CN105978693A - Terminal association method and system - Google Patents

Terminal association method and system Download PDF

Info

Publication number
CN105978693A
CN105978693A CN201610245339.7A CN201610245339A CN105978693A CN 105978693 A CN105978693 A CN 105978693A CN 201610245339 A CN201610245339 A CN 201610245339A CN 105978693 A CN105978693 A CN 105978693A
Authority
CN
China
Prior art keywords
digital signature
information
generating
public key
terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610245339.7A
Other languages
Chinese (zh)
Other versions
CN105978693B (en
Inventor
祝芳浩
刘昱东
刘鸿杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Qiku Internet Technology Shenzhen Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Qiku Internet Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd, Qiku Internet Technology Shenzhen Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201610245339.7A priority Critical patent/CN105978693B/en
Publication of CN105978693A publication Critical patent/CN105978693A/en
Application granted granted Critical
Publication of CN105978693B publication Critical patent/CN105978693B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Computer And Data Communications (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a terminal association method and system. The terminal association method comprises the steps that a public key, a private key and a first digital signature are generated, and the public key and the first digital signature are sent to an auxiliary terminal; the auxiliary terminal acquires the public key and the first digital signature; the auxiliary terminal generates a second digital signature through the public key and the first digital signature, then generates test information according to encrypted information and the second digital signature and transmits the test information to a main terminal according to a preset communication protocol; and the main terminal receives the test information, then splices extracted abstract information and the first digital signature so as to generate a third digital signature, and finally compares the second digital signature and the third digital signature. According to the terminal association method and system disclosed by the invention, the security is improved through fusing the message content into the digital signature, thereby avoiding human risks, and facilitating free association of terminals.

