CN106209884A - External authentication and the method for communication encryption, CA and TA between TA and CA - Google Patents

External authentication and the method for communication encryption, CA and TA between TA and CA Download PDF

Info

Publication number
CN106209884A
CN106209884A CN201610583200.3A CN201610583200A CN106209884A CN 106209884 A CN106209884 A CN 106209884A CN 201610583200 A CN201610583200 A CN 201610583200A CN 106209884 A CN106209884 A CN 106209884A
Authority
CN
China
Prior art keywords
key parameter
random number
key
ciphertext
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610583200.3A
Other languages
Chinese (zh)
Inventor
尚玉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hengbao Co Ltd
Original Assignee
Hengbao Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hengbao Co Ltd filed Critical Hengbao Co Ltd
Priority to CN201610583200.3A priority Critical patent/CN106209884A/en
Publication of CN106209884A publication Critical patent/CN106209884A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords

Abstract

The invention discloses external authentication and the method for communication encryption between a kind of TA and CA, relate to communication technical field, on the premise of reducing performance loss, improve security performance.The method includes: form the first key parameter table and the second key parameter table in CA and TA respectively;CA obtains the first key parameter sequence number to random number process, obtains the first key parameter;CA obtains the first key value to the first key parameter computing;CA uses the first key value that random number encryption obtains the first ciphertext, and the first ciphertext is sent to TA;TA obtains the second key parameter sequence number to random number process, obtains the second key parameter;TA obtains the second key value to the second key parameter computing;TA uses the second key value that random number encryption obtains the second ciphertext;First ciphertext and the second ciphertext are compared;Operation is performed according to comparative result.The present invention is applied to external authentication and communication encryption between TA and CA.

Description

External authentication and the method for communication encryption, CA and TA between TA and CA
Technical field
The present invention relates to communication technical field, particularly relate to external authentication and the side of communication encryption between a kind of TA and CA Method, CA and TA.
Background technology
When developing TA based on TEE system, the CA in REE initiate to call and will call incoming TEE system by system In, and then call the data in TA.In this process, in order to ensure enough safety, TA needs whether to confirm called side CA It is the CA of oneself accreditation.
In prior art, by the way of external authentication and link encryption, reach above-mentioned purpose.Specifically, external authentication side Formula is as follows: solidifies one or several consistent keys in the code of TA with CA, uses it by certain algorithm in use In a key be authenticated.Link encryption mode usually uses the mode of RSA key pair, first generates RSA in TA Double secret key, then PKI is spread out of, in CA generate random number, use this RSA PKI to random number encryption, then will encryption The incoming TA of result, finally, TA uses RSA private key to decrypt random number, and both sides use this random number to be encrypted communication instruction.
But, inventors herein have recognized that, said external certification there is problems in that owing to key is solidificated in both sides' In application, i.e. in CA Yu TA, can be viewed by dis-assembling, therefore, the safest, particularly with natively for non- For the CA of safer world.Above-mentioned link encryption there is problems in that the mode owing to have employed RSA key pair, so that Arithmetic speed certainly will be substantially reduced, although safety increases, but for some to the highest application of time requirement (such as HCE+TEE) for, it is difficult to stand the performance loss brought.
Summary of the invention
It is an object of the invention to provide external authentication and the method for communication encryption, CA and TA between a kind of TA and CA, use In on the premise of reducing performance loss, improve security performance.
For reaching above-mentioned purpose, between TA and CA that the present invention provides, external authentication uses as follows with the method for communication encryption Technical scheme:
Between TA and CA, external authentication includes with the method for communication encryption:
Step S1, in CA, solidify multiple first key parameter, form the first key parameter table, TA solidifies multiple Two key parameters, form the second key parameter table, the first key parameter of solidification, number and order in CA, solid with in TA The second key parameter, the number changed are the most identical with order;
Step S2, CA initiate to obtain random number instruction to TA;
Step S3, TA receive the backward CA of instruction and return random number, and TA also preserves this random number simultaneously;
Random number is processed by step S4, CA, using result as the first key parameter sequence number, and at the first key The first key parameter that this first key parameter sequence number is corresponding is obtained in parameter list;
Step S5, CA carry out computing to the first key parameter and obtain the first key value;
Step S6, CA use the first key value that random number is encrypted computing, obtain the first ciphertext, and by the first ciphertext It is sent to TA;
After step S7, TA receive the first ciphertext, the random number preserved in TA is processed, using result as the Two key parameter sequence numbers, and obtain, at the second key parameter the exterior and the interior, the second key parameter that this second key parameter sequence number is corresponding;
Step S8, TA carry out computing to the second key parameter and obtain the second key value;
Step S9, TA use the second key value that random number is encrypted computing, obtain the second ciphertext;
Step S10, in TA, the first ciphertext and the second ciphertext are compared;
Step S11, perform operation according to comparative result;
Wherein, if the first ciphertext and the second ciphertext are unequal, then external authentication failure;If the first ciphertext and the second ciphertext phase Deng, then external authentication success, TA uses the key that the second key value communicates as this, in CA return authentication result, CA Use the key that the first key value communicates as this.
Alternatively, in step S1, the code of CA solidifies multiple first key parameter, forms the first key parameter table, In the code of TA, solidify multiple second key parameter, form the second key parameter table.
Alternatively, the random number in step S3 is 8 bytes.
Alternatively, in step S4 and step S7, random number is carried out the process that pattern is O.
Alternatively, step S5 carries out P computing or hash computing to the first key parameter, to the second key in step S8 Parameter carries out P computing or hash computing.
Alternatively, in step S6 and step S9, use symmetry algorithm that random number is encrypted computing.
Further, in step S6 and step S9, use the DES-ECB algorithm in symmetry algorithm that random number is encrypted Computing.
Between TA and CA in the present invention, external authentication includes step as above with the method for communication encryption, so that When obtaining external authentication, not solidifying the original text of key and simply preserve the parameter list of key in TA and CA, real key needs Just can obtain after carrying out computing, considerably increase key and crack difficulty, after improve security performance, and external authentication success, i.e. The key key as link encryption of external authentication can be used, decrease operating procedure, compared with prior art reducing property Loss of energy.
Additionally, the present invention also provides for a kind of CA, this CA includes the first key parameter table, instruction initiation module, first random Number processing module, the first key parameter processing module and the first encrypting module;
Wherein, the first key parameter table is solidified with multiple first key parameter;
Instruction initiation module is for initiating to obtain random number instruction to TA;
First random number process module is for processing the random number obtained from TA, and result is close as first Key parameter sequence number, and obtain, at the first key parameter the exterior and the interior, the first key parameter that this first key parameter sequence number is corresponding;
First key parameter processing module obtains the first key value for the first key parameter is carried out computing;
First encrypting module, for using the first key value that random number is encrypted computing, obtains the first ciphertext, and will First ciphertext is sent to TA.
The present invention also provides for a kind of TA, this TA and includes at the second key parameter table, random number generation module, the second random number Reason module, ciphertext receiver module, the second key parameter processing module, the second encrypting module and comparison module;
Wherein, the second key parameter table is solidified with multiple second key parameter;
Random number generation module, for the acquisition random number instruction initiated according to CA, generates random number, is sent by random number To CA, and oneself preserves random number;
Ciphertext receiver module is for receiving the first ciphertext that CA sends;
Second random number process module, will for, after receiving the first ciphertext that CA sends, processing random number Result is as the second key parameter sequence number, and it is corresponding to obtain this second key parameter sequence number at the second key parameter the exterior and the interior Second key parameter;
Second key parameter processing module obtains the second key value for the second key parameter is carried out computing;
Second encrypting module, for using the second key value that random number is encrypted computing, obtains the second ciphertext;
Comparison module is for comparing the first ciphertext and the second ciphertext.
Above-mentioned TA and CA matches to perform external authentication and the method for communication encryption between above-described TA and CA, because of This, between beneficial effect and above-described TA and CA of the two, external authentication is identical with the method for communication encryption, the most no longer Repeat.
Accompanying drawing explanation
In order to be illustrated more clearly that the embodiment of the present invention or technical scheme of the prior art, embodiment will be described below The accompanying drawing used required in is briefly described, it should be apparent that, the accompanying drawing in describing below is only some of the present invention Embodiment, for those of ordinary skill in the art, on the premise of not paying creative work, it is also possible to attached according to these Figure obtains other accompanying drawing.
Fig. 1 is the flow chart one of the method for external authentication and communication encryption between TA and CA in the embodiment of the present invention;
Fig. 2 is the flowchart 2 of the method for external authentication and communication encryption between TA and CA in the embodiment of the present invention.
Detailed description of the invention
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete Describe, it is clear that described embodiment is a part of embodiment of the present invention rather than whole embodiments wholely.Based on this Embodiment in bright, the every other enforcement that those of ordinary skill in the art are obtained under not making creative work premise Example, broadly falls into the scope of protection of the invention.
Embodiment one
The embodiment of the present invention provides external authentication and the method for communication encryption between a kind of TA and CA, specifically, such as Fig. 1 institute Showing, between TA and CA, external authentication includes with the method for communication encryption:
Step S1, in CA, solidify multiple first key parameter, form the first key parameter table M1K (), solidifies in TA Multiple second key parameters, form the second key parameter table M1(k), the first key parameter of solidification, number and order in CA, The most identical with the second key parameter of solidification in TA, number and order, wherein, k is key parameter sequence number, joins at the first key Number table M1K () is the first key parameter sequence number, at the second key parameter table M2K being the second key parameter sequence number in (), k is big In the positive integer equal to 1 and less than or equal to N, N is the number of the first key parameter, is also the number of the second key parameter.
Wherein, the first key parameter and the second key parameter can be the sequences of arbitrary value, and length can also be arbitrary, Have only to ensure the first key parameter and the concordance of the second key parameter.
Due to the first key parameter table M1(k) and the second key parameter table M2K () need not change, nor energy Destroyed, therefore, the embodiment of the present invention preferably solidifies in the code of CA multiple first key parameter, form the first key ginseng Number table M1K (), solidifies multiple second key parameter in the code of TA, form the second key parameter table M2(k)。
Step S2, CA initiate to obtain random number instruction to TA.
Step S3, TA receive the backward CA of instruction and return random number, and TA also preserves this random number simultaneously.Alternatively, step S3 In random number be 8 bytes.
Random number is processed by step S4, CA, by result t1As the first key parameter sequence number, t1For being more than In 1 and less than or equal to the positive integer of N, and at the first key parameter table M1This first key parameter sequence number t is obtained in (k)1Corresponding First key parameter M1(t1)。
Alternatively, in step S4, random number is carried out the process that pattern is O.Wherein, pattern be the process of O be one in fact Plant selection algorithm, the first key parameter sequence number can be calculated according to nonce count in this selection algorithm.Specifically, O computing is Random number first byte is carried out the complementation of number N to the first key parameter.
Step S5, CA are to the first key parameter M1(t1) carry out computing and obtain the first key value Z1(t1)。
Alternatively, step S5 carries out P computing or hash computing to the first key parameter.Wherein, P computing and hash fortune Calculating is all a kind of algorithm that first key parameter is converted into the first key value.Alternatively, in P computing and hash computing, take Front 8 bytes of one key parameter are as the first key value.
Step S6, CA use the first key value Z1(t1) random number is encrypted computing, obtain the first ciphertext C1, and will First ciphertext C1It is sent to TA.
Alternatively, in step S6, use symmetry algorithm that random number is encrypted computing.Further, symmetrical calculation is used DES-ECB algorithm in method is encrypted computing to random number.Specifically, CA uses DES-ECB algorithm to enter 8 byte randoms number After row cryptographic calculation, it is thus achieved that be the first key value of 8 bytes.
Step S7, TA receive the first ciphertext C1After, the random number preserved in TA is processed, by result t2Make It is the second key parameter sequence number, and at the second key parameter table M2This second key parameter sequence number t is obtained in (k)2Corresponding second Key parameter M2(t2)。
Alternatively, in step S7, random number is carried out the process that pattern is O.Wherein, pattern be the process of O be one in fact Plant selection algorithm, the second key parameter sequence number can be calculated according to nonce count in this selection algorithm.Specifically, O computing is Random number first byte is carried out the complementation of number N to the second key parameter.
Step S8, TA are to the second key parameter M2(t2) carry out computing and obtain the second key value Z2(t2).Alternatively, step Second key parameter is carried out P computing or hash computing by S8.Wherein, P computing and hash computing are all a kind of close by second Key parameter is converted into the algorithm of the second key value.Alternatively, 8 words before taking the second key parameter in P computing and hash computing Joint is as the second key value.
Step S9, TA use the second key value Z2(t2) random number is encrypted computing, obtain the second ciphertext C2
Alternatively, in step S9, use symmetry algorithm that random number is encrypted computing.Further, symmetrical calculation is used DES-ECB algorithm in method is encrypted computing to random number.Specifically, TA uses DES-ECB algorithm to enter 8 byte randoms number After row cryptographic calculation, it is thus achieved that be the second key value of 8 bytes.
Step S10, in TA to the first ciphertext C1With the second ciphertext C2Compare.
Step S11, perform operation according to comparative result.
Wherein, if the first ciphertext C1With the second ciphertext C2Unequal, then external authentication failure;If the first ciphertext C1With second Ciphertext C2Equal, then external authentication success, uses the second key value Z in TA2(t2) key that communicates as this, return to CA Authentication result, uses the first key value Z in CA1(t1) key that communicates as this.Certainly, when the first ciphertext C1Close with second Literary composition C2Time equal, the first key value Z1(t1) and the second key value Z2(t2) also it is necessarily equal.
Between TA and CA in the present invention, external authentication includes step as above with the method for communication encryption, so that When obtaining external authentication, not solidifying the original text of key and simply preserve the parameter list of key in TA and CA, real key needs Just can obtain after carrying out computing, considerably increase key and crack difficulty, after improve security performance, and external authentication success, i.e. The key key as link encryption of external authentication can be used, decrease operating procedure, compared with prior art reducing property Loss of energy.
Embodiment two
For the ease of it will be appreciated by those skilled in the art that the following embodiment of the present invention provides between a kind of TA and CA most specifically External authentication and the method for communication encryption, as in figure 2 it is shown, external authentication includes with the method for communication encryption between this TA and CA:
In the code of CA, solidify 4 the first key parameters, form the first key parameter table, in TA, solidify 4 second 11223344,55667788 key parameter, forms the second key parameter table, and wherein, 4 the first key parameters are followed successively by:, AABBCCDD and EEFF0011,4 the second key parameters are same.
CA initiates to obtain 8 byte random number instructions to TA, and TA returns and preserve 8 byte randoms number, and wherein, TA returns and protects The 8 byte randoms number deposited are 1122334455667788.
CA carries out the computing that pattern is O to random number, will the first byte 11 of random number, to the first key parameter Several 4 remainders, obtain 3, select the 3rd the first key parameter AABBCCDD.
CA carries out hash computing to AABBCCDD and obtains CA6FFBF95B47864FD4E73F2601326304, takes front 8 words Joint CA6FFBF95B47864F is as the first key value.
CA carries out DES-ECB to random number 1122334455667788 to utilizing the first key value CA6FFBF95B47864F Encryption, obtains the first ciphertext ABC9FA6F0358DB93, and the first ciphertext is handed down to TA.
TA carries out the computing that pattern is O to random number, will the first byte 11 of random number, to the second key parameter Several 4 remainders, obtain 3, select the 3rd the second key parameter AABBCCDD.
TA carries out hash computing to AABBCCDD and obtains CA6FFBF95B47864FD4E73F2601326304, takes front 8 words Joint CA6FFBF95B47864F is as the second key value.
TA carries out DES-ECB to random number 1122334455667788 to utilizing the second key value CA6FFBF95B47864F Encryption, obtains the second ciphertext ABC9FA6F0358DB93.
First ciphertext ABC9FA6F0358DB93 and the second ciphertext ABC9FA6F0358DB93 are compared by TA, compare knot Fruit be the first ciphertext and the second ciphertext equal.
TA to CA return authentication result, and use the second key value CA6FFBF95B47864F as this communicate close Key.
CA uses the key that the first key value CA6FFBF95B47864F communicates as this.
Embodiment three
The embodiment of the present invention provides a kind of CA, this CA to include the first key parameter table M1(k), instruction initiation module, first Random number process module, the first key parameter processing module and the first encrypting module.
Wherein, the first key parameter table is solidified with multiple first key parameter;Instruction initiation module is for initiating to TA Acquisition random number instructs;Result, for processing the random number obtained from TA, is made by the first random number process module It is the first key parameter sequence number, and obtains, at the first key parameter the exterior and the interior, the first key ginseng that this first key parameter sequence number is corresponding Number;First key parameter processing module obtains the first key value for the first key parameter is carried out computing;First encrypting module For using the first key value that random number is encrypted computing, obtain the first ciphertext, and the first ciphertext is sent to TA.
Certainly, CA the most also include for use the first key value as and TA between the module of key of communication, with And it being used for the module communicated between TA, these modules are similar with of the prior art, the most no longer enter Row repeats.
The embodiment of the present invention also provide for a kind of TA, this TA include the second key parameter table, random number generation module, second with Machine number processing module, ciphertext receiver module, the second key parameter processing module, the second encrypting module and comparison module.
Wherein, the second key parameter table is solidified with multiple second key parameter;Random number generation module is for according to CA The acquisition random number instruction initiated, generates random number, and random number is sent to CA, and oneself preserves random number;Ciphertext receives mould Block is for receiving the first ciphertext that CA sends;Second random number process module is used for after receiving the first ciphertext that CA sends, Random number is processed, using result as the second key parameter sequence number, and the second key parameter the exterior and the interior obtain this The second key parameter that two key parameter sequence numbers are corresponding;Second key parameter processing module is for transporting the second key parameter Calculation obtains the second key value;Second encrypting module, for using the second key value that random number is encrypted computing, obtains second Ciphertext;Comparison module is for comparing the first ciphertext and the second ciphertext.
Similarly, TA the most also include for use the second key value as and CA between the module of key of communication, And it being used for the module communicated between CA, these modules are similar with of the prior art, the most no longer Repeat.
During it should be noted that carry out external authentication between TA and CA with communication encryption, above-mentioned TA's and CA is worked Journey can be found in external authentication and the particular content of the method for communication encryption between above TA and CA, the most no longer repeats.
It addition, above-mentioned TA and CA matches to perform external authentication and the side of communication encryption between above-described TA and CA Method, therefore, between beneficial effect and above-described TA and CA of the two, external authentication is identical with the method for communication encryption, herein No longer repeat.
The above, the only detailed description of the invention of the present invention, but protection scope of the present invention is not limited thereto, and any Those familiar with the art, in the technical scope that the invention discloses, can readily occur in change or replace, should contain Cover within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with described scope of the claims.

Claims (9)

1. external authentication and the method for communication encryption between TA and CA, it is characterised in that including:
Step S1, in CA, solidify multiple first key parameter, form the first key parameter table, solidify multiple second close in TA Key parameter, forms the second key parameter table, the first key parameter of solidification, number and order in CA, with solidification in TA Second key parameter, number are the most identical with order;
Step S2, CA initiate to obtain random number instruction to TA;
Step S3, TA receive the backward CA of instruction and return random number, and TA also preserves this random number simultaneously;
Random number is processed by step S4, CA, using result as the first key parameter sequence number, and at the first key parameter The exterior and the interior obtains the first key parameter that this first key parameter sequence number is corresponding;
Step S5, CA carry out computing to the first key parameter and obtain the first key value;
Step S6, CA use the first key value that random number is encrypted computing, obtain the first ciphertext, and the first ciphertext are sent To TA;
After step S7, TA receive the first ciphertext, the random number preserved in TA is processed, result is close as second Key parameter sequence number, and obtain, at the second key parameter the exterior and the interior, the second key parameter that this second key parameter sequence number is corresponding;
Step S8, TA carry out computing to the second key parameter and obtain the second key value;
Step S9, TA use the second key value that random number is encrypted computing, obtain the second ciphertext;
Step S10, in TA, the first ciphertext and the second ciphertext are compared;
Step S11, perform operation according to comparative result;
Wherein, if the first ciphertext and the second ciphertext are unequal, then external authentication failure;If the first ciphertext and the second ciphertext are equal, Then external authentication success, uses the key that the second key value communicates as this in TA, to CA return authentication result, uses in CA The key that first key value communicates as this.
Method the most according to claim 1, it is characterised in that in step S1, solidifies multiple first close in the code of CA Key parameter, forms the first key parameter table, solidifies multiple second key parameter, form the second key parameter in the code of TA Table.
Method the most according to claim 1, it is characterised in that the random number in step S3 is 8 bytes.
Method the most according to claim 1, it is characterised in that in step S4 and step S7, it is O that random number carries out pattern Process.
Method the most according to claim 1, it is characterised in that the first key parameter is carried out by step S5 P computing or Hash computing, carries out P computing or hash computing to the second key parameter in step S8.
Method the most according to claim 1, it is characterised in that in step S6 and step S9, uses symmetry algorithm at random Number is encrypted computing.
Method the most according to claim 6, it is characterised in that in step S6 and step S9, uses in symmetry algorithm DES-ECB algorithm is encrypted computing to random number.
8. a CA, it is characterised in that include the first key parameter table, instruction initiation module, the first random number process module, the One key parameter processing module and the first encrypting module;
Wherein, the first key parameter table is solidified with multiple first key parameter;
Instruction initiation module is for initiating to obtain random number instruction to TA;
Result, for processing the random number obtained from TA, is joined by the first random number process module as the first key Number sequence number, and obtain, at the first key parameter the exterior and the interior, the first key parameter that this first key parameter sequence number is corresponding;
First key parameter processing module obtains the first key value for the first key parameter is carried out computing;
First encrypting module, for using the first key value that random number is encrypted computing, obtains the first ciphertext, and by first Ciphertext is sent to TA.
9. a TA, it is characterised in that include the second key parameter table, random number generation module, the second random number process module, Ciphertext receiver module, the second key parameter processing module, the second encrypting module and comparison module;
Wherein, the second key parameter table is solidified with multiple second key parameter;
Random number generation module, for the acquisition random number instruction initiated according to CA, generates random number, random number is sent to CA, And oneself preserves random number;
Ciphertext receiver module is for receiving the first ciphertext that CA sends;
Second random number process module, for, after receiving the first ciphertext that CA sends, processing random number, will process Result is as the second key parameter sequence number, and obtain that this second key parameter sequence number is corresponding at the second key parameter the exterior and the interior second Key parameter;
Second key parameter processing module obtains the second key value for the second key parameter is carried out computing;
Second encrypting module, for using the second key value that random number is encrypted computing, obtains the second ciphertext;
Comparison module is for comparing the first ciphertext and the second ciphertext.
CN201610583200.3A 2016-07-21 2016-07-21 External authentication and the method for communication encryption, CA and TA between TA and CA Pending CN106209884A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610583200.3A CN106209884A (en) 2016-07-21 2016-07-21 External authentication and the method for communication encryption, CA and TA between TA and CA

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610583200.3A CN106209884A (en) 2016-07-21 2016-07-21 External authentication and the method for communication encryption, CA and TA between TA and CA

Publications (1)

Publication Number Publication Date
CN106209884A true CN106209884A (en) 2016-12-07

Family

ID=57491542

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610583200.3A Pending CN106209884A (en) 2016-07-21 2016-07-21 External authentication and the method for communication encryption, CA and TA between TA and CA

Country Status (1)

Country Link
CN (1) CN106209884A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107689868A (en) * 2017-09-12 2018-02-13 北京握奇智能科技有限公司 The communication means of client application and trusted application, device and terminal
CN109861809A (en) * 2019-02-20 2019-06-07 中国电子科技集团公司第三十研究所 A kind of random encipher-decipher method of grouping of functionization
CN115174125A (en) * 2022-09-07 2022-10-11 北京笔新互联网科技有限公司 Method and device for acquiring trusted true random number in trusted execution environment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101232369B (en) * 2007-01-22 2010-12-15 华为技术有限公司 Method and system for distributing cryptographic key in dynamic state host computer collocation protocol
CN103647653A (en) * 2013-12-24 2014-03-19 深圳国微技术有限公司 Certification and key agreement method between devices
CN103746805A (en) * 2013-12-05 2014-04-23 广东数字证书认证中心有限公司 External authentication key generation method and system
CN105743656A (en) * 2016-03-30 2016-07-06 国网山东省电力公司荣成市供电公司 Transformer substation monitoring system based on wireless sensor network
CN105743637A (en) * 2016-03-30 2016-07-06 国网山东省电力公司荣成市供电公司 Intelligent substation inspection system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101232369B (en) * 2007-01-22 2010-12-15 华为技术有限公司 Method and system for distributing cryptographic key in dynamic state host computer collocation protocol
CN103746805A (en) * 2013-12-05 2014-04-23 广东数字证书认证中心有限公司 External authentication key generation method and system
CN103647653A (en) * 2013-12-24 2014-03-19 深圳国微技术有限公司 Certification and key agreement method between devices
CN105743656A (en) * 2016-03-30 2016-07-06 国网山东省电力公司荣成市供电公司 Transformer substation monitoring system based on wireless sensor network
CN105743637A (en) * 2016-03-30 2016-07-06 国网山东省电力公司荣成市供电公司 Intelligent substation inspection system

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107689868A (en) * 2017-09-12 2018-02-13 北京握奇智能科技有限公司 The communication means of client application and trusted application, device and terminal
CN107689868B (en) * 2017-09-12 2021-09-07 北京握奇智能科技有限公司 Communication method and device for client application and trusted application and terminal
CN109861809A (en) * 2019-02-20 2019-06-07 中国电子科技集团公司第三十研究所 A kind of random encipher-decipher method of grouping of functionization
CN109861809B (en) * 2019-02-20 2022-03-18 中国电子科技集团公司第三十研究所 Practical grouping random encryption and decryption method
CN115174125A (en) * 2022-09-07 2022-10-11 北京笔新互联网科技有限公司 Method and device for acquiring trusted true random number in trusted execution environment

Similar Documents

Publication Publication Date Title
CN106788974B (en) Mask S box, grouping key calculation unit, device and corresponding construction method
CN109361507B (en) Data encryption method and encryption equipment
CN101511084B (en) Authentication and cipher key negotiation method of mobile communication system
CN101409619B (en) Flash memory card and method for implementing virtual special network key exchange
KR20170076742A (en) Efficient start-up for secured connections and related services
EP3410632B1 (en) Protection against relay attacks in a white-box implementation
CN103441839A (en) Method and system for using quantum cryptography in safe IP communication
CN105897748B (en) A kind of transmission method and equipment of symmetric key
CN103581173A (en) Safe data transmission method, system and device based on industrial Ethernet
CN111585759B (en) Efficient on-line and off-line encryption method based on SM9 public key encryption algorithm
CN103684787A (en) Encryption-decryption method and terminal of data pack based on network transmission
CN104378374A (en) SSL-based method and system for establishing communication
CN104993928A (en) Unmanned plane safe communication link encryption method based on real-time embedded control system
CN106453318A (en) Data transmission system and method based on security module
CN109995509B (en) Authentication key exchange method based on message recovery signature
US20140044262A1 (en) Low Latency Encryption and Authentication in Optical Transport Networks
US11368312B2 (en) Signature generation and verification system
CN106209884A (en) External authentication and the method for communication encryption, CA and TA between TA and CA
CN104092551B (en) Safe secret key transmission method based on RSA algorithm
CN113765662A (en) Signature and decryption method and system based on SM2 algorithm
CN109951273B (en) SM4 algorithm white box implementation method and device
CN103746805A (en) External authentication key generation method and system
CN104753682A (en) Generating system and method of session keys
US10700870B2 (en) Signature generation and verification system
CN109951501A (en) A kind of network packet encryption method, decryption method and relevant apparatus

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20161207