CN105407109A - Data secure transmission method between Bluetooth devices - Google Patents
Data secure transmission method between Bluetooth devices Download PDFInfo
- Publication number
- CN105407109A CN105407109A CN201510996355.5A CN201510996355A CN105407109A CN 105407109 A CN105407109 A CN 105407109A CN 201510996355 A CN201510996355 A CN 201510996355A CN 105407109 A CN105407109 A CN 105407109A
- Authority
- CN
- China
- Prior art keywords
- intelligent cipher
- cipher key
- terminal
- random number
- key equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 60
- 230000005540 biological transmission Effects 0.000 title claims abstract description 28
- 230000006854 communication Effects 0.000 claims abstract description 79
- 238000004891 communication Methods 0.000 claims abstract description 66
- 238000012790 confirmation Methods 0.000 claims description 20
- 238000005516 engineering process Methods 0.000 abstract description 10
- 238000009795 derivation Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 239000012467 final product Substances 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B5/00—Near-field transmission systems, e.g. inductive or capacitive transmission systems
- H04B5/40—Near-field transmission systems, e.g. inductive or capacitive transmission systems characterised by components specially adapted for near-field transmission
- H04B5/48—Transceivers
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B5/00—Near-field transmission systems, e.g. inductive or capacitive transmission systems
- H04B5/70—Near-field transmission systems, e.g. inductive or capacitive transmission systems specially adapted for specific purposes
- H04B5/72—Near-field transmission systems, e.g. inductive or capacitive transmission systems specially adapted for specific purposes for local intradevice communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W76/00—Connection management
- H04W76/10—Connection setup
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a data secure transmission method between Bluetooth devices. The data secure transmission method comprises the following steps: opening a Bluetooth function and entering a discoverable mode; waiting for a terminal to open the Bluetooth function and searching intelligent key equipment, pairing the intelligent key equipment and the terminal, so as to establish a communication link between the intelligent key equipment and the terminal; receiving a ciphertext C1 transmitted by the terminal, and using a private key PRIKey-K built in the intelligent key equipment to decrypt the received ciphertext C1, so as to obtain a random number R1', and generating a random number R2 synchronously; using a terminal public key PUBKey-T built in the intelligent key equipment to encrypt the random number R1, so as to obtain a ciphertext C2, and transmitting the ciphertext C2 to the terminal; and deriving a communication secrete key according to the random number R1' and the random number R2, and waiting for an acknowledgement message from a user for establishing a secure connection between the intelligent key equipment and the terminal. The data secure transmission method between the Bluetooth devices provided by the invention can solve the technical problem that the Bluetooth technology cannot be widely applied in the intelligent key equipment since the security of the existing Bluetooth pairing manner is poor.
Description
Technical field
The invention belongs to field of information security technology, more specifically, relate to data safe transmission method between a kind of bluetooth equipment.
Background technology
Bluetooth is a kind of wireless technology standard, can realize permanent plant, short-range data between mobile device and building personal area network exchanges.Along with developing rapidly of wireless communication technology, Bluetooth Communication Technology is applied on a large scale in the mobile terminal such as mobile phone, panel computer.
A lot of services that bluetooth can provide all may show personal data or be controlled by connected equipment.For the consideration in safety, be necessary to identify specific equipment, to guarantee to control, which equipment can be connected with bluetooth equipment.Meanwhile, bluetooth is the home control network communication protocol of a standard, and it uses radio communication mode, so must ensure the fail safe in data transmission procedure.In the prior art; Bluetooth protocol provides old pairing (this is the unique method of bluetooth 2.0 editions and version pairing in the early time thereof) and safe and simple pairing; this matching method fail safe is very limited; be easy to illegally be stolen; thus bring security threat to the information transmitted by Bluetooth link, strong encryption protection is not implemented to the information transmitted based on Bluetooth link simultaneously.Therefore, Bluetooth Communication Technology is not also applied in this kind of field higher to security requirement of intelligent cipher key equipment.
Summary of the invention
For above defect or the Improvement requirement of prior art, the invention provides data safe transmission method between a kind of bluetooth equipment, its object is to, solve existing Bluetooth pairing mode due to poor stability cause the technical problem that cannot be widely used in intelligent cipher key equipment of Bluetooth technology.
For achieving the above object, according to one aspect of the present invention, provide data safe transmission method between a kind of bluetooth equipment, it is applied in intelligent cipher key equipment, and this intelligent cipher key equipment is connected with terminal called, said method comprising the steps of:
(1) open Bluetooth function, enter discoverable mode;
(2) wait for that terminal is opened Bluetooth function and searches for this intelligent cipher key equipment, match with this terminal, to set up communication link therebetween;
(3) the ciphertext C1 that sends of receiving terminal, this ciphertext C1 is that terminal utilizes intelligent cipher key equipment PKI PUBKey_K to be encrypted rear obtaining to random number R 1;
(4) the private key PRIKey_K utilizing intelligent cipher key equipment built-in is decrypted the ciphertext C1 received, to obtain random number R 1 ', generate random number R 2 simultaneously, the terminal public key PUBKey_T utilizing intelligent cipher key equipment built-in is encrypted to obtain ciphertext C2 to random number R 2, and ciphertext C2 is sent to terminal;
(5) generation communication key is derived from according to random number R 1 ' and random number R 2;
(6) wait for the confirmation setting up secure connection between intelligent cipher key equipment and terminal from user, and the communication key using step (5) to produce after receiving the confirmation information is encrypted to the data in intelligent cipher key equipment and SS later communication process.
