CN105978693B - A kind of method and system of terminal association - Google Patents

A kind of method and system of terminal association Download PDF

Info

Publication number
CN105978693B
CN105978693B CN201610245339.7A CN201610245339A CN105978693B CN 105978693 B CN105978693 B CN 105978693B CN 201610245339 A CN201610245339 A CN 201610245339A CN 105978693 B CN105978693 B CN 105978693B
Authority
CN
China
Prior art keywords
digital signature
information
terminal
public key
test
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201610245339.7A
Other languages
Chinese (zh)
Other versions
CN105978693A (en
Inventor
祝芳浩
刘昱东
刘鸿杰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Qiku Internet Technology Shenzhen Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Qiku Internet Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd, Qiku Internet Technology Shenzhen Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201610245339.7A priority Critical patent/CN105978693B/en
Publication of CN105978693A publication Critical patent/CN105978693A/en
Application granted granted Critical
Publication of CN105978693B publication Critical patent/CN105978693B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Computer And Data Communications (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a kind of method and system of terminal association, including generate public key, private key and the first digital signature, and public key and the first digital signature are sent to secondary terminal;Secondary terminal obtains the public key and first digital signature;Secondary terminal generates the second digital signature by the public key and first digital signature, then generates test information according to the encryption information and second digital signature and is sent to master terminal according to preset communication protocol;Master terminal receives test information, then splices the extraction summary info and first digital signature generates third digital signature, finally compare the second digital signature and third digital signature.The method and system of the terminal association improves safety, avoids human risks, facilitate free terminal association by the way that message content to be integrated into digital signature.

