CN109639697A - Cloud mobile phone safe throws method, mobile terminal and the server of screen - Google Patents

Cloud mobile phone safe throws method, mobile terminal and the server of screen Download PDF

Info

Publication number
CN109639697A
CN109639697A CN201811583169.9A CN201811583169A CN109639697A CN 109639697 A CN109639697 A CN 109639697A CN 201811583169 A CN201811583169 A CN 201811583169A CN 109639697 A CN109639697 A CN 109639697A
Authority
CN
China
Prior art keywords
server
algorithm
mobile phone
key
cloud mobile
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811583169.9A
Other languages
Chinese (zh)
Inventor
巫庭庭
陈振青
余长宏
陈思民
李全斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Microcomputer Interconnection Information Technology Co Ltd
Original Assignee
Guangzhou Microcomputer Interconnection Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou Microcomputer Interconnection Information Technology Co Ltd filed Critical Guangzhou Microcomputer Interconnection Information Technology Co Ltd
Priority to CN201811583169.9A priority Critical patent/CN109639697A/en
Publication of CN109639697A publication Critical patent/CN109639697A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04NPICTORIAL COMMUNICATION, e.g. TELEVISION
    • H04N21/00Selective content distribution, e.g. interactive television or video on demand [VOD]
    • H04N21/40Client devices specifically adapted for the reception of or interaction with content, e.g. set-top-box [STB]; Operations thereof
    • H04N21/41Structure of client; Structure of client peripherals
    • H04N21/4104Peripherals receiving signals from specially adapted client devices
    • H04N21/4126The peripheral being portable, e.g. PDAs or mobile phones
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Multimedia (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The present invention relates to network technique fields, are related to method, mobile terminal and server that cloud mobile phone safe throws screen, and method includes: to generate public key using rivest, shamir, adelman and be sent to server;Receive the feedback of server;Wherein, the unique key that server first uses symmetric encipherment algorithm to generate, feeds back to client for encrypted key after recycling received public key to encrypt the key;Key is solved using the corresponding private key of public key, server is sent to using key encrypted authentication information and is authenticated;Authenticating result and when authenticating result be successfully is received, issues to throw to shield to server and request;The throwing screen content of the cloud mobile phone push forwarded after server is encrypted using symmetric encipherment algorithm is received by public network.The present invention realizes first with rivest, shamir, adelman and authenticates that the throwing screen content that screen and private network transmission are thrown after authenticating successfully does not encrypt, and the throwing screen content of public network transmission is encrypted using symmetric encipherment algorithm, ensure that safety with this and part of links encryption has taken into account efficiency.

