CN106789092A - Cipher key transmission methods, cipher key delivery device, server and communication equipment - Google Patents

Cipher key transmission methods, cipher key delivery device, server and communication equipment Download PDF

Info

Publication number
CN106789092A
CN106789092A CN201710113666.1A CN201710113666A CN106789092A CN 106789092 A CN106789092 A CN 106789092A CN 201710113666 A CN201710113666 A CN 201710113666A CN 106789092 A CN106789092 A CN 106789092A
Authority
CN
China
Prior art keywords
terminal
key
public key
server
communication equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710113666.1A
Other languages
Chinese (zh)
Inventor
董黎晨
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Heyuan Hong Jia Technology Co Ltd
Original Assignee
Heyuan Hong Jia Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Heyuan Hong Jia Technology Co Ltd filed Critical Heyuan Hong Jia Technology Co Ltd
Priority to CN201710113666.1A priority Critical patent/CN106789092A/en
Publication of CN106789092A publication Critical patent/CN106789092A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)

Abstract

The present invention proposes a kind of cipher key transmission methods, cipher key delivery device, server and communication equipment, wherein, the cipher key transmission methods include:Receive the public key for carrying out the terminal that self terminal sends;Using the private key of the server to the public key encryption of the terminal, to generate digital signature;When the signal of the public key that communication device requests obtain the terminal is received, the public key of the digital signature and the terminal is sent to the communication equipment, wherein, the digital signature is used to make the communication equipment determine whether the public key of the terminal is tampered in transmitting procedure, and the public key of the terminal is used to make the communication equipment be encrypted the symmetric cryptographic key for being sent to the terminal.By technical scheme, it is ensured that safety of the symmetric cryptographic key in transmitting procedure.

