CN105978693B - A kind of method and system of terminal association - Google Patents
A kind of method and system of terminal association Download PDFInfo
- Publication number
- CN105978693B CN105978693B CN201610245339.7A CN201610245339A CN105978693B CN 105978693 B CN105978693 B CN 105978693B CN 201610245339 A CN201610245339 A CN 201610245339A CN 105978693 B CN105978693 B CN 105978693B
- Authority
- CN
- China
- Prior art keywords
- digital signature
- information
- terminal
- public key
- test
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000000034 method Methods 0.000 title claims abstract description 62
- 238000012360 testing method Methods 0.000 claims abstract description 169
- 238000004891 communication Methods 0.000 claims abstract description 70
- 238000000605 extraction Methods 0.000 claims abstract description 47
- 238000005259 measurement Methods 0.000 claims description 42
- 230000004044 response Effects 0.000 claims description 15
- 239000000284 extract Substances 0.000 claims description 7
- 238000012795 verification Methods 0.000 claims description 5
- 230000005540 biological transmission Effects 0.000 claims description 3
- 238000004364 calculation method Methods 0.000 claims 1
- 230000006870 function Effects 0.000 description 17
- 238000011161 development Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 6
- 230000008859 change Effects 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 230000008569 process Effects 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 101150010353 Ascl1 gene Proteins 0.000 description 1
- 235000002595 Solanum tuberosum Nutrition 0.000 description 1
- 244000061456 Solanum tuberosum Species 0.000 description 1
- 238000003491 array Methods 0.000 description 1
- 238000007906 compression Methods 0.000 description 1
- 230000006835 compression Effects 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000013507 mapping Methods 0.000 description 1
- 235000013372 meat Nutrition 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 235000012015 potatoes Nutrition 0.000 description 1
- 238000002360 preparation method Methods 0.000 description 1
- 238000003825 pressing Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000012163 sequencing technique Methods 0.000 description 1
- 238000007711 solidification Methods 0.000 description 1
- 230000008023 solidification Effects 0.000 description 1
- 230000009897 systematic effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3242—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Computer And Data Communications (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a kind of method and system of terminal association, including generate public key, private key and the first digital signature, and public key and the first digital signature are sent to secondary terminal;Secondary terminal obtains the public key and first digital signature;Secondary terminal generates the second digital signature by the public key and first digital signature, then generates test information according to the encryption information and second digital signature and is sent to master terminal according to preset communication protocol;Master terminal receives test information, then splices the extraction summary info and first digital signature generates third digital signature, finally compare the second digital signature and third digital signature.The method and system of the terminal association improves safety, avoids human risks, facilitate free terminal association by the way that message content to be integrated into digital signature.
Description
Technical field
The present invention relates to the fields of electrical communication, more particularly, to a kind of method and system of terminal association.
Background technique
With the continuous arrival of the internet of things era, interconnecting more and more frequently between terminal.For example in intelligent family
Occupy aspect, the house life centered on smart phone gradually grows up as a kind of life style of new fashion, people also without when
The convenient life of Internet of Things bring is not being enjoyed without carving.But as more and more equipment intercourse data, this is one
Determine to improve data exchange risk in degree, the information being for example commonly encountered is tampered, and is plagiarized.
Currently, the interrelational form for terminal is mainly rivest, shamir, adelman, key pair is constructed by message sender
And public key is announced to message receiver, first message sender is formed data signature, data and signature using the private key of itself
Message is sent to message receiver, and message receiver is using public key for verifying.But there is certain ask in this interrelational form
Topic, if the public key of message sender is replaced as the public key of oneself by the system that third party has invaded message receiver, then emits
It fills message sender and sends instruction to message receiver, be thus easy to cause the leakage of message.
Regarding to the issue above current settling mode be carry out public key certification, but the certification of public key introduce it is artificial
Control, which are added human risks, be also inconvenient for terminal be freely associated with and the expansion of terminal device, while user experience
It is bad.
Summary of the invention
The purpose of the present invention aims to solve the problem that at least one above-mentioned problem, provides a kind of method and system of terminal association.
To realize the purpose, the present invention adopts the following technical scheme:
Scheme one:
A kind of method generating related information is provided, comprising the following steps:
Obtain public key and the first digital signature;
The raw information of generation is encrypted to encryption information by the public key;
The summary info of the encryption information is generated using hash algorithm, then splices the summary info and described first
Digital signature simultaneously generates the second digital signature using hash algorithm again;
Test information is generated according to the encryption information and second digital signature and according to preset communication protocol
It is sent to master terminal.
In the present invention, the test information is measurement of near distance information, and the measurement of near distance information is according to short-range communication
Agreement is sent to master terminal.
In the present invention, the test information is network test information, which passes according to network communication protocol
It send to master terminal.
In the present invention, the network test information is sent to before master terminal according to network communication protocol, comprising: response master
The network authentication request that terminal is sent.
Scheme two:
A kind of device for generating related information is provided, described device includes:
Module is obtained, for obtaining public key and the first digital signature;
Encrypting module, for the raw information of generation to be encrypted to encryption information by the public key;
Signature blocks, the summary info of the encryption information is generated using hash algorithm, then splices the summary info
The second digital signature is generated with first digital signature and again using hash algorithm;
Sharing module, for generating test information according to the encryption information and second digital signature and according to pre-
If communication protocol be sent to master terminal.
In the present invention, the sharing module includes:
Measurement of near distance unit, for being assisted according to short-range communication when the test information is measurement of near distance information
View is sent to master terminal;
In the present invention, the sharing module includes:
Network test unit, for being transmitted according to network communication protocol when the test information is network test information
To master terminal.
In the present invention, described device further include:
Response unit, before being sent to master terminal according to network communication protocol for the network test information, response master
The network authentication request that terminal is sent.
The method and apparatus of above-mentioned generation related information generate the summary info of the encryption information simultaneously by hash algorithm
Summary info and the first digital signature to the generation do hash algorithm again and generate the second digital signature, will be in message to be sent
Appearance has been integrated into the second digital signature, has been reformed the mode of traditional generation related information, has been effectively raised anti-intrusion
Energy.
Scheme three:
A kind of method for verifying related information is provided, comprising the following steps:
Public key, private key and the first digital signature are generated, and the public key and first digital signature are sent to pair
Terminal;
Obtain the test information that the secondary terminal is sent;
Encryption information and the second digital signature are extracted from the test information;
Then the extraction summary info that the encryption information of the extraction is generated using hash algorithm splices the extraction abstract
Information and first digital signature simultaneously generate third digital signature using hash algorithm again;
Compare second digital signature and the third digital signature is then successfully associated if they are the same.
In the present invention, the generation public key, private key and the first digital signature include:
Obtain the characteristic value of secondary terminal;
Public key, private key and the first digital signature are generated according to the characteristic value.
In the present invention, the characteristic value of the pair terminal is used for unique identification pair terminal.
