CN105337969A - Safety communication method between two mobile terminals - Google Patents
Safety communication method between two mobile terminals Download PDFInfo
- Publication number
- CN105337969A CN105337969A CN201510680685.3A CN201510680685A CN105337969A CN 105337969 A CN105337969 A CN 105337969A CN 201510680685 A CN201510680685 A CN 201510680685A CN 105337969 A CN105337969 A CN 105337969A
- Authority
- CN
- China
- Prior art keywords
- mobile terminal
- secret key
- session
- server
- random number
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Abstract
The invention provides a safety communication method between two mobile terminals under the Internet environment. A first mobile terminal and a second mobile terminal generate respective a public key and secret key pair in local in advance, and upload the respective public key to a server. The communication method comprises: the first mobile terminal acquiring the public key of the second mobile terminal from the server; the first mobile terminal can generate a session secret key, and uses the public key of the second mobile terminal to encrypt the session secret key, and uses the session secret key to encrypt the information to be sent; and the first mobile terminal sends the encrypted information and the encrypted session secret key to the second mobile terminal through the server so that the second mobile terminal can use own private key to decrypt the session secret key and use the decrypted session secret key to decrypt the received information. For the safety communication method between two mobile terminals, the secret keys are only possessed by the sending side and the receiving side so that the data can only be known by the double sides for communication and the risk for leakage of the messages and data in the application, such as WeChat, in the network and the server is eliminated or reduced.
Description
Technical field
The present invention relates generally to the communication technology, relates more specifically at social networks etc. via the method mutually securely communicated between two mobile terminals when server communication.
Background technology
Along with the fast development of mobile Internet, the instant communication software being similar to micro-letter is had a lot of users.The instant communication software that people use micro-letter such sends message, shared file.But the information of these instant communication softwares transmission and file are unsafe.Because message and file are by transit server, server to information and file interception, can carry out analyzing and filtering, steals privacy, analyzing personal behavior and enterprise's data of individual and enterprise.Information also by the equipment interception in network and can be divulged a secret simultaneously.
Summary of the invention
In view of the above circumstances, the present invention is proposed.
According to an aspect of the present invention, provide the communication means that a kind of first mobile terminal intercoms with the second mobile terminal mutually via server, first mobile terminal and the second mobile terminal produce respective PKI secret key pair in advance in this locality, and respectively respective PKI is uploaded onto the server, this communication means comprises: the first mobile terminal enquiry server, obtains the PKI of the second mobile terminal; First mobile terminal produces the secret key of session at random, and with the secret key of this session of public key encryption of the second mobile terminal, and encrypt message to be sent with the secret key of session; Message after described encryption is sent to the second mobile terminal via server by the first mobile terminal together with the secret key of session after encryption, so that the second self private key used for mobile terminal is deciphered the secret key of this session and deciphered received message with the secret key of session deciphered.
In one example, this communication means can also comprise: the first mobile terminal receives the secret key of the second session after from the second message after the encryption of the second mobile terminal and encryption via server, the private key of self is utilized to decipher the secret key of this second session, and utilize the secret key of the second session to decipher this second message, wherein the secret key of this second session is by the public key encryption of the second first mobile terminal used for mobile terminal, and the second mobile terminal obtains the PKI of the first mobile terminal from server.
According to another aspect of the present invention, provide the method that assistance first mobile terminal that a kind of server performs intercoms mutually with the second mobile terminal, this server receives in advance and stores the first PKI from the first mobile terminal and the second PKI from the second mobile terminal, and first mobile terminal maintain first private key corresponding with the first PKI, and second mobile terminal maintain second private key corresponding with the second PKI, this communication means comprises: in response to the inquiry of the first mobile terminal, described second PKI of the second mobile terminal is returned to the first mobile terminal, receive the message from the secret key of the first session after the encryption of the first mobile terminal and encryption and be transmitted to the second mobile terminal, wherein the secret key of the first session is by the first second public key encryption used for mobile terminal, this message is encrypted by with the secret key of the first session, so that second self the second private key used for mobile terminal is deciphered the secret key of the first session and deciphered with the secret key of the first session of deciphering the message received.