Description

Cipher key transmission methods, cipher key delivery device, server and communication equipment
Technical field
The present invention relates to communication technical field, in particular to cipher key transmission methods, cipher key delivery device, server And communication equipment.
Background technology
At present, in planting plants, the growing state of plant can be monitored by collection of server plant data, and will Plant data is activation to user terminal so that user understands the growing state of plant in time.In the related art, generally inciting somebody to action Before plant data is activation is to the terminal of user, plant data are encrypted using symmetric cryptographic key, and by symmetric cryptography Key is sent to the terminal of user, and the terminal of user can just be decrypted according to the symmetric cryptographic key to plant data.But It is, during symmetric cryptographic key is transmitted, if symmetric cryptographic key is intercepted, it is easy to cause the plant data of transmission to meet with To leakage, caused damage to user and greenhouse operator.
Therefore, how to ensure the security of the symmetric cryptographic key of transmission turns into technical problem urgently to be resolved hurrily.
The content of the invention
The present invention is based on above mentioned problem, it is proposed that a kind of new technical scheme, can solve symmetric cryptographic key and exist Unsafe technical problem in transmitting procedure.
In view of this, the first aspect of the present invention proposes a kind of cipher key transmission methods, and for server, the key is passed Transmission method includes:Receive the public key for carrying out the terminal that self terminal sends;Using the private key of the server to the terminal Public key encryption, to generate digital signature;When the signal of the public key that communication device requests obtain the terminal is received, will be described The public key of digital signature and the terminal is sent to the communication equipment, wherein, the digital signature is used to set the communication Whether the standby public key for determining the terminal is tampered in transmitting procedure, and the public key of the terminal is used to make the communication equipment pair The symmetric cryptographic key for being sent to the terminal is encrypted.
In the technical scheme, server generates digital signature according to the public key of terminal, is sent to by the public key of terminal While communication equipment, the digital signature is also sent to communication equipment, is determined according to the digital signature for communication equipment Whether the public key of terminal is tampered during from server transport to communication equipment.If communication equipment is using being tampered The public key encryption symmetric cryptographic key of terminal, then it is non-that the symmetric cryptographic key of encryption is just easy to appearance in transmitting procedure The situation that method user intercepts and cracks, therefore, determine the situation that the public key of terminal is tampered in transmitting procedure in communication equipment Under, prohibit the use of the public key of the terminal being tampered to carry out cryptographic symmetrical encryption key, so as to ensure that symmetric cryptographic key in transmission During security, and then ensure that between communication equipment and terminal transmit plant data security.
In the above-mentioned technical solutions, it is preferable that the public key of the terminal for receiving is the public key using the server Public key after encryption, and before the public key encryption using the private key of the server to the terminal, also include:Using institute The public key for stating the terminal of the private key of server to receiving is decrypted, to obtain the public key of the terminal of unencryption.
In the technical scheme, because the public key of the terminal for receiving is the public key after encryption, so as to ensure that terminal Security of the public key during from terminal transmission to server.
The second aspect of the present invention proposes a kind of cipher key delivery device, for server, the cipher key delivery device bag Include:Receiving unit, the public key for receiving the terminal for carrying out self terminal transmission;Generation unit, for using the server Private key to the public key encryption of the terminal, to generate digital signature;Transmitting element, for obtaining receiving communication device requests During the signal of the public key for taking the terminal, the public key of the digital signature and the terminal is sent to the communication equipment, its In, the digital signature is used to make the communication equipment determine whether the public key of the terminal is tampered in transmitting procedure, institute Stating the public key of terminal is used to make the communication equipment be encrypted the symmetric cryptographic key for being sent to the terminal.
In the technical scheme, server generates digital signature according to the public key of terminal, is sent to by the public key of terminal While communication equipment, the digital signature is also sent to communication equipment, is determined according to the digital signature for communication equipment Whether the public key of terminal is tampered during from server transport to communication equipment.If communication equipment is using being tampered The public key encryption symmetric cryptographic key of terminal, then it is non-that the symmetric cryptographic key of encryption is just easy to appearance in transmitting procedure The situation that method user intercepts and cracks, therefore, determine the situation that the public key of terminal is tampered in transmitting procedure in communication equipment Under, prohibit the use of the public key of the terminal being tampered to carry out cryptographic symmetrical encryption key, so as to ensure that symmetric cryptographic key in transmission During security, and then ensure that between communication equipment and terminal transmit plant data security.
In the above-mentioned technical solutions, it is preferable that the public key of the terminal for receiving is the public key using the server Public key after encryption, and also include:Decryption unit, for the private key using the server to the terminal that receives Public key is decrypted, to obtain the public key of the terminal of unencryption.