Description

Terminal association method and system
Technical Field
The present invention relates to the field of electrical communications, and in particular, to a method and system for associating terminals.
Background
With the continuous coming of the internet of things era, interconnection and intercommunication among terminals are more and more frequent. For example, in the aspect of smart home, a home life centering on a smart phone gradually grows into a new fashionable life style, and people are not enjoying convenient life brought by the internet of things all the time. However, as more and more devices exchange data with each other, this increases the risk of data exchange to some extent, such as tampering, hacking, etc. of the information often encountered.
At present, the association mode for the terminal is mainly an asymmetric encryption algorithm, a message sender constructs a key pair and publishes a public key to a message receiver, the message sender signs data by using the private key of the message sender, the data and the signature form a message and sends the message to the message receiver, and the message receiver uses the public key for verification. However, this correlation method has a certain problem, and if a third party invades the system of the message receiver to replace the public key of the message sender with its own public key, and then pretends to be the message sender to send an instruction to the message receiver, this can easily cause the leakage of the message.
The existing solution to the above problem is to perform public key authentication, but the public key authentication introduces artificial control, which adds artificial risks, and is not convenient for free association of the terminal and expansion of the terminal device, and the user experience is also poor.
Disclosure of Invention
The present invention is directed to solving at least one of the problems set forth above and provides a method and system for terminal association.
In order to realize the purpose, the invention adopts the following technical scheme:
the first scheme is as follows:
a method for generating association information is provided, which comprises the following steps:
acquiring a public key and a first digital signature;
encrypting the generated original information into encrypted information through the public key;
generating abstract information of the encrypted information by adopting a Hash algorithm, splicing the abstract information and the first digital signature, and generating a second digital signature by adopting the Hash algorithm again;
and generating test information according to the encryption information and the second digital signature and transmitting the test information to the main terminal according to a preset communication protocol.
In the invention, the test information is short-distance test information which is transmitted to the main terminal according to a short-distance communication protocol.
In the invention, the test information is network test information which is transmitted to the main terminal according to a network communication protocol.
In the present invention, before the network test information is transmitted to the main terminal according to the network communication protocol, the method includes: responding to the network authentication request sent by the main terminal.
Scheme II:
there is provided an apparatus for generating association information, the apparatus comprising:
the acquisition module is used for acquiring a public key and a first digital signature;
the encryption module is used for encrypting the generated original information into encrypted information through the public key;
the signature module is used for generating summary information of the encrypted information by adopting a Hash algorithm, splicing the summary information and the first digital signature and generating a second digital signature by adopting the Hash algorithm again;
and the sharing module is used for generating test information according to the encryption information and the second digital signature and transmitting the test information to the main terminal according to a preset communication protocol.
In the present invention, the sharing module includes:
the short-distance testing unit is used for transmitting the testing information to the main terminal according to a short-distance communication protocol when the testing information is the short-distance testing information;
in the present invention, the sharing module includes:
and the network test unit is used for transmitting the test information to the main terminal according to a network communication protocol when the test information is the network test information.
In the present invention, the apparatus further comprises:
and the response unit is used for responding to the network verification request sent by the main terminal before the network test information is transmitted to the main terminal according to the network communication protocol.
According to the method and the device for generating the associated information, the digest information of the encrypted information is generated through the Hash algorithm, the generated digest information and the first digital signature are subjected to the Hash algorithm to generate the second digital signature, the content of the message to be sent is fused into the second digital signature, the traditional way of generating the associated information is improved, and the anti-intrusion performance is effectively improved.
The third scheme is as follows:
a method for verifying associated information is provided, comprising the steps of:
generating a public key, a private key and a first digital signature, and sending the public key and the first digital signature to a secondary terminal;
acquiring test information sent by the auxiliary terminal;
extracting encryption information and a second digital signature from the test information;
generating abstract information of the extracted encrypted information by adopting a Hash algorithm, splicing the abstract information and the first digital signature, and generating a third digital signature by adopting the Hash algorithm again;
and comparing the second digital signature with the third digital signature, and if the second digital signature is the same as the third digital signature, the association is successful.
In the present invention, the generating the public key, the private key, and the first digital signature includes:
acquiring a characteristic value of the auxiliary terminal;
and generating a public key, a private key and a first digital signature according to the characteristic value.
In the invention, the characteristic value of the auxiliary terminal is used for uniquely identifying the auxiliary terminal.
In the present invention, if they are the same, the successful association includes:
and when the test information is the short-distance test information, if the test information is the short-distance test information, the authentication is successful, and a network verification request is sent to the auxiliary terminal.
In the present invention, if they are the same, the successful association includes:
and when the test information is network test information, if the test information is the network test information, the association binding is successful.
And the scheme is as follows:
an apparatus for verifying associated information is provided, the apparatus comprising:
the generation sharing module is used for generating a public key, a private key and a first digital signature and sending the public key and the first digital signature to the auxiliary terminal;
the test acquisition module is used for acquiring test information;
the extraction module is used for extracting the encrypted information and the second digital signature from the test information;
the digital signature module is used for generating the extracted abstract information of the extracted encrypted information by adopting a Hash algorithm, then splicing the extracted abstract information and the first digital signature and generating a third digital signature by adopting the Hash algorithm again;
and the comparison module is used for comparing the second digital signature with the third digital signature, and if the second digital signature is the same as the third digital signature, the association is successful.
In the present invention, the generating a sharing module includes:
the characteristic acquisition unit is used for acquiring a characteristic value of the auxiliary terminal;
and the generating unit is used for generating a public key, a private key and a first digital signature according to the characteristic value.
In the invention, the characteristic value of the auxiliary terminal is used for uniquely identifying the auxiliary terminal.
In the present invention, the comparing module includes:
and the short-distance comparison unit is used for successfully authenticating if the test information is the short-distance test information and sending a network verification request to the auxiliary terminal.
In the present invention, the comparing module includes:
and the network comparison unit is used for successfully associating and binding if the test information is the network test information.
According to the method and the device for verifying the associated information, the third digital signature is generated again through the generated first digital signature and the received message content, and then the second digital signature and the third digital signature are compared for verification, so that the traditional method for verifying only according to the public key is improved, the complex problem caused by public key replacement is avoided, and the safety and the reliability are improved to a certain extent.
And a fifth scheme:
a method for associating terminals is provided, which comprises the following steps:
the master terminal generates a public key, a private key and a first digital signature and sends the public key and the first digital signature to the auxiliary terminal;
the secondary terminal acquires the public key and the first digital signature;
the auxiliary terminal encrypts generated original information into encrypted information through the public key, then generates summary information of the encrypted information by adopting a Hash algorithm, then splices the summary information and the first digital signature, generates a second digital signature through the Hash algorithm, and finally generates test information according to the encrypted information and the second digital signature and transmits the test information to the main terminal according to a preset communication protocol;
the main terminal receives the test information, firstly extracts the encrypted information and the second digital signature from the test information, then generates the extracted summary information of the extracted encrypted information by adopting a Hash algorithm, then splices the extracted summary information and the first digital signature and generates a third digital signature by adopting the Hash algorithm again, and finally compares the second digital signature with the third digital signature, if the two signatures are the same, the association is successful.