Preferably, step (1) also comprises stochastic generation Bluetooth pairing code, and Bluetooth pairing code is presented on the screen of intelligent cipher key equipment, the cryptographic algorithm adopted when encrypting in step (3) and step (4) is SM2 algorithm, ECIES algorithm or RSA Algorithm, and the cryptographic algorithm in step (6) during encryption is aes algorithm, DES algorithm, 3DES algorithm, SM1 algorithm or SM4 algorithm.
Preferably, after the method is also included in step (5), before step (6), stochastic generation secure link code, secure link code is presented on screen, wait for that user confirms, the key K ey utilizing step (5) to produce is encrypted secure link code with generating ciphertext C3, and the ciphertext C3 after encryption is sent to the step of terminal.
According to another aspect of the present invention, provide data safe transmission method between a kind of bluetooth equipment, it applies in the terminal, and this terminal is connected with intelligent cipher key equipment communication, said method comprising the steps of:
(1) open Bluetooth function, search intelligent cipher key equipment, matches with this intelligent cipher key equipment, to set up communication link therebetween;
(2) generate random number R 1, utilize the intelligent cipher key equipment PKI PUBKey_K of terminal built-in to be encrypted random number R 1, to produce ciphertext C1, and ciphertext C1 is sent to intelligent cipher key equipment;
(3) receive the ciphertext C2 from intelligent cipher key equipment, this ciphertext C2 is that the terminal public key PUBKey_T that intelligent cipher key equipment utilizes it built-in is encrypted rear obtained to the random number R 2 that intelligent cipher key equipment generates;
(4) built-in private key PRIKey_T is utilized to be decrypted the ciphertext C2 received, to obtain random number R 2 ';
(5) generation communication key is derived from according to random number R 1 and random number R 2 ';
(6) wait for the confirmation setting up secure connection between intelligent cipher key equipment and terminal from user, and after receiving the confirmation information and the communication key using step (5) to produce the data produced in intelligent cipher key equipment and SS later communication process are encrypted.
Preferably, it is the Bluetooth pairing code by receiving user's input in step (1), and realize therebetween pairing with the mode that the Bluetooth pairing code of intelligent cipher key equipment stochastic generation is compared, in step (6), cryptographic algorithm during encryption is aes algorithm, DES algorithm, 3DES algorithm, SM1 algorithm or SM4 algorithm.
Preferably, after the method is also included in step (5), before step (6), receive the ciphertext C3 coming from intelligent cipher key equipment, key K ey is utilized to be decrypted the ciphertext C3 received, to obtain secure link code, shown on a terminal screen, and the step pointing out user's comparison terminal whether consistent with the secure link code that intelligent cipher key equipment shows.
According to another aspect of the present invention, provide data safe transmission method between a kind of bluetooth equipment, it is applied in intelligent cipher key equipment, and this intelligent cipher key equipment is connected with terminal called, said method comprising the steps of:
(1) open Bluetooth function, enter discoverable mode;
(2) wait for that terminal is opened Bluetooth function and searches for this intelligent cipher key equipment, match with this terminal, to set up communication link therebetween;
(3) the ciphertext C1 that sends of receiving terminal, this ciphertext C1 is that the intelligent cipher key equipment PKI PUBKey_K that terminal utilizes it built-in is encrypted rear produced to the random number R 1 himself generated;
(4) the private key PRIKey_K utilizing intelligent cipher key equipment built-in is decrypted the ciphertext C1 received, to obtain random number R 1 ', generate random number R 2 and R3 simultaneously, the terminal public key PUBKey_T utilizing intelligent cipher key equipment built-in is encrypted to obtain ciphertext C2 to random number R 2 and R3, and ciphertext C2 is sent to terminal;
(5) generation communication key is derived from according to random number R 1 ' and random number R 2;
(6) wait for the confirmation setting up secure connection between intelligent cipher key equipment and terminal from user, and the communication key using step (5) to produce after receiving the confirmation information is encrypted to the data in intelligent cipher key equipment and SS later communication process;
(7) wait for that the communication next time between terminal and intelligent cipher key equipment is opened, the ciphertext C4 that receiving terminal is sent;
(8) the private key PRIKey_K utilizing intelligent cipher key equipment built-in is decrypted the ciphertext C4 received, to obtain R3 " and R4 '; judge R3 " whether identical with R3, if the same random number R 5 and random number R 6 is generated, the terminal public key PUBKey_T utilizing it built-in is encrypted with generating ciphertext C5 to R5 and R6, and ciphertext C5 is sent to terminal, then enter step (9), else process terminates;
(9) generation communication key is derived from according to random number R 4 ' and random number R 5;
(10) communication key using step (9) to produce is encrypted the data in intelligent cipher key equipment and SS later communication process.
