SM2 public keys to signature verify.After being verified, communication initiator uses the number after the SM2 private keys decryption encryption of oneself
According to obtaining session key parameter SK2.Communication initiator carries out XOR to SK1 and SK2, generates this session key SK.
As shown in figure 4, in the Security Data Transmission stage, in communication process, communication initiator is using SRTP agreements to logical
Letter voice or video are encrypted, and session key is SK, and AES uses the close SM4 algorithms of state.After communication initiator is to encryption
Packet signed and sent using SM2 algorithms.Communication receiver is received after packet, and signature is isolated first, is made
Signature is verified with the public key of communication initiator, dialog context is decrypted using session key SK after being verified.
Claims (4)
1. a kind of end-to-end cryptographic key negotiation method of VoIP real time datas safe transmission, its step is:
1) signaling security transmission the stage, communication party generation signaling data simultaneously protected using tls protocol, then using oneself
Encryption data and signature are sent to server by the data after RSA private key pair encryptions after being signed;The server by utilizing communication
The RSA public keys of side are verified to signature, with the encryption key decryption of the TLS passages encryption data after being verified, are somebody's turn to do
The signaling data of communication party;
2) communication request message of generation is sent to server by key agreement phase, communication initiator;The communication request disappears
The generation method of breath is:Communication initiator generates session key parameter SK1, and it is encrypted with the SM2 public keys of communication receiver,
Then signed with the SK1 after the SM2 private key pair encryptions of oneself, then by the SK1 after encryption and signature generation packet, then
The packet is encrypted using the encryption key of TLS passages, and signed using the RSA private keys of oneself, will finally be added
Packet and signed data after close generate the communication request message;
3) the RSA public keys of the server by utilizing communication initiator are verified to the signature in the communication request message, and checking is logical
Later, server uses the encryption key decryption packet of the TLS passages between communication initiator, afterwards again by the number of decryption
It is encrypted according to bag using the encryption key with the TLS passages of communication receiver, and uses hair after the RSA private key signatures of server
Give communication receiver;
4) communication receiver is verified using the RSA public keys of server to receiving the signature in data, after being verified, is used
Encryption data in the encryption key decryption packet of TLS passages;Then with the SM2 public keys of communication initiator to communication initiator
Signature verified, after being verified, to communication initiator encrypt data solved using the SM2 private keys of communication receiver
It is close, obtain session key parameter SK1;
5) communication receiver generates response message and is sent to server;The generation method of the response message is:Communications reception
Side firstly generate a session key parameter SK2 and it be encrypted with the SM2 public keys of communication initiator, then with oneself
SK2 after SM2 private key pair encryptions is signed, and the SK2 and signature after encryption then are formed into packet, reused and server
Between TLS passages encryption keys packet, and the packet after encryption is entered using the RSA private keys of communication receiver
Row signature, finally generates the response message by encryption data and signed data;Communication receiver generates this according to SK1 and SK2
Secondary session key SK;
6) server is verified using the RSA public keys of communication receiver to the signature in the response message, after being verified, is made
With the encryption key decryption packet of TLS passages, then the data after decryption are led to using the TLS of server and communication initiator
Road is protected, and the data after protection are signed using the RSA private keys of server, after encryption data and signature combination
It is sent to the communication initiator;
7) communication initiator is verified with the RSA public keys of server to receiving the signature in data, after being verified, is used
Encryption data in the encryption key decryption packet of TLS passages, then with the SM2 public keys of communication receiver to the label after decryption
Name is verified, after being verified, and using the data after the SM2 private keys decryption encryption of oneself, is obtained
Session key parameter SK2;Communication initiator generates this session key SK according to SK1 and SK2;
Wherein, Key Management server is that each communication party distributes two group keys pair:RSA key pair and SM2 keys pair;Communication hair
Play side and communication receiver preserve the public key of the key pair of other side two respectively, and server RSA public keys;Server is preserved
The RSA public keys of each communication party.
2. the method as described in claim 1, it is characterised in that the communication initiator is locally different to SK1 and SK2 progress
Or, generate this session key SK;The communication receiver is locally carrying out XOR to SK1 and SK2, generates this session key
SK。
3. method as claimed in claim 1 or 2, it is characterised in that in the Security Data Transmission stage, communication initiator uses
SRTP agreements are protected to communication speech or video, and session key is SK, then use SM2 algorithms to the packet after encryption
Signed and sent;Communication receiver is received after packet, and signature is isolated first, public using the SM2 of communication initiator
Key is verified to signature, and dialog context is decrypted using session key SK after being verified.
