CN104469750A - Autonomous controllable mobile internet business method and device - Google Patents

Autonomous controllable mobile internet business method and device Download PDF

Info

Publication number
CN104469750A
CN104469750A CN201310418905.6A CN201310418905A CN104469750A CN 104469750 A CN104469750 A CN 104469750A CN 201310418905 A CN201310418905 A CN 201310418905A CN 104469750 A CN104469750 A CN 104469750A
Authority
CN
China
Prior art keywords
data
signature
recipient
transmit leg
card
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201310418905.6A
Other languages
Chinese (zh)
Inventor
南相浩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Dongfang Information Technology Research Institute (beijing) Co Ltd
Original Assignee
Dongfang Information Technology Research Institute (beijing) Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Dongfang Information Technology Research Institute (beijing) Co Ltd filed Critical Dongfang Information Technology Research Institute (beijing) Co Ltd
Priority to CN201310418905.6A priority Critical patent/CN104469750A/en
Publication of CN104469750A publication Critical patent/CN104469750A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication

Abstract

The invention discloses an autonomous controllable mobile internet business initiating method and a device, and also discloses an autonomous controllable mobile internet business receiving method and a device. A system of the device comprises a subscriber identity module (SIM) card and a combined public key (CPK) card. A mobile terminal comprises all fixed terminals, including an internet. The SIM card provides communication connection service and trade connection service for the mobile internet. With good recognition, phone numbers can be directly used as an address of a future internet. Being capable of providing true proof of communication connection and trade connection, the CPK card can be directly used as a basis of autonomous controllable communication and trade of the future internet.