In the invention, the test information is short-distance test information which is transmitted to the main terminal according to a short-distance communication protocol.
In the invention, the test information is network test information which is transmitted to the main terminal according to a network communication protocol.
In the present invention, before the network test information is transmitted to the main terminal according to the network communication protocol, the method includes: responding to the network authentication request sent by the main terminal.
In the present invention, the generating of the public key, the private key and the first digital signature by the master terminal includes:
acquiring a characteristic value of the auxiliary terminal;
and generating a public key, a private key and a first digital signature according to the characteristic value.
In the invention, the characteristic value of the auxiliary terminal is used for uniquely identifying the auxiliary terminal.
In the present invention, if they are the same, the successful association includes:
when the test information is the short-distance test information, if the test information is the short-distance test information, the authentication is successful, and a network verification request is sent to the auxiliary terminal;
in the present invention, if they are the same, the successful association includes:
and when the test information is network test information, if the test information is the network test information, the association binding is successful.
Scheme six:
the terminal association system comprises at least one main terminal and at least one auxiliary terminal, wherein the main terminal is in communication connection with the auxiliary terminal; the main terminal comprises a public key unit and a verification unit, and the auxiliary terminal comprises an acquisition unit and a generation unit; wherein,
the public key unit is used for generating a public key, a private key and a first digital signature and sending the public key and the first digital signature to the auxiliary terminal;
an obtaining unit, configured to obtain the public key and the first digital signature;
the generating unit is used for firstly encrypting the generated original information into encrypted information through the public key, then generating summary information of the encrypted information by adopting a Hash algorithm, splicing the summary information and the first digital signature, then generating a second digital signature through the Hash algorithm, and finally transmitting the second digital signature to the main terminal according to the encrypted information and the second digital signature and a preset communication protocol;
the verification unit is used for receiving the test information, firstly extracting the encrypted information and the second digital signature from the test information, then generating the extracted abstract information of the extracted encrypted information by adopting a Hash algorithm, then splicing the extracted abstract information and the first digital signature, and generating a third digital signature by adopting the Hash algorithm again, and finally comparing the second digital signature with the third digital signature, wherein if the second digital signature and the third digital signature are the same, the association is successful.
In the invention, the test information is short-distance test information which is transmitted to the main terminal according to a short-distance communication protocol.
In the invention, the test information is network test information which is transmitted to the main terminal according to a network communication protocol.
In the invention, the system also comprises a response unit which is used for responding to the network verification request sent by the main terminal before the network test information is transmitted to the main terminal according to the network communication protocol.
In the present invention, the public key unit includes:
the characteristic unit is used for acquiring a characteristic value of the auxiliary terminal;
and the public key unit is used for generating a public key, a private key and a first digital signature according to the characteristic value.
In the invention, the characteristic value of the auxiliary terminal is used for uniquely identifying the auxiliary terminal.
In the present invention, the authentication unit includes:
the short-distance verification unit is used for successfully authenticating if the test information is the short-distance test information and sending a network verification request to the auxiliary terminal;
in the present invention, the authentication unit includes:
and the network verification unit is used for successfully associating and binding if the test information is the network test information.
According to the terminal association method and system, the message content is fused into the digital signature, so that the safety of the authentication and binding process is effectively improved, the problem that the public key is replaced in the traditional association mode is solved to a certain extent, meanwhile, the artificial risk caused by public key authentication is avoided, the free association of a plurality of terminals and the expansion of terminal equipment in the system are facilitated, and the user experience is also improved.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 illustrates an application environment diagram of a terminal association system according to one embodiment of the invention;
FIG. 2 is a flow diagram illustrating a method of generating association information in one embodiment of the invention;
FIG. 3 is a flow diagram illustrating a method for verifying association information in one embodiment of the invention;
fig. 4 shows a flow diagram of a method of terminal association in one embodiment of the invention;
FIG. 5 is a block diagram of an apparatus for generating association information according to an embodiment of the present invention;
FIG. 6 is a block diagram of an apparatus for verifying association information according to an embodiment of the present invention;
fig. 7 is a schematic system structure diagram of a terminal association system according to an embodiment of the present invention.
Detailed Description
In order to make the technical solutions of the present invention better understood, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention.
In some of the flows described in the present specification and claims and in the above figures, a number of operations are included that occur in a particular order, but it should be clearly understood that these operations may be performed out of order or in parallel as they occur herein, with the order of the operations being indicated as 101, 102, etc. merely to distinguish between the various operations, and the order of the operations by themselves does not represent any order of performance. Additionally, the flows may include more or fewer operations, and the operations may be performed sequentially or in parallel. It should be noted that, the descriptions of "first", "second", etc. in this document are used to distinguish different messages, terminals, modules, etc., and do not represent a sequential order, nor limit the types of "first" and "second" to be different.
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
As shown in fig. 1, in one embodiment, a terminal association system is provided, which comprises at least one main terminal 110 and at least one auxiliary terminal 20, wherein the main terminal 110 and the auxiliary terminal 120 are connected in communication. The master terminal 110 includes at least one of a cell phone, a computer, a server, a tablet computer, a smart watch, a Personal Digital Assistant (PDA), a network-enabled electronic device, and the like. The secondary terminal 120 includes at least one of a cell phone, a computer, a tablet computer, a smart watch, a Personal Digital Assistant (PDA), a networkable electronic device, and the like.
In one embodiment, a secondary terminal 120 for implementing a method of generating association information is provided, comprising a processor having computing functionality and controlling the secondary terminal 120, a memory storing an operating system and secondary terminal 120 data, and a network interface for communicative connection with a primary terminal 110, wherein the processor is configured to perform a method of generating association information.
In one embodiment, a master terminal 110 for implementing a method of verifying associated information is provided, comprising a processor having a computing function and controlling the master terminal 110, a memory storing an operating system and master terminal 110 data, and a network interface for communicative connection with a slave terminal 120, wherein the processor is configured to perform a method of verifying associated information.
As shown in fig. 2, in an embodiment, a method for generating association information is provided, and this embodiment is illustrated by applying the method to the secondary terminal 120 in the terminal-associated system in fig. 1. The method comprises the following steps:
step 202, a public key and a first digital signature are obtained.
Specifically, the secondary terminal obtains the public key and the first digital signature through a network interface communicatively connected to the primary terminal 110. Where the public key is the public part of a key pair, which is a key pair with the private key, typically used to encrypt session keys, verify digital signatures, or encrypt data that can be decrypted with the corresponding private key. The first digital signature is a valid proof of the authenticity of the message sent by the sender of the message, and is generated by a private key corresponding to the public key according to a specified algorithm. The communication connection is that the auxiliary terminal and the main terminal establish data connection by utilizing radio waves, and the data connection comprises at least one of Bluetooth, Wi-Fi, ZigBee, IRDA, UWB, NFC and special wireless systems, namely the auxiliary terminal obtains a public key and a first digital signature through at least one of Bluetooth, Wi-Fi, ZigBee, IRDA, UWB, NFC and special wireless systems. Wi-Fi is a technology for wirelessly connecting terminals such as a computer and a handheld device (e.g., a PDA, a mobile phone, a bracelet, and a smart watch) to each other. ZigBee is a physical layer standard which takes IEEE802.15.4 as a main physical layer and coordinates communication among a large number of tiny sensors. IRDA is a technology for performing point-to-point communication using the greater outside line. UWB is a carrier-free communication technology that uses non-sinusoidal narrow pulses on the nanosecond to picosecond scale to transmit data. NFC is a non-contact identification and interconnection technology that enables near field wireless communication between mobile devices, consumer electronics, PCs, and smart control tools.