Preferably, step (1) also comprises stochastic generation Bluetooth pairing code, and Bluetooth pairing code is presented on the screen of intelligent cipher key equipment, the cryptographic algorithm adopted during encryption in step (3), step (4) and step (8) is SM2 algorithm, ECIES algorithm or RSA Algorithm, and cryptographic algorithm when encrypting in step (6) and step (10) is aes algorithm, DES algorithm, 3DES algorithm, SM1 algorithm or SM4 algorithm.
Preferably, after the method is also included in step (5), before step (6), stochastic generation secure link code, secure link code is presented on screen, wait for that user confirms, the key K ey utilizing step (5) to produce is encrypted secure link code with generating ciphertext C3, and the ciphertext C3 after encryption is sent to the step of terminal.
According to another aspect of the present invention, provide data safe transmission method between a kind of bluetooth equipment, it applies in the terminal, and this terminal is connected with intelligent cipher key equipment communication, said method comprising the steps of:
(1) open Bluetooth function, search intelligent cipher key equipment, matches with this intelligent cipher key equipment, to set up communication link therebetween;
(2) generate random number R 1, utilize the intelligent cipher key equipment PKI PUBKey_K of terminal built-in to be encrypted random number R 1, to produce ciphertext C1, and ciphertext C1 is sent to intelligent cipher key equipment;
(3) receive from the ciphertext C2 of intelligent cipher key equipment, this ciphertext C2 random number R 2 that to be the intelligent cipher key equipment terminal public key PUBKey_T that utilizes it built-in generate intelligent cipher key equipment and random number R 3 are encrypted rear obtained;
(4) built-in private key PRIKey_T is utilized to be decrypted the ciphertext C2 received, to obtain random number R 2 ' and R3 ';
(5) generation communication key is derived from according to random number R 1 and random number R 2 ';
(6) wait for the confirmation setting up secure connection between intelligent cipher key equipment and terminal from user, and the communication key using step (5) to produce after receiving the confirmation information is encrypted to the data produced in intelligent cipher key equipment and SS later communication process;
(7) wait for that the communication next time between terminal and intelligent cipher key equipment is opened, generate random number R 4, and the intelligent cipher key equipment PKI PUBKey_K utilizing it built-in is encrypted R4 and R3 ', to obtain ciphertext C4, and ciphertext C4 is sent to intelligent cipher key equipment;
(8) receive and come from the ciphertext C5 of intelligent cipher key equipment, ciphertext C5 is that intelligent cipher key equipment passes through to generate random number R 5 and random number R 6 and the terminal public key PUBKey_T utilizing intelligent cipher key equipment built-in is encrypted generated to R5 and R6;
(9) the private key PRIKey_T of terminal built-in is utilized to be decrypted the ciphertext C5 received, to obtain random number R 5 ' and R6 ';
(10) generation communication key is derived from according to random number R 4 and random number R 5 ';
(11) communication key using step (10) to produce is encrypted the data in intelligent cipher key equipment and SS later communication process.
In general, the above technical scheme conceived by the present invention compared with prior art, can obtain following beneficial effect:
1, the present invention matches process for twice by employing, overcomes the problem that existing simple and easy pairing is easy to be stolen greatly, improves the fail safe of pairing, thus Bluetooth technology can be widely used in intelligent cipher key equipment.
2, the present invention is after successful matching; the double secret key subsequent transmission data of consulting between blue-tooth intelligence key devices and terminal are used to be encrypted protection; solve the problem of plaintext transmission data in existing bluetooth communication; greatly improve the fail safe of transfer of data, thus Bluetooth technology can be widely used in intelligent cipher key equipment.
3, the present invention is by the dynamic Bluetooth pairing code of blue-tooth intelligence key devices stochastic generation, solves fixing pairing code in existing pairing and is easy to the problem be stolen, greatly improve the fail safe of pairing.
4, the present invention is in second time pairing process, adopt in terminal and blue-tooth intelligence key devices, show pairing code simultaneously, user's button on blue-tooth intelligence key devices is only needed to confirm to get final product successful matching, overcome in prior art the process needing user to input pairing code, provide the convenience that user uses.
Accompanying drawing explanation
Fig. 1 is the flow chart of data safe transmission method between the bluetooth equipment according to first embodiment of the invention.
Fig. 2 is the flow chart of data safe transmission method between the bluetooth equipment according to second embodiment of the invention.
Embodiment
In order to make object of the present invention, technical scheme and advantage clearly understand, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, be not intended to limit the present invention.In addition, if below in described each execution mode of the present invention involved technical characteristic do not form conflict each other and just can mutually combine.