In the technical scheme, because the public key of the terminal for receiving is the public key after encryption, so as to ensure that terminal Security of the public key during from terminal transmission to server.
The third aspect of the present invention proposes a kind of server, including the key biography any one of above-mentioned second aspect Defeated device, therefore, the server has and the cipher key delivery device identical technology effect any one of above-mentioned second aspect Really, will not be repeated here.
The fourth aspect of the present invention proposes a kind of cipher key transmission methods, for communication equipment, the cipher key transmission methods Including:Receive the public key and digital signature of the terminal sent from server;The terminal is determined according to the digital signature Whether public key is tampered during from the server transport to the communication equipment;If the public key of the terminal is from institute Server transport is stated to being not tampered with during the communication equipment, then using the public key of the terminal by symmetric cryptographic key Encryption, wherein, the symmetric cryptographic key is used to carry out the plant data transmitted between the terminal and the communication equipment Encryption;The symmetric cryptographic key after by encryption is sent to the terminal, so that the terminal is used after its private key pair encryption The symmetric cryptographic key decryption.
In the technical scheme, if the public key of terminal is tampered in transmitting procedure, communication equipment is using being tampered The public key of terminal carrys out cryptographic symmetrical encryption key, then the symmetric cryptographic key of encryption is just easy to quilt occur in transmitting procedure The situation that disabled user intercepts and cracks.Therefore, in the case of it is determined that the public key of terminal is not tampered with transmitting procedure, Symmetric cryptographic key is encrypted using the public key of the terminal for receiving, it is determined that what the public key of terminal was tampered in transmitting procedure In the case of, prohibit the use of the public key of the terminal being tampered to carry out cryptographic symmetrical encryption key, so as to ensure that symmetric cryptographic key exists Security in transmitting procedure, and then ensure that the security that plant data are transmitted between communication equipment and terminal.
In the above-mentioned technical solutions, it is preferable that described to determine the public key of the terminal from institute according to the digital signature Whether server transport is stated to being tampered during the communication equipment, is specifically included:Use the public key pair of the server The digital signature is decrypted;The public key of the digital signature and the terminal for receiving after by decryption is contrasted, Whether it is tampered during from the server transport to the communication equipment with the public key for determining the terminal.
In the technical scheme, digital signature and the terminal sent from server for receiving after by decryption Public key is contrasted, if both are inconsistent, it is determined that the public key of terminal is tampered in transmitting procedure, if both are consistent, really The public key for determining terminal is not tampered with transmitting procedure, adds so as to avoid communication equipment using the public key of the terminal being tampered Close symmetric cryptographic key.
The fifth aspect of the present invention proposes a kind of cipher key delivery device, for communication equipment, the cipher key delivery device Including:Receiving unit, public key and digital signature for receiving the terminal sent from server;Determining unit, for basis The digital signature determine the public key of the terminal during from the server transport to the communication equipment whether by Distort;Ciphering unit, if the public key for determining the terminal for the determining unit leads to from the server transport to described It is not tampered with during letter equipment, then is encrypted symmetric cryptographic key using the public key of the terminal, wherein, it is described symmetrically to add Key is used to be encrypted the plant data transmitted between the terminal and the communication equipment;Transmitting element, for inciting somebody to action The symmetric cryptographic key after encryption is sent to the terminal, and it is described right after its private key pair encryption to be used for the terminal Claim encryption key decryption.
In the technical scheme, if the public key of terminal is tampered in transmitting procedure, communication equipment is using being tampered The public key of terminal carrys out cryptographic symmetrical encryption key, then the symmetric cryptographic key of encryption is just easy to quilt occur in transmitting procedure The situation that disabled user intercepts and cracks.Therefore, in the case of it is determined that the public key of terminal is not tampered with transmitting procedure, Symmetric cryptographic key is encrypted using the public key of the terminal for receiving, it is determined that what the public key of terminal was tampered in transmitting procedure In the case of, prohibit the use of the public key of the terminal being tampered to carry out cryptographic symmetrical encryption key, so as to ensure that symmetric cryptographic key exists Security in transmitting procedure, and then ensure that the security that plant data are transmitted between communication equipment and terminal.
In the above-mentioned technical solutions, it is preferable that the determining unit includes:Decryption subelement, for using the service The public key of device is decrypted to the digital signature;Determination subelement, for the digital signature after by decryption and receives The public key of the terminal contrasted, to determine the public key of the terminal from the server transport to the communication equipment During whether be tampered.
In the technical scheme, digital signature and the terminal sent from server for receiving after by decryption Public key is contrasted, if both are inconsistent, it is determined that the public key of terminal is tampered in transmitting procedure, if both are consistent, really The public key for determining terminal is not tampered with transmitting procedure, adds so as to avoid communication equipment using the public key of the terminal being tampered Close symmetric cryptographic key.