Description

The operational approach of autonomous controlled mobile Internet and device
Technical field
The present invention relates to Internet technical field, specifically, relate to a kind of business initiation/receiving method of autonomous controlled mobile Internet, initiation/receiving device and operation system.
Background technology
At present, walk crosswise various Malware and junk information on the internet, the severe contamination environment for use of the Internet, directly have influence on the existence of the Internet, therefore, various countries carry out the research of new generation of green the Internet one after another, the emphasis of Internet technology have been transferred to autonomous controlled aspect.According to the experience realizing Internet technology both at home and abroad, can learn will have autonomous controlled ability on the internet, must solve two problems: one is that the address code defined must have generally acknowledged property; Two is that the address code defined must have the property demonstrate,proved.At present the Internet be Internet(internet), be the Internet on fixed terminal (as computer), its IP address is random number, and both generally acknowledge property, also do not have the property demonstrate,proved, in order to address this problem, a solution is all being sought by each state.
Along with the appearance of Intelligent mobile terminal, cause the concept of mobile Internet, the proposition of mobile Internet concept, for Future Internet provides the new chance of development, so-called mobile Internet refers to the Internet on mobile terminal (as mobile phone), and according to present case, the telephone number in mobile Internet has generally acknowledged property, as long as thus the authenticity solving telephone number or address code proves, just can solve the independently controlled key issue of mobile Internet.
The Internet is transactional services.If solve the autonomous controlled problem of internet communication, the autonomous controlled problem of internet business in like manner can be solved.Transaction is differentiated point discriminating in advance and is differentiated afterwards, and autonomous controllability then depends on prior authentication technique.
But at present, the authenticity for the mark such as telephone number or address code proves that this key issue is not also resolved, and then for the autonomous controlled problem of whole mobile Internet or the autonomous controlled problem to transaction, effective solution is not all proposed.
Summary of the invention
For the problem in correlation technique, the present invention proposes a kind of communication (comprising transaction) initiation/receiving method of autonomous controlled mobile Internet, initiation/receiving device and communication system, the independently controlled of mobile Internet communication layers can not only be ensured, but also the independently controlled of mobile Internet transaction layer can be ensured, solve the autonomous controlled problem of mobile Internet.
Technical scheme of the present invention is achieved in that
According to an aspect of the present invention, provide a kind of Business Initiator's method of autonomous controlled mobile Internet, for autonomous controlled internet system, autonomous controlled internet system is made up of SIM card and CPK card, wherein, SIM card is used for providing communication connection to be connected with transaction to mobile Internet, and CPK card is used for the communication connection for SIM card provides and connection of concluding the business provides authenticity to prove.
This Business Initiator's method, comprising:
Before data transmission, transmit leg provides address designation by the SIM card being positioned at transmit leg side to mobile Internet, and transmit leg is also by address designation that the CPK card being positioned at transmit leg side provides according to SIM card, generating identification is signed, and impels address designation to have the property demonstrate,proved;
The data that transmit leg is sent as required by CPK card, generate data signature;
Identification signature, data signature and data are sent to recipient by transmit leg.
In addition, this Business Initiator's method also comprises: transmit leg is encrypted the data that needs send.
Wherein, transmit leg comprises needing the data sent to be encrypted: the data that transmit leg is sent by the first double secret key needs generated are encrypted; Transmit leg is encrypted by the second double secret key first key, and, the first key after encryption is sent to recipient.
Wherein, the second key is the PKI of recipient.
Alternatively, address designation comprise following one of at least: communication number, e-mail address, IP address.
Alternatively, transmit leg and recipient include following one of at least: intelligent terminal, unintelligent terminal, mobile terminal, fixed terminal.
Alternatively, data comprise following one of at least: communication data, transaction data.
According to a further aspect in the invention, provide a kind of business apparatus for initiating of autonomous controlled mobile Internet, for autonomous controlled internet system, autonomous controlled internet system is made up of SIM card and CPK card, wherein, SIM card is used for providing communication connection to be connected with transaction to mobile Internet, and CPK card is used for the communication connection for SIM card provides and connection of concluding the business provides authenticity to prove.
This business apparatus for initiating, comprising:
First signature generation module, for before data transmission, provides address designation by SIM card to mobile Internet, and by the address designation that CPK card provides according to SIM card, generating identification is signed, and impels address designation to have the property demonstrate,proved;
Second signature generation module, for the data sent as required by CPK card, generates data signature;
Sending module, for being sent to recipient by identification signature, data signature and data.
In addition, this business apparatus for initiating also comprises: encrypting module, is encrypted for the data sent needs.
Wherein, encrypting module comprises the first encryption submodule and the second encryption submodule further, and the first encryption submodule, needs the data sent to be encrypted for the first double secret key by generating; Second encryption submodule, for being encrypted by the second double secret key first key, and, the first key after encryption is sent to recipient.
Wherein, the second key is the PKI of recipient.
Alternatively, address designation comprise following one of at least: communication number, e-mail address, IP address.
Alternatively, transmit leg and recipient include following one of at least: intelligent terminal, unintelligent terminal, mobile terminal, fixed terminal.
Alternatively, data comprise following one of at least: communication data, transaction data.
In accordance with a further aspect of the present invention, provide a kind of service receiver method of autonomous controlled mobile Internet, for autonomous controlled internet system, autonomous controlled internet system is made up of SIM card and CPK card, wherein, SIM card is used for providing communication connection to be connected with transaction to mobile Internet, and CPK card is used for the communication connection for SIM card provides and connection of concluding the business provides authenticity to prove.
This service receiver method, comprising:
Recipient receives identification signature and the data signature of transmit leg transmission;
Recipient verifies according to the address designation of identification signature to transmit leg received, and under be address designation being real situation at the result, recipient verifies the integrality of data and authenticity according to data signature;
When needing the data of transmission by checking, the data to receiving are allowed to process.
Wherein, under be address designation being fict situation in the result verified the address designation of transmit leg, recipient rejects data.
In addition, this service receiver method also comprises: when data are encrypted, recipient is to decrypt data.
Wherein, recipient comprises decrypt data: recipient receives the first key through the second secret key encryption that transmit leg sends; Recipient is decrypted by the first key of the 3rd key pair encryption with the second key pair; Recipient utilizes the decrypt data by deciphering the first double secret key reception obtained.
Wherein, the second key is the PKI of recipient, and the 3rd key is the private key of recipient.
Alternatively, transmit leg and recipient include following one of at least: intelligent terminal, unintelligent terminal, mobile terminal, fixed terminal.
Alternatively, data comprise following one of at least: communication data, transaction data.
According to another aspect of the invention, provide a kind of business receiving device of autonomous controlled mobile Internet, for autonomous controlled internet system, autonomous controlled internet system is made up of SIM card and CPK card, wherein, SIM card is used for providing communication connection to be connected with transaction to mobile Internet, and CPK card is used for the communication connection for SIM card provides and connection of concluding the business provides authenticity to prove.
