CN104935433A

CN104935433A - Secret key-hopping method during communication process, communication device and communication system

Info

Publication number: CN104935433A
Application number: CN201510111952.5A
Authority: CN
Inventors: 李东声
Original assignee: Tendyron Technology Co Ltd
Current assignee: Tendyron Technology Co Ltd
Priority date: 2015-03-13
Filing date: 2015-03-13
Publication date: 2015-09-23
Anticipated expiration: 2035-03-13
Also published as: CN104935433B

Abstract

The present invention provides a secret key-hopping method during a communication process, a communication device and a communication system. The method comprises the steps of hopping a current used transmission secret key into a new transmission secret key according to a preset hopping rule during the process that a communication terminal is communicated with a communication opposite terminal, and when the communication terminal satisfies a preset hopping trigger rule, and utilizing the new transmission secret key to encrypt or decrypt the communication data of the communication opposite terminal. According to the present invention, the new transmission secret key can be utilized to encrypt or decrypt the communication data, thereby overcoming the abuse of using the single and invariable transmission secret key to encrypt or decrypt, solving the problem that the communication data transmitted by the communication two parties is stolen maliciously once the single transmission secret key is decrypted, and guaranteeing the communication information safety of the communication two parties.

Description

The method of key saltus step in a kind of communication process, communication device and communication system

Technical field

The present invention relates to a kind of electronic technology field, particularly relate to the method for key saltus step in a kind of communication process, communication device and communication system.

Background technology

At present, under existing communication system, communication two party is in the process of carrying out normal communication, and communication line likely can maliciously be monitored, and communication data can maliciously be stolen, the communication information of communication two party cannot be protected safely, therefore, in order to avoid the communication data in communication process is stolen by malice monitoring, usual communication two party can consult a transmission security key, utilize this transmission security key to be encrypted the communication data in communication process or to decipher, thus ensure the fail safe of communication data.But, although prior art has carried out encryption to communication data, but transmission security key is single and immobilize, as long as can obtain the message of sufficient amount and carry out Brute Force to key, it is still relatively easy to break through its (transmission security key).Therefore, once this single transmission security key is cracked, so, just there is very large potential safety hazard to the mechanism that communication data is encrypted in the transmission security key utilizing this single.

Summary of the invention

The present invention be intended to solve adopt single transmission security key cannot ensure the mechanism that communication data is encrypted the problem of the communication information safety of communication two party/one of.

Main purpose of the present invention is to provide the method for key saltus step in a kind of communication process, communication device and communication system.

For achieving the above object, technical scheme of the present invention is specifically achieved in that

According to an aspect of the present invention, provide the method for key saltus step in a kind of communication process, comprising:

Communicating terminal is carrying out in the process of communication with communication opposite end, communicating terminal is when meeting the saltus step triggering rule preset, the transmission security key saltus step of current use is new transmission security key by the saltus step rule according to presetting, and utilizes the communication data of new transmission security key pair and communication opposite end to be encrypted or to decipher.

In addition, before meeting the saltus step triggering rule preset, or, after meeting the saltus step triggering rule preset, according to preset according to the saltus step rule preset the transmission security key saltus step of current use is new transmission security key before, method also comprises:

Escape way is set up in communicating terminal and communication opposite end, and consults to generate and the public initial transmission security key in communication opposite end, utilizes the communication data of initial transmission security key pair and communication opposite end to be encrypted or to decipher.

In addition, public initial transmission security key comprises one or more.

In addition, after consulting to generate the initial transmission security key public with communication opposite end, method also comprises: multiple public initial transmission security key is formed common transmission cipher key list, for multiple public initial transmission security key distributes key identification.

In addition, meet the saltus step triggering rule preset comprise following one of at least:

Reach saltus step triggers;

Get key jump instruction.

In addition, saltus step triggers, comprise following one of at least:

Hop period, bound-time point, communication number, communication data amount and random factor.

In addition, when saltus step triggers comprises random factor, at communicating terminal before meeting the saltus step triggering rule preset, method also comprises:

Obtain random factor.

In addition, key jump instruction comprise following one of at least: the key jump instruction that communication opposite end sends, the key jump instruction of input and the key jump instruction generated according to preset rules.

In addition, the transmission security key saltus step of current use is new transmission security key by the saltus step rule according to presetting, and to comprise with under type one of at least:

Communicating terminal utilizes the transmission security key of current use and operational factor to calculate according to the algorithm preset by iterative manner, generates new transmission security key;

Communicating terminal utilizes initial transmission security key and operational factor to calculate according to the algorithm preset, and generates new transmission security key;

The operational factor that communicating terminal utilizes self to generate and the operational factor got from communication opposite end calculate according to the algorithm preset, and generate new transmission security key.

Communicating terminal order or backward from common transmission cipher key list select the next transmission security key of the transmission security key of current use as new transmission security key successively;

Communicating terminal selects new transmission security key at random from common transmission cipher key list, and the key identification of new transmission security key is sent to communication opposite end;

Communicating terminal receives the key identification of the new transmission security key that communication opposite end sends, and the transmission security key selecting key identification corresponding in common transmission cipher key list;

Communicating terminal utilizes operational factor to calculate according to the algorithm preset the key identification made new advances, and in common transmission cipher key list, find transmission security key that new key identification is corresponding as new transmission security key.

In addition, communicating terminal utilizes operational factor to calculate according to the algorithm preset the key identification made new advances, and comprising:

Communicating terminal utilizes key identification corresponding to the transmission security key of current use and operational factor to calculate according to the algorithm preset by iterative manner, generates new key identification;

Communicating terminal utilizes key identification corresponding to initial transmission security key and operational factor to calculate according to the algorithm preset, and generates new key identification;

The operational factor that communicating terminal utilizes self to generate and the operational factor got from communication opposite end calculate according to the algorithm preset, and generate new key identification.

In addition, operational factor comprises: saltus step triggers.

According to an aspect of the present invention, provide a kind of communication device, comprising:

Communication module, for carrying out communication with opposite end communication device, also for transmitting the communication data after encryption;

Key saltus step module, for carrying out in the process of communication with opposite end communication device, when meeting the saltus step triggering rule preset, the transmission security key saltus step of current use is new transmission security key by the saltus step rule according to presetting;

Encryption Decryption module, to be encrypted communication data for utilizing new transmission security key or to decipher.

In addition, also comprise:

Key production module, for before meeting the saltus step triggering rule preset, or, after meeting the saltus step triggering rule preset, according to preset according to the saltus step rule preset the transmission security key saltus step of current use is new transmission security key before, set up escape way with opposite end communication device, and consult to generate the initial transmission security key public with opposite end communication device;

Encryption Decryption module, also for utilizing the communication data of initial transmission security key pair and opposite end communication device to be encrypted or to decipher.