Description

A kind of method and system of terminal association
Technical field
The present invention relates to the fields of electrical communication, more particularly, to a kind of method and system of terminal association.
Background technique
With the continuous arrival of the internet of things era, interconnecting more and more frequently between terminal.For example in intelligent family Occupy aspect, the house life centered on smart phone gradually grows up as a kind of life style of new fashion, people also without when The convenient life of Internet of Things bring is not being enjoyed without carving.But as more and more equipment intercourse data, this is one Determine to improve data exchange risk in degree, the information being for example commonly encountered is tampered, and is plagiarized.
Currently, the interrelational form for terminal is mainly rivest, shamir, adelman, key pair is constructed by message sender And public key is announced to message receiver, first message sender is formed data signature, data and signature using the private key of itself Message is sent to message receiver, and message receiver is using public key for verifying.But there is certain ask in this interrelational form Topic, if the public key of message sender is replaced as the public key of oneself by the system that third party has invaded message receiver, then emits It fills message sender and sends instruction to message receiver, be thus easy to cause the leakage of message.
Regarding to the issue above current settling mode be carry out public key certification, but the certification of public key introduce it is artificial Control, which are added human risks, be also inconvenient for terminal be freely associated with and the expansion of terminal device, while user experience It is bad.
Summary of the invention
The purpose of the present invention aims to solve the problem that at least one above-mentioned problem, provides a kind of method and system of terminal association.
To realize the purpose, the present invention adopts the following technical scheme:
Scheme one:
A kind of method generating related information is provided, comprising the following steps:
Obtain public key and the first digital signature;
The raw information of generation is encrypted to encryption information by the public key;
The summary info of the encryption information is generated using hash algorithm, then splices the summary info and described first Digital signature simultaneously generates the second digital signature using hash algorithm again;
Test information is generated according to the encryption information and second digital signature and according to preset communication protocol It is sent to master terminal.
In the present invention, the test information is measurement of near distance information, and the measurement of near distance information is according to short-range communication Agreement is sent to master terminal.
In the present invention, the test information is network test information, which passes according to network communication protocol It send to master terminal.
In the present invention, the network test information is sent to before master terminal according to network communication protocol, comprising: response master The network authentication request that terminal is sent.
Scheme two:
A kind of device for generating related information is provided, described device includes:
Module is obtained, for obtaining public key and the first digital signature;
Encrypting module, for the raw information of generation to be encrypted to encryption information by the public key;
Signature blocks, the summary info of the encryption information is generated using hash algorithm, then splices the summary info The second digital signature is generated with first digital signature and again using hash algorithm;
Sharing module, for generating test information according to the encryption information and second digital signature and according to pre- If communication protocol be sent to master terminal.
In the present invention, the sharing module includes:
Measurement of near distance unit, for being assisted according to short-range communication when the test information is measurement of near distance information View is sent to master terminal;
In the present invention, the sharing module includes:
Network test unit, for being transmitted according to network communication protocol when the test information is network test information To master terminal.
In the present invention, described device further include:
Response unit, before being sent to master terminal according to network communication protocol for the network test information, response master The network authentication request that terminal is sent.
The method and apparatus of above-mentioned generation related information generate the summary info of the encryption information simultaneously by hash algorithm Summary info and the first digital signature to the generation do hash algorithm again and generate the second digital signature, will be in message to be sent Appearance has been integrated into the second digital signature, has been reformed the mode of traditional generation related information, has been effectively raised anti-intrusion Energy.
Scheme three:
A kind of method for verifying related information is provided, comprising the following steps:
Public key, private key and the first digital signature are generated, and the public key and first digital signature are sent to pair Terminal;
Obtain the test information that the secondary terminal is sent;
Encryption information and the second digital signature are extracted from the test information;
Then the extraction summary info that the encryption information of the extraction is generated using hash algorithm splices the extraction abstract Information and first digital signature simultaneously generate third digital signature using hash algorithm again;
Compare second digital signature and the third digital signature is then successfully associated if they are the same.
In the present invention, the generation public key, private key and the first digital signature include:
Obtain the characteristic value of secondary terminal;
Public key, private key and the first digital signature are generated according to the characteristic value.
In the present invention, the characteristic value of the pair terminal is used for unique identification pair terminal.
In the present invention, it is described if they are the same, then be successfully associated and include:
When the test information is measurement of near distance information, if they are the same, then success, concurrent SCN Space Cable Network checking request are authenticated To secondary terminal.
In the present invention, it is described if they are the same, then be successfully associated and include:
When the test information is network test information, if they are the same, then it is associated with binding success.
Scheme four:
A kind of device for verifying related information is provided, described device includes:
Sharing module is generated, for generating public key, private key and the first digital signature, and by public key and the first digital signature It is sent to secondary terminal;
Test obtains module, for obtaining test information;
Extraction module, for extracting encryption information and the second digital signature from test information;
Digital Signature module, the extraction summary info of the encryption information for generating the extraction using hash algorithm, so After splice the extraction summary info and first digital signature and again using hash algorithm generate third digital signature;
Comparison module if they are the same, is then successfully associated for comparing the second digital signature and third digital signature.
In the present invention, the generation sharing module includes:
Feature acquiring unit, for obtaining the characteristic value of secondary terminal;
Generation unit, for generating public key, private key and the first digital signature according to the characteristic value.
In the present invention, the characteristic value of the pair terminal is used for unique identification pair terminal.
In the present invention, the comparison module includes:
Short distance comparing unit, for when the test information is measurement of near distance information, if they are the same, then authentication at Function, concurrent SCN Space Cable Network checking request to secondary terminal.
In the present invention, the comparison module includes:
Network comparing unit, for when the test information is network test information, if they are the same, then association to be bound into Function.
The method and apparatus of above-mentioned verifying related information, again by the first digital signature of generation and received message content Secondary generation third digital signature, the method for then comparing the second digital signature and third digital signature again are verified, innovation Tradition is the method verified according to public key, is avoided because of challenge brought by public key replacement, to a certain extent Improve safety and reliability.
Scheme five:
A kind of method of terminal association is provided, comprising the following steps:
Master terminal generates public key, private key and the first digital signature, and public key and the first digital signature are sent to pair eventually End;
The pair terminal obtains the public key and first digital signature;
The raw information of generation is encrypted to encryption information by the public key by the pair terminal first, then uses Hash Algorithm generates the summary info of the encryption information, then splices the summary info and first digital signature passes through Kazakhstan again Uncommon algorithm generates the second digital signature, finally generates test information according to the encryption information and second digital signature and presses Master terminal is sent to according to preset communication protocol;
The master terminal receives test information, extracts encryption information and the second digital signature from test information first, so Afterwards using hash algorithm generate the extraction encryption information extraction summary info, then splice the extractions summary info and First digital signature simultaneously generates third digital signature using hash algorithm again, finally compares the second digital signature and third Digital signature is then successfully associated if they are the same.
In the present invention, the test information is measurement of near distance information, and the measurement of near distance information is according to short-range communication Agreement is sent to master terminal.
In the present invention, the test information is network test information, which passes according to network communication protocol It send to master terminal.
