CN106209835A - Peer-to-peer network communication system and method - Google Patents
Peer-to-peer network communication system and method Download PDFInfo
- Publication number
- CN106209835A CN106209835A CN201610538484.4A CN201610538484A CN106209835A CN 106209835 A CN106209835 A CN 106209835A CN 201610538484 A CN201610538484 A CN 201610538484A CN 106209835 A CN106209835 A CN 106209835A
- Authority
- CN
- China
- Prior art keywords
- passage
- formal
- customer end
- private key
- pki
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Abstract
The present invention provides a kind of peer-to-peer network communication system and method, described system includes peer-to-peer network and some telecommunication customer ends, described telecommunication customer end includes: passage builds initiation unit, for generating the first public private key pair, occasional passage identity information is sent to set up occasional passage by forward node, exchange PKI by occasional passage, generate and send formal passage identity information and the 3rd public private key pair to set up formal passage;Passage builds response unit, and for generating the second public private key pair, reception occasional passage identity information, to set up occasional passage, exchanges PKI by occasional passage, receives formal passage identity information and the 3rd public private key pair to set up formal passage;Communication unit, for sending the 3rd PKI for checking to forward node;Receive message and decipher with private key;The public key encryption message to be sent obtained with exchange, and by the 3rd private key signature, sent by formal passage.The present invention, without centralized server, operates without registering and logging simultaneously.
Description
Technical field
The application relates to technical field of network communication, is specifically related to a kind of peer-to-peer network communication system and method.
Background technology
The communication mode of current 90% MSN (Instant Messaging is called for short IM) is all centralized,
Its login mode is required for user and carries out authentication, such as, need by phone number login, username and password login etc..
Current authentication mode is more single, is required for being verified by centralized server.It is exemplified below two kinds presently the most
Conventional login mode.
One, centralised login mode
As a example by MSN Messenger, the program on user's microcomputer is referred to as MSN Messenger client, described visitor
Family end is connected to a MSN Messenger server by Internet.That is, described client by described server and its
His client interactive information.The client of user conversates with server, is then processed these session informations by server
And notify the client of other users.
Fig. 1 is the communication schematic diagram that MSN Messenger client logs in.As it is shown in figure 1, described server specifically wraps
Include:
Dispatching server (Dispatch Server is called for short DS server).DS server is the clothes that client initially connects
Business device, is responsible for suitably notifying server to client distribution.Domain name is messenger.hotmail.com, standards service end
Mouth is 1863.After completing to send task, cut off TCP and connect.
Notice server (Notification Server is called for short NS server).The purpose of NS server mainly retains
The online information of user, also has the information of other users important persons of interest.Including login, change state, obtain user
List, amendment user profile, initiation are chatted, accept calling, mail notification, are exited.Notice server also provides for other equally
Notice service, the new mail prompting of such as Hotmail and establishment or addition session etc..Serve port is specified by dispatching server,
It is generally also 1863.
Wiring server (Switchboard Server is called for short SS server).SS server is for preserving each user's
Instant session information, in other words, the user's correspondence in each MSN is connected in the session of a shared power board.Therefore, this
In can also regard as chat between client use transfer server.
The communication process logged in by above MSN, centralised login mode needs to have been come by centralized server
Becoming, log in needs username and password to verify simultaneously.
Two, open mandate login mode
Open authorize (Open Authorization is called for short OAuth) one peace that has been the Authorization definition for user resources
Entirely, opening and simple standard, third party is without knowing account and the password of user, so that it may get the authorization message of user.
Fig. 2 is the schematic diagram of a kind of open mandate login mode.As in figure 2 it is shown, the most frequently used opening in currently available technology
Put mandate login mode to comprise the following steps (as a example by QQ authorizes):
User accesses third party website, and this website provides the login mode using QQ to log in;
After user clicks on QQ login, third party website server will connect authorized party's (QQ) server and make requests on;
User gives authorized party (QQ) server mandate third party website in the page redirected out and accesses user profile
Authority;
Authorized party (QQ) server provides the user profile through authorizing to third party website server.
Above-mentioned login mode needs also exist for centralized authorized party's server and third-party server, and login needs pass through
The checking of authorized party's server.
Summary of the invention
In view of drawbacks described above of the prior art or deficiency, it is desirable to provide a kind of without centralized server, simultaneously without
User carries out registering and logging operation can ensure peer-to-peer network communication system and the method for communication security.
First aspect, the present invention provides a kind of telecommunication customer end, and described telecommunication customer end includes:
Passage builds initiation unit, for generating the first public private key pair, by some described forward node to the second communication
Client sends occasional passage identity information to set up occasional passage, leading to by described occasional passage and the second telecommunication customer end
Response unit exchange PKI is built in road, generates and sends formal passage identity information and the 3rd public and private key corresponding to formal passage
To set up formal passage;Wherein, described first public private key pair includes the first PKI and the first private key;
Passage builds response unit, for generating the second public private key pair, receives the first telecommunication customer end by some forwardings
The occasional passage identity information that node sends is to set up occasional passage, by described occasional passage and described first telecommunication customer end
Passage build initiation elements exchange PKI, and receive formal passage identity information and corresponding to the 3rd public and private key of formal passage
To set up formal passage;Wherein, described second public private key pair includes the second PKI and the second private key;
Communication unit, for sending the 3rd PKI to each described forward node, is turned for the checking of each described forward node
The message sent out;Receive the message sent by described formal passage, build with described passage and initiate the first private key that unit is held
Or described passage builds the second private key that response unit holds and deciphers described message;And, build initiation unit with described passage
The second PKI of obtaining of exchange or described passage are built the first PKI that response unit exchange obtains and are added message to be sent
Close, and with the 3rd private key, described message to be sent is signed, send described message to be sent by described formal passage.