In addition, public initial transmission security key comprises one or more.

In addition, key production module, also for after consulting to generate the initial transmission security key public with opposite end communication device, multiple public initial transmission security key is formed common transmission cipher key list, for multiple public initial transmission security key distributes key identification.

Reach saltus step triggers;

Get key jump instruction.

In addition, saltus step triggers, comprise following one of at least:

In addition, key saltus step module, also for when saltus step triggers comprises random factor, at communicating terminal before meeting the saltus step triggering rule preset, obtains random factor.

In addition, key jump instruction comprise following one of at least: the key jump instruction that opposite end communication device sends, the key jump instruction of input and the key jump instruction generated according to preset rules.

In addition, key saltus step module, for being new transmission security key according to the saltus step rule preset by the transmission security key saltus step of current use, comprise following one of at least:

Utilize the transmission security key of current use and operational factor to calculate according to the algorithm preset by iterative manner, generate new transmission security key;

Utilize initial transmission security key and operational factor to calculate according to the algorithm preset, generate new transmission security key;

The operational factor utilizing self to generate and the operational factor got from opposite end communication device calculate according to the algorithm preset, and generate new transmission security key.

From common transmission cipher key list, order or backward select the next transmission security key of the transmission security key of current use as new transmission security key successively;

From common transmission cipher key list, select new transmission security key at random, and the key identification of new transmission security key is sent to opposite end communication device;

Receive the key identification of the new transmission security key that opposite end communication device sends, and the transmission security key selecting key identification corresponding in common transmission cipher key list;

Utilize operational factor to calculate according to the algorithm preset the key identification made new advances, and in common transmission cipher key list, find transmission security key that new key identification is corresponding as new transmission security key;

In addition, key saltus step module, for utilizing operational factor to calculate according to the algorithm preset the key identification made new advances, comprising:

Utilize key identification corresponding to the transmission security key of current use and operational factor to calculate according to the algorithm preset by iterative manner, generate new key identification;

Utilize key identification corresponding to initial transmission security key and operational factor to calculate according to the algorithm preset, generate new key identification;

The operational factor utilizing self to generate and the operational factor got from opposite end communication device calculate according to the algorithm preset, and generate new key identification.

In addition, operational factor comprises: saltus step triggers.

According to an aspect of the present invention, provide a kind of communication system, comprise first terminal and the second terminal;

First terminal comprises communication device as above;

Second terminal comprises communication device as above.

Compared with prior art, the method of key saltus step in communication process provided by the invention, communication device and communication system, can when meeting the saltus step triggering rule preset, carry out key saltus step, thus utilize new transmission security key be encrypted communication data or decipher, overcome the drawback adopting single constant transmission security key encryption and decryption, solve once single transmission security key is cracked, then the communication data of communication two party transmission by the problem maliciously stolen, can ensure that the safety of the communication information of communication two party.

Accompanying drawing explanation

In order to be illustrated more clearly in the technical scheme of the embodiment of the present invention, below the accompanying drawing used required in describing embodiment is briefly described, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawings can also be obtained according to these accompanying drawings.

The method flow diagram of key saltus step in a kind of communication process that Fig. 1 provides for the embodiment of the present invention 1;

The iterative manner that utilizes that Fig. 2 provides for the embodiment of the present invention 1 calculates the schematic diagram generating new transmission security key;

The transmission security key that the utilization that Fig. 3 provides for the embodiment of the present invention 1 is initial and operational factor calculate the schematic diagram of new transmission security key;

The flow chart of key saltus step is carried out when carrying out data interaction between a kind of terminal that Fig. 4 provides for the embodiment of the present invention 2 and terminal;

The flow chart of key saltus step is carried out when carrying out data interaction between the another kind of terminal that Fig. 5 provides for the embodiment of the present invention 2 and terminal;

The flow chart of key saltus step is carried out when carrying out data interaction between the another kind of terminal that Fig. 6 provides for the embodiment of the present invention 2 and terminal;

The flow chart of key saltus step is carried out when carrying out data interaction between the another kind of terminal that Fig. 7 provides for the embodiment of the present invention 2 and terminal;

The flow chart setting up escape way that Fig. 8 provides for the embodiment of the present invention 2;

The structural representation of a kind of communication system that Fig. 9 provides for the embodiment of the present invention 3;

The communication device structural representation that Figure 10 provides for the embodiment of the present invention 3.

Embodiment

Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on embodiments of the invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to protection scope of the present invention.

In describing the invention, it will be appreciated that, term " " center ", " longitudinal direction ", " transverse direction ", " on ", D score, " front ", " afterwards ", " left side ", " right side ", " vertically ", " level ", " top ", " end ", " interior ", orientation or the position relationship of the instruction such as " outward " are based on orientation shown in the drawings or position relationship, only the present invention for convenience of description and simplified characterization, instead of indicate or imply that the device of indication or element must have specific orientation, with specific azimuth configuration and operation, therefore limitation of the present invention can not be interpreted as.In addition, term " first ", " second " only for describing object, and can not be interpreted as instruction or hint relative importance or quantity or position.

In describing the invention, it should be noted that, unless otherwise clearly defined and limited, term " installation ", " being connected ", " connection " should be interpreted broadly, and such as, can be fixedly connected with, also can be removably connect, or connect integratedly; Can be mechanical connection, also can be electrical connection; Can be directly be connected, also indirectly can be connected by intermediary, can be the connection of two element internals.For the ordinary skill in the art, concrete condition above-mentioned term concrete meaning in the present invention can be understood.

Below in conjunction with accompanying drawing, the embodiment of the present invention is described in further detail.

Embodiment 1

Fig. 1 shows the method for key saltus step in a kind of communication process of the embodiment of the present invention, and see Fig. 1, the method for key saltus step in the communication process that the embodiment of the present invention provides, comprises the steps S101 ~ S103: wherein:

S101: communication is carried out in communicating terminal and communication opposite end;

Communicating terminal in the present embodiment and communication opposite end can be that mobile terminal is as mobile phone, IPAD etc., also can be the terminal that PC etc. can carry out network service, the communication between communicating terminal and communication opposite end can comprise communication that APP that call between communicating terminal, note, mail, terminal are installed applies (as qq, micro-letter voice-enabled chat or send message) etc.

S102: communicating terminal is when meeting the saltus step triggering rule preset, and the transmission security key saltus step of current use is new transmission security key by the saltus step rule according to presetting;

The present embodiment can when meeting the saltus step triggering rule preset, carry out key saltus step, thus utilize new transmission security key be encrypted communication data or decipher, overcome the drawback adopting single constant transmission security key encryption and decryption, solve once single transmission security key is cracked, then the communication data of communication two party transmission by the problem maliciously stolen, can ensure that the safety of the communication information of communication two party.