Description

Cloud mobile phone safe throws method, mobile terminal and the server of screen
Technical field
The present invention relates to network technique field, in particular to a kind of cloud mobile phone safe throws the method for screen, mobile terminal kimonos Business device.
Background technique
Cloud mobile phone is the smart mobile phone application cloud platform based on the powerful virtual application of cloud computing and mobile Internet. Based on cloud computing large-scale calculations, powerful storage capacity, in terms of advantage outstanding, cloud platform is intelligence Mobile phone user provide diversification, comprehensive virtual mobile phone application and service, support comprehensively various application program of mobile phone displaying, Downloading, application and management service, and the brilliant round-the-clock cloud intelligence hosts applications of realization, allow user to be detached from the state of mobile terminal Under, also round-the-clock presence can be kept by various application program trustships to cloud, realize that smart mobile phone application is virtual comprehensively Change.
The user of cloud mobile phone can install the client of a cloud mobile phone in the real handset of oneself, but cloud mobile phone itself is There is no screen, if the content generated needs to throw screen to client, current throwing screen application method usually not encrypts meeting The risk that content is revealed, or the entire full link encryption of process for throwing screen is caused to make throwing screen use process efficiency suitable It is low.
Summary of the invention
Embodiments of the present invention aim to solve at least one of the technical problems existing in the prior art.For this purpose, of the invention Embodiment need to provide method, mobile terminal and server that a kind of cloud mobile phone safe throws screen.
The method that a kind of cloud mobile phone safe of embodiment of the present invention throws screen, which is characterized in that client and server is logical Public network communication connection is crossed, server and cloud mobile phone are communicated to connect by private network, this method comprises:
Step 1, public key is generated using rivest, shamir, adelman and be sent to server;
Step 2, the feedback of server is received;Wherein, the unique key that server first uses symmetric encipherment algorithm to generate, then Encrypted key is fed back into client after encrypting using received public key to the key;
Step 3, key is solved using the corresponding private key of public key, is sent to server using key encrypted authentication information and carries out Authentication;
Step 4, authenticating result and when authenticating result be successfully is received, issues to throw to shield to server and request;
Step 5, the throwing screen of the cloud mobile phone push forwarded after server is encrypted using symmetric encipherment algorithm is received by public network Content;Wherein, cloud mobile phone is not encrypted by the throwing screen content that private network is transmitted to server.
In a kind of embodiment, throwing screen content includes audio/video flow, then step 5 includes: and receives server by public network to make The audio/video flow of the cloud mobile phone push forwarded after being encrypted with symmetric encipherment algorithm;Wherein, the audio/video frames of audio/video flow only encrypt The byte of preceding first threshold quantity.
In a kind of embodiment, throwing screen content includes command information, then step 5 includes: and receives server by public network to make The command information of the cloud mobile phone push forwarded after being encrypted with symmetric encipherment algorithm;Wherein, command information all encrypts.
In a kind of embodiment, rivest, shamir, adelman include RSA Algorithm, ECC algorithm, Diffie-Hellman algorithm, Any one in El Gamal algorithm;Symmetric encipherment algorithm includes DES algorithm, 3DES algorithm, Blowfish algorithm, RC4 calculation Any one in method, RC5 algorithm, RC6 algorithm and aes algorithm.
A kind of mobile terminal is proposed in embodiment of the present invention, which is characterized in that mobile terminal includes one or more the One processor, first memory and one or more programs, mobile terminal and server are communicated to connect by public network, service Device and cloud mobile phone are communicated to connect by private network, wherein one or more programs are stored in first memory, and are configured It is executed by one or more first processors, program requires 1-4 any one cloud mobile phone safe to throw the side shielded for perform claim The instruction of method.
Embodiment of the present invention proposes a kind of methods that cloud mobile phone safe throws screen, which is characterized in that client and server It being communicated to connect by public network, server and cloud mobile phone are communicated to connect by private network, this method comprises:
Step 1, the public key that client is generated and sent using rivest, shamir, adelman is received;
Step 2, the unique key first generated using symmetric encipherment algorithm, recycles received public key to add the key Encrypted key is fed back into client after close;
Step 3, the authentication issued after the key encrypted authentication information that client is solved using the corresponding private key of public key is received Request;
Step 4, authenticating result is sent to client, and receives the throwing screen that client issues when authenticating result is successfully and asks It asks;
Step 5, the throwing screen content not encrypted that cloud mobile phone is forwarded by private network is received, uses symmetric cryptography to screen content is thrown Client is sent to by public network after algorithm for encryption and carries out throwing screen.
In a kind of embodiment, throwing screen content includes audio/video flow, then step 5 includes: and receives cloud mobile phone and pass through private network to turn The throwing screen content of hair not encrypted is sent to client progress by public network after screen content is encrypted using symmetric encipherment algorithm to throwing Throw screen;Wherein, the byte of first threshold quantity before the audio/video frames of audio/video flow only encrypt.
In a kind of embodiment, throwing screen content includes command information, then step 5 includes: and receives cloud mobile phone and pass through private network to turn The throwing screen content of hair not encrypted is sent to client progress by public network after screen content is encrypted using symmetric encipherment algorithm to throwing Throw screen;Wherein, command information all encrypts.
In a kind of embodiment, rivest, shamir, adelman include RSA Algorithm, ECC algorithm, Diffie-Hellman algorithm, Any one in El Gamal algorithm;Symmetric encipherment algorithm includes DES algorithm, 3DES algorithm, Blowfish algorithm, RC4 calculation Any one in method, RC5 algorithm, RC6 algorithm and aes algorithm.
Embodiment of the present invention proposes a kind of servers, which is characterized in that includes at one or more second on server Device, second memory and one or more programs are managed, mobile terminal and server are communicated to connect by public network, server and cloud Mobile phone is communicated to connect by private network, wherein one or more programs are stored in second memory, and are configured by one Or multiple second processors execute, program requires the finger of the method for 6-9 any one cloud mobile phone safe throwing screen for perform claim It enables.
The cloud mobile phone safe of embodiment of the present invention throws method, mobile terminal and the server of screen, adds first with asymmetric Close algorithm realizes authentication, starts to throw screen after authenticating successfully, and cloud mobile phone is transmitted to the throwing screen content of server by private network It not encrypting, server is encrypted by the throwing screen content that public network is sent to client using symmetric encipherment algorithm, in this way, It ensure that safety, and part of links encryption is realized and taken into account to efficiency.
The advantages of additional aspect of the invention, will be set forth in part in the description, and will partially become from the following description Obviously, or practice through the invention is recognized.
Detailed description of the invention
The above-mentioned and/or additional aspect and advantage of embodiments of the present invention are from combination following accompanying drawings to embodiment It will be apparent and be readily appreciated that in description, in which:
Fig. 1 is the flow diagram that a kind of cloud mobile phone safe of embodiment of the present invention throws the method for screen;