The sixth aspect of the present invention proposes a kind of any one of technical scheme in terms of communication equipment, including the above-mentioned 5th Described cipher key delivery device, therefore, the communication equipment has any one of the technical scheme with the above-mentioned 5th aspect Cipher key delivery device identical technique effect, will not be repeated here.
By technical scheme, it is ensured that safety of the symmetric cryptographic key in transmitting procedure.
Brief description of the drawings
Fig. 1 shows that the flow of the cipher key transmission methods for server according to an embodiment of the invention is illustrated Figure;
Fig. 2 shows the block diagram of the cipher key delivery device for server according to an embodiment of the invention;
Fig. 3 shows the block diagram of server according to an embodiment of the invention;
Fig. 4 shows that the flow of the cipher key transmission methods for communication equipment according to an embodiment of the invention is illustrated Figure;
Fig. 5 shows the block diagram of the cipher key delivery device for communication equipment according to an embodiment of the invention;
Fig. 6 shows the block diagram of communication equipment according to an embodiment of the invention;
Fig. 7 shows the principle schematic of communication system according to an embodiment of the invention;
Fig. 8 shows the principle schematic of transmission symmetric cryptographic key according to an embodiment of the invention;
Fig. 9 shows the principle schematic of the transmission of asymmetric cryptography data according to an embodiment of the invention.
Specific embodiment
It is below in conjunction with the accompanying drawings and specific real in order to the above objects, features and advantages of the present invention can be more clearly understood that Mode is applied to be further described in detail the present invention.It should be noted that in the case where not conflicting, the implementation of the application Feature in example and embodiment can be mutually combined.
Many details are elaborated in the following description in order to fully understand the present invention, but, the present invention may be used also Implemented with being different from other modes described here using other, therefore, protection scope of the present invention is not by described below Specific embodiment limitation.
Fig. 1 shows that the flow of the cipher key transmission methods for server according to an embodiment of the invention is illustrated Figure.
As shown in figure 1, the cipher key transmission methods for server according to an embodiment of the invention, including:
Step 102, receives the public key for carrying out the terminal that self terminal sends.
Step 104, using the private key of server to the public key encryption of terminal, to generate digital signature.
Step 106, when the signal of the public key that communication device requests obtain terminal is received, by digital signature and terminal Public key is sent to communication equipment, wherein, digital signature be used to making communication equipment determine the public key of terminal in transmitting procedure whether It is tampered, the public key of terminal is used to make communication equipment be encrypted the symmetric cryptographic key for being sent to terminal.
In the technical scheme, server generates digital signature according to the public key of terminal, is sent to by the public key of terminal While communication equipment, the digital signature is also sent to communication equipment, is determined according to the digital signature for communication equipment Whether the public key of terminal is tampered during from server transport to communication equipment.If communication equipment is using being tampered The public key encryption symmetric cryptographic key of terminal, then it is non-that the symmetric cryptographic key of encryption is just easy to appearance in transmitting procedure The situation that method user intercepts and cracks, therefore, determine the situation that the public key of terminal is tampered in transmitting procedure in communication equipment Under, prohibit the use of the public key of the terminal being tampered to carry out cryptographic symmetrical encryption key, so as to ensure that symmetric cryptographic key in transmission During security, and then ensure that between communication equipment and terminal transmit plant data security.
In the above-mentioned technical solutions, it is preferable that after the public key of the terminal for receiving is the public key encryption using server Public key, and before step 104, also include:The public key of the terminal using the private key of server to receiving is decrypted, with Obtain the public key of the terminal of unencryption.
In the technical scheme, because the public key of the terminal for receiving is the public key after encryption, so as to ensure that terminal Security of the public key during from terminal transmission to server.
Fig. 2 shows the block diagram of the cipher key delivery device for server according to an embodiment of the invention.
As shown in Fig. 2 the cipher key delivery device 200 for server according to an embodiment of the invention, key biography Defeated device 200 includes:Receiving unit 202, generation unit 204 and transmitting element 206.
Receiving unit 202, the public key for receiving the terminal for carrying out self terminal transmission;Generation unit 204, for using service The private key of device to the public key encryption of terminal, to generate digital signature;Transmitting element 206, for receiving communication device requests During the signal of the public key for obtaining terminal, the public key of digital signature and terminal is sent to communication equipment, wherein, digital signature is used for Communication equipment is set to determine whether the public key of terminal is tampered in transmitting procedure, the public key of terminal is used to make communication equipment to pending The symmetric cryptographic key for giving terminal is encrypted.
