CN105763325A - Encryption authentication method and device - Google Patents
Encryption authentication method and device Download PDFInfo
- Publication number
- CN105763325A CN105763325A CN201610306292.0A CN201610306292A CN105763325A CN 105763325 A CN105763325 A CN 105763325A CN 201610306292 A CN201610306292 A CN 201610306292A CN 105763325 A CN105763325 A CN 105763325A
- Authority
- CN
- China
- Prior art keywords
- mobile terminal
- information
- smart card
- dialog box
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 52
- 230000005540 biological transmission Effects 0.000 claims abstract description 26
- 230000006870 function Effects 0.000 description 5
- 230000002452 interceptive effect Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 238000010168 coupling process Methods 0.000 description 3
- 238000005859 coupling reaction Methods 0.000 description 3
- 230000008878 coupling Effects 0.000 description 2
- 238000012790 confirmation Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
- Telephonic Communication Services (AREA)
Abstract
The embodiment of the invention provides an encryption authentication method and device.The method includes the steps that a smart card generates a private key and a public key; the smart card sends the public key to a server through a mobile terminal so that the server can encrypt information to be sent through the public key to generate encrypted information; the smart card receives the encrypted information sent by the server and decrypts the encrypted information through the private key to obtain decrypted information.According to the encryption authentication method and device, the smart card generates the private key and the public key and sends the public key to the server, the server encrypts the information to be sent through the public key and sends the encrypted information to the smart card, and the smart card decrypts the encrypted information through the generated private key; as the private key is stored in the smart card, only the smart card can decrypt the decrypted information successfully, it is avoided that the encrypted information sent to the smart card by the server is decrypted by other devices in the transmission process, and thus the reliability of data transmission is improved.
Description
Technical field
The present embodiments relate to communication technical field, particularly relate to a kind of encryption and authentication method and device.
Background technology
Along with the development of intelligent terminal, user accesses network by intelligent terminal, and obtains information from network, has become as information acquiring pattern indispensable in people's daily life.
In prior art, user is provided with multiple application program intelligent terminal, accesses, by application program, the server that this application program is corresponding, and obtains the information needed for this user from server.Due to network security problem, cause that the data that server is sent to intelligent terminal were likely to be trapped before arriving intelligent terminal, or intelligent terminal is sent to the data of server and was likely to be trapped before arriving server, thus reducing the reliability of data transmission.
Summary of the invention
The embodiment of the present invention provides a kind of encryption and authentication method and device, to improve the reliability of data transmission.
One aspect of the embodiment of the present invention is to provide a kind of encryption and authentication method, including:
Smart card generates private key and PKI;
Described PKI is sent to server by mobile terminal by described smart card, so that described server generates according to the information that described public key encryption is to be sent adds confidential information;
Described smart card receives and adds confidential information described in the transmission of described server, and deciphers described encryption information acquisition decryption information according to described private key.
Another aspect of the embodiment of the present invention is to provide a kind of encryption certification device, including:
Generation module, is used for generating private key and PKI;
Sending module, for being sent to server by mobile terminal by described PKI, so that described server generates according to the information that described public key encryption is to be sent adds confidential information;
Receiver module, adds confidential information for receiving, and deciphers described encryption information acquisition decryption information according to described private key described in the transmission of described server.
The encryption and authentication method of embodiment of the present invention offer and device, private key and PKI is generated by smart card, PKI is sent to server, the information that server foundation public key encryption is to be sent, and confidential information will be added be sent to smart card, smart card is deciphered this according to the private key of its generation and is added confidential information, owing in smart card, storage has private key, only smart card can carry out successful decryption to adding confidential information, avoid the confidential information that adds that server sends to smart card to be deciphered by other equipment in transmitting procedure, improve the reliability of data transmission.
Accompanying drawing explanation
The encryption and authentication method flow chart that Fig. 1 provides for the embodiment of the present invention;
The encryption and authentication method flow chart that Fig. 2 provides for another embodiment of the present invention;
The encryption and authentication method flow chart that Fig. 3 provides for another embodiment of the present invention;
The encryption and authentication method flow chart that Fig. 4 provides for another embodiment of the present invention;
The encryption and authentication method flow chart that Fig. 5 provides for another embodiment of the present invention;
The encryption and authentication method flow chart that Fig. 6 provides for another embodiment of the present invention;
The structure chart of the encryption certification device that Fig. 7 provides for the embodiment of the present invention;
The structure chart of the encryption certification device that Fig. 8 provides for another embodiment of the present invention.