According to another aspect of the present invention, provide the communication means that a kind of first mobile terminal intercoms with the second mobile terminal mutually via server, comprise: the first mobile terminal generates random number XA, and utilize random number XA to calculate the PKI YA of the first mobile terminal according to the first pre-defined algorithm, and the PKI YA of this first mobile terminal is sent to server; First mobile terminal receives via the PKI YB of server from the second mobile terminal of the second mobile terminal; First mobile terminal utilizes the PKI YB of random number XA and the second mobile terminal to generate the secret key KA of session of the first mobile terminal according to the second pre-defined algorithm, this session secret key KA equals the secret key KB of session that the second mobile terminal place generates, and the first session used for mobile terminal secret key KA encrypts message to be sent; Message after encryption is sent to the second mobile terminal via server by the first mobile terminal, and the secret key KB of the second session used for mobile terminal deciphers the message received.
In the communication means of an example, Diffi-Hellman algorithm can be utilized to make the session of the first mobile terminal secret key KA equal the secret key KB of session of the second mobile terminal, when the first mobile terminal adds the second mobile terminal for good friend, trigger the generation of secret key KA and KB of above-mentioned session.
In the communication means of an example, first mobile terminal obtains the disclosed prime number shape parameter a and integer type parameter q of the overall situation from server, a is a primitive root of q, and the first mobile terminal utilizes random number XA to generate the PKI YA of the first mobile terminal according to formula YA=a^XAmodq; First mobile terminal utilizes the PKI YB of random number XA and the second mobile terminal to generate the secret key KA of session of the first mobile terminal according to KA=(YB) ^XAmodq, wherein the second mobile terminal calculates based on formula YB=a^XBmodq and discloses secret key YB, wherein XB is the random number that the second mobile terminal produces, and based on the secret key KB of session that formula kB=(YA) ^XBmodq generates the second mobile terminal, make KA=KB thus.
In the communication means of an example, the first mobile terminal regular update PKI and the secret key of session.
According to a further aspect in the invention, provide the communication means of assistance first mobile terminal and the second communication of mobile terminal that a kind of server performs, comprising: receive the random number XA from the first mobile terminal and be transmitted to the second mobile terminal; Receive the random number XB from the second mobile terminal and be transmitted to the first mobile terminal; Receive the first message from the encryption of the first mobile terminal and be transmitted to the second mobile terminal; Receive the second message from the encryption of the second mobile terminal and be transmitted to the first mobile terminal, wherein this first message is encrypted by the secret key of the first first session used for mobile terminal, the secret key of first session is that the first mobile terminal calculates based on random number XA and random number XB, second message is encrypted by the secret key of the second second session used for mobile terminal, the secret key of second session is that the second mobile terminal calculates based on random number XA and random number XB, and the secret key of the first session equals the secret key of the second session.
According to a further aspect in the invention, provide the communication means of the first mobile terminal and the second mobile terminal in a kind of communication network, this communication network comprises the first mobile terminal and the second mobile terminal, and this communication means comprises: the address information of oneself and port numbers are sent to server by the first mobile terminal; First mobile terminal obtains address information and the port numbers of the second mobile terminal from server; First mobile terminal utilizes address information and the port numbers of the second mobile terminal obtained, not via server directly to the second mobile terminal to send message.
At the communication means of an example, can also comprise: the first mobile terminal generates random number XA, directly utilizes the address information of the second mobile terminal obtained and port that random number XA is sent to the second mobile terminal; First mobile terminal receives the random number XB directly sent from the second mobile terminal; The random number XB of the random number XA that the first mobile terminal utilizes self to generate and reception generates the secret key k of session, the secret key encrypting messages of first session used for mobile terminal, and the message of encryption is sent to the second mobile terminal, wherein the random number XA from the first mobile terminal of the second mobile terminal random number XB of utilizing self to generate and reception also creates the secret key k of same session, thus can decipher the message of the encryption from the first mobile terminal with the secret key k of session.
Utilize the above embodiment of the present invention, provide security instant communication method under mobile Internet and internet environment, secret key only owns in transmission and reciever, and server also cannot be known, such data only have communicating pair to know.The application that current micro-letter is such, its personal messages and file can be forwarded by server, and server to message block, can carry out filter analysis on backstage, obtain individual or company information.This system eliminate or reduces the risk that in the application being similar to micro-letter, message and data are divulged a secret on network and server.
Accompanying drawing explanation
Below in conjunction with accompanying drawing in the detailed description of the embodiment of the present invention, these and/or other side of the present invention and advantage will become clearly and be easier to understand, wherein:
Fig. 1 shows the precedence diagram of the method 100 that two mobile terminal A with B according to a first embodiment of the present invention intercom mutually via server.
Fig. 2 shows the operating instruction figure of the method 200 intercomed mutually via server according to two mobile terminal A with B of the second embodiment.
Fig. 3 show according to a third embodiment of the present invention the operating instruction figure of method 300 that intercoms mutually via server of two mobile terminal A with B.
