CN104935433B

CN104935433B - Method, communication device and the communication system of key jump in a kind of communication process

Info

Publication number: CN104935433B
Application number: CN201510111952.5A
Authority: CN
Inventors: 李东声
Original assignee: Tendyron Technology Co Ltd
Current assignee: Tendyron Technology Co Ltd
Priority date: 2015-03-13
Filing date: 2015-03-13
Publication date: 2018-11-16
Anticipated expiration: 2035-03-13
Also published as: CN104935433A

Abstract

The present invention provides method, communication device and communication system that key in a kind of communication process jumps, this method includes：Communicating terminal with communication opposite end during being communicated, the communicating terminal is when meeting preset jump triggering rule, currently used transmission key jump as new transmission key according to preset jump rule, and is encrypted or is decrypted using the new transmission key pair and the communication data for communicating opposite end.The present invention can use new transmission key and communication data encrypted or decrypted, the drawbacks of overcoming using single constant transmission key encryption and decryption, it solves once single transmission key to be cracked, the problem of then communication data of communication two party transmission can maliciously be stolen, ensure that the safety of the communication information of communication two party.

Description

Method, communication device and the communication system of key jump in a kind of communication process

Technical field

The present invention relates to the methods of key jump, communication in a kind of electronic technology field more particularly to a kind of communication process Device and communication system.

Background technique

Currently, during carrying out normal communication, communication line is possible to communication two party under existing communication system It can maliciously be monitored, communication data can maliciously be stolen, and the communication information of communication two party is unable to get safely guarantee, therefore, be It avoids the communication data in communication process from being monitored by malice to steal, usual communication two party can negotiate a transmission key, utilize The transmission key is encrypted or is decrypted to the communication data in communication process, to guarantee the safety of communication data.But Although the prior art has carried out encryption to communication data, transmission key is single and immobilizes, as long as can obtain Sufficient amount of message simultaneously carries out Brute Force to key, to break through its (transmission key) still relatively readily.Therefore, Once the single transmission key is cracked, the mechanism that communication data encrypts just is deposited using the single transmission key In very big security risk.

Summary of the invention

Present invention seek to address that not can guarantee communication two party using the mechanism that single transmission key encrypts communication data Communication information safety problem/one of.

Method, communication device and the communication system jumped the main purpose of the present invention is to provide key in a kind of communication process System.

In order to achieve the above objectives, technical solution of the present invention is specifically realized in：

According to an aspect of the invention, there is provided a kind of method that key jumps in communication process, including：

For communicating terminal during being communicated with communication opposite end, communicating terminal is meeting preset jump triggering rule When, currently used transmission key jump as new transmission key according to preset jump rule, and utilization it is new transmission it is close Key pair and the communication data of communication opposite end are encrypted or are decrypted.

In addition, before meeting preset jump triggering rule, alternatively, after meeting preset jump triggering rule, Currently used transmission key is jumped as before new transmission key, method is also according to preset jump rule according to preset Including：

Exit passageway is established in communicating terminal and communication opposite end, and negotiates to generate close with the communication common initial transmission in opposite end Key is encrypted or is decrypted using initial transmission key pair and the communication data of communication opposite end.

In addition, common initial transmission key includes one or more.

In addition, method further includes negotiating to generate with after the communication common initial transmission key in opposite end：By multiple public affairs Initial transmission key forms common transmission cipher key list, distributes key mark for multiple common initial transmission keys Know.

In addition, meeting preset jump triggering rule includes at least one of：

Reach the jump triggering factor；

Get key jump instruction.

In addition, the jump triggering factor, including at least one of：

Hop period, bound-time point, communication item number, communication data amount and random factor.

In addition, meeting preset jump triggering rule in communicating terminal when the jump triggering factor includes random factor Before, method further includes：

Obtain random factor.

In addition, key jump instruction includes at least one of：Communicate opposite end send key jump instruction, input it is close Key jump instruction and the key jump instruction generated according to preset rules.

In addition, jumped currently used transmission key for new transmission key according to preset jump rule, including with At least one under type：

Communicating terminal by iterative manner using currently used transmission key and operational factor according to preset algorithm into Row calculates, and generates new transmission key；

Communicating terminal is calculated using initial transmission key and operational factor according to preset algorithm, and new biography is generated Defeated key；

Operational factor that communicating terminal is generated using itself and the operational factor got from communication opposite end are according to presetting Algorithm calculated, generate new transmission key.

Communicating terminal successively selects under currently used transmission key from sequence or backward in common transmission cipher key list One transmission key is as new transmission key；

Communicating terminal selects new transmission key from common transmission cipher key list at random, and by the close of new transmission key Key mark is sent to communication opposite end；

Communicating terminal receives the key identification for the new transmission key that communication opposite end is sent, and in common transmission cipher key list The corresponding transmission key of middle selection key identification；

New key identification is calculated according to preset algorithm using operational factor for communicating terminal, and close in common transmission The corresponding transmission key of new key identification is found in key list as new transmission key.

In addition, new key identification is calculated according to preset algorithm using operational factor for communicating terminal, including：

Communicating terminal utilizes the currently used corresponding key identification of transmission key and operational factor root by iterative manner It is calculated according to preset algorithm, generates new key identification；

Communicating terminal is carried out using the initial corresponding key identification of transmission key and operational factor according to preset algorithm It calculates, generates new key identification；

Operational factor that communicating terminal is generated using itself and the operational factor got from communication opposite end are according to presetting Algorithm calculated, generate new key identification.

In addition, operational factor includes：The jump triggering factor.

According to an aspect of the invention, there is provided a kind of communication device, including：

Communication module is also used to transmit encrypted communication data for being communicated with opposite end communication device；

Key jumps module, during being communicated with opposite end communication device, is meeting preset jump triggering When regular, currently used transmission key is jumped as new transmission key according to preset jump rule；

Encryption Decryption module, for communication data to be encrypted or decrypted using new transmission key.

In addition, further including：

Key production module, for before meeting preset jump triggering rule, alternatively, being touched meeting preset jump After hair rule, currently used transmission key is jumped as new transmission key according to preset jump rule according to preset Before, exit passageway is established with opposite end communication device, and negotiates to generate and the common initial transmission key of opposite end communication device；

Encryption Decryption module is also used to add using initial transmission key pair and the communication data of opposite end communication device Close or decryption.

In addition, common initial transmission key includes one or more.