Detailed description of the invention
The encryption and authentication method flow chart that Fig. 1 provides for the embodiment of the present invention.The embodiment of the present invention is in prior art, and user is provided with multiple application program intelligent terminal, accesses, by application program, the server that this application program is corresponding, and obtains the information needed for this user from server.Due to network security problem, cause that the data that server is sent to intelligent terminal were likely to be trapped before arriving intelligent terminal, or intelligent terminal is sent to the data of server and was likely to be trapped before arriving server, thus reducing the reliability of data transmission, providing encryption and authentication method, the method specifically comprises the following steps that
Step S101, smart card generate private key and PKI;
In embodiments of the present invention, smart card is installed in the terminal, it is mutual that mobile terminal and server carry out information, in order to ensure the reliability of interactive information between mobile terminal and server, smart card generates a pair private key and PKI by asymmetric key schedule, the effect of PKI and private key is: can only decipher with private key by the content of public key encryption, can only use public key decryptions by the content of encrypted private key.
Described PKI is sent to server by mobile terminal by step S102, described smart card, so that described server generates according to the information that described public key encryption is to be sent adds confidential information.
The PKI of its generation is put in the certificate by described smart card, and this certificate includes identification information and the PKI of smart card, and certificate is able to demonstrate that this PKI is authentic and valid.The certificate including PKI is sent to server by mobile terminal by described smart card.Private key preserves within a smart card.
When server has information to be sent to be sent to mobile terminal, such as, server forwards other mobile terminals to mail to the short message content of this mobile terminal, or other mobile terminals pass through this mobile terminal of server call, or the webpage on this mobile terminal accessing server, server all needs corresponding information on services is sent to mobile terminal, and specifically, server is encrypted generation according to PKI to sent information and adds confidential information.
Step S103, described smart card receive and add confidential information described in the transmission of described server, and decipher described encryption information acquisition decryption information according to described private key;
Server will add confidential information and be sent to mobile terminal, and this is added confidential information and is sent to smart card by mobile terminal, and this is added confidential information according to the private key of its preservation and is decrypted acquisition decryption information by smart card.
The embodiment of the present invention generates private key and PKI by smart card, PKI is sent to server, the information that server foundation public key encryption is to be sent, and confidential information will be added be sent to smart card, smart card is deciphered this according to the private key of its generation and is added confidential information, and owing in smart card, storage has private key, only smart card can carry out successful decryption to adding confidential information, avoid the confidential information that adds that server sends to smart card to be deciphered by other equipment in transmitting procedure, improve the reliability of data transmission.
The encryption and authentication method flow chart that Fig. 2 provides for another embodiment of the present invention.On the basis of embodiment corresponding for Fig. 1, the method specifically comprises the following steps that
Step S201, smart card generate private key and PKI;
Described PKI is sent to server by mobile terminal by step S202, described smart card, so that described server generates according to the information that described public key encryption is to be sent adds confidential information.
Step S203, described smart card receive and add confidential information described in the transmission of described server, and decipher described encryption information acquisition decryption information according to described private key;
Step S201-step S203 is consistent with step S101-step S103 respectively, and concrete grammar repeats no more herein.
Step S204, described smart card interact according to described decryption information and described mobile terminal.
In embodiments of the present invention, active machine card can be carried out mutual between described smart card and mobile terminal, described smart card can send information content to mobile terminal, so that mobile terminal shows this information content, described smart card can also send operational order to mobile terminal, so that described mobile terminal performs this operational order.The information that in above-mentioned steps, server is to be sent includes information content and operational order, then the decryption information after deciphering includes information content and operational order.
In the embodiment of the present invention, smart card interacts according to decryption information and mobile terminal, the information content in mobile terminal display decryption information, and performs the operational order in decryption information, enriches the interactive mode of smart card and mobile terminal.