Fig. 4 shows the system hardware block schematic illustration according to the embodiment of the present invention.
Fig. 5 shows another system hardware block schematic illustration according to the embodiment of the present invention.
Embodiment
In order to make those skilled in the art understand the present invention better, below in conjunction with the drawings and specific embodiments, the present invention is described in further detail.
According to the first embodiment of the present invention, provide the communication means that a kind of first mobile terminal intercoms with the second mobile terminal mutually via server, first mobile terminal and the second mobile terminal produce respective PKI secret key pair in advance in this locality, and respectively respective PKI is uploaded onto the server, this communication means comprises: the first mobile terminal enquiry server, obtains the PKI of the second mobile terminal; First mobile terminal produces the secret key of session at random, and with the secret key of this session of public key encryption of the second mobile terminal, and encrypt message to be sent with the secret key of session; Message after described encryption is sent to the second mobile terminal via server by the first mobile terminal together with the secret key of session after encryption, so that the second self private key used for mobile terminal is deciphered the secret key of this session and deciphered received message with the secret key of session deciphered.
In one example, after the secret key of the second session, the private key of self is utilized to decipher the secret key of this second session, and utilize the secret key of the second session to decipher this second message, wherein the secret key of this second session is by the public key encryption of the second first mobile terminal used for mobile terminal, and the second mobile terminal obtains the PKI of the first mobile terminal from server.
Fig. 4 shows the system hardware block schematic illustration according to the embodiment of the present invention.As shown in Figure 4, system comprises at least two mobile terminals 410 and server 420, can operate to carry out wireless internet connection, and send without direct message between two mobile terminals 410 between server 420 and mobile terminal 410.System shown in Fig. 4 can be used for realizing the communication means 100 below in conjunction with Fig. 1 and Fig. 2 description and communication means 200.
Fig. 5 shows another system hardware block schematic illustration according to the embodiment of the present invention.System shown in Figure 5 is different from system shown in Figure 4, is directly to carry out message transmission between mobile terminal 410, and the system shown in Fig. 5 can be used for realizing below by the communication means 300 of set Fig. 3 description.
It should be noted that, those skilled in the art are very clear, although Fig. 4 and Fig. 5 illustrate only two mobile terminals, the quantity of mobile terminal obviously can be more, and even quantity is very huge.
Fig. 1 shows the precedence diagram of the method 100 that two mobile terminal A with B according to a first embodiment of the present invention intercom mutually via server.
Before operation shown in all in method 100, mobile terminal A and B has completed registration operation on the server, wherein a. system registry process.User program submits registered user name password to, simultaneously local generation public, private key pair.PKI upload server.
In step s 110, mobile terminal A is to the PKI of server lookup mobile terminal B.
In the step s 120, server returns the PKI of mobile terminal B to mobile terminal A.
Preferably, mobile terminal A obtains the PKI in buddy list from server, and is saved in this locality.Mobile terminal A can obtain the PKI of good friend at every turn from server when adding new good friend.Such as, this acquisition good friend can be adopted to hold the method for the PKI of mobile terminal for micro-letter application.
In step s 130, which, mobile terminal A produces random number as the secret key of session, with the public key encryption of obtained mobile terminal B, with the session secret key pair message encryption produced, send to server to forward as message together for using the secret key of session after encryption and ciphertext.
In step S140, mobile terminal A sends message to server.
In step S150, server E-Packets to mobile terminal B.
In step S160, mobile terminal B private key to the deciphering of session secret key, and then by session secret key pair decrypt ciphertext.
When mobile terminal B will send message to mobile terminal A, perform similar process, namely mobile terminal B obtains the PKI of mobile terminal A from server, produce random number as the secret key of session, with the public key encryption of obtained mobile terminal A, with produced session secret key pair message encryption, and the secret key of session after encryption and ciphertext are sent to server as message together, server forwards the packet to mobile terminal A, the deciphering of the session of mobile terminal A private key to the encryption received secret key, and then by this session secret key pair decrypt ciphertext.
According to a second embodiment of the present invention, provide the communication means that a kind of first mobile terminal intercoms with the second mobile terminal mutually via server, comprise: the first mobile terminal generates random number XA, and utilize random number XA to calculate the PKI YA of the first mobile terminal according to the first pre-defined algorithm, and the PKI of this first mobile terminal is sent to server; First mobile terminal receives via the PKI YB of server from the second mobile terminal of the second mobile terminal; First mobile terminal utilizes the PKI YB of random number XA and the second mobile terminal to generate the secret key KA of session of the first mobile terminal according to the second pre-defined algorithm, and this session secret key KA equals the secret key KB of session that the second mobile terminal place generates; First session used for mobile terminal secret key KA encrypts message to be sent; Message after encryption is sent to the second mobile terminal via server by the first mobile terminal, and the secret key KB of the second session used for mobile terminal deciphers the message received.