In the technical scheme, server generates digital signature according to the public key of terminal, is sent to by the public key of terminal While communication equipment, the digital signature is also sent to communication equipment, is determined according to the digital signature for communication equipment Whether the public key of terminal is tampered during from server transport to communication equipment.If communication equipment is using being tampered The public key encryption symmetric cryptographic key of terminal, then it is non-that the symmetric cryptographic key of encryption is just easy to appearance in transmitting procedure The situation that method user intercepts and cracks, therefore, determine the situation that the public key of terminal is tampered in transmitting procedure in communication equipment Under, prohibit the use of the public key of the terminal being tampered to carry out cryptographic symmetrical encryption key, so as to ensure that symmetric cryptographic key in transmission During security, and then ensure that between communication equipment and terminal transmit data security.
In the above-mentioned technical solutions, it is preferable that after the public key of the terminal for receiving is the public key encryption using server Public key, and also include:Decryption unit 208, the public key of the terminal for the private key using server to receiving is decrypted, To obtain the public key of the terminal of unencryption.
In the technical scheme, because the public key of the terminal for receiving is the public key after encryption, so as to ensure that terminal Security of the public key during from terminal transmission to server.
Fig. 3 shows the block diagram of server according to an embodiment of the invention.
As shown in figure 3, server according to an embodiment of the invention 300, including any of the above-described cipher key delivery Device 200, therefore, the server 300 has the identical technique effect of cipher key delivery device 200 with any of the above-described, herein Repeat no more.
Fig. 4 shows that the flow of the cipher key transmission methods for communication equipment according to an embodiment of the invention is illustrated Figure.
As shown in figure 4, the cipher key transmission methods for communication equipment according to an embodiment of the invention, including:
Step 402, receives the public key and digital signature of the terminal sent from server.
Step 404, the public key for determining terminal according to digital signature is during from server transport to communication equipment It is no to be tampered.
Step 406, if the public key of terminal is not tampered with during from server transport to communication equipment, uses end The public key at end encrypts symmetric cryptographic key, wherein, symmetric cryptographic key is used for the plant to being transmitted between terminal and communication equipment Thing data are encrypted.
Step 408, terminal is sent to by the symmetric cryptographic key after encryption, so that terminal is used after its private key pair encryption Symmetric cryptographic key is decrypted.
In the technical scheme, if the public key of terminal is tampered in transmitting procedure, communication equipment is using being tampered The public key of terminal carrys out cryptographic symmetrical encryption key, then the symmetric cryptographic key of encryption is just easy to quilt occur in transmitting procedure The situation that disabled user intercepts and cracks.Therefore, in the case of it is determined that the public key of terminal is not tampered with transmitting procedure, Symmetric cryptographic key is encrypted using the public key of the terminal for receiving, it is determined that what the public key of terminal was tampered in transmitting procedure In the case of, prohibit the use of the public key of the terminal being tampered to carry out cryptographic symmetrical encryption key, so as to ensure that symmetric cryptographic key exists Security in transmitting procedure, and then ensure that the security that data are transmitted between communication equipment and terminal.
In the above-mentioned technical solutions, it is preferable that step 404 is specifically included:Public key using server enters to digital signature Row decryption;Digital signature after decryption and the public key of terminal for receiving are contrasted, to determine the public key of terminal from clothes Whether business device is tampered during being transferred to communication equipment.
In the technical scheme, digital signature and the terminal sent from server for receiving after by decryption Public key is contrasted, if both are inconsistent, it is determined that the public key of terminal is tampered in transmitting procedure, if both are consistent, really The public key for determining terminal is not tampered with transmitting procedure, adds so as to avoid communication equipment using the public key of the terminal being tampered Close symmetric cryptographic key.
Fig. 5 shows the block diagram of the cipher key delivery device for communication equipment according to an embodiment of the invention.
As shown in figure 5, the cipher key delivery device 500 for communication equipment according to an embodiment of the invention, including: Receiving unit 502, determining unit 504, ciphering unit 506 and transmitting element 508.
Receiving unit 502, public key and digital signature for receiving the terminal sent from server;Determining unit 504, Whether the public key for determining terminal according to digital signature is tampered during from server transport to communication equipment;Encryption Unit 506, for if it is determined that unit 504 determines that the public key of terminal is not usurped during from server transport to communication equipment Change, then the public key of using terminal encrypts symmetric cryptographic key, wherein, symmetric cryptographic key be used for terminal and communication equipment it Between transmit plant data be encrypted;Transmitting element 508, for the symmetric cryptographic key after encryption to be sent into terminal, with Decrypted using the symmetric cryptographic key after its private key pair encryption for terminal.
In the technical scheme, if the public key of terminal is tampered in transmitting procedure, communication equipment is using being tampered The public key of terminal carrys out cryptographic symmetrical encryption key, then the symmetric cryptographic key of encryption is just easy to quilt occur in transmitting procedure The situation that disabled user intercepts and cracks.Therefore, in the case of it is determined that the public key of terminal is not tampered with transmitting procedure, Symmetric cryptographic key is encrypted using the public key of the terminal for receiving, it is determined that what the public key of terminal was tampered in transmitting procedure In the case of, prohibit the use of the public key of the terminal being tampered to carry out cryptographic symmetrical encryption key, so as to ensure that symmetric cryptographic key exists Security in transmitting procedure, and then ensure that the security that data are transmitted between communication equipment and terminal.