In addition, key production module, is also used to negotiating to generate and the common initial transmission key of opposite end communication device Later, multiple common initial transmission keys are formed into common transmission cipher key list, is that multiple common initial transmission are close Key distributes key identification.

In addition, meeting preset jump triggering rule includes at least one of：

Reach the jump triggering factor；

Get key jump instruction.

In addition, the jump triggering factor, including at least one of：

In addition, key jumps module, it is also used to meeting when the jump triggering factor includes random factor in communicating terminal Before preset jump triggering rule, random factor is obtained.

In addition, key jump instruction includes at least one of：The key jump instruction of opposite end communication device transmission, input Key jump instruction and according to preset rules generate key jump instruction.

In addition, key jumps module, it is new for being jumped currently used transmission key according to preset jump rule Transmission key, including at least one of：

It is calculated using currently used transmission key and operational factor according to preset algorithm by iterative manner, it is raw The transmission key of Cheng Xin；

It is calculated using initial transmission key and operational factor according to preset algorithm, generates new transmission key；

The operational factor generated using itself and the operational factor got from opposite end communication device are according to preset calculation Method is calculated, and new transmission key is generated.

Sequence or backward successively select next transmission of currently used transmission key from common transmission cipher key list Key is as new transmission key；

New transmission key is selected from common transmission cipher key list at random, and the key identification of new transmission key is sent out It send to opposite end communication device；

The key identification for the new transmission key that opposite end communication device is sent is received, and is selected in common transmission cipher key list Select the corresponding transmission key of key identification；

New key identification is calculated according to preset algorithm using operational factor, and in common transmission cipher key list The corresponding transmission key of new key identification is found as new transmission key；

In addition, key jumps module, for new key identification to be calculated according to preset algorithm using operational factor, Including：

By iterative manner using the currently used corresponding key identification of transmission key and operational factor according to preset Algorithm is calculated, and new key identification is generated；

It is calculated, is generated according to preset algorithm using the initial corresponding key identification of transmission key and operational factor New key identification；

The operational factor generated using itself and the operational factor got from opposite end communication device are according to preset calculation Method is calculated, and new key identification is generated.

In addition, operational factor includes：The jump triggering factor.

According to an aspect of the invention, there is provided a kind of communication system, including first terminal and second terminal；

First terminal includes communication device as above；

Second terminal includes communication device as above.

Compared with prior art, method, communication device and the communication system that key jumps in communication process provided by the invention System can carry out key jump, thus using new transmission key to communication data when meeting preset jump triggering rule Once the drawbacks of being encrypted or decrypted, being overcome using single constant transmission key encryption and decryption, solves the transmission single The problem of key is cracked, then the communication data of communication two party transmission can maliciously be stolen ensure that the communication letter of communication two party The safety of breath.

Detailed description of the invention

In order to illustrate the technical solution of the embodiments of the present invention more clearly, required use in being described below to embodiment Attached drawing be briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for this For the those of ordinary skill in field, without creative efforts, it can also be obtained according to these attached drawings other Attached drawing.

The method flow diagram of key jump in a kind of communication process that Fig. 1 provides for the embodiment of the present invention 1；

Fig. 2 is the schematic diagram that the new transmission key of generation is calculated using iterative manner that the embodiment of the present invention 1 provides；

Fig. 3 calculates new transmission key using initial transmission key and operational factor for what the embodiment of the present invention 1 provided Schematic diagram；

Fig. 4 is to carry out carrying out key jump when data interaction between a kind of terminal and terminal that the embodiment of the present invention 2 provides Flow chart；

Fig. 5 carries out carrying out key jump when data interaction between another terminal provided of the embodiment of the present invention 2 and terminal The flow chart of change；

Fig. 6 carries out carrying out key jump when data interaction between another terminal provided of the embodiment of the present invention 2 and terminal The flow chart of change；

Fig. 7 carries out carrying out key jump when data interaction between another terminal provided of the embodiment of the present invention 2 and terminal The flow chart of change；

Fig. 8 is the flow chart for establishing exit passageway that the embodiment of the present invention 2 provides；

Fig. 9 is a kind of structural schematic diagram for communication system that the embodiment of the present invention 3 provides；

Figure 10 is the communication device structural schematic diagram that the embodiment of the present invention 3 provides.

Specific embodiment

With reference to the attached drawing in the embodiment of the present invention, technical solution in the embodiment of the present invention carries out clear, complete Ground description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.Based on this The embodiment of invention, every other implementation obtained by those of ordinary skill in the art without making creative efforts Example, belongs to protection scope of the present invention.

In the description of the present invention, it is to be understood that, term " center ", " longitudinal direction ", " transverse direction ", "upper", "lower", The orientation or positional relationship of the instructions such as "front", "rear", "left", "right", "vertical", "horizontal", "top", "bottom", "inner", "outside" is It is based on the orientation or positional relationship shown in the drawings, is merely for convenience of description of the present invention and simplification of the description, rather than instruction or dark Show that signified device or element must have a particular orientation, be constructed and operated in a specific orientation, therefore should not be understood as pair Limitation of the invention.In addition, term " first ", " second " are used for description purposes only, it is not understood to indicate or imply opposite Importance or quantity or position.

In the description of the present invention, it should be noted that unless otherwise clearly defined and limited, term " installation ", " phase Even ", " connection " shall be understood in a broad sense, for example, it may be being fixedly connected, may be a detachable connection, or be integrally connected；It can To be mechanical connection, it is also possible to be electrically connected；It can be directly connected, can also can be indirectly connected through an intermediary Connection inside two elements.For the ordinary skill in the art, above-mentioned term can be understood at this with concrete condition Concrete meaning in invention.

The embodiment of the present invention is described in further detail below in conjunction with attached drawing.

Embodiment 1

Fig. 1 shows the method that key jumps in a kind of communication process of the embodiment of the present invention, and referring to Fig. 1, the present invention is real The method for applying key jump in the communication process of example offer, includes the following steps S101~S103：Wherein：

S101：Communicating terminal is communicated with communication opposite end；

Communicating terminal and communication opposite end in the present embodiment can be mobile terminal such as mobile phone, IPAD etc., be also possible to PC Etc. the terminal that can carry out network communication, the communication between communicating terminal and communication opposite end may include logical between communicating terminal Words, short message, mail, the APP application installed in terminal communication (voice-enabled chat of such as qq, wechat or sending message).