In a kind of Alternate embodiments in the present embodiment, before meeting the saltus step triggering rule preset, or, after meeting the saltus step triggering rule preset, according to preset according to the saltus step rule preset the transmission security key saltus step of current use is new transmission security key before, the method that the present embodiment provides also comprises:

In the present embodiment, in the process setting up escape way, generate the initial transmission security key public with opposite end, the transmission security key encryption and decryption utilizing this initial, thus ensure the safety of communication information.In addition, consult transmission security key before meeting saltus step triggering rule, also can carry out after meeting saltus step triggering rule, and therefore, the present embodiment can consult transmission security key the time neatly, improves Consumer's Experience.

In a kind of Alternate embodiments in the present embodiment, public initial transmission security key comprises one or more.After consulting to generate the initial transmission security key public with communication opposite end, the method that the present embodiment provides also comprises: multiple public initial transmission security key is formed common transmission cipher key list, for multiple public initial transmission security key distributes key identification.The corresponding transmission security key of each key identification, so that inquire about corresponding transmission security key according to key identification in common transmission cipher key list.Common transmission cipher key list provides can the transmission security key of saltus step, saltus step between these transmission security keys that namely can provide in common transmission cipher key list.

In a kind of Alternate embodiments in the present embodiment, meet the saltus step triggering rule preset, comprising: reach saltus step triggers; Or, get key jump instruction.After meeting the saltus step triggering rule preset, just can carry out key saltus step, the transmission security key saltus step by current use is new transmission security key.

Wherein, saltus step triggers, comprise following one of at least: hop period, bound-time point, communication number, communication data amount and random factor.Hop period refers to that communication two party all carries out key saltus step according to identical key saltus step rule after at set intervals; Bound-time point can refer to concrete time point, such as, 10 points, 11 start to carry out saltus step, also can refer to the time period that saltus step is postponed, such as, after one hour, carry out saltus step after two hours, communication two party alternately once, namely namely communication once has a communication, and communication number refers to the number of times of communication two party communication altogether; Communication data amount can comprise default number-of-packet or interaction times; Random factor comprises random number or chance event, random number can be random threshold value, as hop period, bound-time point, communication number, communication data amount etc., when saltus step triggers comprises random factor, at communicating terminal before meeting the saltus step triggering rule preset, this method also comprises: obtain random factor.This random factor can send to communicating terminal by communication opposite end stochastic generation, also can be that communicating terminal self generates, or the random factor that user inputs at this communicating terminal, and be sent to communication opposite end, making communication two party when meeting random factor, carrying out key saltus step.

Wherein, key jump instruction comprise following one of at least: the key jump instruction that the key jump instruction of the key jump instruction that communication opposite end sends, communicating terminal active user input and communicating terminal generate according to preset rules.This key jump instruction can be sent by opposite end, also can be that communicating terminal receives or oneself generates, after getting this key jump instruction, carry out circuit saltus step, thus ensure the communication security of communication two party.

In a kind of Alternate embodiments in the present embodiment, according to the saltus step rule preset by the transmission security key saltus step of current use be new transmission security key from large framework, two kinds: one can be divided into be recalculate to generate new transmission security key; Two is in common transmission cipher key list, select a transmission security key as new transmission security key.

In this Alternate embodiments, for recalculating the situation generating new transmission security key, being new transmission security key according to the saltus step rule preset by the transmission security key saltus step of current use, including but not limited to under type one of at least:

Mode one: communicating terminal utilizes the transmission security key of current use and operational factor to calculate according to the algorithm preset by iterative manner, generates new transmission security key;

In which one, communicating terminal and communication opposite end utilize iterative manner to calculate respectively to generate new transmission security key and jump to this new transmission security key and are encrypted transmission, such as, as shown in Figure 2, initial transmission security key is K0, K0 and operational factor is utilized to be undertaken calculating by special algorithm and generate new transmission security key K1, communicating pair jumps to this new key and is encrypted transmission subsequently, following recycling K1 and operational factor are undertaken calculating by special algorithm and generate new transmission security key K2, carry out computing successively and generate new transmission security key K3, K4, K5 ... until communication terminates.

Mode two: communicating terminal utilizes initial transmission security key and operational factor to calculate according to the algorithm preset, and generates new transmission security key;

In which two, when each satisfied default saltus step triggering rule, communicating terminal and communication opposite end utilize initial transmission security key K0 and operational factor (Y1, Y2 respectively ... Yn) undertaken calculating generation new transmission security key (K1, K2 by special algorithm ... Yn) and jump to this new transmission security key and be encrypted transmission, as shown in Figure 3.

Such as, communicating terminal generates a random number, random number is sent to communication opposite end as operational factor, this random number can comprised in communication opposite end transmission jump instruction, communication two party utilizes initial transmission key K 0 and current operational factor Yn to be calculated by special algorithm separately, generates new transmission security key Kn.

Mode three: the operational factor that communicating terminal utilizes self to generate and the operational factor got from communication opposite end calculate according to the algorithm preset, and generate new transmission security key.

In which three, communicating terminal self generates an operational factor X1 (as random number R 1), and receiving the operational factor Y1 (as random number R 2) of communication opposite end generation, communication two party utilizes random number R 1 and random number R 2 to generate new transmission security key Kn separately.

In above-mentioned three kinds of modes, as the optional mode of one, operational factor comprises: saltus step triggers (hop period, bound-time point, communication number, communication data amount and random factor), and other factors preset, in the present embodiment, saltus step triggers can participate in calculating new transmission security key, especially when operational factor is random factor, make the key of generation random flexibly, increase the complexity generating key, more not easily breaking cryptographic keys, improves the stability of transmission security key, and then ensures communication security.

In this Alternate embodiments, communicating terminal and communication opposite end generate new transmission security key by iterative manner (mode one), random fashion (mode two) and negotiation mode (mode three), be new transmission security key by the transmission security key saltus step of current use, thus achieve key saltus step, and then ensure the communication security of communication two party.

In this Alternate embodiments, for selecting a transmission security key as the situation of new transmission security key in common transmission cipher key list, the transmission security key saltus step of current use is new transmission security key by the saltus step rule according to presetting, and to include but not limited to under type one of at least:

Mode one: communicating terminal order or backward from common transmission cipher key list select the next transmission security key of the transmission security key of current use as new transmission security key successively;

In which one, order or backward use the transmission security key in the transmission security key list generated in advance successively; Such as common transmission cipher key list comprises n transmission security key, and the key identification of its correspondence is: L0, L1 ... Ln, uses L0, L1, L2 successively ... corresponding transmission security key is until communication terminates.

