CN104301011A - Method and system for realizing voice encryption communication between bluetooth devices - Google Patents
Method and system for realizing voice encryption communication between bluetooth devices Download PDFInfo
- Publication number
- CN104301011A CN104301011A CN201410626015.9A CN201410626015A CN104301011A CN 104301011 A CN104301011 A CN 104301011A CN 201410626015 A CN201410626015 A CN 201410626015A CN 104301011 A CN104301011 A CN 104301011A
- Authority
- CN
- China
- Prior art keywords
- bluetooth equipment
- information
- key
- code stream
- audio code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The application discloses a method and system for realizing voice encryption communication between bluetooth devices. The method comprises the steps as follows: a first bluetooth device sends a voice communication request to a second bluetooth device; after the second bluetooth device agrees with the voice communication request, the first bluetooth device extracts first shared information; the first bluetooth device receives an input audio code stream; the first bluetooth device uses a first round key for encrypting the input audio code stream to obtain an encrypted audio code stream; the first bluetooth device sends the encrypted audio code stream to the second bluetooth device; the second bluetooth device receives the encrypted audio code stream; the second bluetooth device uses a second round key for decrypting the encrypted audio code stream. In the method disclosed by the embodiment of the application, the round keys are obtained on the basis of processing the shared information; as the content of the shared information can be updated, the dynamic update of the round keys is also realized; the possibility that the voice is obtained illegally is reduced; the safety of voice communication between the bluetooth devices is improved.
Description
Technical field
The present invention relates to the blue tooth voice communications field, particularly a kind of method and system realizing voice encryption communication between bluetooth equipment.
Background technology
Current, along with the development of voice communication technology and service, the bluetooth equipment with function of voice communication obtains to be applied more and more widely, adds the convenience of user speech communication.
Bluetooth equipment is the communication equipment based on Bluetooth technology exploitation, Bluetooth technology follows a kind of global specifications with opening, the opening of Bluetooth technology makes Bluetooth technology can be applied on numerous areas, but, the fail safe of the voice confidentiality mechanism that Bluetooth technology self provides is not high, causes the fail safe of voice communication between bluetooth equipment to be protected.
Can find out in sum, how improving the fail safe of voice communication between bluetooth equipment is current problem demanding prompt solution.
Summary of the invention
In view of this, the object of this invention is to provide a kind of method and system realizing voice encryption communication between bluetooth equipment, improve the fail safe of voice communication between bluetooth equipment.Its concrete scheme is as follows:
Realize a method for voice encryption communication between bluetooth equipment, comprise the following steps:
Step 101: the first bluetooth equipment sends voice communication request to the second bluetooth equipment, and described second bluetooth equipment is the bluetooth equipment carrying out binding authentication process with described first bluetooth equipment;
Step 102: after described second bluetooth equipment agrees to described voice communication request, described first bluetooth equipment extracts the first shared information prestored, described first shared information is be stored in advance in described first bluetooth equipment, and at least comprises the shared information of time parameter;
Step 103: described first bluetooth equipment receives input audio code stream, utilize and input audio code stream described in first round double secret key and be encrypted, obtain encrypted audio code stream, described encrypted audio code stream is sent to described second bluetooth equipment, described first round key is, described first bluetooth equipment utilizes cryptographic Hash algorithm to share after information carries out hash process described first and obtains the first encryption key, and generate after utilizing block cipher to carry out cipher key spreading process to described first encryption key;
Step 104: described second bluetooth equipment receives described encrypted audio code stream, the second round key is utilized to be decrypted described encrypted audio code stream, obtain decrypted audio code stream, and export described decrypted audio code stream, described second round key is, described second bluetooth equipment utilizes described cryptographic Hash algorithm to share after information carries out hash process prestore second and obtains the second encryption key, and generate after utilizing described block cipher to carry out cipher key spreading process to described second encryption key, described second shares information is, be stored in advance in described second bluetooth equipment, and at least comprise the shared information of described time parameter, the content that described second content and described first sharing information shares information is identical, and when meeting update condition, the content of the described first content and the described second shared information sharing information upgrades.
Preferably, the process of described binding authentication process comprises:
Step 201: described first bluetooth equipment is set up channel with described second bluetooth equipment by binding authentication channel and is connected;
Step 202: integrate process through information exchange between described first bluetooth equipment and described second bluetooth equipment, described first bluetooth equipment obtains first and initially shares information, and described second bluetooth equipment obtains second and initially shares information;
Step 203: described first bluetooth equipment obtains described second and initially shares information, described second bluetooth equipment obtains described first and initially shares information;
Step 204: whether described first bluetooth equipment and described second bluetooth equipment confirm that the described first initial shared information and described second initially shares information respectively consistent, if, then initially sharing validation of information by described first is the described first shared information, initially sharing validation of information by described second is the described second shared information, and the described first shared information is stored into described first bluetooth equipment, share information by described second and be stored into described second bluetooth equipment, complete the binding authentication of described first bluetooth equipment and described second bluetooth equipment.
Preferably, described binding authentication channel is, the physical channel built by physical hardware, and described physical hardware is the USB data line including metal screen layer.