S102：Communicating terminal, will be currently used according to preset jump rule when meeting preset jump triggering rule Transmission key jump be new transmission key；

The present embodiment can carry out key jump, to utilize new transmission when meeting preset jump triggering rule The drawbacks of key pair communication data is encrypted or decrypted, and is overcome using single constant transmission key encryption and decryption, solves Once the problem of single transmission key is cracked, then the communication data of communication two party transmission can maliciously be stolen, ensure that logical Interrogate the safety of the communication information of both sides.

In a kind of optional embodiment in the present embodiment, before meeting preset jump triggering rule, alternatively, After meeting preset jump triggering rule, currently used transmission key is jumped according to preset jump rule according to preset Before becoming new transmission key, method provided in this embodiment further includes：

In the present embodiment, generated during establishing exit passageway and the common initial transmission key in opposite end, utilization The initial transmission key encryption and decryption, to guarantee the safety of communication information.In addition, negotiating transmission key can jump meeting Before triggering rule, it can also be carried out after meeting jump triggering rule, therefore, the present embodiment can neatly be negotiated with the time Transmission key improves user experience.

In a kind of optional embodiment in the present embodiment, common initial transmission key includes one or more. Negotiating to generate with after the communication common initial transmission key in opposite end, method provided in this embodiment further includes：It will be multiple Common initial transmission key forms common transmission cipher key list, distributes key mark for multiple common initial transmission keys Know.The corresponding transmission key of each key identification, in order to be inquired in common transmission cipher key list according to key identification pair The transmission key answered.Common transmission cipher key list provides the transmission key that can be jumped, it can in common transmission cipher key list It is jumped between these transmission keys provided.

In a kind of optional embodiment in the present embodiment, meet preset jump triggering rule, including：Reach jump Trigger the factor；Alternatively, getting key jump instruction.After meeting preset jump triggering rule, so that it may carry out key jump Become, i.e., jumps currently used transmission key for new transmission key.

Wherein, the jump triggering factor, including at least one of：Hop period, bound-time point, communication item number, communication Data volume and random factor.Hop period refers to that communication two party jumps rule after at regular intervals all in accordance with identical key Carry out key jump；Bound-time point can refer to specific time point, for example, 10 points, 11 points start to be jumped, can also be with Refer to the period that jump is postponed, for example, being jumped after two hours after one hour, communication two party interaction is primary, that is, communicates one Secondary to have a communication, communication item number refers to the number that communication two party communicates in total；Communication data amount may include preset number According to packet number or interaction times；Random factor includes random number or chance event, and random number can be random threshold value, is such as jumped It is period, bound-time point, communication item number, communication data amount etc., whole in communication when the jump triggering factor includes random factor Before meeting preset jump triggering rule, this method further includes at end：Obtain random factor.The random factor can be by leading to News opposite end is generated and sent at random to communicating terminal, and it is logical at this to be also possible to communicating terminal itself generates or user A random factor of terminal input is interrogated, and is sent to communication opposite end, so that communication two party when meeting random factor, carries out close Key jump.

Wherein, key jump instruction includes at least one of：Communicate key jump instruction, the communicating terminal that opposite end is sent The key jump instruction that the key jump instruction and communicating terminal of active user's input are generated according to preset rules.The key is jumped Become instruction can be by opposite end send, be also possible to communicating terminal it is received or oneself generate, getting the key jump After becoming instruction, route jump is carried out, to guarantee the communication security of communication two party.

It is according to preset jump rule that currently used transmission is close in a kind of optional embodiment in the present embodiment Key jump is new transmission key from the point of view of big frame, can be divided into two kinds：New transmission key is generated first is that recalculating； Second is that selecting a transmission key as new transmission key in common transmission cipher key list.

In the optional embodiment, for recalculating the case where generating new transmission key, according to preset jump At least one rule jumps currently used transmission key for new transmission key, include, but are not limited to, the following ways：

Mode one：Communicating terminal is by iterative manner using currently used transmission key and operational factor according to preset Algorithm is calculated, and new transmission key is generated；

In which one, communicating terminal and communication opposite end are utilized respectively iterative manner and calculate the new transmission key of generation simultaneously It jumps to the new transmission key and carries out encrypted transmission, for example, utilizing K0 and fortune as shown in Fig. 2, initial transmission key is K0 Calculate the factor and calculate the new transmission key K1 of generation by special algorithm, subsequent communicating pair jump to this new key into Next row encrypted transmission recycles K1 and operational factor to carry out calculating the new transmission key K2 of generation by special algorithm, according to Secondary progress operation generates new transmission key K3, K4, K5 ... until communication terminates.

Mode two：Communicating terminal is calculated using initial transmission key and operational factor according to preset algorithm, raw The transmission key of Cheng Xin；

In which two, when meeting preset jump triggering rule every time, communicating terminal and communication opposite end difference benefit Calculate by special algorithm with initial transmission key K0 and operational factor (Y1, Y2 ... Yn) and generates new transmission key (K1, K2 ... Yn) and new transmission key progress encrypted transmission is jumped to, as shown in Figure 3.

For example, communicating terminal generates a random number, random number is sent to communication opposite end, Ke Yi as operational factor Sending in jump instruction to communication opposite end includes the random number, and communication two party is each with initial transmission key K0 and current fortune It calculates factor Yn to be calculated by special algorithm, generates new transmission key Kn.

Mode three：The operational factor that communicating terminal is generated using itself and the operational factor root got from communication opposite end It is calculated according to preset algorithm, generates new transmission key.

In which three, communicating terminal itself generates an operational factor X1 (such as random number R 1), and receives communication pair The operational factor Y1 (such as random number R 2) generated is held, communication two party generates new transmission each with random number R 1 and random number R 2 Key Kn.

In above-mentioned three kinds of modes, as a kind of optional mode, operational factor includes：The jump triggering factor (jump week Phase, bound-time point, communication item number, communication data amount and random factor) and other preset factors, in the present embodiment, jump Becoming the triggering factor can participate in calculating new transmission key, especially when operational factor is random factor, so that the key generated It is flexibly random, the complexity for generating key is increased, breaking cryptographic keys is less susceptible to, improves the stability of transmission key, Jin Erbao Demonstrate,prove communication security.