This business receiving device, comprising:
Signature receiver module, for receiving identification signature and the data signature of transmit leg transmission;
Signature verification module, for verifying according to the address designation of identification signature to transmit leg received, under be address designation being real situation, verifies the integrality of data and authenticity according to data signature at the result;
Data processing module, for when needing the data of transmission by checking, allows the data to receiving to process.
Wherein, data processing module, also under be address designation to the result verified of address designation sent being fict situation, rejection data.
In addition, this business receiving device also comprises: deciphering module, for when data are encrypted, to decrypt data.
Wherein, the further receiver module of deciphering module, the first deciphering submodule and the second deciphering submodule, wherein, receiver module, for receiving the first key through the second secret key encryption that transmit leg sends; First deciphering submodule, for being decrypted by the first key of the 3rd key pair encryption with the second key pair; Second deciphering submodule, for utilizing the decrypt data by deciphering the first double secret key reception obtained.
Wherein, the second key is the PKI of recipient, and the 3rd key is the private key of recipient.
Alternatively, transmit leg and recipient include following one of at least: intelligent terminal, unintelligent terminal, mobile terminal, fixed terminal.
Alternatively, data comprise following one of at least: communication data, transaction data.
According to another aspect of the invention, a kind of communication system of autonomous controlled mobile Internet is provided.This communication system, for autonomous controlled internet system, autonomous controlled internet system is made up of SIM card and CPK card, wherein, SIM card is used for providing communication connection to be connected with transaction to mobile Internet, and CPK card is used for the communication connection for SIM card provides and connection of concluding the business provides authenticity to prove.
This communication system, comprising:
First signature generation module, is positioned at transmit leg side, for before data transmission, address designation is provided to mobile Internet by SIM card, and by the address designation that CPK card provides according to SIM card, generating identification is signed, and impels address designation to have the property demonstrate,proved;
Second signature generation module, is positioned at transmit leg side, for the data sent as required by CPK card, generates data signature;
Sending module, is positioned at transmit leg side, for identification signature, data signature and data are sent to recipient;
Signature receiver module, is positioned at recipient side, for receiving identification signature and the data signature of transmit leg transmission;
Signature verification module, is positioned at recipient side, for verifying according to the address designation of identification signature to transmit leg received, under be address designation being real situation, verifies the integrality of data and authenticity according to data signature at the result;
Data processing module, is positioned at recipient side, for when needing the data of transmission by checking, allows the data to receiving to process.
In addition, this communication system also comprises encrypting module and deciphering module, and wherein, encrypting module, is positioned at transmit leg side, is encrypted for the data sent needs; Deciphering module, for when data are encrypted, to decrypt data.
Wherein, encrypting module comprises the first encryption submodule and the second encryption submodule further, and the first encryption submodule, needs the data sent to be encrypted for the first double secret key by generating; Second encryption submodule, for being encrypted by the second double secret key first key, and, the first key after encryption is sent to recipient.
Wherein, the further receiver module of deciphering module, the first deciphering submodule and the second deciphering submodule, wherein, receiver module, for receiving the first key through the second secret key encryption that transmit leg sends; First deciphering submodule, for being decrypted by the first key of the 3rd key pair encryption with the second key pair; Second deciphering submodule, for utilizing the decrypt data by deciphering the first double secret key reception obtained.
Wherein, the second key is the PKI of recipient, and the 3rd key is the private key of recipient.
Alternatively, address designation comprise following one of at least: communication number, e-mail address, IP address.
Alternatively, transmit leg and recipient include following one of at least: intelligent terminal, unintelligent terminal, mobile terminal, fixed terminal.
Alternatively, data comprise following one of at least: communication data, transaction data.
The present invention is based on SIM card and CPK card, achieve the autonomous controllable function of mobile Internet, the communication of the mobile Internet made just was verified the authenticity of address designation in the communication acceptance stage, solve the difficult problem preventing illegal access, simplify the process setting up controlled connection, substantially increase identification efficiency, simultaneously, the communication of the mobile Internet also made just is verified the authenticity of data in reception process, achieves data signature, provides the responsible property of data.In addition, the present invention can also realize data encryption and decryption, provides the confidentiality of data, substantially increases the fail safe of data.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
Fig. 1 is the schematic flow sheet of Business Initiator's method of autonomous controlled mobile Internet according to the embodiment of the present invention;
Fig. 2 is the structural representation of the business apparatus for initiating of autonomous controlled mobile Internet according to the embodiment of the present invention;
Fig. 3 is the schematic flow sheet of the service receiver method of autonomous controlled mobile Internet according to the embodiment of the present invention;
Fig. 4 is the structural representation of the business receiving device of autonomous controlled mobile Internet according to the embodiment of the present invention;
Fig. 5 is the schematic flow sheet of communication layers communication data according to the embodiment of the present invention and transaction layer transaction data.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, the every other embodiment that those of ordinary skill in the art obtain, all belongs to the scope of protection of the invention.
According to embodiments of the invention, provide a kind of Business Initiator's method of autonomous controlled mobile Internet, for autonomous controlled internet system, autonomous controlled internet system is made up of SIM card and CPK card, wherein, SIM card is used for providing communication connection to be connected with transaction to mobile Internet, and CPK card is used for the communication connection for SIM card provides and connection of concluding the business provides authenticity to prove.Business involved in the present invention comprises the multiple business that may exist such as communication and transaction.
As shown in Figure 1, comprise according to Business Initiator's method of the autonomous controlled mobile Internet of the embodiment of the present invention:
Step S101, before data transmission, transmit leg provides address designation by the SIM card being positioned at transmit leg side to mobile Internet, and, transmit leg is also by the address designation that the CPK card being positioned at transmit leg side provides according to SIM card, and generating identification is signed, and impels address designation to have the property demonstrate,proved;
Step S103, the data that transmit leg is sent as required by CPK card, generate data signature;
Step S105, identification signature, data signature and data are sent to recipient by transmit leg.
In addition, in order to the confidentiality of data, transmit leg can also be encrypted needing the data sent, and at transmit leg to when needing the data sent to be encrypted, first double secret key that can generate according to transmit leg needs the data sent to be encrypted, here the first key can be random definition, such as: self-defining password.
In addition, in order to ensure that recipient receives the data after encryption and can be decrypted, transmit leg needs the first key to send to recipient, and in order to prevent the first key from being intercepted by third party when transmission, cause the leakage of data encrypted, can be encrypted according to the second double secret key first key, after the first secret key encryption, again the first key after encryption is sent to recipient, wherein, the second key can be the PKI of recipient.And data mentioned here, can be communication data, also can be transaction data.