In the present invention, the network test information is sent to before master terminal according to network communication protocol, comprising: response master The network authentication request that terminal is sent.
In the present invention, the master terminal generates public key, private key and the first digital signature and includes:
Obtain the characteristic value of secondary terminal;
Public key, private key and the first digital signature are generated according to the characteristic value.
In the present invention, the characteristic value of the pair terminal is used for unique identification pair terminal.
In the present invention, it is described if they are the same, then be successfully associated and include:
When the test information is measurement of near distance information, if they are the same, then success, concurrent SCN Space Cable Network checking request are authenticated To secondary terminal;
In the present invention, it is described if they are the same, then be successfully associated and include:
When the test information is network test information, if they are the same, then it is associated with binding success.
Scheme six:
A kind of system of terminal association, including at least one master terminal and at least one secondary terminal, the master terminal are provided It is communicated to connect with the secondary terminal;The master terminal includes public key unit and authentication unit, and the pair terminal includes acquiring unit And generation unit;Wherein,
Public key unit is sent for generating public key, private key and the first digital signature, and by public key and the first digital signature To secondary terminal;
Acquiring unit, for obtaining the public key and first digital signature;
Then generation unit is used for the raw information of generation to be encrypted to encryption information first by the public key Hash algorithm generates the summary info of the encryption information, then splices the summary info and leads to again with first digital signature It crosses hash algorithm and generates the second digital signature, finally according to the encryption information and second digital signature according to preset logical Letter agreement is sent to master terminal;
Authentication unit extracts encryption information and the second digital signature from test information first for receiving test information, Then the extraction summary info that the encryption information of the extraction is generated using hash algorithm, then splices the extraction summary info Third digital signature is generated using hash algorithm with first digital signature and again, finally compares the second digital signature and the Three digital signature are then successfully associated if they are the same.
In the present invention, the test information is measurement of near distance information, and the measurement of near distance information is according to short-range communication Agreement is sent to master terminal.
In the present invention, the test information is network test information, which passes according to network communication protocol It send to master terminal.
In the present invention, the system also includes response units, for the network test information according to network communication protocol It is sent to before master terminal, the network authentication request that response master terminal is sent.
In the present invention, the public key unit includes:
Feature unit, for obtaining the characteristic value of secondary terminal;
Public key unit, for generating public key, private key and the first digital signature according to the characteristic value.
In the present invention, the characteristic value of the pair terminal is used for unique identification pair terminal.
In the present invention, the authentication unit includes:
Short distance authentication unit, for when the test information is measurement of near distance information, if they are the same, then authentication at Function, concurrent SCN Space Cable Network checking request to secondary terminal;
In the present invention, the authentication unit includes:
Network verification unit, for when the test information is network test information, if they are the same, then association to be bound into Function.
The method and system of above-mentioned terminal association effectively improves mirror by the way that message content to be integrated into digital signature The safety of power and binding procedure, overcomes the problem of traditional association mode public key is replaced to a certain extent, meanwhile, it avoids Because of human risks caused by authentication public key, facilitate several terminals be freely associated with and system in terminal device It expands, also the user experience is improved.
Detailed description of the invention
To describe the technical solutions in the embodiments of the present invention more clearly, make required in being described below to embodiment Attached drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for For those skilled in the art, without creative efforts, it can also be obtained according to these attached drawings other attached Figure.
Fig. 1 shows terminal association systematic difference environment map according to an embodiment of the invention;
Fig. 2 shows the flow diagrams for the method that related information is generated in one embodiment of the invention;
Fig. 3 shows the flow diagram that the method for related information is verified in one embodiment of the invention;
Fig. 4 shows the flow diagram of the method for terminal association in one embodiment of the invention;
Fig. 5 shows the modular structure schematic diagram that the device of related information is generated in one embodiment of the invention;
Fig. 6 shows the modular structure schematic diagram that the device of related information is verified in one embodiment of the invention;
Fig. 7 shows the system structure diagram of terminal association system in one embodiment of the invention.
Specific embodiment
In order to enable those skilled in the art to better understand the solution of the present invention, below in conjunction in the embodiment of the present invention Attached drawing, technical scheme in the embodiment of the invention is clearly and completely described.
In some processes of the description in description and claims of this specification and above-mentioned attached drawing, contain according to Multiple operations that particular order occurs, but it should be clearly understood that these operations can not be what appears in this article suitable according to its Sequence is executed or is executed parallel, and serial number of operation such as 101,102 etc. is only used for distinguishing each different operation, serial number It itself does not represent and any executes sequence.In addition, these processes may include more or fewer operations, and these operations can To execute or execute parallel in order.It should be noted that the description such as " first " herein, " second ", is for distinguishing not Same message, terminal, module etc., does not represent sequencing, does not also limit " first " and " second " and be different type.
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, those skilled in the art's every other implementation obtained without creative efforts Example, shall fall within the protection scope of the present invention.
As shown in Figure 1, in one embodiment, providing a kind of system of terminal association, including at least one master terminal 110 and at least one secondary terminal 20, wherein master terminal 110 and the secondary terminal 120 communicate to connect.Master terminal 110 include mobile phone, At least one in computer, server, tablet computer, smartwatch, personal digital assistant (PDA) and the electronic equipment that can network etc. Kind.Secondary terminal 120 includes mobile phone, computer, tablet computer, smartwatch, personal digital assistant (PDA) and can networked electronic device At least one of Deng.
In one embodiment, a kind of a kind of secondary terminal 120 for realizing method for generating related information, packet are provided Include with computing function and control 120 data of processor, storage program area and secondary terminal of secondary terminal 120 memory and Network interface for being communicated to connect with master terminal 110, wherein the processor is configured as executing a kind of related information that generates Method.
In one embodiment, a kind of master terminal 110 of method for realizing verifying related information, including tool are provided There is computing function and controls the memory of 110 data of processor, storage program area and master terminal of master terminal 110 and be used for With the network interface of secondary terminal 120 communication connection, wherein the processor is configured as executing a kind of side for verifying related information Method.
As shown in Fig. 2, in one embodiment, providing a kind of method for generating related information, the present embodiment is with the party Method is applied to the secondary terminal 120 in above-mentioned Fig. 1 in the system of terminal association to illustrate.This method comprises the following steps:
Step 202, public key and the first digital signature are obtained.
Specifically, secondary terminal obtains public key and the first digital signature by the network interface communicated to connect with master terminal 110. Wherein, public key is part disclosed in cipher key pair, is a key pair with private key, commonly used in encrypted session key, verifying The data that digital signature or encryption can be decrypted with corresponding private key.First digital signature is to send letter to the sender of information A valid certificates for ceasing authenticity are generated by private key corresponding with the public key according to specified algorithm.Communication connection is Refer to that secondary terminal and master terminal establish data connection using radio wave comprising bluetooth, Wi-Fi, ZigBee, IRDA, UWB, NFC And at least one of private radio systems, that is to say, that secondary terminal by bluetooth, Wi-Fi, ZigBee, IRDA, UWB, NFC with And at least one of private radio systems obtain public key and the first digital signature.Wherein, Wi-Fi be it is a kind of by computer, hand-held set The technology that standby (such as PDA, mobile phone, bracelet, smartwatch) terminal wirelessly interconnects.ZigBee refer to IEEE802.15.4 is main physical layer standard, and is coordinated the communication between a large amount of minute sense devices with this.IRDA is A technique for point-to-point communication is carried out using infrared ray.UWB is a kind of no-load communication techniques, utilizes nanosecond to picosecond grade Non-sinusoidal waveform burst pulse transmit data.NFC is a kind of non contact angle measurement and interconnection technique, can be in mobile device, consumption The short distance wireless communication technology is carried out between electronic product, PC and smart control tool.
