WO2020132978A1 - Procédé, appareil et système de communication chiffrée, et support de stockage informatique - Google Patents

Procédé, appareil et système de communication chiffrée, et support de stockage informatique Download PDF

Info

Publication number
WO2020132978A1
WO2020132978A1 PCT/CN2018/124015 CN2018124015W WO2020132978A1 WO 2020132978 A1 WO2020132978 A1 WO 2020132978A1 CN 2018124015 W CN2018124015 W CN 2018124015W WO 2020132978 A1 WO2020132978 A1 WO 2020132978A1
Authority
WO
WIPO (PCT)
Prior art keywords
encrypted
rtk
rtk device
security server
authentication certificate
Prior art date
Application number
PCT/CN2018/124015
Other languages
English (en)
Chinese (zh)
Inventor
高阳
张海
Original Assignee
深圳市大疆创新科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 深圳市大疆创新科技有限公司 filed Critical 深圳市大疆创新科技有限公司
Priority to PCT/CN2018/124015 priority Critical patent/WO2020132978A1/fr
Priority to CN201880071010.0A priority patent/CN111406390A/zh
Publication of WO2020132978A1 publication Critical patent/WO2020132978A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer

Definitions

  • the present application belongs to the field of communication, and in particular relates to an encrypted communication method, device, system, and computer-readable storage medium.
  • a real-time dynamic positioning (RealKinemati, RTK) device and a continuously running reference station (Continuously Operating Reference Stations, CORS) establish an encrypted communication chain based on the Secure Socket Layer (SSL) Then, the CORS station can deliver encrypted RTCM (RadioTechnical Commission for Maritime) data to the RTK device, so that the RTK device can use the RTCM data for positioning. So as to ensure the transmission security of the RTCM data.
  • RTCM RadioTechnical Commission for Maritime
  • RTK equipment can be forged to establish a communication connection with a CORS station to steal information such as RTCM data.
  • the purpose of this application is to provide an encrypted communication method to ensure that only real RTK equipment can establish a communication security certification.
  • the present application provides an encrypted communication method, which is applied to a drone's RTK equipment; the encrypted communication method includes:
  • the identifier of the RTK device Acquiring the identifier of the RTK device from the RTK device, the identifier including the serial number SN of the RTK device and/or the ephemeris data of the RTK device;
  • the encrypted information including an authentication certificate encrypted based on the identifier
  • the present application provides an encrypted communication method, which is applied to a drone's RTK equipment; the encrypted communication method includes:
  • the RTK device receives encrypted information generated by a security server, and the encrypted information includes an authentication certificate encrypted based on the identifier of the RTK device, and the identifier includes the serial number SN of the RTK device and/or the RTK device’s Ephemeris data
  • the RTK device uses the ID of the RTK device to generate a key for decrypting the encrypted information
  • the RTK device uses the generated key to decrypt the authentication certificate from the encrypted information
  • the RTK device uses the authentication certificate to establish communication with the security server.
  • the present application provides an encrypted communication method, which is applied to a drone's RTK equipment; the encrypted communication method includes:
  • the security server receives the request carrying the identifier of the RTK device, the identifier including the serial number SN of the RTK device and/or the ephemeris data of the RTK device;
  • the security server generates an authentication certificate
  • the security server encrypts the authentication certificate based on the identification
  • the security server feeds back encrypted information carrying the encrypted authentication certificate.
  • the present application provides an encrypted communication device, which is applied to a drone's RTK equipment.
  • the encrypted communication device includes:
  • An obtaining unit configured to obtain an identifier of the RTK device from the RTK device, the identifier including a serial number SN of the RTK device and/or ephemeris data of the RTK device;
  • a receiving unit configured to receive encrypted information fed back by the security server, where the encrypted information includes an authentication certificate encrypted based on the identifier;
  • the sending unit sends the encrypted information to the RTK device.
  • the present application provides an encrypted communication device, which is applied to a drone's RTK equipment; the encrypted communication device includes:
  • a receiving unit configured to receive encrypted information generated by a security server, the encrypted information including an authentication certificate encrypted based on an identifier of the RTK device, the identifier including the serial number SN of the RTK device and/or the RTK device Ephemeris data;
  • a using unit for generating a key for decrypting the encrypted information using the identifier of the RTK device, decrypting the authentication certificate from the encrypted information using the generated key, and establishing and using the authentication certificate The communication of the security server.
  • the present application provides an encrypted communication device, which is applied to a drone's RTK equipment; the encrypted communication device includes:
  • a receiving unit configured to receive a request carrying an identifier of the RTK device, the identifier including the serial number SN of the RTK device and/or ephemeris data of the RTK device;
  • Generating unit used to generate authentication certificate
  • the feedback unit is used for feeding back encrypted information carrying the encrypted authentication certificate.
  • the present application provides an encrypted communication system.
  • the encrypted communication system includes: an RTK device, a security server, and a parameter adjustment device;
  • the parameter adjustment device is used to obtain the identification of the RTK device from the RTK device, use the identification to request an authentication certificate from a security server, receive the encrypted information fed back by the security server, and send the RTK device the said Encrypted information, the encrypted information including an authentication certificate encrypted based on the identifier, the identifier including the serial number SN of the RTK device and/or ephemeris data of the RTK device;
  • the security server is configured to receive a request carrying an ID of the RTK device from the assistant device, generate an authentication certificate, encrypt the authentication certificate based on the identifier, and feed back the encrypted device with the encrypted Encrypted information of authentication certificate;
  • the RTK device is configured to receive encrypted information generated by the security server from the assistant device, and the encrypted information includes an authentication certificate encrypted based on the identifier of the RTK device;
  • the RTK device is also used to generate a key for decrypting the encrypted information using the ID of the RTK device, use the generated key to decrypt the authentication certificate from the encrypted information, and use the authentication
  • the certificate establishes communication with the security server.
  • the present application provides a parameter adjustment device, including a processor and a memory; the memory stores computer instructions; and the processor executes the computer instructions in the memory, so that the encryption communication method provided in the first aspect of the parameter adjustment device.