Preferably, in described step 203,
Described first bluetooth equipment obtains the described second process initially sharing information and comprises:
Described first bluetooth equipment is according to public key algorithm, utilize the first private cipher key to share information to the second initial encryption that described second bluetooth equipment sends and be decrypted reduction, obtain described second and initially share information, described second initial encryption shares information, described second bluetooth equipment, according to described public key algorithm, obtains after utilizing the first public-key cryptography corresponding with described first private cipher key to be encrypted the described second initial shared information;
Described second bluetooth equipment obtains the described first process initially sharing information and comprises:
Described second bluetooth equipment is according to described public key algorithm, utilize the second private cipher key to share information to the first initial encryption that described first bluetooth equipment sends and be decrypted reduction, obtain described first and initially share information, described first initial encryption shares information, described first bluetooth equipment, according to described public key algorithm, obtains after utilizing the second public-key cryptography corresponding with described second private cipher key to be encrypted the described first initial shared information.
Preferably, described public key algorithm is close No. 2 algorithms of business.
Preferably, described update condition is, described first bluetooth equipment and described second bluetooth equipment carry out binding authentication again, or current time is in the updated time corresponding to the default update cycle.
Preferably, described first shared information also includes the hardware identifier code of described first bluetooth equipment, the hardware identifier code of described second bluetooth equipment, the PIN code that both sides share, any one or a few combination in the random number that described first bluetooth equipment produces and the random number that described second bluetooth equipment produces;
Described time parameter is the difference of modular system time and equipment initial time.
Preferably, described cryptographic Hash algorithm is close No. 3 algorithms of business, and described block cipher is close No. 4 algorithms of business.
A kind of system realizing voice encryption communication between bluetooth equipment, comprise the first bluetooth equipment and the second bluetooth equipment, described second bluetooth equipment is the bluetooth equipment carrying out binding authentication process with described first bluetooth equipment, described first bluetooth equipment comprises the first secure storage module, first key production module, first voice encryption/decryption module, first voice communications module and Audio Input Modules, described second bluetooth equipment comprises the second secure storage module, second key production module, second voice encryption/decryption module, second voice communications module and dio Output Modules,
Described first secure storage module, information is shared for storing first, described second secure storage module, information is shared for storing second, the content that described second content and described first sharing information shares information is identical, and when meeting update condition, the content of the described first content and the described second shared information sharing information upgrades;
Described Audio Input Modules, for obtaining input audio code stream;
Described first key production module, shares information for extracting described first, according to cryptographic Hash algorithm, shares information and carries out hash process, generate the first encryption key to described first;
Described first voice encryption/decryption module, for according to block cipher, carries out cipher key spreading process to described first encryption key, generates first round key, utilizes and inputs audio code stream described in described first round double secret key and be encrypted, obtain encrypted audio code stream;
Described first voice communications module, for sending described encrypted audio code stream to described second voice communications module;
Described second voice communications module, for receiving described encrypted audio code stream;
Described second voice encryption/decryption module, for according to described block cipher, carries out cipher key spreading process to the second encryption key, generates the second round key, utilizes described second round key to be decrypted described encrypted audio code stream, obtains decrypted audio code stream;
Described second key production module, shares information for extracting described second, according to described cryptographic Hash algorithm, shares information and carries out hash process, generate described second encryption key to described second;
Described dio Output Modules, for exporting described decrypted audio code stream.
Preferably, described first bluetooth equipment also comprises the first binding authentication module, described second bluetooth equipment also comprises the second binding authentication module, described first binding authentication module and described second binding authentication module are used for carrying out binding authentication to described first bluetooth equipment and described second bluetooth equipment, generate or upgrade described first to share information and the described second shared information.
As can be seen from above-mentioned technical scheme, in the present invention, first bluetooth equipment utilizes first round double secret key input audio code stream to be encrypted, obtain encrypted audio code stream, second bluetooth equipment utilizes the second round key to be decrypted encrypted audio code stream, obtain decrypted audio code stream, wherein, first round key is that the first bluetooth equipment is on the basis of extracting the first shared information, respectively through what obtain after the process of cryptographic Hash algorithm and block cipher, second round key is that the second bluetooth equipment is on the basis of extracting the second shared information, respectively through what obtain after the process of cryptographic Hash algorithm and block cipher, and can upgrade when meeting update condition because the first content and second sharing information shares the content of information, above-mentioned first round key and the second round key is made to achieve dynamic renewal like this, thus reduce the blue tooth voice communication information by the possibility illegally known, improve the fail safe of voice communication between bluetooth equipment.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only embodiments of the invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to the accompanying drawing provided.
Fig. 1 is the method flow diagram realizing voice encryption communication between bluetooth equipment disclosed by the invention;
Fig. 2 realizes the method flow diagram of voice encryption communication between bluetooth equipment disclosed in the embodiment of the present invention one;
The flow chart of Fig. 3 binding authentication process disclosed in the embodiment of the present invention one;
Fig. 4 is the system schematic realizing voice encryption communication between bluetooth equipment disclosed by the invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.
The present invention discloses a kind of method realizing voice encryption communication between bluetooth equipment, and shown in Figure 1, the method comprises the following steps:
Step S101: the first bluetooth equipment sends voice communication request to the second bluetooth equipment, and the second bluetooth equipment is the bluetooth equipment carrying out binding authentication process with the first bluetooth equipment.
Step S102: after the second bluetooth equipment agrees to voice communication request, the first bluetooth equipment extracts the first shared information prestored.
First shared information is be stored in advance in the first bluetooth equipment, and at least comprises the shared information of time parameter.
Step S103: the first bluetooth equipment receives input audio code stream.
Step S104: the first bluetooth equipment utilizes first round double secret key input audio code stream to be encrypted, and obtains encrypted audio code stream.
