Summary of the invention
Embodiments of the invention provide a kind of and have carried out the method and apparatus of data encryption by softdog, thereby have solved softdog and the single problem of computer equipment connected mode.
The objective of the invention is to be achieved through the following technical solutions:
Embodiments of the invention provide a kind of method of carrying out data encryption by softdog on the one hand, comprising:
Portable terminal is set up bluetooth with computer equipment and is connected;
Described portable terminal connects the be-encrypted data that receives described computer equipment transmission by the bluetooth of setting up;
The built-in softdog of described portable terminal carries out encryption according to the key that generates in advance to described be-encrypted data, generates enciphered data;
Described portable terminal sends to described computer equipment with described enciphered data by the bluetooth connection of setting up.
Embodiments of the invention also provide a kind of portable terminal, comprising:
First bluetooth module, be used to set up with computer equipment between bluetooth be connected;
Softdog module, described softdog module comprise that Data Receiving submodule, data encryption submodule and data send submodule:
The bluetooth that described Data Receiving submodule is used for setting up by the described first Bluetooth function module connects, and receives the be-encrypted data that described computer equipment sends;
Described data encryption submodule is used for according to the key that generates in advance the be-encrypted data that described Data Receiving submodule receives being carried out encryption, generates enciphered data;
Described data send submodule and are used for the bluetooth connection that the enciphered data of described data encryption submodule generation is set up by described Bluetooth function module is sent to described computer equipment.
The embodiment of the invention also provides a kind of computer equipment, comprising:
Second bluetooth module is used for setting up bluetooth with portable terminal and is connected;
Data transmission blocks, the bluetooth that is used for setting up by described second bluetooth module connect to described portable terminal transmission be-encrypted data;
Data reception module, the bluetooth that is used for setting up by described second bluetooth module connects the enciphered data that the described portable terminal of reception returns.
The technical scheme that is provided by the embodiment of the invention described above as can be seen, in the embodiment of the invention, because softdog is built in the portable terminal, and realize the data encryption process of softdog in conjunction with Bluetooth technology, wireless connections between a kind of softdog and computer equipment mode not only is provided, has made that the softdog data encryption process is more convenient.In addition, owing to combine the Bluetooth technology with high security, more effective fail safe and reliability that guarantees the softdog data encryption process.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the invention, the technical scheme in the embodiment of the invention is clearly and completely described, obviously, described embodiment only is the present invention's part embodiment, rather than whole embodiment.Based on the embodiment among the present invention, those of ordinary skills belong to the scope of protection of the invention not making the every other embodiment that is obtained under the creative work prerequisite.
The embodiment of the invention provides a kind of method of carrying out data encryption in conjunction with the softdog of Bluetooth technology, and its processing procedure comprises following operation as described in Figure 1:
S101, portable terminal are set up bluetooth with computer equipment and are connected;
In the embodiment of the invention, this portable terminal is built-in with softdog, its specific implementation can be to increase the softdog functional module in portable terminal, perhaps at the SIM of portable terminal (Subscriber IdentityModule, client identification module) increase the softdog functional module in the card, perhaps with the softdog hardware internal in portable terminal or the like.
S102, this portable terminal connect the be-encrypted data that receiving computer equipment sends by the bluetooth of setting up;
S103, the built-in softdog of this portable terminal carry out encryption according to the key that generates in advance to above-mentioned be-encrypted data, generate enciphered data;
Above-mentioned key can generate by the process chip of portable terminal or by the process chip of softdog, also can be generated by the input of mobile terminal user interface by the user.After generating key, wherein PKI is sent to the aforementioned calculation machine equipment, concrete send mode can be by wired or wireless connected mode realization.
S104, this portable terminal send to the aforementioned calculation machine equipment with above-mentioned enciphered data by the bluetooth connection of setting up.
In the embodiment of the invention, because softdog is built in the portable terminal, and realize the data encryption process of softdog not only providing the mode of the wireless connections between a kind of softdog and the computer equipment in conjunction with Bluetooth technology, make that the softdog data encryption process is more convenient.In addition, owing to combine the Bluetooth technology with high security, more effective fail safe and reliability that guarantees the softdog data encryption process.
In order to guarantee the reliability of processing procedure, in the embodiment of the invention, before portable terminal connected the be-encrypted data that receives described computer equipment transmission by the bluetooth of setting up, can also comprise following authentication process: above-mentioned portable terminal received the authorization data that the aforementioned calculation machine equipment sends; This portable terminal compares authorization data that receives and the authorization data that presets; When the authorization data that receives is identical with the authorization data that presets, the be-encrypted data that allows receiving computer equipment to send so that softdog carries out data encryption, when the authorization data that receives and the authorization data that presets not simultaneously, then do not start softdog.Wherein, the authorization data that presets in the portable terminal is to be calculated according to the Bluetooth address of local mac (media interviews control) address, local bluetooth address and this portable terminal in advance by the aforementioned calculation machine equipment, and send to portable terminal, preserve by this portable terminal.Generate authorization data and can adopt existing algorithm to realize, for example and without limitation, can realize by bluetooth E21 or E22 algorithm.Authorization data that generation is preset and the process that is kept at portable terminal can be set up bluetooth at this and carry out before connecting.
Existing softdog can't carry out self-destruction to key, therefore has potential safety hazard.For addressing this problem, the method that the embodiment of the invention provides can also comprise following operation: when satisfying predetermined condition, and key that generates in advance that the portable terminal deletion is preserved and the authentication code that presets.This predetermined condition can be set up on their own by operator, portable terminal manufacturer or user in actual application as required.For example and without limitation, its specific implementation can be when portable terminal triggers SIM card self-destruction operation, to delete key of preserving that generates in advance and the authentication code that presets.
To be described in detail the specific implementation of the embodiment of the invention in actual application below.
In the time need carrying out encryption to the data of computer equipment by the built-in softdog of portable terminal, array is (for example and without limitation at random need to generate pair of secret keys and one group in advance by portable terminal, in the Application Example of the present invention, this organize array at random be limited and and be 128 array, for example, 60,50,18), and with PKI and this at random array be kept in the computer equipment.Its specific implementation is as follows:
Carry out input operation by the process chip of portable terminal or the process chip or the user of softdog by the mobile terminal user interface, generate pair of secret keys, and generate one group of array at random;
Private key is kept in the portable terminal, for example and without limitation, can be kept at the oem_info district of portable terminal;
PKI and above-mentioned array are at random sent to computer equipment by wired or wireless connection;
Computer equipment is preserved above-mentioned PKI and array at random.
In the time need carrying out encryption to the data of computer equipment by the built-in softdog of portable terminal, also need generate authorization data in advance (for example and without limitation by computer equipment, in the embodiment of the invention, this authorization data is 128 authentication codes) and be kept in the terminal equipment.Its specific implementation is as follows:
Computer equipment obtains 128 authentication codes according to the MAC Address of this computer equipment, the Bluetooth address of this computer equipment and the Bluetooth address of terminal equipment by algorithm (for example hash algorithm);
Computer equipment sends this authentication code to terminal equipment by wired or wireless connected mode;
Terminal equipment is preserved this authentication code, for example and without limitation, can be kept at the oem_info district of portable terminal.
Through above-mentioned pre-configured, just can carry out encryption to the data in the computer equipment by softdog built-in in the portable terminal.Its processing procedure as shown in Figure 2, specific implementation is as follows:
S201, terminal equipment are set up bluetooth with computer equipment and are connected by the Bluetooth pairing authentication;
S202, computer equipment block 128 authentication codes according to the array at random of preserving, obtain with array at random in the identical numeric string of numeric string number, and the numeric string of respectively organizing that will obtain utilizes at random string to supply 128 respectively, for example, array is 60,50,18 at random, be 60,50 and 18 three groups of numeric strings for authentication code blocks then, and behind three groups of numeric strings, supply 128 respectively, connect by bluetooth and send to terminal equipment with string at random with 128;
S203, terminal equipment receives the above-mentioned numeric string of respectively organizing, and the numeric string that receives is reduced to 128 authentication codes according to the array at random that receives in advance, for example, array is 60 at random, 50,18, then get first group of numeric string receiving preceding 60, get second group of numeric string receiving preceding 50, get the 3rd group of numeric string receiving preceding 18, and the significant digits polyphone that obtains is connect obtain 128 authentication codes in order, these 128 authentication codes and pre-configured 128 authentication codes are compared, if comparative result unanimity, then open the softdog function, and carry out S205, otherwise, do not open the softdog function, and optionally carry out S204;
S204, terminal equipment send failed authentication message to computer equipment, and perhaps terminal equipment disconnects and being connected with the bluetooth of computer equipment;
S205, computer equipment divide into groups be-encrypted data according to the array at random of preserving, and every group of numeric string that will obtain utilize after string is supplied 128 at random, connect by bluetooth to send to portable terminal;
Many groups character string that S206, portable terminal will receive is reduced to be-encrypted data according to the array at random that receives in advance, and according to the private key of preserving be-encrypted data is carried out encryption, generates enciphered data;
S207, portable terminal divide into groups enciphered data according to the order of array at random, and every group of numeric string that will obtain utilize after string is supplied 128 at random, connect by bluetooth to send to computer equipment.
Realized the data in the computer equipment are encrypted by above-mentioned processing procedure.Because softdog is built in the portable terminal, and realize the data encryption process of softdog not only providing the mode of the wireless connections between a kind of softdog and the computer equipment, make that the softdog data encryption process is more convenient in conjunction with Bluetooth technology.In addition, owing to combine the Bluetooth technology with high security, more effective fail safe and reliability that guarantees the softdog data encryption process.
The all or part of step of realization said method embodiment can be finished by the relevant hardware of program command, and aforesaid program can be stored in the computer read/write memory medium, and this program is carried out the step that comprises said method embodiment when carrying out; And aforesaid storage medium comprises: various media that can be program code stored such as ROM, RAM, magnetic disc or CD.
The embodiment of the invention also provides a kind of portable terminal, its structure as shown in Figure 3, the specific implementation structure comprises:
First bluetooth module 301, be used to set up with computer equipment between bluetooth be connected;
Softdog module 302 comprises that Data Receiving submodule 3021, data encryption submodule 3022 and data send submodule 3023:
Data Receiving submodule 3021 is used for connecting the be-encrypted data that receiving computer equipment sends by the bluetooth that the first Bluetooth function module 301 is set up;
Data encryption submodule 3022 is used for according to the key that generates in advance the be-encrypted data that data reception submodule 3021 receives being carried out encryption, generates enciphered data;
Data send submodule 3023 and are used for the bluetooth connection that the enciphered data of data encryption submodule 3022 generations is set up by Bluetooth function module 301 is sent to computer equipment.
The portable terminal that the embodiment of the invention provides, owing to possess the softdog function, and realize the data encryption process of softdog not only providing the mode of the wireless connections between a kind of softdog and the computer equipment in conjunction with Bluetooth technology, make that the softdog data encryption process is more convenient.In addition, owing to combine the Bluetooth technology with high security, more effective fail safe and reliability that guarantees the softdog data encryption process.
In order to guarantee the reliability of processing procedure, the portable terminal that the embodiment of the invention provides can also comprise the first authentication process module 303, be used for the authorization data that computer equipment is sent and compare with the authorization data that presets, this authorization data that presets is that computer equipment calculates and be kept in the mobile device according to the Bluetooth address of local mac address, local bluetooth address and portable terminal in advance; When the authorization data of sending when computer equipment is identical with the authorization data that presets, trigger softdog module 302 executable operations.When the authorization data that receives and the authorization data that presets not simultaneously, then do not start softdog.
Existing softdog can't carry out self-destruction to key, therefore has potential safety hazard.For addressing this problem, the portable terminal that the embodiment of the invention provides also comprises safety control module 304, is used for when satisfying predetermined condition key that generates in advance that deletion is preserved and the authentication code that presets.This predetermined condition can be set up on their own by operator, portable terminal manufacturer or user in actual application as required.For example and without limitation, its specific implementation can be when portable terminal triggers SIM card self-destruction operation, to delete key of preserving that generates in advance and the authentication code that presets.
The embodiment of the invention also provides a kind of computer equipment, its structure as shown in Figure 4, the specific implementation structure comprises:
Second bluetooth module 401 is used for setting up bluetooth with portable terminal and is connected;
Data transmission blocks 402 is used for connecting to portable terminal transmission be-encrypted data by the bluetooth that second bluetooth module 401 is set up;
Data reception module 403 is used for connecting the enciphered data that mobile terminal receive returns by the bluetooth that second bluetooth module 401 is set up.
The computer equipment that the embodiment of the invention provides also comprises the second authentication process module 404, be used for calculating authorization data, and described authorization data sent to described portable terminal by described data transmission blocks according to the Bluetooth address of local media access control MAC addresses, local bluetooth address and described portable terminal.
The above; only for the preferable embodiment of the present invention, but protection scope of the present invention is not limited thereto, and anyly is familiar with those skilled in the art in the technical scope that the present invention discloses; the variation that can expect easily or replacement all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range of claim.