In this optional embodiment, communicating terminal and communication opposite end pass through iterative manner (mode one), random fashion (side Formula two) and negotiation mode (mode three) generate new transmission key, by currently used transmission key jump for new transmission it is close Key to realize key jump, and then guarantees the communication security of communication two party.

In the optional embodiment, for selecting a transmission key as new biography in common transmission cipher key list The case where defeated key, jumps currently used transmission key for new transmission key according to preset jump rule, including but It is not limited at least one following manner：

Mode one：Communicating terminal sequence or backward from common transmission cipher key list successively select currently used transmission close Next transmission key of key is as new transmission key；

In which one, sequence or backward are successively using the transmission key in pre-generated transmission key list；Example If common transmission cipher key list includes n transmission key, corresponding key identification is：L0, L1 ... Ln, successively using L0, The corresponding transmission key of L1, L2 ... is until communication terminates.

Mode two：Communicating terminal selects new transmission key from common transmission cipher key list at random, and by new transmission The key identification of key is sent to communication opposite end；For example, common transmission cipher key list includes n transmission key, it is corresponding close Key is identified as：L0, L1 ... Ln, communicating terminal randomly choose L3, L3 are sent to communication opposite end, communication two party is default in satisfaction Jump when triggering rule, jump to the corresponding transmission key of L3, the corresponding transmission key of L3 utilized to carry out encryption communication.

Mode three：Communicating terminal receives the key identification for the new transmission key that communication opposite end is sent, and in common transmission The corresponding transmission key of key identification is selected in cipher key list；For example, common transmission cipher key list includes n transmission key, Corresponding key identification is：L0, L1 ... Ln, communicating terminal receive L3, in pre-generated common transmission cipher key list Communication line in the corresponding communication line of selection L3 communicated, communication two party is encrypted using the corresponding transmission key of L3 Communication.

Mode four：New key identification is calculated according to preset algorithm using operational factor for communicating terminal, and in public affairs The corresponding transmission key of new key identification is found as new transmission key in transmission key list altogether；

For example, pre-generated common transmission cipher key list includes：N transmission key, corresponding key identification are： Key identification Ln is calculated by preset algorithm in L0, L1 ... Ln, and it is close as new transmission to choose the corresponding transmission key of Ln Key is jumped.

In mode four, using operational factor according to preset algorithm be calculated new key identification can also use it is upper Three in the first situation kinds of modes (iterative manner, random fashion and negotiation mode) are stated to calculate new key identification, that is, extremely It less include one of following manner：

Mode one：Communicating terminal utilizes the currently used corresponding key identification of transmission key and operation by iterative manner The factor is calculated according to preset algorithm, generates new key identification；

For example, identical mode, the corresponding key identification of initial transmission key are L0 as shown in Figure 2, L0 and fortune are utilized It calculates the factor to carry out calculating the new corresponding key identification L1 of transmission key of generation by special algorithm, subsequent communicating pair jumps to The corresponding new key of this L1 carries out encrypted transmission, next L1 is recycled to be calculated with operational factor by special algorithm The corresponding key identification L2 of new transmission key is generated, operation is successively carried out and generates the corresponding key identification of new transmission key L3, L4, L5 ... are until communication terminates.

Mode two：Communicating terminal is using the initial corresponding key identification of transmission key and operational factor according to preset calculation Method is calculated, and new key identification is generated；

For example, using identical mode as shown in Figure 3, when meeting preset jump triggering rule every time, communicating terminal The corresponding key identification L0 of initial transmission key is utilized respectively with communication opposite end and operational factor (Y1, Y2 ... Yn) passes through spy Determine algorithm to carry out calculating the new corresponding key identification of transmission key (L1, L2 ... Yn) of generation and jump to corresponding key mark Know corresponding new transmission key and carry out encrypted transmission, for example, communicating terminal meet every time preset jump triggering it is regular when, A random number, i.e. operational factor (Y1, Y2 ... Yn) are generated, operational factor Yn is sent to communication opposite end, it can be to logical Interrogating opposite end and sending in jump instruction includes operational factor Yn, and communication two party is each with initial transmission key L0 and current fortune It calculates factor Yn to be calculated by special algorithm, generates new key identification Ln.

Mode three：The operational factor that communicating terminal is generated using itself and the operational factor root got from communication opposite end It is calculated according to preset algorithm, generates new key identification.

In which three, communicating terminal itself generates an operational factor X1 (such as random number R 1), and receives communication pair The operational factor Y1 (such as random number R 2) generated is held, communication two party generates new key each with random number R 1 and random number R 2 Identify Ln.

S103：It is encrypted or is decrypted using new transmission key pair and the communication data of communication opposite end.

The present embodiment can carry out key jump, to utilize new transmission when meeting preset jump triggering rule Once the drawbacks of key carries out encryption communication, overcomes using single constant transmission key encryption and decryption, solves the biography single The problem of defeated key is cracked, then the communication data of communication two party transmission can maliciously be stolen, ensure that the communication of communication two party The safety of information.

Embodiment 2

Fig. 4 shows the process for carrying out that key jump is carried out when data interaction between a kind of terminal and terminal, referring to fig. 4, Its first terminal and second terminal are performed both by following process：

S401：First terminal and second terminal establish exit passageway, generate initial transmission key K0；

S402：First terminal and second terminal are encrypted or are decrypted to transmission data using current transmission key；

S403：Judge whether to reach trip point, if not up to trip point, execute S402, if reaching trip point, executes S404；

S404：New transmission key is calculated according to preset jump rule；

S405：It is encrypted or is decrypted as current transmission key pair transmission data using new transmission key；

S406：Judge whether to terminate communication, if terminating communication, execute S407, if communication is not finished, executes S403；

S407：Terminate communication.

Specifically, trip point i.e. jump triggering the factor, jump threshold value can be set to preset time interval, time point or The preset communication item number of person and communication data amount, often reach jump threshold value, are once jumped.First terminal and second terminal can To calculate new transmission key through but not limited to one of such as under type：

Mode one：It is carried out using currently used transmission key and operational factor according to preset algorithm by iterative manner It calculates, generates new transmission key；

In which one, first terminal and second terminal are utilized respectively iterative manner and calculate the new transmission key of generation simultaneously It jumps to the new transmission key and carries out encrypted transmission, for example, utilizing K0 and fortune as shown in Fig. 2, initial transmission key is K0 Calculate the factor and calculate the new transmission key K1 of generation by special algorithm, subsequent communicating pair jump to this new key into Next row encrypted transmission recycles K1 and operational factor to carry out calculating the new transmission key K2 of generation by special algorithm, according to Secondary progress operation generates new transmission key K3, K4, K5 ... until communication terminates.