In one example, Diffi-Hellman algorithm is wherein utilized to make the session of the first mobile terminal secret key KA equal the secret key KB of session of the second mobile terminal, when the first mobile terminal adds the second mobile terminal for good friend, trigger the generation of secret key KA and KB of above-mentioned session.
In another example, wherein the first mobile terminal obtains the disclosed prime number shape parameter a and integer type parameter q of the overall situation from server, a is a primitive root of q, and the first mobile terminal utilizes random number XA to generate the PKI YA of the first mobile terminal according to formula YA=a^XAmodq; First mobile terminal utilizes the PKI YB of random number XA and the second mobile terminal to generate the secret key KA of session of the first mobile terminal according to KA=(YB) ^XAmodq, wherein the second mobile terminal calculates based on formula YB=a^XBmodq and discloses secret key, and based on the secret key KB of session that formula kB=(YA) ^XBmodq generates the second mobile terminal, make KA=KB thus.
In one example, wherein the first mobile terminal regular update PKI and the secret key of session.
Fig. 2 shows the operating instruction figure of the method 200 intercomed mutually via server according to two mobile terminal A with B of the second embodiment.
It should be noted that, the numbering of each step of Fig. 2 must not indicate the inevitable order of the priority that performs each other, but order can be exchanged, or can executed in parallel, unless requirement must have sequencing in logic.
In the method for this embodiment, between two mobile subscribers, produce the secret key of identical session, thus the message of the encryption from counterpart mobile terminal can be deciphered by secret key with common session.
In one embodiment, in micro-letter or similar internet, applications, when adding good friend each other between two users, produce the secret key of session that both sides have separately.
In step S210, mobile terminal A produces random number XA, for sending to mobile terminal B.
In step S220, mobile terminal A sends to server random number XA.
In step S230, server forwards random number XA to mobile terminal B.
In step S240, mobile terminal B produces random number XB, sends to mobile terminal A.
In step s 250, mobile terminal B sends to server random number XB.
In step S260, server forwards random number XB to mobile terminal A.
In step S270, mobile terminal A calculates the secret key KA of session according to random number XA and random number XB.
In step S280, mobile terminal B calculates the secret key KB of session according to random number XA and XB, wherein KA=KB.
In one embodiment, Diffi-Hellman algorithm is utilized to make the session of the first mobile terminal secret key KA equal the secret key KB of session of the second mobile terminal, when the first mobile terminal adds the second mobile terminal for good friend, trigger the generation of secret key KA and KB of above-mentioned session.
In one example, first mobile terminal obtains the disclosed prime number shape parameter a and integer type parameter q of the overall situation from server, a is a primitive root of q, mobile terminal A utilizes random number XA to generate the PKI YA of the first mobile terminal according to formula YA=a^XAmodq, then this PKI YA is sent to mobile terminal B via server.Mobile terminal B utilizes random number XB to generate the PKI YB of the first mobile terminal according to formula YB=a^XBmodq, then this PKI YB is sent to mobile terminal B via server.Mobile terminal A utilizes the PKI YB of random number XA and the second mobile terminal to generate the secret key KA of session of the first mobile terminal according to KA=(YB) ^XAmodq, wherein the second mobile terminal calculates based on formula YB=a^XBmodq and discloses secret key YB, wherein XB is the random number that the second mobile terminal produces, and based on the secret key KB of session that formula kB=(YA) ^XBmodq generates the second mobile terminal, make KA=KB thus.^ represents power.
This secret key production method is example, and is not used as limiting the scope of the invention, and those skilled in the art can adopt the secret key exchanged form of other sessions, as long as it is equal just passable to make both sides produce secret key.
In step S290, the secret key KA of mobile terminal A session is to message encryption.
In step S291, mobile terminal A sends encrypting messages to server.
In step S292, server forwards encrypting messages to mobile terminal B.
In step S293, the secret key KB of mobile terminal B session is to decrypt messages, because session secret key KB equals the secret key KA of session, the secret key KA of this message session encrypts, therefore mobile terminal B can directly with the secret key KB of the session of oneself to this decrypt messages.
In step S294, the secret key KB of mobile terminal B session is to message encryption.
In step S295, mobile terminal B sends encrypting messages to server.
In step S296, server forwards encrypting messages to mobile terminal A.
In step S297, the secret key KA of mobile terminal A session is to decrypt messages.
According to the third embodiment of the invention, provide the communication means of the first mobile terminal and the second mobile terminal in a kind of communication network, this communication network comprises the first mobile terminal and the second mobile terminal, and this communication means comprises: the address information of oneself and port numbers are sent to server by the first mobile terminal; First mobile terminal obtains address information and the port numbers of the second mobile terminal from server; First mobile terminal utilizes address information and the port numbers of the second mobile terminal obtained, not via server directly to the second mobile terminal to send message.
In one example, the first mobile terminal generates random number XA, directly utilizes the address information of the second mobile terminal obtained and port that random number XA is sent to the second mobile terminal; First mobile terminal receives the random number XB directly sent from the second mobile terminal; The random number XB of the random number XA that the first mobile terminal utilizes self to generate and reception generates the secret key k of session; The secret key encrypting messages of first session used for mobile terminal, and the message of encryption is sent to the second mobile terminal, wherein the random number XA from the first mobile terminal of the second mobile terminal random number XB of utilizing self to generate and reception also creates the secret key k of same session, thus can decipher the message of the encryption from the first mobile terminal with the secret key k of session.
Fig. 3 show according to a third embodiment of the present invention the operating instruction figure of method 300 that intercoms mutually via server of two mobile terminal A with B.Wherein, the address information port numbers etc. of oneself can be sent to server when user reaches the standard grade.When user is in Intranet, need to use the P2P mode of burrowing to realize.
In step S310, the address information of mobile terminal A server lookup mobile terminal B.
In step s 320, server returns the address information of mobile terminal B.
In step S330, mobile terminal A produces random number XA.
In step S340, mobile terminal A utilizes the address information of the mobile terminal B obtained directly to send random number XA to mobile terminal B without server.
In step S350, mobile terminal B produces random number XB.
In step S360, mobile terminal B sends random number XB to mobile terminal A.
In step S370, mobile terminal A calculates the secret key KA of session.
In step S380, mobile terminal B calculates session secret key KB, KB=KA, this account form can calculating session secret key mode as shown in Figure 2 such.
In step S390, mobile terminal A session secret key KA encrypted cipher text also sends to mobile terminal B.
In step S391, mobile terminal B session secret key KB encrypted cipher text also sends to mobile terminal A.
Mobile terminal A (mobile terminal B) utilizes session secret key KA (the secret key KB of session) to decipher the ciphertext (not shown) from mobile terminal B (mobile terminal A) received.
Utilize the above embodiment of the present invention, provide security instant communication method under mobile Internet and internet environment, secret key only owns in transmission and reciever, and server also cannot be known, such data only have communicating pair to know.The application that current micro-letter is such, its personal messages and file can be forwarded by server, and server to message block, can carry out filter analysis on backstage, obtain individual or company information.This system eliminate or reduces the risk that in the application being similar to micro-letter, message and data are divulged a secret on network and server.
Be described above various embodiments of the present invention, above-mentioned explanation is exemplary, and non-exclusive, and be also not limited to disclosed each embodiment.When not departing from the scope and spirit of illustrated each embodiment, many modifications and changes are all apparent for those skilled in the art.Therefore, protection scope of the present invention should be as the criterion with the protection range of claim.
Claims (10)
1. the communication means that intercoms mutually with the second mobile terminal via server of a mobile terminal, first mobile terminal and the second mobile terminal produce respective PKI secret key pair in advance in this locality, and respectively respective PKI is uploaded onto the server, this communication means comprises:
First mobile terminal enquiry server, obtains the PKI of the second mobile terminal;
First mobile terminal produces the secret key of session at random, and with the secret key of this session of public key encryption of the second mobile terminal, and encrypt message to be sent with the secret key of session;
Message after described encryption is sent to the second mobile terminal via server by the first mobile terminal together with the secret key of session after encryption, so that the second self private key used for mobile terminal is deciphered the secret key of this session and deciphered received message with the secret key of session deciphered.
2. communication means according to claim 1, also comprises:
First mobile terminal receives the secret key of the second session after from the second message after the encryption of the second mobile terminal and encryption via server, the private key of self is utilized to decipher the secret key of this second session, and utilize the secret key of the second session to decipher this second message, wherein the secret key of this second session is by the public key encryption of the second first mobile terminal used for mobile terminal, and the second mobile terminal obtains the PKI of the first mobile terminal from server.
3. the method that assistance first mobile terminal server performed intercoms mutually with the second mobile terminal, this server receives in advance and stores the first PKI from the first mobile terminal and the second PKI from the second mobile terminal, and first mobile terminal maintain first private key corresponding with the first PKI, and second mobile terminal maintain second private key corresponding with the second PKI, this communication means comprises:
In response to the inquiry of the first mobile terminal, return described second PKI of the second mobile terminal to the first mobile terminal;
Receive the message from the secret key of the first session after the encryption of the first mobile terminal and encryption and be transmitted to the second mobile terminal, wherein the secret key of the first session is by the first second public key encryption used for mobile terminal, this message is encrypted by with the secret key of the first session, so that second self the second private key used for mobile terminal is deciphered the secret key of the first session and deciphered with the secret key of the first session of deciphering the message received.
4. the communication means that intercoms mutually with the second mobile terminal via server of the first mobile terminal, comprising:
First mobile terminal generates random number XA, and utilizes random number XA to calculate the PKI YA of the first mobile terminal according to the first pre-defined algorithm, and the PKI YA of this first mobile terminal is sent to server;
First mobile terminal receives via the PKI YB of server from the second mobile terminal of the second mobile terminal;
First mobile terminal utilizes the PKI YB of random number XA and the second mobile terminal to generate the secret key KA of session of the first mobile terminal according to the second pre-defined algorithm, and this session secret key KA equals the secret key KB of session that the second mobile terminal place generates,
First session used for mobile terminal secret key KA encrypts message to be sent;
Message after encryption is sent to the second mobile terminal via server by the first mobile terminal, and the secret key KB of the second session used for mobile terminal deciphers the message received.
5. communication means according to claim 4, Diffi-Hellman algorithm is wherein utilized to make the session of the first mobile terminal secret key KA equal the secret key KB of session of the second mobile terminal, when the first mobile terminal adds the second mobile terminal for good friend, trigger the generation of secret key KA and KB of above-mentioned session.
6. communication means according to claim 5, wherein the first mobile terminal obtains prime number shape parameter a and integer type parameter q, a disclosed in the overall situation from server is a primitive root of q,
First mobile terminal utilizes random number XA to generate the PKI YA of the first mobile terminal according to formula YA=a^XAmodq;
First mobile terminal utilizes the PKI YB of random number XA and the second mobile terminal to generate the secret key KA of session of the first mobile terminal according to KA=(YB) ^XAmodq, wherein the second mobile terminal calculates based on formula YB=a^XBmodq and discloses secret key YB, wherein XB is the random number that the second mobile terminal produces, and based on the secret key KB of session that formula kB=(YA) ^XBmodq generates the second mobile terminal, make KA=KB thus.
7. communication means according to claim 6, wherein the first mobile terminal regular update PKI and the secret key of session.
8. assistance first mobile terminal server performed and a communication means for the second communication of mobile terminal, comprising:
Receive the random number XA from the first mobile terminal and be transmitted to the second mobile terminal;
Receive the random number XB from the second mobile terminal and be transmitted to the first mobile terminal;
Receive the first message from the encryption of the first mobile terminal and be transmitted to the second mobile terminal;
Receive the second message from the encryption of the second mobile terminal and be transmitted to the first mobile terminal,
Wherein this first message is encrypted by the secret key of the first first session used for mobile terminal, the secret key of first session is that the first mobile terminal calculates based on random number XA and random number XB, second message is encrypted by the secret key of the second second session used for mobile terminal, the secret key of second session is that the second mobile terminal calculates based on random number XA and random number XB, and the secret key of the first session equals the secret key of the second session.
9. the communication means of the first mobile terminal and the second mobile terminal in communication network, this communication network comprises the first mobile terminal and the second mobile terminal, and this communication means comprises:
The address information of oneself and port numbers are sent to server by the first mobile terminal;
First mobile terminal obtains address information and the port numbers of the second mobile terminal from server;
First mobile terminal utilizes address information and the port numbers of the second mobile terminal obtained, not via server directly to the second mobile terminal to send message.
10. communication means according to claim 8, also comprises:
First mobile terminal generates random number XA, directly utilizes the address information of the second mobile terminal obtained and port that random number XA is sent to the second mobile terminal;
First mobile terminal receives the random number XB directly sent from the second mobile terminal;
The random number XB of the random number XA that the first mobile terminal utilizes self to generate and reception generates the secret key k of session,
The secret key encrypting messages of first session used for mobile terminal, and the message of encryption is sent to the second mobile terminal, wherein the random number XA from the first mobile terminal of the second mobile terminal random number XB of utilizing self to generate and reception also creates the secret key k of same session, thus can decipher the message of the encryption from the first mobile terminal with the secret key k of session.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510680685.3A CN105337969A (en) | 2015-10-19 | 2015-10-19 | Safety communication method between two mobile terminals |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510680685.3A CN105337969A (en) | 2015-10-19 | 2015-10-19 | Safety communication method between two mobile terminals |
Publications (1)
Publication Number | Publication Date |
---|---|
CN105337969A true CN105337969A (en) | 2016-02-17 |
Family
ID=55288252
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510680685.3A Pending CN105337969A (en) | 2015-10-19 | 2015-10-19 | Safety communication method between two mobile terminals |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105337969A (en) |
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106101068A (en) * | 2016-05-27 | 2016-11-09 | 宇龙计算机通信科技(深圳)有限公司 | Terminal communicating method and system |
CN106385677A (en) * | 2016-09-14 | 2017-02-08 | 江苏北弓智能科技有限公司 | Smartphone for carrying out safety communication in public network based on cloud management system |
CN107124515A (en) * | 2017-05-15 | 2017-09-01 | 上海与德科技有限公司 | A kind of intelligent unlocking method and device |
CN107566324A (en) * | 2016-06-30 | 2018-01-09 | 南京中兴新软件有限责任公司 | Encryption method, decryption method and device |
CN110035083A (en) * | 2019-04-17 | 2019-07-19 | 江苏全链通信息科技有限公司 | Communication means, equipment and the computer readable storage medium of dialogue-based key |
CN111641539A (en) * | 2019-03-01 | 2020-09-08 | 九阳股份有限公司 | Safety interaction method for household electrical appliance |
CN112202768A (en) * | 2020-09-29 | 2021-01-08 | 四川长虹网络科技有限责任公司 | Data encryption method, device and system and readable storage medium |
CN112329044A (en) * | 2020-11-23 | 2021-02-05 | 北京沃东天骏信息技术有限公司 | Information acquisition method and device, electronic equipment and computer readable medium |
CN112437044A (en) * | 2020-11-03 | 2021-03-02 | 建信金融科技有限责任公司 | Instant messaging method and device |
CN112447007A (en) * | 2019-08-28 | 2021-03-05 | 富士电机株式会社 | Vending machine and service management method |
CN113132666A (en) * | 2019-12-30 | 2021-07-16 | Tcl新技术(惠州)有限公司 | Audio and video sending method, receiving method, terminal and audio and video transmission system |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1196793A (en) * | 1995-05-19 | 1998-10-21 | 阿尔卡特尔电信电缆公司 | Method for measuring high resolution ration of very low PMD in single optical fibre and calibration method for PMD measuring instrument |
CN1455543A (en) * | 2003-05-30 | 2003-11-12 | 武汉理工大学 | Encryption key agreement method |
CN101183938A (en) * | 2007-10-22 | 2008-05-21 | 华中科技大学 | Wireless network security transmission method, system and equipment |
CN101867898A (en) * | 2010-07-02 | 2010-10-20 | 中国电信股份有限公司 | Short message encrypting communication system, method and secret key center |
CN101964793A (en) * | 2010-10-08 | 2011-02-02 | 上海银联电子支付服务有限公司 | Method and system for transmitting data between terminal and server and sign-in and payment method |
CN102510374A (en) * | 2011-10-08 | 2012-06-20 | 北京视博数字电视科技有限公司 | License management method and device capable of detecting clone for front-end system |
-
2015
- 2015-10-19 CN CN201510680685.3A patent/CN105337969A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1196793A (en) * | 1995-05-19 | 1998-10-21 | 阿尔卡特尔电信电缆公司 | Method for measuring high resolution ration of very low PMD in single optical fibre and calibration method for PMD measuring instrument |
CN1455543A (en) * | 2003-05-30 | 2003-11-12 | 武汉理工大学 | Encryption key agreement method |
CN101183938A (en) * | 2007-10-22 | 2008-05-21 | 华中科技大学 | Wireless network security transmission method, system and equipment |
CN101867898A (en) * | 2010-07-02 | 2010-10-20 | 中国电信股份有限公司 | Short message encrypting communication system, method and secret key center |