First round key is, the first bluetooth equipment utilizes cryptographic Hash algorithm to share after information carries out hash process first and obtains the first encryption key, and generate after utilizing block cipher to carry out cipher key spreading process to the first encryption key.
Encrypted audio code stream is sent to the second bluetooth equipment by the step S105: the first bluetooth equipment.
Step S106: the second bluetooth equipment receives encrypted audio code stream.
Step S107: the second bluetooth equipment utilizes the second round key to be decrypted encrypted audio code stream, obtains decrypted audio code stream.
Second round key is, second bluetooth equipment utilizes cryptographic Hash algorithm to share after information carries out hash process prestore second and obtains the second encryption key, and generate after utilizing block cipher to carry out cipher key spreading process to the second encryption key, second shares information is, be stored in advance in the second bluetooth equipment, and at least comprise the shared information of time parameter, the content that second content and first sharing information shares information is identical, and when meeting update condition, the content of the first content and the second shared information sharing information upgrades.
Step S108: the second bluetooth equipment exports decrypted audio code stream.
Realize in the method for voice encryption communication between bluetooth equipment disclosed in above-mentioned, first bluetooth equipment utilizes first round double secret key input audio code stream to be encrypted, obtain encrypted audio code stream, second bluetooth equipment utilizes the second round key to be decrypted encrypted audio code stream, obtain decrypted audio code stream, wherein, first round key is that the first bluetooth equipment is on the basis of extracting the first shared information, respectively through what obtain after the process of cryptographic Hash algorithm and block cipher, second round key is that the second bluetooth equipment is on the basis of extracting the second shared information, respectively through what obtain after the process of cryptographic Hash algorithm and block cipher, and can upgrade when meeting update condition because the first content and second sharing information shares the content of information, above-mentioned first round key and the second round key is made to achieve dynamic renewal like this, thus reduce the blue tooth voice communication information by the possibility illegally known, improve the fail safe of voice communication between bluetooth equipment.
The method realizing voice encryption communication between bluetooth equipment that Fig. 2 is concrete disclosed in the embodiment of the present invention one, the method comprises:
Step S201: the first bluetooth equipment sends voice communication request to the second bluetooth equipment, and the second bluetooth equipment is the bluetooth equipment carrying out binding authentication process with the first bluetooth equipment.
Step S202: after the second bluetooth equipment agrees to voice communication request, the first bluetooth equipment extracts the first shared information prestored.
Above-mentioned first shares information at least comprises time parameter, time parameter is, the difference of modular system time and reference time, here reference time can be equipment initial time, as 12: 11 on the 20th September in 1980, also can be the random time that user sets, when the time of user's setting is 0, time parameter is the modular system time, and time parameter can also be that two equipment are arranged sometime.In addition, first shared information can also comprise the hardware identifier code of the first bluetooth equipment, the hardware identifier code of the second bluetooth equipment, PIN code (the PIN that both sides share, Personal Identification Number, individual's recognition code), any one or a few combination in the random number that first bluetooth equipment produces and the random number that the second bluetooth equipment produces, above-mentioned time parameter can change along with the change of modular system time or reference time, and the PIN code that both sides share and the random number that bluetooth equipment produces also are variable, visible, first content sharing information is not changeless, the content comprised in the information of sharing is more, the fail safe of this programme is higher.
Step S203: the first bluetooth equipment receives input audio code stream.
Step S204: the first bluetooth equipment utilizes by close No. 4 algorithms of business, i.e. the first round key of SM4 block cipher generation, is encrypted, obtains encrypted audio code stream to input audio code stream.
Above-mentioned first round key is, first bluetooth equipment utilizes close No. 3 algorithms of business, namely SM3 cryptographic Hash algorithm is shared after information carries out hash process first and is obtained the first encryption key, and generate after utilizing SM4 block cipher to carry out cipher key spreading process to the first encryption key, wherein, the block length of SM4 block cipher determines the key length of the first encryption key, the key length of the first encryption key is generally 128 bits or 256 bits, SM3 cryptographic Hash algorithm is the cryptographic Hash algorithm of national Password Management office approval, SM4 block cipher is the block cipher of national Password Management office approval, certainly, also can adopt through the approval of national Password Management office and the cryptographic Hash algorithm of the other types disclosed, share information to first and carry out hash process, in like manner, also can adopt through the approval of national Password Management office and the block cipher of the other types disclosed, cipher key spreading process is carried out to the first encryption key.
Encrypted audio code stream is sent to the second bluetooth equipment by the step S205: the first bluetooth equipment.
Step S206: the second bluetooth equipment receives encrypted audio code stream.
Step S207: the second bluetooth equipment utilizes the second round key to be decrypted encrypted audio code stream, obtains decrypted audio code stream.
Above-mentioned second round key is, second bluetooth equipment utilizes SM3 cryptographic Hash algorithm to share after information carries out hash process prestore second and obtains the second encryption key, and generate after utilizing SM4 block cipher to carry out cipher key spreading process to the second encryption key, wherein, the content of the second shared information is identical with the content of the first shared information.
Above-mentioned first shared information and second is shared information and is stored in advance in the first bluetooth equipment and the second bluetooth equipment respectively, often be separated by fixing update cycle, as every five minutes, first time parameter shared in information and the second shared information just can change, also be, when current time is in the updated time corresponding to the default update cycle, the content of the first content and the second shared information sharing information just changes accordingly, thus realizes the renewal of information of sharing.Except above-mentioned update mode, can certainly by carrying out again to the first bluetooth equipment and the second bluetooth equipment the renewal that binding authentication realizes shared information, when first bluetooth equipment and the second bluetooth equipment carry out again binding authentication, except the bluetooth equipment hardware identifier code in shared information does not change, other guide in the information of sharing there occurs change mostly, as time parameter there occurs change, or the PIN that both sides share is reset, or the random number of bluetooth equipment there occurs change etc., thus achieve the renewal of shared information.