Mode two：It is calculated using initial transmission key and operational factor according to preset algorithm, generates new biography Defeated key；

In which two, when meeting preset jump triggering rule every time, first terminal and second terminal are sharp respectively Calculate by special algorithm with initial transmission key K0 and operational factor (Y1, Y2 ... Yn) and generates new transmission key (K1, K2 ... Kn) and new transmission key progress encrypted transmission is jumped to, as shown in Figure 3.

For example, first terminal generates a random number, random number is sent to second terminal, Ke Yi as operational factor Sending in jump instruction to second terminal includes the random number, and communication two party is each with initial transmission key K0 and current fortune It calculates factor Yn to be calculated by special algorithm, generates new transmission key Kn.

Mode three：The operational factor generated using itself and the operational factor got from second terminal are according to preset Algorithm is calculated, and new transmission key is generated.

In which three, first terminal itself generates an operational factor X1 (such as random number R 1), and receives second eventually The operational factor Y1 (such as random number R 2) generated is held, it is of course also possible to which in turn, second terminal receives the fortune that first terminal is sent The factor is calculated, communication two party generates new transmission key Kn each with random number R 1 and random number R 2.

Above operational factor may include：The jump triggering factor (hop period, bound-time point, communication item number, communication Data volume and random factor) and other preset factors, random factor include：Random number and chance event, the present embodiment In, the jump triggering factor can participate in calculating new transmission key, especially when operational factor is random factor, so that generate Key is flexibly random, increases the complexity for generating key, is less susceptible to breaking cryptographic keys, improves the stability of transmission key, into And guarantee communication security.

In this optional embodiment, first terminal and second terminal pass through iterative manner (mode one), random fashion (side Formula two) and negotiation mode (mode three) generate new transmission key, by currently used transmission key jump for new transmission it is close Key to realize key jump, and then guarantees the communication security of communication two party.

Fig. 5 shows the process for carrying out that key jump is carried out when data interaction between a kind of terminal and terminal, referring to Fig. 5, Its first terminal and second terminal are performed both by following process：

S501：First terminal and second terminal establish exit passageway, generate common transmission cipher key list (K0, K1, K2 ... Kn)；

S502：First terminal and second terminal are encrypted or are decrypted to transmission data using current transmission key；

For example, transmission data are encrypted or are decrypted using K0 by original state；It is sharp after calculating new transmission key New transmission key is used to be encrypted or decrypted as current transmission key.

S503：Judge whether to reach trip point, if not up to trip point, execute S502, if reaching trip point, executes S504；

S504：New transmission key is calculated according to preset jump rule；

S505：It is encrypted or is decrypted as current transmission key pair transmission data using new transmission key；

S506：Judge whether to terminate communication, if terminating communication, execute S507, if communication is not finished, executes S503；

S507：Terminate communication.

Mode one：Sequence or backward successively select to work as first terminal from common transmission cipher key list respectively with second terminal Next transmission key of the preceding transmission key used is as new transmission key；

In which one, sequence or backward are successively close using pre-generated transmission respectively with second terminal for first terminal Transmission key in key list；Such as common transmission cipher key list includes n transmission key, corresponding key identification is：L0, L1 ... Ln, successively using the corresponding transmission key of L0, L1, L2 ... until communication terminates.

Mode two：First terminal selects new transmission key from common transmission cipher key list at random, and by new transmission The key identification of key is sent to second terminal；For example, common transmission cipher key list includes n transmission key, it is corresponding close Key is identified as：L0, L1 ... Ln, first terminal randomly choose L3, L3 are sent to second terminal, communication two party is default in satisfaction Jump when triggering rule, jump to the corresponding transmission key of L3, the corresponding transmission key of L3 utilized to carry out encryption communication.

Mode three：First terminal receives the key identification for the new transmission key that second terminal is sent, and in common transmission The corresponding transmission key of key identification is selected in cipher key list；For example, common transmission cipher key list includes n transmission key, Corresponding key identification is：L0, L1 ... Ln, first terminal receive L3, in pre-generated common transmission cipher key list Communication line in the corresponding communication line of selection L3 communicated, communication two party is encrypted using the corresponding transmission key of L3 Communication.

Mode four：First terminal and second terminal be utilized respectively operational factor be calculated according to preset algorithm it is new close Key mark, and the corresponding transmission key of new key identification is found as new transmission key in common transmission cipher key list；

For example, the common transmission cipher key list that first terminal pre-generates respectively with second terminal includes：N transmission is close Key, corresponding key identification are：L0, L1 ... Ln are calculated key identification Ln by preset algorithm, it is corresponding to choose Ln Transmission key is jumped as new transmission key.

In mode four, first terminal and second terminal are utilized respectively operational factor and are calculated newly according to preset algorithm Key identification can also using three kinds of modes (iterative manner, random fashion and negotiation mode) in the first above-mentioned situation come Calculate new key identification, that is, include at least one of following manner：

Mode one：By iterative manner using the currently used corresponding key identification of transmission key and operational factor according to Preset algorithm is calculated, and new key identification is generated；

For example, using with identical mode as shown in Figure 2, the corresponding key identification of initial transmission key is L0, is utilized L0 and operational factor, which calculate by special algorithm, generates the corresponding key identification L1 of new transmission key, subsequent communicating pair Jump to the corresponding new key of this L1 and carry out encrypted transmission, next recycle L1 and operational factor by special algorithm into Row, which calculates, generates the new corresponding key identification L2 of transmission key, successively carries out operation and generates the corresponding key of new transmission key Mark L3, L4, L5 ... is until communication terminates.

Mode two：It is counted using the initial corresponding key identification of transmission key and operational factor according to preset algorithm It calculates, generates new key identification；

For example, using identical mode as shown in Figure 3, when meeting preset jump triggering rule every time, first terminal The corresponding key identification L0 of initial transmission key is utilized respectively with second terminal and operational factor (Y1, Y2 ... Yn) passes through spy Determine algorithm to carry out calculating the new corresponding key identification of transmission key (L1, L2 ... Yn) of generation and jump to corresponding key mark Know corresponding new transmission key and carry out encrypted transmission, for example, first terminal meet every time preset jump triggering it is regular when, A random number, i.e. operational factor (Y1, Y2 ... Yn) are generated, operational factor Yn is sent to second terminal, it can be to It includes operational factor Yn that two terminals, which are sent in jump instruction, and communication two party is each with initial transmission key L0 and current fortune It calculates factor Yn to be calculated by special algorithm, generates new key identification Ln.