And step 204, encrypting the generated original information into encrypted information through the public key.
In particular, the raw information is a piece of test data, which may be generated by a test data generator.
In one implementation, the original information is a segment of character string, and in the android system, step S204 includes the following steps:
acquiring a public key;
instantiating a Cipher object;
initializing a Cipher object, specifying that it is now in an encryption mode, and specifying the public key;
and calling a doFinal method, transmitting the byte array corresponding to the encrypted character string, and returning the encrypted byte array.
Among them, Cipher class refers to the JAVA encryption environment JCE, which is a package that provides a framework and implementation for encryption, key generation and negotiation, and message authentication code algorithms. Since the Cipher class has no output, the kernel module cannot directly make a call, and the kernel only provides a unified framework for management.
It should be noted that the kernel is the most basic part of the android system, and is used to manage data input and output requests issued by software, translate these requests into data processing instructions, and send the data processing instructions to the cpu and other electronic components in the computer for processing, which directly operate on hardware.
In the actual use of Cipher-like encryption functions, the kernel needs to allocate an instance of an encryption function object through crypto _ alloc _ tfm () first, initialize the instances, and then encrypt and decrypt data through an API provided by a framework, where crypto _ tfm is an algorithm object, and when using a specific algorithm in a specific algorithm library, the kernel is described through a universal structure crypto _ tfm, which includes an asynchronous packet algorithm, an authentication encryption algorithm, a packet encryption algorithm, a hash algorithm, a compression algorithm, a random number generation algorithm, and the like. Alloc is a hook function that returns a crypto instance of the algorithm template when the function is constructed. An API is a predefined function that aims to provide applications and developers the ability to access a set of routines based on certain software or hardware, without having to access source code or understand the details of internal working mechanisms.
Finally, in practice, after encryption is completed, instances must also be revoked through crypto _ free _ tfm (), where free is used to release objects.
In one embodiment, the encrypted encryption information is short-range encryption information, and the short-range encryption information is used for authentication of the terminal.
In one embodiment, the encrypted encryption information is network encryption information used to verify the associated binding of the terminal.
And step 206, generating the summary information of the encrypted information by adopting a hash algorithm, then splicing the summary information and the first digital signature, and generating a second digital signature by adopting the hash algorithm again.
Specifically, the hash algorithm is also called a hash algorithm, or a hash function, and is a method for mapping a binary value of an arbitrary length to a shorter binary value of a fixed length, and the small binary value is called a hash value. Hash values are a unique and extremely compact representation of a piece of data as a value. If a piece of plaintext is hashed and even if only one letter of the piece is altered, the subsequent hash will produce a different value. It is computationally infeasible to find two different inputs whose hash is the same value, so the hash value of the data can verify the integrity of the data. Typically for fast lookup and encryption algorithms. Common hash algorithms include MD4, MD5, RAPEMD-160, SHA-1, MASH-1.
In one embodiment, for the above-mentioned encrypted information, the hashing algorithm used is the MD5 algorithm, which MD5 algorithm first groups the encrypted information so that each group is 512 bits in length, and then repeats the process for the plaintext packets. The digest generation process for each plaintext packet is as follows:
s1: dividing the 512-bit plaintext block into 16 sub-plaintext blocks, wherein each sub-plaintext block is 32 bits;
s2: applying for 4 32-bit link variables, noted as A, B, C, D;
s3: performing 1 st round operation on the sub-plaintext block and the chaining variable;
s4: performing 2 nd round operation on the sub-plaintext blocks and the chaining variable;
s5: performing 3 rd round operation on the sub-plaintext blocks and the chaining variables;
s6: performing 4 th round operation on the sub-plaintext blocks and the chaining variable;
s7: summing the link variable and the initial link variable;
s8: the above operation is repeated with the chaining variable as the input of the next plaintext block;
s9: finally, the data in the 4 linked variables is the MD5 digest;
it is noted that for the case where the length of the encrypted message is uncertain, the MD5 algorithm can generate a 128-bit digest for any length of plaintext.
Plaintext of arbitrary length first needs to add bits to make the total length of plaintext 448(mod512) bits. The way to add bits after the plaintext is that the first added bit is l and the rest are 0. The length of the real plaintext is then expressed in 64 bits, and is added to the plaintext to which the bits have been added, and the length of the plaintext is just a multiple of 512 bits. When the plaintext length is greater than 2 to the power of 64, only the lower 64-bit padding is used, appended to the end of the last packet. The plaintext after the addition processing has a length which is exactly an integral multiple of 512 bits, and is then grouped into N plaintext blocks according to the length of 512 bits.
In one embodiment, assuming that the encrypted information is "zhuanli", the digest information after the MD5 algorithm is "7D 10938C6B2B048E86D8A2F3C2CAB4C 7".
Specifically, the operation "+" may be used to splice the summary information and the first digital signature, a String concat () may be used, and a String Buffer may be used.
It is worth mentioning that the hash algorithm adopted again for the concatenated digest information and the first digital signature is the same as or compatible with the hash algorithm for generating the digest information of the encrypted information.
In one embodiment, when the encrypted information is close-range encrypted information, the second digital signature is a close-range second digital signature.
In one embodiment, when the cryptographic information is network cryptographic information, the second digital signature is a network second digital signature.
And 208, generating test information according to the encryption information and the second digital signature, and transmitting the test information to the main terminal according to a preset communication protocol.
Specifically, the test information is used for testing the robustness, repeatability and accuracy of system data exchange associated with the terminal, and it is considered that certain requirements exist for the structure of the message and differences exist among different platforms when the message is pushed by using an SDK interface or a REST API interface.
The SDK interface is a secondary software development kit which comprises help documents, development example engineering and practical tools, wherein the help documents are SDK use documents and specifically comprise an interface description manual and a secondary development guide, the interface description manual is used for describing how each interface is used, and the secondary development guide is used for describing how to use the SDK for secondary development from shallow to deep; the development example project is closely combined with the content of a secondary development guide, and the development example project is the learning material of a developer; the utility tools are tools for assisting users in performing secondary development conveniently, such as secondary development wizards, API search tools, software packaging tools, and the like.
The RESTAPI interface is mainly used to improve API availability, usability, maintainability and extensibility, where REST is representational state transfer, which is specifically to observe the whole network from the perspective of resources, and resources distributed everywhere are determined by URIs (the URIs are IDs of all "things"), and applications of clients obtain the representation of resources through URIs. Obtaining these characterizations causes the applications to transition their states. The client application is constantly transitioning its state as the representation of the resource is constantly acquired.
In one embodiment, the test message is in an android message format, and since the messages of the android platform have no format requirement, the developer can customize the test message.
The communication protocol refers to rules and conventions that two entities must follow to complete communication or service, and mainly comprises three elements of grammar, semantics and time sequence, wherein the grammar refers to the format, coding and signal level of data; semantics refers to data content, meaning, and control information; timing refers to the order, rate matching, and sequencing of communications. In practical application, the communication protocols commonly used in the near field include Wi-Fi, ZigBee, IRDA, UWB, and NFC; the communication protocols commonly used in the local area network include three protocols, namely TCP/IP, NETBEUI and IPX/SPX.
In one embodiment, the preset communication protocol includes a near field communication protocol and a network communication protocol.
In one embodiment, the encryption information is short-distance encryption information, the second digital signature is a short-distance second digital signature, and the test information is short-distance test information which is transmitted to the main terminal according to a short-distance communication protocol.
In one embodiment, the encryption information is network encryption information, the second digital signature is a network second digital signature, and the test information is network test information, which is transmitted to the master terminal according to a network communication protocol.
As shown in fig. 3, in an embodiment, a method for verifying association information is provided, and this embodiment is illustrated by applying the method to the master terminal 110 in the terminal-associated system in fig. 1. The method comprises the following steps:
step 302, generating a public key, a private key and a first digital signature, and sending the public key and the first digital signature to a secondary terminal.
Specifically, step 302 includes the following steps:
generating a public key, a private key and a first digital signature;
storing the public key, the private key and the first digital signature;