4. method as claimed in claim 1 or 2, it is characterised in that the key agreement between communication initiator and communication receiver
Data are authenticated and protected using SM2 public keys.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410669878.4A CN104486077B (en) | 2014-11-20 | 2014-11-20 | A kind of end-to-end cryptographic key negotiation method of VoIP real time datas safe transmission |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410669878.4A CN104486077B (en) | 2014-11-20 | 2014-11-20 | A kind of end-to-end cryptographic key negotiation method of VoIP real time datas safe transmission |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104486077A CN104486077A (en) | 2015-04-01 |
| CN104486077B true CN104486077B (en) | 2017-09-15 |
Family
ID=52760585
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410669878.4A Expired - Fee Related CN104486077B (en) | 2014-11-20 | 2014-11-20 | A kind of end-to-end cryptographic key negotiation method of VoIP real time datas safe transmission |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104486077B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107846567A (en) * | 2017-11-02 | 2018-03-27 | 苏州科达科技股份有限公司 | A kind of SRTP capability negotiations method and conference terminal |
| CN109302412A (en) * | 2018-11-06 | 2019-02-01 | 晋商博创(北京)科技有限公司 | VoIP communication processing method, terminal, server and storage medium based on CPK |
Families Citing this family (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2017035725A1 (en) * | 2015-08-31 | 2017-03-09 | 林建华 | Communication method for electronic communication system in open environment |
| CN106549906A (en) * | 2015-09-17 | 2017-03-29 | 中兴通讯股份有限公司 | Realize method, terminal and the network side element of end-to-end call encryption |
| CN105743896B (en) * | 2016-02-01 | 2019-03-22 | 成都三零瑞通移动通信有限公司 | A kind of transmission method of enciphoring voice telecommunication key agreement data exchange |
| CN106060807A (en) * | 2016-05-24 | 2016-10-26 | 中国科学院信息工程研究所 | Message transmission method applicable to circuit domain encrypted communication |
| CN106534183A (en) * | 2016-12-12 | 2017-03-22 | 中国航天系统工程有限公司 | SM2/SM3/SM4 hybrid encryption method aiming at remote measurement and control terminal system |
| CN106603231B (en) * | 2017-01-20 | 2019-08-23 | 武汉理工大学 | Based on the distributed SM2 digital signature generation method and system for going secretization |
| CN107508842A (en) * | 2017-09-30 | 2017-12-22 | 中城智慧科技有限公司 | A kind of intelligent electric meter control module and method based on CCKS |
| CN107547570B (en) * | 2017-09-30 | 2023-12-05 | 国信优易数据股份有限公司 | Data security service platform and data security transmission method |
| CN109768948A (en) * | 2017-11-10 | 2019-05-17 | 中国电信股份有限公司 | Information push method, system and messaging device |
| CN107995210A (en) * | 2017-12-19 | 2018-05-04 | 芯盾(北京)信息技术有限公司 | The voice encryption communication means that key and ciphertext are transmitted by different domain transmissions |
| CN108040071B (en) * | 2017-12-30 | 2023-02-17 | 深圳市潮流网络技术有限公司 | Dynamic switching method for VoIP audio and video encryption key |
| CN110858835B (en) * | 2018-08-24 | 2022-02-18 | 中国电信股份有限公司 | Communication method, system and related device and computer readable storage medium |
| CN111050321B (en) * | 2018-10-12 | 2023-05-16 | 中兴通讯股份有限公司 | Data processing method, device and storage medium |
| EP3767909A1 (en) * | 2019-07-17 | 2021-01-20 | Siemens Mobility GmbH | Method and communication unit for cryptographically protected unidirectional data transmission of useful data between two networks |
| CN111083164A (en) * | 2019-12-30 | 2020-04-28 | 宁波和利时信息安全研究院有限公司 | Safety protection method of industrial control system and related equipment |
| CN112039657B (en) * | 2020-07-20 | 2021-05-25 | 北京邮电大学 | Method, device, equipment and storage medium for generating key |
| CN112422530B (en) * | 2020-11-04 | 2023-05-30 | 无锡沐创集成电路设计有限公司 | Key security protection method and password device for server in TLS handshake process |
| CN113630248B (en) * | 2021-09-15 | 2024-01-30 | 深圳市国信量子科技有限公司 | Session key negotiation method |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101340443A (en) * | 2008-08-28 | 2009-01-07 | 中国电信股份有限公司 | Session key negotiating method, system and server in communication network |
| CN101459506A (en) * | 2007-12-14 | 2009-06-17 | 华为技术有限公司 | Cipher key negotiation method, system, customer terminal and server for cipher key negotiation |
| CN101729536A (en) * | 2009-06-29 | 2010-06-09 | 中兴通讯股份有限公司 | Method and system for transmitting delayed media information of IP multimedia subsystem |
| CN101790160A (en) * | 2009-01-23 | 2010-07-28 | 中兴通讯股份有限公司 | Method and device for safely consulting session key |