Mode three：The operational factor that first terminal is generated using itself and the operational factor root got from second terminal It is calculated according to preset algorithm, generates new key identification.

In which three, first terminal itself generates an operational factor X1 (such as random number R 1), and receives second eventually The operational factor Y1 (such as random number R 2) generated is held, it is of course also possible in turn, operational factor X1 is sent to the by first terminal Two terminals, second terminal receive the operational factor that first terminal is sent, and communication two party is each with random number R 1 and random number R 2 Generate new key identification Ln.

Fig. 6 shows the process for carrying out that key jump is carried out when data interaction between another terminal and terminal, referring to figure 6, following process is executed between first terminal and second terminal：

S601：First terminal and second terminal establish exit passageway, generate initial transmission key K0；

S602：First terminal and second terminal are encrypted or are decrypted using current transmission key pair transmission data；

S603：First terminal sends key jump request to second terminal；

S604：First terminal and second terminal calculate new transmission key according to preset jump rule respectively；

S605：It is encrypted or is decrypted as current transmission key pair transmission data using new transmission key；

S606：Judge whether to terminate communication, if terminating communication, execute S607, if communication is not finished, executes S602；

S607：Terminate communication.

Specifically, key jump request can be only an instruction, the jump triggering factor also may include, wherein jump touching Sending out the factor can be preset time interval, time point or preset communication item number and communication data amount, be also possible to random Number guarantees the randomness of the jump triggering factor.Certainly, the invention is not limited to first terminals to send jump request, can also be with It is initiated by second terminal, the process is opposite with process shown in Fig. 6.First terminal and second terminal can be through but not limited to As one of under type calculates new transmission key：

For example, first terminal generates a random number, random number is sent to second terminal, Ke Yi as operational factor To second terminal send key jump request in include the random number, communication two party each with initial transmission key K0 with work as Preceding operational factor Yn is calculated by special algorithm, generates new transmission key Kn.

In which three, first terminal itself generates an operational factor X1 (such as random number R 1), and receives second eventually The operational factor Y1 (such as random number R 2) generated is held, it is of course also possible in turn, operational factor X1 is sent to the by first terminal Two terminals can carry in key jump request, and second terminal receives the operational factor that first terminal is sent, and communication two party is each New transmission key Kn is generated from using random number R 1 and random number R 2.

Fig. 7 has shown out the process for carrying out that key jump is carried out when data interaction between another terminal and terminal, ginseng See Fig. 7, following process is executed between first terminal and second terminal：

S701：First terminal and second terminal establish exit passageway, generate common transmission cipher key list (K0, K1, K2 ... Kn)；

S702：First terminal and second terminal are encrypted or are decrypted using current transmission key pair transmission data；

S703：First terminal sends key jump request to second terminal；

S704：First terminal and second terminal calculate new transmission key according to preset algorithm respectively；

S705：It is encrypted or is decrypted as current transmission key pair transmission data using new transmission key；

S706：Judge whether to terminate communication, if terminating communication, execute S707, if communication is not finished, executes S702；

S707：Terminate communication.

Specifically, key jump request can be only an instruction, the jump triggering factor also may include, wherein jump touching Sending out the factor can be preset time interval, time point or preset communication item number and communication data amount, be also possible to random Number guarantees the randomness of the jump triggering factor.Certainly, the invention is not limited to first terminals to send jump request, can also be with It is initiated by second terminal, the process is opposite with process shown in Fig. 7.First terminal and second terminal can be through but not limited to As one of under type calculates new transmission key：

Mode two：First terminal selects new transmission key from common transmission cipher key list at random, and by new transmission The key identification of key is sent to second terminal, can carry in key jump request；For example, common transmission cipher key list packet N transmission key is included, corresponding key identification is：L0, L1 ... Ln, first terminal randomly choose L3, and L3 is sent to the Two terminals, communication two party jumps to the corresponding transmission key of L3 when meeting preset jump triggering rule, corresponding using L3 Transmission key carries out encryption communication.

For example, using identical mode as shown in Figure 3, when meeting preset jump triggering rule every time, first terminal The corresponding key identification L0 of initial transmission key is utilized respectively with second terminal and operational factor (Y1, Y2 ... Yn) passes through spy Determine algorithm to carry out calculating the new corresponding key identification of transmission key (L1, L2 ... Yn) of generation and jump to corresponding key mark Know corresponding new transmission key and carry out encrypted transmission, for example, first terminal meet every time preset jump triggering it is regular when, A random number, i.e. operational factor (Y1, Y2 ... Yn) are generated, operational factor Yn is sent to second terminal, it can be to Two terminals send key jump request in include operational factor Yn, communication two party each with initial transmission key L0 with work as Preceding operational factor Yn is calculated by special algorithm, generates new key identification Ln.

In above Fig. 4 into Fig. 7, the mode for establishing exit passageway belongs to the prior art, herein, only provides a kind of specific Implementation, as shown in figure 8, first terminal and second terminal are utilized respectively respective electronic signature equipment, to establish safety logical Road, and negotiate to generate the specific implementation of common transmission key, the mode realized certainly includes a variety of, however it is not limited to this reality Apply example.Referring to Fig. 8, first terminal utilizes it using its electronic signature equipment (and being abbreviated as first terminal) and second terminal Following process is executed between electronic signature equipment (and being abbreviated as second terminal)：

S801：First terminal generates random number R 1, and is sent to second terminal；

S802：Second terminal generates random number R 2, and the number of the electronic signature equipment of random number and second terminal is demonstrate,proved Book is sent to first terminal；

S803：Whether first terminal check digit certificate is legal, if legal, thens follow the steps S804, otherwise terminates to flow Journey.

S804：First terminal generates shared master key M and obtains ciphertext E1 using the public key encryption M of second terminal；

S805：First terminal signs to R1 and R2, generates signature S1, the digital certificate of E1, S1, first terminal is sent out It send to second terminal；

S806：After second terminal verifies certificate qualification, signature verification S1 after verification passes through, decrypts E1, obtains master key M Plaintext；

S807：First terminal and second terminal are encrypted or are decrypted to communication data using master key M as transmission key.

Embodiment 3

The present embodiment provides a kind of communication systems, as shown in figure 9, the communication system 10 includes first terminal 110 and second Terminal 120, wherein first terminal 110 and second terminal 120 use identical structure, which includes communication device 130, which includes communication device 140, and communication device 130 is identical as the structure of communication device 140, the present embodiment In first terminal 110 and second terminal 120 can be mobile terminal such as mobile phone, IPAD etc., being also possible to PC etc. can carry out The terminal of network communication, the communication between communicating terminal and communication opposite end may include call, short message, the postal between communicating terminal The communication (voice-enabled chat of such as qq, wechat or sending message) for the APP application installed on part, terminal.

It is only illustrated by taking communication device 130 as an example in the present embodiment, which is and leading in embodiment 1 The method that key jumps during news is one-to-one, and details are not described herein, is only briefly described as follows：

Figure 10 shows a kind of structure chart of communication device 130 of the embodiment of the present invention, referring to Fig. 1, the embodiment of the present invention The communication device of offer, including：Communication module 131, key jump module 132 and Encryption Decryption module 133, wherein：

Communication module 131 is also used to pass encrypted communication data for being communicated with opposite end communication device It is defeated；

Key jumps module 132, during being communicated with opposite end communication device, is meeting preset jump touching When hair rule, currently used transmission key is jumped as new transmission key according to preset jump rule；

Encryption Decryption module 133, for communication data to be encrypted or decrypted using new transmission key.

In a kind of optional embodiment in the present embodiment, before meeting preset jump triggering rule, this implementation Example provide communication device 130 further include：Key production module 134, wherein：

Key production module 134, for before meeting preset jump triggering rule, alternatively, meeting preset jump Become after triggering rule, is jumped currently used transmission key for new transmission according to preset jump rule according to preset Before key, exit passageway is established with opposite end communication device, and negotiates to generate and the common initial transmission of opposite end communication device Key；

Encryption Decryption module 133, be also used to communication data using initial transmission key pair and opposite end communication device into Row encryption or decryption.

In a kind of optional embodiment in the present embodiment, common initial transmission key includes one or more.

Key production module is also used to after negotiating generation and the common initial transmission key of opposite end communication device, Multiple common initial transmission keys are formed into common transmission cipher key list, for multiple common initial transmission key distribution Key identification.The corresponding transmission key of each key identification, in order to according to key identification in common transmission cipher key list Inquire corresponding transmission key.Common transmission cipher key list provides the transmission key that can be jumped, it can close in common transmission It is jumped between these transmission keys that key list provides.

Wherein, the jump triggering factor, including at least one of：Hop period, bound-time point, communication item number, communication Data volume and random factor.Hop period refers to that communication two party jumps rule after at regular intervals all in accordance with identical key Carry out key jump；Bound-time point can refer to specific time point, for example, 10 points, 11 points start to be jumped, can also be with Refer to the period that jump is postponed, for example, being jumped after two hours after one hour, communication two party interaction is primary, that is, communicates one Secondary to have a communication, communication item number refers to the number that communication two party communicates in total；Communication data amount may include preset number According to packet number or interaction times；Random factor includes random number or chance event, and random number can be random threshold value, is such as jumped Period, bound-time point, communication item number, communication data amount etc..

In a kind of optional embodiment in the present embodiment, key jumps module 132, is also used to when the jump triggering factor When including random factor, in communicating terminal before meeting preset jump triggering rule, random factor is obtained.

In a kind of optional embodiment in the present embodiment, key jump instruction includes at least one of：Opposite end is logical Interrogate the key jump instruction of device transmission, the key jump instruction of input and the key jump instruction generated according to preset rules.

In the optional embodiment, for recalculating the case where generating new transmission key, key jumps module 132, for currently used transmission key to be jumped as new transmission key, including following manner according to preset jump rule At least one：

Mode three：The operational factor generated using itself and the operational factor got from opposite end communication device are according to pre- If algorithm calculated, generate new transmission key.

In the optional embodiment, for selecting a transmission key as new biography in common transmission cipher key list The case where defeated key, key jump module 132, for being by currently used transmission key jump according to preset jump rule At least one new transmission key, including following manner：

Mode one：Sequence or backward successively select the next of currently used transmission key from common transmission cipher key list A transmission key is as new transmission key；

Mode two：Select new transmission key from common transmission cipher key list at random, and by the close of new transmission key Key mark is sent to opposite end communication device；

Mode three：The key identification for the new transmission key that opposite end communication device is sent is received, and in common transmission key The corresponding transmission key of key identification is selected in list；

Mode four：New key identification is calculated according to preset algorithm using operational factor, and close in common transmission The corresponding transmission key of new key identification is found in key list as new transmission key；

In mode four, key jumps module 132, new for being calculated using operational factor according to preset algorithm Key identification can also be counted using three kinds of modes (iterative manner, random fashion and negotiation mode) in the first above-mentioned situation New key identification, that is, include at least one of following manner：

Mode three：The operational factor generated using itself and the operational factor got from opposite end communication device are according to pre- If algorithm calculated, generate new key identification.

Any process described otherwise above or method description are construed as in flow chart or herein, and expression includes It is one or more for realizing specific logical function or process the step of executable instruction code module, segment or portion Point, and the range of the preferred embodiment of the present invention includes other realization, wherein can not press shown or discussed suitable Sequence, including according to related function by it is basic simultaneously in the way of or in the opposite order, to execute function, this should be of the invention Embodiment person of ordinary skill in the field understood.

It should be appreciated that each section of the invention can be realized with hardware, software, firmware or their combination.Above-mentioned In embodiment, software that multiple steps or method can be executed in memory and by suitable instruction execution system with storage Or firmware is realized.It, and in another embodiment, can be under well known in the art for example, if realized with hardware Any one of column technology or their combination are realized：With for realizing the logic gates of logic function to data-signal Discrete logic, with suitable combinational logic gate circuit specific integrated circuit, programmable gate array (PGA), scene Programmable gate array (FPGA) etc..

Those skilled in the art are understood that realize all or part of step that above-described embodiment method carries Suddenly be that relevant hardware can be instructed to complete by program, program can store in a kind of computer readable storage medium In, which when being executed, includes the steps that one or a combination set of embodiment of the method.