As shown in Figure 1, be applied in the environment that is made up of intelligent cipher key equipment and terminal according to data safe transmission method between the bluetooth equipment of the first execution mode of the present invention, this intelligent cipher key equipment is connected with terminal called, in the present embodiment, terminal comprises PC (PersonalComputer, be called for short PC), mobile phone, panel computer, ATM (AutomaticTellerMachine, be called for short ATM) etc. any there is bluetooth communication module, and the main process equipment of Bluetooth communication can be carried out with intelligent cipher key equipment, said method comprising the steps of:
(1) intelligent cipher key equipment opens Bluetooth function, enters discoverable mode; It should be noted, this step also can comprise intelligent cipher key equipment stochastic generation Bluetooth pairing code, and Bluetooth pairing code is presented at the additional step on the screen of intelligent cipher key equipment, also can omit this step in other embodiments;
(2) terminal is opened Bluetooth function and is searched for this intelligent cipher key equipment, matches, to set up communication link therebetween with this intelligent cipher key equipment; It should be noted, if intelligent cipher key equipment have employed the mode of Bluetooth pairing code in step (1), then this step (2) also comprises this Bluetooth pairing code that terminal receives user's input, the Bluetooth pairing code comparison generated with intelligent cipher key equipment thus complete the step of pairing, this step is also optional additional step, also can omit this step in other embodiments;
(3) terminal generates random number R 1, utilizes the intelligent cipher key equipment PKI PUBKey_K of terminal built-in to be encrypted random number R 1, to produce ciphertext C1, and ciphertext C1 is sent to intelligent cipher key equipment;
(4) the private key PRIKey_K that intelligent cipher key equipment utilizes it built-in is decrypted the ciphertext C1 received, to obtain random number R 1 ', generate random number R 2 simultaneously, the terminal public key PUBKey_T utilizing intelligent cipher key equipment built-in is encrypted to obtain ciphertext C2 to random number R 2, and ciphertext C2 is sent to terminal;
(5) terminal utilizes built-in private key PRIKey_T to be decrypted the ciphertext C2 received, to obtain random number R 2 ';
(6) terminal derives from according to random number R 1 and random number R 2 ' and produces communication key, and intelligent cipher key equipment derives from according to random number R 1 ' and random number R 2 and produces communication key, and derived method and terminal are consistent; In the present embodiment, by R1 and R2 ' the key K ey that derives from, derived method can be R1||R2 ', R2 ' || R1, R1 ⊕ R2 ', R1+R2 ', F (R1, R2 ') etc., wherein F is any cipher key derivation function, R1 and R2 ' is as the input of function;
(7) intelligent cipher key equipment stochastic generation secure link code (this secure link code is the numeral of 4 or 6), secure link code is presented on screen, wait for that user confirms, the key K ey utilizing step (6) to produce is encrypted secure link code with generating ciphertext C3, and the ciphertext C3 after encryption is sent to terminal;
(8) terminal utilizes key K ey to be decrypted the ciphertext C3 received, to generate secure link code, shown on a terminal screen, and point out user's comparison terminal whether consistent with the secure link code that intelligent cipher key equipment shows, if consistent, continue step (9), else process terminates;
(9) terminal and intelligent cipher key equipment wait for the confirmation setting up secure connection between intelligent cipher key equipment and terminal from user, and the communication key using step (6) to produce after receiving the confirmation information is encrypted the data produced in terminal and intelligent cipher key equipment subsequent communications process; In the present embodiment, during encryption, cryptographic algorithm can be aes algorithm, DES algorithm, 3DES algorithm, SM1 algorithm, SM4 algorithm etc., but is not limited to above-mentioned DEA.
In above-mentioned steps (3) and step (4), the cryptographic algorithm adopted during encryption can be SM2 algorithm, ECIES algorithm, RSA Algorithm etc., but is not limited to above-mentioned DEA.
Further, R1 and R2 can be that comparatively short word saves random number, and preferably, R1, R2 are 4 or 8 byte random numbers.
As shown in Figure 2, be applied in the environment that is made up of intelligent cipher key equipment and terminal according to data safe transmission method between the bluetooth equipment of the second execution mode of the present invention, this intelligent cipher key equipment is connected with terminal called, in the present embodiment, terminal comprises PC (PersonalComputer, be called for short PC), mobile phone, panel computer, ATM (AutomaticTellerMachine, be called for short ATM) etc. any there is bluetooth communication module, and the main process equipment of Bluetooth communication can be carried out with intelligent cipher key equipment, said method comprising the steps of:
(1) intelligent cipher key equipment opens Bluetooth function, enters discoverable mode; It should be noted, this step also can comprise stochastic generation Bluetooth pairing code, and Bluetooth pairing code is presented at the additional step on the screen of intelligent cipher key equipment, also can omit this step in other embodiments;
(2) terminal is opened Bluetooth function and is searched for this intelligent cipher key equipment, matches, to set up communication link therebetween with this intelligent cipher key equipment; It should be noted, if intelligent cipher key equipment have employed the mode of Bluetooth pairing code in step (1), then this step (2) also comprises this Bluetooth pairing code that terminal receives user's input, the Bluetooth pairing code comparison generated with intelligent cipher key equipment thus complete the step of pairing, this step is also optional additional step, also can omit this step in other embodiments;
(3) terminal generates random number R 1, and the intelligent cipher key equipment PKI PUBKey_K utilizing it built-in is encrypted random number R 1, to produce ciphertext C1, and ciphertext C1 is sent to intelligent cipher key equipment;
(4) the private key PRIKey_K that intelligent cipher key equipment utilizes it built-in is decrypted the ciphertext C1 received, to obtain random number R 1 ', generate random number R 2 and R3 simultaneously, the terminal public key PUBKey_T utilizing intelligent cipher key equipment built-in is encrypted to obtain ciphertext C2 to random number R 2 and R3, and ciphertext C2 is sent to terminal;
In above-mentioned steps (3) and step (4), the cryptographic algorithm adopted during encryption can be SM2 algorithm, ECIES algorithm, RSA Algorithm etc., but is not limited to above-mentioned DEA.