Step S208: the second bluetooth equipment exports decrypted audio code stream.
In step s 201, shown in Figure 3, the process that the first bluetooth equipment and the second bluetooth equipment carry out binding authentication process is as follows:
Step S3001: the first bluetooth equipment is set up channel with the second bluetooth equipment by binding authentication channel and is connected.
Integrate process through information exchange between step S3002: the first bluetooth equipment and the second bluetooth equipment, the first bluetooth equipment obtains first and initially shares information, and the second bluetooth equipment obtains second and initially shares information.
Step S3003: the first bluetooth equipment obtains second and initially shares information, and the second bluetooth equipment obtains first and initially shares information.
Whether the step S3004: the first bluetooth equipment and the second bluetooth equipment confirm that the first initial shared information and second initially shares information respectively consistent, if so, then perform step S3005, if not, then return step S3002.
Step S3005: the first bluetooth equipment initially shares validation of information by first be the first shared information, second bluetooth equipment initially shares validation of information by second be the second shared information, and the first shared information is stored into the first bluetooth equipment, share information by second and be stored into the second bluetooth equipment, complete the binding authentication of the first bluetooth equipment and the second bluetooth equipment.
In step S3001, the binding authentication channel that the first bluetooth equipment and the second bluetooth equipment are built by physical hardware, the channel realizing both sides connects, and certainly, does not also get rid of here and can build binding authentication channel by the mode of wireless transmission.
Wherein, preferred physical hardware is the USB data line of metal screen layer.
In step S3002, the process that process is integrated in information exchange between first bluetooth equipment and the second bluetooth equipment comprises, second bluetooth equipment obtains the first foundation information that the first bluetooth equipment sends over, by carrying out merging treatment to self the intrinsic Back ground Information including time parameter and first foundation information, obtain second and initially share information, equally, first bluetooth equipment obtains the second Back ground Information that the second bluetooth equipment sends over, by carrying out merging treatment to self the intrinsic Back ground Information including time parameter and the second Back ground Information, obtain first and initially share information, wherein, above-mentioned first foundation information comprises the hardware identifier code of the first bluetooth equipment, and/or first bluetooth equipment produce random number, second Back ground Information comprises the hardware identifier code of the second bluetooth equipment, and/or second bluetooth equipment produce random number, the PIN code of both sides' common setups can also be comprised in the intrinsic Back ground Information of both sides' bluetooth equipment.
Certainly, the process of process is integrated in above-mentioned information exchange, also the first bluetooth equipment can be only made to send first foundation information to the second bluetooth equipment, second bluetooth equipment is then without the need to sending the second Back ground Information to the first bluetooth equipment, like this, second bluetooth equipment can carry out merging treatment to the intrinsic Back ground Information including time parameter of self and the first foundation information received, obtain second and initially share information, then initially share information to second to copy, obtain second and initially share copies of information, send second and initially share copies of information to the first bluetooth equipment, first bluetooth equipment is initially shared copies of information and is confirmed as the first initial shared information by second, equally, also the second bluetooth equipment can be only made to send the second Back ground Information to the first bluetooth equipment, first bluetooth equipment is then without the need to sending first foundation information to the second bluetooth equipment, like this, first bluetooth equipment can carry out merging treatment to the intrinsic Back ground Information including time parameter of self and the second Back ground Information received, obtain first and initially share information, then initially share information to first to copy, obtain first and initially share copies of information, send first and initially share copies of information to the second bluetooth equipment, second bluetooth equipment is initially shared copies of information and is confirmed as the second initial shared information by first.
Certainly, in order to improve the fail safe of message transmitting procedure further, the first bluetooth equipment or the second bluetooth equipment also before sending respective Back ground Information, first can be encrypted Back ground Information, improve the fail safe of transfer of data.
In step S3003, first bluetooth equipment obtains the second process initially sharing information and comprises, first bluetooth equipment is according to public key algorithm, utilize the first private cipher key to share information to the second initial encryption that the second bluetooth equipment sends and be decrypted reduction, obtain second and initially share information, second initial encryption shares information, second bluetooth equipment, according to public key algorithm, obtains after utilizing the first public-key cryptography corresponding with the first private cipher key to be encrypted the second initial shared information; Second bluetooth equipment obtains the first process initially sharing information and comprises, second bluetooth equipment is according to public key algorithm, utilize the second private cipher key to share information to the first initial encryption that the first bluetooth equipment sends and be decrypted reduction, obtain first and initially share information, first initial encryption shares information, first bluetooth equipment, according to public key algorithm, obtains after utilizing the second public-key cryptography corresponding with the second private cipher key to be encrypted the first initial shared information.
Wherein, preferred public key algorithm is close No. 2 algorithms of business, i.e. SM2 ellipse curve public key cipher algorithm.
Above-mentioned SM2 ellipse curve public key cipher algorithm is through the public key algorithm of national Password Management office approval, certainly, in case there is a need, also can adopt through the approval of national Password Management office and the public key algorithm of the other types disclosed.
In step S205, in order to reduce the size of volume of transmitted data, before encrypted audio code stream is sent to the second bluetooth equipment by the first bluetooth equipment, speech code stream compression algorithm can be first utilized to carry out compression process to encrypted audio code stream, obtain ciphered compressed audio code stream, and then ciphered compressed audio code stream is sent to the second bluetooth equipment, second bluetooth equipment carries out decompress(ion) reduction to ciphered compressed audio code stream, obtain encrypted audio code stream, preferred speech code stream compression algorithm is AMR (AMR, Adaptive Multi Rate, adaptive multi-rate) compression algorithm.Certainly, in the case of necessary, also can consider not compress encrypted audio code stream.
In the present embodiment, in order to reduce the stand-by period of blue tooth voice coded communication process, after the second bluetooth equipment agrees to the voice communication request that the first bluetooth equipment sends, and before the first bluetooth equipment receives input audio code stream, first bluetooth equipment and the second bluetooth equipment just extract respective the first shared information and second simultaneously and share information, generate corresponding first round key and the second round key, certainly, also can after the first bluetooth equipment receives input audio code stream, first bluetooth equipment and the second bluetooth equipment just generate first round key and the second round key simultaneously respectively, or after the first bluetooth equipment receives input audio code stream, first bluetooth equipment generates first round key, after the second bluetooth equipment receives encrypted audio code stream, second bluetooth equipment generates the second round key.
Realize in the method for voice encryption communication between bluetooth equipment disclosed in embodiment one, the first encryption key utilizing SM3 cryptographic Hash algorithm to generate and the second encryption key have longer key length, its key length can reach 128 bits, even can arrive 256 bits, effectively ensure that the fail safe of voice communication course; In addition, first bluetooth equipment and the second bluetooth equipment communication channel needed in the process of binding authentication process is built by the USB data line with metal screen layer, effectively ensure that the fail safe of the information transmitted in above-mentioned channel, reduce the possibility stolen by the external world; Moreover, first bluetooth equipment utilizes public key algorithm, initially share information to be sent to the second bluetooth equipment first and carry out encryption, equally, second bluetooth equipment utilizes public key algorithm, initially share information to be sent to the first tooth equipment second and carried out encryption, thus the first initial information and second of sharing that improves initially shares the fail safe of information in transmitting procedure.
Fig. 4 is the system realizing voice encryption communication between bluetooth equipment disclosed by the invention, this system comprises the first bluetooth equipment 41 and the second bluetooth equipment 42, second bluetooth equipment 42 is the bluetooth equipment carrying out binding authentication process with the first bluetooth equipment 41, first bluetooth equipment 41 comprises Audio Input Modules 411, first voice communications module 412, first voice encryption/decryption module 413, first key production module 414 and the first secure storage module 415, second bluetooth equipment 42 comprises dio Output Modules 421, second voice communications module 422, second voice encryption/decryption module 423, second key production module 424 and the second secure storage module 425,
First secure storage module 415, information is shared for storing first, second secure storage module 425, information is shared for storing second, the content that second content and first sharing information shares information is identical, and when meeting update condition, the content of the first content and the second shared information sharing information upgrades;
Audio Input Modules 411, for obtaining input audio code stream;
First key production module 414, shares information for extracting first, according to cryptographic Hash algorithm, shares information and carries out hash process, generate the first encryption key to first;
First voice encryption/decryption module 413, for according to block cipher, carries out cipher key spreading process to the first encryption key, generates first round key, utilizes first round double secret key input audio code stream to be encrypted, obtains encrypted audio code stream;
First voice communications module 412, for sending encrypted audio code stream to the second voice communications module;
Second voice communications module 422, for receiving encrypted audio code stream;
Second voice encryption/decryption module 423, for according to block cipher, carries out cipher key spreading process to the second encryption key, generates the second round key, utilizes the second round key to be decrypted encrypted audio code stream, obtains decrypted audio code stream;
Second key production module 424, shares information for extracting second, according to cryptographic Hash algorithm, shares information and carries out hash process, generate the second encryption key to second;
Dio Output Modules 421, for exporting decrypted audio code stream.
Said system also comprises the physical hardware 43 for binding authentication process provides channel to connect, first bluetooth equipment 41 also comprises the first binding authentication module 416, second bluetooth equipment 42 also comprises the second binding authentication module 426, first binding authentication module 416 and the second binding authentication module 426 are for carrying out binding authentication to the first bluetooth equipment 41 and the second bluetooth equipment 42, generate or upgrade first and share information and the second shared information, concrete binding authentication process please refer to Fig. 3.
Above-mentioned first voice communications module and the second voice communications module are by adopting blue tooth RFCOMM protocol (RFCOMM, Protocol for RS-232 Serial Cable Emulation, the i.e. linear simulation protocol of serial), at L2CAP agreement (L2CAP, Logical Link Control and Adaptation Protocol, logical link control and adaptation protocol) upper simulation full duplex serial ports, thus realize speech real time communication.
Above-mentioned first shares information at least comprises time parameter, time parameter is, the difference of modular system time and reference time, here reference time can be equipment initial time, as 12: 11 on the 20th September in 1980, also can be the random time that user sets, when the time of user's setting is 0, time parameter is the modular system time, and time parameter can also be that two equipment are arranged sometime.In addition, first shared information can also comprise the hardware identifier code of the first bluetooth equipment, the hardware identifier code of the second bluetooth equipment, the PIN code that both sides share, any one or a few combination in the random number that first bluetooth equipment produces and the random number that the second bluetooth equipment produces, above-mentioned time parameter can change along with the change of modular system time or reference time, and the PIN code that both sides share and the random number that bluetooth equipment produces also are variable, visible, first content sharing information is not changeless, the content comprised in the information of sharing is more, the fail safe of this programme is higher.