In the present invention, it is described if they are the same, then be successfully associated and include:
When the test information is measurement of near distance information, if they are the same, then success, concurrent SCN Space Cable Network checking request are authenticated
To secondary terminal.
In the present invention, it is described if they are the same, then be successfully associated and include:
When the test information is network test information, if they are the same, then it is associated with binding success.
Scheme four:
A kind of device for verifying related information is provided, described device includes:
Sharing module is generated, for generating public key, private key and the first digital signature, and by public key and the first digital signature
It is sent to secondary terminal;
Test obtains module, for obtaining test information;
Extraction module, for extracting encryption information and the second digital signature from test information;
Digital Signature module, the extraction summary info of the encryption information for generating the extraction using hash algorithm, so
After splice the extraction summary info and first digital signature and again using hash algorithm generate third digital signature;
Comparison module if they are the same, is then successfully associated for comparing the second digital signature and third digital signature.
In the present invention, the generation sharing module includes:
Feature acquiring unit, for obtaining the characteristic value of secondary terminal;
Generation unit, for generating public key, private key and the first digital signature according to the characteristic value.
In the present invention, the characteristic value of the pair terminal is used for unique identification pair terminal.
In the present invention, the comparison module includes:
Short distance comparing unit, for when the test information is measurement of near distance information, if they are the same, then authentication at
Function, concurrent SCN Space Cable Network checking request to secondary terminal.
In the present invention, the comparison module includes:
Network comparing unit, for when the test information is network test information, if they are the same, then association to be bound into
Function.
The method and apparatus of above-mentioned verifying related information, again by the first digital signature of generation and received message content
Secondary generation third digital signature, the method for then comparing the second digital signature and third digital signature again are verified, innovation
Tradition is the method verified according to public key, is avoided because of challenge brought by public key replacement, to a certain extent
Improve safety and reliability.
Scheme five:
A kind of method of terminal association is provided, comprising the following steps:
Master terminal generates public key, private key and the first digital signature, and public key and the first digital signature are sent to pair eventually
End;
The pair terminal obtains the public key and first digital signature;
The raw information of generation is encrypted to encryption information by the public key by the pair terminal first, then uses Hash
Algorithm generates the summary info of the encryption information, then splices the summary info and first digital signature passes through Kazakhstan again
Uncommon algorithm generates the second digital signature, finally generates test information according to the encryption information and second digital signature and presses
Master terminal is sent to according to preset communication protocol;
The master terminal receives test information, extracts encryption information and the second digital signature from test information first, so
Afterwards using hash algorithm generate the extraction encryption information extraction summary info, then splice the extractions summary info and
First digital signature simultaneously generates third digital signature using hash algorithm again, finally compares the second digital signature and third
Digital signature is then successfully associated if they are the same.
In the present invention, the test information is measurement of near distance information, and the measurement of near distance information is according to short-range communication
Agreement is sent to master terminal.
In the present invention, the test information is network test information, which passes according to network communication protocol
It send to master terminal.
In the present invention, the network test information is sent to before master terminal according to network communication protocol, comprising: response master
The network authentication request that terminal is sent.
In the present invention, the master terminal generates public key, private key and the first digital signature and includes:
Obtain the characteristic value of secondary terminal;
Public key, private key and the first digital signature are generated according to the characteristic value.
In the present invention, the characteristic value of the pair terminal is used for unique identification pair terminal.
In the present invention, it is described if they are the same, then be successfully associated and include:
When the test information is measurement of near distance information, if they are the same, then success, concurrent SCN Space Cable Network checking request are authenticated
To secondary terminal;
In the present invention, it is described if they are the same, then be successfully associated and include:
When the test information is network test information, if they are the same, then it is associated with binding success.
Scheme six:
A kind of system of terminal association, including at least one master terminal and at least one secondary terminal, the master terminal are provided
It is communicated to connect with the secondary terminal;The master terminal includes public key unit and authentication unit, and the pair terminal includes acquiring unit
And generation unit;Wherein,
Public key unit is sent for generating public key, private key and the first digital signature, and by public key and the first digital signature
To secondary terminal;
Acquiring unit, for obtaining the public key and first digital signature;
Then generation unit is used for the raw information of generation to be encrypted to encryption information first by the public key
Hash algorithm generates the summary info of the encryption information, then splices the summary info and leads to again with first digital signature
It crosses hash algorithm and generates the second digital signature, finally according to the encryption information and second digital signature according to preset logical
Letter agreement is sent to master terminal;
Authentication unit extracts encryption information and the second digital signature from test information first for receiving test information,
Then the extraction summary info that the encryption information of the extraction is generated using hash algorithm, then splices the extraction summary info
Third digital signature is generated using hash algorithm with first digital signature and again, finally compares the second digital signature and the
Three digital signature are then successfully associated if they are the same.
In the present invention, the test information is measurement of near distance information, and the measurement of near distance information is according to short-range communication
Agreement is sent to master terminal.
In the present invention, the test information is network test information, which passes according to network communication protocol
It send to master terminal.
In the present invention, the system also includes response units, for the network test information according to network communication protocol
It is sent to before master terminal, the network authentication request that response master terminal is sent.
In the present invention, the public key unit includes:
Feature unit, for obtaining the characteristic value of secondary terminal;
Public key unit, for generating public key, private key and the first digital signature according to the characteristic value.
In the present invention, the characteristic value of the pair terminal is used for unique identification pair terminal.
In the present invention, the authentication unit includes:
Short distance authentication unit, for when the test information is measurement of near distance information, if they are the same, then authentication at
Function, concurrent SCN Space Cable Network checking request to secondary terminal;
In the present invention, the authentication unit includes:
Network verification unit, for when the test information is network test information, if they are the same, then association to be bound into
Function.
The method and system of above-mentioned terminal association effectively improves mirror by the way that message content to be integrated into digital signature
The safety of power and binding procedure, overcomes the problem of traditional association mode public key is replaced to a certain extent, meanwhile, it avoids
Because of human risks caused by authentication public key, facilitate several terminals be freely associated with and system in terminal device
It expands, also the user experience is improved.
Detailed description of the invention
To describe the technical solutions in the embodiments of the present invention more clearly, make required in being described below to embodiment
Attached drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for
For those skilled in the art, without creative efforts, it can also be obtained according to these attached drawings other attached
Figure.
Fig. 1 shows terminal association systematic difference environment map according to an embodiment of the invention;
Fig. 2 shows the flow diagrams for the method that related information is generated in one embodiment of the invention;
Fig. 3 shows the flow diagram that the method for related information is verified in one embodiment of the invention;
Fig. 4 shows the flow diagram of the method for terminal association in one embodiment of the invention;
Fig. 5 shows the modular structure schematic diagram that the device of related information is generated in one embodiment of the invention;
Fig. 6 shows the modular structure schematic diagram that the device of related information is verified in one embodiment of the invention;
Fig. 7 shows the system structure diagram of terminal association system in one embodiment of the invention.