Step 204, the raw information of generation is encrypted to by encryption information by the public key.
Specifically, raw information is one section of test data, can be generated by test data generating.
In one embodiment, raw information be one section of character string, in Android system, step S204 the following steps are included:
Obtain public key;
Instantiate Cipher object;
Cipher object is initialized, specifies it to be now arranged in encryption mode, and specify the public key;
DoFinal method is called, the encrypted corresponding byte arrays of character string is passed to, returns to encrypted byte number Group.
Wherein, Cipher class refers to that encryption the environment JCE, JCE of JAVA are a group packets, it provide for encrypting, key Generation and negotiation and frame and the realization of message authentication code algorithm.Since Cipher class does not export, kernel module is not It can directly be called, kernel is provided solely for a unified frame to manage.
It is worth noting that, kernel is Android system meat and potatoes herein, it to be used for the data of management software sending Input is required with output, and these requirements are translated to the instruction of data processing, transfer to other electronics in central processing unit and computer What component was handled, directly hardware is operated.
In actual use Cipher class encryption function, kernel needs to distribute one by crypto_alloc_tfm () first The example of a encryption function object, reinitialize these examples, then can be added by the API that frame provides to data Close and decryption, wherein crypto_tfm is algorithm instance, and when using the specific algorithm in specific algorithm library, kernel passes through general Structure crypto_tfm is described comprising has asynchronous packet algorithm, authentication encryption algorithm, block encryption algorithm, Hash to calculate Method, compression algorithm and random number generating algorithm etc..Alloc is then Hook Function, and in constructed fuction, algorithm template is returned One crypto example.API is some functions predetermined, it is therefore an objective to provide application program and developer is based on certain software Or hardware is able to the ability of one group of routine of access, and is not necessarily to access source code, or understand the details of internal work mechanism.
Finally in practice, after the completion of encryption, it is necessary to cancel example by crypto_free_tfm (), wherein free For releasing object.
In one embodiment, the encryption information being encrypted to is short distance encryption information, the short distance encryption letter Breath is used for the authentication of terminal.
In one embodiment, the encryption information being encrypted to is network encryption information, and the network encryption information is used In the association binding of verifying terminal.
Step 206, the summary info of the encryption information is generated using hash algorithm, then splice the summary info and First digital signature simultaneously generates the second digital signature using hash algorithm again.
Specifically, hash algorithm is also known as hashing algorithm or hash function, it is a kind of binary value mapping by random length For the binary value of shorter regular length, this small binary value is known as cryptographic Hash.Cryptographic Hash be one piece of data it is unique and Extremely compact numerical value representation.If one Duan Mingwen of hash and even only change a letter of the paragraph, subsequent Hash will all generate different values.Find hash be the same value two different inputs, be computationally it is impossible, So the cryptographic Hash of data can be with the integrality of inspection data.It is generally used for quickly lookup and Encryption Algorithm.Common hash algorithm Including MD4, MD5, RAPEMD-160, SHA-1, MASH-1.
In one embodiment, for above-mentioned encryption information, for the hash algorithm used for MD5 algorithm, the MD5 algorithm is first First encryption information is grouped, so that each group of length is 512, processing then is iteratively repeated to these clear packets. Wherein, as follows for the summarization generation process of each clear packets:
S1: 512 clear packets are divided into 16 sub- clear packets, every sub- clear packets are 32;
S2: the link variable of application 4 32 is denoted as A, B, C, D;
S3: sub- clear packets and link variable carry out the 1st wheel operation;
S4: sub- clear packets and link variable carry out the 2nd wheel operation;
S5: sub- clear packets and link variable carry out the 3rd wheel operation;
S6: sub- clear packets and link variable carry out the 4th wheel operation;
S7: link variable and initial link variable carry out summation operation;
S8: link variable repeats the above operation as the input of next clear packets;
S9: finally, the data inside 4 link variables are exactly MD5 digest;
It is worth noting that, for the plaintext of random length, MD5 is calculated in the uncertain situation of encryption information length Method can produce 128 abstracts.
The plaintext of random length makes the position plaintext total length 448 (mod512) firstly the need of addition digit.Add after plaintext It is l that the method for adding position, which is first addition position, remaining is all 0.Then the length of real plaintext is indicated with 64, before being additional to After the plaintext of position had been added in face, length of the plaintext at this time is exactly 512 multiples.When length of the plaintext is greater than 2 64 powers When, low 64 bit paddings are only used only, are attached to the end of the last one grouping.By the plaintext of addition processing, length Just it is 512 integral multiples, is then grouped by 512 length, N parts of clear packets can be divided into.
In one embodiment, it is assumed that encryption information is " zhuanli ", then its abstract after above-mentioned MD5 algorithm is believed Breath is " 7D10938C6B2B048E86D8A2F3C2CAB4C7 ".
Specifically, splicing the summary info and operator "+" can be used in first digital signature, also can be used String concat () can also use String Buffer.
It is noted that the Hash that the summary info and first digital signature to above-mentioned splicing use again Algorithm is identical or compatible as the hash algorithm of summary info for generating the encryption information.
In one embodiment, when encryption information is short distance encryption information, second digital signature is closely Second digital signature.
In one embodiment, when encryption information is network encryption information, second digital signature is network second Digital signature.
Step 208, it is generated according to the encryption information and second digital signature and tests information and according to preset Communication protocol is sent to master terminal.
Specifically, test information be used for test the terminal association system data exchange robustness, repeatability and Accuracy, it is contemplated that when carrying out message push using SDK interface or REST api interface, exist for the structure of message certain Requirement, and had differences between different platforms therefore push test information, according to corresponding message structure generate.
Wherein, above-mentioned SDK interface is a secondary software development kit comprising help document, exploitation example engineering and Utility, help document are exactly SDK using document, should include specifically interface specification handbook and secondary development guide, connect Mouthful instruction manual is exactly to introduce how each interface is used, secondary development guide be exactly from shallowly enter introduce deeply how using SDK into Row secondary development;Developing example engineering is combined closely with the content of secondary development guide, is the learning stuff of developer; Utility be exactly for assist user facilitate carry out secondary development tool, such as secondary development guide, API research tool, Software package tool etc..
RESTAPI interface is mainly used for improving API availability, ease for use, and maintainable and scalability, REST are exactly Declarative state transfer, is specifically whole network from coming from the angle of resource, and the resource being distributed throughout is (described by URI URI is the ID of all " things ") it determines, and the application of client obtains the representation of resource by URI.Obtain these tables Sign causes these application programs to change its state.With the continuous representation for obtaining resource, client application constantly exists Change its state.
In one embodiment, test post is Android message format, because of the unformatted requirement of the message of Android platform, institute It can be customized with developer.
Communication protocol refers to that both entities complete communication or service be must comply with rule and agreement, mainly includes language Three method, semanteme and timing elements, wherein grammer refers to the format, coding and level of signal of data;Semanteme refers in data Appearance, meaning and control information;Timing refers to the sequence, rate-matched and sequence of communication.In practical applications, closely common Communication protocol include Wi-Fi, ZigBee, IRDA, UWB and NFC;In local area network common communication protocol include TCP/IP, Tri- kinds of agreements of NETBEUI and IPX/SPX.
In one embodiment, preset communication protocol includes short-range communication agreement and network communication protocol.
In one embodiment, the encryption information is short distance encryption information, and second digital signature is closely Second digital signature, then the test information is measurement of near distance information, which assists according to short-range communication View is sent to master terminal.
In one embodiment, the encryption information is network encryption information, and second digital signature is network second Digital signature, then the test information is network test information, and network test information is sent to main end according to network communication protocol End.
As shown in figure 3, in one embodiment, providing a kind of method for verifying related information, the present embodiment is with the party Method is applied to the master terminal 110 in above-mentioned Fig. 1 in the system of terminal association to illustrate.This method comprises the following steps:
Step 302, public key, private key and the first digital signature are generated, and by the public key and first digital signature It is sent to secondary terminal.
Specifically, step 302 the following steps are included:
Generate public key, private key and the first digital signature;
Store the public key, private key and the first digital signature;
The public key and first digital signature are sent to secondary terminal.
Specifically, the generation public key, private key and the first digital signature include:
Obtain the characteristic value of secondary terminal;
Public key, private key and the first digital signature are generated according to the characteristic value.
Wherein, the characteristic value of secondary terminal is used for unique identification pair terminal comprising model, sequence number, international mobile device At least one of identification code, integrated circuit card identification code, current time, wherein model refers to separate factory sequence, is The sub- product of homologous series gives different models, such as the model SGH-D508 of the serial mobile phone of Samsung mobile phone;Sequence number is Refer to that each product that enterprise's production is defined with a unique code, such as apple handset serial are C8PN5FN2FMLD;International mobile equipment identification number, also known as electronic serial number are each mobile device (such as mobile electricity Words, smart phone, tablet computer etc.) exclusive parameter;Integrated circuit card identification code is the unique identification number of IC card, solidification In SIM cards of mobile phones;At the time of current time is exactly the characteristic value that master terminal obtains secondary terminal.
In one embodiment, the characteristic value of secondary terminal further includes random number.
In one embodiment, the characteristic value of secondary terminal be by above-mentioned model, sequence number, international mobile equipment identification number, What at least one of integrated circuit card identification code, current time and random number obtained after hash algorithm.
In one embodiment, the characteristic value of secondary terminal is shown in the form of two dimensional code, and master terminal is by scanning the two-dimensional code The characteristic value of secondary terminal can be obtained.
Optionally, the generation public key, private key and the first digital signature are generated by RSA Algorithm, which includes Following steps:
Randomly choose two unequal prime number p and q;
Calculate the product n of p and q;
Calculate the Euler's function φ (n) of n;
An integer e is randomly choosed, condition is 1 < e < φ (n), and e and φ (n) is relatively prime;
E is calculated for the mould antielement d of φ (n);
N and e are packaged into public key, n and d are packaged into private key.
Preferably, the data of public key and private key are expressed using ASN.1 format, and wherein ASN.1 refers to abstract syntax notation one, It is a kind of ISO/ITU-T standard, describes a kind of pair of data and be indicated, encode, transmitting and decoded data format.It is provided A whole set of regular format is used for the structure of description object.
Specifically, send the public key and first digital signature to secondary terminal by Wi-Fi, ZigBee, IRDA, At least one of UWB, NFC and private radio systems.
Step 304, the test information that the secondary terminal is sent is obtained.
Specifically, the test information for obtaining the secondary terminal transmission includes two kinds of situations, one is obtaining closely Information is tested, the second is obtaining network test information.
In one embodiment, logical by short distance when the test information that secondary terminal is sent is measurement of near distance information Believe that agreement obtains measurement of near distance information.
In one embodiment, it is assisted when network test information by network communication when the test information that secondary terminal is sent View obtains network test information.
Step 306, encryption information and the second digital signature are extracted from the test information.
Specifically, the extraction encryption information and the second digital signature information are to correspond to the structure extraction of message when generating 's.
In one embodiment, when testing information is measurement of near distance information, then short distance encryption information and close is extracted The second digital signature of distance.
In one embodiment, when testing information is network test information, then network encryption information and network the is extracted Two digital signature.
Step 308, the extraction summary info of the encryption information of the extraction is generated using hash algorithm, then described in splicing It extracts summary info and first digital signature and third digital signature is generated using hash algorithm again.
Specifically, hash algorithm is also known as hashing algorithm or hash function, particular content can refer to above-mentioned.
It is noted that the Hash that the extraction summary info and first digital signature to splicing use again It is algorithm, above-mentioned for generating the hash algorithm, above-mentioned to described in splicing of the extraction summary info of the encryption information of the extraction The hash algorithm and the above-mentioned abstract letter for generating the encryption information that summary info and first digital signature use The hash algorithm of breath is mutually adapted or is compatible with.
In one embodiment, above-mentioned hash algorithm is all made of MD5 algorithm.
In one embodiment, when the encryption information of extraction is short distance encryption information, then the third number label that generate Entitled short distance third digital signature.
In one embodiment, when the encryption information of extraction is network encryption information, then the third digital signature that generates For network third digital signature.
Step 310, second digital signature and the third digital signature are then successfully associated if they are the same.
Specifically, second digital signature and the third digital signature are then successfully associated if they are the same It is specific as follows including two kinds of situations,
When second digital signature is the second digital signature of short distance, third digital signature is short distance third number label Name, namely test information is when being measurement of near distance information then authenticates success if they are the same, concurrent SCN Space Cable Network checking request to it is secondary eventually End.
When second digital signature is the second digital signature of network, third digital signature is network third digital signature, Namely test information if they are the same, is then associated with binding success when being network test information.
Preferably, master terminal obtains first measurement of near distance information simultaneously authenticates it, if authenticate successfully, to Secondary terminal sends network authentication request, and secondary terminal responds the network authentication request, sends network test information to master terminal, main end End obtains network test information by network communication protocol again.
As shown in figure 4, additionally providing a kind of side of terminal association in one embodiment based on the same inventive concept Method, the present embodiment are applied to the master terminal 110 in above-mentioned Fig. 1 in the system of terminal association in this way and lift with secondary terminal 120 Example explanation.This method comprises the following steps:
Step 402, master terminal generates public key, private key and the first digital signature, and public key and the first digital signature are sent out It send to secondary terminal.
Specifically, step 402 the following steps are included:
Generate public key, private key and the first digital signature;
Store the public key, private key and the first digital signature;
The public key and first digital signature are sent to secondary terminal.
Wherein, the generation public key, private key and the first digital signature include:
Obtain the characteristic value of secondary terminal;
Public key, private key and the first digital signature are generated according to the characteristic value.
Preferably, the characteristic value of secondary terminal is used for unique identification pair terminal comprising model, sequence number, international movement are set Standby at least one of identification code, integrated circuit card identification code, current time.
In one embodiment, the characteristic value of secondary terminal further includes random number.
In one embodiment, the characteristic value of secondary terminal be by above-mentioned model, sequence number, international mobile equipment identification number, What at least one of integrated circuit card identification code, current time and random number obtained after hash algorithm.
In one embodiment, the characteristic value of secondary terminal is shown in the form of two dimensional code, and master terminal is by scanning the two-dimensional code The characteristic value of secondary terminal can be obtained.
Optionally, the generation public key, private key and the first digital signature are generated by RSA Algorithm, specific RSA Algorithm Principle is with reference to above-mentioned.
Preferably, send the public key and first digital signature to secondary terminal by Wi-Fi, ZigBee, IRDA, At least one of UWB, NFC and private radio systems.
Step 404, the secondary terminal obtains the public key and first digital signature.
Specifically, secondary terminal obtains public key and the first digital signature by the network interface communicated to connect with master terminal 110. Wherein, public key is part disclosed in cipher key pair, is a key pair with private key, commonly used in encrypted session key, verifying The data that digital signature or encryption can be decrypted with corresponding private key.First digital signature is to send letter to the sender of information A valid certificates for ceasing authenticity are generated by private key corresponding with the public key according to specified algorithm.Communication connection is Refer to that secondary terminal and master terminal establish data connection using radio wave comprising bluetooth, Wi-Fi, ZigBee, IRDA, UWB, NFC And at least one of private radio systems.
In one embodiment, secondary terminal passes through bluetooth, Wi-Fi, ZigBee, IRDA, UWB, NFC and private radio system At least one of system obtains the public key and first digital signature.