| CN102595403A (en) * | 2011-01-14 | 2012-07-18 | 中兴通讯股份有限公司 | Authentication method and authentication device for relay node binding |
| CN103036872A (en) * | 2012-11-19 | 2013-04-10 | 华为技术有限公司 | Method, equipment and system for encryption and decryption of data transmission |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| DE102005026982A1 (en) * | 2005-06-10 | 2006-12-14 | Siemens Ag | Method for agreeing a security key between at least one first and a second communication subscriber for securing a communication connection |
-
2014
- 2014-11-20 CN CN201410669878.4A patent/CN104486077B/en not_active Expired - Fee Related
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101459506A (en) * | 2007-12-14 | 2009-06-17 | 华为技术有限公司 | Cipher key negotiation method, system, customer terminal and server for cipher key negotiation |
| CN101340443A (en) * | 2008-08-28 | 2009-01-07 | 中国电信股份有限公司 | Session key negotiating method, system and server in communication network |
| CN101790160A (en) * | 2009-01-23 | 2010-07-28 | 中兴通讯股份有限公司 | Method and device for safely consulting session key |
| CN101729536A (en) * | 2009-06-29 | 2010-06-09 | 中兴通讯股份有限公司 | Method and system for transmitting delayed media information of IP multimedia subsystem |
| CN102595403A (en) * | 2011-01-14 | 2012-07-18 | 中兴通讯股份有限公司 | Authentication method and authentication device for relay node binding |
| CN103036872A (en) * | 2012-11-19 | 2013-04-10 | 华为技术有限公司 | Method, equipment and system for encryption and decryption of data transmission |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107846567A (en) * | 2017-11-02 | 2018-03-27 | 苏州科达科技股份有限公司 | A kind of SRTP capability negotiations method and conference terminal |
| CN109302412A (en) * | 2018-11-06 | 2019-02-01 | 晋商博创(北京)科技有限公司 | VoIP communication processing method, terminal, server and storage medium based on CPK |
| CN109302412B (en) * | 2018-11-06 | 2021-09-21 | 晋商博创(北京)科技有限公司 | VoIP communication processing method based on CPK, terminal, server and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104486077A (en) | 2015-04-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104486077B (en) | A kind of end-to-end cryptographic key negotiation method of VoIP real time datas safe transmission | |
| CN107947913B (en) | Anonymous authentication method and system based on identity | |
| CN104618110B (en) | A kind of VoIP security conferences session key transmission method | |
| CN104219051B (en) | The communication means and system of a kind of inner group message | |
| CN103354498B (en) | A kind of file encryption transmission method of identity-based | |
| CN102547688B (en) | Virtual-dedicated-channel-based establishment method for high-credibility mobile security communication channel | |
| CN104683304B (en) | A kind of processing method of secure traffic, equipment and system | |
| CN103458400B (en) | A kind of key management method in voice encryption communication system | |
| CN103974241A (en) | Voice end-to-end encryption method aiming at mobile terminal with Android system | |
| WO2011017099A3 (en) | Secure communication using asymmetric cryptography and light-weight certificates | |
| CN104821944A (en) | Hybrid encrypted network data security method and system | |
| CN107342977A (en) | Suitable for the information security method of point-to-point instant messaging | |
| CN104901935A (en) | Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem) | |
| Wang et al. | A dependable privacy protection for end-to-end VoIP via Elliptic-Curve Diffie-Hellman and dynamic key changes | |
| CN105792193A (en) | End-to-end voice encryption method of mobile terminal based on iOS operating system | |
| CN105323070A (en) | Method for realizing security electronic mail based on digital envelope | |
| CN106936788A (en) | A kind of cryptographic key distribution method suitable for VOIP voice encryptions | |
| CN101958907A (en) | Method, system and device for transmitting key | |
| CN101277513B (en) | Method for ciphering wireless mobile terminal communication | |
| CN106549858B (en) | Instant messaging encryption method based on identification password | |
| CN105530100A (en) | VoLTE secure communication method | |
| CN101277512A (en) | Method for ciphering wireless mobile terminal communication | |
| TW201537937A (en) | Unified identity authentication platform and authentication method thereof | |
| CN101790160A (en) | Method and device for safely consulting session key | |
| WO2016082401A1 (en) | Conversation method and apparatus, user terminal and computer storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20170915 Termination date: 20211120 |