Realize in the system of voice encryption communication between bluetooth equipment disclosed in above-mentioned, first bluetooth equipment utilizes first round double secret key input audio code stream to be encrypted, obtain encrypted audio code stream, second bluetooth equipment utilizes the second round key to be decrypted encrypted audio code stream, obtain decrypted audio code stream, wherein, first round key is that the first bluetooth equipment is on the basis of extracting the first shared information, respectively through what obtain after the process of cryptographic Hash algorithm and block cipher, second round key is that the second bluetooth equipment is on the basis of extracting the second shared information, respectively through what obtain after the process of cryptographic Hash algorithm and block cipher, and can upgrade when meeting update condition because the first content and second sharing information shares the content of information, above-mentioned first round key and the second round key is made to achieve dynamic renewal like this, thus reduce the blue tooth voice communication information by the possibility illegally known, improve the fail safe of voice communication between bluetooth equipment.
To the above-mentioned explanation of the disclosed embodiments, those skilled in the art are realized or uses the present invention.To be apparent for a person skilled in the art to the multiple amendment of these embodiments, General Principle as defined herein can without departing from the spirit or scope of the present invention, realize in other embodiments.Therefore, the present invention can not be restricted to these embodiments shown in this article, but will meet the widest scope consistent with principle disclosed herein and features of novelty.
It should be noted that, each embodiment in this specification all adopts the mode of going forward one by one to describe, and what each embodiment stressed is the difference with other embodiments, between each embodiment identical similar part mutually see.
Claims (10)
1. realize a method for voice encryption communication between bluetooth equipment, it is characterized in that, comprise the following steps:
Step 101: the first bluetooth equipment sends voice communication request to the second bluetooth equipment, and described second bluetooth equipment is the bluetooth equipment carrying out binding authentication process with described first bluetooth equipment;
Step 102: after described second bluetooth equipment agrees to described voice communication request, described first bluetooth equipment extracts the first shared information prestored, described first shared information is be stored in advance in described first bluetooth equipment, and at least comprises the shared information of time parameter;
Step 103: described first bluetooth equipment receives input audio code stream, utilize and input audio code stream described in first round double secret key and be encrypted, obtain encrypted audio code stream, described encrypted audio code stream is sent to described second bluetooth equipment, described first round key is, described first bluetooth equipment utilizes cryptographic Hash algorithm to share after information carries out hash process described first and obtains the first encryption key, and generate after utilizing block cipher to carry out cipher key spreading process to described first encryption key;
Step 104: described second bluetooth equipment receives described encrypted audio code stream, the second round key is utilized to be decrypted described encrypted audio code stream, obtain decrypted audio code stream, and export described decrypted audio code stream, described second round key is, described second bluetooth equipment utilizes described cryptographic Hash algorithm to share after information carries out hash process prestore second and obtains the second encryption key, and generate after utilizing described block cipher to carry out cipher key spreading process to described second encryption key, described second shares information is, be stored in advance in described second bluetooth equipment, and at least comprise the shared information of described time parameter, the content that described second content and described first sharing information shares information is identical, and when meeting update condition, the content of the described first content and the described second shared information sharing information upgrades.
2. the method realizing voice encryption communication between bluetooth equipment according to claim 1, it is characterized in that, the process of described binding authentication process comprises:
Step 201: described first bluetooth equipment is set up channel with described second bluetooth equipment by binding authentication channel and is connected;
Step 202: integrate process through information exchange between described first bluetooth equipment and described second bluetooth equipment, described first bluetooth equipment obtains first and initially shares information, and described second bluetooth equipment obtains second and initially shares information;
Step 203: described first bluetooth equipment obtains described second and initially shares information, described second bluetooth equipment obtains described first and initially shares information;
Step 204: whether described first bluetooth equipment and described second bluetooth equipment confirm that the described first initial shared information and described second initially shares information respectively consistent, if, then initially sharing validation of information by described first is the described first shared information, initially sharing validation of information by described second is the described second shared information, and the described first shared information is stored into described first bluetooth equipment, share information by described second and be stored into described second bluetooth equipment, complete the binding authentication of described first bluetooth equipment and described second bluetooth equipment.
3. the method realizing voice encryption communication between bluetooth equipment according to claim 2, it is characterized in that, described binding authentication channel is, the physical channel built by physical hardware, and described physical hardware is the USB data line including metal screen layer.
4. the method realizing voice encryption communication between bluetooth equipment according to claim 2, is characterized in that, in described step 203,
Described first bluetooth equipment obtains the described second process initially sharing information and comprises:
Described first bluetooth equipment is according to public key algorithm, utilize the first private cipher key to share information to the second initial encryption that described second bluetooth equipment sends and be decrypted reduction, obtain described second and initially share information, described second initial encryption shares information, described second bluetooth equipment, according to described public key algorithm, obtains after utilizing the first public-key cryptography corresponding with described first private cipher key to be encrypted the described second initial shared information;
Described second bluetooth equipment obtains the described first process initially sharing information and comprises:
Described second bluetooth equipment is according to described public key algorithm, utilize the second private cipher key to share information to the first initial encryption that described first bluetooth equipment sends and be decrypted reduction, obtain described first and initially share information, described first initial encryption shares information, described first bluetooth equipment, according to described public key algorithm, obtains after utilizing the second public-key cryptography corresponding with described second private cipher key to be encrypted the described first initial shared information.