Mode two: communicating terminal selects new transmission security key at random from common transmission cipher key list, and the key identification of new transmission security key is sent to communication opposite end; Such as, common transmission cipher key list comprises n transmission security key, the key identification of its correspondence is: L0, L1 ... Ln, communicating terminal Stochastic choice L3, L3 is sent to communication opposite end, communication two party is when meeting the saltus step triggering rule preset, and jump to the transmission security key that L3 is corresponding, the transmission security key utilizing L3 corresponding is encrypted communication.

Mode three: communicating terminal receives the key identification of the new transmission security key that communication opposite end sends, and the transmission security key selecting key identification corresponding in common transmission cipher key list; Such as, common transmission cipher key list comprises n transmission security key, the key identification of its correspondence is: L0, L1 ... Ln, communicating terminal receives L3, the communication line selecting L3 corresponding in communication line in the common transmission cipher key list generated in advance carries out communication, and the transmission security key that communication two party utilizes L3 corresponding is encrypted communication.

Mode four: communicating terminal utilizes operational factor to calculate according to the algorithm preset the key identification made new advances, and finds transmission security key that new key identification is corresponding as new transmission security key in common transmission cipher key list;

Such as, the common transmission cipher key list generated in advance comprises: n transmission security key, and the key identification of its correspondence is: L0, L1 ... Ln, calculates key identification Ln by preset algorithm, chooses transmission security key corresponding to Ln and carries out saltus step as new transmission security key.

In mode four, utilizing operational factor to calculate according to the algorithm preset the key identification made new advances also can adopt the three kinds of modes (iterative manner, random fashion and negotiation mode) in the first situation above-mentioned to calculate new key identification, that is, at least comprise with one of under type:

Mode one: communicating terminal utilizes key identification corresponding to the transmission security key of current use and operational factor to calculate according to the algorithm preset by iterative manner, generates new key identification;

Such as, mode identical as shown in Figure 2, the key identification that initial transmission security key is corresponding is L0, L0 and operational factor is utilized to be undertaken calculating by special algorithm and generate key identification L1 corresponding to new transmission security key, the new key that communicating pair jumps to this L1 corresponding is subsequently encrypted transmission, following recycling L1 and operational factor are undertaken calculating by special algorithm and generate key identification L2 corresponding to new transmission security key, carry out computing successively and generate new transmission security key corresponding key identification L3, L4, L5 ... until communication terminates.

Mode two: communicating terminal utilizes key identification corresponding to initial transmission security key and operational factor to calculate according to the algorithm preset, and generates new key identification;

Such as, adopt mode identical as shown in Figure 3, when each satisfied default saltus step triggering rule, the key identification L0 that communicating terminal and communication opposite end utilize initial transmission security key corresponding respectively and operational factor (Y1, Y2 ... Yn) undertaken calculating key identification (L1 corresponding to the new transmission security key of generation by special algorithm, L2 ... and the new transmission security key jumping to corresponding key identification corresponding is encrypted transmission Yn), such as, communicating terminal is when each satisfied default saltus step triggering rule, generate a random number, i.e. operational factor (Y1, Y2 ... Yn), operational factor Yn is sent to communication opposite end, this operational factor Yn can comprised in communication opposite end transmission jump instruction, communication two party utilizes initial transmission key L0 and current operational factor Yn to be calculated by special algorithm separately, generate new key identification Ln.

Mode three: the operational factor that communicating terminal utilizes self to generate and the operational factor got from communication opposite end calculate according to the algorithm preset, and generate new key identification.

In which three, communicating terminal self generates an operational factor X1 (as random number R 1), and receiving the operational factor Y1 (as random number R 2) of communication opposite end generation, communication two party utilizes random number R 1 and random number R 2 to generate new key identification Ln separately.

S103: utilize the communication data of new transmission security key pair and communication opposite end to be encrypted or to decipher.

The present embodiment can when meeting the saltus step triggering rule preset, carry out key saltus step, thus utilize new transmission security key to be encrypted communication, overcome the drawback adopting single constant transmission security key encryption and decryption, solve once single transmission security key is cracked, then the communication data of communication two party transmission by the problem maliciously stolen, can ensure that the safety of the communication information of communication two party.

Embodiment 2

Fig. 4 shows the flow process of carrying out key saltus step when to carry out data interaction between a kind of terminal and terminal, and see Fig. 4, its first terminal and the second terminal all perform following flow process:

S401: first terminal and the second terminal set up escape way, generates initial transmission key K 0;

S402: first terminal and the second terminal utilize current transmission security key to be encrypted transmitting data or to decipher;

S403: judge whether to reach trip point, if do not reach trip point, performs S402, if reach trip point, performs S404;

S404: the saltus step rule according to presetting calculates new transmission security key;

S405: utilize new transmission security key to be encrypted as current transmission double secret key transmission data or to decipher;

S406: judge whether to terminate communication, if terminate communication, performs S407, if do not terminate communication, performs S403;

S407: terminate communication.

Concrete, trip point and saltus step triggers, the time interval that saltus step threshold value can be set to preset, time point or default communication number and communication data amount, often reach saltus step threshold value, carry out a saltus step.First terminal and the second terminal can calculate new transmission security key through but not limited to such as one of under type:

Mode one: utilize the transmission security key of current use and operational factor to calculate according to the algorithm preset by iterative manner, generate new transmission security key;

In which one, first terminal and the second terminal utilize iterative manner to calculate respectively to generate new transmission security key and jump to this new transmission security key and are encrypted transmission, such as, as shown in Figure 2, initial transmission security key is K0, K0 and operational factor is utilized to be undertaken calculating by special algorithm and generate new transmission security key K1, communicating pair jumps to this new key and is encrypted transmission subsequently, following recycling K1 and operational factor are undertaken calculating by special algorithm and generate new transmission security key K2, carry out computing successively and generate new transmission security key K3, K4, K5 ... until communication terminates.

Mode two: utilize initial transmission security key and operational factor to calculate according to the algorithm preset, generate new transmission security key;

In which two, when each satisfied default saltus step triggering rule, first terminal and the second terminal utilize initial transmission security key K0 and operational factor (Y1, Y2 respectively ... Yn) undertaken calculating generation new transmission security key (K1, K2 by special algorithm ... Kn) and jump to this new transmission security key and be encrypted transmission, as shown in Figure 3.

Such as, first terminal generates a random number, random number is sent to the second terminal as operational factor, this random number can comprised in the second terminal transmission jump instruction, communication two party utilizes initial transmission key K 0 and current operational factor Yn to be calculated by special algorithm separately, generates new transmission security key Kn.

Mode three: the operational factor utilizing self to generate and the operational factor got from the second terminal calculate according to the algorithm preset, and generate new transmission security key.

In which three, first terminal self generates an operational factor X1 (as random number R 1), and receive the operational factor Y1 (as random number R 2) of the second terminal generation, certainly, also can be conversely, second terminal receives the operational factor that first terminal sends, and communication two party utilizes random number R 1 and random number R 2 to generate new transmission security key Kn separately.