Fig. 2 is the schematic network structure of embodiment of the present invention;
Fig. 3 is the flow diagram that another cloud mobile phone safe of embodiment of the present invention throws the method for screen.
Specific embodiment
Embodiments of the present invention are described below in detail, the example of embodiment is shown in the accompanying drawings, wherein identical or class As label indicate same or similar element or element with the same or similar functions from beginning to end.Below with reference to attached The embodiment of figure description is exemplary, and can only be used to explain embodiments of the present invention, and should not be understood as to the present invention Embodiment limitation.
Embodiment 1
Referring to Fig. 1, the method that the cloud mobile phone safe of embodiment of the present invention throws screen, this method comprises:
Step 1, client generates public key using rivest, shamir, adelman and is sent to server;
Step 2, client receives the feedback of server;Wherein, server first uses symmetric encipherment algorithm to generate Encrypted key is fed back to client after recycling received public key to encrypt the key by unique key;
Step 3, client solves key using the corresponding private key of public key, is sent to service using key encrypted authentication information Device is authenticated;
Step 4, client receives authenticating result and when authenticating result is successfully, issues to server and throws screen request;
Step 5, client receives the cloud mobile phone forwarded after server is encrypted using symmetric encipherment algorithm by public network and pushes Throwing screen content;Wherein, cloud mobile phone is not encrypted by the throwing screen content that private network is transmitted to server.
Referring to Fig. 2, the network structure applied in present embodiment include user real handset or true mobile terminal, Client is installed, client and server is communicated to connect by public network, and server and cloud mobile phone pass through private on the mobile terminal Network Communication connection, in general, the wide area network (WAN) that public network just refers to, the local area network (LAN) that private network just refers to.Wide area network (WAN) Internet being just known as, it is a network all over the world.Local area network (LAN), relative to wide area network (WAN) for, it is primarily referred to as the computer interconnected network in a small range.This " small range " can be a machine of company Room or a network cluster.Each computer (or other network equipments) on wide area network has one or more wide areas Net IP address (public network, outer net IP address in other words), wide area network IP address will generally arrive at ISP pay dues after could apply arriving, Wide area network IP address cannot repeat;Each computer (or other network equipments) on local area network (LAN) has one or more LAN IP address (private network, IP address of internal network in other words), LAN IP address are that local area network inner part is matched, Different LANs IP address can repeat, will not influence each other.
In step 1, client generates public key and uses rivest, shamir, adelman.Rivest, shamir, adelman refers to encryption reconciliation The Encryption Algorithm of the different keys of secret emissary, also referred to as public private key encryption.Assuming that two users will encrypt exchange data, both sides' exchange Public key, the one side public key encryption of other side, another party can be used the private key of oneself to decrypt when use.If there is n use in enterprise Family, enterprise needs to generate n to key, and distributes n public key.Due to public key be can be disclosed, as long as user takes good care of oneself Private key, therefore the distribution of encryption key will become very simple.Simultaneously as the private key of each user be it is unique, Other users in addition to can whether true come the source of verification information by the public key of information transmitter, it may also be ensured that hair The person of sending can not deny once being transmitted across the information.The shortcomings that asymmetric encryption is that encryption/decryption speed will be much more slowly than symmetric cryptography, Under certain extreme cases, or even can be upper 1000 times slower than asymmetric encryption.In embodiment of the present invention, rivest, shamir, adelman packet Include but be not limited to RSA Algorithm, ECC algorithm, Diffie-Hellman algorithm, any one in El Gamal algorithm.In step 1 By taking RSA Algorithm as an example, client generates unique RSA public key and is then sent to server.
In step 2, client receives the key of server feedback.The key of server feedback is using symmetric encipherment algorithm It generates.Symmetric encipherment algorithm refers to that encryption and decryption use the Encryption Algorithm of same key.The advantages of symmetric encipherment algorithm, is Difficult cracking when the high speed and the long key of use of encryption and decryption.In embodiment of the present invention, symmetric encipherment algorithm includes but not It is limited to any one in DES algorithm, 3DES algorithm, Blowfish algorithm, RC4 algorithm, RC5 algorithm, RC6 algorithm and aes algorithm ?.Client receives the key of server feedback in step 2, by taking the symmetric encipherment algorithm that server uses is RC4 algorithm as an example, It is server using the unique key first generated using symmetric encipherment algorithm RC4 algorithm, i.e. RC4 key, recycles received RSA Public key feeds back to client after encrypting to the RC4 key.
In step 3, client solves RC4 key with the corresponding private key of RSA public key for issuing server, uses RC4 key Encrypted authentication information is sent to server and is authenticated.Client and the authentication of server are the processes of a certification, are based on The auth method of Token is briefly discussed below:
1. client is logged in using user name with password request
2. server receives request and removes verifying user name and password
3. after being proved to be successful, server can sign and issue a Token, then this Token is sent to client
4. client is received and it can be stored after Token, for example it is placed in Cookie or Local In Storage
5. client requests the Token for needing to sign and issue with server when resource to server every time
6. server receives request, then go inside verifying client request with Token, if be proved to be successful, just The data of request are returned to client.
Generally speaking it is exactly client after logging in for the first time, when server receives authentication request again, just only recognizes Token, as long as request every time takes token, server end can intercept all requests, then verify token Legitimacy, legal authenticate in successful situation just let pass, illegal i.e. failed authentication or authentication is unsuccessful is returned to 401. So the legal then server feedback of token authenticates successful result to client, given conversely, feedback authenticates unsuccessful result Client.Certainly, authentication process can also be other modes.
In step 4, client receives authenticating result and when authenticating result is successfully, issues to server and throws screen request, Begin preparing throwing screen.
In step 5, client receives the throwing screen content that the cloud mobile phone that server forwards pushes by public network.According to network knot Structure, this process can be subdivided into two parts, and one is the communication process in private network, the other is the communication process between public network. The throwing of client screen request is first sent to cloud mobile phone by server in a manner of not encrypting, the cloud mobile phone then side equally not encrypt Screen content is thrown in formula push, and due to being to be communicated between server and cloud mobile phone in private network, the communication between private network can be to be not added Close mode is transmitted.Receive cloud mobile phone push throwing screen content after, server can according to different throwing screen contents, if It sets different cipher modes and is then forwarded to client.
In a kind of situation, throwing screen content includes audio/video flow, then step 5 includes: that client by public network receives server The audio/video flow of the cloud mobile phone push of forwarding.Audio/video flow is to be sent to client after server is encrypted using symmetric encipherment algorithm , but since the file of audio/video flow is usually bigger, may influence to throw the efficiency that screen uses if all encryptions, but not Encryption then will appear security risk.So the audio/video frames of audio/video flow only encrypt the byte of preceding first threshold quantity.This implementation In mode, first threshold quantity can be 32 or 64, i.e. the audio/video frames of audio/video flow only encrypt preceding 32 or 64 bytes, real in this way Existing efficiency is taken into account with both safety.