In the above-mentioned technical solutions, it is preferable that determining unit 504 includes:Decryption subelement 5042, for using server Public key digital signature is decrypted;Determination subelement 5044, for by the digital signature after decryption and the terminal that receives Public key contrasted, whether be tampered during from server transport to communication equipment with the public key for determining terminal.
In the technical scheme, digital signature and the terminal sent from server for receiving after by decryption Public key is contrasted, if both are inconsistent, it is determined that the public key of terminal is tampered in transmitting procedure, if both are consistent, really The public key for determining terminal is not tampered with transmitting procedure, adds so as to avoid communication equipment using the public key of the terminal being tampered Close symmetric cryptographic key.
Fig. 6 shows the block diagram of communication equipment according to an embodiment of the invention.
As shown in fig. 6, the technology in terms of communication equipment according to an embodiment of the invention 600, including the above-mentioned 5th The cipher key delivery device 500 of any one of scheme, therefore, the communication equipment 600 has the technical scheme with the above-mentioned 5th aspect Any one of the identical technique effect of cipher key delivery device 500, will not be repeated here.
Wherein, communication equipment is included but is not limited to:Cultivation box, capture apparatus and sensor are (for example, temperature sensor, wet Degree sensor, care intensity sensor).The plantation data transmitted between communication equipment and terminal are included but is not limited to:Plant Growing environment parameter, the photo of plant, the video recording of plant.
Above-mentioned technical proposal is further illustrated below by Fig. 7 to Fig. 9.
As shown in fig. 7, communication system includes:Terminal A, server and communication equipment.
Application program is installed on terminal A, account registration is carried out by the application program, then can be with the use application Program remotely checks plant growth situation.Wherein, when terminal A is to server registration, the secret key pair (public key of terminal is generated ClientA_Pub and private key ClientA_Pri);The public key Server_Pub of server is obtained simultaneously.In order to prevent transmission channel Middle information is tampered, and encrypts ClientA_Pub using Server_Pub and uploads onto the server.
Server is decrypted using the ClientA_Pub that its private key Server_Pri will get.Then it is private using it Key Server_Pri to the ClientA_Pub re-encrypteds after decryption, to generate digital signature DSA-ClientA.
When terminal A and communication equipment set up connection, communication equipment obtains the public key of terminal A, clothes to server request DSA-ClientA and ClientA_Pub are sent to communication equipment by business device jointly.
Communication equipment is decrypted using the public key Server_Pub of server to DSA-ClientA, after then decrypting Data and contrasted from the ClientA_Pub that server sends, to determine whether both consistent, if unanimously, said Bright ClientA_Pub is not tampered with during from server transport to communication equipment.
As shown in figure 8, communication equipment generation symmetric cryptography key AES-KEY, if ClientA_Pub is from server transport To being not tampered with during communication equipment, then communication equipment is encrypted AES-KEY using ClientA_Pub, and will be after encryption AES-KEY be sent to terminal A.Terminal A is received after the AES-KEY after encryption, the private key ClientA_ of using terminal A Pri is decrypted, and gets AES-KEY.
As shown in figure 9, communication equipment by plaintext waiting for transmission (for example, the photograph that plaintext waiting for transmission is collected for camera The parameter information that piece or sensor are collected) first encoded, then be encrypted with AES-KEY and obtain ciphertext, use SRTP The ciphertext is transferred to terminal A by (Secure Real-time Transport Protocol, Security Real Time Protocol).Eventually End A is received after ciphertext, is decrypted using AES-KEY and decoding obtains in plain text, then showing this in plain text.
Or, communication equipment uploads onto the server the data encrypted using AES-KEY, and terminal A is obtained from server Data are checked.
In addition, if there is the data that multiple terminals are checked in communication equipment, then according to above flow, communication equipment needs elder generation The public key of each terminal is obtained, opposite end is sent to after the public key encryption by symmetric cryptographic key using opposite end.
Technical scheme is described in detail above in association with accompanying drawing, by technical scheme, it is ensured that Safety of the symmetric cryptographic key in transmitting procedure.
In the present invention, term " first ", " second " are only used for the purpose for describing, and it is not intended that indicating or implying phase To importance;Term " multiple " represents two or more;Term " connected ", " connection " etc. all should be interpreted broadly, for example, Can be fixedly connected, or be detachably connected, or be integrally connected;Can be joined directly together, it is also possible to by centre Medium is indirectly connected to.For the ordinary skill in the art, can as the case may be understand above-mentioned term in this hair Concrete meaning in bright.
The preferred embodiments of the present invention are the foregoing is only, is not intended to limit the invention, for the skill of this area For art personnel, the present invention can have various modifications and variations.It is all within the spirit and principles in the present invention, made any repair Change, equivalent, improvement etc., should be included within the scope of the present invention.