5. the method realizing voice encryption communication between bluetooth equipment according to claim 4, it is characterized in that, described public key algorithm is close No. 2 algorithms of business.
6. the method realizing voice encryption communication between bluetooth equipment according to claim 1, it is characterized in that, described update condition is, described first bluetooth equipment and described second bluetooth equipment carry out binding authentication again, or current time is in the updated time corresponding to the default update cycle.
7. the method realizing voice encryption communication between bluetooth equipment according to any one of claim 1 to 6, it is characterized in that, described first shared information also includes the hardware identifier code of described first bluetooth equipment, the hardware identifier code of described second bluetooth equipment, the PIN code that both sides share, any one or a few combination in the random number that described first bluetooth equipment produces and the random number that described second bluetooth equipment produces;
Described time parameter is the difference of modular system time and equipment initial time.
8. the method realizing voice encryption communication between bluetooth equipment according to claim 7, it is characterized in that, described cryptographic Hash algorithm is close No. 3 algorithms of business, and described block cipher is close No. 4 algorithms of business.
9. one kind realizes the system of voice encryption communication between bluetooth equipment, comprise the first bluetooth equipment and the second bluetooth equipment, it is characterized in that, described second bluetooth equipment is the bluetooth equipment carrying out binding authentication process with described first bluetooth equipment, described first bluetooth equipment comprises the first secure storage module, first key production module, first voice encryption/decryption module, first voice communications module and Audio Input Modules, described second bluetooth equipment comprises the second secure storage module, second key production module, second voice encryption/decryption module, second voice communications module and dio Output Modules,
Described first secure storage module, information is shared for storing first, described second secure storage module, information is shared for storing second, the content that described second content and described first sharing information shares information is identical, and when meeting update condition, the content of the described first content and the described second shared information sharing information upgrades;
Described Audio Input Modules, for obtaining input audio code stream;
Described first key production module, shares information for extracting described first, according to cryptographic Hash algorithm, shares information and carries out hash process, generate the first encryption key to described first;
Described first voice encryption/decryption module, for according to block cipher, carries out cipher key spreading process to described first encryption key, generates first round key, utilizes and inputs audio code stream described in described first round double secret key and be encrypted, obtain encrypted audio code stream;
Described first voice communications module, for sending described encrypted audio code stream to described second voice communications module;
Described second voice communications module, for receiving described encrypted audio code stream;
Described second voice encryption/decryption module, for according to described block cipher, carries out cipher key spreading process to the second encryption key, generates the second round key, utilizes described second round key to be decrypted described encrypted audio code stream, obtains decrypted audio code stream;
Described second key production module, shares information for extracting described second, according to described cryptographic Hash algorithm, shares information and carries out hash process, generate described second encryption key to described second;
Described dio Output Modules, for exporting described decrypted audio code stream.
10. the system realizing voice encryption communication between bluetooth equipment according to claim 9, it is characterized in that, described first bluetooth equipment also comprises the first binding authentication module, described second bluetooth equipment also comprises the second binding authentication module, described first binding authentication module and described second binding authentication module are used for carrying out binding authentication to described first bluetooth equipment and described second bluetooth equipment, generate or upgrade described first to share information and the described second shared information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410626015.9A CN104301011B (en) | 2014-11-07 | 2014-11-07 | Method and system for realizing voice encryption communication between bluetooth devices |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410626015.9A CN104301011B (en) | 2014-11-07 | 2014-11-07 | Method and system for realizing voice encryption communication between bluetooth devices |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104301011A true CN104301011A (en) | 2015-01-21 |
| CN104301011B CN104301011B (en) | 2017-01-18 |
Family
ID=52320602
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410626015.9A Active CN104301011B (en) | 2014-11-07 | 2014-11-07 | Method and system for realizing voice encryption communication between bluetooth devices |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104301011B (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106100845A (en) * | 2016-06-06 | 2016-11-09 | 徐伟达 | A kind of identity identifying method utilizing acoustic communication and system thereof |
| CN106653034A (en) * | 2016-12-08 | 2017-05-10 | 广东工业大学 | Voice communication system and method used for mobile terminal |
| WO2018152908A1 (en) * | 2017-02-24 | 2018-08-30 | 深圳时空壶技术有限公司 | Method and device for identifying voice source from bluetooth headset |
| CN110959269A (en) * | 2017-08-09 | 2020-04-03 | 欧姆龙健康医疗事业株式会社 | Data transmission device, data reception device, method, and program |