In another situation, throwing screen content includes command information, then step 5 includes: that client is serviced by public network reception The command information of the cloud mobile phone push of device forwarding;Command information is to be sent to client after server is encrypted using symmetric encipherment algorithm End, since command information usually influences less bandwidth cost, so can pass through server during entire throwing screen Public network is sent to client instructions information and is set as whole encryptions.
It is authenticated in conclusion present embodiment is realized first with rivest, shamir, adelman, starts to throw screen after authenticating successfully, And cloud mobile phone is not encrypted by the throwing screen content that private network is transmitted to server, and server is sent to the throwing of client by public network Screen content is encrypted using symmetric encipherment algorithm, in this way, that is, ensure that safety, and part of links encryption realizes pair Efficiency is taken into account.
Embodiment 2
A kind of mobile terminal of embodiment of the present invention, the mobile terminal include one or more first processors, first Memory and one or more programs, mobile terminal and server are communicated to connect by public network, and server and cloud mobile phone pass through Private network communication connection, wherein one or more programs are stored in first memory, and are configured by one or more the One processor executes, and program is used to execute the instruction for the method that 1 medium cloud mobile phone safe of embodiment throws screen, i.e., installs on mobile terminal There is client, which executes following methods in a manner of one or more programs:
Step 1, public key is generated using rivest, shamir, adelman and be sent to server;
Step 2, the feedback of server is received;Wherein, the unique key that server first uses symmetric encipherment algorithm to generate, then Encrypted key is fed back into client after encrypting using received public key to the key;
Step 3, key is solved using the corresponding private key of public key, is sent to server using key encrypted authentication information and carries out Authentication;
Step 4, authenticating result and when authenticating result be successfully is received, issues to throw to shield to server and request;
Step 5, the throwing screen of the cloud mobile phone push forwarded after server is encrypted using symmetric encipherment algorithm is received by public network Content;Wherein, cloud mobile phone is not encrypted by the throwing screen content that private network is transmitted to server.
Embodiment 3
Referring to Fig. 3, the method that a kind of cloud mobile phone safe of embodiment of the present invention throws screen, this method comprises:
Step 1, server receives the public key that client is generated and sent using rivest, shamir, adelman;
Step 2, the unique key that server first uses symmetric encipherment algorithm to generate, recycles received public key to the key Encrypted key is fed back into client after being encrypted;
Step 3, server issues after receiving the key encrypted authentication information that client is solved using the corresponding private key of public key Authentication request;
Step 4, server sends authenticating result to client, and receives what client issued when authenticating result is successfully Throw screen request;
Step 5, server receives the throwing screen content not encrypted that cloud mobile phone is forwarded by private network, shields content use pair to throwing Client is sent to by public network after claiming Encryption Algorithm to encrypt and carries out throwing screen.
The network structure applied in the present embodiment please refers to Fig. 2.
In step 1, client utilizes including but not limited to RSA Algorithm, ECC algorithm, Diffie-Hellman algorithm, El After any one rivest, shamir, adelman in Gamal algorithm generates public key, the public key is sent to server.This sentences step 1 For RSA Algorithm, server receives unique RSA public key that client generates and sends.
In step 2, server using include but is not limited to DES algorithm, 3DES algorithm, Blowfish algorithm, RC4 algorithm, Any one symmetric encipherment algorithm in RC5 algorithm, RC6 algorithm and aes algorithm generates key and feeds back to client again, this is sentenced The symmetric encipherment algorithm that server uses is the unique key that server use is first generated using RC4 algorithm for RC4 algorithm, That is RC4 key feeds back to client after recycling received RSA public key to encrypt the RC4 key.
In step 3, server receives the authentication request that client is sent, wherein the authentication request is client with issuing The corresponding private key of RSA public key of server solves RC4 key, uses the authentication request of RC4 key encrypted authentication delivering.Mirror Power process introduces detailed in Example 1, and details are not described herein.
Step 4, server feedback is unsuccessful including authenticating successfully and authenticating to the authenticating result of client, and authenticating result can In a manner of being token, it is also possible to other modes.Server to client send authenticating result, and authenticating result be at The throwing screen request that client issues is received when function.
In step 5, the throwing screen content of cloud mobile phone is sent to client by server.It include herein two processes, one is Communication process in private network, the other is the communication process between public network.Server first requests the throwing screen of client not encrypt Mode be sent to cloud mobile phone, cloud mobile phone then equally pushes throwing screen content in a manner of not encrypting, due to server and Yun Shouji Between be to be communicated in private network, the communication between private network can be transmitted in a manner of not encrypting.Receiving the push of cloud mobile phone Throwing screen content after, server can be arranged different cipher modes and be then forwarded to client according to different throwing screen contents.
In a kind of situation, throwing screen content includes audio/video flow, then step 5 includes: that server receives cloud mobile phone and passes through private network Forwarding the throwing screen content not encrypted, to throw screen content encrypted using symmetric encipherment algorithm after by public network be sent to client into Row throws screen.Audio/video flow is that client is sent to after server is encrypted using symmetric encipherment algorithm, but due to audio/video flow File it is usually bigger, may influence to throw the efficiency that uses of screen if all encryptions, but do not encrypt, it is hidden to will appear safety Suffer from.So the audio/video frames of audio/video flow only encrypt the byte of preceding first threshold quantity.In present embodiment, first threshold quantity It can be 32 or 64, i.e. the audio/video frames of audio/video flow only encrypt preceding 32 or 64 bytes, and both efficiency and safety is achieved It takes into account.
In another situation, throwing screen content includes command information, then step 5 includes: that server reception cloud mobile phone passes through private The throwing screen content not encrypted for netting forwarding is sent to client by public network after screen content is encrypted using symmetric encipherment algorithm to throwing Carry out throwing screen.Command information is to be sent to client after server is encrypted using symmetric encipherment algorithm, since command information is logical Often bandwidth cost is influenced less, so server can be sent to client during entire throwing screen by public network and referred to Information is enabled to be set as whole encryptions.
It is authenticated in conclusion present embodiment is realized first with rivest, shamir, adelman, starts to throw screen after authenticating successfully, And cloud mobile phone is not encrypted by the throwing screen content that private network is transmitted to server, and server is sent to the throwing of client by public network Screen content is encrypted using symmetric encipherment algorithm, in this way, that is, ensure that safety, and part of links encryption realizes pair Efficiency is taken into account.
Embodiment 4