Claims (10)

1. a kind of cipher key transmission methods, for server, it is characterised in that the cipher key transmission methods include:
Receive the public key for carrying out the terminal that self terminal sends;
Using the private key of the server to the public key encryption of the terminal, to generate digital signature;
When the signal of the public key that communication device requests obtain the terminal is received, by the digital signature and the terminal Public key is sent to the communication equipment, wherein, the digital signature is used to make the communication equipment determine the public key of the terminal Whether it is tampered in transmitting procedure, the public key of the terminal is used to make the communication equipment to being sent to the right of the terminal Encryption key is claimed to be encrypted.
2. cipher key transmission methods according to claim 1, it is characterised in that the public key of the terminal for receiving is to use Public key after the public key encryption of the server, and the private key using the server to the public key encryption of the terminal it Before, also include:
The public key of the terminal using the private key of the server to receiving is decrypted, to obtain the end of unencryption The public key at end.
3. a kind of cipher key delivery device, for server, it is characterised in that the cipher key delivery device includes:
Receiving unit, the public key for receiving the terminal for carrying out self terminal transmission;
Generation unit, for using the private key of the server to the public key encryption of the terminal, to generate digital signature;
Transmitting element, for when the signal of the public key that communication device requests obtain the terminal is received, the numeral being signed The public key of name and the terminal is sent to the communication equipment, wherein, the digital signature is used to determine the communication equipment Whether the public key of the terminal is tampered in transmitting procedure, and the public key of the terminal is used to make the communication equipment to be sent Symmetric cryptographic key to the terminal is encrypted.
4. cipher key delivery device according to claim 3, it is characterised in that the public key of the terminal for receiving is to use Public key after the public key encryption of the server, and also include:
Decryption unit, the public key of the terminal for the private key using the server to receiving is decrypted, to obtain The public key of the terminal of unencryption.
5. a kind of server, it is characterised in that including:Cipher key delivery device as described in claim 3 or 4.
6. a kind of cipher key transmission methods, for communication equipment, it is characterised in that the cipher key transmission methods include:
Receive the public key and digital signature of the terminal sent from server;
Determine the public key of the terminal from the server transport to the process of the communication equipment according to the digital signature In whether be tampered;
If the public key of the terminal is not tampered with during from the server transport to the communication equipment, institute is used The public key for stating terminal encrypts symmetric cryptographic key, wherein, the symmetric cryptographic key is used for the terminal and the communication The plant data transmitted between equipment are encrypted;
The symmetric cryptographic key after by encryption is sent to the terminal, so that the terminal is used after its private key pair encryption The symmetric cryptographic key decryption.
7. cipher key transmission methods according to claim 6, it is characterised in that described according to the digital signature determines Whether the public key of terminal is tampered during from the server transport to the communication equipment, specifically includes:
The digital signature is decrypted using the public key of the server;
The public key of the digital signature and the terminal for receiving after by decryption is contrasted, to determine the public affairs of the terminal Whether key is tampered during from the server transport to the communication equipment.
8. a kind of cipher key delivery device, for communication equipment, it is characterised in that the cipher key delivery device includes:
Receiving unit, public key and digital signature for receiving the terminal sent from server;
Determining unit, the public key for determining the terminal according to the digital signature leads to from the server transport to described Whether it is tampered during letter equipment;
Ciphering unit, if determining the public key of the terminal from the server transport to the communication for the determining unit It is not tampered with during equipment, then is encrypted symmetric cryptographic key using the public key of the terminal, wherein, the symmetric cryptography Key is used to be encrypted the plant data transmitted between the terminal and the communication equipment;
Transmitting element, the terminal is sent to for the symmetric cryptographic key after by encryption, so that the terminal uses it Symmetric cryptographic key decryption after private key pair encryption.
9. cipher key delivery device according to claim 8, it is characterised in that the determining unit includes:
Decryption subelement, is decrypted for the public key using the server to the digital signature;
Determination subelement, is contrasted for the digital signature after by decryption with the public key of the terminal for receiving, with Determine whether the public key of the terminal is tampered during from the server transport to the communication equipment.
10. a kind of communication equipment, it is characterised in that including:Cipher key delivery device as claimed in claim 8 or 9.
CN201710113666.1A 2017-02-28 2017-02-28 Cipher key transmission methods, cipher key delivery device, server and communication equipment Pending CN106789092A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710113666.1A CN106789092A (en) 2017-02-28 2017-02-28 Cipher key transmission methods, cipher key delivery device, server and communication equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710113666.1A CN106789092A (en) 2017-02-28 2017-02-28 Cipher key transmission methods, cipher key delivery device, server and communication equipment

Publications (1)

Publication Number Publication Date
CN106789092A true CN106789092A (en) 2017-05-31

Family

ID=58960155

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710113666.1A Pending CN106789092A (en) 2017-02-28 2017-02-28 Cipher key transmission methods, cipher key delivery device, server and communication equipment

Country Status (1)

Country Link
CN (1) CN106789092A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108270916A (en) * 2017-12-01 2018-07-10 南京嘉谷初成通信科技有限公司 A kind of encryption method of smart mobile phone
CN108270917A (en) * 2017-12-01 2018-07-10 南京嘉谷初成通信科技有限公司 A kind of encryption smart mobile phone
CN109703571A (en) * 2018-12-24 2019-05-03 北京长城华冠汽车技术开发有限公司 A kind of vehicle entertainment system login system and login method based on recognition of face
CN112003879A (en) * 2020-10-22 2020-11-27 腾讯科技(深圳)有限公司 Data transmission method for virtual scene, computer device and storage medium
CN112636917A (en) * 2020-12-07 2021-04-09 天津津航计算技术研究所 Communication encryption method of distributed control system

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101103590A (en) * 2005-01-07 2008-01-09 Lg电子株式会社 Authentication method, encryption method, decryption method, cryptographic system and recording medium
CN101262343A (en) * 2007-03-05 2008-09-10 鸿富锦精密工业(深圳)有限公司 Wireless device and secrete key exchange method
CN101442411A (en) * 2008-12-23 2009-05-27 中国科学院计算技术研究所 Identification authentication method between peer-to-peer user nodes in P2P network
CN101447873A (en) * 2008-12-25 2009-06-03 杭州东信金融技术服务有限公司 Safe authentication and encrypted communication method
CN102111411A (en) * 2011-01-21 2011-06-29 南京信息工程大学 Method for switching encryption safety data among peer-to-peer user nodes in P2P network
CN103812871A (en) * 2014-02-24 2014-05-21 北京明朝万达科技有限公司 Development method and system based on mobile terminal application program security application

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101103590A (en) * 2005-01-07 2008-01-09 Lg电子株式会社 Authentication method, encryption method, decryption method, cryptographic system and recording medium
CN101262343A (en) * 2007-03-05 2008-09-10 鸿富锦精密工业(深圳)有限公司 Wireless device and secrete key exchange method
CN101442411A (en) * 2008-12-23 2009-05-27 中国科学院计算技术研究所 Identification authentication method between peer-to-peer user nodes in P2P network
CN101447873A (en) * 2008-12-25 2009-06-03 杭州东信金融技术服务有限公司 Safe authentication and encrypted communication method
CN102111411A (en) * 2011-01-21 2011-06-29 南京信息工程大学 Method for switching encryption safety data among peer-to-peer user nodes in P2P network
CN103812871A (en) * 2014-02-24 2014-05-21 北京明朝万达科技有限公司 Development method and system based on mobile terminal application program security application

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108270916A (en) * 2017-12-01 2018-07-10 南京嘉谷初成通信科技有限公司 A kind of encryption method of smart mobile phone
CN108270917A (en) * 2017-12-01 2018-07-10 南京嘉谷初成通信科技有限公司 A kind of encryption smart mobile phone
CN108270917B (en) * 2017-12-01 2021-01-15 南京嘉谷初成通信科技有限公司 Encrypted smart phone
CN109703571A (en) * 2018-12-24 2019-05-03 北京长城华冠汽车技术开发有限公司 A kind of vehicle entertainment system login system and login method based on recognition of face
CN112003879A (en) * 2020-10-22 2020-11-27 腾讯科技(深圳)有限公司 Data transmission method for virtual scene, computer device and storage medium
CN112636917A (en) * 2020-12-07 2021-04-09 天津津航计算技术研究所 Communication encryption method of distributed control system

Similar Documents

Publication Publication Date Title
CN106789092A (en) Cipher key transmission methods, cipher key delivery device, server and communication equipment
CN110535868A (en) Data transmission method and system based on Hybrid Encryption algorithm
TWI486809B (en) Method for restricting access to media data generated by a camera
CN103428221B (en) Safe login method, system and device to Mobile solution
CN109218825B (en) Video encryption system
CN104219041A (en) Data transmission encryption method applicable for mobile internet
CN109151508B (en) Video encryption method
CN103595721A (en) Safe sharing method, sharing device and sharing system for files of network disk
JP2013502782A (en) Method, device, and network system for negotiating encryption information
CN107172056A (en) A kind of channel safety determines method, device, system, client and server
CN103051869A (en) System and method for encrypting camera video in real time
CN106534079A (en) Method and system for safety processing of data files
CN110224821A (en) A kind of communication encrypting method of unmanned mobile platform
CN108966174A (en) A kind of communication encryption method of unmanned plane and earth station
CN105025472B (en) A kind of WIFI access points enciphering hiding and the method and its system of discovery
CN109951513A (en) Anti- quantum calculation wired home quantum cloud storage method and system based on quantum key card
CN104243439A (en) File transfer processing method and system and terminals
CN102075802A (en) Method for realizing secure communication between set-top box and intelligent card
CN109600374A (en) Secure user data sending method and its system based on block chain
CN105262586B (en) The method for distributing key and device of automobile burglar equipment
CN109587149A (en) A kind of safety communicating method and device of data
CN110430203A (en) A kind of improved safety JSON transmission method towards sensitive data
CN109995785A (en) File security unlocking method in local area network based on quantum cryptography
CN110022213A (en) A kind of more level of confidentiality processing methods based on quantum key protection computer data
CN110557591B (en) Network camera, video encryption transmission system and video encryption method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20170531

RJ01 Rejection of invention patent application after publication