Second aspect, the present invention provides a kind of peer-to-peer network, and including some forward node, described forward node includes:
Retransmission unit, the information being used for forwarding telecommunication customer end to send is to set up occasional passage and formal passage, to described
Telecommunication customer end obtains the 3rd PKI, with telecommunication customer end described in described 3rd public key verifications by the transmission of described formal passage
Message: it is legal to verify, forwards;
Wherein, the described message sent by described formal passage is signed with the 3rd private key by described telecommunication customer end
Name, the 3rd public private key pair of described 3rd PKI and described 3rd private key composition is corresponding to described formal passage.
The third aspect, the present invention provides a kind of peer-to-peer network communication system, and described system includes several above-mentioned communications visitor
Family end and above-mentioned peer-to-peer network.
Fourth aspect, the present invention provides a kind of peer-to-peer network means of communication, and described method includes:
Generate the first public private key pair;
Occasional passage identity information is sent to the second telecommunication customer end interim logical to set up by some described forward node
Road;
Build response unit exchange PKI by the passage of described occasional passage and the second telecommunication customer end, generate and send
Formal passage identity information and corresponding to the 3rd public private key pair of formal passage to set up formal passage;
Send the 3rd PKI to each described forward node, verify the message forwarded for each described forward node;
Message to be sent is encrypted by the second PKI obtained with exchange, and with the 3rd private key to described message to be sent
Sign, send described message to be sent by described formal passage;
Receive the message sent by described formal passage, decipher described message with the first private key.
Wherein, described first public private key pair includes the first PKI and the first private key.
5th aspect, the present invention provides a kind of peer-to-peer network means of communication, and described method includes:
Generate the second public private key pair;
Receive the occasional passage identity information that the first telecommunication customer end sent by some forward node interim logical to set up
Road;
Build initiation elements exchange PKI by the passage of described occasional passage Yu described first telecommunication customer end, and receive
Formal passage identity information and corresponding to the 3rd public private key pair of formal passage to set up formal passage;
Send the 3rd PKI to each described forward node, verify the message forwarded for each described forward node;
Message to be sent is encrypted by the first PKI obtained with exchange, and with the 3rd private key to described message to be sent
Sign, send described message to be sent by described formal passage;
Receive the message sent by described formal passage, decipher described message with the second private key.
Wherein, described second public private key pair includes the second PKI and the second private key.
6th aspect, the present invention provides a kind of peer-to-peer network means of communication, and described method includes:
Forward the information that the first telecommunication customer end sends to set up occasional passage;
Forward the information that the first telecommunication customer end and the second telecommunication customer end send to set up formal passage respectively;
The 3rd PKI is obtained to described first telecommunication customer end or described second telecommunication customer end;
With the first telecommunication customer end described in described 3rd public key verifications or described second telecommunication customer end by described formally
The message that passage sends: it is legal to verify, forwards.
Wherein, the described message sent by described formal passage is by described first telecommunication customer end or described second communication
Client is signed with the 3rd private key, and the 3rd public private key pair of described 3rd PKI and described 3rd private key composition is corresponding to institute
State formal passage.
The peer-to-peer network communication system of the present invention many embodiments offer and method are by setting up occasional passage to build alternately
The information of formula of attentioning passage, exchanges the PKI of both sides' telecommunication customer end in occasional passage simultaneously, and corresponding to formal passage
The 3rd public private key pair, simultaneously the forward node in peer-to-peer network provides the 3rd PKI, thus sends logical in formal passage
Cross the public key encryption of exchange, simultaneously by the information of the 3rd private key signature: on the one hand, forward node may utilize the 3rd PKI to be carried out
Checking, just forwards if being verified, thus has ensured the legitimacy of passage;On the other hand, the communication client of information is received
End can utilize the private key of self to be decrypted information, thus has ensured the safety of information;Finally achieve without centralized
Server, carries out registering and logging operation without user simultaneously and can carry out safety communication;
Peer-to-peer network communication system and method that some embodiments of the invention provide are passed through to send corresponding to temporarily further
The Quick Response Code of passage identity code sets up occasional passage, improves the safety of communication.
Accompanying drawing explanation
By the detailed description that non-limiting example is made made with reference to the following drawings of reading, other of the application
Feature, purpose and advantage will become more apparent upon:
Fig. 1 is the communication schematic diagram that MSN Messenger client logs in.
Fig. 2 is the schematic diagram of a kind of open mandate login mode.
Fig. 3 is the structural representation of telecommunication customer end in one embodiment of the invention.
Fig. 4 is the flow chart of a kind of peer-to-peer network means of communication in one embodiment of the invention.
Fig. 5 is the flow chart of the another kind of peer-to-peer network means of communication in one embodiment of the invention.
Fig. 6 is the flow chart of step S12 in method shown in Fig. 4.
Fig. 7 is the flow chart of step S22 in method shown in Fig. 5.
Fig. 8 is the flow chart of step S13 in method shown in Fig. 4.
Fig. 9 is the flow chart of step S23 in method shown in Fig. 5.
Figure 10 is the schematic diagram of the process generating formal passage in one embodiment of the invention.
Figure 11 is the flow chart of step S14 in method shown in Fig. 4.
Figure 12 is the flow chart of step S24 in method shown in Fig. 5.
Figure 13 is the structural representation of peer-to-peer network in one embodiment of the invention.
Figure 14 is the flow chart of a kind of peer-to-peer network means of communication in one embodiment of the invention.
Figure 15 is the flow chart of step S31 in method shown in Figure 14.
Figure 16 is the flow chart of step S32 in method shown in Figure 14.
Figure 17 is the structural representation of peer-to-peer network communication system in one embodiment of the invention.
Detailed description of the invention
With embodiment, the application is described in further detail below in conjunction with the accompanying drawings.It is understood that this place is retouched
The specific embodiment stated is used only for explaining related invention, rather than the restriction to this invention.It also should be noted that, in order to
It is easy to describe, accompanying drawing illustrate only and invent relevant part.