Certainly, in such scheme, address designation is also optional, can be communication number, also can be e-mail address or IP address, as long as possess generally acknowledged property, equally, communication terminal (namely above-mentioned transmit leg and recipient) is also optional, can be intelligent terminal or unintelligent terminal, also can be mobile terminal or fixed terminal simultaneously.
According to embodiments of the invention, additionally provide a kind of business apparatus for initiating of autonomous controlled mobile Internet, for autonomous controlled internet system, autonomous controlled internet system is made up of SIM card and CPK card, wherein, SIM card is used for providing communication connection to be connected with transaction to mobile Internet, and CPK card is used for the communication connection for SIM card provides and connection of concluding the business provides authenticity to prove.
As shown in Figure 2, comprise according to the business apparatus for initiating of the autonomous controlled mobile Internet of the embodiment of the present invention:
First signature generation module 21, for before data transmission, provides address designation by SIM card to mobile Internet, and by the address designation that CPK card provides according to SIM card, generating identification is signed, and impels address designation to have the property demonstrate,proved;
Second signature generation module 22, for the data sent as required by CPK card, generates data signature;
Sending module 23, for being sent to recipient by identification signature, data signature and data.
In addition, in order to the confidentiality of data, this business apparatus for initiating can also have encrypting module (not shown), is encrypted for the data sent needs; And when the data sent needs are encrypted, the data sent can be needed to be encrypted by the first double secret key generated according to the first encryption submodule (not shown) in encrypting module, here the random definition of the first key, such as: self-defining password.
In addition, in order to ensure that recipient receives the data after encryption and can be decrypted, also can be encrypted by the second double secret key first key according to the second encryption submodule (not shown) in encrypting module, and, the first key after encryption is sent to recipient, wherein, second key can make the PKI of recipient, and, data mentioned here, can be communication data, also can be transaction data.
Certainly, in such scheme, address designation is also optional, can be communication number, also can be e-mail address or IP address, as long as possess generally acknowledged property, equally, communication terminal (namely above-mentioned transmit leg and recipient) is also optional, can be intelligent terminal or unintelligent terminal, also can be mobile terminal or fixed terminal.
According to embodiments of the invention, additionally provide a kind of service receiver method of autonomous controlled mobile Internet, for autonomous controlled internet system, autonomous controlled internet system is made up of SIM card and CPK card, wherein, SIM card is used for providing communication connection to be connected with transaction to mobile Internet, and CPK card is used for the communication connection for SIM card provides and connection of concluding the business provides authenticity to prove.
As shown in Figure 3, comprise according to the service receiver method of the autonomous controlled mobile Internet of the embodiment of the present invention:
Step S301, recipient receives identification signature and the data signature of transmit leg transmission;
Step S303, recipient verifies according to the address designation of identification signature to transmit leg received, and under be address designation being real situation at the result, recipient verifies the integrality of data and authenticity according to data signature;
Step S305, when needing the data of transmission by checking, allows the data to receiving to process.
Wherein, under be address designation being fict situation in the result verified the address designation of transmit leg, recipient rejects data.
In addition, when the data received are encrypted, recipient to decrypt data, and when receiving decrypt data, can be decrypted according to following steps: recipient receives the first key through the second secret key encryption that transmit leg sends; Recipient is decrypted by the first key of the 3rd key pair encryption with the second key pair; Recipient utilizes the decrypt data by deciphering the first double secret key reception obtained.Wherein, the second key can be the PKI of recipient, and the 3rd key can be the private key of recipient, and data mentioned here can be communication datas, also can be transaction data.
Certainly, in such scheme, communication terminal (namely above-mentioned transmit leg and recipient) is also optional, can be intelligent terminal or unintelligent terminal, also can be mobile terminal or fixed terminal.
According to embodiments of the invention, additionally provide a kind of business receiving device of autonomous controlled mobile Internet, for autonomous controlled internet system, autonomous controlled internet system is made up of SIM card and CPK card, wherein, SIM card is used for providing communication connection to be connected with transaction to mobile Internet, and CPK card is used for the communication connection for SIM card provides and connection of concluding the business provides authenticity to prove.
As shown in Figure 4, comprise according to the business receiving device of the autonomous controlled mobile Internet of the embodiment of the present invention:
Signature receiver module 41, for receiving identification signature and the data signature of transmit leg transmission;
Signature verification module 42, for verifying according to the address designation of identification signature to transmit leg received, under be address designation being real situation, verifies the integrality of data and authenticity according to data signature at the result;
Data processing module 43, for when needing the data of transmission by checking, allows the data to receiving to process.
Wherein, data processing module 43, also under be address designation to the result verified of address designation sent being fict situation, rejection data.
In addition, this business receiving device can also possess deciphering module (not shown), for when data are encrypted, to decrypt data, and when to decrypt data, first can receive first key through the second secret key encryption of transmit leg transmission according to the receiver module (not shown) in deciphering module, then be decrypted by the first key of the 3rd key pair encryption with the second key pair according to the first deciphering submodule (not shown) in deciphering module; Then the decrypt data by deciphering the first double secret key reception obtained is utilized according to the second deciphering submodule (not shown) in deciphering module.Wherein, the second key can be the PKI of recipient, and the 3rd key can be the private key of recipient, and data mentioned here can be communication datas, also can be transaction data.
Certainly, in such scheme, communication terminal (namely above-mentioned transmit leg and recipient) is also optional, can be intelligent terminal or unintelligent terminal, also can be mobile terminal or fixed terminal.
According to embodiments of the invention, additionally provide a kind of communication system of autonomous controlled mobile Internet, for autonomous controlled internet system, autonomous controlled internet system is made up of SIM card and CPK card, wherein, SIM card is used for providing communication connection to be connected with transaction to mobile Internet, and CPK card is used for the communication connection for SIM card provides and connection of concluding the business provides authenticity to prove.
Communication system according to the autonomous controlled mobile Internet of the embodiment of the present invention comprises:
First signature generation module, is positioned at transmit leg side, for before data transmission, address designation is provided to mobile Internet by SIM card, and by the address designation that CPK card provides according to SIM card, generating identification is signed, and impels address designation to have the property demonstrate,proved;
Second signature generation module, is positioned at transmit leg side, for the data sent as required by CPK card, generates data signature;
Sending module, is positioned at transmit leg side, for identification signature, data signature and data are sent to recipient;
Signature receiver module, is positioned at recipient side, for receiving identification signature and the data signature of transmit leg transmission;
Signature verification module, is positioned at recipient side, for verifying according to the address designation of identification signature to transmit leg received, under be address designation being real situation, verifies the integrality of data and authenticity according to data signature at the result;
Data processing module, is positioned at recipient side, for when needing the data of transmission by checking, allows the data to receiving to process.