Specific embodiment
In order to enable those skilled in the art to better understand the solution of the present invention, below in conjunction in the embodiment of the present invention
Attached drawing, technical scheme in the embodiment of the invention is clearly and completely described.
In some processes of the description in description and claims of this specification and above-mentioned attached drawing, contain according to
Multiple operations that particular order occurs, but it should be clearly understood that these operations can not be what appears in this article suitable according to its
Sequence is executed or is executed parallel, and serial number of operation such as 101,102 etc. is only used for distinguishing each different operation, serial number
It itself does not represent and any executes sequence.In addition, these processes may include more or fewer operations, and these operations can
To execute or execute parallel in order.It should be noted that the description such as " first " herein, " second ", is for distinguishing not
Same message, terminal, module etc., does not represent sequencing, does not also limit " first " and " second " and be different type.
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, those skilled in the art's every other implementation obtained without creative efforts
Example, shall fall within the protection scope of the present invention.
As shown in Figure 1, in one embodiment, providing a kind of system of terminal association, including at least one master terminal
110 and at least one secondary terminal 20, wherein master terminal 110 and the secondary terminal 120 communicate to connect.Master terminal 110 include mobile phone,
At least one in computer, server, tablet computer, smartwatch, personal digital assistant (PDA) and the electronic equipment that can network etc.
Kind.Secondary terminal 120 includes mobile phone, computer, tablet computer, smartwatch, personal digital assistant (PDA) and can networked electronic device
At least one of Deng.
In one embodiment, a kind of a kind of secondary terminal 120 for realizing method for generating related information, packet are provided
Include with computing function and control 120 data of processor, storage program area and secondary terminal of secondary terminal 120 memory and
Network interface for being communicated to connect with master terminal 110, wherein the processor is configured as executing a kind of related information that generates
Method.
In one embodiment, a kind of master terminal 110 of method for realizing verifying related information, including tool are provided
There is computing function and controls the memory of 110 data of processor, storage program area and master terminal of master terminal 110 and be used for
With the network interface of secondary terminal 120 communication connection, wherein the processor is configured as executing a kind of side for verifying related information
Method.
As shown in Fig. 2, in one embodiment, providing a kind of method for generating related information, the present embodiment is with the party
Method is applied to the secondary terminal 120 in above-mentioned Fig. 1 in the system of terminal association to illustrate.This method comprises the following steps:
Step 202, public key and the first digital signature are obtained.
Specifically, secondary terminal obtains public key and the first digital signature by the network interface communicated to connect with master terminal 110.
Wherein, public key is part disclosed in cipher key pair, is a key pair with private key, commonly used in encrypted session key, verifying
The data that digital signature or encryption can be decrypted with corresponding private key.First digital signature is to send letter to the sender of information
A valid certificates for ceasing authenticity are generated by private key corresponding with the public key according to specified algorithm.Communication connection is
Refer to that secondary terminal and master terminal establish data connection using radio wave comprising bluetooth, Wi-Fi, ZigBee, IRDA, UWB, NFC
And at least one of private radio systems, that is to say, that secondary terminal by bluetooth, Wi-Fi, ZigBee, IRDA, UWB, NFC with
And at least one of private radio systems obtain public key and the first digital signature.Wherein, Wi-Fi be it is a kind of by computer, hand-held set
The technology that standby (such as PDA, mobile phone, bracelet, smartwatch) terminal wirelessly interconnects.ZigBee refer to
IEEE802.15.4 is main physical layer standard, and is coordinated the communication between a large amount of minute sense devices with this.IRDA is
A technique for point-to-point communication is carried out using infrared ray.UWB is a kind of no-load communication techniques, utilizes nanosecond to picosecond grade
Non-sinusoidal waveform burst pulse transmit data.NFC is a kind of non contact angle measurement and interconnection technique, can be in mobile device, consumption
The short distance wireless communication technology is carried out between electronic product, PC and smart control tool.
Step 204, the raw information of generation is encrypted to by encryption information by the public key.
Specifically, raw information is one section of test data, can be generated by test data generating.
In one embodiment, raw information be one section of character string, in Android system, step S204 the following steps are included:
Obtain public key;
Instantiate Cipher object;
Cipher object is initialized, specifies it to be now arranged in encryption mode, and specify the public key;
DoFinal method is called, the encrypted corresponding byte arrays of character string is passed to, returns to encrypted byte number
Group.
Wherein, Cipher class refers to that encryption the environment JCE, JCE of JAVA are a group packets, it provide for encrypting, key
Generation and negotiation and frame and the realization of message authentication code algorithm.Since Cipher class does not export, kernel module is not
It can directly be called, kernel is provided solely for a unified frame to manage.
It is worth noting that, kernel is Android system meat and potatoes herein, it to be used for the data of management software sending
Input is required with output, and these requirements are translated to the instruction of data processing, transfer to other electronics in central processing unit and computer
What component was handled, directly hardware is operated.
In actual use Cipher class encryption function, kernel needs to distribute one by crypto_alloc_tfm () first
The example of a encryption function object, reinitialize these examples, then can be added by the API that frame provides to data
Close and decryption, wherein crypto_tfm is algorithm instance, and when using the specific algorithm in specific algorithm library, kernel passes through general
Structure crypto_tfm is described comprising has asynchronous packet algorithm, authentication encryption algorithm, block encryption algorithm, Hash to calculate
Method, compression algorithm and random number generating algorithm etc..Alloc is then Hook Function, and in constructed fuction, algorithm template is returned
One crypto example.API is some functions predetermined, it is therefore an objective to provide application program and developer is based on certain software
Or hardware is able to the ability of one group of routine of access, and is not necessarily to access source code, or understand the details of internal work mechanism.
Finally in practice, after the completion of encryption, it is necessary to cancel example by crypto_free_tfm (), wherein free
For releasing object.
In one embodiment, the encryption information being encrypted to is short distance encryption information, the short distance encryption letter
Breath is used for the authentication of terminal.
In one embodiment, the encryption information being encrypted to is network encryption information, and the network encryption information is used
In the association binding of verifying terminal.
Step 206, the summary info of the encryption information is generated using hash algorithm, then splice the summary info and
First digital signature simultaneously generates the second digital signature using hash algorithm again.
Specifically, hash algorithm is also known as hashing algorithm or hash function, it is a kind of binary value mapping by random length
For the binary value of shorter regular length, this small binary value is known as cryptographic Hash.Cryptographic Hash be one piece of data it is unique and
Extremely compact numerical value representation.If one Duan Mingwen of hash and even only change a letter of the paragraph, subsequent
Hash will all generate different values.Find hash be the same value two different inputs, be computationally it is impossible,
So the cryptographic Hash of data can be with the integrality of inspection data.It is generally used for quickly lookup and Encryption Algorithm.Common hash algorithm
Including MD4, MD5, RAPEMD-160, SHA-1, MASH-1.
In one embodiment, for above-mentioned encryption information, for the hash algorithm used for MD5 algorithm, the MD5 algorithm is first
First encryption information is grouped, so that each group of length is 512, processing then is iteratively repeated to these clear packets.
