A kind of encryption communication method based on VOIP communication
Technical field
The present invention relates to a kind of encryption communication method, specifically, relate to a kind of encryption communication method based on VOIP communication.
Background technology
At present, communication has been deep into the various aspects of society, and voice call remains the main contents of mobile communication.VOIP carrys out transmitting voice information by the Internet network data, and user only needs payment network expense, and need not pay communication cost, effectively can save communications cost.But, VOIP needs to install special-purpose software in computer end or intelligent terminal, and computer and intelligent terminal are open system, be easy to the malicious codes such as implanted wooden horse, virus, easily take the raw information of call away, in prior art, also effectively can not ensure the information security of communicating pair for the encryption method of network voice communication.
Summary of the invention
The object of the invention is to overcome above-mentioned defect, provide a kind of safe and reliable, realize easily based on VOIP communication encryption communication method.
To achieve these goals, the present invention is by the following technical solutions:
Based on an encryption communication method for VOIP communication, comprise the following steps:
(1) blue tooth voice encryption device is configured, blue tooth voice encryption device and communication terminal pairing and binding, the initialized step of completion system;
(2) communicating pair carries out the step of call communication:
(21) calling party communication terminal is by generating working key W1, PKI P1 and private key S1 with the blue tooth voice encryption device of its pairing, and callee's communication terminal is by generating working key W2, PKI P2 and private key S2 with the blue tooth voice encryption device of its pairing;
(22) the blue tooth voice encryption device matched with calling party communication terminal uses public-key after P2 cryptographic work key W1 and transfers to callee, and the blue tooth voice encryption device matched with callee's communication terminal uses public-key after P1 cryptographic work key W2 and transfers to calling party;
(23) the blue tooth voice encryption device matched with calling party communication terminal uses private key S1 to decipher and obtains working key W2, and the blue tooth voice encryption device matched with callee's communication terminal uses private key S2 to decipher and obtains working key W1;
(24) voice transfer
Call direction callee transferring voice: the blue tooth voice encryption device matched with calling party communication terminal uses working key W1 encrypted voice data to transfer to callee;
Callee is to calling party transferring voice: the blue tooth voice encryption device matched with callee's communication terminal uses working key W2 encrypted voice data to transfer to calling party;
(25) phonetic incepting
Callee receives voice: the blue tooth voice encryption device matched with callee's communication terminal uses working key W1 decrypted voice data, then transfers to receiver after decoding;
The blue tooth voice encryption device that calling party reception voice and calling party communication terminal match uses working key W2 decrypted voice data, then transfers to receiver after decoding.
Further, described step (1) is specific as follows:
(11) communication terminal arranges user password A;
(12) communication terminal sends index ID to the blue tooth voice encryption device with its pairing;
(13) blue tooth voice encryption device generates PKI P and private key S according to index ID, and sends PKI P to communication terminal;
(14) communication terminal storage of public keys P transfer to blue tooth voice encryption device after the P encrypting user password A that uses public-key;
(15) blue tooth voice encryption device uses private key S deciphering to obtain user password A;
(16) blue tooth voice encryption device stores index ID, PKI P, private key S and user password A.
Further, further comprising the steps of before described step (2):
A () communication terminal P that uses public-key transfers to blue tooth voice encryption device to user password A1, index ID1 after being encrypted;
B () blue tooth voice encryption device uses private key S deciphering to obtain user password A1, index ID1;
Whether (c) blue tooth voice encryption device authentication of users password A1, index ID1 mate with user password A, the index ID of storage, if coupling, then allow communication, otherwise do not allow communication.
Further, described blue tooth voice encryption device comprises: bluetooth module, for voice collecting and transfer of data; Voice encryption module, for completing the compressed encoding of voice, encryption and framing.
Further, the method for work of described blue tooth voice encryption device is as follows:
Send:
After bluetooth module receives analog voice signal, be transformed to audio digital signals after carrying out AD conversion, deliver to voice encryption module by i2s passage, after voice encryption module completes voice compression coding, encryption, by i2s channel transfer to bluetooth module, then be sent to communication terminal by bluetooth module;
Receive:
Bluetooth module receives the speech data after encryption, and through i2s channel transfer to voice encryption module, voice encryption module completes deciphering and decompress(ion), restore digital speech, through i2s channel transfer to bluetooth module, complete DA by bluetooth module and change, then deliver to communication terminal.
Compared with prior art, beneficial effect of the present invention is:
Namely the present invention completes the encryption to speech data in communication terminal front end, therefore, even if speech data is taken by third party at communication terminal, also cannot obtain clear content, thus can the fail safe of available protecting dialog context.
Embodiment
Below in conjunction with embodiment, the invention will be further described.Embodiments of the present invention include but not limited to the following example.
Embodiment
Present embodiments provide a kind of encryption communication method based on VOIP communication, the method, by configuration blue tooth voice encryption device, realizes namely being encrypted in communication terminal front end speech data, avoids the communication information to leak.Blue tooth voice encryption device is made up of bluetooth module, voice encryption module, bluetooth module is responsible for voice collecting and the transfer of data with PC or mobile terminal, voice encryption module completes the compressed encoding of voice, encryption and framing, and bluetooth module is responsible for the communication with communication terminal; Communication terminal is sent to the communication server to after the enciphered data received again framing, and the communication server is transmitted to recipient the speech data received.Wherein, communication terminal refers to the PC end, panel computer or the smart mobile phone end that are provided with VOIP software.
When realizing intercommunication, first can carry out pairing and binding to blue tooth voice encryption device with corresponding communication terminal, the initialization of completion system, its detailed process is as follows: (11) communication terminal arranges user password A; (12) communication terminal sends index ID to the blue tooth voice encryption device with its pairing; (13) blue tooth voice encryption device generates PKI P and private key S according to index ID, and sends PKI P to communication terminal; (14) communication terminal storage of public keys P transfer to blue tooth voice encryption device after the P encrypting user password A that uses public-key; (15) blue tooth voice encryption device uses private key S deciphering to obtain user password A; (16) blue tooth voice encryption device stores index ID, PKI P, private key S and user password A.The object of pairing and binding, relative to being that the encryption device of correspondence and communication terminal are mated, simultaneously, the corresponding information of storing communication terminal in blue tooth voice encryption device, when user uses communication, first can carry out legitimate verification to communication terminal, only have when the user password of communication terminal and index mate with the user password stored in blue tooth voice encryption device and index, user just can enter corresponding operation element interface, doing so avoids usurping or cracking communication terminal.
In use, the proof procedure of communication terminal is as follows: (a) communication terminal P that uses public-key transfers to blue tooth voice encryption device to user password A1, index ID1 after being encrypted; B () blue tooth voice encryption device uses private key S deciphering to obtain user password A1, index ID1; Whether (c) blue tooth voice encryption device authentication of users password A1, index ID1 mate with user password A, the index ID of storage, if coupling, then allow communication, otherwise do not allow communication.Wherein, user password A1 is inputted in VOIP communication software by user.
Communicating pair all should be equipped with above-mentioned communication terminal and blue tooth voice encryption device, and namely the terminal and the dealing voice messaging that realize communication all can be encrypted before terminal sends, and then cryptographically transmit, and recipient is decrypted enciphered message again.
In the present embodiment, be mainly reflected in two-way (communicating pair) mutual encryption, process to the encryption of communication, after communication terminal is proved to be successful, user enters operation interface, the calling party request of making a call, and enters talking state after waiting for called connection.Now, communicating pair all can generate corresponding working key and public private key pair, and calling party is not identical with public private key pair with the working key of callee, be specially: calling party communication terminal is by generating working key W1, PKI P1 and private key S1 with the blue tooth voice encryption device of its pairing, and callee's communication terminal is by generating working key W2, PKI P2 and private key S2 with the blue tooth voice encryption device of its pairing.
When communicating, the encryption of communicating pair intersection, deciphering, specific as follows: the blue tooth voice encryption device that () and calling party communication terminal match uses public-key after P2 cryptographic work key W1 and transfers to callee, the blue tooth voice encryption device matched with callee's communication terminal uses public-key after P1 cryptographic work key W2 and transfers to calling party; (2) the blue tooth voice encryption device matched with calling party communication terminal uses private key S1 to decipher and obtains working key W2, and the blue tooth voice encryption device matched with callee's communication terminal uses private key S2 to decipher and obtains working key W1; (3) voice transfer, call direction callee transferring voice: the blue tooth voice encryption device matched with calling party communication terminal uses working key W1 encrypted voice data to transfer to callee; Callee is to calling party transferring voice: the blue tooth voice encryption device matched with callee's communication terminal uses working key W2 encrypted voice data to transfer to calling party.Wherein, relate to encrypted voice data transmission, all realize transfer by the viop communication server, forwarded by the viop communication server.
When communicating, under transmission state, the course of work of blue tooth voice encryption device is as follows: after entering talking state, the analog voice signal that Mike gathers delivers to bluetooth module, bluetooth module is transformed to audio digital signals after carrying out ad conversion (ad, da transducer is all integrated in Bluetooth chip), voice encryption module is delivered to by i2s passage, voice encryption module completes voice compression coding (by 64kbps below boil down to 16kbps), encryption (sm4 or aes), after be transferred to bluetooth module by i2s, be sent to terminal.
The phonetic incepting process of communicating pair is as follows:
Callee receives voice: the blue tooth voice encryption device matched with callee's communication terminal uses working key W1 decrypted voice data, then transfers to receiver after decoding; The blue tooth voice encryption device that calling party reception voice and calling party communication terminal match uses working key W2 decrypted voice data, then transfers to receiver after decoding.Under phonetic incepting state, the course of work of blue tooth voice encryption device is as follows: bluetooth module receives the speech data after encryption, voice encryption module is transferred to through i2s, voice encryption module completes deciphering and decompresses, restore the plaintext digital speech of 64kbps, deliver to bluetooth module through i2s, complete da conversion by bluetooth module and deliver to receiver broadcasting.
According to above-described embodiment, just the present invention can be realized well.What deserves to be explained is; under prerequisite based on above-mentioned design principle; for solving same technical problem; even if some making on architecture basics disclosed in this invention are without substantial change or polishing; the essence of the technical scheme adopted is still the same with the present invention, therefore it also should in protection scope of the present invention.