CN106131825A - A kind of communication means, terminal and communication system - Google Patents

A kind of communication means, terminal and communication system Download PDF

Info

Publication number
CN106131825A
CN106131825A CN201610447419.0A CN201610447419A CN106131825A CN 106131825 A CN106131825 A CN 106131825A CN 201610447419 A CN201610447419 A CN 201610447419A CN 106131825 A CN106131825 A CN 106131825A
Authority
CN
China
Prior art keywords
encryption
opposite end
factor
local terminal
communication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN201610447419.0A
Other languages
Chinese (zh)
Inventor
刘立荣
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Jinli Communication Equipment Co Ltd
Original Assignee
Shenzhen Jinli Communication Equipment Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Jinli Communication Equipment Co Ltd filed Critical Shenzhen Jinli Communication Equipment Co Ltd
Priority to CN201610447419.0A priority Critical patent/CN106131825A/en
Publication of CN106131825A publication Critical patent/CN106131825A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The embodiment of the invention discloses a kind of communication means, terminal and communication system, wherein method includes: be connected by setting up with opposite equip., obtains the opposite end encryption factor;Generate local terminal key according to the local terminal encryption factor, and be sent to opposite equip. after being encrypted according to local terminal cipher key pair communication message;Receive the communication response message after the encryption that opposite equip. returns;Generate opposite end key according to the opposite end encryption factor, and be decrypted according to communication response message described in the double secret key of opposite end.The embodiment of the present invention is by using the encryption factor to generate key, and the randomness of this encryption factor is with disposable so that the communication information after encryption is difficult to be hacked and crack, thus strengthens the safety guarantee to communication process, it is ensured that the safe transmission of Content of Communication.