Wherein, as follows for the summarization generation process of each clear packets:
S1: 512 clear packets are divided into 16 sub- clear packets, every sub- clear packets are 32;
S2: the link variable of application 4 32 is denoted as A, B, C, D;
S3: sub- clear packets and link variable carry out the 1st wheel operation;
S4: sub- clear packets and link variable carry out the 2nd wheel operation;
S5: sub- clear packets and link variable carry out the 3rd wheel operation;
S6: sub- clear packets and link variable carry out the 4th wheel operation;
S7: link variable and initial link variable carry out summation operation;
S8: link variable repeats the above operation as the input of next clear packets;
S9: finally, the data inside 4 link variables are exactly MD5 digest;
It is worth noting that, for the plaintext of random length, MD5 is calculated in the uncertain situation of encryption information length
Method can produce 128 abstracts.
The plaintext of random length makes the position plaintext total length 448 (mod512) firstly the need of addition digit.Add after plaintext
It is l that the method for adding position, which is first addition position, remaining is all 0.Then the length of real plaintext is indicated with 64, before being additional to
After the plaintext of position had been added in face, length of the plaintext at this time is exactly 512 multiples.When length of the plaintext is greater than 2 64 powers
When, low 64 bit paddings are only used only, are attached to the end of the last one grouping.By the plaintext of addition processing, length
Just it is 512 integral multiples, is then grouped by 512 length, N parts of clear packets can be divided into.
In one embodiment, it is assumed that encryption information is " zhuanli ", then its abstract after above-mentioned MD5 algorithm is believed
Breath is " 7D10938C6B2B048E86D8A2F3C2CAB4C7 ".
Specifically, splicing the summary info and operator "+" can be used in first digital signature, also can be used
String concat () can also use String Buffer.
It is noted that the Hash that the summary info and first digital signature to above-mentioned splicing use again
Algorithm is identical or compatible as the hash algorithm of summary info for generating the encryption information.
In one embodiment, when encryption information is short distance encryption information, second digital signature is closely
Second digital signature.
In one embodiment, when encryption information is network encryption information, second digital signature is network second
Digital signature.
Step 208, it is generated according to the encryption information and second digital signature and tests information and according to preset
Communication protocol is sent to master terminal.
Specifically, test information be used for test the terminal association system data exchange robustness, repeatability and
Accuracy, it is contemplated that when carrying out message push using SDK interface or REST api interface, exist for the structure of message certain
Requirement, and had differences between different platforms therefore push test information, according to corresponding message structure generate.
Wherein, above-mentioned SDK interface is a secondary software development kit comprising help document, exploitation example engineering and
Utility, help document are exactly SDK using document, should include specifically interface specification handbook and secondary development guide, connect
Mouthful instruction manual is exactly to introduce how each interface is used, secondary development guide be exactly from shallowly enter introduce deeply how using SDK into
Row secondary development;Developing example engineering is combined closely with the content of secondary development guide, is the learning stuff of developer;
Utility be exactly for assist user facilitate carry out secondary development tool, such as secondary development guide, API research tool,
Software package tool etc..
RESTAPI interface is mainly used for improving API availability, ease for use, and maintainable and scalability, REST are exactly
Declarative state transfer, is specifically whole network from coming from the angle of resource, and the resource being distributed throughout is (described by URI
URI is the ID of all " things ") it determines, and the application of client obtains the representation of resource by URI.Obtain these tables
Sign causes these application programs to change its state.With the continuous representation for obtaining resource, client application constantly exists
Change its state.
In one embodiment, test post is Android message format, because of the unformatted requirement of the message of Android platform, institute
It can be customized with developer.
Communication protocol refers to that both entities complete communication or service be must comply with rule and agreement, mainly includes language
Three method, semanteme and timing elements, wherein grammer refers to the format, coding and level of signal of data;Semanteme refers in data
Appearance, meaning and control information;Timing refers to the sequence, rate-matched and sequence of communication.In practical applications, closely common
Communication protocol include Wi-Fi, ZigBee, IRDA, UWB and NFC;In local area network common communication protocol include TCP/IP,
Tri- kinds of agreements of NETBEUI and IPX/SPX.
In one embodiment, preset communication protocol includes short-range communication agreement and network communication protocol.
In one embodiment, the encryption information is short distance encryption information, and second digital signature is closely
Second digital signature, then the test information is measurement of near distance information, which assists according to short-range communication
View is sent to master terminal.
In one embodiment, the encryption information is network encryption information, and second digital signature is network second
Digital signature, then the test information is network test information, and network test information is sent to main end according to network communication protocol
End.
As shown in figure 3, in one embodiment, providing a kind of method for verifying related information, the present embodiment is with the party
Method is applied to the master terminal 110 in above-mentioned Fig. 1 in the system of terminal association to illustrate.This method comprises the following steps:
Step 302, public key, private key and the first digital signature are generated, and by the public key and first digital signature
It is sent to secondary terminal.
Specifically, step 302 the following steps are included:
Generate public key, private key and the first digital signature;
Store the public key, private key and the first digital signature;
The public key and first digital signature are sent to secondary terminal.
Specifically, the generation public key, private key and the first digital signature include:
Obtain the characteristic value of secondary terminal;
Public key, private key and the first digital signature are generated according to the characteristic value.
Wherein, the characteristic value of secondary terminal is used for unique identification pair terminal comprising model, sequence number, international mobile device
At least one of identification code, integrated circuit card identification code, current time, wherein model refers to separate factory sequence, is
The sub- product of homologous series gives different models, such as the model SGH-D508 of the serial mobile phone of Samsung mobile phone;Sequence number is
Refer to that each product that enterprise's production is defined with a unique code, such as apple handset serial are
C8PN5FN2FMLD;International mobile equipment identification number, also known as electronic serial number are each mobile device (such as mobile electricity
Words, smart phone, tablet computer etc.) exclusive parameter;Integrated circuit card identification code is the unique identification number of IC card, solidification
In SIM cards of mobile phones;At the time of current time is exactly the characteristic value that master terminal obtains secondary terminal.
In one embodiment, the characteristic value of secondary terminal further includes random number.
In one embodiment, the characteristic value of secondary terminal be by above-mentioned model, sequence number, international mobile equipment identification number,
What at least one of integrated circuit card identification code, current time and random number obtained after hash algorithm.
In one embodiment, the characteristic value of secondary terminal is shown in the form of two dimensional code, and master terminal is by scanning the two-dimensional code
The characteristic value of secondary terminal can be obtained.
Optionally, the generation public key, private key and the first digital signature are generated by RSA Algorithm, which includes
Following steps:
Randomly choose two unequal prime number p and q;
Calculate the product n of p and q;
Calculate the Euler's function φ (n) of n;
An integer e is randomly choosed, condition is 1 < e < φ (n), and e and φ (n) is relatively prime;
E is calculated for the mould antielement d of φ (n);
N and e are packaged into public key, n and d are packaged into private key.