Embodiments of the present invention propose a kind of server, include one or more second processors, the on the server Two memories and one or more programs, mobile terminal and server are communicated to connect by public network, and server and cloud mobile phone are logical Cross private network communication connection, wherein one or more programs are stored in second memory, and are configured by one or more Second processor executes.Specifically, server executes the instruction of following methods in a manner of one or more programs:
Step 1, the public key that client is generated and sent using rivest, shamir, adelman is received;
Step 2, the unique key first generated using symmetric encipherment algorithm, recycles received public key to add the key Encrypted key is fed back into client after close;
Step 3, the authentication issued after the key encrypted authentication information that client is solved using the corresponding private key of public key is received Request;
Step 4, authenticating result is sent to client, and receives the throwing screen that client issues when authenticating result is successfully and asks It asks;
Step 5, the throwing screen content not encrypted that cloud mobile phone is forwarded by private network is received, uses symmetric cryptography to screen content is thrown Client is sent to by public network after algorithm for encryption and carries out throwing screen.
In the present invention, the second processor on first processor and server on mobile terminal can be identical processing Device is also possible to different processors, and the differentiation in name herein is the convenience for statement.Similarly, on mobile terminal Second memory on one memory and server can be identical memory, is also possible to different memories, orders herein Differentiation in name is the convenience for statement.I.e. term " first ", " second " are used for description purposes only, and should not be understood as indicating Or it implies relative importance or implicitly indicates the quantity of indicated technical characteristic." first ", " second " are defined as a result, Feature can explicitly or implicitly include one or more feature.In the description of embodiments of the present invention, The meaning of " plurality " is two or more, unless otherwise specifically defined.
In the description of embodiments of the present invention, it should be noted that unless otherwise clearly defined and limited, term " installation ", " connected ", " connection " shall be understood in a broad sense, for example, it may be fixedly connected, may be a detachable connection or one Connect to body;It can be mechanical connection, be also possible to be electrically connected or can mutually communicate;It can be directly connected, can also lead to It crosses intermediary to be indirectly connected, can be the connection inside two elements or the interaction relationship of two elements.For ability For the those of ordinary skill in domain, can understand as the case may be above-mentioned term in embodiments of the present invention specifically contain Justice.
Following disclosure provides many different embodiments or example is used to realize embodiments of the present invention not Same structure.In order to simplify the disclosure of embodiments of the present invention, hereinafter the component of specific examples and setting are described.When So, they are merely examples, and is not intended to limit the present invention.In addition, embodiments of the present invention can be in different examples Repeat reference numerals and/or reference letter in son, this repetition are for purposes of simplicity and clarity, itself not indicate to be begged for By the relationship between various embodiments and/or setting.In addition, the various specific techniques that embodiments of the present invention provide With the example of material, but those of ordinary skill in the art may be aware that the application of other techniques and/or other materials make With.
In the description of this specification, reference term " embodiment ", " some embodiments ", " schematically implementation The description of mode ", " example ", specific examples or " some examples " etc. means the tool described in conjunction with the embodiment or example Body characteristics, structure, material or feature are contained at least one embodiment or example of the invention.In the present specification, Schematic expression of the above terms are not necessarily referring to identical embodiment or example.Moreover, the specific features of description, knot Structure, material or feature can be combined in any suitable manner in any one or more embodiments or example.
Any process described otherwise above or method description are construed as in flow chart or herein, and expression includes It is one or more for realizing specific logical function or process the step of executable instruction code module, segment or portion Point, and the range of the preferred embodiment of the present invention includes other realization, wherein can not press shown or discussed suitable Sequence, including according to related function by it is basic simultaneously in the way of or in the opposite order, Lai Zhihang function, this should be of the invention Embodiment person of ordinary skill in the field understood.
Expression or logic and/or step described otherwise above herein in flow charts, for example, being considered use In the order list for the executable instruction for realizing logic function, may be embodied in any computer-readable medium, for Instruction execution system, device or equipment (such as computer based system, including the system of processing module or other can be from instruction Execute system, device or equipment instruction fetch and the system that executes instruction) use, or combine these instruction execution systems, device or Equipment and use.For the purpose of this specification, " computer-readable medium " can be it is any may include, store, communicating, propagating or Transfer program uses for instruction execution system, device or equipment or in conjunction with these instruction execution systems, device or equipment Device.The more specific example (non-exhaustive list) of computer-readable medium include the following: there are one or more wirings Electrical connection section (electronic device), portable computer diskette box (magnetic device), random access memory (RAM), read-only memory (ROM), erasable edit read-only storage (EPROM or flash memory), fiber device and portable optic disk is read-only deposits Reservoir (CDROM).In addition, computer-readable medium can even is that the paper that can print described program on it or other are suitable Medium, because can then be edited, be interpreted or when necessary with it for example by carrying out optical scanner to paper or other media His suitable method is handled electronically to obtain described program, is then stored in computer storage.
It should be appreciated that each section of embodiments of the present invention can be with hardware, software, firmware or their combination come real It is existing.In the above-described embodiment, multiple steps or method can be with storages in memory and by suitable instruction execution system The software or firmware of execution is realized.For example, if realized with hardware, in another embodiment, ability can be used Any one of following technology or their combination well known to domain is realized: being had for realizing logic function to data-signal The discrete logic of logic gates, the specific integrated circuit with suitable combinational logic gate circuit, programmable gate array (PGA), field programmable gate array (FPGA) etc..
Those skilled in the art are understood that realize all or part of step that above-described embodiment method carries It suddenly is that relevant hardware can be instructed to complete by program, the program can store in a kind of computer-readable storage medium In matter, which when being executed, includes the steps that one or a combination set of embodiment of the method.In addition, in each implementation of the invention Each functional unit in example can integrate in a processing module, is also possible to each unit and physically exists alone, can also be with Two or more units are integrated in a module.Above-mentioned integrated module both can take the form of hardware realization, It can be realized in the form of software function module.If the integrated module is realized and is made in the form of software function module It is independent product when selling or using, also can store in a computer readable storage medium.
Storage medium mentioned above can be read-only memory, disk or CD etc..
Although the embodiments of the present invention has been shown and described above, it is to be understood that above-described embodiment is example Property, it is not considered as limiting the invention, those skilled in the art within the scope of the invention can be to above-mentioned Embodiment is changed, modifies, replacement and variant.