The encryption and authentication method flow chart that Fig. 3 provides for another embodiment of the present invention.On the basis of embodiment corresponding for Fig. 2, the method specifically comprises the following steps that
Step S301, smart card generate private key and PKI;
Described PKI is sent to server by mobile terminal by step S302, described smart card, so that described server generates according to the information that described public key encryption is to be sent adds confidential information.
Step S303, described smart card receive and add confidential information described in the transmission of described server, and decipher described encryption information acquisition decryption information according to described private key;
Step S301-step S303 is consistent with step S101-step S103 respectively, and concrete grammar repeats no more herein.
Step S304, described smart card send dialog box eject command to described mobile terminal, so that described mobile terminal pop-up dialogue box, described dialog box shows described short message content.
In embodiments of the present invention, described decryption information includes information content and operational order, and described information content includes short message content, and described operational order includes dialog box eject command.Such as, server forwards other mobile terminals to mail to the short message content of this mobile terminal, short message content and dialog box eject command are encrypted generation and add confidential information by server, smart card is to adding acquisition decryption information after confidential information is decrypted, accordingly, decryption information includes short message content and dialog box eject command.
Dialog box eject command is sent to mobile terminal by smart card, mobile terminal is according to this words frame eject command pop-up dialogue box, information content in decryption information is specially short message content and is sent to mobile terminal by smart card, and short message content is shown in the dialog box of ejection by mobile terminal.
Step S305, described smart card send message reply order to described mobile terminal, so that described mobile terminal generates the user interface for user's answer short message according to described message reply order.
In embodiments of the present invention, described operational order also includes message reply order.Such as, server requirement receives the mobile terminal mobile terminal answer short message to transmission note of note, then server also can send message reply order to smart card, and this message reply order is encrypted generation by server with the short message content in step S304 together with dialog box eject command and adds confidential information.
After step S304 performs, described smart card sends message reply order to described mobile terminal further, described mobile terminal generates user interface according to described message reply order, whether user interface prompt user confirms answer short message, if user clicks confirmation, then mobile terminal shows input frame in user interface, in order to user inputs the short message content of reply in input frame.
The mode that when embodiment of the present invention achieves short message interacting, smart card and mobile terminal interact.
The encryption and authentication method flow chart that Fig. 4 provides for another embodiment of the present invention.On the basis of embodiment corresponding for Fig. 2, the method specifically comprises the following steps that
Step S401, smart card generate private key and PKI;
Described PKI is sent to server by mobile terminal by step S402, described smart card, so that described server generates according to the information that described public key encryption is to be sent adds confidential information.
Step S403, described smart card receive and add confidential information described in the transmission of described server, and decipher described encryption information acquisition decryption information according to described private key;
Step S401-step S403 is consistent with step S101-step S103 respectively, and concrete grammar repeats no more herein.
Step S404, described smart card send dialog box eject command to described mobile terminal, so that described mobile terminal pop-up dialogue box, described dialog box shows described website information;
In embodiments of the present invention, described information content includes website information, and described operational order includes dialog box eject command and webpage opens order.Such as, server pushes info web to smart card, so that user checks web page contents by mobile terminal, then website information corresponding for webpage, dialog box eject command and webpage are opened order and are encrypted generation and add confidential information by server, and will add confidential information and be sent to smart card.
Smart card is decrypted acquisition decryption information to adding confidential information, accordingly, decryption information includes website information, dialog box eject command and webpage and opens order, described smart card sends dialog box eject command to described mobile terminal, so that described mobile terminal pop-up dialogue box, and website information is shown in the dialog box of ejection.
Step S405, described smart card send webpage to described mobile terminal and open order, so that described mobile terminal opens command calls web browser according to described webpage opens the webpage that described website information is corresponding.
It addition, described smart card also sends webpage to described mobile terminal opens order, described mobile terminal is opened command calls web browser according to described webpage and is opened the webpage that described website information is corresponding.
The mode that when embodiment of the present invention achieves web page browsing, smart card and mobile terminal interact.
The encryption and authentication method flow chart that Fig. 5 provides for another embodiment of the present invention.On the basis of embodiment corresponding for Fig. 2, the method specifically comprises the following steps that
Step S501, smart card generate private key and PKI;
Described PKI is sent to server by mobile terminal by step S502, described smart card, so that described server generates according to the information that described public key encryption is to be sent adds confidential information.
Step S503, described smart card receive and add confidential information described in the transmission of described server, and decipher described encryption information acquisition decryption information according to described private key;
Step S501-step S503 is consistent with step S101-step S103 respectively, and concrete grammar repeats no more herein.
Step S504, described smart card send dialog box eject command to described mobile terminal, so that described mobile terminal pop-up dialogue box, described dialog box shows described telephone number;
In present example, described information content includes telephone number, and described operational order includes dialog box eject command and telephone call order.Such as, calling terminal passes through this mobile terminal of server call, its telephone number is sent to server by calling terminal, and the telephone number of calling terminal, dialog box eject command are encrypted generation together with telephone call order and added confidential information by server, and will add confidential information and be sent to smart card.
This is added confidential information and is decrypted generation decryption information by smart card, and accordingly, decryption information includes the telephone number of calling terminal, dialog box eject command and telephone call order.Described smart card sends dialog box eject command to described mobile terminal, and described mobile terminal pop-up dialogue box, described dialog box shows described telephone number.
Step S505, described smart card send telephone call order to described mobile terminal, so that described mobile terminal dials described telephone number according to described telephone call order.
It addition, smart card also sends telephone call order to described mobile terminal, described mobile terminal dials described telephone number calling calling terminal according to described telephone call order.
The mode that when embodiment of the present invention achieves call, smart card and mobile terminal interact.
The encryption and authentication method flow chart that Fig. 6 provides for another embodiment of the present invention.The embodiment of the present invention can based on any one embodiment above-mentioned, it is preferred that based on the embodiment that Fig. 1 is corresponding, the method specifically comprises the following steps that
Step S601, smart card generate private key and PKI;
Described PKI is sent to server by mobile terminal by step S602, described smart card, so that described server generates according to the information that described public key encryption is to be sent adds confidential information;
Step S603, described smart card receive and add confidential information, digital signature described in described smart card authentication described in the transmission of described server, and decipher described encryption information acquisition decryption information according to described private key;
In embodiments of the present invention, described encrypted message packet draws together digital signature.Server generates after adding confidential information, also it is digitally signed adding confidential information, accordingly, smart card receives after this adds confidential information, the digital signature added in confidential information is verified, after being verified, it is decrypted acquisition decryption information to adding confidential information, and interact according to described decryption information and described mobile terminal, concrete exchange method and the process method corresponding with Fig. 3, Fig. 4, Fig. 5 and process are consistent, repeat no more herein.
The embodiment of the present invention is digitally signed adding confidential information by server, and smart card adds the authenticity and integrity of confidential information by digital signature authentication, further increases the reliability of data transmission.
The structure chart of the encryption certification device that Fig. 7 provides for the embodiment of the present invention.The encryption certification device that the embodiment of the present invention provides can perform the handling process that encryption and authentication method embodiment provides, as shown in Figure 7, encryption certification device 70 includes generation module 71, sending module 72 and receiver module 73, and wherein, generation module 71 is used for generating private key and PKI;Sending module 72 is for being sent to server by mobile terminal by described PKI, so that described server generates according to the information that described public key encryption is to be sent adds confidential information;Receiver module 73 adds confidential information for receiving described in the transmission of described server, and deciphers described encryption information acquisition decryption information according to described private key.
The encryption certification device that the embodiment of the present invention provides can specifically for performing above-mentioned Fig. 1 embodiment of the method provided, and concrete function repeats no more herein.
The embodiment of the present invention generates private key and PKI by smart card, PKI is sent to server, the information that server foundation public key encryption is to be sent, and confidential information will be added be sent to smart card, smart card is deciphered this according to the private key of its generation and is added confidential information, and owing in smart card, storage has private key, only smart card can carry out successful decryption to adding confidential information, avoid the confidential information that adds that server sends to smart card to be deciphered by other equipment in transmitting procedure, improve the reliability of data transmission.
The structure chart of the encryption certification device that Fig. 8 provides for another embodiment of the present invention.On the basis of above-described embodiment, described decryption information includes information content and operational order;Sending module 72 is additionally operable to interact according to described decryption information and described mobile terminal.