  • the present application provides an RTK device, including a processor and a memory; the memory stores computer instructions; the processor executes the computer instructions in the memory, so that the RTK device performs the encrypted communication method provided in the second aspect.
  • the present application provides a security server, including a processor and a memory; the memory stores computer instructions; the processor executes the computer instructions in the memory, so that the security server executes the encrypted communication method provided in the third aspect.
  • the present application provides a computer-readable storage medium that stores computer instructions that instruct the assistant device to perform the encrypted communication method provided in the first aspect.
  • the present application provides a computer-readable storage medium that stores computer instructions that instruct an RTK device to perform the encrypted communication method provided in the second aspect.
  • the present application provides a computer-readable storage medium that stores computer instructions that instruct a security server to perform the encrypted communication method provided in the third aspect.
  • the security server encrypts the authentication certificate using the identifier of the RTK device, and the identifier includes the serial number SN of the RTK device and/or the ephemeris data of the RTK device.
  • the identifier includes the serial number SN of the RTK device and/or the ephemeris data of the RTK device.
  • only a real RTK device with this identification can use the local identification to generate the correct key, which can be used to decrypt the authentication certificate. Therefore, the real RTK device can use the authentication certificate to pass the security authentication of the security server and establish communication with the security server.
  • FIG. 1 is an example diagram of an application scenario of a drone provided by an embodiment of the present application
  • FIG. 2 is a flowchart of a system interaction of an encrypted communication system provided by an embodiment of the present application
  • FIG. 3 is a flowchart of an encryption communication method provided for a parameter adjustment device 102 according to an embodiment of the present application
  • FIG. 4 is a flowchart of an encrypted communication method for the security server 103 provided by an embodiment of the present application.
  • FIG. 5 is a flowchart of an encrypted communication method provided for an RTK device 101 provided by an embodiment of the present application
  • FIG. 6 is a schematic structural diagram of an encrypted communication device 60 provided by an embodiment of the present application.
  • FIG. 7 is a schematic structural diagram of an encrypted communication device 70 provided by an embodiment of the present application.
  • FIG. 8 is a schematic structural diagram of an encrypted communication device 80 provided by an embodiment of the present application.
  • FIG. 9 is a schematic structural diagram of a parameter adjustment device 102 provided by an embodiment of the present application.
  • FIG. 10 is a schematic structural diagram of a security server 103 provided by an embodiment of the present application.
  • FIG. 11 is a schematic structural diagram of an RTK device 101 provided by an embodiment of the present application.
  • FIG. 1 provides an example of an application scenario of a drone provided by this application.
  • the RTK device 101 and the assistant device 102 have established a communication connection.
  • the RTK device 101 and the assistant device 102 may be an encrypted communication connection, or may be a non-encrypted communication connection.
  • the security server 103 and the assistant device 102 have established a communication connection.
  • the security server 103 and the assistant device 102 may be an encrypted communication connection, or may be a non-encrypted communication connection.
  • the assistant device 102 may be integrated into the security server 103. Or, the assistant device 102 is independently deployed outside the security server 103.
  • the security server 103 may be a CORS station.
  • the security server 103 is used to perform security authentication on the RTK device 101 and establish an encrypted communication connection with the RTK device 101.
  • the assistant device 102 serves as an intermediary between the security server 103 and the RTK device 101, so that the RTK device 101 can obtain the authentication certificate and/or key generated by the security server 103 according to the identifier of the RTK device 101, the identifier including the RTK Serial number (SN) of the device and/or ephemeris data of the RTK device.
  • the authentication certificate and/or key is used by the RTK device 101 to request the security server 103 to establish an encrypted communication connection, for example, to establish an SSL-based communication connection.
  • RTK equipment 101 can be used to manage drones. Subsequent drone remote controllers can plan the flight path of the drone based on the hit data generated by the RTK device 101.
  • FIG. 2 Based on the system of FIG. 1, an embodiment of system interaction is provided, as shown in FIG. 2.
  • step S31 the assistant device 102 obtains the identifier of the RTK device 101.
  • the identifier of the RTK device 101 includes: a serial number (SN) of the RTK device 101 and/or ephemeris data of the RTK device 101.
  • the ephemeris data of the RTK device 101 refers to the ephemeris data received by the RTK device 101 from the Global Navigation Satellite System (Global Navigation Satellite System, GNSS).
  • GNSS Global Navigation Satellite System
  • the assistant device 102 directly accesses the RTK device 101, and acquires the RTK device 101 identifier from the RTK device 101.
  • the RTK device 101 directly sends the identifier of the RTK device 101 to the assistant device 102.
  • step S32 the assistant device 102 uses the ID of the RTK device 101 to request an authentication certificate from the security server 103.
  • the assistant device 102 sends a request to the security server 103, the request carries the identifier of the RTK device 101, and the request is specifically used to request the security server 103 for an authentication certificate.
  • step S33 the security server 103 generates an authentication certificate.
  • the security server 103 In response to the request sent by the assistant device 102, the security server 103 generates an authentication certificate for performing security authentication on the RTK device 101. With this authentication certificate, the RTK device 101 can request to establish a communication connection with the security server 103.
  • the security server 103 uses the ID of the RTK device 101 to generate a key.
  • the RTK device 101 may request to establish an encrypted communication connection with the security server 103, for example, establish an encrypted communication connection based on SSL.
  • each RTK device 101 has a unique identification. Therefore, the keys generated based on the identifications of different RTK devices 101 are also different and unique. In contrast, the fake RTK device does not have an identification, and therefore does not have a key corresponding to the identification, so that it is impossible to establish an encrypted communication connection with the security server 103.
  • each RTK device 101 has a unique SN. Therefore, the keys generated based on the SNs of different RTK devices 101 are also different and unique.
  • a fake RTK device does not have an SN, and therefore does not have a key corresponding to the SN, so that an encrypted communication connection with the security server 103 cannot be established.
