CN101834832A - Method and system for safe transmission of network data - Google Patents
Method and system for safe transmission of network data Download PDFInfo
- Publication number
- CN101834832A CN101834832A CN200910119539A CN200910119539A CN101834832A CN 101834832 A CN101834832 A CN 101834832A CN 200910119539 A CN200910119539 A CN 200910119539A CN 200910119539 A CN200910119539 A CN 200910119539A CN 101834832 A CN101834832 A CN 101834832A
- Authority
- CN
- China
- Prior art keywords
- message
- sid
- session
- module
- network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a system for the safe transmission of network data. The system comprises an initialization module, a message control counter and a data transmission module, wherein the initialization module is used for establishing a network session between two communication parties to acquire a session key for transmitting data between the two communication parties; the message control counter is used for generating different message identifiers on each user message in the process of message transmission; and the data transmission module is used for performing the safe data transmission between the two communication parties on the session established by the initialization module by using the session key and the message identifiers. The invention also discloses a method for the safe transmission of the network data, which comprises the following steps of: establishing session connection first, and calling an ideal key exchange protocol to acquire the session key; and then calling an authentication encryption scheme to perform authentication encryption processing on the messages to be transmitted. The method and the system for the safe transmission of the network data provide a universal method for network safe transmission performed by using the authentication encryption scheme, and have the UC security (Universally Composable Security).
Description
Technical field
The present invention relates to network safety filed, relate in particular to a kind of network data security transmission method and system.
Background technology
The safe lane agreement is a kind of network channel agreement that makes that communicating pair can communicate on the network by opponent's control.By this agreement, communicating pair can pass through public network transfer machine confidential information,, can not divulged a secret in the process of transmitting in the hope of these information, also can not distorted.Though example as the safe lane agreement, SSL (Secure Sockets Layer Protocol), SSH (Secure Shell) and IPSec (Internet Protocol Security) obtain to use widely already, but up to recently, the talents such as Canetti have carried out systematic research to its fail safe first, and have provided the formalization definition under UC (Universally Composable Security) security framework.
The core of UC security framework is the method for definition protocol safety that people such as Goldreich proposes " simulation " adopted: for whether definite agreement is safe at a certain safe task, at first imagine a desirable implementation (ideal process), this ideal process can be finished the task of appointment in the mode of safety.In this ideal process, all participants of agreement (or claiming entity) pass to the input of oneself one " trusted entity ", should " trusted entity " handle according to some rule, and output are passed to the entity of appointment.This ideal process can be counted as the formalized description to demand for security.If the ideal process of agreement energy " simulation " this safe task then claims it can realize this safe task safely.Here the implication of " simulation " is meant: opponent can be obtained by another opponent at corresponding ideal process at any destruction of these actual agreements.
For the fail safe of the agreement that describes in a systematic way, the UC security framework has been introduced one and has been referred to as the new computational entity of " environment (environment) ".So-called " environment (environment) ", be meant current operation, all factors except that target protocol and its opponent, comprise the agreement of other operation and corresponding opponent, user or the like.Environment and target protocol carry out twice mutual: at first, it is that protocol entity and opponent select input arbitrarily.Then, it collects protocol entity and opponent's output.At last, bit of environment output is agreement π implementation and opponent A thereof with reality to judge it
RCarry out alternately, still with ideal process F and opponent A thereof
ICarry out mutual.We claim an agreement π process F (because a process always embodying certain function, therefore claiming also that sometimes an ideal process is " ideal functionality ") that realizes ideal safely, if for the opponent A of any actual agreements
RAll there is the opponent A of an ideal process in (real adversary)
I(ideal adversary) makes that any environment Z can not be with the probability of can not ignore, and distinguishing on earth, it is (to reach actual opponent A with actual agreements π
R) carry out mutual (that is being in real process), still (reaching desirable opponent A with ideal process F
I) carry out mutual (that is being in ideal process).
According to the UC security framework, for the UC fail safe of define grid channel agreement, ideal process of definition is described the demand for security of network channel agreement earlier.And the ideal functionality F of network channel
ScBe described as follows: when receive communicating pair set up the request of safe lane the time, just notify safe lane of opponent to set up.After this, if an entity requires F
ScTransmit a message m and give another entity, F
ScJust sending message to destination entity in confidence, and notify the opponent to have a length to be | the message of m| bit transmits by this safe lane.In case there is an entity will stop session, F
ScJust no longer carry out the transmission of any message.If the network channel agreement of a reality can realize this ideal functionality F
Sc, claim that then it is the network channel agreement of a UC safety.
Under above definition, Canetti etc. have proved, if IKE is loose UC safety (relaxed UC-secure), then can construct the encipherment scheme of an IND-CPA safety and the certificate scheme of one (weak) forgery safety is that making it is UC safety by the network channel agreement of encrypting earlier mode (the being the IPSec mode) realization that afterwards authenticates.