Preferably, the data of public key and private key are expressed using ASN.1 format, and wherein ASN.1 refers to abstract syntax notation one,
It is a kind of ISO/ITU-T standard, describes a kind of pair of data and be indicated, encode, transmitting and decoded data format.It is provided
A whole set of regular format is used for the structure of description object.
Specifically, send the public key and first digital signature to secondary terminal by Wi-Fi, ZigBee, IRDA,
At least one of UWB, NFC and private radio systems.
Step 304, the test information that the secondary terminal is sent is obtained.
Specifically, the test information for obtaining the secondary terminal transmission includes two kinds of situations, one is obtaining closely
Information is tested, the second is obtaining network test information.
In one embodiment, logical by short distance when the test information that secondary terminal is sent is measurement of near distance information
Believe that agreement obtains measurement of near distance information.
In one embodiment, it is assisted when network test information by network communication when the test information that secondary terminal is sent
View obtains network test information.
Step 306, encryption information and the second digital signature are extracted from the test information.
Specifically, the extraction encryption information and the second digital signature information are to correspond to the structure extraction of message when generating
's.
In one embodiment, when testing information is measurement of near distance information, then short distance encryption information and close is extracted
The second digital signature of distance.
In one embodiment, when testing information is network test information, then network encryption information and network the is extracted
Two digital signature.
Step 308, the extraction summary info of the encryption information of the extraction is generated using hash algorithm, then described in splicing
It extracts summary info and first digital signature and third digital signature is generated using hash algorithm again.
Specifically, hash algorithm is also known as hashing algorithm or hash function, particular content can refer to above-mentioned.
It is noted that the Hash that the extraction summary info and first digital signature to splicing use again
It is algorithm, above-mentioned for generating the hash algorithm, above-mentioned to described in splicing of the extraction summary info of the encryption information of the extraction
The hash algorithm and the above-mentioned abstract letter for generating the encryption information that summary info and first digital signature use
The hash algorithm of breath is mutually adapted or is compatible with.
In one embodiment, above-mentioned hash algorithm is all made of MD5 algorithm.
In one embodiment, when the encryption information of extraction is short distance encryption information, then the third number label that generate
Entitled short distance third digital signature.
In one embodiment, when the encryption information of extraction is network encryption information, then the third digital signature that generates
For network third digital signature.
Step 310, second digital signature and the third digital signature are then successfully associated if they are the same.
Specifically, second digital signature and the third digital signature are then successfully associated if they are the same
It is specific as follows including two kinds of situations,
When second digital signature is the second digital signature of short distance, third digital signature is short distance third number label
Name, namely test information is when being measurement of near distance information then authenticates success if they are the same, concurrent SCN Space Cable Network checking request to it is secondary eventually
End.
When second digital signature is the second digital signature of network, third digital signature is network third digital signature,
Namely test information if they are the same, is then associated with binding success when being network test information.
Preferably, master terminal obtains first measurement of near distance information simultaneously authenticates it, if authenticate successfully, to
Secondary terminal sends network authentication request, and secondary terminal responds the network authentication request, sends network test information to master terminal, main end
End obtains network test information by network communication protocol again.
As shown in figure 4, additionally providing a kind of side of terminal association in one embodiment based on the same inventive concept
Method, the present embodiment are applied to the master terminal 110 in above-mentioned Fig. 1 in the system of terminal association in this way and lift with secondary terminal 120
Example explanation.This method comprises the following steps:
Step 402, master terminal generates public key, private key and the first digital signature, and public key and the first digital signature are sent out
It send to secondary terminal.
Specifically, step 402 the following steps are included:
Generate public key, private key and the first digital signature;
Store the public key, private key and the first digital signature;
The public key and first digital signature are sent to secondary terminal.
Wherein, the generation public key, private key and the first digital signature include:
Obtain the characteristic value of secondary terminal;
Public key, private key and the first digital signature are generated according to the characteristic value.
Preferably, the characteristic value of secondary terminal is used for unique identification pair terminal comprising model, sequence number, international movement are set
Standby at least one of identification code, integrated circuit card identification code, current time.
In one embodiment, the characteristic value of secondary terminal further includes random number.
In one embodiment, the characteristic value of secondary terminal be by above-mentioned model, sequence number, international mobile equipment identification number,
What at least one of integrated circuit card identification code, current time and random number obtained after hash algorithm.
In one embodiment, the characteristic value of secondary terminal is shown in the form of two dimensional code, and master terminal is by scanning the two-dimensional code
The characteristic value of secondary terminal can be obtained.
Optionally, the generation public key, private key and the first digital signature are generated by RSA Algorithm, specific RSA Algorithm
Principle is with reference to above-mentioned.
Preferably, send the public key and first digital signature to secondary terminal by Wi-Fi, ZigBee, IRDA,
At least one of UWB, NFC and private radio systems.
Step 404, the secondary terminal obtains the public key and first digital signature.
Specifically, secondary terminal obtains public key and the first digital signature by the network interface communicated to connect with master terminal 110.
Wherein, public key is part disclosed in cipher key pair, is a key pair with private key, commonly used in encrypted session key, verifying
The data that digital signature or encryption can be decrypted with corresponding private key.First digital signature is to send letter to the sender of information
A valid certificates for ceasing authenticity are generated by private key corresponding with the public key according to specified algorithm.Communication connection is
Refer to that secondary terminal and master terminal establish data connection using radio wave comprising bluetooth, Wi-Fi, ZigBee, IRDA, UWB, NFC
And at least one of private radio systems.
In one embodiment, secondary terminal passes through bluetooth, Wi-Fi, ZigBee, IRDA, UWB, NFC and private radio system
At least one of system obtains the public key and first digital signature.
Step 406, the raw information of generation is encrypted to encryption information by the public key by the secondary terminal first, then
The summary info of the encryption information is generated using hash algorithm, then splices the summary info and first digital signature
The second digital signature is generated by hash algorithm again, finally according to the encryption information and second digital signature according to default
Communication protocol be sent to master terminal.
Specifically, raw information is one section of test data, can be generated by test data generating;The Hash is calculated
Method is MD5 algorithm;Preset communication protocol includes short-range communication agreement and network communication protocol.
In one embodiment, when the short distance encryption information that the encryption information being encrypted to is the authentication for terminal
When, second digital signature is the second digital signature of short distance, and the test post is measurement of near distance message, this is closely
It tests information and is sent to master terminal according to short-range communication agreement.
In one embodiment, when the encryption information being encrypted to is added for verifying the network that the association of terminal is bound
When confidential information, second digital signature is the second digital signature of network, and the test post is network test message, the network
It tests information and is sent to master terminal according to network communication protocol.
Step 408, the master terminal receives test information, extracts encryption information and the second number from test information first
Then signature generates the extraction summary info of the encryption information of the extraction using hash algorithm, then splice the extraction and pluck
It wants information and first digital signature and third digital signature is generated using hash algorithm again, finally compare the second number label
Name and third digital signature are then successfully associated if they are the same.
Specifically, the hash algorithm is also MD5 algorithm, concrete principle is with reference to above-mentioned.
In one embodiment, when the test information that secondary terminal is sent is measurement of near distance information, master terminal passes through close
Field communication protocols acquisition measurement of near distance information, and signed from short distance encryption information and closely the second number is wherein extracted
Name, the third digital signature are short distance third digital signature, closer the second digital signature of distance and short distance third number
Word signature, if they are the same, then authenticates success, concurrent SCN Space Cable Network checking request to secondary terminal.
In one embodiment, when the test information that secondary terminal is sent is network test information, master terminal passes through network
Communication protocol obtains network test information, and from wherein extracting network encryption information and the second digital signature of network, the third
Digital signature is network third digital signature, and the second digital signature of comparing cell and network third digital signature are then closed if they are the same
Join binding success.
Preferably, master terminal obtains first measurement of near distance information simultaneously authenticates it, if authenticate successfully, to
Secondary terminal sends network authentication request, and secondary terminal responds the network authentication request, sends network test information to master terminal, main end
End obtains network test information by network communication protocol again.
As shown in figure 5, be based on the same inventive concept, in one embodiment, also provide and a kind of to generate related information
Device, comprising: obtain module 5001, encrypting module 5003, signature blocks 5005 and sharing module 5007.
Module 5001 is obtained, for obtaining public key and the first digital signature.
Encrypting module 5003, for the raw information of generation to be encrypted to encryption information by the public key.
Signature blocks 5005, the summary info of the encryption information is generated using hash algorithm, then splices the abstract
Information and first digital signature simultaneously generate the second digital signature using hash algorithm again.
Sharing module 5007, for generating test information according to the encryption information and second digital signature and pressing
Master terminal is sent to according to preset communication protocol.
Sharing module 5007 includes: measurement of near distance unit and network test unit.
Measurement of near distance unit, for being assisted according to short-range communication when the test information is measurement of near distance information
View is sent to master terminal.
Network test unit, for being transmitted according to network communication protocol when the test information is network test information
To master terminal.
In one embodiment, the device of the generation related information further includes response unit, is believed for the network test
Before breath is sent to master terminal according to network communication protocol, the network authentication request of response master terminal transmission.
As shown in fig. 6, being based on the same inventive concept, in one embodiment, a kind of verifying related information is also provided
Device, comprising: generate sharing module 6001, test acquisition module 6003, extraction module 6005, Digital Signature module 6007 and ratio
Compared with module 6009.
Sharing module 6001 is generated, for generating public key, private key and the first digital signature, and public key and first is digital
Signature is sent to secondary terminal.
Test obtains module 6003, for obtaining test information.
Extraction module 6005, for extracting encryption information and the second digital signature from test information.
Digital Signature module 6007, the extraction abstract letter of the encryption information for generating the extraction using hash algorithm
Then breath splices the extraction summary info and first digital signature and generates third number label using hash algorithm again
Name.
Comparison module 6009 if they are the same, is then successfully associated for comparing the second digital signature and third digital signature.
Wherein, generating sharing module 6001 includes: feature acquiring unit and generation unit.
Feature acquiring unit, for obtaining the characteristic value of secondary terminal.
Generation unit, for generating public key, private key and the first digital signature according to the characteristic value.
In one embodiment, the characteristic value of the secondary terminal is used for unique identification pair terminal.
Comparison module 6009 includes: short distance comparing unit and network comparing unit,
Short distance comparing unit, for when the test information is measurement of near distance information, if they are the same, then authentication at
Function, concurrent SCN Space Cable Network checking request to secondary terminal.
Network comparing unit, for when the test information is network test information, if they are the same, then association to be bound into
Function.
As shown in fig. 7, being based on the same inventive concept, in one embodiment, additionally provide a kind of terminal association is
System, including at least one master terminal 110 and at least one secondary terminal 120, the master terminal 110 and the secondary terminal 120 communicate
Connection;The master terminal 110 includes public key unit 1101 and authentication unit 1103, and the pair terminal 120 includes acquiring unit
1201 and generation unit 1203.
Public key unit 1101, for generating public key, private key and the first digital signature, and by public key and the first digital signature
It is sent to secondary terminal.
Acquiring unit 1201, for obtaining the public key and first digital signature.
Generation unit 1203, for the raw information of generation to be encrypted to encryption information first by the public key, then
The summary info of the encryption information is generated using hash algorithm, then splices the summary info and first digital signature
The second digital signature is generated by hash algorithm again, finally according to the encryption information and second digital signature according to default
Communication protocol be sent to master terminal.
Authentication unit 1103 extracts encryption information and the second number for receiving test information from test information first
Then signature generates the extraction summary info of the encryption information of the extraction using hash algorithm, then splice the extraction and pluck
It wants information and first digital signature and third digital signature is generated using hash algorithm again, finally compare the second number label
Name and third digital signature are then successfully associated if they are the same.
In one embodiment, the test information is measurement of near distance information, and the measurement of near distance information is according to low coverage
Master terminal is sent to from communication protocol.
In one embodiment, the test information is network test information, and the network test information is according to network communication
Agreement is sent to master terminal.
Preferably, the system of the terminal association further includes response unit, for the network test information according to network
Communication protocol is sent to before master terminal, the network authentication request that response master terminal is sent.
The public key unit 1101 includes: feature unit and public key unit.
Feature unit, for obtaining the characteristic value of secondary terminal.
Public key unit, for generating public key, private key and the first digital signature according to the characteristic value.
Preferably, the characteristic value of the secondary terminal is used for unique identification pair terminal.
The authentication unit 1103 includes: short distance authentication unit and network verification unit.
Short distance authentication unit, for when the test information is measurement of near distance information, if they are the same, then authentication at
Function, concurrent SCN Space Cable Network checking request to secondary terminal.
Network verification unit, for when the test information is network test information, if they are the same, then association to be bound into
Function.
A kind of method and system of terminal association provided by the present invention are described in detail above, for this field
Those skilled in the art, thought according to an embodiment of the present invention has change in specific embodiments and applications
Place, in conclusion the contents of this specification are not to be construed as limiting the invention.
Claims (34)
1. a kind of method for generating related information, which comprises the following steps:
Public key and the first digital signature are obtained, first digital signature is by private key corresponding with the public key according to specified calculation
Method generates;
The raw information of generation is encrypted to encryption information by the public key, the raw information is one section of test data;
The summary info of the encryption information is generated using hash algorithm, then splices the summary info and first number
It signs and the second digital signature is generated using hash algorithm again;
Test information is generated according to the encryption information and second digital signature and is transmitted according to preset communication protocol
To master terminal, the test information is used to test the accuracy of the system data exchange of this terminal association.
2. generating the method for related information as described in claim 1, which is characterized in that the test information is measurement of near distance
Information, the measurement of near distance information are sent to master terminal according to short-range communication agreement.