Description

A kind of communication means, terminal and communication system
Technical field
The present invention relates to communication technical field, particularly relate to a kind of communication means, terminal and communication system.
Background technology
At present, the intelligent terminal such as smart mobile phone is widely spread, and user communicates using these intelligent terminal During, easily monitored by Malware due to its Content of Communication and steal, result in the peace of increasing intelligent terminal Total event occurs, hence in so that the communication security that user is communicated by intelligent terminal cannot ensure, there is potential safety hazard.
Summary of the invention
The embodiment of the present invention provides a kind of communication means, terminal and communication system, can be to the communication process of intelligent terminal Carry out safety guarantee, it is ensured that the safe transmission of Content of Communication.
First aspect, embodiments provides a kind of communication means, and the method includes:
It is connected by setting up with opposite equip., obtains the opposite end encryption factor;
Generate local terminal key according to the local terminal encryption factor, and send out after being encrypted according to described local terminal cipher key pair communication message Give described opposite equip.;
Receive the communication response message after the encryption that described opposite equip. returns;
Opposite end key is generated according to the described opposite end encryption factor, and according to communication response message described in the double secret key of described opposite end It is decrypted.
Second aspect, embodiments provides a kind of terminal, and this terminal includes:
Connection establishment unit, for by being connected with opposite equip. foundation, obtains the opposite end encryption factor;
Ciphering unit, for generating local terminal key according to the local terminal encryption factor, and disappears according to described local terminal cipher key pair communication Breath is sent to described opposite equip. after being encrypted;
Message reception units, the communication response message after receiving the encryption that described opposite equip. returns;
Decryption unit, for generating opposite end key according to the described opposite end encryption factor, and according to described opposite end double secret key institute State communication response message to be decrypted.
The third aspect, embodiments provides a kind of communication system, this system include local device, opposite equip. and Cloud service platform;
Described local device and described opposite equip. are connected to described cloud service platform by network respectively;
Described local device, is used for:
It is connected by setting up with described opposite equip., obtains the opposite end encryption factor;
Generate local terminal key according to the local terminal encryption factor, and send out after being encrypted according to described local terminal cipher key pair communication message Give described opposite equip.;
Receive the communication response message after the encryption that described opposite equip. returns;
Opposite end key is generated according to the described opposite end encryption factor, and according to communication response message described in the double secret key of described opposite end It is decrypted.
The embodiment of the present invention is connected by setting up with opposite equip., obtains the opposite end encryption factor;The factor is encrypted according to local terminal Generate local terminal key, and be sent to opposite equip. after being encrypted according to local terminal cipher key pair communication message;Reception opposite equip. returns Communication response message after the encryption returned;Generate opposite end key according to the opposite end encryption factor, and ring according to opposite end cipher key pair communication Message is answered to be decrypted.Encrypt the randomness of the factor and disposably ensure that the key generated according to the encryption factor also has at random Property and disposable so that the communication information after Jia Mi is difficult to be hacked and crack, strengthen the safety guarantee to communication process, Ensure that the safe transmission of Content of Communication
Accompanying drawing explanation
In order to be illustrated more clearly that embodiment of the present invention technical scheme, required use in embodiment being described below Accompanying drawing is briefly described, it should be apparent that, the accompanying drawing in describing below is some embodiments of the present invention, general for this area From the point of view of logical technical staff, on the premise of not paying creative work, it is also possible to obtain other accompanying drawing according to these accompanying drawings.
Fig. 1 is the schematic flow diagram of a kind of communication means that the embodiment of the present invention one provides;
Fig. 2 is the schematic flow diagram of a kind of communication means that the embodiment of the present invention two provides;
Fig. 3 is the schematic block diagram of a kind of terminal that the embodiment of the present invention three provides;
Fig. 4 is the schematic block diagram of a kind of terminal that the embodiment of the present invention four provides;
Fig. 5 is the schematic block diagram of a kind of terminal that the embodiment of the present invention five provides;
Fig. 6 is the schematic block diagram of a kind of communication system of the embodiment of the present invention six and embodiment seven offer.
Detailed description of the invention
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete Describe, it is clear that described embodiment is a part of embodiment of the present invention rather than whole embodiments wholely.Based on this Embodiment in bright, the every other enforcement that those of ordinary skill in the art are obtained under not making creative work premise Example, broadly falls into the scope of protection of the invention.
Should be appreciated that when using in this specification and in the appended claims, term " includes " and " comprising " instruction Described feature, entirety, step, operation, element and/or the existence of assembly, but it is not precluded from one or more further feature, whole Body, step, operation, element, assembly and/or the existence of its set or interpolation.
It is also understood that the term used in this description of the invention is merely for the sake of the mesh describing specific embodiment And be not intended to limit the present invention.As used in description of the invention and appended claims, unless on Hereafter clearly indicating other situation, otherwise " ", " " and " being somebody's turn to do " of singulative is intended to include plural form.
It will be further appreciated that, the term "and/or" used in description of the invention and appended claims is Refer to the one or more any combination being associated in the item listed and likely combine, and including that these combine.
As used in this specification and in the appended claims, term " if " can be according to context quilt Be construed to " when ... " or " once " or " in response to determining " or " in response to detecting ".Similarly, phrase " if it is determined that " or " if be detected that [described condition or event] " can be interpreted to mean according to context " once it is determined that " or " in response to really Fixed " or " [described condition or event] once being detected " or " in response to [described condition or event] being detected ".
In implementing, the terminal described in the embodiment of the present invention includes but not limited to such as have touch sensitive surface Mobile phone, laptop computer or the tablet PC of (such as, touch-screen display and/or touch pad) etc other just Portable device.It is to be further understood that in certain embodiments, described equipment not portable communication device, but have tactile Touch the desk computer of sensing surface (such as, touch-screen display and/or touch pad).
In discussion below, describe the terminal including display and touch sensitive surface.It is, however, to be understood that It is that terminal can include such as physical keyboard, mouse and/or control other physical user-interface device one or more of bar.
Terminal supports various application programs, such as following in one or more: drawing application program, demonstration application journey Sequence, word-processing application, website create application program, dish imprinting application program, spreadsheet applications, game application Program, telephony application, videoconference application, email application, instant messaging applications, exercise Support the application of application program, photo management application program, digital camera application program, digital camera application program, web-browsing Program, digital music player application and/or video frequency player application program.
The various application programs that can perform in terminal can use at least one of such as touch sensitive surface public Physical user-interface device.Among applications and/or can adjust in corresponding application programs and/or change and touch sensitive table The corresponding information of display in one or more functions in face and terminal.So, the public physical structure of terminal (such as, touches Sensing surface) the various application programs with the most directly perceived and transparent user interface can be supported.
Embodiment one:
Fig. 1 is the schematic flow diagram of a kind of communication means that the embodiment of the present invention one provides, the executive agent of the present embodiment Being local device, it can be the equipment such as mobile phone or intelligent terminal.Communication means shown in Fig. 1 can comprise the following steps that
S101, by with opposite equip. set up is connected, obtain opposite end encrypt the factor.
Opposite equip. is the equipment communicated with local device, and it can be that mobile phone or other intelligent terminal etc. set Standby.