It should be noted that in the case of not conflicting, the embodiment in the application and the feature in embodiment can phases
Combination mutually.Describe the application below with reference to the accompanying drawings and in conjunction with the embodiments in detail.
Fig. 3 is the structural representation of telecommunication customer end in one embodiment of the invention.
As it is shown on figure 3, in the present embodiment, the telecommunication customer end 10 that the present invention provides includes that passage builds initiation unit
11, passage builds response unit 12 and communication unit 13.
In the present embodiment, each telecommunication customer end 10 carries out mutual communication by some forward node of peer-to-peer network.
Passage build initiation unit 11 for generating the first public private key pair, by some described forward node to the second communication
Client 10 sends occasional passage identity information to set up occasional passage, by described occasional passage and the second telecommunication customer end 10
Passage build response unit 12 and exchange PKI, generate and send formal passage identity information and corresponding to formal passage the 3rd
Public private key pair is to set up formal passage.Wherein, described first public private key pair includes the first PKI and the first private key.
Passage builds response unit 12 for generating the second public private key pair, receives the first telecommunication customer end 10 by some turns
Send out node send occasional passage identity information to set up occasional passage, by described occasional passage and the first telecommunication customer end 10
Passage build initiation unit 11 and exchange PKI, and receive formal passage identity information and the 3rd public and private corresponding to formal passage
Key is to set up formal passage.Wherein, described second public private key pair includes the second PKI and the second private key.
Communication unit 13, for sending the 3rd PKI to each described forward node, is turned for the checking of each described forward node
The message sent out;Receive the message sent by described formal passage, build with passage initiate the first private key of holding of unit 11 or
Passage builds the second private key described message of deciphering that response unit 12 is held;And, build initiation unit 11 with passage and exchange
To the second PKI or passage build response unit 12 the first PKI of obtaining of exchange and message to be sent be encrypted, and with the
Described message to be sent is signed by three private keys, sends described message to be sent by described formal passage.
Fig. 4 is the flow chart of a kind of peer-to-peer network means of communication in one embodiment of the invention.Peer-to-peer network shown in Fig. 4 leads to
Communication method corresponding can be applied to the passage of above-mentioned telecommunication customer end 10 and build in initiation unit 11 and communication unit 13.
As shown in Figure 4, in the present embodiment, the peer-to-peer network means of communication that the present invention provides include:
S11: generate the first public private key pair;
S12: send occasional passage identity information by some described forward node to the second telecommunication customer end and face to set up
Shi Tongdao;
S13: build response unit exchange PKI by the passage of described occasional passage and the second telecommunication customer end, generate also
Send formal passage identity information and correspond to the 3rd public private key pair of formal passage to set up formal passage;
S14: send the 3rd PKI to each described forward node, verifies the message forwarded for each described forward node;
S15: message to be sent is encrypted by the second PKI obtained with exchange, and with the 3rd private key to described to be sent
Message is signed, and sends described message to be sent by described formal passage;
S16: receive the message sent by described formal passage, deciphers described message with the first private key.
Wherein, described first public private key pair includes the first PKI and the first private key.
Fig. 5 is the flow chart of the another kind of peer-to-peer network means of communication in one embodiment of the invention.Method shown in Fig. 5 can be right
The passage that should be applied to above-mentioned telecommunication customer end 10 is built in response unit 12 and communication unit 13.
As it is shown in figure 5, in the present embodiment, the another kind of peer-to-peer network means of communication that the present invention provides include:
S21: generate the second public private key pair;
S22: receive the occasional passage identity information that the first telecommunication customer end sent by some forward node and face to set up
Shi Tongdao;
S23: build initiation elements exchange PKI by the passage of described occasional passage Yu described first telecommunication customer end, and
Receive formal passage identity information and correspond to the 3rd public private key pair of formal passage to set up formal passage;
S24: send the 3rd PKI to each described forward node, verifies the message forwarded for each described forward node;
S25: message to be sent is encrypted by the first PKI obtained with exchange, and with the 3rd private key to described to be sent
Message is signed, and sends described message to be sent by described formal passage;
S26: receive the message sent by described formal passage, deciphers described message with the second private key.
Wherein, described second public private key pair includes the second PKI and the second private key.
Specifically, in the present embodiment, the first telecommunication customer end and the second telecommunication customer end are respectively when each initializing
Generate the first public private key pair and the second public private key pair.In step S11, the passage of the first telecommunication customer end is built initiation unit 11 and is obtained
Take the first telecommunication customer end and initialize the first public private key pair generated;In step S12, the passage of the second telecommunication customer end builds sound
Answer unit 12 to obtain the second telecommunication customer end and initialize the second public private key pair generated.
In a preferred embodiment, passage builds initiation unit 11 and passage is built response unit 12 and can be distinguished the most initial
Metaplasia becomes the first public private key pair and the second public private key pair, and obtains the public and private key initializing generation respectively in step S11 and S12
Right.
In another preferred embodiment, passage builds initiation unit 11 and passage is built response unit 12 and can taken every time
Generate different public private key pairs before building occasional passage and formal passage, i.e. generate first when performing step S11/S12 every time public
Private key is right/the second public private key pair.
In step s 12, the passage of the first telecommunication customer end build initiation unit 11 by some described forward node to
The passage of the second telecommunication customer end is built response unit 12 and is sent occasional passage identity information;Accordingly, in step S22, the
The passage of two telecommunication customer ends is built response unit 12 and is received described occasional passage identity information to obtain occasional passage identity code
Temp_channel_id, thus set up occasional passage.