3. generating the method for related information as described in claim 1, which is characterized in that the test information is network test letter
Breath, the network test information are sent to master terminal according to network communication protocol.
4. generating the method for related information as claimed in claim 3, which is characterized in that the network test information is according to network
Communication protocol is sent to before master terminal, comprising: the network authentication request that response master terminal is sent.
5. a kind of method for verifying related information, which comprises the following steps:
Public key, private key and the first digital signature are generated, and the public key and first digital signature are sent to secondary terminal,
First digital signature is generated by private key corresponding with the public key according to specified algorithm;
The test information that the secondary terminal is sent is obtained, the test information is used to test the system data exchange of this terminal association
Accuracy;
Encryption information and the second digital signature are extracted from the test information;
Then the extraction summary info that the encryption information of the extraction is generated using hash algorithm splices the extraction summary info
Third digital signature is generated with first digital signature and again using hash algorithm;
Compare second digital signature and the third digital signature is then successfully associated if they are the same.
6. the method for verifying related information as claimed in claim 5, which is characterized in that the generation public key, private key and the
One digital signature includes:
Obtain the characteristic value of secondary terminal;
Public key, private key and the first digital signature are generated according to the characteristic value.
7. the method for verifying related information as claimed in claim 6, which is characterized in that the characteristic value of the pair terminal is for only
One identifies secondary terminal.
8. as claimed in claim 5 verifying related information method, which is characterized in that it is described if they are the same, then be successfully associated packet
It includes:
When the test information is measurement of near distance information, if they are the same, then success, concurrent SCN Space Cable Network checking request to pair are authenticated
Terminal.
9. as claimed in claim 5 verifying related information method, which is characterized in that it is described if they are the same, then be successfully associated packet
It includes:
When the test information is network test information, if they are the same, then it is associated with binding success.
10. a kind of method of terminal association, which comprises the following steps:
Master terminal generates public key, private key and the first digital signature, and public key and the first digital signature are sent to secondary terminal, institute
It states the first digital signature and is generated by private key corresponding with the public key according to specified algorithm;
The pair terminal obtains the public key and first digital signature;
The raw information of generation is encrypted to encryption information by the public key by the pair terminal first, then uses hash algorithm
The summary info of the encryption information is generated, then splices the summary info and first digital signature and is calculated again by Hash
Method generates the second digital signature, is finally generated according to the encryption information and second digital signature and tests information and according to pre-
If communication protocol be sent to master terminal, the raw information is one section of test data;
The master terminal receives test information, extracts encryption information and the second digital signature from test information first, then adopts
The extraction summary info that the encryption information of the extraction is generated with hash algorithm, then splice the extraction summary info with it is described
First digital signature simultaneously generates third digital signature using hash algorithm again, finally compares the second digital signature and third number
Signature, if they are the same, is then successfully associated, and the test information is used to test the accuracy of the system data exchange of this terminal association.
11. the method for terminal association as claimed in claim 10, which is characterized in that the test information is measurement of near distance letter
Breath, the measurement of near distance information are sent to master terminal according to short-range communication agreement.
12. the method for terminal association as claimed in claim 10, which is characterized in that the test information is network test letter
Breath, the network test information are sent to master terminal according to network communication protocol.
13. the method for terminal association as claimed in claim 12, which is characterized in that the network test information is logical according to network
Letter agreement is sent to before master terminal, comprising: the network authentication request that response master terminal is sent.
14. the method for terminal association as claimed in claim 10, which is characterized in that the master terminal generate public key, private key with
And first digital signature include:
Obtain the characteristic value of secondary terminal;
Public key, private key and the first digital signature are generated according to the characteristic value.
15. the method for terminal association as claimed in claim 14, which is characterized in that the characteristic value of the pair terminal is for unique
Identify secondary terminal.
16. the method for terminal association as claimed in claim 10, which is characterized in that it is described if they are the same, then be successfully associated and include:
When the test information is measurement of near distance information, if they are the same, then success, concurrent SCN Space Cable Network checking request to pair are authenticated
Terminal.
17. the method for terminal association as claimed in claim 10, which is characterized in that it is described if they are the same, then be successfully associated and include:
When the test information is network test information, if they are the same, then it is associated with binding success.
18. a kind of device for generating related information, which is characterized in that described device includes:
Module is obtained, for obtaining public key and the first digital signature, first digital signature is by private corresponding with the public key
Key is generated according to specified algorithm;
Encrypting module, for the raw information of generation to be encrypted to encryption information by the public key, the raw information is one
Section test data;
Signature blocks, the summary info of the encryption information is generated using hash algorithm, then splices the summary info and institute
It states the first digital signature and the second digital signature is generated using hash algorithm again;
Sharing module, for generating test information according to the encryption information and second digital signature and according to preset
Communication protocol is sent to master terminal, and the test information is used to test the accuracy of the system data exchange of this terminal association.
19. generating the device of related information as claimed in claim 18, which is characterized in that the sharing module includes:
Measurement of near distance unit, for being passed according to short-range communication agreement when the test information is measurement of near distance information
It send to master terminal.
20. generating the device of related information as claimed in claim 18, which is characterized in that the sharing module includes:
Network test unit, for being sent to master according to network communication protocol when the test information is network test information
Terminal.
21. generating the device of related information as claimed in claim 20, which is characterized in that described device further include:
Response unit before being sent to master terminal according to network communication protocol for the network test information, responds master terminal
The network authentication request of transmission.
22. a kind of device for verifying related information, which is characterized in that described device includes:
Sharing module is generated, is sent for generating public key, private key and the first digital signature, and by public key and the first digital signature
To secondary terminal, first digital signature is generated by private key corresponding with the public key according to specified algorithm;
Test obtains module, and for obtaining test information, the system data that the test information is used to test this terminal association is handed over
The accuracy changed;
Extraction module, for extracting encryption information and the second digital signature from test information;
Digital Signature module, the extraction summary info of the encryption information for being generated the extraction using hash algorithm, is then spelled
It connects the extraction summary info and first digital signature and third digital signature is generated using hash algorithm again;
Comparison module if they are the same, is then successfully associated for comparing the second digital signature and third digital signature.
23. the device of verifying related information as claimed in claim 22, which is characterized in that the generation sharing module includes:
Feature acquiring unit, for obtaining the characteristic value of secondary terminal;
Generation unit, for generating public key, private key and the first digital signature according to the characteristic value.
24. the device of verifying related information as claimed in claim 23, which is characterized in that the characteristic value of the pair terminal is used for
Unique identification pair terminal.
25. the device of verifying related information as claimed in claim 22, which is characterized in that the comparison module includes:
Short distance comparing unit, for if they are the same, then authenticating success when the test information is measurement of near distance information, and
Network authentication request is sent to secondary terminal.
26. the device of verifying related information as claimed in claim 22, which is characterized in that the comparison module includes:
Network comparing unit, for if they are the same, being then associated with binding success when the test information is network test information.