It, can also be in addition, each functional unit in each embodiment of the present invention can integrate in a processing module It is that each unit physically exists alone, can also be integrated in two or more units in a module.Above-mentioned integrated mould Block both can take the form of hardware realization, can also be realized in the form of software function module.If integrated module with The form of software function module is realized and when sold or used as an independent product, also can store computer-readable at one It takes in storage medium.

Storage medium mentioned above can be read-only memory, disk or CD etc..

In the description of this specification, reference term " one embodiment ", " some embodiments ", " example ", " specifically show The description of example " or " some examples " etc. means specific features, structure, material or spy described in conjunction with this embodiment or example Point is included at least one embodiment or example of the invention.In the present specification, schematic expression of the above terms are not Centainly refer to identical embodiment or example.Moreover, particular features, structures, materials, or characteristics described can be any One or more embodiment or examples in can be combined in any suitable manner.

Although the embodiments of the present invention has been shown and described above, it is to be understood that above-described embodiment is example Property, it is not considered as limiting the invention, those skilled in the art are not departing from the principle of the present invention and objective In the case where can make changes, modifications, alterations, and variations to the above described embodiments within the scope of the invention.The scope of the present invention By appended claims and its equivalent limit.

Claims

1. a kind of method that key jumps in communication process, which is characterized in that including：

For communicating terminal during being communicated with communication opposite end, the communicating terminal is meeting preset jump triggering rule When, currently used transmission key jump as new transmission key according to preset jump rule, and the utilization new biography Defeated key pair and the communication data of the communication opposite end are encrypted or are decrypted；

Wherein, before meeting preset jump triggering rule, alternatively, after meeting preset jump triggering rule, according to Preset jump rule jumps currently used transmission key for before new transmission key, the method also includes：It is described Exit passageway is established in communicating terminal and communication opposite end, and negotiates generation and the common initial transmission key in the communication opposite end, It is encrypted or is decrypted using the initial transmission key pair and the communication data of the communication opposite end；

After negotiating generation and the common initial transmission key in the communication opposite end, the method also includes：By multiple institutes It states common initial transmission key and forms common transmission cipher key list, for multiple common initial transmission key distribution Key identification；

Wherein, described jumped currently used transmission key according to preset jump rule includes for new transmission key：Institute It states communicating terminal and new key identification is calculated according to preset algorithm using operational factor, and in the common transmission key The corresponding transmission key of the new key identification is found in list as the new transmission key；Wherein, the communication is whole New one of key identification, including following manner are calculated according to preset algorithm using operational factor for end：The communication is eventually End is by iterative manner using the currently used corresponding key identification of transmission key and the operational factor according to preset calculation Method is calculated, and new key identification is generated；The communicating terminal utilizes the corresponding key identification of the initial transmission key It is calculated with the operational factor according to preset algorithm, generates new key identification；The communicating terminal is given birth to using itself At the operational factor and calculated according to preset algorithm from the operational factor that gets of the communication opposite end, Generate new key identification.

2. the method as described in claim 1, it is characterised in that：

The preset jump triggering rule that meets includes at least one of：

Reach the jump triggering factor；

Get key jump instruction.

3. method according to claim 2, it is characterised in that：

The jump triggers the factor, including at least one of：

4. method as claimed in claim 3, it is characterised in that：

When the jump triggering factor includes random factor, meeting preset jump triggering rule in the communicating terminal Before, the method also includes：

Obtain the random factor.

5. method according to claim 2, it is characterised in that：

The key jump instruction includes at least one of：It is described communication opposite end send key jump instruction, input it is close Key jump instruction and the key jump instruction generated according to preset rules.

6. the method as described in claim 1, it is characterised in that：

The operational factor includes：The jump triggers the factor.

7. a kind of communication device, which is characterized in that including：

Key jumps module, during being communicated with opposite end communication device, is meeting preset jump triggering rule When, currently used transmission key is jumped as new transmission key according to preset jump rule；

Encryption Decryption module, for communication data to be encrypted or decrypted using the new transmission key；

Key production module, for before meeting preset jump triggering rule, alternatively, meeting preset jump trigger gauge After then, currently used transmission key is jumped to lead to before new transmission key with opposite end according to preset jump rule News device establishes exit passageway, and negotiates to generate and the common initial transmission key of the opposite end communication device；

The Encryption Decryption module is also used to the communication number using the initial transmission key pair and the opposite end communication device According to being encrypted or decrypted；

The key production module, be also used to negotiate generate with the common initial transmission key of the opposite end communication device it Afterwards, multiple common initial transmission keys are formed into common transmission cipher key list, is multiple described common initial Transmission key distributes key identification；

Wherein, the key jumps module, is new for being jumped currently used transmission key according to preset jump rule Transmission key include：New key identification is calculated according to preset algorithm using operational factor, and in the public biography The corresponding transmission key of the new key identification is found in defeated cipher key list as the new transmission key, wherein described Key jumps module, for new key identification, including following manner to be calculated according to preset algorithm using operational factor One of：Utilize the currently used corresponding key identification of transmission key with the operational factor according to preset by iterative manner Algorithm is calculated, and new key identification is generated；Utilize the corresponding key identification of the initial transmission key and the operation The factor is calculated according to preset algorithm, generates new key identification；Using itself generate the operational factor and from The operational factor that the opposite end communication device is got is calculated according to preset algorithm, generates new key identification.

8. device as claimed in claim 7, it is characterised in that：

The preset jump triggering rule that meets includes at least one of：

Reach the jump triggering factor；

Get key jump instruction.

9. device as claimed in claim 8, it is characterised in that：

The jump triggers the factor, including at least one of：

10. device as claimed in claim 9, it is characterised in that：

The key jumps module, is also used to exist when it includes random factor that the jump, which triggers the factor, in the communicating terminal Before meeting preset jump triggering rule, the random factor is obtained.

11. device as claimed in claim 9, it is characterised in that：

The key jump instruction includes at least one of：The key jump instruction of the opposite end communication device transmission, input Key jump instruction and according to preset rules generate key jump instruction.

12. device as claimed in claim 7, it is characterised in that：

The operational factor includes：The jump triggers the factor.

13. a kind of communication system, it is characterised in that：Including first terminal and second terminal；

The first terminal includes such as the described in any item communication devices of claim 7-12；

The second terminal includes such as the described in any item communication devices of claim 7-12.