In step S13 and step S23, the passage of the first telecommunication customer end builds initiation unit 11 and the second communication client
The passage of end is built response unit 12 and is exchanged the PKI each held by occasional passage;The passage of the first telecommunication customer end is taken
Build initiation unit 11 and also generate formal passage identity information and corresponding to the 3rd public private key pair of formal passage and by interim logical
Road transmission builds response unit 12 to the passage of the second telecommunication customer end;The passage of the second telecommunication customer end builds response unit 12
Obtain formal passage identity code channel_id according to formal passage identity information, thus set up formal passage.
In step S14 and step S24, the passage of the first telecommunication customer end builds initiation unit 11 and the second telecommunication customer end
Passage build response unit 12 and monitor formal passage respectively, and provide the 3rd PKI for each forward node.
In step S15 and step S25, the passage of the first telecommunication customer end builds initiation unit 11 and the second telecommunication customer end
Passage build response unit 12 respectively with step S13 and S23 exchanging the second PKI and the first PKI obtained to be sent
Information is encrypted, and signs information to be sent with the 3rd private key, then is transmitted by formal passage.
When forward node receives the information sent above by formal passage, forward node by above-mentioned steps S14 or
The information received is verified by the 3rd PKI obtained in S24: if being verified, forwarding, authentication failed is not carried out
Forward, to ensure the legitimacy of passage.
In step S16 and S26, the passage of the first telecommunication customer end is built and is initiated unit 11 and the second telecommunication customer end
Passage is built response unit 12 and is decrypted, with the first private key each held and the second private key, the information received respectively.
The telecommunication customer end of above-described embodiment offer and the peer-to-peer network means of communication are by setting up occasional passage to build alternately
The information of formula of attentioning passage, exchanges the PKI of both sides' telecommunication customer end in occasional passage simultaneously, and corresponding to formal passage
The 3rd public private key pair, simultaneously the forward node in peer-to-peer network provides the 3rd PKI, thus sends logical in formal passage
Cross the public key encryption of exchange, simultaneously by the information of the 3rd private key signature: on the one hand, forward node may utilize the 3rd PKI to be carried out
Checking, just forwards if being verified, thus has ensured the legitimacy of passage;On the other hand, the communication client of information is received
End can utilize the private key of self to be decrypted information, thus has ensured the safety of information;Finally achieve without centralized
Server, carries out registering and logging operation without user simultaneously and can carry out safety communication.
Fig. 6 is the flow chart of step S12 in method shown in Fig. 4.
As shown in Figure 6, in a preferred embodiment, step S12 includes:
S121: generate occasional passage identity code and corresponding Quick Response Code;
S122: send described Quick Response Code by some described forward node to the second telecommunication customer end, for described second
Telecommunication customer end obtains described occasional passage identity code by scanning described Quick Response Code, thus sets up occasional passage.
Fig. 7 is the flow chart of step S22 in method shown in Fig. 5.
As it is shown in fig. 7, with step S12 shown in Fig. 6 accordingly, in a preferred embodiment, described occasional passage identity
Information is Quick Response Code, and step S22 includes:
S221: the Quick Response Code that scanning receives is to obtain occasional passage identity code, thus sets up occasional passage.
Fig. 8 is the flow chart of step S13 in method shown in Fig. 4.
As shown in Figure 8, in a preferred embodiment, step S13 includes:
S131: monitor described occasional passage, the passage receiving the second telecommunication customer end builds response unit by some institutes
State the second PKI that forward node returns;
S132: generate formal passage identity information and the 3rd public private key pair corresponding to formal passage;
S133: build response unit by described occasional passage to the passage of the second telecommunication customer end and send described formal logical
Road identity information, the 3rd public private key pair and the first PKI.
Fig. 9 is the flow chart of step S23 in method shown in Fig. 5.
As it is shown in figure 9, with step S13 shown in Fig. 8 accordingly, in a preferred embodiment, step S23 includes:
S231: build initiation unit by described occasional passage to the passage of described first telecommunication customer end and send the second public affairs
Key;
S232: monitor described occasional passage, the passage receiving described first telecommunication customer end builds what initiation unit sent
Formal passage identity information, the 3rd public private key pair and the first PKI.
Figure 10 is the schematic diagram of the process generating formal passage in one embodiment of the invention.
Specifically, as illustrated in figures 6-10, in step S12 and step S22, the passage of the first telecommunication customer end builds initiation
Unit 11 uses the form of Quick Response Code to send occasional passage identity code;In step S131 and step S232, the second communication client
The passage of end is built response unit 12 and is returned the second PKI by occasional passage;In step S132, the first telecommunication customer end
Passage is built initiation unit 11 and is generated formal passage identity information and the 3rd public private key pair corresponding to formal passage;In step
In S133 and step S232, the passage of the first telecommunication customer end build initiate unit 11 with receive the second PKI to described formally
Passage identity information, the 3rd public private key pair and the first PKI are encrypted, then are transmitted by occasional passage, the second communication visitor
The passage of family end build response unit 12 receive above-mentioned every add confidential information after the second private key of holding with self be decrypted.
Above-described embodiment sets up occasional passage corresponding to the Quick Response Code of occasional passage identity code by sending further, and leads to
Cross the second public key encryption formal passage identity information, the 3rd public private key pair and the first PKI that occasional passage sends, improve logical
The safety of news.
Figure 11 is the flow chart of step S14 in method shown in Fig. 4.Figure 12 is the flow process of step S24 in method shown in Fig. 5
Figure.
As is illustrated by figs. 11 and 12, in step S14 and step S24, it is single that the passage of the first telecommunication customer end builds initiation
Unit 11 and second passage of telecommunication customer end are built response unit 12 and are performed following steps respectively:
Monitor described formal passage;
Receive the 3rd PKI request that each described forward node sends;
Return the 3rd PKI to each described forward node, verify the message forwarded for each described forward node.
