CN102752298B - Secure communication method, terminal, server and system - Google Patents
Secure communication method, terminal, server and system Download PDFInfo
- Publication number
- CN102752298B CN102752298B CN201210223081.2A CN201210223081A CN102752298B CN 102752298 B CN102752298 B CN 102752298B CN 201210223081 A CN201210223081 A CN 201210223081A CN 102752298 B CN102752298 B CN 102752298B
- Authority
- CN
- China
- Prior art keywords
- key
- server
- authentication protocol
- initial message
- terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The invention provides a secure communication method, a terminal, a server and a system. The method comprises the following steps that: the terminal sends a client-side initial message to a first server, wherein the client-side initial message carriers a mark requesting to start the inner-layer/outer-layer key binding mechanism so that the first server responds to the client-side initial message and judges whether to start the inner-layer/outer-layer key binding mechanism; the terminal receives the server-side initial message returned by the first server, and judges whether the server-side initial message carriers the mark requesting to start the inner-layer/outer-layer key binding mechanism; if the server-side initial message carriers the mark, the terminal performs outer-layer authentication protocol negotiation with the first server to obtain an outer-layer authentication protocol key, performs inner-layer authentication protocol negotiation with the second server to obtain an inner-layer authentication protocol key, and generates a master key according to the outer-layer authentication protocol key and the inner-layer authentication protocol key; and the terminal performs secure communication by use of the master key.
Description
Technical field
The present invention relates to encryption technology, particularly relate to a kind of safety communicating method, terminal, server and system, belong to communication technical field.
Background technology
Transport Layer Security standard (Transport layer security, TLS) is a kind of widely used authentication and secure transfer protocol.Tls protocol obtains both sides by authentication and shares ground session key, for encryption and the certification of subsequent communications content, i.e. and confidentiality and integrity protection.Tls protocol is usually combined with other authentication protocol and carries out certification, as the outer layer tunnel of these authentication protocols, namely server side authentication is completed by tls protocol, client certificate is completed again by other authentication protocol, such as Extensible Authentication Protocol (Extensible Authentication Protocol, EAP), protection EAP agreement (Protected EAP, PEAP), challenge handshake authentication protocol (Challenge Handshake Authentication Protocol, CHAP), and Authentication and Key Agreement agreement (Authentication and Key Agreement, AKA) etc.
But be proved, when outer authentication protocol (i.e. tls protocol) and internal layer authentication protocol (being such as AKA) two kinds of patterns exist, occurred that a kind of go-between (Man-in-the-Middle, MITM) is attacked simultaneously.Fig. 1 is the signalling diagram of man-in-the-middle attack.As shown in Figure 1, comprise the following steps:
Step 101, go-between pretends to be terminal, sets up the PEAP tunnel between WLAN (Wireless Local Area Networks, WLAN) server;
Step 102, carries out the tls protocol based on server certificate between go-between and WLAN server, obtain TLS key;
Step 103, WLAN server sends EAP-request/mark (EAP-Request/Identity) message, and this EAP-request/identification message is carried by TLS, the international mobile subscriber identity (IMSI) of acquisition request terminal;
Step 104, go-between pretends to be WAP (wireless access point) (Access Point, AP), initiates IMSI request (IMSI Request) to using the terminal of non-tunnel mode;
Step 105, terminal response authentication request returns the IMSI of terminal to go-between;
Step 106, go-between pretends to be terminal, and return EAP-response/identity (EAP-Response/Identity) message carrying IMSI to WLAN, this message is carried by TLS;
Step 107, WLAN server sends parameters for authentication instruction, i.e. IMSI to home subscriber server (Home Subscriber Server, HSS), and this instruction is carried by MAP;
Step 108, the key shared with Global Subscriber identification card (USIM) is searched according to IMSI, five-tuple authentication vector (i.e. AKA certification five-tuple) is returned to WLAN server, carried by MAP, wherein five-tuple authentication vector comprises a random number (RAND), an Expected Response (XRES), encryption key (CK), an integrity check key (IK) and an authentication token (AUTN);
Step 109, WLAN server sends to go-between the EAP-request/AKA-carrying RAND and AUTN and challenges (EAP-Request/AKA-challenge) message, TLS carrying in this message;
Step 110, RAND and AUTN is sent to terminal by go-between;
Step 111, terminal utilizes CK and IK of the USIM of self, in conjunction with RAND and AUTN received, calculates the response (RES) to random number, RES is returned to go-between;
Step 112, go-between returns to WLAN server the EAP-response/AKA-carrying RES and challenges (EAP-Response/AKA-challenge) message, TLS carrying in this message;
Step 113, if WLAN server legal according to RES Authentication Client after, the WLAN master session key based on TLS tunnel keys of being derived by TLS key is sent to AP; Because tls protocol carries out between go-between and WLAN server, so go-between also knows WLAN master session key.
Step 114, go-between's counterfeit terminal access AP, WLAN link is stolen successfully.
Can be found out by above-mentioned flow process, even if internal layer authentication protocol and outer authentication protocol are all safe, this man-in-the-middle attack still can be successful.
Summary of the invention
The embodiment of the present invention provides a kind of safety communicating method, terminal, server and system, in order to solve the problem of man-in-the-middle attack when " outer authentication protocol+internal layer authentication protocol " and " internal layer authentication protocol " two kinds of patterns exist simultaneously.
According to the first aspect of the embodiment of the present invention, a kind of safety communicating method is provided, comprises:
Terminal sends client initial message to first server, described client initial message carries the mark of request cnable ectonexine key bindings mechanism, responds the judgement of described client initial message whether enable described ectonexine key bindings mechanism to make described first server;
Described terminal receives the service end initial message that first server returns, and judges whether described service end initial message carries the mark enabling described ectonexine key bindings mechanism;
If, then described terminal is by carrying out outer authentication protocol negotiation with described first server, obtain outer authentication protocol key, by carrying out the negotiation of internal layer authentication protocol with second server, obtain internal layer authentication protocol key, and according to described outer authentication protocol key and described internal layer authentication protocol key, generate key;
Described terminal utilizes described key to securely communicate.
According to the second aspect of the embodiment of the present invention, a kind of safety communicating method is provided, comprises:
The client initial message that first server receiving terminal sends, described client initial message carries the mark of request cnable ectonexine key bindings mechanism;
Described first server responds described client initial message, sends the service end initial message carrying the mark enabling described ectonexine key bindings mechanism to described terminal, enables described ectonexine key bindings mechanism to make described terminal know;
Described first server, by carrying out outer authentication protocol negotiation with described terminal, obtains outer authentication protocol key;
Described first server obtains the internal layer authenticate key that second server provides, and wherein, by described second server, by carrying out with described terminal, the negotiation of internal layer authentication protocol obtains described internal layer authenticate key;
Described first server, according to described outer authentication protocol key and described internal layer authentication protocol key, generates key;
Described key is supplied to relevant device by described first server, utilizes described key and described terminal to securely communicate to make described relevant device.
According to the third aspect of the embodiment of the present invention, a kind of terminal is provided, comprises:
First processing module, for sending client initial message to first server, described client initial message carries the mark of request cnable ectonexine key bindings mechanism, responds the judgement of described client initial message whether enable described ectonexine key bindings mechanism to make described first server;
Second processing module, for receiving the service end initial message that described first server returns, and judges whether described service end initial message carries the mark enabling described ectonexine key bindings mechanism;
3rd processing module, if carry the mark enabling described ectonexine key bindings mechanism for described service end initial message, then described terminal is by carrying out outer authentication protocol negotiation with described first server, obtain outer authentication protocol key, by carrying out the negotiation of internal layer authentication protocol with second server, obtain internal layer authentication protocol key, and according to described outer authentication protocol key and described internal layer authentication protocol key, generate key;
4th processing module, securely communicates for utilizing described key.
According to the fourth aspect of the embodiment of the present invention, a kind of server is provided, comprises:
5th processing module, for the client initial message that receiving terminal sends, described client initial message carries the mark of request cnable ectonexine key bindings mechanism;
6th processing module, for responding described client initial message, sends the service end initial message carrying the mark enabling described ectonexine key bindings mechanism to described terminal, enable described ectonexine key bindings mechanism to make described terminal know;
7th processing module, for by carrying out outer authentication protocol negotiation with described terminal, obtains outer authentication protocol key;
8th processing module, for obtaining the internal layer authenticate key that second server provides, wherein, by described second server, by carrying out with described terminal, the negotiation of internal layer authentication protocol obtains described internal layer authenticate key;
9th processing module, for according to described outer authentication protocol key and described internal layer authentication protocol key, generates key;
Tenth processing module, for described key is supplied to relevant device, utilizes described key and described terminal to securely communicate to make described relevant device.
According to the 5th aspect of the embodiment of the present invention, a kind of safe communication system is provided, comprise the terminal that the embodiment of the present invention provides, and with the first server of described terminal communication and second server, the server that wherein said first server provides for the embodiment of the present invention.
According to the safety communicating method that the embodiment of the present invention provides, terminal, server and system, by expanding the initial message of outer authentication protocol, increase a mark wherein, to realize in handshake procedure, server and terminal are determined to enable ectonexine key bindings mechanism, internal layer authentication protocol key and outer authentication protocol key are carried out binding the master key forming terminal and relevant device secure communication, make go-between successful counterfeit terminal cannot carry out subsequent secure communication, solve the problem of man-in-the-middle attack when " outer authentication protocol+internal layer authentication protocol " and " internal layer authentication protocol " two kinds of patterns exist simultaneously.And by modifying to outer authentication protocol (for TLS, for TLS layer), and without the need to modifying to the lower-layer protocols of carrying out tunnel authentication based on TLS, can solve the safety problem of man-in-the-middle attack, it is convenient to realize, and cost is low.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
Fig. 1 is the signalling diagram of man-in-the-middle attack;
Fig. 2 is the schematic flow sheet of the safety communicating method of one embodiment of the invention;
Fig. 3 is that in the embodiment of the present invention, terminal and server carry out TLS and shake hands and a schematic flow sheet of certification;
Fig. 4 is that in the embodiment of the present invention, terminal and server carry out the schematic flow sheet that EAP-AKA internal layer authentication protocol consults;
Fig. 5 is the system architecture diagram of a Wimax network;
Fig. 6 is the schematic flow sheet of the safety communicating method of another embodiment of the present invention;
Fig. 7 is the structural representation of the terminal of one embodiment of the invention;
Fig. 8 is the structural representation of the server of one embodiment of the invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.
Embodiment one
The present embodiment, from the angle of terminal, is described technical scheme of the present invention.
Fig. 2 is the schematic flow sheet of the safety communicating method of one embodiment of the invention.As shown in Figure 2, this safety communicating method comprises the following steps:
Step 201, terminal sends client initial message to first server, described client initial message carries the mark of request cnable ectonexine key bindings mechanism, responds the judgement of described client initial message whether enable described ectonexine key bindings mechanism to make described first server;
Step 202, described terminal receives the service end initial message that first server returns, and judges whether described service end initial message carries the mark enabling described ectonexine key bindings mechanism;
Step 203, if, then described terminal is by carrying out outer authentication protocol negotiation with described first server, obtain outer authentication protocol key, by carrying out the negotiation of internal layer authentication protocol with second server, obtain internal layer authentication protocol key, and according to described outer authentication protocol key and described internal layer authentication protocol key, generate key;
Step 204, described terminal utilizes described key to securely communicate.
Wherein, first server and second server can be same servers, also can be different servers.Hereinafter, to adopt TLS as outer authentication protocol, and adopt EAP AKA to be example as internal layer authentication protocol, above-mentioned steps S201 ~ S204 is described in detail, but it is only used as an example of the present invention, but not limitation of the present invention.Those skilled in the art will appreciate that and adopt other outer authentication protocol and/or internal layer authentication protocol arbitrarily all to can be used in realizing technical scheme of the present invention.
Fig. 3 is that in the embodiment of the present invention, terminal and first server are carried out TLS and shaken hands and a schematic flow sheet of certification.Wherein, TLS comprises each version, such as, comprise SSLv2, SSLv3, TLS1.0, TLS1.1, TLS1.2, DTLS etc., in addition, also can comprise other any TLS version.TLS in the present invention refers to all TLS versions.As shown in Figure 3, following flow process is comprised:
Step 301, terminal sends client initial message (Client hello packet) to first server, this client initial message comprises the cryptographic algorithm list that terminal is supported, and a TLS for request cnable ectonexine key bindings mechanism expands;
Step 302, first server customer in response end initial message, to terminal return service end initial message (Server hello packet), carries the TLS expansion of enabling ectonexine key bindings mechanism in service end initial message;
Particularly, first server selects a kind of cryptographic algorithm from cryptographic algorithm list, is carried in service end initial message.If first server self supports ectonexine key bindings mechanism, the TLS expansion of request cnable ectonexine key bindings mechanism whether is there is in the client initial message that then first server inspection receives, if exist, first server then first server judgement enables ectonexine key bindings mechanism, and in service end initial message, carry TLS expansion (being described for this situation in Fig. 3) that is enabled described ectonexine key bindings mechanism.
In addition, if first server self does not support the TLS expansion of ectonexine key bindings mechanism or this request cnable ectonexine key bindings mechanism of nonrecognition, then in service end initial message, the TLS expansion of enabling described ectonexine key bindings mechanism is not carried.
If the TLS expansion that there is not request cnable ectonexine key bindings mechanism is known in client initial message in first server inspection, then according to preset local policy, execution can be continued and shakes hands (sending the service end initial message not carrying the mark enabling ectonexine key bindings mechanism) or stop shaking hands.Such as, when there is not the TLS expansion of request cnable ectonexine key bindings mechanism in client initial message, first server thinks that this terminal may be a personation terminal, then stop shaking hands; Or, first server is thought even without consulting whether to enable ectonexine key bindings mechanism in handshake procedure, first server also has other method to carry out ectonexine key bindings (such as realizing binding in TLS lower floor), or first server knows not there are " outer authentication protocol+internal layer authentication protocol " and " internal layer authentication protocol " two kinds of patterns in a network simultaneously, then first server continuation execution is shaken hands, and sends the service end initial message not carrying the TLS expansion of enabling ectonexine key bindings mechanism.
Step 303, first server sends certificate (Certificate) message, carries public key certificate;
Step 304, first server sends service end and initially terminates (Server Hello Done) message, shows that service end initially terminates;
Step 305, terminal sends client key exchange (Client Key Exchange) message to first server, carries pre-master (pre-master) key utilizing public key encryption;
Terminal reads service end initial message, checks in service end initial message the TLS expansion whether carrying and enable ectonexine key bindings mechanism; If exist, then utilize the PKI in public key certificate to be encrypted a pre-master key, and the pre-master key of encryption is carried in client key exchange message and is sent to service end (being described for this situation in Fig. 3);
In addition, if the TLS expansion not carrying and enable ectonexine key bindings mechanism is known in service end initial message in terminal inspection, according to the difference of local policy, different process can be carried out.Such as, terminal carries out ectonexine key bindings (such as realizing binding in TLS lower floor) by other method, even if or terminal thinks that first server does not make in this way, the level of security of first server is also higher, such as when there is " outer authentication protocol+internal layer authentication protocol " and " internal layer authentication protocol " two kinds of patterns in network simultaneously, even if first server does not enable ectonexine key bindings mechanism, alternate manner is still had to prevent man-in-the-middle attack, then terminal can continue to perform subsequent authentication, and does not enable ectonexine key bindings mechanism; Otherwise terminal stops TLS certification.
Step 306, terminal sends change key specification (Change Cipher Spec) message, for showing message below, will protect with pre-master key;
Step 307, terminal sends and completes (Finished) message by pre-master key encryption;
Step 308, first server utilizes the pre-master key of private key pair encryption to be decrypted, first TLS master key and the first group session key is obtained according to TLS criterion calculation, and send change key specification message, for showing message below, will protect with first TLS master key and the first group session key;
Step 309, first server sends and completes message by first TLS master key and/or the first group session secret key encryption, make terminal can pass through to check this message, determine that first server has correct key, thus determine that first server has correct private key, demonstrate the legitimacy of first server;
Step 310, so far, the outer authentication protocol completed between terminal and first server is consulted, and follow-up use first TLS master key and/or the first group session key securely communicate, and namely establish the encryption tunnel between terminal and first server.
Fig. 3 is a kind of flow process that TLS shakes hands.For other TLS flow process, in step poly-301,302 and 305, terminal checks in server message that the mechanism whether carrying the TLS expansion of enabling ectonexine key bindings is identical.For other step, by different concrete reciprocal process, after completing certification, both sides calculate acquisition first TLS master key and the first group session key, and set up encryption tunnel.
Next, terminal and server carry out the negotiation of internal layer authentication protocol in encryption tunnel.
Fig. 4 is that in the embodiment of the present invention, terminal and second server carry out the schematic flow sheet that EAP-AKA internal layer authentication protocol consults.As shown in Figure 4, following flow process is comprised:
Step 401, second server sends EAP-request/mark (EAP-Request/Identity) message to terminal, the identify label (being such as IMSI) of acquisition request terminal;
Step 402, terminal replies identify label;
Step 403, second server according to identify label, obtain authentication vector, and RAND and AUTN in authentication vector is loaded in EAP-request/AKA-challenge message in be sent to terminal;
Particularly, take identify label as IMSI be example, second server initiates authentication data request to user attaching territory (HE) after obtaining the IMSI of terminal.HE searches out the key shared with terminal according to IMSI, and produces random number.Then utilize random number and Predistribution Algorithm to calculate five-tuple authentication vector, return to second server.RAND and AUTN is sent to terminal by second server.
Step 404, RES is loaded in EAP-response/AKA-challenge message and is sent to second server by terminal;
Particularly, terminal, according to the key shared, in conjunction with RAND, calculates RES, and RES is returned to second server;
Step 405, second server compared with the XRES in five-tuple Ciphering Key, if both are consistent, then confirms that terminal has correct key by the RES that terminal returned, thus confirm that this terminal is legal terminal but not counterfeit terminal, send EAP-success message to terminal;
Step 406, second server and terminal, respectively according to random number and key, utilize preset key to derive algorithm and derive internal layer authentication protocol key, i.e. AKA key.
After second server obtains AKA key, by this AKA Authentication theory to first server.So far, terminal and first server all get outer authentication protocol key and internal layer authentication protocol key.When opening ectonexine key bindings mechanism, terminal and first server, derive from according to outer authentication protocol key and internal layer authentication protocol key, generate second TLS master key, such as all utilize preset key to derive algorithm, from outer authentication protocol key and internal layer authentication protocol key, derive master key.With Fig. 3 and Figure 4 shows that example, then utilize the pre-master key of TLS (or first TLS master key, or the first group session key) and AKA secret generating second TLS master key.Terminal and first server utilize second master key according to the difference of TLS lower-layer protocols (being PEAP) here, adopt the algorithm that lower-layer protocols is concrete, further derivative key.Terminal uses the final key generated to communicate with miscellaneous equipment afterwards.Wherein, derive algorithm for the preset key of deriving second TLS master key, arbitrary key of the prior art can be utilized to derive algorithm, be not construed as limiting in the present invention.
For the safety communicating method of application above-described embodiment in worldwide interoperability for microwave access (Worldwide Interoperability for Microwave Access, Wimax), be described.
Fig. 5 is the system architecture diagram of a Wimax network.As shown in Figure 5, comprise Wimax AP 51, Wimax base station 52, security gateway 53, AAA server (Authentication, Authorization, Accounting Server, be called for short aaa server) 54 and HSS 55, adopt EAP-TTLS+EAP AKA authentication mechanism.To carry out in the process of outer certification and internal layer certification (wherein between Wimax AP 51 and aaa server 54, aaa server 54 is above-mentioned first server, HSS55 is above-mentioned second server), Wimax base station 52 and security gateway 53 transparent transmission certification related news.At aaa server 54 and Wimax AP 51, second TLS master key is generated according to ectonexine key bindings mechanism, then according to EAP-TTLS standard, after second further derivative key of TLS master key (MSK), the key MSK of derivation is supplied to security gateway 53.Security gateway 53 receives the key that aaa server 54 transmits, and derives from corresponding key, issues Wimax base station 52.Afterwards, Wimax base station 52, based on this key, is consulted generation with Wimax AP 51 and to be eated dishes without rice or wine encryption key.When there is man-in-the-middle attack, although go-between can complete outer protocol authentication and internal layer protocol authentication between counterfeit WimaxAP and aaa server, it cannot know internal layer authentication protocol key.Because aaa server 54 issues the key of security gateway, comprise the binding of ectonexine key, therefore, it is possible to effectively solve the problem of man-in-the-middle attack.
According to the safety communicating method of above-described embodiment, by expanding the initial message of outer authentication protocol, increase a mark wherein, to realize in handshake procedure, first server and terminal are determined to enable ectonexine key bindings mechanism, internal layer authentication protocol key and outer authentication protocol key are carried out binding the key forming terminal and relevant device secure communication, make go-between successful counterfeit terminal cannot carry out subsequent secure communication, solve the problem of man-in-the-middle attack when " outer authentication protocol+internal layer authentication protocol " and " internal layer authentication protocol " two kinds of patterns exist simultaneously.And by modifying to outer authentication protocol (for TLS, for TLS layer), and without the need to modifying to the lower-layer protocols of carrying out tunnel authentication based on TLS, can solve the safety problem of man-in-the-middle attack, it is convenient to realize, and cost is low.
Embodiment two
On the basis of the safety communicating method of above-described embodiment, described terminal to server sends client initial message, and the mark that described client initial message carries request cnable ectonexine key bindings mechanism specifically comprises:
Described terminal sends the client initial message carrying tunnel keys binding extended field to described server;
Correspondingly, describedly judge whether described service end initial message carries the mark enabling described ectonexine key bindings mechanism and specifically comprise:
Judge whether described service end initial message carries described tunnel keys binding extended field.
Particularly, by increasing new expansion type in client initial message/service end initial message, tunnel keys binding extended field (Tunnel Key Binding (TKB) Extension), as the mark enabling ectonexine key bindings mechanism.Namely terminal by increasing TKB extended field in client initial message, and its preparation of notification server uses this TKB to expand, i.e. request cnable ectonexine key bindings mechanism.If ectonexine key bindings mechanism is enabled in server judgement, namely accept this expansion, then in the service end initial message returning to terminal, also increase TKB extended field, with notification terminal, it accepts this expansion, namely enables ectonexine key bindings mechanism.