In addition, in order to the confidentiality of data, this communication system can also arrange encrypting module in transmit leg side, be encrypted needing the data sent by encrypting module, and to when needing the data sent to be encrypted, the data sent can be needed to be encrypted by the first double secret key generated according to the first encryption submodule in encrypting module.
In addition, in order to ensure that recipient receives the data after encryption and can be decrypted, also can be encrypted by the second double secret key first key according to the second encryption submodule in encrypting module, and, the first key after encryption is sent to recipient.
In addition, this communication system also can arrange deciphering module in recipient side, by deciphering module when data are encrypted, to decrypt data.And when to decrypt data, first can receive first key through the second secret key encryption of transmit leg transmission according to the receiver module in deciphering module, then be decrypted by the first key of the 3rd key pair encryption with the second key pair according to the first deciphering submodule in deciphering module; Then the decrypt data by deciphering the first double secret key reception obtained is utilized according to the second deciphering submodule in deciphering module.
In such scheme, the first key can be random definition, such as: self-defining password.And the second key can be the PKI of recipient, 3rd key can be the private key of recipient, and, in such scheme, said data can be communication datas, also can be transaction data, certainly, in such scheme, address designation is also optional, it can be communication number, also can be e-mail address or IP address, as long as possess generally acknowledged property, equally, equally, communication terminal (namely above-mentioned transmit leg and recipient) is also optional, can be intelligent terminal or unintelligent terminal, also can be mobile terminal or fixed terminal simultaneously.
The present invention realizes in SIM card and CPK card, communication connection is provided by SIM card, existing SIM card is without the need to changing, address designation (such as: telephone number, e-mail address, IP address etc.) is only provided, ensure the fairness of address designation, and CPK cartoon crosses the property demonstrate,proved that the Conbined public or double key physique that self possesses and CPK agreement in turn ensure that address designation, thus well for the autonomous controllable function realizing mobile Internet provides foundation.Wherein, CPK card can realize this function in SIM card, also can realize this function on mobile phone memory card (TF card).
In addition, autonomous controllable function is mainly embodied in recipient, and the receiving course of recipient carries out in two steps: acceptance procedure and reception process.In acceptance procedure, the judgement connect is made to this phone, note, mail, mail; In reception process, the responsible property of this phone, note, mail, mail is judged.If data are encrypted state, then to decrypt data.
Acceptance procedure is that the authenticity of telephone number (address designation) proves to differentiate.Mark authenticity proves is lodged a proof by transmit leg, and the mode of recipient's experimental evidence is carried out.
Below by way of an example, above-mentioned overall plan of the present invention is described.
If Alice representative telephone number or email address, the evidence that transmit leg goes out for proof mark authenticity is identification signature, and identification signature identifies (Alice) to the signature of time (time):
SIG alice(time)=(s 1,c 1)=sign 1
The evidence that the transmit leg bit data property be responsible for is shown is data signature.Data signature is the signature of mark to data integrity code:
SIG alice(mac)=(s 2,c 2)=sign 2
Evidence is made message and sends by transmit leg:
Msg Alice→Bob:{Alice,time,sign1,Bob,data,sign2}
The checking of recipient, carry out acceptance procedure and reception process respectively, acceptance procedure is verified identification signature.If be not inconsistent, then reject this communication.
VER ALICE(time,s 1)=c 1
Reception process verifies Message Authentication Code.If be not inconsistent, by data otherwise processed.
VER ALICE(mac,s 2)=c 2
If need data encryption, the ciphering process of transmit leg to data is as follows:
Alice defines data encryption key at random:
key=rG;
Alice is to data encryption:
Ekey(data)=code
Alice calculates the PKI of Bob:
HASH(Bob)→σ2(Ri,j)→BOB
The PKI BOB of key key Bob is encrypted:
ENCBOB(key)=β
Wherein, E is the encryption function of symmetric key, and ENC is the encryption function of unsymmetrical key.
Alice sends message:
Msg Alice→Bob:{Alice,time,sign1,β,code,sign2}
The decrypting process of recipient to data is as follows:
Recipient Bob is decrypted key:
DEC bob(β)=bob -1bob rG=key
Bob is to decrypt data:
D key(code)=data
For convenience of understanding, below from the angle of SIM card and CPK card, technique scheme of the present invention is described.
In the present invention, by component based on SIM card and CPK card, to realize the autonomous controllable function of mobile Internet, wherein, the space (comprising the flash of 128KB) that SIM card provides telephone number to realize CPK card for CPK card, CPK card comprises CPK identification system, and CPK identification system is made up of CPK public key system and CPK authentication protocol, is described below:
CPK public key system (Combined Public Key, CPK) is the public key system based on mark, and ECC system of adopting international standards realizes.In CPK public key system, elliptic curve is with E:y 2=x 3+ ax+b (modp) shows out; Parameter is T={a, b, G, n, p}, and wherein, G is basic point, and n is rank, and p is modulus; Cipher key matrix, is divided into private key matrix (r i,j) and PKI matrix (R i.j), (i, j=1..32); HASH function, adopts international hash function; Hinting obliquely at algorithm is divided into private key to hint obliquely at algorithm and PKI hints obliquely at algorithm, and wherein, private key hints obliquely at algorithm σ 1mark, PKI hints obliquely at algorithm σ 2mark.
The public/private key of hypotheses creation Alice.Private key generative process:
HASH(Alice)→σ 1(r i,j)→alice
PKI generative process:
HASH(Alice)→σ 2(R i,j)→ALICE
Wherein, HASH (Alice)=YS, YS is random sequence, is divided into 32 1 by 5 units, i and j of 32 makes the coordinate of matrix.σ 1and σ 2composite function,
σ 1=∑(r i,j)mod n=alice
σ 2=∑(R i,j)=ALICE
Due to σ 2(R i,j) open, PKI can be calculated by anyone, and private key is then provided by CPK card.The key management scale of CPK is greater than 10 48.
CPK authentication protocol comprises digital signature protocol, data encryption protocol, password replacing agreement, cryptographic key protection agreement etc.Authentication protocol realizes on Truth Value Logic basis.
In Truth Value Logic, an entity is divided into two parts, namely identifies (identity) and body (body):
entity=identity+body
Mark is the unique name representing an entity, and body is exactly entity itself.Truth Value Logic is made up of two proof procedures: mark discrimination process and body discrimination process, and mark and body integraty prove and automatically complete in body proves.
AUTH(entity)=AUTH(ID)∩AUTH(body)
Mark authenticity proves the signature of mark to preset time.Because mark discriminating independently can carry out before body event occurs, therefore claim " differentiating in advance ".
If: the PKI of entity A lice is ALICE, and private key is alice, and so identifying Alice authenticity function is identify (private key) to the signature of time:
AUTH(Alice)=SIG alice(time)=sign 1=(s 1,c 1)
Identity verification function is then:
VER ALICE(time,s 1)=c 1
If c 1=c 1', the entity identification Alice that authentication demonstrates this moment is true.
Body authenticity proves the signature identified main body characteristic or body integrality.Because body is differentiated always to carry out after the body time occurs, therefore claim " time discriminating ".
AUTH(body)=SIG alice(CHR)=sign 2=(s 2,c 2)
Or
AUTH(body)=SIG alice(MAC)=sign 2=(s 2,c 2)
Wherein, main body characteristic (CHR) is the code representing main body characteristic, if body is physics, then using the physical features (fingerprint, photo) of datumization as main body characteristic; If body is logic, then using the integrity code of data as main body characteristic.
Wherein, integrality is: Hash (data)=MAC.
Wherein, body checking function is: VER aLICE(MAC, s 2)=c 2'.
If c 2=c 2', then demonstrate the authenticity of body, also demonstrate the integraty of mark and this subject.
In transaction is differentiated, process of exchange is divided into acceptance procedure (accept process) and accepts process (receptprocess), and its proof procedure and solid identification are completely corresponding, no longer repeat.
As shown in Figure 5, of the present inventionly independently controlledly can act on communication layers, also can act on transaction layer, wherein, communicate to connect between Term1 and Term2, what occur between Alice and Bob is that transaction connects.Both is independently process each other, general mark difference used, but can by identical mark.