and sending the public key and the first digital signature to a secondary terminal.
Specifically, the generating the public key, the private key and the first digital signature includes:
acquiring a characteristic value of the auxiliary terminal;
and generating a public key, a private key and a first digital signature according to the characteristic value.
The characteristic value of the secondary terminal is used for uniquely identifying the secondary terminal and comprises at least one of a model number, a serial number, an international mobile equipment identification code, an integrated circuit card identification code and current time, wherein the model number refers to that different model numbers are given to sub-products of the same series for separating the factory leaving sequence, for example, the model number of a certain series of Samsung mobile phones is SGH-D508; the serial number refers to that a unique code is used for defining each product produced by an enterprise, for example, the serial number of a certain mobile phone of apple is C8PN5FN2 FMLD; an international mobile equipment identity, also known as an electronic serial number, is a parameter unique to each mobile equipment (e.g., mobile phone, smartphone, tablet, etc.); the integrated circuit card identification code is a unique identification number of the IC card and is solidified in the SIM card of the mobile phone; the current time is the time when the master terminal acquires the feature value of the slave terminal.
In one embodiment, the characteristic value of the secondary terminal further includes a random number.
In one embodiment, the characteristic value of the secondary terminal is obtained by hashing at least one of the model number, the serial number, the international mobile equipment identity, the integrated circuit card identity, the current time, and the random number.
In one embodiment, the characteristic value of the secondary terminal is displayed in the form of a two-dimensional code, and the primary terminal can acquire the characteristic value of the secondary terminal by scanning the two-dimensional code.
Optionally, the generating the public key, the private key and the first digital signature is generated by an RSA algorithm, which includes the following steps:
randomly selecting two unequal prime numbers p and q;
calculating the product n of p and q;
calculating an Euler function phi (n) of n;
randomly selecting an integer e, provided that 1< e < φ (n), and e is coprime with φ (n);
calculating a modulo element d of e for phi (n);
n and e are packaged into public keys, and n and d are packaged into private keys.
Preferably, the data of the public and private keys are expressed in an asn.1 format, wherein asn.1 refers to an abstract syntax notation, which is an ISO/ITU-T standard describing a data format for representing, encoding, transmitting and decoding data. It provides a full set of formal formats for describing the structure of an object.
Specifically, the public key and the first digital signature are sent to the secondary terminal through at least one of Wi-Fi, ZigBee, IRDA, UWB, NFC, and a dedicated wireless system.
And step 304, acquiring the test information sent by the secondary terminal.
Specifically, the acquiring of the test information sent by the secondary terminal includes two situations, one is acquiring the short-distance test information, and the other is acquiring the network test information.
In one embodiment, when the test information transmitted by the sub terminal is the short-range test information, the short-range test information is acquired through the short-range communication protocol.
In one embodiment, when the test information sent by the secondary terminal is network test information, the network test information is acquired through a network communication protocol.
Step 306, extracting the encrypted information and the second digital signature from the test information.
Specifically, the extracted encryption information and the second digital signature information are extracted corresponding to the structure of the message at the time of generation.
In one embodiment, when the test information is the short-range test information, then the short-range encrypted information and the short-range second digital signature are extracted.
In one embodiment, when the test information is network test information, then network encryption information and a network second digital signature are extracted.
And 308, generating the abstract information of the extracted encrypted information by adopting a Hash algorithm, splicing the abstract information and the first digital signature, and generating a third digital signature by adopting the Hash algorithm again.
Specifically, the hash algorithm is also called a hash algorithm, or a hash function, and the specific contents thereof can be referred to above.
It is worth mentioning that the hash algorithm employed again for the spliced digest information and the first digital signature, the hash algorithm for the digest information used for generating the extracted encrypted information, the hash algorithm for the spliced digest information and the first digital signature, and the hash algorithm for the digest information used for generating the encrypted information are adapted or compatible with each other.
In one embodiment, the above hashing algorithms all use the MD5 algorithm.
In one embodiment, when the extracted encrypted information is the short-distance encrypted information, then the generated third digital signature is a short-distance third digital signature.
In one embodiment, when the extracted encrypted information is network encrypted information, then the generated third digital signature is a network third digital signature.
And step 310, comparing the second digital signature with the third digital signature, and if the second digital signature is the same as the third digital signature, the association is successful.
Specifically, the comparing the second digital signature and the third digital signature, and if they are the same, the association success also includes two cases, specifically as follows,
and when the second digital signature is a short-distance second digital signature and the third digital signature is a short-distance third digital signature, namely the test information is short-distance test information, if the second digital signature is the short-distance second digital signature and the third digital signature is the short-distance third digital signature, the authentication is successful, and a network verification request is sent to the auxiliary terminal.
And when the second digital signature is a network second digital signature and the third digital signature is a network third digital signature, namely the test information is network test information, if the second digital signature is the network second digital signature and the third digital signature is the network third digital signature, the association binding is successful.
Preferably, the master terminal firstly acquires the short-distance test information and authenticates the short-distance test information, if the authentication is successful, a network verification request is sent to the auxiliary terminal, the auxiliary terminal responds to the network verification request and sends the network test information to the master terminal, and the master terminal acquires the network test information through a network communication protocol.
As shown in fig. 4, based on the same inventive concept, in an embodiment, a method for associating terminals is further provided, and this embodiment is illustrated by applying the method to the main terminal 110 and the sub-terminal 120 in the system for associating terminals in fig. 1. The method comprises the following steps:
step 402, the master terminal generates a public key, a private key and a first digital signature, and sends the public key and the first digital signature to the slave terminal.
Specifically, step 402 includes the following steps:
generating a public key, a private key and a first digital signature;
storing the public key, the private key and the first digital signature;
and sending the public key and the first digital signature to a secondary terminal.
Wherein the generating the public key, the private key and the first digital signature comprises:
acquiring a characteristic value of the auxiliary terminal;
and generating a public key, a private key and a first digital signature according to the characteristic value.
Preferably, the characteristic value of the secondary terminal is used to uniquely identify the secondary terminal, and includes at least one of a model number, a serial number, an international mobile equipment identity, an integrated circuit card identity, and a current time.
In one embodiment, the characteristic value of the secondary terminal further includes a random number.
In one embodiment, the characteristic value of the secondary terminal is obtained by hashing at least one of the model number, the serial number, the international mobile equipment identity, the integrated circuit card identity, the current time, and the random number.
In one embodiment, the characteristic value of the secondary terminal is displayed in the form of a two-dimensional code, and the primary terminal can acquire the characteristic value of the secondary terminal by scanning the two-dimensional code.
Optionally, the public key, the private key and the first digital signature are generated by an RSA algorithm, and the specific RSA algorithm principle refers to the above.
Preferably, the public key and the first digital signature are sent to the secondary terminal via at least one of Wi-Fi, ZigBee, IRDA, UWB, NFC, and private wireless systems.
Step 404, the secondary terminal obtains the public key and the first digital signature.
Specifically, the secondary terminal obtains the public key and the first digital signature through a network interface communicatively connected to the primary terminal 110. Where the public key is the public part of a key pair, which is a key pair with the private key, typically used to encrypt session keys, verify digital signatures, or encrypt data that can be decrypted with the corresponding private key. The first digital signature is a valid proof of the authenticity of the message sent by the sender of the message, and is generated by a private key corresponding to the public key according to a specified algorithm. The communication connection is that the auxiliary terminal and the main terminal establish data connection by utilizing radio waves, and comprises at least one of Bluetooth, Wi-Fi, ZigBee, IRDA, UWB, NFC and special wireless systems.
In one embodiment, the secondary terminal obtains the public key and the first digital signature via at least one of bluetooth, Wi-Fi, ZigBee, IRDA, UWB, NFC, and a private wireless system.
And 406, the secondary terminal encrypts the generated original information into encrypted information through the public key, generates digest information of the encrypted information by adopting a hash algorithm, then splices the digest information and the first digital signature, generates a second digital signature through the hash algorithm, and finally transmits the second digital signature to the primary terminal according to a preset communication protocol according to the encrypted information and the second digital signature.