Claims (10)

1. a kind of method that cloud mobile phone safe throws screen, which is characterized in that client and server is communicated to connect by public network, service Device and cloud mobile phone are communicated to connect by private network, this method comprises:
Step 1, public key is generated using rivest, shamir, adelman and be sent to server;
Step 2, the feedback of server is received;Wherein, the unique key that server first uses symmetric encipherment algorithm to generate recycles Encrypted key is fed back to client after encrypting to the key by received public key;
Step 3, key is solved using the corresponding private key of public key, is sent to server using key encrypted authentication information and reflects Power;
Step 4, authenticating result and when authenticating result be successfully is received, issues to throw to shield to server and request;
Step 5, the throwing screen content of the cloud mobile phone push forwarded after server is encrypted using symmetric encipherment algorithm is received by public network; Wherein, cloud mobile phone is not encrypted by the throwing screen content that private network is transmitted to server.
2. the method that cloud mobile phone safe as described in claim 1 throws screen, which is characterized in that throwing screen content includes audio/video flow, then Step 5 includes: the audio/video flow that the cloud mobile phone push forwarded after server is encrypted using symmetric encipherment algorithm is received by public network; Wherein, the byte of first threshold quantity before the audio/video frames of audio/video flow only encrypt.
3. the method that cloud mobile phone safe as described in claim 1 throws screen, which is characterized in that throwing screen content includes command information, then Step 5 includes: the command information that the cloud mobile phone push forwarded after server is encrypted using symmetric encipherment algorithm is received by public network; Wherein, command information all encrypts.
4. the method that cloud mobile phone safe as described in claim 1 throws screen, which is characterized in that rivest, shamir, adelman includes that RSA is calculated Method, ECC algorithm, Diffie-Hellman algorithm, any one in El Gamal algorithm;Symmetric encipherment algorithm includes that DES is calculated Any one in method, 3DES algorithm, Blowfish algorithm, RC4 algorithm, RC5 algorithm, RC6 algorithm and aes algorithm.
5. a kind of mobile terminal, which is characterized in that mobile terminal include one or more first processors, first memory, with And one or more programs, mobile terminal and server are communicated to connect by public network, server and cloud mobile phone are communicated by private network Connection, wherein one or more programs are stored in first memory, and are configured by one or more first processors It executes, program requires the instruction of the method for 1-4 any one cloud mobile phone safe throwing screen for perform claim.
6. a kind of method that cloud mobile phone safe throws screen, which is characterized in that client and server is communicated to connect by public network, service Device and cloud mobile phone are communicated to connect by private network, this method comprises:
Step 1, the public key that client is generated and sent using rivest, shamir, adelman is received;
Step 2, the unique key first generated using symmetric encipherment algorithm, after recycling received public key to encrypt the key Encrypted key is fed back into client;
Step 3, the authentication request issued after the key encrypted authentication information that client is solved using the corresponding private key of public key is received;
Step 4, authenticating result is sent to client, and receives the throwing screen that client issues when authenticating result is successfully and requests;
Step 5, the throwing screen content not encrypted that cloud mobile phone is forwarded by private network is received, uses symmetric encipherment algorithm to screen content is thrown Client is sent to by public network after encryption and carries out throwing screen.
7. the method that cloud mobile phone safe as claimed in claim 6 throws screen, which is characterized in that throwing screen content includes audio/video flow, then Step 5 includes: the throwing screen content not encrypted for receiving cloud mobile phone and being forwarded by private network, uses symmetric encipherment algorithm to screen content is thrown Client is sent to by public network after encryption and carries out throwing screen;Wherein, first threshold number before the audio/video frames of audio/video flow only encrypt The byte of amount.
8. the method that cloud mobile phone safe as claimed in claim 6 throws screen, which is characterized in that throwing screen content includes command information, then Step 5 includes: the throwing screen content not encrypted for receiving cloud mobile phone and being forwarded by private network, uses symmetric encipherment algorithm to screen content is thrown Client is sent to by public network after encryption and carries out throwing screen;Wherein, command information all encrypts.
9. the method that cloud mobile phone safe as claimed in claim 6 throws screen, which is characterized in that rivest, shamir, adelman includes that RSA is calculated Method, ECC algorithm, Diffie-Hellman algorithm, any one in El Gamal algorithm;Symmetric encipherment algorithm includes that DES is calculated Any one in method, 3DES algorithm, Blowfish algorithm, RC4 algorithm, RC5 algorithm, RC6 algorithm and aes algorithm.
10. a kind of server, which is characterized in that include on server one or more second processors, second memory and One or more programs, mobile terminal and server are communicated to connect by public network, and server and cloud mobile phone pass through private network communication link It connects, wherein one or more programs are stored in second memory, and are configured to be held by one or more second processors Row, program require the instruction of the method for 6-9 any one cloud mobile phone safe throwing screen for perform claim.
CN201811583169.9A 2018-12-24 2018-12-24 Cloud mobile phone safe throws method, mobile terminal and the server of screen Pending CN109639697A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811583169.9A CN109639697A (en) 2018-12-24 2018-12-24 Cloud mobile phone safe throws method, mobile terminal and the server of screen