Local device and opposite equip. can be communicated by exclusive coded communication application, and this coded communication application can Presented in using cell phone software (Application, APP), and it is International Mobile Station Equipment Identification with cell phone apparatus number (International Mobile Equipment Identity, IMEI) binds, due to IMEI be a mobile phone only One identification number, this mobile phone just has been assigned an IMEI when producing, thereby ensure that only use this mobile phone to use This coded communication is applied.
First the phone number of the other side is stored in the address list of respective coded communication application by local device and opposite equip. In, when needs communicate, the user of local device clicks on the phone number of the other side in coded communication application APP, selects Voice call, the transmission communication mode such as word or voice messaging, exclusive coded communication application i.e. starts to start to set with opposite end Standby connection establishment.
Specifically, local device completes the negotiation to the encryption factor during being connected with opposite equip. foundation, and this is even Connecing can be that wired or wireless network connects.
The encryption factor is used for generating key, is encrypted and decrypted by the data of cipher key pair communication.The encryption factor is permissible It is a string unique random sequence, it is possible to be customized according to the demand of user so that the adding of communication process each time The close factor is all that its encryption factor of unique, different communication process is the most different.
Local device and opposite equip. have the most different encryption factors, and during network establishment of connection, local terminal sets Being sent to opposite equip. for local terminal is encrypted the factor, opposite end is encrypted the factor and is sent to local device by opposite equip. simultaneously.
The local terminal encryption factor refers to the encryption factor for encrypting and decrypting the Content of Communication of local device, and opposite end adds The close factor refers to the encryption factor for encrypting and decrypting the Content of Communication of opposite equip..In a communication process, this After the end encryption factor and the opposite end encryption factor consult to determine during setting up connection, this communication process will not change again Become.The local terminal encryption factor and the opposite end encryption factor can be different.
It should be noted that local device is except obtaining opposite end by setting up by the way of network is connected with opposite equip. The encryption factor, it is also possible to obtain the encryption factor in opposite end by the way of note.
S102, generate local terminal key according to the local terminal encryption factor, and be encrypted according to this local terminal cipher key pair communication message After be sent to opposite equip..
Specifically, local device and opposite equip., after establishing network and connecting, obtain the most mutually the other side's simultaneously The encryption factor.Local device generates local terminal key according to the local terminal encryption factor, uses local terminal cipher key pair communication message to be encrypted, Communication information after encryption is sent to opposite equip..
Communication response message after the encryption that S103, reception opposite equip. return.
Specifically, opposite equip. receive local device send communication information after, use in step S101 with this The opposite end encryption factor that end equipment is consulted generates opposite end key, and uses this opposite end cipher key pair communication response message to be encrypted, Then the communication response message after local device returns encryption.
S104, generate opposite end key according to the opposite end encryption factor, and carry out according to this opposite end cipher key pair communication response message Deciphering.
Specifically, local device is after receiving the communication response message that opposite equip. returns, according in step S101 The opposite end encryption factor obtained, uses and generates, with opposite equip. in step S103, the generating mode that opposite end key is identical, and it is right to generate End key, uses this opposite end cipher key pair communication response message to be decrypted, and the content of the communication response message after deciphering is carried Supply user.
Knowable to the communication means of above-mentioned Fig. 1 example, in the present embodiment, the encryption factor is used to generate key, to communicating Content of Communication in journey encrypts and decrypts, owing to the encryption factor can customize at random according to the demand of user so that The encryption factor of communication process is all unique each time, and the randomness of this encryption factor is with disposable so that according to encryption The key that the factor generates also has randomness with disposable, so that the communication information after Jia Mi is difficult to be hacked and crack, adds The strong safety guarantee to communication process, it is ensured that the safe transmission of Content of Communication;Meanwhile, by during setting up connection Increase the communication and consultation mechanism of the encryption factor so that the negotiation of the encryption factor is the most efficient, it is not necessary to the extra association increasing other Business's cost can realize the normal coded communication of communicating pair.
Embodiment two:
Fig. 2 is the schematic flow diagram of a kind of communication means that the embodiment of the present invention two provides, and the communication means shown in Fig. 2 can Comprise the following steps:.
S201, to opposite equip. send comprise local terminal encryption the factor connection request message, local terminal encryption the factor be used for giving birth to Becoming local terminal key, this connection request message is sent to opposite equip. by cloud service platform.
Opposite equip. is the equipment communicated with local device, and it can be that mobile phone or other intelligent terminal etc. set Standby.
Cloud service is increase, use and the delivery mode of related service based on the Internet, is usually directed to pass through the Internet The most easily extension and the most virtualized resource are provided.By building exclusive cloud service platform, make local device and right The communication process of end equipment is carried out in the cloud service platform passage of safety, it is ensured that the safety of Content of Communication transmission.
Local device and opposite equip. can be communicated by exclusive coded communication application, and this coded communication application can Presented in using cell phone software (Application, APP), and it is International Mobile Station Equipment Identification with cell phone apparatus number (International Mobile Equipment Identity, IMEI) binds, due to IMEI be a mobile phone only One identification number, this mobile phone just has been assigned an IMEI when producing, thereby ensure that only use this mobile phone to use This coded communication is applied.
First the phone number of the other side is stored in the address list of respective coded communication application by local device and opposite equip. In, when needs communicate, the user of local device clicks on the phone number of the other side in coded communication application APP, selects Voice call, the transmission communication mode such as word or voice messaging, exclusive coded communication application i.e. starts to start to set with opposite end Standby connection establishment.
Local device completes the negotiation to the encryption factor during being connected with opposite equip. foundation.The encryption factor is used for Generate key, encrypted and decrypted by the data of cipher key pair communication.Encryption the factor can be a string unique at random Sequence, it is possible to be customized according to the demand of user so that the encryption factor of communication process is all unique each time is different Communication process its encryption factor the most different.
Specifically, first local device sends connection request message to opposite equip., and takes in this connection request message The band local terminal encryption factor.This connection request message is sent to opposite equip. by exclusive cloud service platform.
The local terminal encryption factor refers to the encryption factor for encrypting and decrypting the Content of Communication of local device, by this The end encryption factor generates local terminal key, encrypts and decrypts according to the Content of Communication of local terminal double secret key local device.
The response message of the connection request message that S202, reception opposite equip. return, this response message comprises opposite end encryption The factor, the opposite end encryption factor is used for generating opposite end key.
Specifically, after opposite equip. receives connection request message, preserve the local terminal encryption carried in connection request message The factor, and in the response message of the connection request message sent to local device, carry the opposite end encryption factor, this response message Also it is to be sent to local device by exclusive cloud service platform.After local device receives this response message, preserve response The opposite end encryption factor carried in message.
The opposite end encryption factor refers to the encryption factor for encrypting and decrypting the Content of Communication of opposite equip., by right The end encryption factor generates opposite end key, encrypts and decrypts according to the Content of Communication of opposite end double secret key opposite equip..
It should be noted that in a communication process, the local terminal encryption factor and the opposite end encryption factor are setting up connection During consult determine after, this communication process will not change again.The local terminal encryption factor and the opposite end encryption factor can be mutual Differ.
Further, the local terminal encryption factor and the opposite end encryption factor are a string unique random sequence, and this is random In the generation time that sequence can include No. IEMI, phone number, the product ID of encryption chip and random sequence at least One or more.For local device, owing to communicating each time, the time started is different, during the generation of therefore random sequence Between also differ, the local terminal encryption factor generates the difference of time also according to random sequence and different so that communication process each time The local terminal encryption factor all differ, it is ensured that the randomness of the encryption factor and disposable.For opposite equip., opposite end is encrypted The factor is also because above-mentioned similar reason, it is ensured that its randomness and the feature such as disposable.
S203, local terminal is encrypted the factor and communication information is sent in encryption chip.
Specifically, local device complete with the connection establishment of opposite equip. after, enter and the communication of opposite equip. Journey.Local device needs to be encrypted communication information just can issue opposite equip..First local terminal is encrypted the factor by local device It is sent in encryption chip with communication information.
Encryption chip uses by fixing commercial cipher algorithm, it is achieved encryption and the deciphering to data.Such as, in this reality Executing in example, encryption chip can use domestic A3 chip.
Local terminal is encrypted the factor and is generated as local terminal key by S204, presetting rule according to encryption chip.
Specifically, local device uses preset create-rule in encryption chip, local terminal is encrypted the factor and is generated as this End key.
S205, AES according to encryption chip, use local terminal cipher key pair communication message to be sent to after being encrypted right End equipment.
Specifically, local device according to the AES that encryption chip is fixing, uses local terminal double secret key in encryption chip Communication information is encrypted, and by exclusive cloud service platform, the communication information after encryption is sent to opposite equip..
Communication response message after the encryption that S206, reception opposite equip. return.
Specifically, after opposite equip. receives the communication information that local device sends, by exclusive cloud service platform to this End equipment sends the communication response message after encryption.
Opposite equip. is identical to the ciphering process of communication information with local device to the ciphering process of communication response message, can To use such as the method for step S203 to step S205, simply opposite equip. uses the opposite end encryption factor to generate opposite end key, and It is encrypted according to opposite end double secret key response message.
S207, opposite end is encrypted the factor and communication response message is sent in encryption chip.
Specifically, the factor is encrypted in the opposite end of preservation by local device and the communication response message received is sent to encrypt core Sheet is decrypted.
Opposite end is encrypted the factor and is generated as opposite end key by S208, presetting rule according to encryption chip.
Specifically, local device uses preset create-rule in encryption chip, opposite end is encrypted the factor be generated as right End key.
It should be noted that the presetting rule generating opposite end key can be identical with the presetting rule generating local terminal key, Can also differ, but same equipment be encrypted the factor and needs to use identical presetting rule to generate key.Namely Saying, the opposite end encryption factor is needed to use identical presetting rule to generate opposite end key by local device and opposite equip..
S209, decipherment algorithm according to encryption chip, use opposite end cipher key pair communication response message to be decrypted.
Specifically, local device according to the decipherment algorithm that encryption chip is fixing, uses opposite end double secret key in encryption chip Communication response message is decrypted, and the content of the communication response message after deciphering is supplied to user.
Knowable to the communication means of above-mentioned Fig. 2 example, in the present embodiment, first, by building exclusive cloud service platform, The communication process making local device and opposite equip. is carried out in the cloud service platform passage of safety, it is ensured that Content of Communication transmits Safety;Secondly as encryption the factor be a string and No. IEMI, phone number, the product ID of encryption chip and with The unique random sequence generating time correlation of machine sequence so that the encryption factor the most not phase of communication process each time With, and in a communication process, the encryption factor of local device and opposite equip. can also differ, this encryption factor Generating mode ensure that the randomness of the encryption factor and disposable so that also have at random according to the key that the encryption factor generates Property and disposable so that the communication information after Jia Mi is difficult to be hacked and crack, strengthen the safety guarantee to communication process; Again, increasing the communication and consultation mechanism of the encryption factor during foundation connects, local device passes through connection request message will The local terminal encryption factor is sent to opposite equip., and opposite end is encrypted the factor in the response message of connection request message and returned by opposite equip. Back to local device so that the negotiation of the encryption factor is the most efficient, it is not necessary to the extra negotiation cost increasing other can realize The normal coded communication of communicating pair;Finally, the unique encryption factor and the combination of hardware encryption chip, constitute a set of Tight encryption mechanism, improves the safety of communication so that the privacy of user and important information are from monitoring and theft, indirectly The wealth safety protecting user.
Embodiment three:
Fig. 3 is a kind of terminal schematic block diagram that the embodiment of the present invention three provides.For convenience of description, illustrate only and this The part that bright embodiment is relevant.The terminal of Fig. 3 example can be the execution master of a kind of communication means that previous embodiment one provides Body.The terminal of Fig. 3 example specifically includes that connection establishment unit 31, ciphering unit 32, message reception units 33 and decryption unit 34.Each unit describes in detail as follows:
Connection establishment unit 31, for by being connected with opposite equip. foundation, obtains the opposite end encryption factor;
Ciphering unit 32, for generating local terminal key according to the local terminal encryption factor, and disappears according to this local terminal cipher key pair communication Breath is sent to opposite equip. after being encrypted;
Message reception units 33, the communication response message after receiving the encryption that opposite equip. returns;
Decryption unit 34, for generating opposite end key according to the opposite end encryption factor, and rings according to this opposite end cipher key pair communication Message is answered to be decrypted.
In a kind of terminal that the present embodiment provides, each unit realizes the process of respective function, specifically refers to earlier figures 1 institute Showing the description of embodiment, here is omitted.
Knowable to the terminal of above-mentioned Fig. 3 example, in the present embodiment, the encryption factor is used to generate key, in communication process Content of Communication encrypt and decrypt, due to encryption the factor can customize at random according to the demand of user so that each The encryption factor of secondary communication process is all unique, and the randomness of this encryption factor is with disposable so that according to the encryption factor The key generated also has randomness with disposable, so that the communication information after Jia Mi is difficult to be hacked and crack, strengthens Safety guarantee to communication process, it is ensured that the safe transmission of Content of Communication;Meanwhile, by increasing during setting up connection The communication and consultation mechanism of the encryption factor so that the negotiation of the encryption factor is the most efficient, it is not necessary to the extra negotiation increasing other becomes Originally the normal coded communication of communicating pair can be realized.
Embodiment four:
Fig. 4 is a kind of terminal schematic block diagram that the embodiment of the present invention four provides.For convenience of description, illustrate only and this The part that bright embodiment is relevant.The terminal of Fig. 4 example can be the execution master of a kind of communication means that previous embodiment two provides Body.The terminal of Fig. 4 example specifically includes that connection establishment unit 41, ciphering unit 42, message reception units 43 and decryption unit 44.Each unit describes in detail as follows:
Connection establishment unit 41, for by being connected with opposite equip. foundation, obtains the opposite end encryption factor;
Ciphering unit 42, for generating local terminal key according to the local terminal encryption factor, and disappears according to this local terminal cipher key pair communication Breath is sent to opposite equip. after being encrypted;
Message reception units 43, the communication response message after receiving the encryption that opposite equip. returns;
Decryption unit 44, for generating opposite end key according to the opposite end encryption factor, and rings according to this opposite end cipher key pair communication Message is answered to be decrypted.
Further, connection establishment unit 41 includes:
Connection request unit 411, for sending the connection request message comprising the local terminal encryption factor, local terminal to opposite equip. The encryption factor is used for generating local terminal key, and this connection request message is sent to opposite equip. by cloud service platform;
Connection response unit 412, for receiving the response message of the connection request message that opposite equip. returns, this response disappears Breath comprises the opposite end encryption factor, and the opposite end encryption factor is used for generating opposite end key.
Further, ciphering unit 42 includes:
Local terminal factor transmitting element 421, is used for that local terminal is encrypted the factor and communication information is sent in encryption chip;
Local terminal Key generating unit 422, is generated as this for local terminal being encrypted the factor according to the presetting rule of encryption chip End key;
Message encryption unit 423, for the AES according to encryption chip, uses local terminal cipher key pair communication message to carry out Opposite equip. it is sent to after encryption.
Further, decryption unit 44 includes:
Opposite end factor transmitting element 441, is used for that opposite end is encrypted the factor and communication response message is sent in encryption chip;
Opposite end Key generating unit 442, for according to the presetting rule of encryption chip opposite end encrypted the factor be generated as right End key;
Message decryption unit 443, for the decipherment algorithm according to encryption chip, uses opposite end cipher key pair communication response message It is decrypted.
Further, the local terminal encryption factor and the opposite end encryption factor are random sequence, and this random sequence includes international mobile In the generation time of device identification, equipment number, the product ID of encryption chip and random sequence at least one or many Individual.
In a kind of terminal that the present embodiment provides, each unit realizes the process of respective function, specifically refers to earlier figures 2 institute Showing the description of embodiment, here is omitted.
Knowable to the terminal of above-mentioned Fig. 4 example, in the present embodiment, first, by building exclusive cloud service platform, this is made The communication process of end equipment and opposite equip. is carried out in the cloud service platform passage of safety, it is ensured that the peace of Content of Communication transmission Quan Xing;Secondly as the encryption factor is a string and No. IEMI, phone number, the product ID of encryption chip and stochastic ordering The unique random sequence generating time correlation of row so that the encryption factor of communication process all differs each time, and And the encryption factor of local device and opposite equip. can also differ in a communication process, the generation of this encryption factor Mode ensure that the randomness of the encryption factor is with disposable so that also has randomness and according to the key that the encryption factor generates Secondary property, so that the communication information after Jia Mi is difficult to be hacked and crack, strengthens the safety guarantee to communication process;Again, Increasing the communication and consultation mechanism of the encryption factor during setting up connection, local terminal is added by local device by connection request message The close factor is sent to opposite equip., and opposite end is encrypted the factor in the response message of connection request message and returned to this by opposite equip. End equipment so that the negotiation of the encryption factor is the most efficient, it is not necessary to it is double that the extra negotiation cost increasing other can realize communication The normal coded communication in side;Finally, the combination of the unique encryption factor and hardware encryption chip, constitute a set of tight Encryption mechanism, improves the safety of communication so that the privacy of user and important information, from monitoring and theft, are indirectly protected The wealth safety of user.
Embodiment five:
Fig. 5 is a kind of terminal schematic block diagram that the embodiment of the present invention five provides.Terminal in the present embodiment shown in Fig. 5 can To include: one or more processors 501 (only illustrating in Fig. 5);One or more input equipments 502 (only illustrate in Fig. 5 One), one or more outut devices 503 (only illustrating in Fig. 5), memorizer 504 and encryption chip 505.Above-mentioned process Device 501, input equipment 502, outut device 503, memorizer 504 and encryption chip 505 are connected by bus 506.Memorizer 504 For storing instruction, processor 501 is for performing the instruction of memorizer 504 storage.
Wherein, processor 501 is used for:
It is connected by setting up with opposite equip., obtains the opposite end encryption factor;
Local terminal key is generated according to the local terminal encryption factor, and after being encrypted according to this local terminal cipher key pair communication message, logical Cross outut device 503 and be sent to opposite equip.;
The communication response message after the encryption that opposite equip. returns is received by input equipment 502;
Generate opposite end key according to the opposite end encryption factor, and be decrypted according to this opposite end cipher key pair communication response message.
Input equipment 502, the communication response message after receiving the encryption that opposite equip. returns;
Outut device 503, for being sent to opposite equip. by the communication information after encryption.
Further, processor 501 is additionally operable to:
Sent the connection request message comprising the local terminal encryption factor to opposite equip. by outut device 503, local terminal is encrypted The factor is used for generating local terminal key, and this connection request message is sent to opposite equip. by cloud service platform;
The response message of the connection request message that opposite equip. returns, this response message bag is received by input equipment 502 Encrypting the factor containing opposite end, the opposite end encryption factor is used for generating opposite end key;
Local terminal is encrypted the factor and communication information is sent in encryption chip 505;
Local terminal is encrypted the factor according to presetting rule and is generated as local terminal key by control encryption chip 505;
Control encryption chip 505 is according to AES, after using local terminal cipher key pair communication message to be encrypted, by output Equipment 503 is sent to opposite equip.;
Opposite end is encrypted the factor and communication response message is sent in encryption chip 505;
Opposite end is encrypted the factor according to presetting rule and is generated as opposite end key by control encryption chip 505;
Control encryption chip 505 to be decrypted according to decipherment algorithm, use opposite end cipher key pair communication response message.
Further, the local terminal encryption factor and the opposite end encryption factor are random sequence, and this random sequence includes international mobile In the generation time of device identification, equipment number, the product ID of encryption chip and random sequence at least one or many Individual.
Further, input equipment 502 is additionally operable to:
Receive the response message of the connection request message that opposite equip. returns.
Further, outut device 503 is additionally operable to:
The connection request message comprising the local terminal encryption factor is sent to opposite equip..
Further, encryption chip 505 is used for:
According to presetting rule, local terminal is encrypted the factor and be generated as local terminal key;
According to AES, after using local terminal cipher key pair communication message to be encrypted, it is right to be sent to by outut device 503 End equipment;
According to presetting rule, the factor is encrypted in opposite end and be generated as opposite end key;
According to decipherment algorithm, opposite end cipher key pair communication response message is used to be decrypted.
Should be appreciated that in embodiments of the present invention, alleged processor 501 can be CPU (Central Processing Unit, CPU), this processor can also is that other general processors, digital signal processor (Digital Signal Processor, DSP), special IC (Application Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field-Programmable Gate Array, FPGA) or other FPGAs Device, discrete gate or transistor logic, discrete hardware components etc..General processor can be microprocessor or this at Reason device can also be the processor etc. of any routine.
Input equipment 502 can include that Trackpad, fingerprint adopt sensor (for gathering the finger print information of user and fingerprint Directional information), mike etc., outut device 503 can include display (LCD etc.), speaker etc..
This memorizer 504 can include read only memory and random access memory, and to processor 501 provide instruction and Data.A part for memorizer 504 can also include nonvolatile RAM.Such as, memorizer 504 can also be deposited The information of storage device type.
In implementing, the processor 501 described in the embodiment of the present invention, input equipment 502, outut device 503 and Encryption chip 505 can perform the embodiment of the present invention one and the implementation described by a kind of communication means of embodiment two offer, Also can perform the implementation of terminal described by the embodiment of the present invention three and embodiment four, not repeat them here.
Embodiment six:
Fig. 6 is the schematic block diagram of a kind of communication system that the embodiment of the present invention six provides.For convenience of description, illustrate only The part relevant to the embodiment of the present invention.The communication system of Fig. 6 example can be a kind of communication party that previous embodiment one provides The executive agent of method.The communication system of Fig. 6 example specifically includes that local device 61, opposite equip. 62 and cloud service platform 63.Respectively Functional module describes in detail as follows:
Local device 61 and opposite equip. 62 are connected to cloud service platform 63 by network respectively;
Local device 61, is used for:
It is connected by setting up with opposite equip. 62, obtains the opposite end encryption factor;