Step 406, the raw information of generation is encrypted to encryption information by the public key by the secondary terminal first, then The summary info of the encryption information is generated using hash algorithm, then splices the summary info and first digital signature The second digital signature is generated by hash algorithm again, finally according to the encryption information and second digital signature according to default Communication protocol be sent to master terminal.
Specifically, raw information is one section of test data, can be generated by test data generating;The Hash is calculated Method is MD5 algorithm;Preset communication protocol includes short-range communication agreement and network communication protocol.
In one embodiment, when the short distance encryption information that the encryption information being encrypted to is the authentication for terminal When, second digital signature is the second digital signature of short distance, and the test post is measurement of near distance message, this is closely It tests information and is sent to master terminal according to short-range communication agreement.
In one embodiment, when the encryption information being encrypted to is added for verifying the network that the association of terminal is bound When confidential information, second digital signature is the second digital signature of network, and the test post is network test message, the network It tests information and is sent to master terminal according to network communication protocol.
Step 408, the master terminal receives test information, extracts encryption information and the second number from test information first Then signature generates the extraction summary info of the encryption information of the extraction using hash algorithm, then splice the extraction and pluck It wants information and first digital signature and third digital signature is generated using hash algorithm again, finally compare the second number label Name and third digital signature are then successfully associated if they are the same.
Specifically, the hash algorithm is also MD5 algorithm, concrete principle is with reference to above-mentioned.
In one embodiment, when the test information that secondary terminal is sent is measurement of near distance information, master terminal passes through close Field communication protocols acquisition measurement of near distance information, and signed from short distance encryption information and closely the second number is wherein extracted Name, the third digital signature are short distance third digital signature, closer the second digital signature of distance and short distance third number Word signature, if they are the same, then authenticates success, concurrent SCN Space Cable Network checking request to secondary terminal.
In one embodiment, when the test information that secondary terminal is sent is network test information, master terminal passes through network Communication protocol obtains network test information, and from wherein extracting network encryption information and the second digital signature of network, the third Digital signature is network third digital signature, and the second digital signature of comparing cell and network third digital signature are then closed if they are the same Join binding success.
Preferably, master terminal obtains first measurement of near distance information simultaneously authenticates it, if authenticate successfully, to Secondary terminal sends network authentication request, and secondary terminal responds the network authentication request, sends network test information to master terminal, main end End obtains network test information by network communication protocol again.
As shown in figure 5, be based on the same inventive concept, in one embodiment, also provide and a kind of to generate related information Device, comprising: obtain module 5001, encrypting module 5003, signature blocks 5005 and sharing module 5007.
Module 5001 is obtained, for obtaining public key and the first digital signature.
Encrypting module 5003, for the raw information of generation to be encrypted to encryption information by the public key.
Signature blocks 5005, the summary info of the encryption information is generated using hash algorithm, then splices the abstract Information and first digital signature simultaneously generate the second digital signature using hash algorithm again.
Sharing module 5007, for generating test information according to the encryption information and second digital signature and pressing Master terminal is sent to according to preset communication protocol.
Sharing module 5007 includes: measurement of near distance unit and network test unit.
Measurement of near distance unit, for being assisted according to short-range communication when the test information is measurement of near distance information View is sent to master terminal.
Network test unit, for being transmitted according to network communication protocol when the test information is network test information To master terminal.
In one embodiment, the device of the generation related information further includes response unit, is believed for the network test Before breath is sent to master terminal according to network communication protocol, the network authentication request of response master terminal transmission.
As shown in fig. 6, being based on the same inventive concept, in one embodiment, a kind of verifying related information is also provided Device, comprising: generate sharing module 6001, test acquisition module 6003, extraction module 6005, Digital Signature module 6007 and ratio Compared with module 6009.
Sharing module 6001 is generated, for generating public key, private key and the first digital signature, and public key and first is digital Signature is sent to secondary terminal.
Test obtains module 6003, for obtaining test information.
Extraction module 6005, for extracting encryption information and the second digital signature from test information.
Digital Signature module 6007, the extraction abstract letter of the encryption information for generating the extraction using hash algorithm Then breath splices the extraction summary info and first digital signature and generates third number label using hash algorithm again Name.
Comparison module 6009 if they are the same, is then successfully associated for comparing the second digital signature and third digital signature.
Wherein, generating sharing module 6001 includes: feature acquiring unit and generation unit.
Feature acquiring unit, for obtaining the characteristic value of secondary terminal.
Generation unit, for generating public key, private key and the first digital signature according to the characteristic value.
In one embodiment, the characteristic value of the secondary terminal is used for unique identification pair terminal.
Comparison module 6009 includes: short distance comparing unit and network comparing unit,
Short distance comparing unit, for when the test information is measurement of near distance information, if they are the same, then authentication at Function, concurrent SCN Space Cable Network checking request to secondary terminal.
Network comparing unit, for when the test information is network test information, if they are the same, then association to be bound into Function.
As shown in fig. 7, being based on the same inventive concept, in one embodiment, additionally provide a kind of terminal association is System, including at least one master terminal 110 and at least one secondary terminal 120, the master terminal 110 and the secondary terminal 120 communicate Connection;The master terminal 110 includes public key unit 1101 and authentication unit 1103, and the pair terminal 120 includes acquiring unit 1201 and generation unit 1203.
Public key unit 1101, for generating public key, private key and the first digital signature, and by public key and the first digital signature It is sent to secondary terminal.
Acquiring unit 1201, for obtaining the public key and first digital signature.
Generation unit 1203, for the raw information of generation to be encrypted to encryption information first by the public key, then The summary info of the encryption information is generated using hash algorithm, then splices the summary info and first digital signature The second digital signature is generated by hash algorithm again, finally according to the encryption information and second digital signature according to default Communication protocol be sent to master terminal.
Authentication unit 1103 extracts encryption information and the second number for receiving test information from test information first Then signature generates the extraction summary info of the encryption information of the extraction using hash algorithm, then splice the extraction and pluck It wants information and first digital signature and third digital signature is generated using hash algorithm again, finally compare the second number label Name and third digital signature are then successfully associated if they are the same.
In one embodiment, the test information is measurement of near distance information, and the measurement of near distance information is according to low coverage Master terminal is sent to from communication protocol.
In one embodiment, the test information is network test information, and the network test information is according to network communication Agreement is sent to master terminal.
Preferably, the system of the terminal association further includes response unit, for the network test information according to network Communication protocol is sent to before master terminal, the network authentication request that response master terminal is sent.
The public key unit 1101 includes: feature unit and public key unit.
Feature unit, for obtaining the characteristic value of secondary terminal.
Public key unit, for generating public key, private key and the first digital signature according to the characteristic value.
Preferably, the characteristic value of the secondary terminal is used for unique identification pair terminal.
The authentication unit 1103 includes: short distance authentication unit and network verification unit.
Short distance authentication unit, for when the test information is measurement of near distance information, if they are the same, then authentication at Function, concurrent SCN Space Cable Network checking request to secondary terminal.
Network verification unit, for when the test information is network test information, if they are the same, then association to be bound into Function.
A kind of method and system of terminal association provided by the present invention are described in detail above, for this field Those skilled in the art, thought according to an embodiment of the present invention has change in specific embodiments and applications Place, in conclusion the contents of this specification are not to be construed as limiting the invention.