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811583169.9A CN109639697A (en) 2018-12-24 2018-12-24 Cloud mobile phone safe throws method, mobile terminal and the server of screen

Publications (1)

Publication Number Publication Date
CN109639697A true CN109639697A (en) 2019-04-16

Family

ID=66076922

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811583169.9A Pending CN109639697A (en) 2018-12-24 2018-12-24 Cloud mobile phone safe throws method, mobile terminal and the server of screen

Country Status (1)

Country Link
CN (1) CN109639697A (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110795740A (en) * 2019-09-29 2020-02-14 深圳市火乐科技发展有限公司 Starting method and related device
CN111225054A (en) * 2020-01-06 2020-06-02 北京云派网络科技有限公司 Method and system for designing automatic operation program of cloud mobile phone
CN112003881A (en) * 2020-10-28 2020-11-27 湖南天琛信息科技有限公司 Safety cloud mobile phone system based on private cloud
CN112312187A (en) * 2019-07-31 2021-02-02 腾讯科技(深圳)有限公司 Method, device and equipment for screen projection playing of video and storage medium
CN112422488A (en) * 2019-08-23 2021-02-26 钉钉控股(开曼)有限公司 Screen projection method and device
CN112468859A (en) * 2020-11-30 2021-03-09 深圳乐播科技有限公司 Screen-casting service publishing method and device and storage medium
CN112511892A (en) * 2020-11-12 2021-03-16 Oppo广东移动通信有限公司 Screen sharing method, device, server and storage medium
CN114205149A (en) * 2021-12-06 2022-03-18 华云数据(厦门)网络有限公司 Network communication method and device
CN114422808A (en) * 2022-01-07 2022-04-29 北京百度网讯科技有限公司 Cloud mobile phone interaction method and device, electronic equipment and storage medium
CN114465976A (en) * 2022-01-28 2022-05-10 深圳快银付信息科技有限公司 Message distribution and aggregation method and device
CN115460190A (en) * 2022-09-28 2022-12-09 上海浦东发展银行股份有限公司 Communication method based on WebRTC mobile terminal network
CN115460190B (en) * 2022-09-28 2024-05-24 上海浦东发展银行股份有限公司 Communication method based on WebRTC mobile terminal network

Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040260927A1 (en) * 2003-06-20 2004-12-23 Grobman Steven L. Remote data storage validation
CN102377775A (en) * 2011-10-14 2012-03-14 深圳市京华科讯科技有限公司 Adaptive transmission protocol stack and processing method and system thereof
CN102546601A (en) * 2011-12-19 2012-07-04 广州杰赛科技股份有限公司 Auxiliary device of cloud computing terminal for accessing virtual machine
CN102611742A (en) * 2012-02-20 2012-07-25 苏州吉浦迅科技有限公司 Virtual desktop cloud system for realizing network copyright protection
CN102811219A (en) * 2012-07-26 2012-12-05 浪潮电子信息产业股份有限公司 Method for remotely accessing desktop of computer in intranet across network segments in cluster system
CN102857520A (en) * 2012-10-11 2013-01-02 德讯科技股份有限公司 Telnet protocol security access system and method for character terminal
CN103237061A (en) * 2013-04-07 2013-08-07 德讯科技股份有限公司 Character terminal RLOGIN protocol security access system and method
CN103313237A (en) * 2013-04-19 2013-09-18 无锡成电科大科技发展有限公司 Method and system for interaction between mobile cloud terminal and cloud server
CN103944890A (en) * 2014-04-08 2014-07-23 山东乾云启创信息科技有限公司 Virtual interaction system and method based on client/server mode
CN104125243A (en) * 2013-04-23 2014-10-29 浙江大学 Method of penetrating internal network to remotely connect large-scale virtual machines
CN104639516A (en) * 2013-11-13 2015-05-20 华为技术有限公司 Method, equipment and system for authenticating identities
CN104753930A (en) * 2015-03-17 2015-07-01 成都盛思睿信息技术有限公司 Cloud desktop management system based on security gateway and security access control method thereof
CN104811455A (en) * 2015-05-18 2015-07-29 成都卫士通信息产业股份有限公司 Cloud computing identity authentication method
CN105187362A (en) * 2014-06-23 2015-12-23 中兴通讯股份有限公司 Method and device for connection authentication between desktop cloud client and server-side
CN105282258A (en) * 2015-11-10 2016-01-27 福建星网视易信息系统有限公司 Method and system for controlling remote desktop
CN107483388A (en) * 2016-06-08 2017-12-15 深圳市斑点猫信息技术有限公司 A kind of safety communicating method and its terminal and high in the clouds