| CN111541642A (en) * | 2020-03-17 | 2020-08-14 | 广州亚美智造科技有限公司 | Bluetooth encryption communication method and device based on dynamic secret key and computer equipment |
| CN112383970A (en) * | 2020-11-02 | 2021-02-19 | 联想(北京)有限公司 | Processing method and device and electronic equipment |
| CN113328856A (en) * | 2021-07-01 | 2021-08-31 | 北京创联易讯科技有限公司 | Single-chip Bluetooth voice encryption integrated terminal and computer storage medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101335615A (en) * | 2008-05-30 | 2008-12-31 | 北京飞天诚信科技有限公司 | Method used in key consultation of USB KEY audio ciphering and deciphering device |
| US20090323937A1 (en) * | 2008-06-27 | 2009-12-31 | Industrial Technology Research Institute | Multi-level data encryption and decryption system and method thereof |
| CN102075321A (en) * | 2010-11-24 | 2011-05-25 | 东南大学 | Mobile communication end-to-end voice encryption Bluetooth handheld device and voice encryption method |
| CN103986503A (en) * | 2014-05-16 | 2014-08-13 | 北京民芯科技有限公司 | Safety Bluetooth headset and voice communication method thereof |
-
2014
- 2014-11-07 CN CN201410626015.9A patent/CN104301011B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101335615A (en) * | 2008-05-30 | 2008-12-31 | 北京飞天诚信科技有限公司 | Method used in key consultation of USB KEY audio ciphering and deciphering device |
| US20090323937A1 (en) * | 2008-06-27 | 2009-12-31 | Industrial Technology Research Institute | Multi-level data encryption and decryption system and method thereof |
| CN102075321A (en) * | 2010-11-24 | 2011-05-25 | 东南大学 | Mobile communication end-to-end voice encryption Bluetooth handheld device and voice encryption method |
| CN103986503A (en) * | 2014-05-16 | 2014-08-13 | 北京民芯科技有限公司 | Safety Bluetooth headset and voice communication method thereof |
Non-Patent Citations (2)
| Title |
|---|
| 戴彬,刘洋: "蓝牙身份认证及信息传输加密算法", 《信息科学》, no. 17, 8 September 2009 (2009-09-08) * |
| 胡荣: "蓝牙安全性的改进与实现", 《电子科技大学》, 1 April 2010 (2010-04-01) * |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106100845A (en) * | 2016-06-06 | 2016-11-09 | 徐伟达 | A kind of identity identifying method utilizing acoustic communication and system thereof |
| CN106100845B (en) * | 2016-06-06 | 2021-06-18 | 徐伟达 | Identity authentication method and system using sound wave communication |
| CN106653034A (en) * | 2016-12-08 | 2017-05-10 | 广东工业大学 | Voice communication system and method used for mobile terminal |
| WO2018152908A1 (en) * | 2017-02-24 | 2018-08-30 | 深圳时空壶技术有限公司 | Method and device for identifying voice source from bluetooth headset |
| US10609538B2 (en) | 2017-02-24 | 2020-03-31 | Shenzhen Timekettle Technologies Co., Ltd. | Method and device for identifying bluetooth headset voice source |
| CN110959269A (en) * | 2017-08-09 | 2020-04-03 | 欧姆龙健康医疗事业株式会社 | Data transmission device, data reception device, method, and program |
| CN111541642A (en) * | 2020-03-17 | 2020-08-14 | 广州亚美智造科技有限公司 | Bluetooth encryption communication method and device based on dynamic secret key and computer equipment |
| CN111541642B (en) * | 2020-03-17 | 2022-06-14 | 广州亚美智造科技有限公司 | Bluetooth encryption communication method and device based on dynamic secret key |
| CN112383970A (en) * | 2020-11-02 | 2021-02-19 | 联想(北京)有限公司 | Processing method and device and electronic equipment |
| CN113328856A (en) * | 2021-07-01 | 2021-08-31 | 北京创联易讯科技有限公司 | Single-chip Bluetooth voice encryption integrated terminal and computer storage medium |
| CN113328856B (en) * | 2021-07-01 | 2022-08-02 | 北京创联易讯科技有限公司 | Single-chip Bluetooth voice encryption integrated terminal and computer storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104301011B (en) | 2017-01-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104301011A (en) | Method and system for realizing voice encryption communication between bluetooth devices | |
| CN102572817B (en) | Method and intelligent memory card for realizing mobile communication confidentiality | |
| CN107358441B (en) | Payment verification method and system, mobile device and security authentication device | |
| CA2546553A1 (en) | System and method for provisioning and authenticating via a network | |
| CN101340443A (en) | Session key negotiating method, system and server in communication network | |
| CN101635924B (en) | CDMA port-to-port encryption communication system and key distribution method thereof | |
| CN101384042A (en) | Mobile phone ciphering method based on safe digital interface ciphering card | |
| CN101917710A (en) | Method, system and related device for mobile internet encryption communication | |
| CN101707767B (en) | Data transmission method and devices | |
| CN102843677A (en) | Voice communication method, device and system | |
| CN101150397B (en) | Method and mobile terminal for secure communication between mobile terminal and computer | |
| CN101286849A (en) | Authentication system and method of a third party based on engagement arithmetic | |
| CN103458400A (en) | Key management method for voice encryption communication system | |
| CN101951601A (en) | Method and system for encrypting voice calls in mobile communication network, terminal and network side | |
| CN101964805B (en) | Method, equipment and system for safely sending and receiving data | |
| CN104901803A (en) | Data interaction safety protection method based on CPK identity authentication technology | |
| CN112672342B (en) | Data transmission method, device, equipment, system and storage medium | |
| CN103167494B (en) | Method for sending information and system | |
| CN105025404A (en) | Secure Bluetooth headset | |
| CN103051459A (en) | Management method and device of traction secrete key of safety card | |
| CN103108245A (en) | Smart television payment secret key system and payment method based on smart television | |
| CN105992203B (en) | A kind of voice communication encrypted key exchange method and the system based on this method | |
| CN103458401B (en) | A kind of voice encryption communication system and communication means | |
| CN1688171A (en) | Apparatus and method for implementing data safety transmission of mobile communication apparatus | |
| KR101760376B1 (en) | Terminal and method for providing secure messenger service |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |