CN103684783A - Communication encryption method based on communication network - Google Patents
Communication encryption method based on communication network Download PDFInfo
- Publication number
- CN103684783A CN103684783A CN201310649980.3A CN201310649980A CN103684783A CN 103684783 A CN103684783 A CN 103684783A CN 201310649980 A CN201310649980 A CN 201310649980A CN 103684783 A CN103684783 A CN 103684783A
- Authority
- CN
- China
- Prior art keywords
- communication
- key
- terminal
- self
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a communication encryption method based on a communication network. The communication encryption method based on the communication network is characterized by comprising the following steps that (1) authentication and registration are conducted on the system side of terminals; (2) secret keys are self-defined between the terminals, and the self-defined secret keys are stored in the terminals; (3) the self-defined secret keys of the terminals start to be used; (4) communication encryption is conduced, wherein communication encryption comprises the steps that (41) one terminal makes an encryption call request with an encryption identification to the other terminal, (42) if the called-party terminal judges out self-defined encryption communication according to the encryption identification, a working secret key which is processed through the corresponding self-defined secret key starts to be used, (43) the called party accepts communication, the terminals of the two parties respectively conduct encryption or decryption on communication data with the working secret keys which are processed through the corresponding self-defined secret keys, and encryption communication is conducted. By the adoption of the communication encryption method based on the communication network, the self-defined secret keys can be allocated offline through coordination, so that the confidentiality is higher, the privacy is better, and monitoring of communication cannot be realized on the system side.
Description
Technical field
The invention belongs to communication encrypting method technical field, specifically, relate to a kind of communication encrypting method based on communication network.
Background technology
Current encryption communication method, its implementation is mainly the coded communication under side management equipment control Network Based is controlled, the behaviors such as its registration, key management, key agreement, under the server controls such as key management, are all a kind of coded communication systems of pure centralized management.This mode has realized the controlled, secret of communication activity, but, the place one's entire reliance upon management of the equipment such as system side Key Management server of the coded communication of this kind of mode, to a certain extent, its confidentiality unreliable, such as going wrong as internal staff, can be on system side equipment the key information of equipment, realize internal technology and attack, communication will be eavesdropped.
Based on this, how to invent a kind of communication encrypting method based on communication network, by introducing User Defined key, can realize the coded communication of end-to-end more secret, system side is not known in the self-defined key situation of end side, system side cannot be implemented eavesdropping to this communication, has stronger confidentiality.
Summary of the invention
The present invention, in order to solve the not high problem of existing coded communication mode confidentiality, provides a kind of communication encrypting method based on communication network, adopts User Defined key mode, and system side cannot be eavesdropped communication, has stronger confidentiality.
In order to solve the problems of the technologies described above, the present invention is achieved by the following technical solutions:
A communication encrypting method based on communication network, comprises the following steps:
(1), terminal before being encrypted communication, first complete the initialization of local data, then terminal is carried out system side authentication and registration;
(2), select self-defined cipher key mode, between terminal, consult self-defined key, and this self-defined key be kept in each terminal;
(3), the self-defined key of terminal enable step, select to enable the self-defined key of negotiation;
(4), communication encryption step:
(41), a terminal is initiated the call encryption request with encryption type sign to another terminal;
(42), called party's terminal is according to encryption identification, if judge as self-defined secret key encryption communication, find out and be stored in the self-defined key of enabling in local terminal, adopt algorithm to generate working key, calling party's terminal adopts same algorithm, utilizes this self-defined key to generate working key;
(43), called party accepts communication request, both sides' terminal respectively with the working key that generated to encryption of communicated data or deciphering, be encrypted communication.
Further, between step (41) and step (42), also comprise step (41a): Key Management server carries out the step of key agreement distribution to both sides' terminal, Key Management server is sent to respectively both sides' terminal by arranging key.
Further, in step (42), both sides' terminal utilizes arranging key and the self-defined key that Key Management server issues to generate working key.
Further again, in described step (41), described encryption identification comprises Custom Encryption communication identifier and common coded communication sign, in step (42), if judge as common coded communication, the arranging key that both sides' terminal issues Key Management server is as working key.
Preferably, in step (2), between terminal by manual input, WIFI, scanning barcode, note, IP data or the self-defined key of bluetooth negotiation.
Further, in step (2), between terminal, after self-defined key, also comprise confirmation step, between terminal, confirm that self-defining key agreement is normal and credible.
Preferably, Key Management server is sent to respectively both sides' terminal by note or IP data or service channel mode by arranging key.