Optionally, described information content includes short message content, and described operational order includes dialog box eject command;Sending module 72 is specifically for sending dialog box eject command to described mobile terminal, so that described mobile terminal pop-up dialogue box, described dialog box shows described short message content.
Optionally, described operational order also includes message reply order;Described sending module 72 is additionally operable to send message reply order to described mobile terminal, so that described mobile terminal generates the user interface for user's answer short message according to described message reply order.
Optionally, described information content includes website information, and described operational order includes dialog box eject command and webpage opens order;Described sending module 72 is specifically for sending dialog box eject command to described mobile terminal, so that described mobile terminal pop-up dialogue box, described dialog box shows described website information;Send webpage to described mobile terminal and open order, so that described mobile terminal opens command calls web browser according to described webpage opens the webpage that described website information is corresponding.
Optionally, described information content includes telephone number, and described operational order includes dialog box eject command and telephone call order;Described sending module 72 is specifically for sending dialog box eject command to described mobile terminal, so that described mobile terminal pop-up dialogue box, described dialog box shows described telephone number;Telephone call order is sent, so that described mobile terminal dials described telephone number according to described telephone call order to described mobile terminal.
Optionally, described encrypted message packet draws together digital signature;Described encryption certification device 70 also includes authentication module 74, is used for verifying described digital signature.
The encryption certification device that the embodiment of the present invention provides can specifically for performing above-mentioned Fig. 2-6 embodiment of the method provided, and concrete function repeats no more herein.
In the embodiment of the present invention, smart card interacts according to decryption information and mobile terminal, the information content in mobile terminal display decryption information, and performs the operational order in decryption information, enriches the interactive mode of smart card and mobile terminal;The mode that when achieving short message interacting, smart card and mobile terminal interact;The mode that when achieving web page browsing, smart card and mobile terminal interact;The mode that when achieving call, smart card and mobile terminal interact;Being digitally signed adding confidential information by server, smart card adds the authenticity and integrity of confidential information by digital signature authentication, further increases the reliability of data transmission.
In sum, the embodiment of the present invention generates private key and PKI by smart card, PKI is sent to server, server is according to public key encryption information to be sent, and will add confidential information and be sent to smart card, and smart card is deciphered this according to the private key of its generation and added confidential information, owing in smart card, storage has private key, only smart card can carry out successful decryption to adding confidential information, it is to avoid the confidential information that adds that server sends to smart card is deciphered by other equipment in transmitting procedure, improves the reliability of data transmission;In the embodiment of the present invention, smart card interacts according to decryption information and mobile terminal, the information content in mobile terminal display decryption information, and performs the operational order in decryption information, enriches the interactive mode of smart card and mobile terminal;The mode that when achieving short message interacting, smart card and mobile terminal interact;The mode that when achieving web page browsing, smart card and mobile terminal interact;The mode that when achieving call, smart card and mobile terminal interact;Being digitally signed adding confidential information by server, smart card adds the authenticity and integrity of confidential information by digital signature authentication, further increases the reliability of data transmission.
In several embodiments provided by the present invention, it should be understood that disclosed apparatus and method, it is possible to realize by another way.Such as, device embodiment described above is merely schematic, such as, the division of described unit, being only a kind of logic function to divide, actual can have other dividing mode when realizing, for instance multiple unit or assembly can in conjunction with or be desirably integrated into another system, or some features can ignore, or do not perform.Another point, shown or discussed coupling each other or direct-coupling or communication connection can be through INDIRECT COUPLING or the communication connection of some interfaces, device or unit, it is possible to be electrical, machinery or other form.
The described unit illustrated as separating component can be or may not be physically separate, and the parts shown as unit can be or may not be physical location, namely may be located at a place, or can also be distributed on multiple NE.Some or all of unit therein can be selected according to the actual needs to realize the purpose of the present embodiment scheme.
It addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, it is also possible to be that unit is individually physically present, it is also possible to two or more unit are integrated in a unit.Above-mentioned integrated unit both can adopt the form of hardware to realize, it would however also be possible to employ hardware adds the form of SFU software functional unit and realizes.
The above-mentioned integrated unit realized with the form of SFU software functional unit, it is possible to be stored in a computer read/write memory medium.Above-mentioned SFU software functional unit is stored in a storage medium, including some instructions with so that a computer equipment (can be personal computer, server, or the network equipment etc.) or processor (processor) perform the part steps of method described in each embodiment of the present invention.And aforesaid storage medium includes: USB flash disk, portable hard drive, read only memory (Read-OnlyMemory, ROM), the various media that can store program code such as random access memory (RandomAccessMemory, RAM), magnetic disc or CD.
Those skilled in the art are it can be understood that arrive, for convenience and simplicity of description, only it is illustrated with the division of above-mentioned each functional module, in practical application, as desired above-mentioned functions distribution can be completed by different functional modules, it is divided into different functional modules, to complete all or part of function described above by the internal structure of device.The specific works process of the device of foregoing description, it is possible to reference to the corresponding process in preceding method embodiment, do not repeat them here.
Last it is noted that various embodiments above is only in order to illustrate technical scheme, it is not intended to limit;Although the present invention being described in detail with reference to foregoing embodiments, it will be understood by those within the art that: the technical scheme described in foregoing embodiments still can be modified by it, or wherein some or all of technical characteristic is carried out equivalent replacement;And these amendments or replacement, do not make the essence of appropriate technical solution depart from the scope of various embodiments of the present invention technical scheme.
Claims (14)
1. an encryption and authentication method, it is characterised in that including:
Smart card generates private key and PKI;
Described PKI is sent to server by mobile terminal by described smart card, so that described server generates according to the information that described public key encryption is to be sent adds confidential information;
Described smart card receives and adds confidential information described in the transmission of described server, and deciphers described encryption information acquisition decryption information according to described private key.
2. method according to claim 1, it is characterised in that described decryption information includes information content and operational order;
Described smart card receives and adds confidential information described in the transmission of described server, and according to, after the described private key described encryption information acquisition decryption information of deciphering, also including:
Described smart card interacts according to described decryption information and described mobile terminal.
3. method according to claim 2, it is characterised in that described information content includes short message content, and described operational order includes dialog box eject command;
Described smart card interacts according to described decryption information and described mobile terminal, including:
Described smart card sends dialog box eject command to described mobile terminal, so that described mobile terminal pop-up dialogue box, described dialog box shows described short message content.
4. method according to claim 3, it is characterised in that described operational order also includes message reply order;
Described smart card sends after dialog box eject command to described mobile terminal, also includes:
Described smart card sends message reply order to described mobile terminal, so that described mobile terminal generates the user interface for user's answer short message according to described message reply order.
5. method according to claim 2, it is characterised in that described information content includes website information, and described operational order includes dialog box eject command and webpage opens order;
Described smart card interacts according to described decryption information and described mobile terminal, including:
Described smart card sends dialog box eject command to described mobile terminal, so that described mobile terminal pop-up dialogue box, described dialog box shows described website information;
Described smart card sends webpage to described mobile terminal and opens order, so that described mobile terminal opens command calls web browser according to described webpage opens the webpage that described website information is corresponding.
6. method according to claim 2, it is characterised in that described information content includes telephone number, described operational order includes dialog box eject command and telephone call order;
Described smart card interacts according to described decryption information and described mobile terminal, including:
Described smart card sends dialog box eject command to described mobile terminal, so that described mobile terminal pop-up dialogue box, described dialog box shows described telephone number;
Described smart card sends telephone call order to described mobile terminal, so that described mobile terminal dials described telephone number according to described telephone call order.
7. the method according to any one of claim 1-6, it is characterised in that described encrypted message packet draws together digital signature;
Described smart card receives after adding confidential information described in the transmission of described server, also includes:
Digital signature described in described smart card authentication.
8. an encryption certification device, it is characterised in that including:
Generation module, is used for generating private key and PKI;
Sending module, for being sent to server by mobile terminal by described PKI, so that described server generates according to the information that described public key encryption is to be sent adds confidential information;
Receiver module, adds confidential information for receiving, and deciphers described encryption information acquisition decryption information according to described private key described in the transmission of described server.
9. encryption certification device according to claim 8, it is characterised in that described decryption information includes information content and operational order;
Described sending module is additionally operable to interact according to described decryption information and described mobile terminal.
10. encryption certification device according to claim 9, it is characterised in that described information content includes short message content, and described operational order includes dialog box eject command;
Described sending module is specifically for sending dialog box eject command to described mobile terminal, so that described mobile terminal pop-up dialogue box, described dialog box shows described short message content.
11. encryption certification device according to claim 10, it is characterised in that described operational order also includes message reply order;
Described sending module is additionally operable to send message reply order to described mobile terminal, so that described mobile terminal generates the user interface for user's answer short message according to described message reply order.
12. encryption certification device according to claim 9, it is characterised in that described information content includes website information, and described operational order includes dialog box eject command and webpage opens order;
Described sending module is specifically for sending dialog box eject command to described mobile terminal, so that described mobile terminal pop-up dialogue box, described dialog box shows described website information;Send webpage to described mobile terminal and open order, so that described mobile terminal opens command calls web browser according to described webpage opens the webpage that described website information is corresponding.
13. encryption certification device according to claim 9, it is characterised in that described information content includes telephone number, described operational order includes dialog box eject command and telephone call order;
Described sending module is specifically for sending dialog box eject command to described mobile terminal, so that described mobile terminal pop-up dialogue box, described dialog box shows described telephone number;Telephone call order is sent, so that described mobile terminal dials described telephone number according to described telephone call order to described mobile terminal.
14. the encryption certification device described in-13 any one according to Claim 8, it is characterised in that described encrypted message packet draws together digital signature;
Described encryption certification device also includes authentication module, is used for verifying described digital signature.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610306292.0A CN105763325A (en) | 2016-05-10 | 2016-05-10 | Encryption authentication method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610306292.0A CN105763325A (en) | 2016-05-10 | 2016-05-10 | Encryption authentication method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105763325A true CN105763325A (en) | 2016-07-13 |
Family
ID=56323829
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610306292.0A Pending CN105763325A (en) | 2016-05-10 | 2016-05-10 | Encryption authentication method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105763325A (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106445429A (en) * | 2016-11-23 | 2017-02-22 | 宜春小马快印科技有限公司 | Safe printing method and system |
| CN107566119A (en) * | 2017-09-28 | 2018-01-09 | 中国—东盟信息港股份有限公司 | A kind of guard method of eSIM cards data safety and system |
| CN108184230A (en) * | 2017-12-14 | 2018-06-19 | 中国—东盟信息港股份有限公司 | A kind of soft SIM realizes encrypted system and method |
| CN109547398A (en) * | 2017-09-22 | 2019-03-29 | 中国联合网络通信集团有限公司 | Authentication method and device based on smart card and terminal applies |
| CN110784320A (en) * | 2019-11-04 | 2020-02-11 | 张冰 | Distributed key implementation method and system and user identity management method and system |
| CN111181723A (en) * | 2019-09-09 | 2020-05-19 | 腾讯科技(深圳)有限公司 | Method and device for offline security authentication between Internet of things devices |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101765105A (en) * | 2009-12-17 | 2010-06-30 | 北京握奇数据系统有限公司 | Method for realizing communication encryption as well as system and mobile terminal therefor |
| CN102882685A (en) * | 2012-09-27 | 2013-01-16 | 东莞宇龙通信科技有限公司 | Identity authentication system and identity authentication method |
| CN104184892A (en) * | 2014-08-12 | 2014-12-03 | 桂林微网半导体有限责任公司 | Mobile terminal intelligent card based data transmission method and mobile terminal |
| US20150180847A1 (en) * | 2013-11-19 | 2015-06-25 | John A. Nix | Network Supporting Two-Factor Authentication for Modules with Embedded Universal Integrated Circuit Cards |
-
2016
- 2016-05-10 CN CN201610306292.0A patent/CN105763325A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101765105A (en) * | 2009-12-17 | 2010-06-30 | 北京握奇数据系统有限公司 | Method for realizing communication encryption as well as system and mobile terminal therefor |
| CN102882685A (en) * | 2012-09-27 | 2013-01-16 | 东莞宇龙通信科技有限公司 | Identity authentication system and identity authentication method |
| US20150180847A1 (en) * | 2013-11-19 | 2015-06-25 | John A. Nix | Network Supporting Two-Factor Authentication for Modules with Embedded Universal Integrated Circuit Cards |
| CN104184892A (en) * | 2014-08-12 | 2014-12-03 | 桂林微网半导体有限责任公司 | Mobile terminal intelligent card based data transmission method and mobile terminal |
Non-Patent Citations (1)
| Title |
|---|
| 贾铁军: "《网络安全技术及应用实践教程》", 31 January 2016 * |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106445429A (en) * | 2016-11-23 | 2017-02-22 | 宜春小马快印科技有限公司 | Safe printing method and system |
| CN109547398A (en) * | 2017-09-22 | 2019-03-29 | 中国联合网络通信集团有限公司 | Authentication method and device based on smart card and terminal applies |
| CN107566119A (en) * | 2017-09-28 | 2018-01-09 | 中国—东盟信息港股份有限公司 | A kind of guard method of eSIM cards data safety and system |
| CN108184230A (en) * | 2017-12-14 | 2018-06-19 | 中国—东盟信息港股份有限公司 | A kind of soft SIM realizes encrypted system and method |
| CN108184230B (en) * | 2017-12-14 | 2021-04-20 | 中国—东盟信息港股份有限公司 | System and method for realizing encryption of soft SIM |
| CN111181723A (en) * | 2019-09-09 | 2020-05-19 | 腾讯科技(深圳)有限公司 | Method and device for offline security authentication between Internet of things devices |
| CN111181723B (en) * | 2019-09-09 | 2021-10-15 | 腾讯科技(深圳)有限公司 | Method and device for offline security authentication between Internet of things devices |
| CN110784320A (en) * | 2019-11-04 | 2020-02-11 | 张冰 | Distributed key implementation method and system and user identity management method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105763325A (en) | Encryption authentication method and device | |
| EP2705725B1 (en) | Managing data for authentication devices | |
| US8499156B2 (en) | Method for implementing encryption and transmission of information and system thereof | |
| CN108924147B (en) | Communication terminal digital certificate issuing method, server and communication terminal | |
| CN109639828A (en) | Conversation message treating method and apparatus | |
| CN109345245B (en) | Short message verification method, device, network and storage medium based on block chain | |
| CN105722013A (en) | Bluetooth pairing method and device | |
| CN104917807A (en) | Resource transfer method, apparatus and system | |
| CN103186720B (en) | A kind of digital copyright management method, equipment and system | |
| WO2021120924A1 (en) | Method and device for certificate application | |
| CN113242134B (en) | Digital certificate signing method, device, system and storage medium | |
| CN107483429A (en) | A kind of data ciphering method and device | |
| CN101795315A (en) | System and method for encrypting short messages by using mobile phone terminal | |
| CN105743651B (en) | The card in chip secure domain is using method, apparatus and application terminal | |
| CN111431922A (en) | Internet of things data encryption transmission method and system | |
| CN104917718A (en) | Method and terminal for fast authentication of mobile terminal user and application server | |
| CN110300110A (en) | A kind of encryption and decryption control method, charging pile and charging equipment | |
| CN106656507A (en) | Method and device for electronic authentication based on mobile terminal | |
| CN109005187A (en) | A kind of communication information guard method and device | |
| CN105574429A (en) | File data encryption and decryption method and device and terminal | |
| CN103873245A (en) | Virtual machine system data encryption method and apparatus | |
| CN115378623B (en) | Identity authentication method, device, equipment and storage medium | |
| CN202918498U (en) | SIM card adapter, mobile terminal and digital signature authentication system | |
| CN102045670A (en) | Method, server and smart card for transmitting short message | |
| CN115567297A (en) | Cross-site request data processing method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 100033 21 Finance Street, Xicheng District, Beijing. Applicant after: China United Network Telecommunication Group Co., Ltd. Applicant after: Unicom online Mdt InfoTech Ltd Address before: 100033 21 Finance Street, Xicheng District, Beijing. Applicant before: China United Network Telecommunication Group Co., Ltd. Applicant before: Unicom Broad Band Online Co., Ltd |
|
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160713 |