Figure 13 is the structural representation of peer-to-peer network in one embodiment of the invention.
As shown in figure 13, in the present embodiment, the peer-to-peer network 20 that the present invention provides includes some forward node 21.
Forward node 21 includes: retransmission unit, and the information being used for forwarding telecommunication customer end 10 to send is to set up occasional passage
And formal passage, obtain the 3rd PKI to telecommunication customer end 10, pass through described with described 3rd public key verifications telecommunication customer end 10
The message that formal passage sends: it is legal to verify, forwards.
Wherein, the described message sent by described formal passage is signed with the 3rd private key by telecommunication customer end 10,
3rd public private key pair of described 3rd PKI and described 3rd private key composition is corresponding to described formal passage.
Figure 14 is the flow chart of a kind of peer-to-peer network means of communication in one embodiment of the invention.Peer-to-peer network shown in Figure 14
The means of communication can corresponding be applied in the forward node 21 shown in Figure 13.
As shown in figure 14, in the present embodiment, the peer-to-peer network means of communication that the present invention provides include:
S31: forward the information that the first telecommunication customer end sends to set up occasional passage;
S32: forward the information that the first telecommunication customer end and the second telecommunication customer end send to set up formal passage respectively;
S33: obtain the 3rd PKI to described first telecommunication customer end or described second telecommunication customer end;
S34: pass through described with the first telecommunication customer end described in described 3rd public key verifications or described second telecommunication customer end
The message that formal passage sends: it is legal to verify, forwards.
Wherein, the described message sent by described formal passage is by described first telecommunication customer end or described second communication
Client is signed with the 3rd private key, and the 3rd public private key pair of described 3rd PKI and described 3rd private key composition is corresponding to institute
State formal passage.
Peer-to-peer network and the peer-to-peer network means of communication that above-described embodiment provides achieve without centralized server, simultaneously
Carry out registering and logging operation without user and can carry out safety communication.
In a preferred embodiment, the information that described forwarding telecommunication customer end sends includes to set up occasional passage: forward
The Quick Response Code that first telecommunication customer end sends, obtains the interim of correspondence for the second telecommunication customer end by scanning described Quick Response Code
Passage identity code, thus set up occasional passage.
Figure 15 is the flow chart of step S31 in method shown in Figure 14.Method shown in Figure 15 can correspondence be applied to above-mentioned excellent
Select in the peer-to-peer network of embodiment.
As shown in figure 15, in a preferred embodiment, step S31 includes:
S311: forward the Quick Response Code that the first telecommunication customer end sends, for the second telecommunication customer end by scanning described two
Dimension code obtains corresponding occasional passage identity code, thus sets up occasional passage.
In a preferred embodiment, the information that described forwarding telecommunication customer end sends includes to set up formal passage: forward
The second PKI that second telecommunication customer end returns;Forward the formal passage identity information of the first telecommunication customer end transmission, the 3rd public affairs
Private key to and the first PKI.
Figure 16 is the flow chart of step S32 in method shown in Figure 14.Method shown in Figure 16 can correspondence be applied to above-mentioned excellent
Select in the peer-to-peer network of embodiment.
As shown in figure 16, in a preferred embodiment, step S32 includes:
S321: forward the second PKI that the second telecommunication customer end returns;
S322: forward formal passage identity information, the 3rd public private key pair and the first PKI that the first telecommunication customer end sends.
Figure 17 is the structural representation of peer-to-peer network communication system in one embodiment of the invention.
As shown in figure 17, in the present embodiment, the peer-to-peer network communication system that the present invention provides includes any of the above-described enforcement
Peer-to-peer network described in example and several telecommunication customer ends described in any of the above-described embodiment.
The peer-to-peer network communication system that above-described embodiment provides achieves without centralized server, enters without user simultaneously
The operation of row registering and logging can carry out safety communication.
Flow chart in accompanying drawing and block diagram, it is illustrated that according to system, method and the computer journey of various embodiments of the invention
Architectural framework in the cards, function and the operation of sequence product.In this, each square frame in flow chart or block diagram can generation
One module of table, program segment or a part for code, a part for described module, program segment or code comprises one or more
For realizing the executable instruction of the logic function of regulation.It should also be noted that some as replace realization in, institute in square frame
The function of mark can also occur to be different from the order marked in accompanying drawing.Such as, the square frame that two succeedingly represent is actual
On can perform substantially in parallel, they can also perform sometimes in the opposite order, depending on this is according to involved function.Also
It should be noted that the combination of the square frame in each square frame in block diagram and/or flow chart and block diagram and/or flow chart, permissible
The function specified by execution or the special hardware based system of operation are realized, or can pass through specialized hardware and meter
The combination of calculation machine instruction realizes.
It is described in the embodiment of the present application involved unit or module can realize by the way of software, it is also possible to
Realize by the way of hardware.Described unit or module can also be arranged within a processor, and such as, communication unit is permissible
It is provided in the software program in computer or intelligent movable equipment, it is also possible to be the hardware chip individually carrying out communication.Wherein,
The title of these unit or module is not intended that such as, passage is taken to this unit or the restriction of module itself under certain conditions
Build initiation unit and passage is built response unit and is also described as " for adding good friend's adding device of communication good friend ".
As on the other hand, present invention also provides a kind of computer-readable recording medium, this computer-readable storage medium
Matter can be the computer-readable recording medium described in above-described embodiment included in device;Can also be individualism, not
The computer-readable recording medium being fitted in equipment.Computer-readable recording medium storage has one or more than one journey
Sequence, described program is used for performing to be described in the formula input method of the application by one or more than one processor.