Compared with prior art, advantage of the present invention and good effect are: the communication encrypting method based on communication network of the present invention, 1) self-defined key generates conveniently, negotiation is simple flexibly, and user only need confirm, is simple and easy to use; 2) self-defined key can line under negotiated match, confidentiality is higher, privacy is strong, cannot realize the monitoring of communication in system side; 3) can realize logical groups coded communication pattern, adopt the terminal of identical self-defined key to be mutually encrypted call, form the logical groups on definite meaning.
Read by reference to the accompanying drawings after the detailed description of embodiment of the present invention, it is clearer that the other features and advantages of the invention will become.
Accompanying drawing explanation
Fig. 1 is the flow chart of inventing a kind of communication encrypting method based on communication network proposing;
Fig. 2 is the system block diagram of a kind of communication encrypting method based on communication network proposed by the invention.
Embodiment
Below in conjunction with accompanying drawing, the specific embodiment of the present invention is described in more detail.
Embodiment mono-, shown in Figure 1, and the present embodiment discloses a kind of communication encrypting method based on communication network, comprises the following steps:
S1, terminal, before being encrypted communication, first complete the initialization of local data, and then terminal is carried out system side authentication and registration;
S2, select self-defined cipher key mode, between terminal, consult self-defined key, and this self-defined key is kept in each terminal;
S3, the self-defined key of terminal enable step, select to enable consulted self-defined key;
S4, communication encryption step:
S41, a terminal are initiated the call encryption request with encryption type sign to another terminal;
S42, called party's terminal are according to encryption identification, if judge as self-defined secret key encryption communication, find out and be stored in the self-defined key of enabling in local terminal, adopt algorithm to generate working key, calling party's terminal adopts same algorithm, utilizes this self-defined key to generate working key;
S43, called party accept communication request, both sides' terminal respectively with the working key that generated to encryption of communicated data or deciphering, be encrypted communication.
Shown in Figure 2, in step S1, for example, terminal A and B are before being encrypted and communicating by letter, and first start realizes the authentication to two parties, completes the initialization of local data, then by certain data path, carries out system side authentication and registration.In step S2, between terminal, the mode of self-defined key is more flexible, under can be online, complete, also be, between terminal, self-defining key, without KMC, only has between terminal and knows, the key arranging by self-defined mode, can effectively prevent that system side from internaling attack, and then eavesdropping Content of Communication.In step S42, because both sides' terminal in step S2 has been carried out local storage by self-defined key, calling party only need be sent to called party by the call encryption request with self-defined secret key encryption sign, then both sides' terminal is utilized identical special algorithm, at each self terminal, according to self-defined key, generate working key respectively, because algorithm is identical, the working key therefore generating is also identical.Therefore, system side is not known completely to working key, even if system side is known cryptographic algorithm, but does not know cannot obtain working key by self-defined key yet, has farthest guaranteed the security reliability of communication.
As a specific embodiment, in current common encryption mode, need Key Management server to carry out key agreement distribution, in order to make this encryption method compatible with existing common encryption method, between step S41 and step S42, also comprise step S41a: Key Management server carries out the step of key agreement distribution to both sides' terminal, Key Management server is sent to respectively both sides' terminal by arranging key.
In order further to improve the level of confidentiality of working key, in step S42, if judge the other side's request for self-defined secret key encryption communication, both sides' terminal utilizes arranging key and the self-defined key that server issues to generate working key by special algorithm, has further improved again the difficulty of working key and has decoded degree.Adopt the encryption terminal of this encryption method can compatible existing encryption system, comprise software cryptography or the encryption based on hardware module, when user enables self-defined key, optional working key is carried out to mixed processing, Huo conventional software encrypt or module encrypt data after adopt the combination of other algorithm and self-defined key to carry out another to take turns encryption; If do not enable self-defined key, complete the and existing coded communication pattern of its workflow is identical.
If adopt self-defined key to carry out other one encryption of taking turns, can sacrifice to some extent in time, therefore being encrypted, the pattern that preferentially adopts self-defined key and arranging key to mix the real working key of generation communicates by letter.
In step S41a, relate to Key Management server and both sides' terminal is carried out to the step of key agreement distribution, Key Management server is sent to respectively both sides' terminal by arranging key, for the compatible common coded communication of this encryption method provides possibility, therefore, in step S41, encryption identification comprises self-defined secret key encryption communication identifier and common coded communication sign, accordingly, in step S42, if judge as common coded communication, both sides' terminal is using arranging key as working key, then according to common coded communication mode coded communication.
In step S2, between terminal, can consult self-defined key by modes such as manual input, WIFI, scanning barcode, note, IP data or the self-defined keys of bluetooth negotiation.In order to ensure the reliability of self-defined communication, in step S2, between terminal, after self-defined key, also comprise confirmation step, between terminal, confirm that self-defining key is normal and credible.
In step S41a, Key Management server is preferably sent to respectively both sides' terminal by note or IP data or service channel mode by arranging key.
The communication encrypting method based on communication network of the present embodiment, can compatible original encryption system, while not enabling self-defined key, be downgraded to original encryption system and be encrypted call, cipher mode is flexible, without revising system side facility, and, this communication encrypting method is not limited by network type, at 3G(CDMA EVDO or WCDMA or TD-SCDMA) all can realize in network, LTE network and other digital communications networks.
Certainly; above-mentioned explanation is not limitation of the present invention; the present invention is also not limited in above-mentioned giving an example, and the variation that those skilled in the art make in essential scope of the present invention, remodeling, interpolation or replacement, also should belong to protection scope of the present invention.
Claims (7)
1. the communication encrypting method based on communication network, is characterized in that, comprises the following steps:
(1), terminal before being encrypted communication, first complete the initialization of local data, then terminal is carried out system side authentication and registration;
(2), select self-defined cipher key mode, between terminal, consult self-defined key, and this self-defined key be kept in each terminal;
(3), the self-defined key of terminal enable step, select to enable consulted self-defined key;
(4), communication encryption step:
(41), a terminal is initiated the call encryption request with encryption type sign to another terminal;
(42), called party's terminal is according to encryption identification, if judge as Custom Encryption communication, find out and be stored in the self-defined key of enabling in local terminal, adopt certain algorithm to generate working key, calling party's terminal adopts same algorithm, utilizes this self-defined key to generate working key;
(43), called party accepts communication request, both sides' terminal respectively with the working key that generated to encryption of communicated data or deciphering, be encrypted communication.
2. the communication encrypting method based on communication network according to claim 1, it is characterized in that, between step (41) and step (42), also comprise step (41a): Key Management server carries out the step of key agreement distribution to both sides' terminal, Key Management server is sent to respectively both sides' terminal by arranging key.
3. the communication encrypting method based on communication network according to claim 2, is characterized in that, in step (42), both sides' terminal utilizes arranging key and the self-defined key that Key Management server issues to generate working key by special algorithm.
4. the communication encrypting method based on communication network according to claim 2, it is characterized in that, in described step (41), described encryption identification comprises Custom Encryption communication identifier and common coded communication sign, in step (42), if judge as common coded communication, both sides' terminal is using arranging key as working key.
5. according to the communication encrypting method based on communication network described in claim 1-4 any one claim, it is characterized in that, in step (2), between terminal by manual input, note, IP data or the self-defined key of bluetooth negotiation.
6. the communication encrypting method based on communication network according to claim 5, is characterized in that, in step (2), also comprises confirmation step between terminal after self-defined key, confirms that self-defining key is normal and credible between terminal.
7. the communication encrypting method based on communication network according to claim 2, is characterized in that, Key Management server is sent to respectively both sides' terminal by note or IP data or service channel mode by arranging key.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310649980.3A CN103684783A (en) | 2013-12-06 | 2013-12-06 | Communication encryption method based on communication network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310649980.3A CN103684783A (en) | 2013-12-06 | 2013-12-06 | Communication encryption method based on communication network |
Publications (1)
Publication Number | Publication Date |
---|---|
CN103684783A true CN103684783A (en) | 2014-03-26 |
Family
ID=50321177
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310649980.3A Pending CN103684783A (en) | 2013-12-06 | 2013-12-06 | Communication encryption method based on communication network |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103684783A (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104066080A (en) * | 2014-06-05 | 2014-09-24 | 天地融科技股份有限公司 | Data processing method of voice communication |
CN105812384A (en) * | 2016-04-29 | 2016-07-27 | 宇龙计算机通信科技(深圳)有限公司 | Communication method and system |
CN107579964A (en) * | 2017-08-25 | 2018-01-12 | 上海斐讯数据通信技术有限公司 | Data transmission method and device |
CN108307332A (en) * | 2018-01-23 | 2018-07-20 | 武汉虹旭信息技术有限责任公司 | Secure short message communication system based on Android platform and its method |
CN109586901A (en) * | 2018-12-05 | 2019-04-05 | 中国联合网络通信集团有限公司 | A kind of key updating method and equipment |
CN113242538A (en) * | 2021-05-11 | 2021-08-10 | 深圳市创意者科技有限公司 | Communication voice information encryption system of Bluetooth conference sound box |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101056176A (en) * | 2007-05-31 | 2007-10-17 | 北京网秦天下科技有限公司 | End-to-end encryption method and control device for the mobile phone SMS |
WO2008026060A2 (en) * | 2006-08-31 | 2008-03-06 | Encap As | Method, system and device for synchronizing between server and mobile device |
CN101159907A (en) * | 2007-11-20 | 2008-04-09 | 青岛海信移动通信技术股份有限公司 | Method and system of encrypting multimode mobile communication terminal |
CN101267297A (en) * | 2008-04-01 | 2008-09-17 | 华为技术有限公司 | An encryption implementation method and device in communication system |
CN101277512A (en) * | 2007-03-27 | 2008-10-01 | 厦门致晟科技有限公司 | Method for ciphering wireless mobile terminal communication |
-
2013
- 2013-12-06 CN CN201310649980.3A patent/CN103684783A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2008026060A2 (en) * | 2006-08-31 | 2008-03-06 | Encap As | Method, system and device for synchronizing between server and mobile device |
CN101277512A (en) * | 2007-03-27 | 2008-10-01 | 厦门致晟科技有限公司 | Method for ciphering wireless mobile terminal communication |
CN101056176A (en) * | 2007-05-31 | 2007-10-17 | 北京网秦天下科技有限公司 | End-to-end encryption method and control device for the mobile phone SMS |
CN101159907A (en) * | 2007-11-20 | 2008-04-09 | 青岛海信移动通信技术股份有限公司 | Method and system of encrypting multimode mobile communication terminal |
CN101267297A (en) * | 2008-04-01 | 2008-09-17 | 华为技术有限公司 | An encryption implementation method and device in communication system |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104066080A (en) * | 2014-06-05 | 2014-09-24 | 天地融科技股份有限公司 | Data processing method of voice communication |
CN104066080B (en) * | 2014-06-05 | 2017-12-08 | 天地融科技股份有限公司 | A kind of data processing method of voice call |
CN105812384A (en) * | 2016-04-29 | 2016-07-27 | 宇龙计算机通信科技(深圳)有限公司 | Communication method and system |
CN107579964A (en) * | 2017-08-25 | 2018-01-12 | 上海斐讯数据通信技术有限公司 | Data transmission method and device |
CN108307332A (en) * | 2018-01-23 | 2018-07-20 | 武汉虹旭信息技术有限责任公司 | Secure short message communication system based on Android platform and its method |
CN109586901A (en) * | 2018-12-05 | 2019-04-05 | 中国联合网络通信集团有限公司 | A kind of key updating method and equipment |
CN113242538A (en) * | 2021-05-11 | 2021-08-10 | 深圳市创意者科技有限公司 | Communication voice information encryption system of Bluetooth conference sound box |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101340443B (en) | Session key negotiating method, system and server in communication network | |
CN105684344B (en) | A kind of cipher key configuration method and apparatus | |
CN103338437B (en) | The encryption method of a kind of mobile instant message and system | |
CN102572817B (en) | Method and intelligent memory card for realizing mobile communication confidentiality | |
CN103458400B (en) | A kind of key management method in voice encryption communication system | |
CN104821944A (en) | Hybrid encrypted network data security method and system | |
CN108510270B (en) | Mobile transfer method with safe quantum | |
CN103684783A (en) | Communication encryption method based on communication network | |
KR20080104180A (en) | Sim based authentication | |
JP2006148982A (en) | Security method for transmission in telecommunication network | |
CN110087240B (en) | Wireless network security data transmission method and system based on WPA2-PSK mode | |
CN104683291B (en) | Session key negotiation method based on IMS system | |
CN111490871A (en) | SM9 key authentication method and system based on quantum key cloud and storage medium | |
CN104202170B (en) | A kind of identity authorization system and method based on mark | |
CN104901803A (en) | Data interaction safety protection method based on CPK identity authentication technology | |
CN107094138A (en) | A kind of smart home safe communication system and communication means | |
CN101790160A (en) | Method and device for safely consulting session key | |
CN103354637B (en) | A kind of internet-of-things terminal M2M communication encrypting method | |
CN103997405B (en) | A kind of key generation method and device | |
CN108206738B (en) | Quantum key output method and system | |
CN109756325A (en) | A method of mobile office system safety is promoted using quantum key | |
CN105763566B (en) | A kind of communication means between client and server | |
CN107451647B (en) | Built-in safety mechanism's special SIM card of barracks | |
CN109889763B (en) | Call establishment method, device and storage medium of conference television system | |
CN103856463A (en) | Lightweight directory access protocol realizing method and device based on key exchange protocol |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140326 |