CN101964793A (en) * | 2010-10-08 | 2011-02-02 | 上海银联电子支付服务有限公司 | Method and system for transmitting data between terminal and server and sign-in and payment method |
CN102510374A (en) * | 2011-10-08 | 2012-06-20 | 北京视博数字电视科技有限公司 | License management method and device capable of detecting clone for front-end system |
Cited By (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2017201809A1 (en) * | 2016-05-27 | 2017-11-30 | 宇龙计算机通信科技(深圳)有限公司 | Communication method and system for terminal |
CN106101068B (en) * | 2016-05-27 | 2019-06-11 | 宇龙计算机通信科技(深圳)有限公司 | Terminal communicating method and system |
CN106101068A (en) * | 2016-05-27 | 2016-11-09 | 宇龙计算机通信科技(深圳)有限公司 | Terminal communicating method and system |
CN107566324A (en) * | 2016-06-30 | 2018-01-09 | 南京中兴新软件有限责任公司 | Encryption method, decryption method and device |
CN106385677A (en) * | 2016-09-14 | 2017-02-08 | 江苏北弓智能科技有限公司 | Smartphone for carrying out safety communication in public network based on cloud management system |
CN107124515A (en) * | 2017-05-15 | 2017-09-01 | 上海与德科技有限公司 | A kind of intelligent unlocking method and device |
CN111641539A (en) * | 2019-03-01 | 2020-09-08 | 九阳股份有限公司 | Safety interaction method for household electrical appliance |
CN110035083A (en) * | 2019-04-17 | 2019-07-19 | 江苏全链通信息科技有限公司 | Communication means, equipment and the computer readable storage medium of dialogue-based key |
CN112447007A (en) * | 2019-08-28 | 2021-03-05 | 富士电机株式会社 | Vending machine and service management method |
CN113132666A (en) * | 2019-12-30 | 2021-07-16 | Tcl新技术(惠州)有限公司 | Audio and video sending method, receiving method, terminal and audio and video transmission system |
CN112202768A (en) * | 2020-09-29 | 2021-01-08 | 四川长虹网络科技有限责任公司 | Data encryption method, device and system and readable storage medium |
CN112202768B (en) * | 2020-09-29 | 2023-05-12 | 四川长虹网络科技有限责任公司 | Data encryption method, device and system and readable storage medium |
CN112437044A (en) * | 2020-11-03 | 2021-03-02 | 建信金融科技有限责任公司 | Instant messaging method and device |
CN112329044A (en) * | 2020-11-23 | 2021-02-05 | 北京沃东天骏信息技术有限公司 | Information acquisition method and device, electronic equipment and computer readable medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105337969A (en) | Safety communication method between two mobile terminals | |
JP5349619B2 (en) | Identity-based authentication key agreement protocol | |
CN107317674B (en) | Key distribution and authentication method, device and system | |
CN108650227B (en) | Handshaking method and system based on datagram secure transmission protocol | |
US20180176773A1 (en) | Key exchange method and apparatus | |
US20180278595A1 (en) | Key configuration method, key management center, and network element | |
CN105743646B (en) | A kind of Identity based encryption method and system | |
CN103338437B (en) | The encryption method of a kind of mobile instant message and system | |
CN105577680A (en) | Key generation method, encrypted data analyzing method, devices and key managing center | |
Kong et al. | Achieve secure handover session key management via mobile relay in LTE-advanced networks | |
CN104821944A (en) | Hybrid encrypted network data security method and system | |
CN102594569B (en) | Certificateless key agreement method adopted during Tor anonymous channel building | |
CN110087240B (en) | Wireless network security data transmission method and system based on WPA2-PSK mode | |
CN111416706B (en) | Quantum secret communication system based on secret sharing and communication method thereof | |
EP3570487B1 (en) | Private key generation method, device and system | |
CN105897416B (en) | A kind of end-to-end security instant communication method of forward direction based on id password system | |
CN105577365A (en) | Key consultation method and device for user' access to WLAN | |
CN113037499A (en) | Block chain encryption communication method and system | |
CN105025036B (en) | A kind of Cognitive Aptitude Test value Internet-based encryption and transmission method | |
CN104243146A (en) | Encryption communication method and device and terminal | |
WO2012024905A1 (en) | Method, terminal and ggsn for encrypting and decrypting data in mobile communication network | |
KR101704540B1 (en) | A method of managing group keys for sharing data between multiple devices in M2M environment | |
CN104301327A (en) | Privacy protection system and method used for P2P social network and based on broadcast encryption | |
CN101729536B (en) | Method and system for transmitting delayed media information of IP multimedia subsystem | |
Leu et al. | Improving security level of LTE authentication and key agreement procedure |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160217 |
|
RJ01 | Rejection of invention patent application after publication |