Specifically, the original information is a piece of test data, which can be generated by a test data generator; the hash algorithm is the MD5 algorithm; the preset communication protocol comprises a near field communication protocol and a network communication protocol.
In one embodiment, when the encrypted information is short-range encrypted information for authentication of the terminal, the second digital signature is a short-range second digital signature, and the test message is a short-range test message transmitted to the master terminal according to a short-range communication protocol.
In one embodiment, when the encrypted encryption information is network encryption information used for verifying the association binding of the terminal, the second digital signature is a network second digital signature, and the test message is a network test message which is transmitted to the master terminal according to a network communication protocol.
And 408, the main terminal receives the test information, firstly extracts the encrypted information and the second digital signature from the test information, then generates the extracted summary information of the extracted encrypted information by adopting a Hash algorithm, then splices the extracted summary information and the first digital signature and generates a third digital signature by adopting the Hash algorithm again, and finally compares the second digital signature with the third digital signature, if the two signatures are the same, the association is successful.
In particular, the hash algorithm is also the MD5 algorithm, and the specific principle thereof refers to the above.
In one embodiment, when the test information sent by the secondary terminal is short-distance test information, the primary terminal acquires the short-distance test information through a short-distance communication protocol, extracts short-distance encryption information and a short-distance second digital signature from the short-distance test information, compares the short-distance second digital signature with the short-distance third digital signature, if the short-distance encryption information and the short-distance second digital signature are the same, successfully authenticates, and sends a network verification request to the secondary terminal.
In one embodiment, when the test information sent by the secondary terminal is network test information, the primary terminal acquires the network test information through a network communication protocol, extracts network encryption information and a network second digital signature from the network test information, and compares the network second digital signature with the network third digital signature, if the network encryption information and the network second digital signature are the same, the association binding is successful.
Preferably, the master terminal firstly acquires the short-distance test information and authenticates the short-distance test information, if the authentication is successful, a network verification request is sent to the auxiliary terminal, the auxiliary terminal responds to the network verification request and sends the network test information to the master terminal, and the master terminal acquires the network test information through a network communication protocol.
As shown in fig. 5, based on the same inventive concept, in an embodiment, there is further provided an apparatus for generating association information, including: an acquisition module 5001, an encryption module 5003, a signature module 5005, and a sharing module 5007.
An obtaining module 5001 configured to obtain a public key and a first digital signature.
An encryption module 5003 for encrypting the generated original information into encrypted information by the public key.
The signature module 5005 generates digest information of the encrypted information by using a hash algorithm, then concatenates the digest information and the first digital signature, and generates a second digital signature by using the hash algorithm again.
The sharing module 5007 is configured to generate test information according to the encryption information and the second digital signature, and transmit the test information to the master terminal according to a preset communication protocol.
The shared module 5007 includes: a short-distance test unit and a network test unit.
And the short-distance test unit is used for transmitting the test information to the main terminal according to the short-distance communication protocol when the test information is the short-distance test information.
And the network test unit is used for transmitting the test information to the main terminal according to a network communication protocol when the test information is the network test information.
In one embodiment, the apparatus for generating association information further includes a response unit, configured to respond to a network authentication request sent by the master terminal before the network test information is transmitted to the master terminal according to the network communication protocol.
As shown in fig. 6, based on the same inventive concept, in an embodiment, there is further provided an apparatus for verifying association information, including: a generate sharing module 6001, a test acquisition module 6003, an extract module 6005, a digital signature module 6007, and a compare module 6009.
The generating sharing module 6001 is configured to generate a public key, a private key, and a first digital signature, and send the public key and the first digital signature to the secondary terminal.
A test obtaining module 6003, configured to obtain test information.
An extracting module 6005 configured to extract the encrypted information and the second digital signature from the test information.
The digital signature module 6007 is configured to generate digest information of the extracted encrypted information by using a hash algorithm, then concatenate the digest information and the first digital signature, and generate a third digital signature by using the hash algorithm again.
A comparing module 6009, configured to compare the second digital signature with the third digital signature, and if the second digital signature is the same as the third digital signature, the association is successful.
The generating sharing module 6001 includes: the device comprises a feature acquisition unit and a generation unit.
And the characteristic acquisition unit is used for acquiring the characteristic value of the auxiliary terminal.
And the generating unit is used for generating a public key, a private key and a first digital signature according to the characteristic value.
In one embodiment, the characteristic value of the secondary terminal is used to uniquely identify the secondary terminal.
The comparison module 6009 includes: a close-range comparison unit and a network comparison unit,
and the short-distance comparison unit is used for successfully authenticating if the test information is the short-distance test information and sending a network verification request to the auxiliary terminal.
And the network comparison unit is used for successfully associating and binding if the test information is the network test information.
As shown in fig. 7, based on the same inventive concept, in one embodiment, a terminal association system is further provided, which includes at least one main terminal 110 and at least one auxiliary terminal 120, where the main terminal 110 and the auxiliary terminal 120 are communicatively connected; the master terminal 110 includes a public key unit 1101 and a verification unit 1103, and the slave terminal 120 includes an acquisition unit 1201 and a generation unit 1203.
The public key unit 1101 is configured to generate a public key, a private key, and a first digital signature, and send the public key and the first digital signature to the secondary terminal.
An obtaining unit 1201, configured to obtain the public key and the first digital signature.
The generating unit 1203 is configured to encrypt the generated original information into encrypted information through the public key, generate digest information of the encrypted information by using a hash algorithm, then splice the digest information and the first digital signature, generate a second digital signature through the hash algorithm, and finally transmit the second digital signature to the master terminal according to a preset communication protocol according to the encrypted information and the second digital signature.
The verification unit 1103 is configured to receive the test information, extract the encrypted information and the second digital signature from the test information, generate the extracted digest information of the extracted encrypted information by using a hash algorithm, splice the extracted digest information with the first digital signature, generate a third digital signature by using the hash algorithm again, and compare the second digital signature with the third digital signature.
In one embodiment, the test information is close range test information, which is transmitted to the master terminal according to a close range communication protocol.
In one embodiment, the test information is network test information that is transmitted to the master terminal according to a network communication protocol.
Preferably, the system associated with the terminal further includes a response unit, configured to respond to a network verification request sent by the master terminal before the network test information is transmitted to the master terminal according to the network communication protocol.
The public key unit 1101 includes: a feature unit and a public key unit.
And the characteristic unit is used for acquiring the characteristic value of the secondary terminal.
And the public key unit is used for generating a public key, a private key and a first digital signature according to the characteristic value.
Preferably, the characteristic value of the secondary terminal is used to uniquely identify the secondary terminal.
The verification unit 1103 includes: a short-distance authentication unit and a network authentication unit.
And the short-distance verification unit is used for successfully authenticating if the test information is the short-distance test information and sending a network verification request to the auxiliary terminal.
And the network verification unit is used for successfully associating and binding if the test information is the network test information.
While the method and system for associating terminals provided by the present invention have been described in detail, those skilled in the art will appreciate that the various modifications, additions, substitutions, and substitutions are possible, without departing from the scope and spirit of the invention as disclosed in the accompanying claims.

Claims (10)

1. A method of generating association information, comprising the steps of:
acquiring a public key and a first digital signature;
encrypting the generated original information into encrypted information through the public key;
generating abstract information of the encrypted information by adopting a Hash algorithm, splicing the abstract information and the first digital signature, and generating a second digital signature by adopting the Hash algorithm again;
and generating test information according to the encryption information and the second digital signature and transmitting the test information to the main terminal according to a preset communication protocol.
2. The method of generating association information according to claim 1, wherein the test information is proximity test information, the proximity test information being transmitted to the master terminal in accordance with a proximity communication protocol.
3. A method of verifying associated information, comprising the steps of:
generating a public key, a private key and a first digital signature, and sending the public key and the first digital signature to a secondary terminal;
acquiring test information sent by the auxiliary terminal;
extracting encryption information and a second digital signature from the test information;
generating abstract information of the extracted encrypted information by adopting a Hash algorithm, splicing the abstract information and the first digital signature, and generating a third digital signature by adopting the Hash algorithm again;
and comparing the second digital signature with the third digital signature, and if the second digital signature is the same as the third digital signature, the association is successful.
4. The method of verifying the associated information as recited in claim 3, wherein the generating the public key, the private key, and the first digital signature comprises:
acquiring a characteristic value of the auxiliary terminal;
and generating a public key, a private key and a first digital signature according to the characteristic value.
5. A method for associating terminals, comprising the steps of:
the master terminal generates a public key, a private key and a first digital signature and sends the public key and the first digital signature to the auxiliary terminal;
the secondary terminal acquires the public key and the first digital signature;
the auxiliary terminal encrypts generated original information into encrypted information through the public key, then generates summary information of the encrypted information by adopting a Hash algorithm, then splices the summary information and the first digital signature, generates a second digital signature through the Hash algorithm, and finally generates test information according to the encrypted information and the second digital signature and transmits the test information to the main terminal according to a preset communication protocol;
the main terminal receives the test information, firstly extracts the encrypted information and the second digital signature from the test information, then generates the extracted summary information of the extracted encrypted information by adopting a Hash algorithm, then splices the extracted summary information and the first digital signature and generates a third digital signature by adopting the Hash algorithm again, and finally compares the second digital signature with the third digital signature, if the two signatures are the same, the association is successful.
6. An apparatus for generating association information, the apparatus comprising:
the acquisition module is used for acquiring a public key and a first digital signature;
the encryption module is used for encrypting the generated original information into encrypted information through the public key;
the signature module is used for generating summary information of the encrypted information by adopting a Hash algorithm, splicing the summary information and the first digital signature and generating a second digital signature by adopting the Hash algorithm again;
and the sharing module is used for generating test information according to the encryption information and the second digital signature and transmitting the test information to the main terminal according to a preset communication protocol.
7. The apparatus for generating association information as recited in claim 6, wherein the sharing module comprises:
and the short-distance test unit is used for transmitting the test information to the main terminal according to the short-distance communication protocol when the test information is the short-distance test information.
8. An apparatus for verifying association information, the apparatus comprising:
the generation sharing module is used for generating a public key, a private key and a first digital signature and sending the public key and the first digital signature to the auxiliary terminal;
the test acquisition module is used for acquiring test information;
the extraction module is used for extracting the encrypted information and the second digital signature from the test information;
the digital signature module is used for generating the extracted abstract information of the extracted encrypted information by adopting a Hash algorithm, then splicing the extracted abstract information and the first digital signature and generating a third digital signature by adopting the Hash algorithm again;
and the comparison module is used for comparing the second digital signature with the third digital signature, and if the second digital signature is the same as the third digital signature, the association is successful.
9. The apparatus for verifying association information as claimed in claim 8, wherein said generating a shared module comprises:
the characteristic acquisition unit is used for acquiring a characteristic value of the auxiliary terminal;
and the generating unit is used for generating a public key, a private key and a first digital signature according to the characteristic value.
10. A terminal association system is characterized by comprising at least one main terminal and at least one auxiliary terminal, wherein the main terminal is in communication connection with the auxiliary terminal; the main terminal comprises a public key unit and a verification unit, and the auxiliary terminal comprises an acquisition unit and a generation unit; wherein,
the public key unit is used for generating a public key, a private key and a first digital signature and sending the public key and the first digital signature to the auxiliary terminal;
an obtaining unit, configured to obtain the public key and the first digital signature;
the generating unit is used for firstly encrypting the generated original information into encrypted information through the public key, then generating summary information of the encrypted information by adopting a Hash algorithm, splicing the summary information and the first digital signature, then generating a second digital signature through the Hash algorithm, and finally transmitting the second digital signature to the main terminal according to the encrypted information and the second digital signature and a preset communication protocol;
the verification unit is used for receiving the test information, firstly extracting the encrypted information and the second digital signature from the test information, then generating the extracted abstract information of the extracted encrypted information by adopting a Hash algorithm, then splicing the extracted abstract information and the first digital signature, and generating a third digital signature by adopting the Hash algorithm again, and finally comparing the second digital signature with the third digital signature, wherein if the second digital signature and the third digital signature are the same, the association is successful.
CN201610245339.7A 2016-04-19 2016-04-19 A kind of method and system of terminal association Expired - Fee Related CN105978693B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610245339.7A CN105978693B (en) 2016-04-19 2016-04-19 A kind of method and system of terminal association