Above description is only the preferred embodiment of the application and the explanation to institute's application technology principle.People in the art
Member should be appreciated that invention scope involved in the application, however it is not limited to the technology of the particular combination of above-mentioned technical characteristic
Scheme, also should contain in the case of without departing from described inventive concept simultaneously, above-mentioned technical characteristic or its equivalent feature carry out
Combination in any and other technical scheme of being formed.Such as features described above has similar merit with (but not limited to) disclosed herein
The technical scheme that the technical characteristic of energy is replaced mutually and formed.
Claims (19)
1. a telecommunication customer end, it is characterised in that each described telecommunication customer end is entered by some forward node of peer-to-peer network
The mutual communication of row, described telecommunication customer end includes:
Passage builds initiation unit, for generating the first public private key pair, by some described forward node to the second communication client
End transmission occasional passage identity information, to set up occasional passage, is taken by the passage of described occasional passage and the second telecommunication customer end
Build response unit exchange PKI, generate and send formal passage identity information and corresponding to formal passage the 3rd public private key pair with
Set up formal passage;Wherein, described first public private key pair includes the first PKI and the first private key;
Passage builds response unit, for generating the second public private key pair, receives the first telecommunication customer end by some forward node
The occasional passage identity information sent to set up occasional passage, logical by described occasional passage and described first telecommunication customer end
Road build initiation elements exchange PKI, and receive formal passage identity information and corresponding to formal passage the 3rd public private key pair with
Set up formal passage;Wherein, described second public private key pair includes the second PKI and the second private key;
Communication unit, for sending the 3rd PKI to each described forward node, is forwarded for the checking of each described forward node
Message;Receive the message sent by described formal passage, build with described passage and initiate the first private key or the institute that unit is held
State passage and build the second private key described message of deciphering that response unit is held;And, build initiation elements exchange with described passage
The second PKI obtained or described passage are built response unit the first PKI of obtaining of exchange and are encrypted message to be sent, and
With the 3rd private key, described message to be sent is signed, send described message to be sent by described formal passage.
Peer-to-peer network communication system the most according to claim 1, it is characterised in that described occasional passage identity information is two
Dimension code;
Described interim logical to set up to the second telecommunication customer end transmission occasional passage identity information by some described forward node
Road includes:
Generate occasional passage identity code and corresponding Quick Response Code;
Described Quick Response Code is sent to the second telecommunication customer end, for described second telecommunication customer end by some described forward node
Obtain described occasional passage identity code by scanning described Quick Response Code, thus set up occasional passage;
The occasional passage identity information that described reception the first telecommunication customer end is sent by some forward node is interim logical to set up
Road includes:
The Quick Response Code that scanning receives is to obtain occasional passage identity code, thus sets up occasional passage.
Peer-to-peer network communication system the most according to claim 1, it is characterised in that described by described occasional passage and
The passage of two telecommunication customer ends builds response unit exchange PKI, generates and sends formal passage identity information and corresponding to formal
3rd public private key pair of passage includes to set up formal passage:
Monitoring described occasional passage, the passage receiving the second telecommunication customer end builds response unit by some described forward node
The second PKI returned;
Generate formal passage identity information and the 3rd public private key pair corresponding to formal passage;
Build response unit by described occasional passage to the passage of the second telecommunication customer end and send described formal passage identity letter
Breath, the 3rd public private key pair and the first PKI;
The described passage by described occasional passage Yu described first telecommunication customer end builds initiation elements exchange PKI, and receives
Formal passage identity information and the 3rd public private key pair corresponding to formal passage include to set up formal passage:
Build initiation unit by described occasional passage to the passage of described first telecommunication customer end and send the second PKI;
Monitoring described occasional passage, the passage receiving described first telecommunication customer end builds the formal passage body initiating unit transmission
Part information, the 3rd public private key pair and the first PKI.
Peer-to-peer network communication system the most according to claim 1, it is characterised in that described to the transmission of each described forward node
3rd PKI, the message forwarded for the checking of each described forward node includes:
Monitor described formal passage;
Receive the 3rd PKI request that each described forward node sends;
Return the 3rd PKI to each described forward node, verify the message forwarded for each described forward node.
5. a peer-to-peer network, it is characterised in that include that some forward node, described forward node include:
Retransmission unit, the information being used for forwarding telecommunication customer end to send is to set up occasional passage and formal passage, to described communication
Client obtains the 3rd PKI, with telecommunication customer end described in described 3rd public key verifications by disappearing that described formal passage sends
Breath: it is legal to verify, forwards;
Wherein, the described message sent by described formal passage is signed with the 3rd private key by described telecommunication customer end, institute
State the 3rd public private key pair of the 3rd PKI and described 3rd private key composition corresponding to described formal passage.
Peer-to-peer network the most according to claim 5, it is characterised in that the information that described forwarding telecommunication customer end sends is to build
Vertical occasional passage includes:
Forward the Quick Response Code that the first telecommunication customer end sends, right by scanning the acquisition of described Quick Response Code for the second telecommunication customer end
The occasional passage identity code answered, thus set up occasional passage.
Peer-to-peer network the most according to claim 5, it is characterised in that the information that described forwarding telecommunication customer end sends is to build
The formula passage of attentioning includes:
Forward the second PKI that the second telecommunication customer end returns;
Forward formal passage identity information, the 3rd public private key pair and the first PKI that the first telecommunication customer end sends.
8. a peer-to-peer network communication system, it is characterised in that described system includes described in several any one of claim 1-4
Telecommunication customer end and any one of claim 5-7 described in peer-to-peer network.
9. peer-to-peer network means of communication, it is characterised in that described method includes:
Generate the first public private key pair;
Occasional passage identity information is sent to set up occasional passage to the second telecommunication customer end by some described forward node;
Build response unit exchange PKI by the passage of described occasional passage and the second telecommunication customer end, generate and send formal
Passage identity information and corresponding to the 3rd public private key pair of formal passage to set up formal passage;
Send the 3rd PKI to each described forward node, verify the message forwarded for each described forward node;
Message to be sent is encrypted by the second PKI obtained with exchange, and carries out described message to be sent with the 3rd private key
Signature, sends described message to be sent by described formal passage;
Receive the message sent by described formal passage, decipher described message with the first private key;
Wherein, described first public private key pair includes the first PKI and the first private key.