Above operational factor can comprise: saltus step triggers (hop period, bound-time point, communication number, communication data amount and random factor), and other factors preset, random factor comprises: random number and chance event, in the present embodiment, saltus step triggers can participate in calculating new transmission security key, especially when operational factor is random factor, make the key of generation random flexibly, increase the complexity generating key, more not easily breaking cryptographic keys, improve the stability of transmission security key, and then ensure communication security.

In this Alternate embodiments, first terminal and the second terminal generate new transmission security key by iterative manner (mode one), random fashion (mode two) and negotiation mode (mode three), be new transmission security key by the transmission security key saltus step of current use, thus achieve key saltus step, and then ensure the communication security of communication two party.

Fig. 5 shows the flow process of carrying out key saltus step when to carry out data interaction between a kind of terminal and terminal, and see Fig. 5, its first terminal and the second terminal all perform following flow process:

S501: first terminal and the second terminal set up escape way, generates common transmission cipher key list (K0, K1, K2 ... Kn);

S502: first terminal and the second terminal utilize current transmission security key to be encrypted transmitting data or to decipher;

Such as, initial condition, utilizes K0 to be encrypted transmission data or to decipher; After calculating the transmission security key made new advances, utilize new transmission security key to be encrypted as current transmission security key or to decipher.

S503: judge whether to reach trip point, if do not reach trip point, performs S502, if reach trip point, performs S504;

S504: the saltus step rule according to presetting calculates new transmission security key;

S505: utilize new transmission security key to be encrypted as current transmission double secret key transmission data or to decipher;

S506: judge whether to terminate communication, if terminate communication, performs S507, if do not terminate communication, performs S503;

S507: terminate communication.

Mode one: first terminal and the second terminal respectively from common transmission cipher key list order or backward select the next transmission security key of the transmission security key of current use as new transmission security key successively;

In which one, first terminal and the second terminal respectively order or backward use the transmission security key in the transmission security key list generated in advance successively; Such as common transmission cipher key list comprises n transmission security key, and the key identification of its correspondence is: L0, L1 ... Ln, uses L0, L1, L2 successively ... corresponding transmission security key is until communication terminates.

Mode two: first terminal selects new transmission security key at random from common transmission cipher key list, and the key identification of new transmission security key is sent to the second terminal; Such as, common transmission cipher key list comprises n transmission security key, the key identification of its correspondence is: L0, L1 ... Ln, first terminal Stochastic choice L3, L3 is sent to the second terminal, communication two party is when meeting the saltus step triggering rule preset, and jump to the transmission security key that L3 is corresponding, the transmission security key utilizing L3 corresponding is encrypted communication.

Mode three: first terminal receives the key identification of the new transmission security key that the second terminal sends, and the transmission security key selecting key identification corresponding in common transmission cipher key list; Such as, common transmission cipher key list comprises n transmission security key, the key identification of its correspondence is: L0, L1 ... Ln, first terminal receives L3, the communication line selecting L3 corresponding in communication line in the common transmission cipher key list generated in advance carries out communication, and the transmission security key that communication two party utilizes L3 corresponding is encrypted communication.

Mode four: first terminal and the second terminal utilize operational factor to calculate according to the algorithm preset the key identification made new advances respectively, and find transmission security key that new key identification is corresponding as new transmission security key in common transmission cipher key list;

Such as, the common transmission cipher key list that first terminal and the second terminal generate respectively in advance comprises: n transmission security key, the key identification of its correspondence is: L0, L1 ... Ln, calculate key identification Ln by preset algorithm, choose transmission security key corresponding to Ln and carry out saltus step as new transmission security key.

In mode four, first terminal and the second terminal utilize operational factor to calculate the key identification made new advances the three kinds of modes (iterative manner, random fashion and negotiation mode) in the first situation above-mentioned also can be adopted to calculate new key identification according to the algorithm preset respectively, that is, at least comprise with one of under type:

Mode one: utilize key identification corresponding to the transmission security key of current use and operational factor to calculate according to the algorithm preset by iterative manner, generate new key identification;

Such as, adopt and mode identical as shown in Figure 2, the key identification that initial transmission security key is corresponding is L0, L0 and operational factor is utilized to be undertaken calculating by special algorithm and generate key identification L1 corresponding to new transmission security key, the new key that communicating pair jumps to this L1 corresponding is subsequently encrypted transmission, following recycling L1 and operational factor are undertaken calculating by special algorithm and generate key identification L2 corresponding to new transmission security key, carry out computing successively and generate new transmission security key corresponding key identification L3, L4, L5 ... until communication terminates.

Mode two: utilize key identification corresponding to initial transmission security key and operational factor to calculate according to the algorithm preset, generate new key identification;

Such as, adopt mode identical as shown in Figure 3, when each satisfied default saltus step triggering rule, the key identification L0 that first terminal and the second terminal utilize initial transmission security key corresponding respectively and operational factor (Y1, Y2 ... Yn) undertaken calculating key identification (L1 corresponding to the new transmission security key of generation by special algorithm, L2 ... and the new transmission security key jumping to corresponding key identification corresponding is encrypted transmission Yn), such as, first terminal is when each satisfied default saltus step triggering rule, generate a random number, i.e. operational factor (Y1, Y2 ... Yn), operational factor Yn is sent to the second terminal, this operational factor Yn can comprised in the second terminal transmission jump instruction, communication two party utilizes initial transmission key L0 and current operational factor Yn to be calculated by special algorithm separately, generate new key identification Ln.

Mode three: the operational factor that first terminal utilizes self to generate and the operational factor got from the second terminal calculate according to the algorithm preset, and generate new key identification.

In which three, first terminal self generates an operational factor X1 (as random number R 1), and receive the operational factor Y1 (as random number R 2) of the second terminal generation, certainly, also can be conversely, operational factor X1 is sent to the second terminal by first terminal, and the second terminal receives the operational factor that first terminal sends, and communication two party utilizes random number R 1 and random number R 2 to generate new key identification Ln separately.

Fig. 6 shows the flow process of carrying out key saltus step when to carry out data interaction between another kind of terminal and terminal, see Fig. 6, performs following flow process between its first terminal and the second terminal:

S601: first terminal and the second terminal set up escape way, generates initial transmission key K 0;

S602: first terminal and the second terminal utilize current transmission double secret key to transmit data and be encrypted or decipher;

S603: first terminal sends key saltus step request to the second terminal;

S604: first terminal and the second terminal calculate new transmission security key according to the saltus step rule preset respectively;

S605: utilize new transmission security key to be encrypted as current transmission double secret key transmission data or to decipher;

S606: judge whether to terminate communication, if terminate communication, performs S607, if do not terminate communication, performs S602;

S607: terminate communication.

Concrete, key saltus step request can be only an instruction, also can comprise saltus step triggers, and wherein saltus step triggers can be the default time interval, time point or default communication number and communication data amount, also can be random number, ensure the randomness of saltus step triggers.Certainly, the present invention is not limited to first terminal and sends saltus step request, and also can be initiated by the second terminal, shown in this flow process with Fig. 6, flow process is contrary.First terminal and the second terminal can calculate new transmission security key through but not limited to such as one of under type:

Such as, first terminal generates a random number, random number is sent to the second terminal as operational factor, this random number can be comprised in the key saltus step request sent to the second terminal, communication two party utilizes initial transmission key K 0 and current operational factor Yn to be calculated by special algorithm separately, generates new transmission security key Kn.

In which three, first terminal self generates an operational factor X1 (as random number R 1), and receive the operational factor Y1 (as random number R 2) of the second terminal generation, certainly, also can conversely, operational factor X1 is sent to the second terminal by first terminal, can be carried in key saltus step request, second terminal receives the operational factor that first terminal sends, and communication two party utilizes random number R 1 and random number R 2 to generate new transmission security key Kn separately.

Fig. 7 has shown out the flow process of carrying out key saltus step when carrying out data interaction between another kind of terminal and terminal, see Fig. 7, performs following flow process between its first terminal and the second terminal:

S701: first terminal and the second terminal set up escape way, generates common transmission cipher key list (K0, K1, K2 ... Kn);

S702: first terminal and the second terminal utilize current transmission double secret key to transmit data and be encrypted or decipher;

S703: first terminal sends key saltus step request to the second terminal;

S704: first terminal and the second terminal calculate new transmission security key according to preset algorithm respectively;

S705: utilize new transmission security key to be encrypted as current transmission double secret key transmission data or to decipher;

S706: judge whether to terminate communication, if terminate communication, performs S707, if do not terminate communication, performs S702;

S707: terminate communication.

Concrete, key saltus step request can be only an instruction, also can comprise saltus step triggers, and wherein saltus step triggers can be the default time interval, time point or default communication number and communication data amount, also can be random number, ensure the randomness of saltus step triggers.Certainly, the present invention is not limited to first terminal and sends saltus step request, and also can be initiated by the second terminal, shown in this flow process with Fig. 7, flow process is contrary.First terminal and the second terminal can calculate new transmission security key through but not limited to such as one of under type:

Mode two: first terminal selects new transmission security key at random from common transmission cipher key list, and the key identification of new transmission security key is sent to the second terminal, can be carried in key saltus step request; Such as, common transmission cipher key list comprises n transmission security key, the key identification of its correspondence is: L0, L1 ... Ln, first terminal Stochastic choice L3, L3 is sent to the second terminal, communication two party is when meeting the saltus step triggering rule preset, and jump to the transmission security key that L3 is corresponding, the transmission security key utilizing L3 corresponding is encrypted communication.

Such as, adopt mode identical as shown in Figure 3, when each satisfied default saltus step triggering rule, the key identification L0 that first terminal and the second terminal utilize initial transmission security key corresponding respectively and operational factor (Y1, Y2 ... Yn) undertaken calculating key identification (L1 corresponding to the new transmission security key of generation by special algorithm, L2 ... and the new transmission security key jumping to corresponding key identification corresponding is encrypted transmission Yn), such as, first terminal is when each satisfied default saltus step triggering rule, generate a random number, i.e. operational factor (Y1, Y2 ... Yn), operational factor Yn is sent to the second terminal, this operational factor Yn can be comprised in the key saltus step request sent to the second terminal, communication two party utilizes initial transmission key L0 and current operational factor Yn to be calculated by special algorithm separately, generate new key identification Ln.

In above Fig. 4 to Fig. 7, the mode setting up escape way belongs to prior art, herein, only provide a kind of concrete implementation, as shown in Figure 8, first terminal and the second terminal utilize respective electronic signature equipment to set up escape way respectively, and consult the specific implementation generating public transmission security key, the mode of certain realization comprises multiple, is not limited to the present embodiment.See Fig. 8, its first terminal utilizes its electronic signature equipment (and being abbreviated as first terminal) and the second terminal to utilize between its electronic signature equipment (and being abbreviated as the second terminal) and performs following flow process:

S801: first terminal generates random number R 1, and is sent to the second terminal;

S802: the second terminal generates random number R 2, and the digital certificate of the electronic signature equipment of random number and the second terminal is sent to first terminal;

S803: whether first terminal check digit certificate is legal, if legal, then performs step S804, otherwise process ends.

S804: first terminal generates shares master key M, utilizes the public key encryption M of the second terminal, obtains ciphertext E1;

S805: first terminal is signed to R1 and R2, generates signature S1, the digital certificate of E1, S1, first terminal is sent to the second terminal;

After S806: the second client checks certificate is qualified, signature verification S1, verifies by rear, and deciphering E1, obtains the plaintext of master key M;

S807: master key M encrypts or deciphering as transmission security key communication data by first terminal and the second terminal.

Embodiment 3

The present embodiment provides a kind of communication system, as shown in Figure 9, this communication system 10 comprises first terminal 110 and the second terminal 120, wherein, first terminal 110 adopts identical structure with the second terminal 120, this first terminal 110 comprises communication device 130, this second terminal 120 comprises communication device 140, communication device 130 is identical with the structure of communication device 140, first terminal 110 in the present embodiment and the second terminal 120 can be that mobile terminal is as mobile phone, IPAD etc., also can be the terminal that PC etc. can carry out network service, communication between communicating terminal and communication opposite end can comprise the call between communicating terminal, note, mail, the communication of the APP application that terminal is installed is (as qq, the voice-enabled chat of micro-letter or transmission message) etc.

Only be illustrated for communication device 130 in the present embodiment, this communication device 130 be with the method for key saltus step in the communication process in embodiment 1 one to one, do not repeat them here, it is as follows only to carry out brief description:

Figure 10 shows the structure chart of a kind of communication device 130 of the embodiment of the present invention, and see Fig. 1, the communication device that the embodiment of the present invention provides, comprising: communication module 131, key saltus step module 132 and Encryption Decryption module 133, wherein:

Communication module 131, for carrying out communication with opposite end communication device, also for transmitting the communication data after encryption;

Key saltus step module 132, for carrying out in the process of communication with opposite end communication device, when meeting the saltus step triggering rule preset, the transmission security key saltus step of current use is new transmission security key by the saltus step rule according to presetting;

Encryption Decryption module 133, to be encrypted communication data for utilizing new transmission security key or to decipher.

In a kind of Alternate embodiments in the present embodiment, before meeting the saltus step triggering rule preset, the communication device 130 that the present embodiment provides also comprises: key production module 134, wherein:

Key production module 134, for before meeting the saltus step triggering rule preset, or, after meeting the saltus step triggering rule preset, according to preset according to the saltus step rule preset the transmission security key saltus step of current use is new transmission security key before, set up escape way with opposite end communication device, and consult to generate the initial transmission security key public with opposite end communication device;

Encryption Decryption module 133, also for utilizing the communication data of initial transmission security key pair and opposite end communication device to be encrypted or to decipher.

In a kind of Alternate embodiments in the present embodiment, public initial transmission security key comprises one or more.

Key production module, also for after consulting to generate the initial transmission security key public with opposite end communication device, forms common transmission cipher key list by multiple public initial transmission security key, for multiple public initial transmission security key distributes key identification.The corresponding transmission security key of each key identification, so that inquire about corresponding transmission security key according to key identification in common transmission cipher key list.Common transmission cipher key list provides can the transmission security key of saltus step, saltus step between these transmission security keys that namely can provide in common transmission cipher key list.

Wherein, saltus step triggers, comprise following one of at least: hop period, bound-time point, communication number, communication data amount and random factor.Hop period refers to that communication two party all carries out key saltus step according to identical key saltus step rule after at set intervals; Bound-time point can refer to concrete time point, such as, 10 points, 11 start to carry out saltus step, also can refer to the time period that saltus step is postponed, such as, after one hour, carry out saltus step after two hours, communication two party alternately once, namely namely communication once has a communication, and communication number refers to the number of times of communication two party communication altogether; Communication data amount can comprise default number-of-packet or interaction times; Random factor comprises random number or chance event, and random number can be random threshold value, as hop period, bound-time point, communication number, communication data amount etc.

In a kind of Alternate embodiments in the present embodiment, key saltus step module 132, also for when saltus step triggers comprises random factor, at communicating terminal before meeting the saltus step triggering rule preset, obtains random factor.

In a kind of Alternate embodiments in the present embodiment, key jump instruction comprise following one of at least: the key jump instruction that opposite end communication device sends, the key jump instruction of input and the key jump instruction generated according to preset rules.

In this Alternate embodiments, for recalculating the situation generating new transmission security key, key saltus step module 132, for being new transmission security key according to the saltus step rule preset by the transmission security key saltus step of current use, to comprise with under type one of at least:

Mode three: the operational factor utilizing self to generate and the operational factor got from opposite end communication device calculate according to the algorithm preset, and generate new transmission security key.

In this Alternate embodiments, for selecting a transmission security key as the situation of new transmission security key in common transmission cipher key list, key saltus step module 132, for being new transmission security key according to the saltus step rule preset by the transmission security key saltus step of current use, to comprise with under type one of at least:

Mode one: order or backward select the next transmission security key of the transmission security key of current use as new transmission security key successively from common transmission cipher key list;

Mode two: select new transmission security key at random from common transmission cipher key list, and the key identification of new transmission security key is sent to opposite end communication device;

Mode three: the key identification receiving the new transmission security key that opposite end communication device sends, and the transmission security key selecting key identification corresponding in common transmission cipher key list;

Mode four: utilize operational factor to calculate according to the algorithm preset the key identification made new advances, and find transmission security key that new key identification is corresponding as new transmission security key in common transmission cipher key list;

In mode four, key saltus step module 132, calculating according to the algorithm preset the key identification made new advances for utilizing operational factor also can adopt the three kinds of modes (iterative manner, random fashion and negotiation mode) in the first situation above-mentioned to calculate new key identification, that is, at least comprise with one of under type:

Mode three: the operational factor utilizing self to generate and the operational factor got from opposite end communication device calculate according to the algorithm preset, and generate new key identification.

Describe and can be understood in flow chart or in this any process otherwise described or method, represent and comprise one or more for realizing the module of the code of the executable instruction of the step of specific logical function or process, fragment or part, and the scope of the preferred embodiment of the present invention comprises other realization, wherein can not according to order that is shown or that discuss, comprise according to involved function by the mode while of basic or by contrary order, carry out n-back test, this should understand by embodiments of the invention person of ordinary skill in the field.

Should be appreciated that each several part of the present invention can realize with hardware, software, firmware or their combination.In the above-described embodiment, multiple step or method can with to store in memory and the software performed by suitable instruction execution system or firmware realize.Such as, if realized with hardware, the same in another embodiment, can realize by any one in following technology well known in the art or their combination: the discrete logic with the logic gates for realizing logic function to data-signal, there is the application-specific integrated circuit (ASIC) of suitable combinational logic gate circuit, programmable gate array (PGA), field programmable gate array (FPGA) etc.

Those skilled in the art are appreciated that realizing all or part of step that above-described embodiment method carries is that the hardware that can carry out instruction relevant by program completes, program can be stored in a kind of computer-readable recording medium, this program perform time, step comprising embodiment of the method one or a combination set of.

In addition, each functional unit in each embodiment of the present invention can be integrated in a processing module, also can be that the independent physics of unit exists, also can be integrated in a module by two or more unit.Above-mentioned integrated module both can adopt the form of hardware to realize, and the form of software function module also can be adopted to realize.If integrated module using the form of software function module realize and as independently production marketing or use time, also can be stored in a computer read/write memory medium.

The above-mentioned storage medium mentioned can be read-only memory, disk or CD etc.

In the description of this specification, specific features, structure, material or feature that the description of reference term " embodiment ", " some embodiments ", " example ", " concrete example " or " some examples " etc. means to describe in conjunction with this embodiment or example are contained at least one embodiment of the present invention or example.In this manual, identical embodiment or example are not necessarily referred to the schematic representation of above-mentioned term.And the specific features of description, structure, material or feature can combine in an appropriate manner in any one or more embodiment or example.

Although illustrate and describe embodiments of the invention above, be understandable that, above-described embodiment is exemplary, can not be interpreted as limitation of the present invention, those of ordinary skill in the art can change above-described embodiment within the scope of the invention when not departing from principle of the present invention and aim, revising, replacing and modification.Scope of the present invention is by claims and equivalency thereof.

Claims

1. a method for key saltus step in communication process, is characterized in that, comprising:

Communicating terminal is carrying out in the process of communication with communication opposite end, described communicating terminal is when meeting the saltus step triggering rule preset, the transmission security key saltus step of current use is new transmission security key by the saltus step rule according to presetting, and utilizes described new transmission security key pair to be encrypted with the communication data of described communication opposite end or to decipher.

2. the method for claim 1, is characterized in that:

Before meeting the saltus step triggering rule preset, or, after meeting the saltus step triggering rule preset, according to preset according to the saltus step rule preset the transmission security key saltus step of current use is new transmission security key before, described method also comprises:

Escape way is set up in described communicating terminal and communication opposite end, and consults to generate the initial transmission security key public with described communication opposite end, utilizes described initial transmission security key pair to be encrypted with the communication data of described communication opposite end or to decipher.

3. method as claimed in claim 2, is characterized in that:

Described public initial transmission security key comprises one or more.

4. method as claimed in claim 3, is characterized in that:

After consulting to generate the initial transmission security key public with described communication opposite end, described method also comprises: multiple described public initial transmission security key is formed common transmission cipher key list, for multiple described public initial transmission security key distributes key identification.

5. the method as described in any one of Claims 1-4, is characterized in that:

Described meet the saltus step triggering rule preset comprise following one of at least:

Reach saltus step triggers;

Get key jump instruction.

6., as right wants the method as described in 5, it is characterized in that:

Described saltus step triggers, comprise following one of at least:

7. method as claimed in claim 6, is characterized in that:

When described saltus step triggers comprises random factor, at described communicating terminal before meeting the saltus step triggering rule preset, described method also comprises:

Obtain described random factor.

8. method as claimed in claim 5, is characterized in that:

Described key jump instruction comprise following one of at least: the key jump instruction that described communication opposite end sends, the key jump instruction of input and the key jump instruction generated according to preset rules.

9. the method as described in any one of claim 1-8, is characterized in that:

The transmission security key saltus step of current use is new transmission security key by the saltus step rule that described basis is preset, and to comprise with under type one of at least:

Described communicating terminal utilizes the transmission security key of current use and operational factor to calculate according to the algorithm preset by iterative manner, generates new transmission security key;

Described communicating terminal utilizes described initial transmission security key and operational factor to calculate according to the algorithm preset, and generates new transmission security key;

The operational factor that described communicating terminal utilizes self to generate and the operational factor got from described communication opposite end calculate according to the algorithm preset, and generate new transmission security key.

10. the method as described in any one of claim 4-8, is characterized in that:

Described communicating terminal order or backward from described common transmission cipher key list select the next transmission security key of the transmission security key of current use as described new transmission security key successively;

Described communicating terminal selects described new transmission security key at random from described common transmission cipher key list, and the key identification of described new transmission security key is sent to described communication opposite end;

Described communicating terminal receives the key identification of the described new transmission security key that described communication opposite end sends, and selects the transmission security key that described key identification is corresponding in described common transmission cipher key list;

Described communicating terminal utilizes operational factor to calculate according to the algorithm preset the key identification made new advances, and in described common transmission cipher key list, find transmission security key that described new key identification is corresponding as described new transmission security key.

11. methods as claimed in claim 10, is characterized in that:

Described communicating terminal utilizes operational factor to calculate according to the algorithm preset the key identification made new advances, and comprising:

Described communicating terminal utilizes key identification corresponding to the transmission security key of current use and operational factor to calculate according to the algorithm preset by iterative manner, generates new key identification;

Described communicating terminal utilizes key identification corresponding to described initial transmission security key and operational factor to calculate according to the algorithm preset, and generates new key identification;

The operational factor that described communicating terminal utilizes self to generate and the operational factor got from described communication opposite end calculate according to the algorithm preset, and generate new key identification.

12. methods as described in any one of claim 9-11, is characterized in that:

Described operational factor comprises: described saltus step triggers.

13. 1 kinds of communication devices, is characterized in that, comprising:

Encryption Decryption module, to be encrypted communication data for utilizing described new transmission security key or to decipher.

14. devices as claimed in claim 13, is characterized in that: also comprise:

Key production module, for before meeting the saltus step triggering rule preset, or, after meeting the saltus step triggering rule preset, according to preset according to the saltus step rule preset the transmission security key saltus step of current use is new transmission security key before, set up escape way with opposite end communication device, and consult to generate the initial transmission security key public with described opposite end communication device;

Described Encryption Decryption module, also for utilizing described initial transmission security key pair to be encrypted with the communication data of described opposite end communication device or to decipher.

15. devices as claimed in claim 14, is characterized in that:

Described public initial transmission security key comprises one or more.

16. devices as claimed in claim 15, is characterized in that:

Described key production module, also for after consulting to generate the initial transmission security key public with described opposite end communication device, multiple described public initial transmission security key is formed common transmission cipher key list, for multiple described public initial transmission security key distributes key identification.

17. devices as described in any one of claim 13 to 16, is characterized in that:

Reach saltus step triggers;

Get key jump instruction.

18. devices as claimed in claim 17, is characterized in that:

Described saltus step triggers, comprise following one of at least:

19. devices as claimed in claim 18, is characterized in that:

Described key saltus step module, also for when described saltus step triggers comprises random factor, at described communicating terminal before meeting the saltus step triggering rule preset, obtains described random factor.

20. devices as claimed in claim 18, is characterized in that:

Described key jump instruction comprise following one of at least: the key jump instruction that described opposite end communication device sends, the key jump instruction of input and the key jump instruction generated according to preset rules.

21. devices as described in any one of claim 13-10, is characterized in that:

Described key saltus step module, for being new transmission security key according to the saltus step rule preset by the transmission security key saltus step of current use, comprise following one of at least:

Utilize described initial transmission security key and operational factor to calculate according to the algorithm preset, generate new transmission security key;

The operational factor utilizing self to generate and the operational factor got from described opposite end communication device calculate according to the algorithm preset, and generate new transmission security key.

22. devices as described in any one of claim 13-10, is characterized in that:

From described common transmission cipher key list, order or backward select the next transmission security key of the transmission security key of current use as described new transmission security key successively;

From described common transmission cipher key list, select described new transmission security key at random, and the key identification of described new transmission security key is sent to described opposite end communication device;

Receive the key identification of the described new transmission security key that described opposite end communication device sends, and select the transmission security key that described key identification is corresponding in described common transmission cipher key list;

Utilize operational factor to calculate according to the algorithm preset the key identification made new advances, and in described common transmission cipher key list, find transmission security key that described new key identification is corresponding as described new transmission security key.

23. devices as claimed in claim 22, is characterized in that:

Described key saltus step module, for utilizing operational factor to calculate according to the algorithm preset the key identification made new advances, comprising:

Utilize key identification corresponding to described initial transmission security key and operational factor to calculate according to the algorithm preset, generate new key identification;

The operational factor utilizing self to generate and the operational factor got from described opposite end communication device calculate according to the algorithm preset, and generate new key identification.

24. devices as described in any one of claim 21-23, is characterized in that:

Described operational factor comprises: described saltus step triggers.

25. 1 kinds of communication systems, is characterized in that: comprise first terminal and the second terminal;

Described first terminal comprises the communication device as described in any one of claim 13-24;

Described second terminal comprises the communication device as described in any one of claim 13-24.