Further, R1 and R2 can be that comparatively short word saves random number, and preferably, R1, R2 are 4 or 8 byte random numbers.
(5) terminal utilizes built-in private key PRIKey_T to be decrypted the ciphertext C2 received, to obtain random number R 2 ' and R3 ';
(6) terminal derives from according to random number R 1 and random number R 2 ' and produces communication key, and intelligent cipher key equipment derives from according to random number R 1 ' and random number R 2 and produces communication key, and derived method and terminal are consistent; In the present embodiment, by R1 and R2 ' the key K ey that derives from, derived method can be R1||R2 ', R2 ' || R1, R1 ⊕ R2 ', R1+R2 ', F (R1, R2 ') etc., wherein F is any cipher key derivation function, R1 and R2 ' is as the input of function;
(7) intelligent cipher key equipment stochastic generation secure link code (this secure link code is the numeral of 4 or 6), secure link code is presented on screen, wait for that user confirms, the key K ey utilizing step (6) to produce is encrypted secure link code with generating ciphertext C3, and the ciphertext C3 after encryption is sent to terminal;
(8) terminal utilizes key K ey to be decrypted the ciphertext C3 received, to generate secure link code, shown on a terminal screen, and point out user's comparison terminal whether consistent with the secure link code that intelligent cipher key equipment shows, if consistent, continue step (9), else process terminates;
(9) terminal and intelligent cipher key equipment wait for the confirmation setting up secure connection between intelligent cipher key equipment and terminal from user, and the communication key using step (6) to produce after receiving the confirmation information is encrypted the data produced in terminal and intelligent cipher key equipment subsequent communications process; In the present embodiment, during encryption, cryptographic algorithm can be aes algorithm, DES algorithm, 3DES algorithm, SM1 algorithm, SM4 algorithm etc., but is not limited to above-mentioned DEA.
(10) terminal opens the communication next time between intelligent cipher key equipment, terminal generates random number R 4, and the intelligent cipher key equipment PKI PUBKey_K utilizing it built-in is encrypted R4 and R3 ', to obtain ciphertext C4, and ciphertext C4 is sent to intelligent cipher key equipment; The cryptographic algorithm adopted during encryption can be SM2 algorithm, ECIES algorithm, RSA Algorithm etc., but is not limited to above-mentioned DEA;
(11) the private key PRIKey_K that intelligent cipher key equipment utilizes it built-in is decrypted the ciphertext C4 received, to obtain R3 " and R4 '; judge R3 " whether identical with random number R 3, if the same random number R 5 and random number R 6 is generated, the terminal public key PUBKey_T utilizing it built-in is encrypted with generating ciphertext C5 to R5 and R6, and ciphertext C5 is sent to terminal, then enter step (12), else process terminates; Specifically, the cryptographic algorithm adopted during encryption can be SM2 algorithm, ECIES algorithm, RSA Algorithm etc., but is not limited to above-mentioned DEA;
(12) the private key PRIKey_T that terminal utilizes it built-in is decrypted the ciphertext C5 received, to obtain random number R 5 ' and R6 ';
(13) terminal derives from according to random number R 4 and random number R 5 ' and produces communication key, and intelligent cipher key equipment derives from according to random number R 4 ' and random number R 5 and produces communication key, and derived method and terminal are consistent; In the present embodiment, by R4 and R5 ' the key K ey that derives from, derived method can be R4||R5 ', R5 ' || R4, R4 ⊕ R5 ', R4+R5 ', F (R4, R5 ') etc., wherein F is any cipher key derivation function, R4 and R5 ' is as the input of function;
(14) terminal and intelligent cipher key equipment use the communication key produced separately in step (13) to be encrypted the data produced in intelligent cipher key equipment and SS later communication process respectively; In the present embodiment, during encryption, cryptographic algorithm can be aes algorithm, DES algorithm, 3DES algorithm, SM1 algorithm, SM4 algorithm etc., but is not limited to above-mentioned DEA.
It should be noted that the decipherment algorithm used in the step of the inventive method is all algorithm for inversions corresponding to the cryptographic algorithm corresponding with it.
Those skilled in the art will readily understand; the foregoing is only preferred embodiment of the present invention; not in order to limit the present invention, all any amendments done within the spirit and principles in the present invention, equivalent replacement and improvement etc., all should be included within protection scope of the present invention.
Claims (10)
1. a data safe transmission method between bluetooth equipment, it is applied in intelligent cipher key equipment, and this intelligent cipher key equipment is connected with terminal called, it is characterized in that, said method comprising the steps of:
(1) open Bluetooth function, enter discoverable mode;
(2) wait for that terminal is opened Bluetooth function and searches for this intelligent cipher key equipment, match with this terminal, to set up communication link therebetween;
(3) the ciphertext C1 that sends of receiving terminal, this ciphertext C1 is that the intelligent cipher key equipment PKI PUBKey_K that terminal utilizes it built-in is encrypted rear produced to the random number R 1 himself generated;
(4) the private key PRIKey_K utilizing intelligent cipher key equipment built-in is decrypted the ciphertext C1 received, to obtain random number R 1 ', generate random number R 2 simultaneously, the terminal public key PUBKey_T utilizing intelligent cipher key equipment built-in is encrypted to obtain ciphertext C2 to random number R 2, and ciphertext C2 is sent to terminal;
(5) generation communication key is derived from according to random number R 1 ' and random number R 2;
(6) wait for the confirmation setting up secure connection between intelligent cipher key equipment and terminal from user, and after receiving the confirmation information and the communication key using step (5) to produce the data produced in intelligent cipher key equipment and SS later communication process are encrypted.
2. data safe transmission method between bluetooth equipment according to claim 1, it is characterized in that, step (1) also comprises stochastic generation Bluetooth pairing code, and Bluetooth pairing code is presented on the screen of intelligent cipher key equipment, the cryptographic algorithm adopted when encrypting in step (3) and step (4) is SM2 algorithm, ECIES algorithm or RSA Algorithm, and the cryptographic algorithm in step (6) during encryption is aes algorithm, DES algorithm, 3DES algorithm, SM1 algorithm or SM4 algorithm.
3. data safe transmission method between bluetooth equipment according to claim 1, it is characterized in that, after being also included in step (5), before step (6), stochastic generation secure link code, secure link code is presented on screen, wait for that user confirms, the key K ey utilizing step (5) to produce is encrypted secure link code with generating ciphertext C3, and the ciphertext C3 after encryption is sent to the step of terminal.
4. a data safe transmission method between bluetooth equipment, it applies in the terminal, and this terminal is connected with intelligent cipher key equipment communication, it is characterized in that, said method comprising the steps of:
(1) open Bluetooth function, search intelligent cipher key equipment, matches with this intelligent cipher key equipment, to set up communication link therebetween;
(2) generate random number R 1, utilize the intelligent cipher key equipment PKI PUBKey_K of terminal built-in to be encrypted random number R 1, to produce ciphertext C1, and ciphertext C1 is sent to intelligent cipher key equipment;
(3) receive the ciphertext C2 from intelligent cipher key equipment, this ciphertext C2 is that the terminal public key PUBKey_T that intelligent cipher key equipment utilizes it built-in is encrypted rear obtained to the random number R 2 that intelligent cipher key equipment generates;
(4) built-in private key PRIKey_T is utilized to be decrypted the ciphertext C2 received, to obtain random number R 2 ';
(5) generation communication key is derived from according to random number R 1 and random number R 2 ';
(6) wait for the confirmation setting up secure connection between intelligent cipher key equipment and terminal from user, and after receiving the confirmation information and the communication key using step (5) to produce the data produced in intelligent cipher key equipment and SS later communication process are encrypted.
5. data safe transmission method between bluetooth equipment according to claim 4, it is characterized in that, it is the Bluetooth pairing code by receiving user's input in step (1), and realize therebetween pairing with the mode that the Bluetooth pairing code of intelligent cipher key equipment stochastic generation is compared, in step (6), cryptographic algorithm during encryption is aes algorithm, DES algorithm, 3DES algorithm, SM1 algorithm or SM4 algorithm.
6. data safe transmission method between bluetooth equipment according to claim 4, it is characterized in that, after being also included in step (5), before step (6), receive the ciphertext C3 coming from intelligent cipher key equipment, key K ey is utilized to be decrypted the ciphertext C3 received, to generate secure link code, shown on a terminal screen, and the step pointing out user's comparison terminal whether consistent with the secure link code that intelligent cipher key equipment shows.
7. a data safe transmission method between bluetooth equipment, it is applied in intelligent cipher key equipment, and this intelligent cipher key equipment is connected with terminal called, it is characterized in that, said method comprising the steps of:
(1) open Bluetooth function, enter discoverable mode;
(2) wait for that terminal is opened Bluetooth function and searches for this intelligent cipher key equipment, match with this terminal, to set up communication link therebetween;
(3) the ciphertext C1 that sends of receiving terminal, this ciphertext C1 is that the intelligent cipher key equipment PKI PUBKey_K that terminal utilizes it built-in is encrypted rear produced to the random number R 1 himself generated;
(4) the private key PRIKey_K utilizing intelligent cipher key equipment built-in is decrypted the ciphertext C1 received, to obtain random number R 1 ', generate random number R 2 and R3 simultaneously, the terminal public key PUBKey_T utilizing intelligent cipher key equipment built-in is encrypted to obtain ciphertext C2 to random number R 2 and R3, and ciphertext C2 is sent to terminal;
(5) generation communication key is derived from according to random number R 1 ' and random number R 2;
(6) wait for the confirmation setting up secure connection between intelligent cipher key equipment and terminal from user, and after receiving the confirmation information and the communication key using step (5) to produce the data produced in intelligent cipher key equipment and SS later communication process are encrypted;
(7) wait for that the communication next time between terminal and intelligent cipher key equipment is opened, the ciphertext C4 that receiving terminal is sent;
(8) the private key PRIKey_K utilizing intelligent cipher key equipment built-in is decrypted the ciphertext C4 received, to obtain R3 " and R4 '; judge R3 " whether identical with random number R 3, if the same random number R 5 and random number R 6 is generated, the terminal public key PUBKey_T utilizing it built-in is encrypted with generating ciphertext C5 to R5 and R6, and ciphertext C5 is sent to terminal, then enter step (9), else process terminates;
(9) generation communication key is derived from according to random number R 4 ' and random number R 5;
(10) communication key using step (9) to produce is encrypted the data produced in intelligent cipher key equipment and SS later communication process.
8. data safe transmission method between bluetooth equipment according to claim 7, it is characterized in that, step (1) also comprises stochastic generation Bluetooth pairing code, and Bluetooth pairing code is presented on the screen of intelligent cipher key equipment, the cryptographic algorithm adopted during encryption in step (3), step (4) and step (8) is SM2 algorithm, ECIES algorithm or RSA Algorithm, and cryptographic algorithm when encrypting in step (6) and step (10) is aes algorithm, DES algorithm, 3DES algorithm, SM1 algorithm or SM4 algorithm.
9. data safe transmission method between bluetooth equipment according to claim 7, it is characterized in that, after being also included in step (5), before step (6), stochastic generation secure link code, secure link code is presented on screen, wait for that user confirms, the key K ey utilizing step (5) to produce is encrypted secure link code with generating ciphertext C3, and the ciphertext C3 after encryption is sent to the step of terminal.
10. a data safe transmission method between bluetooth equipment, it applies in the terminal, and this terminal is connected with intelligent cipher key equipment communication, it is characterized in that, said method comprising the steps of:
(1) open Bluetooth function, search intelligent cipher key equipment, matches with this intelligent cipher key equipment, to set up communication link therebetween;
(2) generate random number R 1, utilize the intelligent cipher key equipment PKI PUBKey_K of terminal built-in to be encrypted random number R 1, to produce ciphertext C1, and ciphertext C1 is sent to intelligent cipher key equipment;
(3) receive from the ciphertext C2 of intelligent cipher key equipment, this ciphertext C2 random number R 2 that to be the intelligent cipher key equipment terminal public key PUBKey_T that utilizes it built-in generate intelligent cipher key equipment and random number R 3 are encrypted rear obtained;
(4) built-in private key PRIKey_T is utilized to be decrypted the ciphertext C2 received, to obtain random number R 2 ' and R3 ';
(5) generation communication key is derived from according to random number R 1 and random number R 2 ';
(6) wait for the confirmation setting up secure connection between intelligent cipher key equipment and terminal from user, and after receiving the confirmation information and the communication key using step (5) to produce the data produced in intelligent cipher key equipment and SS later communication process are encrypted;
(7) wait for that the communication next time between terminal and intelligent cipher key equipment is opened, generate random number R 4, and the intelligent cipher key equipment PKI PUBKey_K utilizing it built-in is encrypted R4 and R3 ', to obtain ciphertext C4, and ciphertext C4 is sent to intelligent cipher key equipment;
(8) receive and come from the ciphertext C5 of intelligent cipher key equipment, ciphertext C5 is that intelligent cipher key equipment passes through to generate random number R 5 and random number R 6 and the terminal public key PUBKey_T utilizing intelligent cipher key equipment built-in is encrypted generated to R5 and R6;
(9) the private key PRIKey_T of terminal built-in is utilized to be decrypted the ciphertext C5 received, to obtain random number R 5 ' and R6 ';
(10) generation communication key is derived from according to random number R 4 and random number R 4 ';
(11) communication key using step (10) to produce is encrypted the data produced in intelligent cipher key equipment and SS later communication process.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510996355.5A CN105407109A (en) | 2015-12-25 | 2015-12-25 | Data secure transmission method between Bluetooth devices |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510996355.5A CN105407109A (en) | 2015-12-25 | 2015-12-25 | Data secure transmission method between Bluetooth devices |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105407109A true CN105407109A (en) | 2016-03-16 |
Family
ID=55472360
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510996355.5A Pending CN105407109A (en) | 2015-12-25 | 2015-12-25 | Data secure transmission method between Bluetooth devices |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105407109A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106101097A (en) * | 2016-06-08 | 2016-11-09 | 美的集团股份有限公司 | Home appliance and with the communication system of Cloud Server and method, Cloud Server |
| CN107786579A (en) * | 2017-12-12 | 2018-03-09 | 特斯联(北京)科技有限公司 | A kind of safety communicating method being used between bluetooth equipment |
| WO2018120836A1 (en) * | 2016-12-30 | 2018-07-05 | 国民技术股份有限公司 | Terminal pairing method, device, and system, terminal, and computer readable storage medium |
| CN109041029A (en) * | 2018-08-27 | 2018-12-18 | 武汉市国扬科技集团有限公司 | A kind of blue-tooth intelligence electric control system |
| CN109362068A (en) * | 2018-10-24 | 2019-02-19 | 武汉市国扬科技集团有限公司 | A kind of intelligent energy-saving control method and device |
| CN109905869A (en) * | 2019-04-04 | 2019-06-18 | 苏州足加新能源科技有限公司 | Data transmission method between a kind of charging equipment and smart machine |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2004529595A (en) * | 2001-06-08 | 2004-09-24 | ノキア コーポレイション | Method, communication system and communication device for ensuring security of data transmission |
| US20070136587A1 (en) * | 2005-12-08 | 2007-06-14 | Freescale Semiconductor, Inc. | Method for device authentication |
| US20070177725A1 (en) * | 2004-12-31 | 2007-08-02 | Samsung Electronics Co., Ltd. | System and method for transmitting and receiving secret information, and wireless local communication device using the same |
| CN102983892A (en) * | 2012-11-19 | 2013-03-20 | 深圳市文鼎创数据科技有限公司 | Method and system for bluetooth pairing |
| CN104158567A (en) * | 2014-07-25 | 2014-11-19 | 天地融科技股份有限公司 | Pairing method and system and data interaction method and system for Bluetooth equipment |
| CN104219054A (en) * | 2014-09-04 | 2014-12-17 | 天津大学 | NFC (near field communication)-based point-to-point data transmission method |
| CN104301115A (en) * | 2014-10-22 | 2015-01-21 | 浪潮软件集团有限公司 | Mobile phone and Bluetooth key signature verification ciphertext communication method |
-
2015
- 2015-12-25 CN CN201510996355.5A patent/CN105407109A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2004529595A (en) * | 2001-06-08 | 2004-09-24 | ノキア コーポレイション | Method, communication system and communication device for ensuring security of data transmission |
| US20070177725A1 (en) * | 2004-12-31 | 2007-08-02 | Samsung Electronics Co., Ltd. | System and method for transmitting and receiving secret information, and wireless local communication device using the same |
| US20070136587A1 (en) * | 2005-12-08 | 2007-06-14 | Freescale Semiconductor, Inc. | Method for device authentication |
| CN102983892A (en) * | 2012-11-19 | 2013-03-20 | 深圳市文鼎创数据科技有限公司 | Method and system for bluetooth pairing |
| CN104158567A (en) * | 2014-07-25 | 2014-11-19 | 天地融科技股份有限公司 | Pairing method and system and data interaction method and system for Bluetooth equipment |
| CN104219054A (en) * | 2014-09-04 | 2014-12-17 | 天津大学 | NFC (near field communication)-based point-to-point data transmission method |
| CN104301115A (en) * | 2014-10-22 | 2015-01-21 | 浪潮软件集团有限公司 | Mobile phone and Bluetooth key signature verification ciphertext communication method |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106101097A (en) * | 2016-06-08 | 2016-11-09 | 美的集团股份有限公司 | Home appliance and with the communication system of Cloud Server and method, Cloud Server |
| WO2018120836A1 (en) * | 2016-12-30 | 2018-07-05 | 国民技术股份有限公司 | Terminal pairing method, device, and system, terminal, and computer readable storage medium |
| CN108270554A (en) * | 2016-12-30 | 2018-07-10 | 国民技术股份有限公司 | A kind of terminal matching method and system |
| CN107786579A (en) * | 2017-12-12 | 2018-03-09 | 特斯联(北京)科技有限公司 | A kind of safety communicating method being used between bluetooth equipment |
| CN109041029A (en) * | 2018-08-27 | 2018-12-18 | 武汉市国扬科技集团有限公司 | A kind of blue-tooth intelligence electric control system |
| CN109362068A (en) * | 2018-10-24 | 2019-02-19 | 武汉市国扬科技集团有限公司 | A kind of intelligent energy-saving control method and device |
| CN109362068B (en) * | 2018-10-24 | 2021-09-07 | 武汉市国扬科技集团有限公司 | Intelligent power-saving control method and device |
| CN109905869A (en) * | 2019-04-04 | 2019-06-18 | 苏州足加新能源科技有限公司 | Data transmission method between a kind of charging equipment and smart machine |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US12089178B2 (en) | Methods and architectures for secure ranging | |
| US10567428B2 (en) | Secure wireless ranging | |
| CN105407109A (en) | Data secure transmission method between Bluetooth devices | |
| JP4545197B2 (en) | Wireless network system and communication method using the same | |
| US8429405B2 (en) | System and method for human assisted secure information exchange | |
| TW201701599A (en) | Wireless communication | |
| CN108762791A (en) | Firmware upgrade method and device | |
| CN101771992B (en) | Method, equipment and system for protection of confidentiality of international mobile subscriber identifier IMSI | |
| CN103415008A (en) | Encryption communication method and encryption communication system | |
| CN101707767B (en) | Data transmission method and devices | |
| CN105208028A (en) | Data transmission method and related device and equipment | |
| CN105025472B (en) | A kind of WIFI access points enciphering hiding and the method and its system of discovery | |
| JP2016519873A (en) | Establishing secure voice communication using a generic bootstrapping architecture | |
| CN106471831B (en) | The method of configuration, the device of configuration and equipment | |
| CN108092958A (en) | Information authentication method, device, computer equipment and storage medium | |
| KR20180096189A (en) | LPWA Module performing Encrypted Communication and method thereof | |
| CN110212991B (en) | Quantum wireless network communication system | |
| Diallo et al. | A secure authentication scheme for bluetooth connection | |
| CN106789000A (en) | A kind of secret phone system and method based on TEE technologies and wearable device | |
| CN111788836B (en) | Data transmission method and BLE equipment | |
| CN106209384B (en) | Use the client terminal of security mechanism and the communication authentication method of charging unit | |
| CN1661954B (en) | Method of generating a cryptosynchronism | |
| CN105827601A (en) | Data encryption application method and system of mobile device | |
| JP2005323149A (en) | Wireless communication system | |
| WO2009004411A1 (en) | Communication device with secure storage of user data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160316 |