More specifically, in initial message, increase tunnel keys binding extended field, protocol massages can be set as follows:
New types value is increased in expansion type (Extension Type), such as:
Wherein, the concrete value of " tunnel keys binding (tunnel key binding) " is only used as example, the restriction not to technical solution of the present invention.
Further, by expansion growth data (Extension Data) curriculum offering be sky.This expansion type is all used in client initial message and service end initial message.
Embodiment three
The present embodiment, from the angle of the server of support ectonexine key bindings mechanism, is described technical scheme of the present invention.
Fig. 6 is the schematic flow sheet of the safety communicating method of another embodiment of the present invention.As shown in Figure 6, this safety communicating method comprises the following steps:
Step 601, the client initial message that first server receiving terminal sends, described client initial message carries the mark of request cnable ectonexine key bindings mechanism;
Step 602, described first server responds described client initial message, sends the service end initial message carrying the mark enabling described ectonexine key bindings mechanism to described terminal, enables described ectonexine key bindings mechanism to make described terminal know;
Step 603, described first server, by carrying out outer authentication protocol negotiation with described terminal, obtains outer authentication protocol key;
Step 604, described first server obtains the internal layer authenticate key that second server provides, and wherein, by described second server, by carrying out with described terminal, the negotiation of internal layer authentication protocol obtains described internal layer authenticate key;
Particularly, when first server and second server are same server, first server consults to obtain internal layer authenticate key by carrying out internal layer certification with terminal; When first server and second server are different server, second server, by carrying out the negotiation of internal layer authentication protocol with described terminal, obtains internal layer authentication protocol key, and described internal layer authenticate key is shared to described first server.
Step 605, described first server, according to described outer authentication protocol key and described internal layer authentication protocol key, generates key;
Step 606, described Authentication theory to relevant device, securely communicates based on described key to make described relevant device and described terminal by described first server.
The idiographic flow of the present embodiment is identical with safety communicating method in above-described embodiment, so place repeats no more.
According to the safety communicating method of the present embodiment, by expanding the initial message of outer authentication protocol, increase a mark wherein, to realize in handshake procedure, server and terminal are determined to enable ectonexine key bindings mechanism, internal layer authentication protocol key and outer authentication protocol key are carried out binding to form key, for key derivation and the secure communication of subsequent step, make go-between successful counterfeit terminal cannot carry out subsequent secure communication, solve the problem of man-in-the-middle attack when " outer authentication protocol+internal layer authentication protocol " and " internal layer authentication protocol " two kinds of patterns exist simultaneously.And by modifying to outer authentication protocol (for TLS, for TLS layer), and without the need to modifying to the lower-layer protocols of carrying out tunnel authentication based on TLS, can solve the safety problem of man-in-the-middle attack, it is convenient to realize, and cost is low.
Further, in the safety communicating method of above-described embodiment, described outer authentication protocol is Transport Layer Security standard agreement TLS, and described internal layer authentication protocol is Extensible Authentication Protocol EAP.
Further, in the safety communicating method of above-described embodiment, the client initial message that described first server receiving terminal sends, the mark that described client initial message carries request cnable ectonexine key bindings mechanism specifically comprises:
Described first server receives the client initial message carrying tunnel keys binding extended field that described terminal sends;
Correspondingly, the described service end initial message carrying the mark enabling described ectonexine key bindings mechanism to described terminal transmission specifically comprises:
Described first server sends the service end initial message carrying described tunnel keys binding extended field to described terminal.
Further, in the safety communicating method of above-described embodiment, the growth data of described client initial message and described service end initial message is empty.
Embodiment four
Fig. 7 is the structural representation of the terminal of one embodiment of the invention.As shown in Figure 7, this terminal comprises:
First processing module 71, for sending client initial message to first server, described client initial message carries the mark of request cnable ectonexine key bindings mechanism, responds the judgement of described client initial message whether enable described ectonexine key bindings mechanism to make described first server;
Second processing module 72, for receiving the service end initial message that first server returns, and judges whether described service end initial message carries the mark enabling described ectonexine key bindings mechanism;
3rd processing module 73, if carry the mark enabling described ectonexine key bindings mechanism for described service end initial message, then described terminal is by carrying out outer authentication protocol negotiation with described first server, obtain outer authentication protocol key, by carrying out the negotiation of internal layer authentication protocol with second server, obtain internal layer authentication protocol key, and according to described outer authentication protocol key and described internal layer authentication protocol key, generate key;
4th processing module 74, securely communicates for utilizing described key.
The idiographic flow of the terminal execution secure communication of the present embodiment is identical with the flow process of embodiment one or two, so place repeats no more.
According to the terminal of the present embodiment, by expanding the initial message of outer authentication protocol, increase a mark wherein, to realize in handshake procedure, server and terminal are determined to enable ectonexine key bindings mechanism, carry out internal layer authentication protocol key and outer authentication protocol key to bind the key forming terminal and miscellaneous equipment and securely communicate, make go-between successful counterfeit terminal cannot carry out subsequent secure communication, solve the problem of man-in-the-middle attack when " outer authentication protocol+internal layer authentication protocol " and " internal layer authentication protocol " two kinds of patterns exist simultaneously.And by modifying to outer authentication protocol (for TLS, for TLS layer), and without the need to modifying to the lower-layer protocols of carrying out tunnel authentication based on TLS, can solve the safety problem of man-in-the-middle attack, it is convenient to realize, and cost is low.
Further, if described 3rd processing module does not also carry the mark enabling described ectonexine key bindings mechanism for described service end initial message, then stop outer authentication protocol and consult; Or, by carrying out outer authentication protocol negotiation with described server, obtain outer authentication protocol key;
Correspondingly, described 4th processing module also for completing after outer authentication protocol consults with described server, utilizes described outer authentication protocol key and described server to securely communicate.
Further, described outer authentication protocol is Transport Layer Security standard agreement TLS, and described internal layer authentication protocol is Extensible Authentication Protocol EAP.
Further, described first processing module is specifically for sending the client initial message carrying tunnel keys binding extended field to described server;
Correspondingly, described second processing module is specifically for judging whether described service end initial message carries described tunnel keys binding extended field.
Further, the growth data of described client initial message and described service end initial message is empty.
Embodiment five
Fig. 8 is the structural representation of the server of one embodiment of the invention.As shown in Figure 8, this server comprises:
5th processing module 81, for the client initial message that receiving terminal sends, described client initial message carries the mark of request cnable ectonexine key bindings mechanism;
6th processing module 82, for responding described client initial message, sends the service end initial message carrying the mark enabling described ectonexine key bindings mechanism to described terminal, enable described ectonexine key bindings mechanism to make described terminal know;
7th processing module 83, for by carrying out outer authentication protocol negotiation with described terminal, obtains outer authentication protocol key;
8th processing module 84, for obtaining the internal layer authenticate key that second server provides, wherein, by described second server, by carrying out with described terminal, the negotiation of internal layer authentication protocol obtains described internal layer authenticate key;
9th processing module 85, for according to described outer authentication protocol key and described internal layer authentication protocol key, generates key;
Tenth processing module 86, for described key is supplied to relevant device, utilizes described key and described terminal to securely communicate to make described relevant device.
The workflow that the server of the present embodiment performs first server in the idiographic flow of secure communication and the safety communicating method of above-described embodiment is identical, so place repeats no more.
According to the server of the present embodiment, by expanding the initial message of outer authentication protocol, increase a mark wherein, to realize in handshake procedure, server and terminal are determined to enable ectonexine key bindings mechanism, internal layer authentication protocol key and outer authentication protocol key are carried out binding the key forming terminal and miscellaneous equipment secure communication, make go-between successful counterfeit terminal cannot carry out subsequent secure communication, solve the problem of man-in-the-middle attack when outer authentication protocol and internal layer authentication protocol two kinds of patterns exist simultaneously.And by modifying to outer authentication protocol (for TLS, for TLS layer), and without the need to modifying to the lower-layer protocols of carrying out tunnel authentication based on TLS, can solve the safety problem of man-in-the-middle attack, it is convenient to realize, and cost is low.
Further, if described 6th processing module does not also enable described ectonexine key bindings mechanism for judgement, then the service end initial message not carrying the mark enabling described ectonexine key bindings mechanism is sent to described terminal.
Further, described outer authentication protocol is Transport Layer Security standard agreement TLS, and described internal layer authentication protocol is Extensible Authentication Protocol EAP.
Further, described 5th processing module is specifically for receiving the client initial message carrying tunnel keys binding extended field of described terminal transmission;
Correspondingly, if described 6th module enables described ectonexine key bindings mechanism specifically for judgement; If so, then send to described terminal the service end initial message carrying described tunnel keys binding extended field.
Further, the growth data of described client initial message and described service end initial message is empty.
Embodiment six
The present embodiment provides a kind of safe communication system, comprises the terminal in embodiment four, and the server (namely first server and second server are same server) in embodiment five.
The safe communication system of the present embodiment performs the idiographic flow of secure communication, identical with the flow process that the terminal of embodiment three and the server of embodiment four perform secure communication, so place repeats no more.
According to the safe communication system of the present embodiment, by expanding the initial message of outer authentication protocol, increase a mark wherein, to realize in handshake procedure, server and terminal are determined to enable ectonexine key bindings mechanism, internal layer authentication protocol key and outer authentication protocol key are carried out binding the key forming terminal and relevant device secure communication, make go-between successful counterfeit terminal cannot carry out subsequent secure communication, solve the problem of man-in-the-middle attack when outer authentication protocol and internal layer authentication protocol two kinds of patterns exist simultaneously.And by modifying to outer authentication protocol (for TLS, for TLS layer), and without the need to modifying to the lower-layer protocols of carrying out tunnel authentication based on TLS, can solve the safety problem of man-in-the-middle attack, it is convenient to realize, and cost is low.
One of ordinary skill in the art will appreciate that: all or part of step realizing said method embodiment can have been come by the hardware that program command is relevant, aforesaid program can be stored in a computer read/write memory medium, this program, when performing, performs the step comprising said method embodiment; And aforesaid storage medium comprises: ROM, RAM, magnetic disc or CD etc. various can be program code stored medium.
Last it is noted that above embodiment is only in order to illustrate technical scheme of the present invention, be not intended to limit; Although with reference to previous embodiment to invention has been detailed description, those of ordinary skill in the art is to be understood that: it still can be modified to the technical scheme described in foregoing embodiments, or carries out equivalent replacement to wherein portion of techniques feature; And these amendments or replacement, do not make the essence of appropriate technical solution depart from the spirit and scope of various embodiments of the present invention technical scheme.
Claims (19)
1. a safety communicating method, is characterized in that, comprising:
Terminal sends client initial message to first server, described client initial message carries the mark of request cnable ectonexine key bindings mechanism, responds the judgement of described client initial message whether enable described ectonexine key bindings mechanism to make described first server;
Described terminal receives the service end initial message that first server returns, and judges whether described service end initial message carries the mark enabling described ectonexine key bindings mechanism;
If, then described terminal is by carrying out outer authentication protocol negotiation with described first server, obtain outer authentication protocol key, by carrying out the negotiation of internal layer authentication protocol with second server, obtain internal layer authentication protocol key, and according to described outer authentication protocol key and described internal layer authentication protocol key, generate key;
Described terminal utilizes described key to securely communicate.
2. safety communicating method according to claim 1, is characterized in that, described judge whether described service end initial message carries the mark enabling described ectonexine key bindings mechanism after, also comprise:
If not, then described terminal stops the negotiation of outer authentication protocol; Or, by carrying out outer authentication protocol negotiation with described first server, obtain outer authentication protocol key, and completing after outer authentication protocol consults with described first server, utilize described outer authentication protocol key to securely communicate.
3. safety communicating method according to claim 1, is characterized in that, described outer authentication protocol is Transport Layer Security standard agreement TLS, and described internal layer authentication protocol is Extensible Authentication Protocol EAP.
4., according to the arbitrary described safety communicating method of claim 1-3, it is characterized in that, described terminal sends client initial message to first server, and the mark that described client initial message carries request cnable ectonexine key bindings mechanism specifically comprises:
Described terminal sends the client initial message carrying tunnel keys binding extended field to described first server;
Correspondingly, describedly judge whether described service end initial message carries the mark enabling described ectonexine key bindings mechanism and specifically comprise:
Judge whether described service end initial message carries described tunnel keys binding extended field.
5. safety communicating method according to claim 4, is characterized in that, the growth data of described client initial message and described service end initial message is empty.
6. a safety communicating method, is characterized in that, comprising:
The client initial message that first server receiving terminal sends, described client initial message carries the mark of request cnable ectonexine key bindings mechanism;
Described first server responds described client initial message, sends the service end initial message carrying the mark enabling described ectonexine key bindings mechanism to described terminal, enables described ectonexine key bindings mechanism to make described terminal know;
Described first server, by carrying out outer authentication protocol negotiation with described terminal, obtains outer authentication protocol key;
Described first server obtains the internal layer authenticate key that second server provides, and wherein, by described second server, by carrying out with described terminal, the negotiation of internal layer authentication protocol obtains described internal layer authenticate key;
Described first server, according to described outer authentication protocol key and described internal layer authentication protocol key, generates key;
Described key is supplied to relevant device by described first server, utilizes described key and described terminal to securely communicate to make described relevant device.
7. safety communicating method according to claim 6, is characterized in that, described outer authentication protocol is Transport Layer Security standard agreement TLS, and described internal layer authentication protocol is Extensible Authentication Protocol EAP.
8. the safety communicating method according to claim 6 or 7, is characterized in that, the client initial message that described first server receiving terminal sends, and the mark that described client initial message carries request cnable ectonexine key bindings mechanism specifically comprises:
Described first server receives the client initial message carrying tunnel keys binding extended field that described terminal sends;
Correspondingly, the described service end initial message carrying the mark enabling described ectonexine key bindings mechanism to described terminal transmission specifically comprises:
Described first server sends the service end initial message carrying described tunnel keys binding extended field to described terminal.
9. the safety communicating method according to claim 6 or 7, is characterized in that, the growth data of described client initial message and described service end initial message is empty.
10. a terminal, is characterized in that, comprising:
First processing module, for sending client initial message to first server, described client initial message carries the mark of request cnable ectonexine key bindings mechanism, responds the judgement of described client initial message whether enable described ectonexine key bindings mechanism to make described first server;
Second processing module, for receiving the service end initial message that described first server returns, and judges whether described service end initial message carries the mark enabling described ectonexine key bindings mechanism;
3rd processing module, if carry the mark enabling described ectonexine key bindings mechanism for described service end initial message, then described terminal is by carrying out outer authentication protocol negotiation with described first server, obtain outer authentication protocol key, by carrying out the negotiation of internal layer authentication protocol with second server, obtain internal layer authentication protocol key, and according to described outer authentication protocol key and described internal layer authentication protocol key, generate key;
4th processing module, securely communicates for utilizing described key.
11. terminals according to claim 10, is characterized in that, if described 3rd processing module does not also carry the mark enabling described ectonexine key bindings mechanism for described service end initial message, then stop outer authentication protocol and consult; Or, by carrying out outer authentication protocol negotiation with described first server, obtain outer authentication protocol key;
Correspondingly, described 4th processing module also for completing after outer authentication protocol consults with described first server, utilizes described outer authentication protocol key to securely communicate.
12. terminals according to claim 10, is characterized in that, described outer authentication protocol is Transport Layer Security standard agreement TLS, and described internal layer authentication protocol is Extensible Authentication Protocol EAP.
13., according to the arbitrary described terminal of claim 10-12, is characterized in that, described first processing module is specifically for sending the client initial message carrying tunnel keys binding extended field to described first server;
Correspondingly, described second processing module is specifically for judging whether described service end initial message carries described tunnel keys binding extended field.
14. terminals according to claim 13, is characterized in that, the growth data of described client initial message and described service end initial message is empty.
15. 1 kinds of servers, is characterized in that, comprising:
5th processing module, for the client initial message that receiving terminal sends, described client initial message carries the mark of request cnable ectonexine key bindings mechanism;
6th processing module, for responding described client initial message, sends the service end initial message carrying the mark enabling described ectonexine key bindings mechanism to described terminal, enable described ectonexine key bindings mechanism to make described terminal know;
7th processing module, for by carrying out outer authentication protocol negotiation with described terminal, obtains outer authentication protocol key;
8th processing module, for obtaining the internal layer authenticate key that second server provides, wherein, by described second server, by carrying out with described terminal, the negotiation of internal layer authentication protocol obtains described internal layer authenticate key;
9th processing module, for according to described outer authentication protocol key and described internal layer authentication protocol key, generates key;
Tenth processing module, for described key is supplied to relevant device, utilizes described key and described terminal to securely communicate to make described relevant device.
16. servers according to claim 15, is characterized in that, described outer authentication protocol is Transport Layer Security standard agreement TLS, and described internal layer authentication protocol is Extensible Authentication Protocol EAP.
17. servers according to claim 15 or 16, it is characterized in that, described 5th processing module specifically comprises: receive the client initial message carrying tunnel keys binding extended field that described terminal sends;
Correspondingly, described 6th processing module is specifically for sending the service end initial message carrying described tunnel keys binding extended field to described terminal.
18. servers according to claim 15 or 16, is characterized in that, the growth data of described client initial message and described service end initial message is empty.
19. 1 kinds of safe communication systems, is characterized in that, comprise the arbitrary described terminal of claim 10-14, and with the first server of described terminal communication and second server, wherein, described first server is the arbitrary described server of claim 15-18; Described second server, for by carrying out the negotiation of internal layer authentication protocol with described terminal, obtaining internal layer authentication protocol key, and described internal layer authenticate key is shared to described first server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210223081.2A CN102752298B (en) | 2012-06-29 | 2012-06-29 | Secure communication method, terminal, server and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210223081.2A CN102752298B (en) | 2012-06-29 | 2012-06-29 | Secure communication method, terminal, server and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102752298A CN102752298A (en) | 2012-10-24 |
| CN102752298B true CN102752298B (en) | 2015-04-29 |
Family
ID=47032198
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210223081.2A Active CN102752298B (en) | 2012-06-29 | 2012-06-29 | Secure communication method, terminal, server and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102752298B (en) |
Families Citing this family (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104735037B (en) * | 2013-12-24 | 2018-11-23 | 中国移动通信集团公司 | A kind of method for network authorization, apparatus and system |
| CN109891416A (en) * | 2016-10-27 | 2019-06-14 | 株式会社电装 | For authenticating and the system and method for authorization device |
| CN114945037A (en) * | 2020-01-19 | 2022-08-26 | 支付宝实验室(新加坡)有限公司 | Session establishment method, cross-border payment method, device and system |
| CN111614660B (en) * | 2020-05-19 | 2022-01-18 | 北京字节跳动网络技术有限公司 | Method and device for detecting safety verification defects and electronic equipment |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2009022560A1 (en) * | 2007-08-13 | 2009-02-19 | Kabushiki Kaisha Toshiba | Client device, server device, and program |
| CN101686266A (en) * | 2008-09-24 | 2010-03-31 | 华为技术有限公司 | Method and network equipment for acquiring management address by wireless access equipment |
| CN101753303A (en) * | 2008-12-03 | 2010-06-23 | 北京天融信科技有限公司 | Double-factor authentication method |
-
2012
- 2012-06-29 CN CN201210223081.2A patent/CN102752298B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2009022560A1 (en) * | 2007-08-13 | 2009-02-19 | Kabushiki Kaisha Toshiba | Client device, server device, and program |
| CN101686266A (en) * | 2008-09-24 | 2010-03-31 | 华为技术有限公司 | Method and network equipment for acquiring management address by wireless access equipment |
| CN101753303A (en) * | 2008-12-03 | 2010-06-23 | 北京天融信科技有限公司 | Double-factor authentication method |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102752298A (en) | 2012-10-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7707412B2 (en) | Linked authentication protocols | |
| KR101054202B1 (en) | Secure authentication and key management within infrastructure-based wireless multihop networks | |
| EP2168068B1 (en) | Method and arrangement for certificate handling | |
| JP4801147B2 (en) | Method, system, network node and computer program for delivering a certificate | |
| ES2295336T3 (en) | SYSTEM, APPARATUS AND METHOD FOR SIM-BASED AUTHENTICATION AND ENCRYPTION (SUBSCRIBER IDENTIFICATION MODULE) IN ACCESS OF A WIRELESS LOCAL AREA NETWORK (WLAN). | |
| EP3750342B1 (en) | Mobile identity for single sign-on (sso) in enterprise networks | |
| CN101500229B (en) | Method for establishing security association and communication network system | |
| US9668139B2 (en) | Secure negotiation of authentication capabilities | |
| CN100539521C (en) | A kind of method that realizes radio local area network authentication | |
| CN104852896B (en) | A kind of Wi Fi radio nodes method of network entry and system | |
| CN104982053B (en) | For obtaining the method and network node of the permanent identity of certification wireless device | |
| US20110246770A1 (en) | Authentication method, authentication system, server terminal, client terminal and computer programs therefor | |
| WO2009152749A1 (en) | A binding authentication method, system and apparatus | |
| WO2009074050A1 (en) | A method, system and apparatus for authenticating an access point device | |
| CN104683343B (en) | A kind of method of terminal quick registration Wi-Fi hotspot | |
| CN104735037B (en) | A kind of method for network authorization, apparatus and system | |
| CN102752298B (en) | Secure communication method, terminal, server and system | |
| Matos et al. | Secure hotspot authentication through a near field communication side-channel | |
| CN103139770B (en) | The method and system of pairwise master key is transmitted in WLAN access network | |
| CN102685742A (en) | WLAN (Wireless Local Area Network ) access authentication method and device | |
| Fantacci et al. | Analysis of secure handover for IEEE 802.1 x-based wireless ad hoc networks | |
| Marques et al. | Integration of the Captive Portal paradigm with the 802.1 X architecture | |
| CN110366179A (en) | A kind of authentication method, equipment and computer readable storage medium | |
| Ntantogian et al. | An enhanced EAP-SIM authentication scheme for securing WLAN | |
| Fout et al. | Wireless 802.11 Security with Windows XP |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20211223 Address after: 450046 Floor 9, building 1, Zhengshang Boya Plaza, Longzihu wisdom Island, Zhengdong New Area, Zhengzhou City, Henan Province Patentee after: Super fusion Digital Technology Co.,Ltd. Address before: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen Patentee before: HUAWEI TECHNOLOGIES Co.,Ltd. |
|
| TR01 | Transfer of patent right |