Yet above-mentioned conclusion does not but have versatility.That is to say, have some safe encipherment schemes really, when forming the network channel agreement in a manner mentioned above, even adopt the IKE of strong UC safety, can not simulate ideal function F
ScHaving its source in of its problem, when actual opponent adaptively destroys some protocol entities, and when requiring to obtain with the corresponding clear-text message of ciphertext, desirable opponent can not simulate well.Because, simulate this activity of actual opponent, desirable opponent just must known expressly or just ciphertext carried out " promising to undertake (commit) " before the decruption key.
As situation about running into when the fail safe that IKE is discussed, the encipherment scheme here is nothing security vulnerabilities that can be utilized by the opponent also, therefore, fails to realize that the reason of UC safety also is desirable safe lane function F
ScRequirement may be too strong.For this reason, Canetti etc. further proposes the ideal network channel function F of " loose (relaxed) "
N ScThe network channel function F similar with loose key-switch function, that this is loose
N ScAlso use " no information " Oracle (non-information oracle), in the time will transmitting a message in confidence, for desirable opponent (simulator) provides about being transmitted " randomization information (the randomized information) " of message to the purpose recipient.Specifically, pass through F when two entities that do not destroyed
N ScWhen transmitting message m, F
N ScMessage is sent to the purpose recipient in confidence, calls " no information " Oracle (non-information oracle) N simultaneously and m is inputed to N, the output with oracle passes to desirable opponent then.When session or protocol entity are destroyed, F
N ScJust the internal state with N is exposed to the opponent.
Here slightly somewhat different to the no information oracle in the IKE of the requirement of no information oracle N and UC safety.Here the output that requires N and input are " in the calculating be independently (computationally independent) ".That is to say that if each message that inputs to no information oracle N is replaced to isometric complete 0 string, then its output is undistinguishable.It adopts the reasonability of no information oracle to be, the opponent is to be totally independent of the message that is transmitted by secret by the information that N obtains.If can select suitable no information oracle N, when certain entity was destroyed, desirable opponent just can obtain some extra information, so that actual opponent is simulated.
For a channel agreement π,, make the network channel agreement F that π can realize ideal if there is a no information oracle N
N Sc, claim that then this agreement π is loose UC safety.
Loose hereto UC secured channels agreement, Canetti etc. will not have information oracle N afterwards and were defined as a leakage function Leak:{0,1}
*→ 0,1}
*, be illustrated in the information that the opponent allows to obtain in the transmission course of message m and only be Leak (m), rather than whole message m.The safe lane agreement that this paper studied also is under the UC security framework, with F
Leak ScAs desirable network channel function.We mainly discuss and how to utilize Authenticated Encryption Schemes to realize this ideal functionality in the network of reality.
The UC security definitions of UC security framework and agreement has been portrayed a due Security Target of actual agreements intuitively with the mode of " simulation ", yet these methods have only provided a Security Target and whether check reaches the means of this target, rather than propose a universal method that how to reach these Security Targets.For the safe lane agreement, these security definitions have just provided the whether method of safety of a supervising network channel agreement, fail to propose on the whole how could to realize a safe lane easily.Though Canetti etc. have also proposed an example that utilizes IKE, message authentication scheme and encipherment scheme to realize safe lane, its implementation also only limits to be synthesized by the mode of " Encrypt-then-MAC " by encryption and certificate scheme.In essence, safe lane is exactly to manage to make the message of transmission can not reveal to the opponent, and guarantees can not distorted by the opponent.And this requirement also just Authenticated Encryption Schemes (Authenticated Encryption Scheme) to embody, and, Canetti etc. will authenticate with encipherment scheme and combine a kind of form of also common just realization Authenticated Encryption Schemes by what " Encrypt-then-MAC " mode was carried out.Therefore, propose a kind of universal method that realizes network channel and system be one very useful.
Summary of the invention
In view of this, main purpose of the present invention is to provide a kind of radio frequency unit, is used for the radio communication base station radio frequency automatic test, it is characterized in that comprising:
For solving the general problem of implementation of network channel, the invention provides a kind of network data security transmission method and system, make and can use the network channel that general Authenticated Encryption Schemes realizes a UC safety.
The invention discloses a kind of network data security transmission method and system, comprising:
Initialization module (101) is used for setting up a BlueDrama at communicating pair, and the obtaining communication both sides are transmitted the session key that data are used, and initial message control counter (102);
Message control counter (102) is used for the process to message transfer, and each user message is produced a different message identifier;
Data transmission module (103) is used for the session in initialization module foundation, utilizes described session key and message identifier to carry out safe transfer of data at communicating pair.
Described initialization module further comprises the connection request input module, network connection message sending module, network connection message receiver module, connection request output module, connection response input module, session key are set up module and message control counter initialization module:
The connection request input module, solicited message is set up in the session that is used for sending when receiving entity communicates, and this solicited message comprises connection foundation sign (Establish-Session) and the session identification (P that indicates request type
S, P
R, sid '), comprise transmission message person sign (P in the session identification wherein
S), receive message person's sign (P
R) and this connection identifier (sid ');
The connection request output module is used for after receiving a session connection request that transmits from network, to session connection request information of entity output, confirms whether accept this connection request for entity.This solicited message comprises connection foundation sign (Establish-Session), the session identification (P that indicates request type
S, P
R, sid '), and connection request sign (initial);
The connection response input module is used for receiving the connection response information of importing from entity.This solicited message comprises connection foundation sign (Establish-Session), the session identification (P that indicates request type
S, P
R, sid '), and connection response sign (response);
Network connection message receiver module is used to receive the opposing party's session connection request or the connection response information of the session of transmitting from network, and this information comprises that the connection that indicates request type sets up sign (Establish-Session), session identification (P
S, P
R, sid '), and connection request sign (initial) or connection response sign (response);
Network connection message sending module, be used for when receiving a connection request or a connection response information of exporting from entity, transmit this information by network to the opposing party, this information comprises connection foundation sign (Establish-Session), the session identification (P that indicates request type
S, P
R, sid '), and connection request sign (initial) or connection response sign (response);
Session key is set up module, is used for setting up network session key at communicating pair.The IKE of a safety of this module invokes
Generate the session key K of a safety.
Message control counter initialization module will be used for the message control counter and be initialized as a definite value.
Described data transmission module further comprises the user message input module, session channel inspection module, and the authenticated encryption module, the network encryption message transmission module, network encryption message sink module, decryption verification module and user message output module:
The user message input module, the message that is used for receiving entity input transmits solicited message, and this information comprises that message transmits sign (Send) session id (sid) and message itself (m) (sid=(P wherein
S, P
R, sid '));
Session channel inspection module is used for after the user message input module receives that a message transmits request, and whether session id of mentioning and corresponding session key thereof that check message transmits in the solicited message exist;
The authenticated encryption module, be used for after session channel inspection module is checked successfully, message control counter value (l) is increased by 1,, message is transmitted the message of appointment in the solicited message and carry out the authenticated encryption processing with the session key of the session id correspondence of appointment in the message transmission solicited message;
The network encryption message transmission module is used for the message ciphertext (e) that the authenticated encryption resume module is good, sends by network together with the value (l) of session id (sid) and corresponding message control counter;
Network encryption message sink module is used to receive the message ciphertext (e) that transmits from network, the value (l) of session id (sid) and corresponding message control counter;
The decryption verification module is used for message cipher text (e) and is decrypted checking, and checks the legitimacy of message in conjunction with the value of control counter;
The user message output module, be used for after the success of decryption verification module, to the entity output message expressly, and to successful respond information of transmit leg loopback, this successful respond information comprises successfully sign (ack), the value (l) of session id (sid) and corresponding message control counter.
The present invention also provides a kind of network data security transmission method, comprises
Step 1 is set up session connection, obtains session key, and the initial message control counter;
Step 2 is carried out safe transmission to user message, comprises the movable and receiving terminal activity of transmitting terminal.
Described step 1 further comprises:
Step 1.1 is as an entity P
SThe connection request message of being imported by the user (Establish-Session, sid) (sid=(P wherein
S, P
R, sid ')) when activating, entity P
SWhether check has certain entity P
R, make sid=(P
S, P
R, sid ') set up.Then, sid is changed to establishing, and by network to entity P
RThe connectivity request message that sends (Establish-Session, sid, initial);
Step 1.2 is as entity P
RReceive from entity P from network
SThe connectivity request message at place (Establish-Session, sid, initial) (sid=(P wherein
S, P
R, sid ')) time, entity P
RTo the user export connectivity request message (Establish-Session, sid, initial);
Step 1.3 is as entity P
RBy user's input connection response message (Establish-Session, sid, response) (sid=(P wherein
S, P
R, sid ')) when activating, P
RPutting sid is established, then by network to entity P
STransmission connection response information (Establish-Session, sid, response).Then with (Establish-session, sid ', P
R, P
S, role), call IKE as input
If obtain response (key, sid ', K), then record (sid, K);
In case step 1.4 is entity P
SReceive from P by network
RThe connection response information of coming (Establish-Session, sid, response) (sid=(P wherein
S, P
R, sid ')), entity P
SSid is set to established, then with (Establish-session, sid ', P
S, P
R, role), call IKE as input
If obtain response (key, sid ', K), then record (sid, K);
Step 1.5, the initial message control counter.
The transmitting terminal step of described step 2 further comprises:
If step 2.1 is transmitting terminal entity P
SFor a session id (sid) (sid=(P wherein
S, P
R, sid ')) message that will send in addition, then execution in step 2.2, otherwise execution in step 2.7 finishes this session;
Step 2.2, if there is no write down (sid K), then ignores this input, execution in step 2.7, otherwise, execution in step 2.3;
Step 2.3 is then calculated e=TagEnc
K(m, l), with the value increase by 1 of message control counter, (sid, e l) give entity P to send message
R, start the time-out count device;
E=TagEnc
K(m, l) expression is carried out the authenticated encryption computing with key K to message m and counter value l, and ciphertext is composed to e as a result.
Step 2.4 subtracts 1 with the time-out count device;
Step 2.5 makes zero if the time-out count device is overtime, and then execution in step 2.7, otherwise execution in step 2.6;
Step 2.6, (l), then execution in step 2.1 for ack, sid, otherwise execution in step 2.4 if receive the response message that the recipient returns;
Step 2.7 finishes this session.
The receiving terminal step of described step 3 further comprises:
Step 3.1 starts the time-out count device;
Step 3.2 subtracts 1 with the time-out count device;
Step 3.3 makes zero if the time-out count device is overtime, and then execution in step 3.8, otherwise execution in step 3.4;
Step 3.4 is as sporocarp P
RReceive a message (sid, e, l) (sid=(P wherein
S, P
R, sid ')), then execution in step 3.5, otherwise execution in step 3.2;
Step 3.5, P
RChecking also never received with the corresponding message of the value of counter l in current sessions, and exist record (sid, K), if then execution in step 3.6, otherwise execution in step 3.2;
Step 3.6 is calculated v=DecVer
K(e, l), if v ≠ ⊥, then execution in step 37, otherwise execution in step 3.2;
V=DecVer
K(e, l) expression is decrypted the checking computing with key K to ciphertext e and counter value l, and the result expressly composes to v, if failure then symbol " ⊥ " is composed to v.
Step 3.7, output message (sent, sid, v), and to entity P
STransmission message (ack, sid, l), execution in step 3.1;
Step 3.8 finishes this session.
Beneficial effect of the present invention is, overcome SSL, the unicity of the constructive method of agreements such as SSH and IPSec realizes the unified method that provides of network data security transmission for utilizing Authenticated Encryption Schemes, verified, the network data security transmission that this method realizes has the UC fail safe.
Though will describe the present invention in conjunction with some exemplary enforcements and using method hereinafter, and it will be appreciated by those skilled in the art that to not being intended to the present invention is limited to these embodiment.Otherwise, be intended to cover all substitutes, correction and the equivalent that are included in defined spirit of the present invention of appending claims and the scope.
Other advantages of the present invention, target, to set forth in the following description to a certain extent with feature, and to a certain extent,, perhaps can obtain instruction from the practice of the present invention based on being conspicuous to those skilled in the art to investigating hereinafter.Target of the present invention and other advantages can be passed through following specification, claims, and the specifically noted structure realizes and obtains in the accompanying drawing.
Description of drawings
In order to make the purpose, technical solutions and advantages of the present invention clearer, the present invention is described in further detail below in conjunction with accompanying drawing, wherein:
Fig. 1 is the structural representation of a kind of network data security transmission system of the present invention;
Fig. 2 is the structural representation of initialization module of the present invention;
Fig. 3 is the structural representation of data transmission module of the present invention;
Fig. 4 is the implementing procedure figure of a kind of network data security transmission method of the present invention;
Fig. 5 is the implementing procedure figure that sets up session connection of the present invention;
Fig. 6 is the embodiment flow chart that transmitting terminal of the present invention sends data;
Fig. 7 is the embodiment flow chart that receiving terminal of the present invention receives data;
Embodiment
Below in conjunction with accompanying drawing the specific embodiment of the present invention is described in further detail.It should be noted that execution mode according to network data security transmission system of the present invention as just example, but the invention is not restricted to this embodiment.
Referring to Fig. 1, show the embodiment of a kind of network data security transmission system of the present invention:
Message control counter 102 is used for the process to message transfer, and each user message is produced a different message identifier;
Wherein, message control counter 102 is counting devices well-known to those skilled in the art, and message of every transmission just increases by 1, with this as message number (message identifier).Concrete control is what to be called by data transmission module 103 in the transmission course of message.Module 207,303,304 and 305 during control can vide infra in detail.In addition in a preferred embodiment, a time-out count device can also be arranged in addition, be used for the bust this of control data.
Referring to Fig. 2, show the embodiment of described initialization module 101:
Connection request input module 201, solicited message is set up in the session that is used for sending when receiving entity communicates, and this solicited message comprises connection foundation sign (Establish-Session) and the session identification (P that indicates request type
S, P
R, sid '), comprise transmission message person sign (P in the session identification wherein
S), receive message person's sign (P
R) and this connection identifier (sid '), this module invokes network connection message sending module 202;
Network connection message sending module 202, be used for when receiving a connection request or a connection response information of exporting from entity, transmit this information by network to the opposing party, this information comprises connection foundation sign (Establish-Session), the session identification (P that indicates request type
S, P
R, sid '), and connection request sign (initial) or connection response sign (response), this module invokes session key is set up module 206 and message control counter initialization module 207;
Network connection message receiver module 203 is used to receive the opposing party's session connection request or the connection response information of the session of transmitting from network, and this information comprises that the connection that indicates request type sets up sign (Establish-Session), session identification (P
S, P
R, sid '), and connection request sign (initial) or connection response sign (response), this module invokes connection request output module 204, session key are set up module 206 and message control counter initialization module 207;
Connection request output module 204 is used for after receiving a session connection request that transmits from network, to session connection request information of entity output, confirms whether accept this connection request for entity.This solicited message comprises connection foundation sign (Establish-Session), the session identification (P that indicates request type
S, P
R, sid '), and connection request sign (initial);
Connection response input module 205 is used for receiving the connection response information of importing from entity.This solicited message comprises connection foundation sign (Establish-Session), the session identification (P that indicates request type
S, P
R, sid '), and connection response sign (response), this module invokes network connection message sending module 202;
Session key is set up module 206, is used for setting up network session key at communicating pair.The IKE of a safety of this module invokes
Generate the session key K of a safety.
Message control counter initialization module 207 will be used for the message control counter and be initialized as a definite value, such as 0.
Referring to Fig. 3, show the embodiment of described data transmission module 103:
User message input module 301, the message that is used for receiving entity input transmits solicited message, and this information comprises that message transmits sign (Send) session id (sid) and message itself (m) (sid=(P wherein
S, P
R, sid ')), this module invokes session channel inspection module 302, authenticated encryption module 303 and network encryption message transmission module 304;
Session channel inspection module 302 is used for after the user message input module receives that a message transmits request, and whether session id of mentioning and corresponding session key thereof that check message transmits in the solicited message exist;
Network encryption message transmission module 304 is used for the message ciphertext (e) that the authenticated encryption resume module is good, sends by network together with the value (l) of session id (sid) and corresponding message control counter;
Network encryption message sink module 305 is used to receive the message ciphertext (e) that transmits from network, the value (l) of session id (sid) and corresponding message control counter, this module invokes decryption verification module 306 and user message output module 307;
User message output module 307, be used for after the success of decryption verification module, to the entity output message expressly, and to successful respond information of transmit leg loopback, this successful respond information comprises successfully sign (ack), the value (l) of session id (sid) and corresponding message control counter.An embodiment of this module is, if the v value of decryption verification module 306 outputs is not illegal symbol " ⊥ " (that is, legal users message), then (ack, sid l) send to the transmit leg P of message by network with tlv triple
S, the while is to the recipient P of message
ROutput clear-text message v, otherwise, do nothing.
Fig. 4 shows the embodiment of a kind of network data security transmission method of the present invention:
Step S401 sets up session connection, obtains session key, and the initial message control counter;
Step S402 carries out safe transmission to user message, comprises the transmission data of transmitting terminal and the reception data of receiving terminal.
Referring to Fig. 5, show the embodiment of described step S401:
Step S501, receiving entity P
SThe connection request message of user input (Establish-Session, sid) (sid=(P wherein
S, P
R, sid ')), if there is recipient's entity P
R, make sid=(P
S, P
R, sid ') set up.Execution in step S502 then;
Step S502 is changed to establishing with sid, and by network to entity P
RThe connectivity request message that sends (Establish-Session, sid, initial);
Step S503, entity P
RReceive from entity P from network
SThe connectivity request message at place (Establish-Session, sid, initial) (sid=(P wherein
S, P
R, sid '));
Step S504, entity P
RTo the user export connectivity request message (Establish-Session, sid, initial);
Step S505, entity P
RReceive user's input connection response message (Establish-Session, sid, response) (sid=(P wherein
S, P
R, sid '));
Step S506, P
RPutting sid is established, then by network to entity P
STransmission connection response information (Establish-Session, sid, response).
Step S507 is with (Establish-session, sid ', P
R, P
S, role), call IKE as input
If obtain response (key, sid ', K), then record (sid, K);
Step S508, entity P
SReceive from P by network
RThe connection response information of coming (Establish-Session, sid, response) (sid=(P wherein
S, P
R, sid '));
Step S509, entity P
SSid is set to established, then with (Establish-session, sid ', P
S, P
R, role), call IKE as input
If obtain response (key, sid ', K), then record (sid, K);
Step S510, the initial message control counter is such as putting 0.
Referring to Fig. 6, the transmitting terminal that shows described step S402 sends an embodiment of data:
If step S601 is transmitting terminal entity P
SFor a session id (sid) (sid=(P wherein
S, P
R, sid ')) message that will send in addition, execution in step S602 then, otherwise execution in step S607 finishes this session;
Step S602, if the existence record (sid, K), execution in step S603, otherwise, execution in step S607;
Step S603 reads a user message, with the value increase by 1 of message control counter, calculates e=TagEnc
K(m, l),, (sid, e l) give entity P to send message
R, start the time-out count device;
E=TagEnc
K(m, l) expression is carried out the authenticated encryption computing with key K to message m and counter value l, and ciphertext is composed to e as a result.
Step S604 subtracts 1 with the time-out count device;
Step S605 makes zero if the time-out count device is overtime, execution in step S607 then, otherwise execution in step S606;
Step S606, if receive the response message that the recipient returns (ack, sid, l), execution in step S601 then, otherwise execution in step S604;
Step S607 finishes this session.
Referring to Fig. 7, the receiving terminal that shows described step S402 receives an embodiment of data:
Step S701 starts the time-out count device;
Step S702 subtracts 1 with the time-out count device;
Step S703 makes zero if the time-out count device is overtime, execution in step S708 then, otherwise execution in step S704;
Step S704 is as sporocarp P
RReceive a message (sid, e, l) (sid=(P wherein
S, P
R, sid ')), execution in step S705 then, otherwise execution in step S702;
Step S705, P
RChecking also never received with the corresponding message of the value of counter l in current sessions, and exist record (sid, K), if, execution in step S706 then, otherwise execution in step S702;
Step S706 calculates v=DecVer
K(e, l), if v ≠ ⊥, execution in step S707 then, otherwise execution in step S702;
V=DecVer
K(e, l) expression is decrypted the checking computing with key K to ciphertext e and counter value l, and the result expressly composes to v, if failure then symbol " ⊥ " is composed to v.
Step S707, output message (sent, sid, v), and to entity P
STransmission message (ack, sid, l), execution in step S701;
Step S708 finishes this session.
The above is the preferred embodiments of the present invention only, is not limited to the present invention, and obviously, those skilled in the art can carry out various changes and modification and not break away from the spirit and scope of the present invention the present invention.Like this, if of the present invention these are revised and modification belongs within the scope of claim of the present invention and equivalent technologies thereof, then the present invention also is intended to comprise these changes and modification interior.
Claims (7)
1. network data security transmission system is characterized in that comprising:
Initialization module (101) is used for setting up a BlueDrama at communicating pair, and the obtaining communication both sides are transmitted the session key that data are used, and initial message control counter (102);
Message control counter (102) is used for the process to message transfer, and each user message is produced a different message identifier;
Data transmission module (103) is used for the session in initialization module foundation, utilizes described session key and message identifier to carry out safe transfer of data at communicating pair.
2. a kind of network data security transmission system as claimed in claim 1, it is characterized in that initialization module (101) wherein, further comprise connection request input module (201), network connection message sending module (202), network connection message receiver module (203), connection request output module (204), connection response input module (205), session key are set up module (206) and message control counter initialization module (207):
Connection request input module (201), solicited message is set up in the session that is used for sending when receiving entity communicates, and this solicited message comprises connection foundation sign (Establish-Session) and the session identification (P that indicates request type
S, P
R, sid '), comprise transmission message person sign (P in the session identification wherein
S), receive message person's sign (P
R) and this connection identifier (sid ');
Connection request output module (202), be used for after receiving a session connection request that transmits from network, to session connection request information of entity output, confirm whether accept this connection request for entity, this solicited message comprises connection foundation sign (Establish-Session), the session identification (P that indicates request type
S, P
R, sid '), and connection request sign (initial);
Connection response input module (203) is used for receiving the connection response information of importing from entity, and this solicited message comprises connection foundation sign (Establish-Session), the session identification (P that indicates request type
S, P
R, sid '), and connection response sign (response);
Network connection message receiver module (204) is used to receive the opposing party's session connection request or the connection response information of the session of transmitting from network, and this information comprises that the connection that indicates request type sets up sign (Establish-Session), session identification (P
S, P
R, sid '), and connection request sign (initial) or connection response sign (response);
Network connection message sending module (205), be used for when receiving a connection request or a connection response information of exporting from entity, transmit this information by network to the opposing party, this information comprises connection foundation sign (Establish-Session), the session identification (P that indicates request type
S, P
R, sid '), and connection request sign (initial) or connection response sign (response);
Session key is set up module (206), is used for setting up network session key at communicating pair.The IKE of a safety of this module invokes
Generate the session key K of a safety;
Message control counter initialization module (207) will be used for the message control counter and be initialized as a definite value.
3. network data security transmission system as claimed in claim 2, it is characterized in that data transmission module (103) wherein, further comprise user message input module (301), session channel inspection module (302), authenticated encryption module (303), network encryption message transmission module (304), network encryption message sink module (305), decryption verification module (306) and user message output module (307):
User message input module (301), the message that is used for receiving entity input transmits solicited message, and this information comprises that message transmits sign (Send) session id (sid) and message itself (m) (sid=(P wherein
S, P
R, sid '));
Session channel inspection module (302) is used for after the user message input module receives that a message transmits request, and whether session id of mentioning and corresponding session key thereof that check message transmits in the solicited message exist;
Authenticated encryption module (303), be used for after session channel inspection module is checked successfully, message control counter value (l) is increased by 1,, message is transmitted the message of appointment in the solicited message and carry out the authenticated encryption processing with the session key of the session id correspondence of appointment in the message transmission solicited message;
Network encryption message transmission module (304) is used for the message ciphertext (e) that the authenticated encryption resume module is good, sends by network together with the value (l) of session id (sid) and corresponding message control counter;
Network encryption message sink module (305) is used to receive the message ciphertext (e) that transmits from network, the value (l) of session id (sid) and corresponding message control counter;
Decryption verification module (305) is used for message cipher text (e) and is decrypted checking, and checks the legitimacy of message in conjunction with the value of control counter;
User message output module (307), be used for after the success of decryption verification module, to the entity output message expressly, and to successful respond information of transmit leg loopback, this successful respond information comprises successfully sign (ack), the value (l) of session id (sid) and corresponding message control counter.
4. network data security transmission method is characterized in that comprising:
Step 1 is set up session connection, obtains session key, and the initial message control counter;
Step 2 is carried out safe transmission to user message, comprises the transmission data of transmitting terminal and the reception data of receiving terminal.
5. as a kind of network data security transmission method as described in the claim 4, it is characterized in that step 1 further comprises:
Step 1.1 is as an entity P
SThe connection request message of being imported by the user (Establish-Session, sid) (sid=(P wherein
S, P
R, sid ')) when activating, entity P
SWhether check has certain entity P
R, make sid=(P
S, P
R, sid ') set up;
Step 1.2 is if exist recipient's entity P
R, then sid is changed to establishing, and by network to entity P
RThe connectivity request message that sends (Establish-Session, sid, initial);
Step 1.3 is as entity P
RReceive from entity P from network
SThe connectivity request message at place (Establish-Session, sid, initial) (sid=(P wherein
S, P
R, sid ')) time, entity P
RTo the user export connectivity request message (Establish-Session, sid, initial);
Step 1.4 is as entity P
RBy user's input connection response message (Establish-Session, sid, response) (sid=(P wherein
S, P
R, sid ')) when activating, P
RPutting sid is established, then by network to entity P
STransmission connection response information (Establish-Session, sid, response);
Step 1.5 is then with (Establish-session, sid ', P
R, P
S, role), call IKE as input
If obtain response (key, sid ', K), then record (sid, K);
In case step 1.6 is entity P
SReceive from P by network
RThe connection response information of coming (Establish-Session, sid, response) (sid=(P wherein
S, P
R, sid ')), entity P
SSid is set to established,
Step 1.7 is then with (Establish-session, sid ', P
S, P
R, role), call IKE as input
If obtain response (key, sid ', K), then record (sid, K);
Step 1.8, the initial message control counter.
6. as a kind of network data security transmission method as described in the claim 5, it is characterized in that the transmission data step of the transmitting terminal of described step 2 further comprises:
If step 2.1 is transmitting terminal entity P
SFor a session id (sid) (sid=(P wherein
S, P
R, sid ')) message that will send in addition, then execution in step 2.2, otherwise execution in step 2.7 finishes this session;
Step 2.2, if there is no write down (sid K), then ignores this input, execution in step 2.7, otherwise, execution in step 2.3;
Step 2.3 is then calculated e=TagEnc
K(m, l), with the value increase by 1 of message control counter, (sid, e l) give entity P to send message
R, start the time-out count device;
E=TagEnc
K(m, l) expression is carried out the authenticated encryption computing with key K to message m and counter value l, and ciphertext is composed to e as a result;
Step 2.4 subtracts 1 with the time-out count device;
Step 2.5 makes zero if the time-out count device is overtime, and then execution in step 2.7, otherwise execution in step 2.6;
Step 2.6, (l), then execution in step 2.1 for ack, sid, otherwise execution in step 2.4 if receive the response message that the recipient returns;
Step 2.7 finishes this session.
7. as a kind of network data security transmission method as described in the claim 5, it is characterized in that the reception data step of the receiving terminal of described step 3 further comprises:
Step 3.1 starts the time-out count device;
Step 3.2 subtracts 1 with the time-out count device;
Step 3.3 makes zero if the time-out count device is overtime, and then execution in step 3.8, otherwise execution in step 3.4;
Step 3.4 is as sporocarp P
RReceive a message (sid, e, l) (sid=(P wherein
S, P
R, sid ')), then execution in step 3.5, otherwise execution in step 3.2;
Step 3.5, P
RChecking also never received with the corresponding message of the value of counter l in current sessions, and exist record (sid, K), if then execution in step 3.6, otherwise execution in step 3.2;
Step 3.6 is calculated v=DecVer
K(e, l), if v ≠ ⊥, then execution in step 37, otherwise execution in step 3.2;
V=DecVer
K(e, l) expression is decrypted the checking computing with key K to ciphertext e and counter value l, and the result expressly composes to v, if failure then symbol " ⊥ " is composed to v;
Step 3.7, output message (sent, sid, v), and to entity P
STransmission message (ack, sid, l), execution in step 3.1;
Step 3.8 finishes this session.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200910119539 CN101834832B (en) | 2009-03-13 | 2009-03-13 | Method and system for safe transmission of network data |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200910119539 CN101834832B (en) | 2009-03-13 | 2009-03-13 | Method and system for safe transmission of network data |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101834832A true CN101834832A (en) | 2010-09-15 |
| CN101834832B CN101834832B (en) | 2013-07-10 |
Family
ID=42718764
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200910119539 Expired - Fee Related CN101834832B (en) | 2009-03-13 | 2009-03-13 | Method and system for safe transmission of network data |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101834832B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103368814A (en) * | 2012-03-27 | 2013-10-23 | 北京百度网讯科技有限公司 | Data push method, data push system and mobile terminal |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6151676A (en) * | 1997-12-24 | 2000-11-21 | Philips Electronics North America Corporation | Administration and utilization of secret fresh random numbers in a networked environment |
| CN1351789A (en) * | 1999-05-21 | 2002-05-29 | 国际商业机器公司 | Method and apparatus for initializing secure communications among and for exclusively pairing wireless devices |
| CN1656769A (en) * | 2002-04-12 | 2005-08-17 | 汤姆森许可贸易公司 | Method for the anonymous authentication of a data transmitter |
-
2009
- 2009-03-13 CN CN 200910119539 patent/CN101834832B/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6151676A (en) * | 1997-12-24 | 2000-11-21 | Philips Electronics North America Corporation | Administration and utilization of secret fresh random numbers in a networked environment |
| CN1351789A (en) * | 1999-05-21 | 2002-05-29 | 国际商业机器公司 | Method and apparatus for initializing secure communications among and for exclusively pairing wireless devices |
| CN1656769A (en) * | 2002-04-12 | 2005-08-17 | 汤姆森许可贸易公司 | Method for the anonymous authentication of a data transmitter |
Non-Patent Citations (3)
| Title |
|---|
| ZHENYU HU等: "The Tag Secrecy of Authentication and its Application to Implementing Secure Channels", 《ASIAN JOURNAL OF INFORMATION TECHNOLOGY》 * |
| 张效强等: "基于加密算法的数据安全传输的研究与设计", 《计算机与数字工程》 * |
| 胡振宇等: "利用IND-CVA实现安全信道", 《中国科学 F辑:信息科学》 * |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103368814A (en) * | 2012-03-27 | 2013-10-23 | 北京百度网讯科技有限公司 | Data push method, data push system and mobile terminal |
| CN103368814B (en) * | 2012-03-27 | 2016-12-28 | 北京百度网讯科技有限公司 | data push method, system and mobile terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101834832B (en) | 2013-07-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108270571B (en) | Internet of Things identity authorization system and its method based on block chain | |
| Xie | A new authenticated key agreement for session initiation protocol | |
| US7747865B2 (en) | Method and structure for challenge-response signatures and high-performance secure Diffie-Hellman protocols | |
| CN103095696B (en) | A kind of authentication and cryptographic key negotiation method being applicable to power information acquisition system | |
| CN103338215B (en) | The method setting up TLS passage based on the close algorithm of state | |
| CN103763356B (en) | A kind of SSL establishment of connection method, apparatus and system | |
| Bersani et al. | The EAP-PSK protocol: A pre-shared key extensible authentication protocol (EAP) method | |
| CN101902476B (en) | Method for authenticating identity of mobile peer-to-peer user | |
| EP2518932A2 (en) | A method of password-based authentication and session key agreement for secure data transmission, a method for securely transmitting data, and an electronic data transmission system | |
| CN102017510A (en) | Method and structure for self-sealed joint proof-of-knowledge and Diffie-Hellman key-exchange protocols | |
| CN104468126B (en) | A kind of safe communication system and method | |
| CN101931536B (en) | Method for encrypting and authenticating efficient data without authentication center | |
| CN103684798B (en) | Authentication method used in distributed user service | |
| CN104821933A (en) | Device and method certificate generation | |
| CN101626364A (en) | Method for authentication for resisting secrete data disclosure and key exchange based on passwords | |
| CN104901935A (en) | Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem) | |
| CN110048849A (en) | A kind of session cipher negotiating method of multilayer protection | |
| CN103118363A (en) | Method, system, terminal device and platform device of secret information transmission | |
| CN106713236A (en) | End-to-end identity authentication and encryption method based on CPK identifier authentication | |
| CN110233826A (en) | Based on the method for secret protection of data obfuscation, terminal data paradigmatic system between user | |
| CN110493162A (en) | Identity identifying method and system based on wearable device | |
| CN104753937A (en) | SIP (System In Package)-based security certificate registering method | |
| Niu et al. | A novel user authentication scheme with anonymity for wireless communications | |
| Zhang et al. | Unbalancing pairing-free identity-based authenticated key exchange protocols for disaster scenarios | |
| Li et al. | An improved authentication with key agreement scheme on elliptic curve cryptosystem for global mobility networks |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20130710 Termination date: 20160313 |