Below with regard to the flow process operation of communication layers and the flow process operation of transaction layer, technical scheme of the present invention is further described.
In communication layers, autonomous controlled interconnected in order to realize, transmit leg will provide evidence and the data validity evidence of mark authenticity; Recipient verifies transmitting side marking authenticity and data validity.Thus work flow just comprises communication connection flow process and transfer of data flow process.
Wherein, the communication connection flow process of transmit leg is as follows:
SIG term1(time)=(s 1,c 1)=sign1
Wherein, Term1 represents the telephone number of transmit leg, and the evidence of mark authenticity is the identification signature of transmit leg oneself, and identification signature is that mark (Term1) is to the signature of time (time).
Evidence is made message and sends by transmit leg:
Msg1:Term1→Term2:{Term1,time,sign1}
It is as follows that recipient communicates to connect flow process:
VER TERM1(time,s 1)=c 1
Recipient enters the reception process of communication, and in acceptance procedure, checking identification signature, determines to accept; Wherein, if c 1=c 1', then prove mark Term1(telephone number) be true, otherwise be false.Now show on the screen of folding and unfolding, originator's phone number or name, the result be by or do not pass through.According to the result, user can select processing mode: receive or reject.Because the acceptance procedure of communication connection independently carried out before data transmission procedure, claim to prove in advance, the generation of illegal access can be prevented.
Transmit leg transfer of data flow process is as follows:
Transmit leg data validity evidence identifies (Term1) to the signature of data integrity code (mac):
SIG term1(mac)=(s 2,c 2)=sign2
Evidence and data are made message and send by transmit leg:
Msg2:Term1→Term2:{data,sign2}
Receiving side data reception process is as follows:
VER TERM1(mac,s 2)=c 2
Recipient verifies Message Authentication Code, wherein, if c 2=c 2', then prove that data mac is true, otherwise be false, the result shows on screen, for user provides process foundation.Because reception process just can carry out after reception data, claim to prove afterwards.
In CPK agreement, also can comprise data encryption, its operation process is as follows:
The encryption flow of transmit leg:
Term1 defines data encryption key at random:
key=rG;
Term1 is to data encryption:
E key(data)=code
Term1 calculates the PKI of Term2:
HASH(Term2)→σ 2=∑(R i,j)→TERM2
The PKI TERM2 of key key Term2 is encrypted:
ENC TERM2(key)=β
Wherein, E is the encryption function of symmetric key, and ENC is the encryption function of unsymmetrical key.
Enciphered data is made message by transmit leg Term1:
Msg3:Term1→Term2:{β,code,sign 2}
Recipient Term2 deciphers flow process:
First solve data encryption key key with the private key term2 of oneself:
DEC term2(β)=term2 -1term2rG=key
To data deciphering:
D key(code)=data
Wherein, DEC is the decryption function of unsymmetrical key, and D is the decryption function of symmetric key.Private key term2 is provided by CPK card.
In transaction layer, autonomous controlled interconnected in order to realize, the transmit leg of transaction will provide evidence and the transaction data authenticity proof of mark authenticity; Recipient verifies transmitting side marking authenticity and data validity.
The communication connection flow process of transmit leg is as follows:
SIG tlice(time)=(s 1,c 1)
Wherein, Alice represents transmit leg, and the evidence of mark authenticity is the identification signature of transmit leg oneself, and identification signature is that mark (Allice) is to the signature of time (time).
Evidence is made message and sends by transmit leg:
Msg1:Alice→Bob:{Alice,time,sign 1}
Wherein, Alice represents transmit leg Bob and represents recipient.
It is as follows that recipient communicates to connect flow process:
VER ALICE(time,s 1)=c 1
Recipient enters the reception process of communication, and in acceptance procedure, checking identification signature, determines to accept; Wherein, if c 1=c 1', then prove that mark Alice is true, otherwise be false.Now on the screen of folding and unfolding, show the result.According to the result, user can select processing mode: receive or reject.Because transaction acceptance procedure independently carried out before receiving course, claim to prove in advance, the generation of illegal access can be prevented.
Transmit leg transaction data flow process is as follows:
SIG alice(mac)=(s 2,c 2)
Wherein, transmit leg transaction data authenticity proof is that mark (Alice) is to the signature of data integrity code (mac).
Receiving side data reception process is as follows:
VER ALICE(mac,s 2)=c 2
Wherein, recipient verifies Message Authentication Code, if c 2=c 2', then prove that data mac is true, otherwise be false, the result shows on screen, for user provides process foundation.Because reception process just can carry out after reception data, claim to prove afterwards.
In CPK agreement, also can comprise data encryption, its operation process is as follows:
The encryption flow of transmit leg:
Alice defines data encryption key at random:
key=rG;
Alice is to data encryption:
E key(data)=code
Alice calculates the PKI of Bob:
HASH(Bob)→σ 2=∑(R i,j)→BOB
The PKI Bob of key key Bob is encrypted:
ENC BOB(key)=β
Wherein, E is the encryption function of symmetric key, and ENC is the encryption function of unsymmetrical key.
Enciphered data is made message by transmit leg Alice:
Msg3:Alice→Bob:{β,code,sign 2}
Recipient Bob deciphers flow process:
First solve data encryption key key with the private key bob of oneself:
DEC bob(β)=bob -1bob rG=key
To data deciphering:
D key(code)=data
Wherein, DEC is the decryption function of unsymmetrical key, and D is the decryption function of symmetric key.Private key bob is provided by CPK card.
In above-mentioned communication layers and transaction layer, communication layers and transaction layer are independently two processes each other, in transaction layer, data need classification, because the mark of different pieces of information may be different, need to enter different processing procedures, with the difference of data type, form separately independently corresponding application system, as note, mail, file, bill etc., if need to process miscellaneous service, so in CPK card, application has multiple private key.When selling SIM card or IC-card in site, the required mark of write, as name, account etc., name, account etc., after definition, just can not be revised, can not define for the second time, like this, during private key application, name, the private key of account and the private key corresponding to telephone number can be corresponded to by automatic distributing.All private keys are by the unified management of CPK card agreement.
Wherein, the process of private key application is as follows: private key application form comprise mark, No. UID, mark, No. UID to mark signature, be automatically sent to website or center.The function sent is msg:={UID, sign, ID}, and wherein, sign is SIGuid (ID)=sign=(s, c); Uid is the private key of No. UID; S is signed codevector; C is check code; ID is the mark of application private key.
Wherein, the process of Private key distribution is as follows: website or center check the authenticity of mark: VER uIDs ()=c ', if c=c ', then generates private key.Wherein UID (capitalization, italic) is the PKI of UID.The public key encryption of private key sk UID is sent: as: select a random number r, calculate: rG=key, E key(sk)=code, ENC uID(key)=β, sends: msg={code, β }, wherein, E is symmetric cryptography, and ENC is asymmetric encryption.Private key ablation process is as follows: after msg arrives subscriber equipment, private key is deciphered by CPK system automatically: DEC uid(β)=key, D key(code) private key sk charges in chip by private key protection agreement by=sk.Wherein, DEC is asymmetric deciphering, and D is symmetrical deciphering.So far, distribution procedure terminates
Whole process is carried out automatically, all carries out in sheet, does not expose.Telephone number in SIM card, name can only obtain by automatic scan, in key distribution, reduce manual intervention as far as possible.Private key is only sent out once, existing private key, can not apply for for the second time.
In sum, by means of technique scheme of the present invention, realize the independently controlled of mobile Internet by SIM card and CPK card, there is the mark identification function differentiated in advance, effectively prevent illegal access; And mark can be to solve a case to the function of data signature and provides electronic evidence, evidence obtaining is convenient, can be built with order terre verte network; Independently controlled foundation can be provided to user, realize the security strategy of autonomous management, and for the function of data encryption, the effect of available protecting individual privacy can be played.
The foregoing is only preferred embodiment of the present invention, not in order to limit the present invention, within the spirit and principles in the present invention all, any amendment done, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.

Claims (17)

1. Business Initiator's method of an autonomous controlled mobile Internet, it is characterized in that, this initiating method is used for autonomous controlled internet system, described autonomous controlled internet system is made up of SIM card and CPK card, wherein, SIM card is used for providing communication connection to be connected with transaction to mobile Internet, and CPK card is used for the communication connection for SIM card provides and connection of concluding the business provides authenticity to prove; Further, this initiating method comprises:
Before data transmission, transmit leg provides address designation by the SIM card being positioned at transmit leg side to mobile Internet, and transmit leg is also by address designation that the CPK card being positioned at transmit leg side provides according to described SIM card, generating identification is signed, and impels described address designation to have the property demonstrate,proved;
The data that described transmit leg is sent as required by described CPK card, generate data signature;
Described identification signature, data signature and described data are sent to recipient by described transmit leg.
2. Business Initiator's method according to claim 1, is characterized in that, comprise further:
Described transmit leg is encrypted needing the data sent.
3. Business Initiator's method according to claim 2, is characterized in that, described transmit leg comprises needing the data sent to be encrypted:
Described transmit leg needs the data sent to be encrypted by the first double secret key generated;
Described transmit leg is encrypted by the first key described in the second double secret key, and, the first key after encryption is sent to recipient.
4. Business Initiator's method according to claim 3, is characterized in that, described second key is the PKI of described recipient.
5. Business Initiator's method according to claim 1, is characterized in that, described address designation comprise following one of at least:
Communication number, e-mail address, IP address.
6. Business Initiator's method according to claim 1, is characterized in that, described transmit leg and recipient include following one of at least:
Intelligent terminal, unintelligent terminal, mobile terminal, fixed terminal.
7. the Business Initiator's method according to claim 1 to 6 any one, is characterized in that, described data comprise following one of at least:
Communication data, transaction data.
8. the business apparatus for initiating of an autonomous controlled mobile Internet, it is characterized in that, this apparatus for initiating is used for autonomous controlled internet system, described autonomous controlled internet system is made up of SIM card and CPK card, wherein, SIM card is used for providing communication connection to be connected with transaction to mobile Internet, and CPK card is used for the communication connection for SIM card provides and connection of concluding the business provides authenticity to prove; Further, this apparatus for initiating comprises:
First signature generation module, for before data transmission, provides address designation by SIM card to mobile Internet, and by the address designation that CPK card provides according to described SIM card, generating identification is signed, and impels described address designation to have the property demonstrate,proved;
Second signature generation module, for the data sent as required by described CPK card, generates data signature;
Sending module, for being sent to recipient by described identification signature, data signature and described data.
9. the service receiver method of an autonomous controlled mobile Internet, it is characterized in that, this receiving method is used for autonomous controlled internet system, described autonomous controlled internet system is made up of SIM card and CPK card, wherein, SIM card is used for providing communication connection to be connected with transaction to mobile Internet, and CPK card is used for the communication connection for SIM card provides and connection of concluding the business provides authenticity to prove; Further, this receiving method comprises:
Recipient receives identification signature and the data signature of the transmission of described transmit leg;
Recipient verifies according to the address designation of described identification signature to described transmit leg received, and under be described address designation being real situation at the result, described recipient verifies the integrality of data and authenticity according to described data signature;
When needing the data of transmission by checking, the described data to receiving are allowed to process.
10. service receiver method according to claim 9, is characterized in that, under be described address designation being fict situation in the result verified the address designation of described transmit leg, described recipient rejects described data.
11. service receiver methods according to claim 9, is characterized in that, comprise further:
When described data are encrypted, described recipient is to described decrypt data.
12. service receiver methods according to claim 11, it is characterized in that, described recipient comprises described decrypt data:
Described recipient receives described first key through described second secret key encryption that described transmit leg sends;
Described recipient is decrypted by described first key of the 3rd key pair encryption with described second key pair;
The described decrypt data that described recipient utilizes described first double secret key obtained by deciphering to receive.
13. service receiver methods according to claim 12, is characterized in that, described second key is the PKI of described recipient, and described 3rd key is the private key of described recipient.
14. service receiver methods according to claim 9, is characterized in that, described transmit leg and recipient include following one of at least:
Intelligent terminal, unintelligent terminal, mobile terminal, fixed terminal.
15., according to the service receiver method described in claim 9 to 14, is characterized in that, described data comprise following one of at least:
Communication data, transaction data.
The business receiving device of 16. 1 kinds of autonomous controlled mobile Internets, it is characterized in that, this receiving device is used for autonomous controlled internet system, described autonomous controlled internet system is made up of SIM card and CPK card, wherein, SIM card is used for providing communication connection to be connected with transaction to mobile Internet, and CPK card is used for the communication connection for SIM card provides and connection of concluding the business provides authenticity to prove; Further, this receiving device comprises:
Signature receiver module, for receiving identification signature and the data signature of the transmission of described transmit leg;
Signature verification module, for verifying according to the address designation of described identification signature to described transmit leg received, under be described address designation being real situation, verifies the integrality of data and authenticity according to described data signature at the result;
Data processing module, for when needing the data of transmission by checking, allows the described data to receiving to process.
The communication system of 17. 1 kinds of autonomous controlled mobile Internets, it is characterized in that, this communication system is used for autonomous controlled internet system, described autonomous controlled internet system is made up of SIM card and CPK card, wherein, SIM card is used for providing communication connection to be connected with transaction to mobile Internet, and CPK card is used for the communication connection for SIM card provides and connection of concluding the business provides authenticity to prove; Further, this communication system comprises:
First signature generation module, is positioned at transmit leg side, for before data transmission, address designation is provided to mobile Internet by SIM card, and by the address designation that CPK card provides according to described SIM card, generating identification is signed, and impels described address designation to have the property demonstrate,proved;
Second signature generation module, is positioned at transmit leg side, for the communication data sent as required by described CPK card, generates data signature;
Sending module, is positioned at transmit leg side, for described identification signature, data signature and described communication data are sent to recipient;
Signature receiver module, is positioned at recipient side, for receiving identification signature and the data signature of the transmission of described transmit leg;
Signature verification module, be positioned at recipient side, for verifying according to the address designation of described identification signature to described transmit leg received, under be described address designation being real situation at the result, according to described data signature, the integrality of data and authenticity are verified;
Data processing module, is positioned at recipient side, for when needing the data of transmission by checking, allows the described data to receiving to process.
CN201310418905.6A 2013-09-13 2013-09-13 Autonomous controllable mobile internet business method and device Pending CN104469750A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310418905.6A CN104469750A (en) 2013-09-13 2013-09-13 Autonomous controllable mobile internet business method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310418905.6A CN104469750A (en) 2013-09-13 2013-09-13 Autonomous controllable mobile internet business method and device

Publications (1)

Publication Number Publication Date
CN104469750A true CN104469750A (en) 2015-03-25

Family

ID=52914964

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310418905.6A Pending CN104469750A (en) 2013-09-13 2013-09-13 Autonomous controllable mobile internet business method and device

Country Status (1)

Country Link
CN (1) CN104469750A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104753671A (en) * 2013-12-27 2015-07-01 东方斯泰克信息技术研究院(北京)有限公司 Method of interconnection among network entities, device, CYBERnet construction method and device
CN104869554A (en) * 2015-04-08 2015-08-26 北京旅信顺捷软件科技有限公司 System for realizing mobile communication through co-location of SIM card and corresponding method
CN112087460A (en) * 2020-09-11 2020-12-15 北京中宏致远科技有限公司 Independently controllable security chip based on industry internet

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1859091A (en) * 2006-06-06 2006-11-08 南相浩 Credible link safety verifying system and method based on CPK
WO2007121641A1 (en) * 2006-04-24 2007-11-01 Beijing E-Henxen Authentication Technologies Co., Ltd. A cpk credibility authentication system using chip
CN101340282A (en) * 2008-05-28 2009-01-07 北京易恒信认证科技有限公司 Generation method of composite public key
CN102694818A (en) * 2012-06-08 2012-09-26 南相浩 Online distribution method and system for private keys in internet

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2007121641A1 (en) * 2006-04-24 2007-11-01 Beijing E-Henxen Authentication Technologies Co., Ltd. A cpk credibility authentication system using chip
CN1859091A (en) * 2006-06-06 2006-11-08 南相浩 Credible link safety verifying system and method based on CPK
CN101340282A (en) * 2008-05-28 2009-01-07 北京易恒信认证科技有限公司 Generation method of composite public key
CN102694818A (en) * 2012-06-08 2012-09-26 南相浩 Online distribution method and system for private keys in internet

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
陈文星: "《移动电子商务离线认证模型研究》", 31 December 2011 *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104753671A (en) * 2013-12-27 2015-07-01 东方斯泰克信息技术研究院(北京)有限公司 Method of interconnection among network entities, device, CYBERnet construction method and device
CN104869554A (en) * 2015-04-08 2015-08-26 北京旅信顺捷软件科技有限公司 System for realizing mobile communication through co-location of SIM card and corresponding method
WO2016161832A1 (en) * 2015-04-08 2016-10-13 北京旅信顺捷软件科技有限公司 System and corresponding method for realizing mobile communication via sim card management
CN112087460A (en) * 2020-09-11 2020-12-15 北京中宏致远科技有限公司 Independently controllable security chip based on industry internet

Similar Documents

Publication Publication Date Title
AU2021203815A1 (en) Methods for secure cryptogram generation
CN108199835B (en) Multi-party combined private key decryption method
CN103532713B (en) Sensor authentication and shared key production method and system and sensor
CN109257346B (en) Concealed transmission system based on block chain
CN102547688B (en) Virtual-dedicated-channel-based establishment method for high-credibility mobile security communication channel
CN104322003B (en) Cryptographic authentication and identification method using real-time encryption
US20060280297A1 (en) Cipher communication system using device authentication keys
EP0661845B1 (en) System and method for message authentication in a non-malleable public-key cryptosystem
CN107612934A (en) A kind of block chain mobile terminal computing system and method based on Secret splitting
CN107566128A (en) A kind of two side's distribution SM9 digital signature generation methods and system
CN105450406A (en) Data processing method and device
CN108768930A (en) A kind of encrypted transmission method of data
CN104243494B (en) A kind of data processing method
CN106059747A (en) Reusable public key certificate scheme based on public key infrastructure
CN106656510A (en) Encryption key acquisition method and system
CN101136748A (en) Identification authentication method and system
CN104424446A (en) Safety verification and transmission method and system
US6640303B1 (en) System and method for encryption using transparent keys
WO2015158172A1 (en) User identity identification card
CN103986583A (en) Dynamic encryption method and encryption communication system thereof
CN102082790A (en) Method and device for encryption/decryption of digital signature
CN107679847A (en) A kind of move transaction method for secret protection based on near-field communication bidirectional identity authentication
CN113507372A (en) Bidirectional authentication method for interface request
CN111416712B (en) Quantum secret communication identity authentication system and method based on multiple mobile devices
CN102281303A (en) Data exchange method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20150325

WD01 Invention patent application deemed withdrawn after publication