  • step S34 the security server 103 encrypts the authentication certificate based on the identification.
  • the security server 103 has an encryption algorithm, and this application does not limit which encryption algorithm is specifically used for encryption.
  • the encryption algorithm is a symmetric encryption algorithm.
  • the symmetric encryption algorithm can be Data Encryption Standard (DES), Triple Data Encryption Algorithm (Triple Data Encryption Algorithm, TDEA), or Advanced Encryption Standard (Advanced Encryption Standard, AES).
  • DES Data Encryption Standard
  • TDEA Triple Data Encryption Algorithm
  • AES Advanced Encryption Standard
  • calculate the hash value of the SN of the RTK device convert the calculated hash value into the first binary number of M bits; calculate the hash value of the ephemeris data of the RTK device, and calculate the hash The value is converted to a second binary number of M bits, where M is a positive integer.
  • the process of encrypting the authentication certificate is as follows: first divide the authentication certificate into N data fragments according to M bits; then perform the exclusive OR operation on the N data fragments and the first binary number; and then the N pieces after the exclusive OR operation The data fragments are ORed with the second binary number to obtain the encrypted certificate.
  • N is a positive integer.
  • the encryption algorithm is an asymmetric encryption algorithm.
  • the asymmetric encryption algorithm may be the RSA algorithm, or may be the DSA (Digital Signature Algorithm) algorithm, or the elliptic curve cryptography (Elliptic curve cryptography, ECC) algorithm.
  • the security server 103 uses the encryption algorithm to encrypt the authentication certificate based on the identification of the RTK device 101.
  • the identifier of the RTK device 101 is used as a parameter of an asymmetric encryption algorithm, and the asymmetric encryption algorithm is used to generate a key pair, and the key pair includes a public key and a private key. It should be understood that the public key and the private key are a pair.
  • the RTK device 101 needs to generate the private key corresponding to the public key based on the identifier, because only the Only the private key corresponding to the public key can decrypt the authentication certificate; if the private key is used to encrypt the authentication certificate, the RTK device 101 needs to generate the public key corresponding to the private key based on the identifier, because only the Only the public key corresponding to the private key can decrypt the authentication certificate.
  • the security server 103 still uses the encryption algorithm to encrypt the key based on the identifier of the RTK device 101.
  • the security server 103 may simultaneously encrypt the key and the authentication certificate used to establish encrypted communication. Alternatively, the security server 103 may separately encrypt the key and the authentication certificate used to establish the encrypted communication.
  • the security server 103 generates encrypted information carrying an encrypted authentication certificate.
  • the security server 103 also carries the encrypted key used to establish encrypted communication in the encrypted information.
  • step S35 the security server 103 feeds back the encrypted information carrying the encrypted authentication certificate to the assistant device 102.
  • the security server 103 sends the encrypted information to the assistant device 102.
  • the encrypted information carries an encrypted authentication certificate.
  • the encrypted information carries both the encrypted key used to establish encrypted communication and the authentication certificate.
  • step S36 the assistant device 102 sends the encrypted information to the RTK device 101.
  • the encrypted information carries an encrypted authentication certificate.
  • the encrypted information carries both the encrypted key used to establish encrypted communication and the authentication certificate.
  • the RTK device 101 stores this encrypted information.
  • step S37 the RTK device 101 uses the ID of the RTK device 101 to generate a key for decrypting the encrypted information.
  • step S31 and the identifier described in step S37 are the same identifier. That is, the identifier used to generate the decryption key in step S37 is the same as the identifier acquired by the assistant device 102 in step S31.
  • the RTK device 101 acquires the ID of the RTK device, performs legality verification on the acquired ID, and uses the ID of the RTK device to generate a key for decrypting the encrypted information after the legality verification is passed.
  • the ID of the RTK device 101 is first obtained from a loader (such as a bootloader). Then, the legality verification is performed on the obtained identification. After the verification of the legality is passed, the identification can be used to generate a key for decrypting the encrypted information. If the legality verification fails, no processing is required.
  • the ID of the RTK device 101 passes the legality verification, the ID is used to generate a key for decrypting the encrypted information, and the generated key is stored in the storage module SPRAM to facilitate subsequent use of the key.
  • step S38 the RTK device 101 decrypts the authentication certificate from the encrypted information using the generated key.
  • calculate the hash value of the SN of the RTK device convert the calculated hash value into the first binary number of M bits; calculate the hash value of the ephemeris data of the RTK device, and calculate the hash
  • the value is converted to a second binary number of M bits, where M is a positive integer.
  • the first binary number and the second binary number are the keys used to decrypt the encrypted information.
  • the process of decrypting the authentication certificate is as follows: first divide the encrypted information into Q data fragments according to M bits; and then perform an OR operation on the Q data fragments and the second binary number; and then perform the XOR operation on the Q Each piece of data is XORed with the first binary number to obtain the decrypted information.
  • the decrypted information includes the authentication certificate in plain text, and the decrypted information may also include a key used to establish encrypted communication.
  • Q is a positive integer.
  • step S39 the RTK device 101 uses the authentication certificate to establish communication with the security server 103.
  • the RTK device 101 may generate a decryption key according to the identifier of the RTK device 101, and use the key to decrypt the authentication certificate from the encrypted information. In this way, the RTK device 101 can use the authentication certificate to establish a legal communication connection with the security server 103.
  • the RTK device 101 uses the key for decryption generated according to the identifier of the RTK device 101 to decrypt the key and the authentication certificate for establishing encrypted communication from the encrypted information.
  • the RTK device 101 can use the authentication certificate to establish an encrypted communication connection with the security server 103, for example, to establish an encrypted communication connection based on SSL.
  • the security server 103 is a continuously running reference station (Continuously Operating Reference Stations, CORS).
  • CORS can send the encrypted RTCM data to the RTK device 101.
  • the RTCM data carries global navigation satellite system (Global Navigation Satellite System, GNSS) differential data, and the GNSS differential data can also be replaced with differential global positioning system (Differential Global Positioning System, DGPS) differential data; that is, the RTCM data carries GNSS differential Data or DGPS differential data.
  • GNSS Global Navigation Satellite System
  • DGPS differential global positioning system
  • the following uses the data format of the RTCM SC-104 protocol as an example.
  • the basic frame format of RTCM data consists of a variable number of 30-bit words, with 25 to 30 bits of each word being parity bits.
  • the first two words of each frame are called headers.
  • the contents of the header are as follows:
  • the guide word can be composed of a fixed sequence of 01100110, which is used for user search synchronization.
  • Frame identification used to identify the type of message.
  • the base station identification (base station ID) records the serial number of the base station.
  • the serial number is increased by each frame and is used to verify frame synchronization.
  • the frame length indicates the number of words in this frame except for the header, which also identifies the end position of this frame.
  • the health status of the base station indicates whether the base station is working properly and whether the transmission of the base station is monitored.
  • the payload is used to record GNSS differential data or DGPS differential data.
  • DGPS differential data record "scale factor”, “UDRE”, “satellite identification”, “pseudorange and its rate of change correction value” and "data period number”.
  • GNSS differential data is similar to DGPS differential data records.
  • the decryption algorithm is exemplified by the data format of the RTCM SC-104 protocol.
  • the first step in decryption is byte scanning. Specifically, in RTCM data, usually only the lower 6 bits are valid bits, the 7 and 8 bits are padding bits, the 7 position is "1", and the 8 position is "0". Therefore, the received byte value is only valid between 64 and 127, otherwise it will be deleted.
  • the second step of decryption byte rolling.
  • UART Universal Asynchronous Receiver/Transmitter
  • priority is given to sending or receiving low-level data.
  • the lower 6 bits of the received RTCM byte must be byte-rolled, but both 7 and 8 Bit does not participate in scrolling.
  • the bytes are complemented. Specifically, after processing 5 consecutive RTCM bytes according to the above steps, the lower 6 bits of each byte are connected to obtain a complete RTCM word. Similar to the GPS navigation message, if the last bit of the previous word d30 is 1, the first 24 bits d1 to d24 of the current word need to be complemented; if d30 is 0, the current word remains unchanged.
  • the fourth step of decryption byte page jumping.
  • page jump processing is adopted.
  • the message is synchronized.
  • the start of each frame is the leading word 01100110, first find the sequence in the data string, and then perform parity check. If the parity check passes, the decoding starts. If it can be decoded correctly, the pilot word is considered correct and the message synchronization is completed; if it cannot be decoded correctly, the pilot word needs to be searched again.
  • the sixth step of decryption, parity is to calculate a new parity bit according to the received RTCM data, and compare it with the currently received parity bit. If the two are consistent, the verification is passed; if the two are not consistent, the verification is not passed, and the pilot word must be searched again for synchronization.
  • the GNSS differential data or DGPS differential data carried in the RTCM data can be decrypted from the RTCM data.
  • the GNSS differential data or DGPS differential data can be used to perform operations such as hand-held hitting on the UAV.
  • the present application provides an encrypted communication system, as shown in FIG. 1.
  • the encrypted communication system includes: an RTK device 101, a security server 103, and a parameter adjustment device 102.
  • the RTK device 101, the security server 103, and the assistant device 102 each have a function of executing the steps in the above-mentioned system interaction embodiment.
  • the following provides an example of functions of the RTK device 101, the security server 103, and the assistant device 102.
  • the assistant device 102 is used to obtain the identifier of the RTK device 101 from the RTK device 101, use the identifier to request an authentication certificate from the security server 103, receive the encrypted information fed back by the security server 103, and send the RTK device 101 Send the encrypted information, the encrypted information including an authentication certificate encrypted based on the identifier.
  • the security server 103 is configured to receive a request carrying the identifier of the RTK device 101 from the assistant device 102, generate an authentication certificate, encrypt the authentication certificate based on the identifier, and feed back to the assistant device 102 Encrypted information of encrypted authentication certificate.
  • the RTK device 101 is configured to receive the encrypted information generated by the security server 103 from the assistant device 102, and the encrypted information includes an authentication certificate encrypted based on the identifier of the RTK device 101.
  • the RTK device 101 is also used to generate a key for decrypting the encrypted information using the ID of the RTK device 101, use the generated key to decrypt the authentication certificate from the encrypted information, and use the authentication
  • the certificate establishes communication with the security server 103.
  • the RTK device 101 is configured to decrypt the key used to establish communication with the security server 103 from the encrypted information using the generated key, and the encrypted information further includes encryption based on the identifier Key.
  • the RTK device 101 is configured to use the authentication certificate and the decrypted key to establish an encrypted communication with the security server 103 based on a secure socket layer SSL.
  • the RTK device 101 is used to obtain the ID of the RTK device 101, verify the validity of the obtained ID, and use the ID of the RTK device 101 to generate the decryption after the validity verification is passed The key to encrypt information.
  • the security server 103 is configured to generate a key corresponding to the authentication certificate, encrypt the key corresponding to the authentication certificate based on the identifier, and carry the encrypted key in the encrypted information .
  • the security server 103 is configured to calculate the hash value of the SN of the RTK device 101, convert the calculated hash value into an M-bit first binary number, and M is a positive integer; calculate the The hash value of the ephemeris data of the RTK device 101 converts the calculated hash value into an M-bit second binary number; divides the authentication certificate into N data fragments according to M bits, and divides the N Each data segment performs an XOR operation with the first binary number, and performs an OR operation on the N data segments subjected to the XOR operation with the second binary number to obtain the encrypted authentication Certificate, N is a positive integer.
  • the security server 10 uses the first binary number and the second binary number to encrypt the key used to establish communication with the security server 103 in a similar manner.
  • the RTK device 101 is used to calculate the hash value of the SN of the RTK device 101, and convert the calculated hash value into an M-bit first binary number; calculate the ephemeris data of the RTK device 101 Hence, the calculated hash value is converted into an M-bit second binary number, and the first binary number and the second binary number are keys used to decrypt the encrypted information.
  • the RTK device 101 is used to decrypt the authentication certificate, including: dividing the encrypted information into Q data fragments according to M bits, and performing an OR operation on the Q data fragments and the second binary number, respectively, and performing an exclusive OR operation Q pieces of data are XORed with the first binary number to obtain the decrypted information, Q is a positive integer.
  • the decrypted information includes the authentication certificate in plain text, and the decrypted information may also include a key used to establish encrypted communication.
  • an encrypted communication method is provided for the assistant device 102, as shown in FIG. 3.
  • step S31 the assistant device 102 obtains the identifier of the RTK device 101.
  • the assistant device 102 obtains the identifier of the RTK device 101 from the RTK device 101.
  • the specific implementation manner of acquisition refer to the description of the foregoing system interaction embodiment.
  • the identifier of the RTK device 101 includes: a serial number (SN) of the RTK device 101 and/or ephemeris data of the RTK device 101.
  • the ephemeris data of the RTK device 101 refers to the ephemeris data received by the RTK device 101 from the Global Navigation Satellite System (Global Navigation Satellite System, GNSS).
  • GNSS Global Navigation Satellite System
  • the RTK device 101 is an RTK device applied to a drone.
  • step S32 the assistant device 102 uses the identifier to request an authentication certificate from the security server 103.
  • the assistant device 102 sends a request to the security server 103, the request carries the identifier of the RTK device 101, and the request is specifically used to request the security server 103 for an authentication certificate.
  • step S33 the assistant device 102 receives the encrypted information fed back by the security server 103.
  • the encrypted information includes an authentication certificate encrypted based on the identifier.
  • the security server 103 uses an encryption algorithm to encrypt the authentication certificate based on the identifier of the RTK device 101, and then carries the encrypted authentication certificate in the encrypted information.
  • the encrypted information further includes a key encrypted based on the identifier.
  • the security server 103 encrypts the key using an encryption algorithm based on the identification of the RTK device 101, and then carries the encrypted key in the encrypted information.
  • This key is a key used to establish encrypted communication between the RTK device 101 and the security server 103.
  • the authentication certificate and the key included in the encrypted information are used to establish SSL communication between the RTK device and the security server.
  • step S34 the assistant device 102 sends the encrypted information to the RTK device 101.
  • the RTK device 101 can use the identifier stored locally by the RTK device 101 to generate a key for decrypting the encrypted information. And use the key to obtain the authentication certificate and key for the RTK device 101 and the security server 103 to establish encrypted communication from the encrypted information. Subsequently, the RTK device 101 may use the decrypted authentication certificate and key to request an encrypted communication connection with the security server 103. Optionally, the decrypted authentication certificate and key are used to establish an encrypted communication connection based on SSL.
  • an encrypted communication method is provided for the security server 103, as shown in FIG. 4.
  • step S41 the security server 103 receives a request carrying the identifier of the RTK device 101.
  • the request is used to request an authentication certificate for establishing communication from the security server 103.
  • the request can also be used to request a key for establishing encrypted communication from the security server 103.
  • the request may be sent by the RTK device 101.
  • the request may be sent by the assistant device 102.
  • step S42 the security server 103 generates an authentication certificate.
  • the security server 103 In response to the request sent by the assistant device 102, the security server 103 generates an authentication certificate for performing security authentication on the RTK device 101. With this authentication certificate, the RTK device 101 can request to establish a communication connection with the security server 103.
  • the security server 103 uses the identifier of the RTK device 101 to generate the key corresponding to the authentication certificate. Combining the key and the authentication certificate, the RTK device 101 may request to establish an encrypted communication connection with the security server 103, for example, establish an encrypted communication connection based on SSL.
  • each RTK device 101 has a unique identification. Therefore, the keys generated based on the identifications of different RTK devices 101 are also different and unique. In contrast, the fake RTK device does not have an identification, and therefore does not have a key corresponding to the identification, so that it is impossible to establish an encrypted communication connection with the security server 103.
  • the authentication certificate and the key included in the encrypted information are used to establish a secure socket layer SSL-based encrypted communication between the RTK device 101 and the security server 103.
  • step S43 the security server 103 encrypts the authentication certificate based on the identification.
  • the security server 103 has an encryption algorithm, and this application does not limit which encryption algorithm is specifically used for encryption.
  • the encryption algorithm is a symmetric encryption algorithm.
  • the symmetric encryption algorithm can be Data Encryption Standard (DES), Triple Data Encryption Algorithm (Triple Data Encryption Algorithm, TDEA), or Advanced Encryption Standard (Advanced Encryption Standard, AES).
  • DES Data Encryption Standard
  • TDEA Triple Data Encryption Algorithm
  • AES Advanced Encryption Standard
  • calculate the hash value of the SN of the RTK device convert the calculated hash value into the first binary number of M bits; calculate the hash value of the ephemeris data of the RTK device, and calculate the hash The value is converted to a second binary number of M bits, where M is a positive integer.
  • the process of encrypting the authentication certificate is as follows: first divide the authentication certificate into N data fragments according to M bits; then perform the exclusive OR operation on the N data fragments and the first binary number; and then the N pieces after the exclusive OR operation The data fragments are ORed with the second binary number to obtain the encrypted certificate.
  • the encryption algorithm is an asymmetric encryption algorithm.
  • the asymmetric encryption algorithm may be the RSA algorithm, or may be the DSA (Digital Signature Algorithm) algorithm, or the elliptic curve cryptography (Elliptic curve cryptography, ECC) algorithm.
  • the security server 103 uses the encryption algorithm to encrypt the authentication certificate based on the identification of the RTK device 101.
  • the security server 103 encrypts the key corresponding to the authentication certificate based on the identification. Specifically, for the key for establishing encrypted communication (that is, the key corresponding to the authentication certificate) generated based on the ID of the RTK device 101, the security server 103 still uses the encryption algorithm to perform the key on the key based on the ID of the RTK device 101 encryption.
  • the security server 103 may simultaneously encrypt the key and the authentication certificate used to establish encrypted communication. Alternatively, the security server 103 may separately encrypt the key and the authentication certificate used to establish the encrypted communication.
  • step S44 the security server 103 feeds back the encrypted information carrying the encrypted authentication certificate.
  • the encrypted information carries an encrypted authentication certificate.
  • the encrypted information carries both the encrypted key used to establish encrypted communication and the authentication certificate.
  • step S41 if it is a request sent by the assistant device 102, the security server 103 sends the encrypted information to the assistant device 102.
  • step S41 if it is a request sent by the RTK device 101, the security server 103 sends the encrypted information to the RTK device 101.
  • an encrypted communication method is provided for the RTK device 101, as shown in FIG. 5.
  • step S51 the RTK device 101 receives the encrypted information generated by the security server 103.
  • the RTK device 101 receives the encrypted information sent by the security server 103.
  • the RTK device 101 is to receive encrypted information generated by the security server 103 forwarded by the assistant device 102.
  • each RTK device 101 has a unique identification. Therefore, the encrypted information (including the authentication certificate and key used to establish communication) generated based on the identification of different RTK devices 101 is also different and unique. In contrast, a fake RTK device does not have an identifier, nor does it receive encrypted information corresponding to the identifier, so that an encrypted communication connection with the security server 103 cannot be established.
  • step S52 the RTK device 101 uses the ID of the RTK device 101 to generate a key for decrypting the encrypted information.
  • the RTK device 101 obtains the identifier of the RTK device 101, and performs legality verification on the obtained identifier. After passing the legality verification, the RTK device 101 uses the ID of the RTK device 101 to generate a key for decrypting the encrypted information.
  • step S53 the RTK device 101 decrypts the authentication certificate from the encrypted information using the generated key.
  • the RTK device 101 may also use the generated key to decrypt the key used to establish communication with the security server 103 from the encrypted information.
  • calculate the hash value of the SN of the RTK device convert the calculated hash value into the first binary number of M bits; calculate the hash value of the ephemeris data of the RTK device, and calculate the hash
  • the value is converted to a second binary number of M bits, where M is a positive integer.
  • the first binary number and the second binary number are the keys used to decrypt the encrypted information.
  • the process of decrypting the authentication certificate is as follows: first divide the encrypted information into Q data fragments according to M bits; and then perform an OR operation on the Q data fragments and the second binary number; and then perform the XOR operation on the Q Each piece of data is XORed with the first binary number to obtain the decrypted information.
  • the decrypted information includes the authentication certificate in plain text, and the decrypted information may also include a key used to establish encrypted communication.
  • step S54 the RTK device 101 uses the authentication certificate to establish communication with the security server 103.
  • the RTK device 101 may generate a decryption key according to the identifier of the RTK device 101, and use the key to decrypt the authentication certificate from the encrypted information. In this way, the RTK device 101 can use the authentication certificate to establish a legal communication connection with the security server 103.
  • the RTK device 101 uses the key for decryption generated according to the identifier of the RTK device 101 to decrypt the key and the authentication certificate for establishing encrypted communication from the encrypted information.
  • the RTK device 101 uses the authentication certificate and the decrypted key to establish an encrypted communication with the security server 103 based on the secure socket layer SSL.
  • the present application further provides an encrypted communication device 60 for implementing the encrypted communication method.
  • the encrypted communication device 60 is deployed in the parameter adjustment device 102.
  • This application does not limit the division of functional modules in the encrypted communication device 60.
  • An example of division of the functional modules included in the encrypted communication device 60 is given below with reference to FIG. 6.
  • the encrypted communication device 60 includes:
  • An obtaining unit 61 configured to obtain the identifier of the RTK device 101 from the RTK device 101;
  • the requesting unit 62 is used to request an authentication certificate from the security server 103 using the identifier
  • the receiving unit 63 is configured to receive encrypted information fed back by the security server 103, where the encrypted information includes an authentication certificate encrypted based on the identifier;
  • the sending unit sends the encrypted information to the RTK device 101.
  • the encrypted information further includes a key encrypted based on the identifier.
  • the authentication certificate and the key included in the encrypted information are used to establish a secure socket layer SSL-based encrypted communication between the RTK device 101 and the security server 103.
  • the present application also provides an encrypted communication device 70 for implementing the encrypted communication method.
  • the encrypted communication device 70 is deployed on the RTK device 101.
  • This application does not limit the division of functional modules in the encryption communication device 70.
  • An example of division of the functional modules included in the encryption communication device 70 is given below with reference to FIG. 7.
  • the encrypted communication device 70 includes:
  • the encrypted communication device 70 includes:
  • the receiving unit 71 is configured to receive encrypted information generated by the security server 103, and the encrypted information includes an authentication certificate encrypted based on the identifier of the RTK device 101;
  • the using unit 72 is used to generate a key for decrypting the encrypted information using the identifier of the RTK device 101, use the generated key to decrypt the authentication certificate from the encrypted information, and use the authentication certificate Establish communication with the security server 103.
  • the using unit 72 is configured to use the generated key to decrypt the key used to establish communication with the security server 103 from the encrypted information, the encrypted information further includes encryption based on the identifier Key.
  • the use unit 72 is configured to use the authentication certificate and the decrypted key to establish an encrypted communication with the security server 103 based on a secure socket layer SSL.
  • the using unit 72 is configured to: obtain the ID of the RTK device 101, perform legality verification on the obtained ID, and use the ID of the RTK device 101 to generate a decryption device after the legality verification is passed The key to encrypt information.
  • the use unit 72 is configured to:
  • Calculate the hash value of the ephemeris data of the RTK device 101 convert the calculated hash value into an M-bit second binary number, the first binary number and the second binary number are used for decryption The key of the encrypted information.
  • the present application also provides an encrypted communication device 80 for implementing the encrypted communication method.
  • the encrypted communication device 80 is deployed on the security server 103.
  • This application does not limit the division of functional modules in the encrypted communication device 80.
  • An example of division of the functional modules included in the encrypted communication device 80 is given below with reference to FIG. 8.
  • the encrypted communication device 80 includes:
  • the receiving unit 81 is configured to receive a request carrying the identifier of the RTK device 101;
  • the generating unit 82 is used to generate an authentication certificate
  • An encryption unit 83 configured to encrypt the authentication certificate based on the identification
  • the feedback unit 84 is configured to feed back encrypted information carrying the encrypted authentication certificate.
  • the generating unit 82 is configured to generate a key corresponding to the authentication certificate
  • the encryption unit 83 is configured to encrypt the key corresponding to the authentication certificate based on the identification
  • the encrypted communication device 80 includes a carrying unit 85 for carrying the encrypted key in the encrypted information.
  • the authentication certificate and the key included in the encrypted information are used to establish a secure socket layer SSL-based encrypted communication between the RTK device 101 and the security server 103.
  • the encryption unit 83 is used to:
  • the present application also provides a parameter adjustment device 102.
  • the parameter adjustment device 102 includes a processor 1021 and a memory 1022.
  • the processor 1021 and the memory 1022 are connected through a bus 1023; the memory 1022 stores computer instructions;
  • the processor 1021 executes the computer instructions in the memory 1022, so that the assistant device 102 executes an encrypted communication method for the assistant device 102, for example, the method steps shown in FIG. 3.
  • the processor 1021 may be a central processing unit (Central Processing Unit, CPU), and the processor may also be other general-purpose processors, digital signal processors (Digital Signal Processor, DSP), and application-specific integrated circuits (Application Specific (Integrated Circuit, ASIC), ready-made programmable gate array (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc.
  • the general-purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
  • the memory 1022 may include read-only memory and/or random access memory, and provide instructions and data to the processor.
  • a portion of the memory may also include non-volatile random access memory.
  • the memory may also store device type information.
  • the security server 103 includes a processor 1031 and a memory 1032.
  • the processor 1031 and the memory 1032 are connected through a bus 1033.
  • the memory 1032 stores computer instructions.
  • the processor 1031 executes computer instructions in the memory, so that the security server 103 executes an encrypted communication method for the security server 103, for example, executes the method steps shown in FIG. 4.
  • the processor 1031 may be a central processing unit (Central Processing Unit, CPU), and the processor may also be other general-purpose processors, digital signal processors (Digital Signal Processor, DSP), and application-specific integrated circuits (Application Specific (Integrated Circuit, ASIC), ready-made programmable gate array (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc.
  • the general-purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
  • the memory 1032 may include read-only memory and/or random access memory, and provide instructions and data to the processor.
  • a portion of the memory may also include non-volatile random access memory.
  • the memory may also store device type information.
  • the RTK device 101 includes a processor 1011 and a memory 1012.
  • the processor 1011 and the memory 1012 are connected through a bus 1013.
  • the memory 1012 stores computer instructions.
  • the processor 1011 The execution of the computer instructions in the memory 1012 causes the RTK device 101 to perform an encrypted communication method provided for the RTK device 101, for example, the method steps shown in FIG. 5 are executed.
  • the processor 1011 may be a central processing unit (Central Processing Unit, CPU), and the processor may also be other general-purpose processors, digital signal processors (Digital Signal Processor, DSP), and application-specific integrated circuits (Application Specific (Integrated Circuit, ASIC), ready-made programmable gate array (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc.
  • the general-purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
  • the memory 1012 may include read-only memory and/or random access memory, and provide instructions and data to the processor.
  • a portion of the memory may also include non-volatile random access memory.
  • the memory may also store device type information.
  • the present application also provides a computer-readable storage medium that stores computer instructions.
  • the computer instruction instructs the assistant device 102 to provide an encrypted communication method for the assistant device 102, for example, to perform the method steps shown in FIG. 3.
  • the present application also provides a computer-readable storage medium that stores computer instructions.
  • the computer instruction instructs the security server 103 to perform an encrypted communication method provided for the security server 103, for example, the method steps shown in FIG. 4 are performed.
  • the present application also provides a computer-readable storage medium that stores computer instructions.
  • the computer instruction instructs the RTK device 101 to provide an encrypted communication method for the RTK device 101, for example, to perform the method steps shown in FIG. 5.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne un procédé, un appareil et un système de communication chiffrée, et un support de stockage lisible par ordinateur. Le procédé de communication chiffrée est appliqué dans un dispositif de RTK d'un véhicule aérien sans équipage, et comporte les étapes consistant à: obtenir une identification du dispositif de RTK à partir du dispositif de RTK (S31), l'identification comportant un numéro de série du dispositif de RTK et/ou des données d'éphémérides de celui-ci; utiliser l'identification pour demander un certificat à un serveur de sécurité (S32); recevoir les informations de chiffrement renvoyées par le serveur de sécurité, les informations de chiffrement comportant le certificat chiffré sur la base de l'identification (S35); et envoyer les informations de chiffrement au dispositif de RTK (S36). Par la suite, seul le véritable dispositif de RTK doté de l'identification peut utiliser l'identification locale pour générer une clé correcte qui peut être utilisée pour déchiffrer le certificat de telle façon que le véritable dispositif de RTK puisse satisfaire à la certification de sécurité du serveur de sécurité en utilisant le certificat, et établisse une communication avec le serveur de sécurité.
PCT/CN2018/124015 2018-12-26 2018-12-26 Procédé, appareil et système de communication chiffrée, et support de stockage informatique WO2020132978A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2018/124015 WO2020132978A1 (fr) 2018-12-26 2018-12-26 Procédé, appareil et système de communication chiffrée, et support de stockage informatique
CN201880071010.0A CN111406390A (zh) 2018-12-26 2018-12-26 加密通信方法、装置、系统及计算机存储介质

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2018/124015 WO2020132978A1 (fr) 2018-12-26 2018-12-26 Procédé, appareil et système de communication chiffrée, et support de stockage informatique

Publications (1)

Publication Number Publication Date
WO2020132978A1 true WO2020132978A1 (fr) 2020-07-02

Family

ID=71126139

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2018/124015 WO2020132978A1 (fr) 2018-12-26 2018-12-26 Procédé, appareil et système de communication chiffrée, et support de stockage informatique

Country Status (2)

Country Link
CN (1) CN111406390A (fr)
WO (1) WO2020132978A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112235263A (zh) * 2020-09-27 2021-01-15 深圳市元征科技股份有限公司 诊断设备安全认证方法、服务器、车辆及存储介质
CN117579392A (zh) * 2024-01-16 2024-02-20 北京富通亚讯网络信息技术有限公司 基于加密处理的可靠数据传输方法、装置、设备及介质

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113724482B (zh) * 2021-08-05 2023-05-30 北京三快在线科技有限公司 一种射频遥控方法、装置、存储介质及电子设备

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107317674A (zh) * 2016-04-27 2017-11-03 华为技术有限公司 密钥分发、认证方法,装置及系统
CN107408351A (zh) * 2015-03-31 2017-11-28 深圳市大疆创新科技有限公司 用于生成飞行管制的认证系统和方法
CN107615359A (zh) * 2015-03-31 2018-01-19 深圳市大疆创新科技有限公司 用于检测未经授权的无人飞行器活动的认证系统和方法
CN108683641A (zh) * 2018-04-24 2018-10-19 广州亿航智能技术有限公司 一种数据通信方法、装置、无人机及计算机存储介质
CN108696517A (zh) * 2018-05-08 2018-10-23 山东渔翁信息技术股份有限公司 一种无人飞行器信息的安全通讯方法、装置及系统

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1391073B8 (fr) * 2001-05-01 2018-09-05 OneSpan International GmbH Procédé et système d'augmentation de la sécurité d'une connection sécurisée
CN102801730B (zh) * 2012-08-16 2015-01-28 厦门市美亚柏科信息股份有限公司 一种用于通讯及便携设备的信息防护方法及装置
CN105871857B (zh) * 2016-04-13 2019-09-27 北京怡和嘉业医疗科技股份有限公司 认证方法、装置、系统及治疗设备
US10277407B2 (en) * 2016-04-19 2019-04-30 Microsoft Technology Licensing, Llc Key-attestation-contingent certificate issuance

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107408351A (zh) * 2015-03-31 2017-11-28 深圳市大疆创新科技有限公司 用于生成飞行管制的认证系统和方法
CN107615359A (zh) * 2015-03-31 2018-01-19 深圳市大疆创新科技有限公司 用于检测未经授权的无人飞行器活动的认证系统和方法
CN107317674A (zh) * 2016-04-27 2017-11-03 华为技术有限公司 密钥分发、认证方法,装置及系统
CN108683641A (zh) * 2018-04-24 2018-10-19 广州亿航智能技术有限公司 一种数据通信方法、装置、无人机及计算机存储介质
CN108696517A (zh) * 2018-05-08 2018-10-23 山东渔翁信息技术股份有限公司 一种无人飞行器信息的安全通讯方法、装置及系统

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112235263A (zh) * 2020-09-27 2021-01-15 深圳市元征科技股份有限公司 诊断设备安全认证方法、服务器、车辆及存储介质
CN112235263B (zh) * 2020-09-27 2023-01-24 深圳市元征科技股份有限公司 诊断设备安全认证方法、服务器、车辆及存储介质
CN117579392A (zh) * 2024-01-16 2024-02-20 北京富通亚讯网络信息技术有限公司 基于加密处理的可靠数据传输方法、装置、设备及介质
CN117579392B (zh) * 2024-01-16 2024-04-16 北京富通亚讯网络信息技术有限公司 基于加密处理的可靠数据传输方法、装置、设备及介质

Also Published As

Publication number Publication date
CN111406390A (zh) 2020-07-10

Similar Documents

Publication Publication Date Title
US11706026B2 (en) Location aware cryptography
AU2017358604B2 (en) Systems and methods for secure communication using Random Cipher Pad cryptography
US11784801B2 (en) Key management method and related device
US7283629B2 (en) Deriving keys used to securely process electronic messages
US11658803B2 (en) Method and apparatus for decrypting and authenticating a data record
US20160127131A1 (en) Distributed Validation of Digitally Signed Electronic Documents
WO2017032242A1 (fr) Appareil et procédé de génération de clé
EP3761203A1 (fr) Procédé de traitement d'informations, noeud de chaîne de blocs et appareil électronique
WO2020132978A1 (fr) Procédé, appareil et système de communication chiffrée, et support de stockage informatique
US20220006835A1 (en) Tls integration of post quantum cryptographic algorithms
US8995669B1 (en) Updating shared keys
US10937339B2 (en) Digital cryptosystem with re-derivable hybrid keys
US9692770B2 (en) Signature verification using unidirectional function
WO2018176312A1 (fr) Procédé d'appariement, appareil, support de stockage lisible par machine et système
TWM542178U (zh) 隱藏及還原區塊鏈交易中交易方資訊之裝置
US11533181B2 (en) Information processing apparatus, registration apparatus, information processing method, and registration method
TWI637619B (zh) 隱藏還原區塊鏈交易中交易方資訊之裝置及其方法
US9331852B2 (en) System and method for securing data transaction
US20140281536A1 (en) Secured embedded data encryption systems
JP2016075765A (ja) 認証暗号化装置および認証復号装置、ならびに、それらのプログラム
CN112231397B (zh) 基于区块链的交易文件传递方法及装置
WO2023197853A1 (fr) Appareils, procédés et supports lisibles par ordinateur servant à générer et utiliser une clé de fonction non clonable physique
US10021074B2 (en) Encrypting method and decrypting method of security short message and receiving apparatus for receiving security short message
US11456866B2 (en) Key ladder generating a device public key
JP2000221881A (ja) 電子署名端末装置、電子署名管理装置および電子署名システム

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 18944457

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 18944457

Country of ref document: EP

Kind code of ref document: A1