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610245339.7A CN105978693B (en) 2016-04-19 2016-04-19 A kind of method and system of terminal association

Publications (2)

Publication Number Publication Date
CN105978693A true CN105978693A (en) 2016-09-28
CN105978693B CN105978693B (en) 2019-05-14

Family

ID=56993112

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610245339.7A Expired - Fee Related CN105978693B (en) 2016-04-19 2016-04-19 A kind of method and system of terminal association

Country Status (1)

Country Link
CN (1) CN105978693B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106685977A (en) * 2017-01-03 2017-05-17 武汉虹信技术服务有限责任公司 Account system construction method based on intelligent community cloud platform
CN106936572A (en) * 2017-04-01 2017-07-07 上海理深信息科技有限公司 A kind of safe data matching method and its system
CN108683665A (en) * 2018-05-15 2018-10-19 国家电网公司 Data ciphering method, system in fiber optic communication and data transmitting equipment
CN109347627A (en) * 2018-09-19 2019-02-15 平安科技(深圳)有限公司 Data encryption/decryption method, device, computer equipment and storage medium
CN114679280A (en) * 2022-03-15 2022-06-28 北京宏思电子技术有限责任公司 RSA-based joint signature generation method and device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5671285A (en) * 1995-12-13 1997-09-23 Newman; Bruce D. Secure communication system
CN102279908A (en) * 2010-06-08 2011-12-14 安凯(广州)微电子技术有限公司 Method and system for protecting digital contents
CN102664735A (en) * 2012-04-13 2012-09-12 江苏新彩软件有限公司 Implementation method for secure session of mobile phone lottery system based on public key
CN104639327A (en) * 2015-01-29 2015-05-20 杭州晟元芯片技术有限公司 Method for identifying and correlating equipment by digital certificate

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5671285A (en) * 1995-12-13 1997-09-23 Newman; Bruce D. Secure communication system
CN102279908A (en) * 2010-06-08 2011-12-14 安凯(广州)微电子技术有限公司 Method and system for protecting digital contents
CN102664735A (en) * 2012-04-13 2012-09-12 江苏新彩软件有限公司 Implementation method for secure session of mobile phone lottery system based on public key
CN104639327A (en) * 2015-01-29 2015-05-20 杭州晟元芯片技术有限公司 Method for identifying and correlating equipment by digital certificate

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106685977A (en) * 2017-01-03 2017-05-17 武汉虹信技术服务有限责任公司 Account system construction method based on intelligent community cloud platform
CN106685977B (en) * 2017-01-03 2019-11-08 武汉虹信技术服务有限责任公司 A kind of system of account building method based on intelligence community cloud platform
CN106936572A (en) * 2017-04-01 2017-07-07 上海理深信息科技有限公司 A kind of safe data matching method and its system
CN108683665A (en) * 2018-05-15 2018-10-19 国家电网公司 Data ciphering method, system in fiber optic communication and data transmitting equipment
CN109347627A (en) * 2018-09-19 2019-02-15 平安科技(深圳)有限公司 Data encryption/decryption method, device, computer equipment and storage medium
CN109347627B (en) * 2018-09-19 2023-08-29 平安科技(深圳)有限公司 Data encryption and decryption method and device, computer equipment and storage medium
CN114679280A (en) * 2022-03-15 2022-06-28 北京宏思电子技术有限责任公司 RSA-based joint signature generation method and device

Also Published As

Publication number Publication date
CN105978693B (en) 2019-05-14

Similar Documents

Publication Publication Date Title
US20220191021A1 (en) Blockchain-implemented method and system
CN105978693B (en) A kind of method and system of terminal association
CN102572314B (en) Image sensor and payment authentication method
CN107786331B (en) Data processing method, device, system and computer readable storage medium
CN109688098B (en) Method, device and equipment for secure communication of data and computer readable storage medium
CN105450413B (en) A kind of setting method of password, device and system
CN106576043A (en) Virally distributable trusted messaging
CN102780698A (en) User terminal safety communication method in platform of Internet of Things
CN110601815B (en) Block chain data processing method and equipment
CN110611670A (en) API request encryption method and device
CN109309566B (en) Authentication method, device, system, equipment and storage medium
CA3178180A1 (en) Constructing a distributed ledger transaction on a cold hardware wallet
CN113572743B (en) Data encryption and decryption methods and devices, computer equipment and storage medium
CN112511514A (en) HTTP encrypted transmission method and device, computer equipment and storage medium
CN109194701B (en) Data processing method and device
CN106131008B (en) Video and audio monitoring equipment, security authentication method thereof and video and audio display equipment
CN105306212B (en) A kind of label decryption method that identity is hiding and safe by force
CN106161224B (en) Method for interchanging data, device and equipment
CN106060787A (en) Information transmitting method, apparatus and device
CN109510711B (en) Network communication method, server, client and system
CN109922022A (en) Internet of Things communication means, platform, terminal and system
CN110287733B (en) File tamper-proofing method and device
TW202123051A (en) Security authentication method, apparatus, and electronic device
CN103441854A (en) Link protection method and system
JP5405057B2 (en) Information communication apparatus and public key authentication method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20190514

CF01 Termination of patent right due to non-payment of annual fee