Claims (34)

1. a kind of method for generating related information, which comprises the following steps:
Public key and the first digital signature are obtained, first digital signature is by private key corresponding with the public key according to specified calculation Method generates;
The raw information of generation is encrypted to encryption information by the public key, the raw information is one section of test data;
The summary info of the encryption information is generated using hash algorithm, then splices the summary info and first number It signs and the second digital signature is generated using hash algorithm again;
Test information is generated according to the encryption information and second digital signature and is transmitted according to preset communication protocol To master terminal, the test information is used to test the accuracy of the system data exchange of this terminal association.
2. generating the method for related information as described in claim 1, which is characterized in that the test information is measurement of near distance Information, the measurement of near distance information are sent to master terminal according to short-range communication agreement.
3. generating the method for related information as described in claim 1, which is characterized in that the test information is network test letter Breath, the network test information are sent to master terminal according to network communication protocol.
4. generating the method for related information as claimed in claim 3, which is characterized in that the network test information is according to network Communication protocol is sent to before master terminal, comprising: the network authentication request that response master terminal is sent.
5. a kind of method for verifying related information, which comprises the following steps:
Public key, private key and the first digital signature are generated, and the public key and first digital signature are sent to secondary terminal, First digital signature is generated by private key corresponding with the public key according to specified algorithm;
The test information that the secondary terminal is sent is obtained, the test information is used to test the system data exchange of this terminal association Accuracy;
Encryption information and the second digital signature are extracted from the test information;
Then the extraction summary info that the encryption information of the extraction is generated using hash algorithm splices the extraction summary info Third digital signature is generated with first digital signature and again using hash algorithm;
Compare second digital signature and the third digital signature is then successfully associated if they are the same.
6. the method for verifying related information as claimed in claim 5, which is characterized in that the generation public key, private key and the One digital signature includes:
Obtain the characteristic value of secondary terminal;
Public key, private key and the first digital signature are generated according to the characteristic value.
7. the method for verifying related information as claimed in claim 6, which is characterized in that the characteristic value of the pair terminal is for only One identifies secondary terminal.
8. as claimed in claim 5 verifying related information method, which is characterized in that it is described if they are the same, then be successfully associated packet It includes:
When the test information is measurement of near distance information, if they are the same, then success, concurrent SCN Space Cable Network checking request to pair are authenticated Terminal.
9. as claimed in claim 5 verifying related information method, which is characterized in that it is described if they are the same, then be successfully associated packet It includes:
When the test information is network test information, if they are the same, then it is associated with binding success.
10. a kind of method of terminal association, which comprises the following steps:
Master terminal generates public key, private key and the first digital signature, and public key and the first digital signature are sent to secondary terminal, institute It states the first digital signature and is generated by private key corresponding with the public key according to specified algorithm;
The pair terminal obtains the public key and first digital signature;
The raw information of generation is encrypted to encryption information by the public key by the pair terminal first, then uses hash algorithm The summary info of the encryption information is generated, then splices the summary info and first digital signature and is calculated again by Hash Method generates the second digital signature, is finally generated according to the encryption information and second digital signature and tests information and according to pre- If communication protocol be sent to master terminal, the raw information is one section of test data;
The master terminal receives test information, extracts encryption information and the second digital signature from test information first, then adopts The extraction summary info that the encryption information of the extraction is generated with hash algorithm, then splice the extraction summary info with it is described First digital signature simultaneously generates third digital signature using hash algorithm again, finally compares the second digital signature and third number Signature, if they are the same, is then successfully associated, and the test information is used to test the accuracy of the system data exchange of this terminal association.
11. the method for terminal association as claimed in claim 10, which is characterized in that the test information is measurement of near distance letter Breath, the measurement of near distance information are sent to master terminal according to short-range communication agreement.
12. the method for terminal association as claimed in claim 10, which is characterized in that the test information is network test letter Breath, the network test information are sent to master terminal according to network communication protocol.
13. the method for terminal association as claimed in claim 12, which is characterized in that the network test information is logical according to network Letter agreement is sent to before master terminal, comprising: the network authentication request that response master terminal is sent.
14. the method for terminal association as claimed in claim 10, which is characterized in that the master terminal generate public key, private key with And first digital signature include:
Obtain the characteristic value of secondary terminal;
Public key, private key and the first digital signature are generated according to the characteristic value.
15. the method for terminal association as claimed in claim 14, which is characterized in that the characteristic value of the pair terminal is for unique Identify secondary terminal.
16. the method for terminal association as claimed in claim 10, which is characterized in that it is described if they are the same, then be successfully associated and include:
When the test information is measurement of near distance information, if they are the same, then success, concurrent SCN Space Cable Network checking request to pair are authenticated Terminal.
17. the method for terminal association as claimed in claim 10, which is characterized in that it is described if they are the same, then be successfully associated and include:
When the test information is network test information, if they are the same, then it is associated with binding success.
18. a kind of device for generating related information, which is characterized in that described device includes:
Module is obtained, for obtaining public key and the first digital signature, first digital signature is by private corresponding with the public key Key is generated according to specified algorithm;
Encrypting module, for the raw information of generation to be encrypted to encryption information by the public key, the raw information is one Section test data;
Signature blocks, the summary info of the encryption information is generated using hash algorithm, then splices the summary info and institute It states the first digital signature and the second digital signature is generated using hash algorithm again;
Sharing module, for generating test information according to the encryption information and second digital signature and according to preset Communication protocol is sent to master terminal, and the test information is used to test the accuracy of the system data exchange of this terminal association.
19. generating the device of related information as claimed in claim 18, which is characterized in that the sharing module includes:
Measurement of near distance unit, for being passed according to short-range communication agreement when the test information is measurement of near distance information It send to master terminal.
20. generating the device of related information as claimed in claim 18, which is characterized in that the sharing module includes:
Network test unit, for being sent to master according to network communication protocol when the test information is network test information Terminal.
21. generating the device of related information as claimed in claim 20, which is characterized in that described device further include:
Response unit before being sent to master terminal according to network communication protocol for the network test information, responds master terminal The network authentication request of transmission.
22. a kind of device for verifying related information, which is characterized in that described device includes:
Sharing module is generated, is sent for generating public key, private key and the first digital signature, and by public key and the first digital signature To secondary terminal, first digital signature is generated by private key corresponding with the public key according to specified algorithm;
Test obtains module, and for obtaining test information, the system data that the test information is used to test this terminal association is handed over The accuracy changed;
Extraction module, for extracting encryption information and the second digital signature from test information;
Digital Signature module, the extraction summary info of the encryption information for being generated the extraction using hash algorithm, is then spelled It connects the extraction summary info and first digital signature and third digital signature is generated using hash algorithm again;
Comparison module if they are the same, is then successfully associated for comparing the second digital signature and third digital signature.
23. the device of verifying related information as claimed in claim 22, which is characterized in that the generation sharing module includes:
Feature acquiring unit, for obtaining the characteristic value of secondary terminal;
Generation unit, for generating public key, private key and the first digital signature according to the characteristic value.
24. the device of verifying related information as claimed in claim 23, which is characterized in that the characteristic value of the pair terminal is used for Unique identification pair terminal.
25. the device of verifying related information as claimed in claim 22, which is characterized in that the comparison module includes:
Short distance comparing unit, for if they are the same, then authenticating success when the test information is measurement of near distance information, and Network authentication request is sent to secondary terminal.
26. the device of verifying related information as claimed in claim 22, which is characterized in that the comparison module includes:
Network comparing unit, for if they are the same, being then associated with binding success when the test information is network test information.
27. a kind of system of terminal association, which is characterized in that described including at least one master terminal and at least one secondary terminal Master terminal and the secondary terminal communication connection;The master terminal includes public key unit and authentication unit, and the pair terminal includes obtaining Take unit and generation unit;Wherein,
Public key unit is sent to pair for generating public key, private key and the first digital signature, and by public key and the first digital signature Terminal, first digital signature are generated by private key corresponding with the public key according to specified algorithm;
Acquiring unit, for obtaining the public key and first digital signature;
Then generation unit uses Hash for the raw information of generation to be encrypted to encryption information first by the public key Algorithm generates the summary info of the encryption information, then splices the summary info and first digital signature passes through Kazakhstan again Uncommon algorithm generates the second digital signature, finally according to the encryption information and second digital signature according to preset communication protocols View is sent to master terminal, and the raw information is one section of test data;
Authentication unit extracts encryption information and the second digital signature from test information first, then for receiving test information The extraction summary info that the encryption information of the extraction is generated using hash algorithm then splices the extraction summary info and institute It states the first digital signature and third digital signature is generated using hash algorithm again, finally compare the second digital signature and third number Word signature, if they are the same, is then successfully associated, and the test information is used to test the accurate of the system data exchange of this terminal association Property.
28. the system of terminal association as claimed in claim 27, which is characterized in that the test information is measurement of near distance letter Breath, the measurement of near distance information are sent to master terminal according to short-range communication agreement.
29. the system of terminal association as claimed in claim 27, which is characterized in that the test information is network test letter Breath, the network test information are sent to master terminal according to network communication protocol.
30. the system of terminal association as claimed in claim 29, which is characterized in that the system also includes response units, use Before the network test information is sent to master terminal according to network communication protocol, the network verification that response master terminal is sent is asked It asks.
31. the system of terminal association as claimed in claim 27, which is characterized in that the public key unit includes:
Feature unit, for obtaining the characteristic value of secondary terminal;
Public key unit, for generating public key, private key and the first digital signature according to the characteristic value.
32. the system of terminal association as claimed in claim 31, which is characterized in that the characteristic value of the pair terminal is for unique Identify secondary terminal.
33. the system of terminal association as claimed in claim 27, which is characterized in that the authentication unit includes:
Short distance authentication unit, for if they are the same, then authenticating success when the test information is measurement of near distance information, and Network authentication request is sent to secondary terminal.
34. the system of terminal association as claimed in claim 27, which is characterized in that the authentication unit includes:
Network verification unit, for if they are the same, being then associated with binding success when the test information is network test information.
CN201610245339.7A 2016-04-19 2016-04-19 A kind of method and system of terminal association Expired - Fee Related CN105978693B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610245339.7A CN105978693B (en) 2016-04-19 2016-04-19 A kind of method and system of terminal association