Generate local terminal key according to the local terminal encryption factor, and send after being encrypted according to this local terminal cipher key pair communication message To opposite equip. 62;
Receive the communication response message after the encryption that opposite equip. 62 returns;
Generate opposite end key according to the opposite end encryption factor, and be decrypted according to this opposite end cipher key pair communication response message.
The process of each Implement of Function Module each function in a kind of communication system that the present embodiment provides, before specifically referring to Stating the description of embodiment illustrated in fig. 1, here is omitted.
Knowable to a kind of communication system of above-mentioned Fig. 6 example, in the present embodiment, the encryption factor is used to generate key, to logical Content of Communication during letter encrypts and decrypts, owing to the encryption factor can customize at random according to the demand of user, The encryption factor making communication process each time is all unique, and the randomness of this encryption factor is with disposable so that according to The key that the encryption factor generates also has randomness with disposable, so that the communication information after Jia Mi is difficult to be hacked and break Solve, strengthen the safety guarantee to communication process, it is ensured that the safe transmission of Content of Communication;Meanwhile, by setting up connection During increase encryption the factor communication and consultation mechanism so that encryption the factor negotiation the most efficient, it is not necessary to additionally increase it His negotiation cost can realize the normal coded communication of communicating pair.
Embodiment seven:
Please continue to refer to Fig. 6, for convenience of description, illustrate only the part relevant to the embodiment of the present invention.Fig. 6 example Communication system can be the executive agent of a kind of communication means that previous embodiment two provides.Unlike embodiment five, enter One step ground, in the present embodiment:
Local device 61, is additionally operable to:
Send the connection request message comprising the local terminal encryption factor to opposite equip. 62, the local terminal encryption factor is used for generating this End key, this connection request message is sent to opposite equip. 62 by cloud service platform 63;
Receive the response message of connection request message that opposite equip. 62 returns, this response message comprise opposite end encryption because of Son, the opposite end encryption factor is used for generating opposite end key.
Local terminal is encrypted the factor and communication information is sent in encryption chip;
Local terminal is encrypted the factor and is generated as local terminal key by the presetting rule according to encryption chip;
According to the AES of encryption chip, local terminal cipher key pair communication message is used to be sent to opposite equip. after being encrypted 62;
Opposite end is encrypted the factor and communication response message is sent in encryption chip;
Opposite end is encrypted the factor and is generated as opposite end key by the presetting rule according to encryption chip;
According to the decipherment algorithm of encryption chip, opposite end cipher key pair communication response message is used to be decrypted;
Further, the local terminal encryption factor and the opposite end encryption factor are random sequence, and this random sequence includes international mobile In the generation time of device identification, equipment number, the product ID of described encryption chip and random sequence at least one or Person is multiple.
The process of each Implement of Function Module each function in a kind of communication system that the present embodiment provides, before specifically referring to Stating the description of embodiment illustrated in fig. 2, here is omitted.
Knowable to a kind of communication system of above-mentioned Fig. 6 example, in the present embodiment, first, by building exclusive cloud service Platform, makes the communication process of local device and opposite equip. carry out in the cloud service platform passage of safety, it is ensured that in communication Hold the safety of transmission;Secondly as encryption the factor be a string and No. IEMI, phone number, the product ID of encryption chip And the unique random sequence generating time correlation of random sequence so that the encryption factor of communication process is equal each time Differ, and the encryption factor of local device and opposite equip. can also differ in a communication process, this encryption The generating mode of the factor ensure that the randomness of the encryption factor is with disposable so that also has according to the key that the encryption factor generates Randomness, with disposable, so that the communication information after Jia Mi is difficult to be hacked and crack, strengthens the safety to communication process Ensure;Again, increasing the communication and consultation mechanism of the encryption factor during setting up connection, local device is disappeared by connection request Local terminal is encrypted the factor and is sent to opposite equip. by breath, opposite equip. in the response message of connection request message, opposite end is encrypted because of Son returns to local device so that the negotiation of the encryption factor is the most efficient, it is not necessary to the extra negotiation cost increasing other Realize the normal coded communication of communicating pair;Finally, the unique encryption factor and the combination of hardware encryption chip, constitute A set of tight encryption mechanism, improves the safety of communication so that privacy and the important information of user from monitoring and are stolen, Indirectly protect the wealth safety of user.
Those of ordinary skill in the art are it is to be appreciated that combine the list of each example that the embodiments described herein describes Unit and algorithm steps, it is possible to electronic hardware, computer software or the two be implemented in combination in, in order to clearly demonstrate hardware With the interchangeability of software, the most generally describe composition and the step of each example according to function.This A little functions perform with hardware or software mode actually, depend on application-specific and the design constraint of technical scheme.Specially Industry technical staff can use different methods to realize described function to each specifically should being used for, but this realization is not It is considered as beyond the scope of this invention.
Those skilled in the art is it can be understood that arrive, for convenience of description and succinctly, and the side of foregoing description The specific works process of method, terminal, system and unit, is referred to the corresponding process in preceding method embodiment, at this no longer Repeat.
In several embodiments provided herein, it should be understood that disclosed method, terminal and system, permissible Realize by another way.Such as, device embodiment described above is only schematically, such as, and described unit Dividing, be only a kind of logic function and divide, actual can have other dividing mode, the most multiple unit or assembly when realizing Can in conjunction with or be desirably integrated into another system, or some features can be ignored, or does not performs.It addition, it is shown or beg for The coupling each other of opinion or direct-coupling or communication connection can be the INDIRECT COUPLING by some interfaces, device or unit Or communication connection, it is also possible to be electric, machinery or other form connect.
The described unit illustrated as separating component can be or may not be physically separate, shows as unit The parts shown can be or may not be physical location, i.e. may be located at a place, or can also be distributed to multiple On NE.Some or all of unit therein can be selected according to the actual needs to realize embodiment of the present invention scheme Purpose.
It addition, each functional unit in each embodiment of the present invention can be integrated in a processing unit, it is also possible to It is that unit is individually physically present, it is also possible to be that two or more unit are integrated in a unit.Above-mentioned integrated Unit both can realize to use the form of hardware, it would however also be possible to employ the form of SFU software functional unit realizes.
If described integrated unit realizes and as independent production marketing or use using the form of SFU software functional unit Time, can be stored in a computer read/write memory medium.Based on such understanding, technical scheme is substantially The part in other words prior art contributed, or this technical scheme completely or partially can be with the form of software product Embodying, this computer software product is stored in a storage medium, including some instructions with so that a computer Equipment (can be personal computer, server, or the network equipment etc.) performs the complete of method described in each embodiment of the present invention Portion or part steps.And aforesaid storage medium includes: USB flash disk, portable hard drive, read only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disc or CD etc. are various can store journey The medium of sequence code.
Step in embodiment of the present invention method can carry out order according to actual needs and adjust, merges and delete.
Unit in embodiment of the present invention device can merge according to actual needs, divides and delete.
The above, the only detailed description of the invention of the present invention, but protection scope of the present invention is not limited thereto, and any Those familiar with the art, in the technical scope that the invention discloses, can readily occur in the amendment of various equivalence or replace Changing, these amendments or replacement all should be contained within protection scope of the present invention.Therefore, protection scope of the present invention should be with right The protection domain required is as the criterion.

Claims (13)

1. a communication means, it is characterised in that including:
It is connected by setting up with opposite equip., obtains the opposite end encryption factor;
Generate local terminal key according to the local terminal encryption factor, and be sent to after being encrypted according to described local terminal cipher key pair communication message Described opposite equip.;
Receive the communication response message after the encryption that described opposite equip. returns;
Generate opposite end key according to the described opposite end encryption factor, and carry out according to communication response message described in the double secret key of described opposite end Deciphering.
Method the most according to claim 1, it is characterised in that described by being connected with opposite equip. foundation, obtains opposite end The encryption factor includes:
Send the connection request message comprising the described local terminal encryption factor to described opposite equip., the described local terminal encryption factor is used for Generating local terminal key, described connection request message is sent to described opposite equip. by cloud service platform;
Receiving the response message of the described connection request message that described opposite equip. returns, described response message comprises described opposite end The encryption factor, the described opposite end encryption factor is used for generating opposite end key.
Method the most according to claim 1, it is characterised in that described according to local terminal encryption factor generation local terminal key, and It is sent to described opposite equip. after being encrypted according to described local terminal cipher key pair communication message include:
The described local terminal encryption factor and communication information are sent in encryption chip;
The described local terminal encryption factor is generated as local terminal key by the presetting rule according to described encryption chip;
According to the AES of described encryption chip, communication information described in described local terminal double secret key is used to be sent to after being encrypted Described opposite equip..
Method the most according to claim 1, it is characterised in that described close according to described opposite end encryption factor generation opposite end Key, and be decrypted according to communication response message described in the double secret key of described opposite end and include:
The described opposite end encryption factor and described communication response message are sent in described encryption chip;
The described opposite end encryption factor is generated as opposite end key by the presetting rule according to described encryption chip;
According to the decipherment algorithm of described encryption chip, communication response message described in the double secret key of described opposite end is used to be decrypted.
5. according to the method described in claim 3 or 4, it is characterised in that described local terminal encryption the factor and described opposite end encryption because of Son is random sequence, and described random sequence includes International Mobile Station Equipment Identification, equipment number, the product serial of described encryption chip Number and described random sequence the generation time at least one or multiple.
6. a terminal, it is characterised in that including:
Connection establishment unit, for by being connected with opposite equip. foundation, obtains the opposite end encryption factor;
Ciphering unit, for generating local terminal key according to the local terminal encryption factor, and enters according to described local terminal cipher key pair communication message It is sent to described opposite equip. after row encryption;
Message reception units, the communication response message after receiving the encryption that described opposite equip. returns;
Decryption unit, for generating opposite end key according to the described opposite end encryption factor, and according to logical described in the double secret key of described opposite end Letter response message is decrypted.
Terminal the most according to claim 6, it is characterised in that described connection establishment unit includes:
Connection request unit, for sending the connection request message comprising the described local terminal encryption factor, institute to described opposite equip. State local terminal encryption the factor for generating local terminal key, described connection request message is sent to described opposite end by cloud service platform Equipment;
Connection response unit, for receiving the response message of the described connection request message that described opposite equip. returns, described sound Answering message to comprise the described opposite end encryption factor, the described opposite end encryption factor is used for generating opposite end key.
Terminal the most according to claim 6, it is characterised in that described ciphering unit includes:
Local terminal factor transmitting element, for being sent to the described local terminal encryption factor and communication information in encryption chip;
Local terminal Key generating unit, is generated as this for the presetting rule according to described encryption chip by the described local terminal encryption factor End key;
Message encryption unit, for the AES according to described encryption chip, using communicates described in described local terminal double secret key disappears Breath is sent to described opposite equip. after being encrypted.
Terminal the most according to claim 6, it is characterised in that described decryption unit includes:
Opposite end factor transmitting element, for being sent to encryption chip by the described opposite end encryption factor and described communication response message In;
Opposite end Key generating unit, it is right the described opposite end encryption factor to be generated as the presetting rule according to described encryption chip End key;
Message decryption unit, for the decipherment algorithm according to described encryption chip, uses communication described in the double secret key of described opposite end to ring Message is answered to be decrypted.
Terminal the most according to claim 8 or claim 9, it is characterised in that described local terminal encryption the factor and described opposite end encryption because of Son is random sequence, and described random sequence includes International Mobile Station Equipment Identification, equipment number, the product serial of described encryption chip Number and described random sequence the generation time at least one or multiple.
11. 1 kinds of communication systems, described system includes local device, opposite equip. and cloud service platform;
Described local device and described opposite equip. are connected to described cloud service platform by network respectively;
Described local device, is used for:
It is connected by setting up with described opposite equip., obtains the opposite end encryption factor;
Generate local terminal key according to the local terminal encryption factor, and be sent to after being encrypted according to described local terminal cipher key pair communication message Described opposite equip.;
Receive the communication response message after the encryption that described opposite equip. returns;
Generate opposite end key according to the described opposite end encryption factor, and carry out according to communication response message described in the double secret key of described opposite end Deciphering.
12. systems according to claim 11, it is characterised in that described local device, are additionally operable to:
Send the connection request message comprising the described local terminal encryption factor to described opposite equip., the described local terminal encryption factor is used for Generating local terminal key, described connection request message is sent to described opposite equip. by cloud service platform;
Receiving the response message of the described connection request message that described opposite equip. returns, described response message comprises described opposite end The encryption factor, the described opposite end encryption factor is used for generating opposite end key.
13. systems according to claim 11, it is characterised in that described local device, are additionally operable to:
The described local terminal encryption factor and communication information are sent in encryption chip;
The described local terminal encryption factor is generated as local terminal key by the presetting rule according to described encryption chip;
According to the AES of described encryption chip, communication information described in described local terminal double secret key is used to be sent to after being encrypted Described opposite equip.;
The described opposite end encryption factor and described communication response message are sent in described encryption chip;
The described opposite end encryption factor is generated as opposite end key by the presetting rule according to described encryption chip;
According to the decipherment algorithm of described encryption chip, communication response message described in the double secret key of described opposite end is used to be decrypted;
The described local terminal encryption factor and the described opposite end encryption factor are random sequence, and described random sequence includes international mobile device In the generation time of mark, equipment number, the product ID of described encryption chip and described random sequence at least one or Person is multiple.
CN201610447419.0A 2016-06-21 2016-06-21 A kind of communication means, terminal and communication system Withdrawn CN106131825A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610447419.0A CN106131825A (en) 2016-06-21 2016-06-21 A kind of communication means, terminal and communication system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610447419.0A CN106131825A (en) 2016-06-21 2016-06-21 A kind of communication means, terminal and communication system

Publications (1)

Publication Number Publication Date
CN106131825A true CN106131825A (en) 2016-11-16

Family

ID=57471123

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610447419.0A Withdrawn CN106131825A (en) 2016-06-21 2016-06-21 A kind of communication means, terminal and communication system

Country Status (1)

Country Link
CN (1) CN106131825A (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101159540A (en) * 2007-10-15 2008-04-09 上海华为技术有限公司 Method and process device of transmitting-receiving data flow
CN101394248A (en) * 2008-05-13 2009-03-25 北京大秦兴宇电子有限公司 Data ciphering and deciphering communication terminal
CN102355493A (en) * 2011-09-29 2012-02-15 畅捷通信息技术股份有限公司 Data transmission system and data transmission method
CN103973543A (en) * 2013-02-05 2014-08-06 中国移动通信集团公司 Method and device for instant messaging
CN103986723A (en) * 2014-05-28 2014-08-13 大唐移动通信设备有限公司 Secret communication control and secret communication method and device
CN105554711A (en) * 2014-10-29 2016-05-04 宇龙计算机通信科技(深圳)有限公司 Short message protection method and apparatus, and terminal

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101159540A (en) * 2007-10-15 2008-04-09 上海华为技术有限公司 Method and process device of transmitting-receiving data flow
CN101394248A (en) * 2008-05-13 2009-03-25 北京大秦兴宇电子有限公司 Data ciphering and deciphering communication terminal
CN102355493A (en) * 2011-09-29 2012-02-15 畅捷通信息技术股份有限公司 Data transmission system and data transmission method
CN103973543A (en) * 2013-02-05 2014-08-06 中国移动通信集团公司 Method and device for instant messaging
CN103986723A (en) * 2014-05-28 2014-08-13 大唐移动通信设备有限公司 Secret communication control and secret communication method and device
CN105554711A (en) * 2014-10-29 2016-05-04 宇龙计算机通信科技(深圳)有限公司 Short message protection method and apparatus, and terminal

Similar Documents

Publication Publication Date Title
CN110892672B (en) Key authentication assertion generation providing device anonymity
CN106453330B (en) A kind of identity authentication method and system
CN108769027B (en) Secure communication method, device, mobile terminal and storage medium
CN107431924B (en) Device theft protection associating device identifiers with user identifiers
CN107276756A (en) A kind of method and server for obtaining root key
CN107480519A (en) A kind of method and server for identifying risk application
EP2648129B1 (en) Method and apparatus for securing touch input
CN105812332A (en) Data protection method
WO2017028711A1 (en) Method for processing data, wearable electronic equipment and system
CN103095457A (en) Login and verification method for application program
CN107086984A (en) A kind of method, terminal and server for obtaining and generating identifying code
CN103929307A (en) Password input method, intelligent secret key device and client device
US20160301530A1 (en) Sensitive operation verification method, apparatus, and system
US20110047378A1 (en) System and method for identifying account and peripheral device thereof
CN111178884A (en) Information processing method, device, equipment and readable storage medium
KR20140110639A (en) Data security method and electronic device implementing the same
CN107358114A (en) A kind of method and terminal for preventing user data loss
KR20210046357A (en) Method and apparatus for key storing and recovery for blockchain based system
CN113032753B (en) Identity verification method and device
CN111628863B (en) Data signature method and device, electronic equipment and storage medium
WO2019024882A1 (en) Method for automatically encrypting short message, storage device and mobile terminal
CN106130727A (en) A kind of call cryptographic key negotiation method and system
US10845990B2 (en) Method for executing of security keyboard, apparatus and system for executing the method
CN106131825A (en) A kind of communication means, terminal and communication system
WO2018017019A1 (en) Personal security device and method

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication

Application publication date: 20161116

WW01 Invention patent application withdrawn after publication