Patent Citations (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040260927A1 (en) * 2003-06-20 2004-12-23 Grobman Steven L. Remote data storage validation
CN102377775A (en) * 2011-10-14 2012-03-14 深圳市京华科讯科技有限公司 Adaptive transmission protocol stack and processing method and system thereof
CN102546601A (en) * 2011-12-19 2012-07-04 广州杰赛科技股份有限公司 Auxiliary device of cloud computing terminal for accessing virtual machine
CN102611742A (en) * 2012-02-20 2012-07-25 苏州吉浦迅科技有限公司 Virtual desktop cloud system for realizing network copyright protection
CN102811219A (en) * 2012-07-26 2012-12-05 浪潮电子信息产业股份有限公司 Method for remotely accessing desktop of computer in intranet across network segments in cluster system
CN102857520A (en) * 2012-10-11 2013-01-02 德讯科技股份有限公司 Telnet protocol security access system and method for character terminal
CN103237061A (en) * 2013-04-07 2013-08-07 德讯科技股份有限公司 Character terminal RLOGIN protocol security access system and method
CN103313237A (en) * 2013-04-19 2013-09-18 无锡成电科大科技发展有限公司 Method and system for interaction between mobile cloud terminal and cloud server
CN104125243A (en) * 2013-04-23 2014-10-29 浙江大学 Method of penetrating internal network to remotely connect large-scale virtual machines
CN104639516A (en) * 2013-11-13 2015-05-20 华为技术有限公司 Method, equipment and system for authenticating identities
CN103944890A (en) * 2014-04-08 2014-07-23 山东乾云启创信息科技有限公司 Virtual interaction system and method based on client/server mode
CN105187362A (en) * 2014-06-23 2015-12-23 中兴通讯股份有限公司 Method and device for connection authentication between desktop cloud client and server-side
CN104753930A (en) * 2015-03-17 2015-07-01 成都盛思睿信息技术有限公司 Cloud desktop management system based on security gateway and security access control method thereof
CN104811455A (en) * 2015-05-18 2015-07-29 成都卫士通信息产业股份有限公司 Cloud computing identity authentication method
CN105282258A (en) * 2015-11-10 2016-01-27 福建星网视易信息系统有限公司 Method and system for controlling remote desktop
CN107483388A (en) * 2016-06-08 2017-12-15 深圳市斑点猫信息技术有限公司 A kind of safety communicating method and its terminal and high in the clouds

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
禹思敏: "《信息论、编码及应用》", 31 March 2012, 西安电子科技大学出版社 *

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112312187A (en) * 2019-07-31 2021-02-02 腾讯科技(深圳)有限公司 Method, device and equipment for screen projection playing of video and storage medium
CN112422488A (en) * 2019-08-23 2021-02-26 钉钉控股(开曼)有限公司 Screen projection method and device
CN110795740A (en) * 2019-09-29 2020-02-14 深圳市火乐科技发展有限公司 Starting method and related device
CN111225054A (en) * 2020-01-06 2020-06-02 北京云派网络科技有限公司 Method and system for designing automatic operation program of cloud mobile phone
CN112003881A (en) * 2020-10-28 2020-11-27 湖南天琛信息科技有限公司 Safety cloud mobile phone system based on private cloud
CN112511892A (en) * 2020-11-12 2021-03-16 Oppo广东移动通信有限公司 Screen sharing method, device, server and storage medium
CN112468859A (en) * 2020-11-30 2021-03-09 深圳乐播科技有限公司 Screen-casting service publishing method and device and storage medium
CN114205149A (en) * 2021-12-06 2022-03-18 华云数据(厦门)网络有限公司 Network communication method and device
CN114422808A (en) * 2022-01-07 2022-04-29 北京百度网讯科技有限公司 Cloud mobile phone interaction method and device, electronic equipment and storage medium
CN114465976A (en) * 2022-01-28 2022-05-10 深圳快银付信息科技有限公司 Message distribution and aggregation method and device
CN115460190A (en) * 2022-09-28 2022-12-09 上海浦东发展银行股份有限公司 Communication method based on WebRTC mobile terminal network
CN115460190B (en) * 2022-09-28 2024-05-24 上海浦东发展银行股份有限公司 Communication method based on WebRTC mobile terminal network

Similar Documents

Publication Publication Date Title
CN109639697A (en) Cloud mobile phone safe throws method, mobile terminal and the server of screen
US11271730B2 (en) Systems and methods for deployment, management and use of dynamic cipher key systems
CN109088889B (en) SSL encryption and decryption method, system and computer readable storage medium
CN106161402B (en) Encryption equipment key injected system, method and device based on cloud environment
US9852300B2 (en) Secure audit logging
CN104917741B (en) A kind of plain text document public network secure transmission system based on USBKEY
US9137017B2 (en) Key recovery mechanism
EP2954448B1 (en) Provisioning sensitive data into third party network-enabled devices
CN111737366B (en) Private data processing method, device, equipment and storage medium of block chain
CN109347835A (en) Information transferring method, client, server and computer readable storage medium
US20170201382A1 (en) Secure Endpoint Devices
CN106790090A (en) Communication means, apparatus and system based on SSL
CN105072125B (en) A kind of http communication system and method
CN105610845B (en) A kind of data routing method based on cloud service, apparatus and system
US20140195804A1 (en) Techniques for secure data exchange
US20200320178A1 (en) Digital rights management authorization token pairing
CN104639516A (en) Method, equipment and system for authenticating identities
US9614669B1 (en) Secure network communications using hardware security barriers
CN111770088A (en) Data authentication method, device, electronic equipment and computer readable storage medium
CN108809633B (en) Identity authentication method, device and system
CN112400299B (en) Data interaction method and related equipment
CN102984273B (en) Encryption method, decryption method, encryption device and decryption device of virtual disk and cloud server
CN113411187B (en) Identity authentication method and system, storage medium and processor
CN109379345B (en) Sensitive information transmission method and system
CN111756530B (en) Quantum service mobile engine system, network architecture and related equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190416

RJ01 Rejection of invention patent application after publication