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610245339.7A CN105978693B (en) 2016-04-19 2016-04-19 A kind of method and system of terminal association

Publications (2)

Publication Number Publication Date
CN105978693A CN105978693A (en) 2016-09-28
CN105978693B true CN105978693B (en) 2019-05-14

Family

ID=56993112

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610245339.7A Expired - Fee Related CN105978693B (en) 2016-04-19 2016-04-19 A kind of method and system of terminal association

Country Status (1)

Country Link
CN (1) CN105978693B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106685977B (en) * 2017-01-03 2019-11-08 武汉虹信技术服务有限责任公司 A kind of system of account building method based on intelligence community cloud platform
CN106936572B (en) * 2017-04-01 2020-10-27 上海理深信息科技有限公司 Safe data matching method and system
CN108683665A (en) * 2018-05-15 2018-10-19 国家电网公司 Data ciphering method, system in fiber optic communication and data transmitting equipment
CN109347627B (en) * 2018-09-19 2023-08-29 平安科技(深圳)有限公司 Data encryption and decryption method and device, computer equipment and storage medium
CN114679280A (en) * 2022-03-15 2022-06-28 北京宏思电子技术有限责任公司 RSA-based joint signature generation method and device

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5671285A (en) * 1995-12-13 1997-09-23 Newman; Bruce D. Secure communication system
CN102279908B (en) * 2010-06-08 2014-03-12 安凯(广州)微电子技术有限公司 Method and system for protecting digital contents
CN102664735B (en) * 2012-04-13 2016-01-06 江苏新彩软件有限公司 A kind of cell phone lottery system safety session implementation method based on public keys
CN104639327A (en) * 2015-01-29 2015-05-20 杭州晟元芯片技术有限公司 Method for identifying and correlating equipment by digital certificate

Also Published As

Publication number Publication date
CN105978693A (en) 2016-09-28

Similar Documents

Publication Publication Date Title
CN105978693B (en) A kind of method and system of terminal association
US11838415B2 (en) Blockchain-implemented method and system
CN110995642B (en) Providing secure connections using pre-shared keys
CN105827655B (en) A kind of intelligent cipher key equipment and its working method
CN105184931A (en) Bluetooth-based unlocking method, system and hand-held terminal and Bluetooth-based electronic lock
Azrour et al. New Efficient and Secured Authentication Protocol for Remote Healthcare Systems in Cloud‐IoT
CN108965230A (en) A kind of safety communicating method, system and terminal device
CN102780698A (en) User terminal safety communication method in platform of Internet of Things
CN104994098B (en) Document transmission method and relevant apparatus and Transmission system
CN110601815B (en) Block chain data processing method and equipment
CN105635075A (en) Method of registering cloud terminal, cloud terminal, cloud server and cloud system
CN109040055A (en) The method for realizing Web secure access using domestic password
CN105407072A (en) Method and system for achieving safety of Internet of Things, and interconnection equipment
CN106612265A (en) Instant messaging method and server
Ryu et al. Improved secure and efficient Chebyshev chaotic map-based user authentication scheme
CN109922022A (en) Internet of Things communication means, platform, terminal and system
CN107332833A (en) Method of calibration and device
CN113518071B (en) Robot sensor information security enhancing device and method
Zhang et al. Formal analysis of QUIC handshake protocol using ProVerif
CN105306577A (en) Data sharing system and method between handheld devices based on APP
CN109088733B (en) Method and device for realizing application expansion of smart card
Guo et al. An efficient and secure certificateless authentication protocol for healthcare system on wireless medical sensor networks
CN104852906B (en) Data transmission method and system and data transmission method of client
EP3063920B1 (en) Method for setting up, via an intermediate entity, a secure session between a first and a second entity, and corresponding entities and computer program products
CN102662483A (en) A method for cloud computing business intelligent terminal users to safely input information

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20190514

CF01 Termination of patent right due to non-payment of annual fee