27. a kind of system of terminal association, which is characterized in that described including at least one master terminal and at least one secondary terminal
Master terminal and the secondary terminal communication connection;The master terminal includes public key unit and authentication unit, and the pair terminal includes obtaining
Take unit and generation unit;Wherein,
Public key unit is sent to pair for generating public key, private key and the first digital signature, and by public key and the first digital signature
Terminal, first digital signature are generated by private key corresponding with the public key according to specified algorithm;
Acquiring unit, for obtaining the public key and first digital signature;
Then generation unit uses Hash for the raw information of generation to be encrypted to encryption information first by the public key
Algorithm generates the summary info of the encryption information, then splices the summary info and first digital signature passes through Kazakhstan again
Uncommon algorithm generates the second digital signature, finally according to the encryption information and second digital signature according to preset communication protocols
View is sent to master terminal, and the raw information is one section of test data;
Authentication unit extracts encryption information and the second digital signature from test information first, then for receiving test information
The extraction summary info that the encryption information of the extraction is generated using hash algorithm then splices the extraction summary info and institute
It states the first digital signature and third digital signature is generated using hash algorithm again, finally compare the second digital signature and third number
Word signature, if they are the same, is then successfully associated, and the test information is used to test the accurate of the system data exchange of this terminal association
Property.
28. the system of terminal association as claimed in claim 27, which is characterized in that the test information is measurement of near distance letter
Breath, the measurement of near distance information are sent to master terminal according to short-range communication agreement.
29. the system of terminal association as claimed in claim 27, which is characterized in that the test information is network test letter
Breath, the network test information are sent to master terminal according to network communication protocol.
30. the system of terminal association as claimed in claim 29, which is characterized in that the system also includes response units, use
Before the network test information is sent to master terminal according to network communication protocol, the network verification that response master terminal is sent is asked
It asks.
31. the system of terminal association as claimed in claim 27, which is characterized in that the public key unit includes:
Feature unit, for obtaining the characteristic value of secondary terminal;
Public key unit, for generating public key, private key and the first digital signature according to the characteristic value.
32. the system of terminal association as claimed in claim 31, which is characterized in that the characteristic value of the pair terminal is for unique
Identify secondary terminal.
33. the system of terminal association as claimed in claim 27, which is characterized in that the authentication unit includes:
Short distance authentication unit, for if they are the same, then authenticating success when the test information is measurement of near distance information, and
Network authentication request is sent to secondary terminal.
34. the system of terminal association as claimed in claim 27, which is characterized in that the authentication unit includes:
Network verification unit, for if they are the same, being then associated with binding success when the test information is network test information.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610245339.7A CN105978693B (en) | 2016-04-19 | 2016-04-19 | A kind of method and system of terminal association |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610245339.7A CN105978693B (en) | 2016-04-19 | 2016-04-19 | A kind of method and system of terminal association |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105978693A CN105978693A (en) | 2016-09-28 |
CN105978693B true CN105978693B (en) | 2019-05-14 |
Family
ID=56993112
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610245339.7A Expired - Fee Related CN105978693B (en) | 2016-04-19 | 2016-04-19 | A kind of method and system of terminal association |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105978693B (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106685977B (en) * | 2017-01-03 | 2019-11-08 | 武汉虹信技术服务有限责任公司 | A kind of system of account building method based on intelligence community cloud platform |
CN106936572B (en) * | 2017-04-01 | 2020-10-27 | 上海理深信息科技有限公司 | Safe data matching method and system |
CN108683665A (en) * | 2018-05-15 | 2018-10-19 | 国家电网公司 | Data ciphering method, system in fiber optic communication and data transmitting equipment |
CN109347627B (en) * | 2018-09-19 | 2023-08-29 | 平安科技(深圳)有限公司 | Data encryption and decryption method and device, computer equipment and storage medium |
CN114679280A (en) * | 2022-03-15 | 2022-06-28 | 北京宏思电子技术有限责任公司 | RSA-based joint signature generation method and device |
Family Cites Families (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5671285A (en) * | 1995-12-13 | 1997-09-23 | Newman; Bruce D. | Secure communication system |
CN102279908B (en) * | 2010-06-08 | 2014-03-12 | 安凯(广州)微电子技术有限公司 | Method and system for protecting digital contents |
CN102664735B (en) * | 2012-04-13 | 2016-01-06 | 江苏新彩软件有限公司 | A kind of cell phone lottery system safety session implementation method based on public keys |
CN104639327A (en) * | 2015-01-29 | 2015-05-20 | 杭州晟元芯片技术有限公司 | Method for identifying and correlating equipment by digital certificate |
-
2016
- 2016-04-19 CN CN201610245339.7A patent/CN105978693B/en not_active Expired - Fee Related
Also Published As
Publication number | Publication date |
---|---|
CN105978693A (en) | 2016-09-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105978693B (en) | A kind of method and system of terminal association | |
US11838415B2 (en) | Blockchain-implemented method and system | |
CN110995642B (en) | Providing secure connections using pre-shared keys | |
CN105827655B (en) | A kind of intelligent cipher key equipment and its working method | |
CN105184931A (en) | Bluetooth-based unlocking method, system and hand-held terminal and Bluetooth-based electronic lock | |
Azrour et al. | New Efficient and Secured Authentication Protocol for Remote Healthcare Systems in Cloud‐IoT | |
CN108965230A (en) | A kind of safety communicating method, system and terminal device | |
CN102780698A (en) | User terminal safety communication method in platform of Internet of Things | |
CN104994098B (en) | Document transmission method and relevant apparatus and Transmission system | |
CN110601815B (en) | Block chain data processing method and equipment | |
CN105635075A (en) | Method of registering cloud terminal, cloud terminal, cloud server and cloud system | |
CN109040055A (en) | The method for realizing Web secure access using domestic password | |
CN105407072A (en) | Method and system for achieving safety of Internet of Things, and interconnection equipment | |
CN106612265A (en) | Instant messaging method and server | |
Ryu et al. | Improved secure and efficient Chebyshev chaotic map-based user authentication scheme | |
CN109922022A (en) | Internet of Things communication means, platform, terminal and system | |
CN107332833A (en) | Method of calibration and device | |
CN113518071B (en) | Robot sensor information security enhancing device and method | |
Zhang et al. | Formal analysis of QUIC handshake protocol using ProVerif | |
CN105306577A (en) | Data sharing system and method between handheld devices based on APP | |
CN109088733B (en) | Method and device for realizing application expansion of smart card | |
Guo et al. | An efficient and secure certificateless authentication protocol for healthcare system on wireless medical sensor networks | |
CN104852906B (en) | Data transmission method and system and data transmission method of client | |
EP3063920B1 (en) | Method for setting up, via an intermediate entity, a secure session between a first and a second entity, and corresponding entities and computer program products | |
CN102662483A (en) | A method for cloud computing business intelligent terminal users to safely input information |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20190514 |
|
CF01 | Termination of patent right due to non-payment of annual fee |