The peer-to-peer network means of communication the most according to claim 9, it is characterised in that described by some described forwarding joints
O'clock to second telecommunication customer end send occasional passage identity information include to set up occasional passage:
Generate occasional passage identity code and corresponding Quick Response Code;
Described Quick Response Code is sent to the second telecommunication customer end, for described second telecommunication customer end by some described forward node
Obtain described occasional passage identity code by scanning described Quick Response Code, thus set up occasional passage.
The 11. peer-to-peer network means of communication according to claim 9, it is characterised in that described by described occasional passage with
The passage of the second telecommunication customer end builds response unit exchange PKI, generates and sends formal passage identity information and corresponding to just
3rd public private key pair of formula passage includes to set up formal passage:
Monitoring described occasional passage, the passage receiving the second telecommunication customer end builds response unit by some described forward node
The second PKI returned;
Generate formal passage identity information and the 3rd public private key pair corresponding to formal passage;
Build response unit by described occasional passage to the passage of the second telecommunication customer end and send described formal passage identity letter
Breath, the 3rd public private key pair and the first PKI.
The 12. peer-to-peer network means of communication according to claim 9, it is characterised in that described send out to each described forward node
Sending the 3rd PKI, the message forwarded for the checking of each described forward node includes:
Monitor described formal passage;
Receive the 3rd PKI request that each described forward node sends;
Return the 3rd PKI to each described forward node, verify the message forwarded for each described forward node.
13. 1 kinds of peer-to-peer network means of communication, it is characterised in that described method includes:
Generate the second public private key pair;
Receive occasional passage identity information that the first telecommunication customer end sent by some forward node to set up occasional passage;
Build initiation elements exchange PKI by the passage of described occasional passage Yu described first telecommunication customer end, and receive formal
Passage identity information and corresponding to the 3rd public private key pair of formal passage to set up formal passage;
Send the 3rd PKI to each described forward node, verify the message forwarded for each described forward node;
Message to be sent is encrypted by the first PKI obtained with exchange, and carries out described message to be sent with the 3rd private key
Signature, sends described message to be sent by described formal passage;
Receive the message sent by described formal passage, decipher described message with the second private key;
Wherein, described second public private key pair includes the second PKI and the second private key.
The 14. peer-to-peer network means of communication according to claim 13, it is characterised in that described occasional passage identity information is
Quick Response Code, described reception occasional passage identity information includes to set up occasional passage:
The Quick Response Code that scanning receives is to obtain occasional passage identity code, thus sets up occasional passage.
The 15. peer-to-peer network means of communication according to claim 13, it is characterised in that described by described occasional passage with
Corresponding passage builds initiation elements exchange PKI, and receives formal passage identity information and the 3rd public affairs corresponding to formal passage
Private key is to including setting up formal passage:
Build initiation unit by described occasional passage to the passage of described first telecommunication customer end and send the second PKI;
Monitoring described occasional passage, the passage receiving described first telecommunication customer end builds the formal passage body initiating unit transmission
Part information, the 3rd public private key pair and the first PKI.
The 16. peer-to-peer network means of communication according to claim 13, it is characterised in that described send out to each described forward node
Sending the 3rd PKI, the message forwarded for the checking of each described forward node includes:
Monitor described formal passage;
Receive the 3rd PKI request that each described forward node sends;
Return the 3rd PKI to each described forward node, verify the message forwarded for each described forward node.
17. 1 kinds of peer-to-peer network means of communication, it is characterised in that described method includes:
Forward the information that the first telecommunication customer end sends to set up occasional passage;
Forward the information that the first telecommunication customer end and the second telecommunication customer end send to set up formal passage respectively;
The 3rd PKI is obtained to described first telecommunication customer end or described second telecommunication customer end;
Described formal passage is passed through with the first telecommunication customer end described in described 3rd public key verifications or described second telecommunication customer end
The message sent: it is legal to verify, forwards;
Wherein, the described message sent by described formal passage is by described first telecommunication customer end or described second communication client
End sign with the 3rd private key, described 3rd PKI and described 3rd private key composition the 3rd public private key pair correspond to described just
Formula passage.
The 18. peer-to-peer network means of communication according to claim 17, it is characterised in that described forwarding the first telecommunication customer end
The information sent includes to set up occasional passage:
Forward the Quick Response Code that the first telecommunication customer end sends, right by scanning the acquisition of described Quick Response Code for the second telecommunication customer end
The occasional passage identity code answered, thus set up occasional passage.
The 19. peer-to-peer network means of communication according to claim 17, it is characterised in that described forward respectively first communication visitor
The information that family end and the second telecommunication customer end send includes to set up formal passage:
Forward the second PKI that the second telecommunication customer end returns;
Forward formal passage identity information, the 3rd public private key pair and the first PKI that the first telecommunication customer end sends.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610538484.4A CN106209835B (en) | 2016-07-08 | 2016-07-08 | Peer-to-peer network communication system and method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610538484.4A CN106209835B (en) | 2016-07-08 | 2016-07-08 | Peer-to-peer network communication system and method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106209835A true CN106209835A (en) | 2016-12-07 |
CN106209835B CN106209835B (en) | 2019-11-22 |
Family
ID=57474179
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610538484.4A Active CN106209835B (en) | 2016-07-08 | 2016-07-08 | Peer-to-peer network communication system and method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106209835B (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106919384A (en) * | 2017-02-13 | 2017-07-04 | 浙江慧脑信息科技有限公司 | A kind of browser that can transmit user profile |
CN108449357A (en) * | 2018-04-08 | 2018-08-24 | 武汉斗鱼网络科技有限公司 | A kind of mandate login method, device, smart machine and storage medium |
CN111148094A (en) * | 2019-12-30 | 2020-05-12 | 全链通有限公司 | Registration method of 5G user terminal, user terminal equipment and medium |
CN111148098A (en) * | 2019-12-30 | 2020-05-12 | 江苏全链通信息科技有限公司 | 5G terminal equipment registration method, equipment and storage medium |
WO2020134711A1 (en) * | 2018-12-29 | 2020-07-02 | 华为技术有限公司 | Message forwarding method and apparatus |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1925393A (en) * | 2006-09-08 | 2007-03-07 | 苏州胜联电子信息有限公司 | Point-to-point network identity authenticating method |
EP1865656A1 (en) * | 2006-06-08 | 2007-12-12 | BRITISH TELECOMMUNICATIONS public limited company | Provision of secure communications connection using third party authentication |
CN103746770A (en) * | 2013-12-20 | 2014-04-23 | 浙江工业大学 | Message authentication code and probability secret key distribution mechanism-based anti-pollution network coding method |
CN105191172A (en) * | 2013-05-16 | 2015-12-23 | 三星电子株式会社 | Communication method and device |
CN105656624A (en) * | 2016-02-29 | 2016-06-08 | 浪潮(北京)电子信息产业有限公司 | Client side, server and data transmission method and system |
-
2016
- 2016-07-08 CN CN201610538484.4A patent/CN106209835B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1865656A1 (en) * | 2006-06-08 | 2007-12-12 | BRITISH TELECOMMUNICATIONS public limited company | Provision of secure communications connection using third party authentication |
CN1925393A (en) * | 2006-09-08 | 2007-03-07 | 苏州胜联电子信息有限公司 | Point-to-point network identity authenticating method |
CN105191172A (en) * | 2013-05-16 | 2015-12-23 | 三星电子株式会社 | Communication method and device |
CN103746770A (en) * | 2013-12-20 | 2014-04-23 | 浙江工业大学 | Message authentication code and probability secret key distribution mechanism-based anti-pollution network coding method |
CN105656624A (en) * | 2016-02-29 | 2016-06-08 | 浪潮(北京)电子信息产业有限公司 | Client side, server and data transmission method and system |
Non-Patent Citations (1)
Title |
---|
杨柳 等: "《基于P2P网络的可验证门限群签名方案》", 《计算机应用与软件》 * |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106919384A (en) * | 2017-02-13 | 2017-07-04 | 浙江慧脑信息科技有限公司 | A kind of browser that can transmit user profile |
CN106919384B (en) * | 2017-02-13 | 2020-09-15 | 浙江慧脑信息科技有限公司 | Browser system capable of transmitting user information |
CN108449357A (en) * | 2018-04-08 | 2018-08-24 | 武汉斗鱼网络科技有限公司 | A kind of mandate login method, device, smart machine and storage medium |
WO2020134711A1 (en) * | 2018-12-29 | 2020-07-02 | 华为技术有限公司 | Message forwarding method and apparatus |
CN111148094A (en) * | 2019-12-30 | 2020-05-12 | 全链通有限公司 | Registration method of 5G user terminal, user terminal equipment and medium |
CN111148098A (en) * | 2019-12-30 | 2020-05-12 | 江苏全链通信息科技有限公司 | 5G terminal equipment registration method, equipment and storage medium |
CN111148094B (en) * | 2019-12-30 | 2023-11-21 | 全链通有限公司 | Registration method of 5G user terminal, user terminal equipment and medium |
Also Published As
Publication number | Publication date |
---|---|
CN106209835B (en) | 2019-11-22 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9882723B2 (en) | Method and system for authentication | |
Bird et al. | Systematic design of a family of attack-resistant authentication protocols | |
CN106209835A (en) | Peer-to-peer network communication system and method | |
US20040073795A1 (en) | Systems and methods for password-based connection | |
CN109347635A (en) | A kind of Internet of Things security certification system and authentication method based on national secret algorithm | |
US10742426B2 (en) | Public key infrastructure and method of distribution | |
CN102957584B (en) | Home network equipment management method, control equipment and home network equipment | |
CN103051453A (en) | Digital certificate-based mobile terminal network security trading system and digital certificate-based mobile terminal network security trading method | |
CN104883367B (en) | A kind of method, system and applications client that auxiliary verification logs in | |
TW200818838A (en) | Mutual authentication and secure channel establishment between two parties using consecutive one-time passwords | |
CN102651739A (en) | Login verification method, system and instant messaging (IM) server | |
Azad et al. | Authentic caller: Self-enforcing authentication in a next-generation network | |
CN104202163A (en) | Password system based on mobile terminal | |
CN102893575A (en) | One time passwords with ipsec and ike version 1 authentication | |
CN101547096A (en) | Net-meeting system and management method thereof based on digital certificate | |
CN105323063A (en) | Identity verification method of mobile terminal and fixed intelligent terminal based on two-dimensional code | |
Schliep et al. | End-to-end secure mobile group messaging with conversation integrity and deniability | |
CN101083526A (en) | Method, communication system, communication apparatus and server for generating cipher key | |
US20110033034A1 (en) | High-Assurance Teleconference Authentication | |
US20240064143A1 (en) | Methods, mediums, and systems for verifying devices in an encrypted messaging system | |
CN103986716B (en) | Establishing method for SSL connection and communication method and device based on SSL connection | |
CN107104888B (en) | Safe instant messaging method | |
CN101252438A (en) | Third party identification authentication system based on mobile type IC | |
US11658955B1 (en) | Methods, mediums, and systems for verifying devices in an encrypted messaging system | |
US11743035B2 (en) | Methods, mediums, and systems for verifying devices in an encrypted messaging system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |