CN107294703A - A kind of mobile Internet instant messaging safe encryption method - Google Patents
A kind of mobile Internet instant messaging safe encryption method Download PDFInfo
- Publication number
- CN107294703A CN107294703A CN201610192910.3A CN201610192910A CN107294703A CN 107294703 A CN107294703 A CN 107294703A CN 201610192910 A CN201610192910 A CN 201610192910A CN 107294703 A CN107294703 A CN 107294703A
- Authority
- CN
- China
- Prior art keywords
- zrtp
- conversational responses
- message
- session setups
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The present invention relates to a kind of mobile Internet instant messaging safe encryption method, methods described includes:The privately owned common key of communication two party is set up based on ZRTP agreements;ZRTP session setups end information D0 is encrypted acquisition encryption information D1 according to the privately owned common key, and sends to ZRTP conversational responses end, wherein, described information D0 includes any file;The encryption information D1 is decrypted according to the privately owned common key for ZRTP conversational responses end, obtains described information D0;The method that the present invention is provided can be realized person to person's Direct Communication and can be realized as putting the safety communication of internuncial encryption independent of other conditions in mobile Internet in the communication process of social class.
Description
Technical field
The present invention relates to information security field, and in particular to a kind of mobile Internet instant messaging safe encryption method.
Background technology
One important need of internet communication is safety and privacy.It is ravesdropping, be stolen personal information, is one and all does daily
The thing of generation, is a great hidden danger of internet communication.
Security mechanism on internet is mainly realized by encrypting.The final goal of safety communication is that only communication two party exchange is believed
Breath, even if the data flow of any third party interception or stealing exchange, can not be decrypted.
The good solution of communication neither one between people and people (between mobile phone and mobile phone).Usual way is by clothes
Device is engaged in accomplish, but server can be broken, and can be compromised.Not by server, point-to-point encryption is safe logical to realize
News are a reliable directions.Wherein, OTR agreements and ZRTP agreements are proposed for non real-time communication and real-time communication respectively
Scheme.
One major issue of point-to-point encryption is to prevent go-between from pretending to be.What OTR agreements significantly limit that go-between pretends to be can
Can, but if communication two party is not or not a place, OTR agreements, which can not be effectively accomplished, prevents internuncial purpose.In order to
This purpose is reached, ZRTP has used a password to compare mechanism.The password of point-to-point encryption is random by DH exchange generations.
Password can only be produced in the both sides of exchange.If both call sides have different password, but can converse, illustrate there is go-between.
Therefore, the call of real encryption anti-eavesdrop needs both call sides to verify password.Because password is very long, 4 are produced in ZRTP agreements
Individual alphabetical password breathes out western code.Only need to proofread whether both sides there are 4 same letters just can be can reach in preventing
Between people purpose.But ZRTP designs for speech communication.It is not directly applicable to picture, the encrypted transmission such as word.Institute
So that internuncial immediate news systems and method are prevented in the reliable point-to-point encryption of neither one so far.
The content of the invention
The present invention provides a kind of mobile Internet instant messaging safe encryption method, and the purpose is to the social class in mobile Internet
In communication process, realize person to person's Direct Communication and can be realized as putting the safety communication of internuncial encryption independent of other conditions.
The purpose of the present invention is realized using following technical proposals:
A kind of mobile Internet instant messaging safe encryption method, it is theed improvement is that, including:
The privately owned common key of communication two party is set up based on ZRTP agreements;
ZRTP session setups end information D0 is encrypted acquisition encryption information D1 according to the privately owned common key, and sends extremely
ZRTP conversational responses end, wherein, described information D0 includes any file;
The encryption information D1 is decrypted according to the privately owned common key for ZRTP conversational responses end, obtains described information D0.
It is preferred that, any file includes:Image file, audio file, video file and text file.
It is preferred that, it is described the privately owned common key of communication two party is set up based on ZRTP agreements to include:
RTP sessions are set up in the ZRTP session setups end with the ZRTP conversational responses end, mutually send Hello message to logical
News connection is initialized, and carries out response to Correspondent Node by the way of HelloACK message is returned;
The ZRTP session setups end generates Commit message according to the Hello message at the ZRTP conversational responses end, and by institute
Commit message is stated to send to the ZRTP conversational responses end;
The ZRTP conversational responses end carries out DH with the ZRTP conversational responses end and exchanged, and determines that the communication two party is privately owned common
Same key.
Further, RTP sessions are set up in the ZRTP session setups end with ZRTP conversational responses end, mutually send Hello and disappear
Breath is initialized to communication connection, including:
The ZRTP session setups end sends the Hello message at the ZRTP session setups end to the ZRTP conversational responses end,
If ZRTP agreements are supported at the ZRTP conversational responses end, by the HelloACK message at the ZRTP conversational responses end send to
The ZRTP session setups end, and the Hello message at the ZRTP conversational responses end is sent to the ZRTP session setups end,
The ZRTP session setups termination is received after the Hello message at the ZRTP conversational responses end, by the ZRTP session setups end
HelloACK message send to the ZRTP conversational responses end;
Wherein, the Hello message includes:ZRTP support protocol version, AES Cipher, digest algorithm hash,
SAS algorithms, public key type pkt and ZID, the ZID is 96bit random number, in the local common of communication two ends
Enjoy secret value rs1 and rs2 and SRTP configuration information srtps.
Further, the Commit message includes:The Hello message at the ZRTP conversational responses end supports information and local
Hello message supports the common factor of information.
Further, the ZRTP session setups end is exchanged with ZRTP conversational responses end progress DH, including:
The DHpart1 at the ZRTP conversational responses end is sent to the ZRTP session setups end, wherein, the ZRTP sessions
The DHpart1 of responder includes:
The private key pvr1=g at the ZRTP conversational responses endsvr1Mod p, wherein, p is prime number, and g is original with svr1 for p's
For the random number at the ZRTP conversational responses end;
The local shared secret value rs1 that the ZRTP conversational responses end is calculated using character string " Responder " is based on hash
Message authentication code rslIDr=HMAC (rs1, " Responder ");
The local shared secret value rs2 that the ZRTP conversational responses end is calculated using character string " Responder " is based on hash
Message authentication code rs2IDr=HMAC (rs2, " Responder ");
Message of the signaling information sigs based on hash that the ZRTP conversational responses end is calculated using character string " Responder " is recognized
Demonstrate,prove code sigsIDr=HMAC (sigs, " Responder ");
Message of the SRTP configuration informations based on hash that the ZRTP conversational responses end is calculated using character string " Responder " is recognized
Demonstrate,prove code srtpsIDr=HMAC (srtps, " Responder ");
The other information for the increase key complexity that the ZRTP conversational responses end is calculated using character string " Responder "
Other_secret based on hash message authentication code other_secretIDr=HMAC (other_secret,
“Responder”);
The ZRTP session setups termination is received after the DHpart1, and the value to pvr1 is checked, if pvr1 is 1 or is
P-1, then terminate ZRTP sessions, if pvr1 is not 1 or is p-1, the ZRTP session setups end is by its corresponding DHpart2
Send to the ZRTP conversational responses end, wherein, the DHpart2 includes:
The private key pvr2=g at the ZRTP session setups endsvr2mod p;
The local shared secret value rs1 that the ZRTP session setups end is calculated using character string " Initiator " is based on hash
Message authentication code rslIDr=HMAC (rs1, " Initiator ");
The local shared secret value rs2 that the ZRTP session setups end is calculated using character string " Initiator " is based on hash
Message authentication code rs2IDi=HMAC (rs2, " Initiator ");
Message of the signaling information sigs based on hash that the ZRTP session setups end is calculated using character string " Initiator " is recognized
Demonstrate,prove code sigsIDi=HMAC (sigs, " Initiator ");
Message of the SRTP configuration informations based on hash that the ZRTP session setups end is calculated using character string " Initiator " is recognized
Demonstrate,prove code srtpsIDi=HMAC (srtps, " Initiator ");
The other information for the increase key complexity that the ZRTP session setups end is calculated using character string " Initiator "
Other_secret based on hash message authentication code other_secretIDi=HMAC (other_secret,
“Initiator”)。
Further, the ZRTP session setups end determines the privately owned common key of the communication two party in the steps below:
DHSS1=hash (pvr1svr1mod p) (1)
In formula (1), DHSS1 is the privately owned shared key at the ZRTP session setups end;
The ZRTP conversational responses end determines the privately owned common key of the communication two party in the steps below:
DHSS2=hash (pvr2svr2mod p) (2)
In formula (2), DHSS2 is the privately owned shared key at the ZRTP session setups end;
Wherein, DHSS1=DHSS2.
It is preferred that, the ZRTP session setups end passes through AES encryption algorithm or md5 encryption algorithm according to the privately owned common key
Information D0 is encrypted acquisition encryption information D1.
Beneficial effects of the present invention:
A kind of mobile Internet instant messaging safe encryption method that the present invention is provided, it is mobile eventually based on the generation of ZRTP communication protocols
End and the shared key of mobile terminal, communicating pair is by the shared key to files such as transmission image, audio, video and words
It is encrypted and decrypted, it is achieved thereby that person to person's Direct Communication and can be realized as putting internuncial encryption independent of other conditions
Safety communication, improve the reliability and safety of communication process.
Brief description of the drawings
Fig. 1 is a kind of flow chart of mobile Internet instant messaging safe encryption method of the invention;
Fig. 2 is to set up shared key process schematic based on ZRTP in the embodiment of the present invention.
Embodiment
The embodiment to the present invention elaborates below in conjunction with the accompanying drawings.
To make the purpose, technical scheme and advantage of the embodiment of the present invention clearer, below in conjunction with attached in the embodiment of the present invention
Figure, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is the present invention
A part of embodiment, rather than whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art are not having
The all other embodiment obtained under the premise of creative work is made, the scope of protection of the invention is belonged to.
A kind of mobile Internet instant messaging safe encryption method that the present invention is provided, as shown in figure 1, including:
Step (1) sets up the privately owned common key of communication two party based on ZRTP agreements;
Step (2) ZRTP session setups end information D0 is encrypted acquisition encryption information D1 according to the privately owned common key,
And send to ZRTP conversational responses end, wherein, described information D0 includes any file;
The encryption information D1 is decrypted according to the privately owned common key for step (3) ZRTP conversational responses end, obtains institute
State information D0.
Wherein, any file includes:Image file, audio file, video file and text file.
Specifically, as shown in Fig. 2 described set up the privately owned common key of communication two party based on ZRTP agreements and include 3 stages:
Discovery phase, key agreement phase, shared key confirmation, wherein:
First, RTP sessions are set up in discovery phase, the ZRTP session setups end with the ZRTP conversational responses end, mutually send
Hello message is initialized to communication connection, and carries out response to Correspondent Node by the way of HelloACK message is returned;
The ZRTP session setups end sends the Hello message at the ZRTP session setups end to the ZRTP conversational responses end,
If ZRTP agreements are supported at the ZRTP conversational responses end, by the HelloACK message at the ZRTP conversational responses end send to
The ZRTP session setups end, and the Hello message at the ZRTP conversational responses end is sent to the ZRTP session setups end,
The ZRTP session setups termination is received after the Hello message at the ZRTP conversational responses end, by the ZRTP session setups end
HelloACK message send to the ZRTP conversational responses end;
Wherein, the Hello message includes:ZRTP support protocol version, AES Cipher, digest algorithm hash,
SAS algorithms, public key type pkt and ZID, the ZID is 96bit random number, in the local common of communication two ends
Enjoy secret value rs1 and rs2 and SRTP configuration information srtps.
In discovery phase, when the both sides of communication set up RTP sessions, ZRTP inject ZRTP using meeting into RTP packets
Information, first to Correspondent Node send Hello message to connection initialize, included in Hello message in have ZRTP
The protocol version supported, AES Cipher, digest algorithm hash, SAS algorithm, public key type pkt and ZID etc.,
ZID is 96bit random number, there is two effects:On the one hand it is used to protect after the local identification last session at communication two ends
Shared key rs1, rs2 and SRTP configuration information srtps, srtps that stay calculation formula is:Srtps=hash (SRTP
Master key | | SRTP master salt), if two kinds of shared keys in formula are not present, replaced with random number,
On the other hand the ZRTP connections being also used for this are marked.When receiving terminal with HelloAck carries out response to Hello message,
Expression, which is controlled oneself, supports ZRTP agreements, then allows transmitting terminal to send the Hello message controlled oneself, is disappeared in transmitting terminal by HelloAck
Cease after response, discovery phase terminates.
2nd, key agreement phase, the ZRTP session setups end is generated according to the Hello message at the ZRTP conversational responses end
Commit message, and the Commit message is sent to the ZRTP conversational responses end, the ZRTP conversational responses end with
The ZRTP conversational responses end carries out DH exchanges, and determines the privately owned common key of the communication two party.
The Commit message includes:The Hello message at the ZRTP conversational responses end supports information and local Hello message
Support the common factor of information.
The ZRTP session setups end carries out DH with the ZRTP conversational responses end and exchanged, including:
The DHpart1 at the ZRTP conversational responses end is sent to the ZRTP session setups end, wherein, the ZRTP sessions
The DHpart1 of responder includes:
The private key pvr1=g at the ZRTP conversational responses endsvr1Mod p, wherein, p is prime number, and g is original with svr1 for p's
For the random number at the ZRTP conversational responses end;
The local shared secret value rs1 that the ZRTP conversational responses end is calculated using character string " Responder " is based on hash
Message authentication code rslIDr=HMAC (rs1, " Responder ");
The local shared secret value rs2 that the ZRTP conversational responses end is calculated using character string " Responder " is based on hash
Message authentication code rs2IDr=HMAC (rs2, " Responder ");
Message of the signaling information sigs based on hash that the ZRTP conversational responses end is calculated using character string " Responder " is recognized
Demonstrate,prove code sigsIDr=HMAC (sigs, " Responder ");
Message of the SRTP configuration informations based on hash that the ZRTP conversational responses end is calculated using character string " Responder " is recognized
Demonstrate,prove code srtpsIDr=HMAC (srtps, " Responder ");
The other information for the increase key complexity that the ZRTP conversational responses end is calculated using character string " Responder "
Other_secret based on hash message authentication code other_secretIDr=HMAC (other_secret,
“Responder”);
The ZRTP session setups termination is received after the DHpart1, and the value to pvr1 is checked, if pvr1 is 1 or is
P-1, then terminate ZRTP sessions, if pvr1 is not 1 or is p-1, the ZRTP session setups end is by its corresponding DHpart2
Send to the ZRTP conversational responses end, wherein, the DHpart2 includes:
The private key pvr2=g at the ZRTP session setups endsvr2mod p;
The local shared secret value rs1 that the ZRTP session setups end is calculated using character string " Initiator " is based on hash
Message authentication code rslIDr=HMAC (rs1, " Initiator ");
The local shared secret value rs2 that the ZRTP session setups end is calculated using character string " Initiator " is based on hash
Message authentication code rs2IDi=HMAC (rs2, " Initiator ");
Message of the signaling information sigs based on hash that the ZRTP session setups end is calculated using character string " Initiator " is recognized
Demonstrate,prove code sigsIDi=HMAC (sigs, " Initiator ");
Message of the SRTP configuration informations based on hash that the ZRTP session setups end is calculated using character string " Initiator " is recognized
Demonstrate,prove code srtpsIDi=HMAC (srtps, " Initiator ");
The other information for the increase key complexity that the ZRTP session setups end is calculated using character string " Initiator "
Other_secret based on hash message authentication code other_secretIDi=HMAC (other_secret,
“Initiator”)。
The ZRTP session setups end determines the privately owned common key of the communication two party in the steps below:
DHSS1=hash (pvr1svr1mod p) (1)
In formula (1), DHSS1 is the privately owned shared key at the ZRTP session setups end;
The ZRTP conversational responses end determines the privately owned common key of the communication two party in the steps below:
DHSS2=hash (pvr2svr2mod p) (2)
In formula (2), DHSS2 is the privately owned shared key at the ZRTP session setups end;
Wherein, DHSS1=DHSS2.
In key agreement phase, the promoter of DH exchange process is referred to as " Initiator ", and corresponding the opposing party turns into
ZRTP session setups end is Initiator in " Responder ", Fig. 2, and ZRTP conversational responses end is Responder, is obtained
After the shared key DHSS of communicating pair, in addition it is also necessary to calculate HMAC sequences, each value in DHpart1 and DHpart2 is judged
Whether match, first (rs1IDr, rs2IDr, sigsIDr, srtpsIDr, the other_secretIDr) in DHPart1 message is made
For set E, recycle formula rs1IDr=HMAC (rs1, " Responder ") computational methods calculate 5 shared key values pair
The HMAC answered, result of calculation is used as set F.Set E and set F common factor is removed as the shared key of communicating pair.For
The value that two set Zhong Bu areas match somebody with somebody then abandons and supplements Null replacements, so can be obtained by 5 different shared keys in source.
Arranged by numerical values recited ascending order 5 shared key values are finally connected together to the shared key for obtaining this session with DHSS,
Calculation formula be s0=hash (DHSS | | s1 | | s2 | | s3 | | s4 | | s5), DHPart2 message is similarly;
In ZRTP communication protocols, in addition to shared key determines the stage, in the main task in this stage is derived for SRTP
Master key and the master salt of connection, and renewal is stored in two local shared keys, master key and master
Salt calculation formula is as follows:
Srtpkeyi=HMAC (s0, " Initiator SRTP master key ")
Srtpsalti=HMAC (s0, " Initiator SRTP master salt ")
Srtpkeyr=HMAC (s0, " Responder SRTP master key ")
Srtpsaltr=HMAC (s0, " Responder SRTP master salt ")
Wherein srtpkeyi and srtpsalti are the master key and master used in B in this unidirectional connection from B to A
Salt, srtpkeyr and srtpsaltr are the master key and master used in A in this unidirectional connection from A to B
salt.There are master key and master salt, it is possible to derive SRTP using previously described key derivation method
Session key, and then complete the interim common key that communication two party just has.
A kind of privately owned common key side of utilization communicating pair for mobile Internet instant messaging safe encryption method that the present invention is provided
Face, can carry out encryption and decryption to transmission information using AES encryption algorithm or md5 encryption algorithm and obtain encryption information.
Finally it should be noted that:The above embodiments are merely illustrative of the technical scheme of the present invention and are not intended to be limiting thereof, although reference
The present invention is described in detail above-described embodiment, those of ordinary skills in the art should understand that:Still can be to this
The embodiment of invention is modified or equivalent substitution, and any modification without departing from spirit and scope of the invention or is waited
With replacing, it all should cover within the claims of the present invention.
Claims (8)
1. a kind of mobile Internet instant messaging safe encryption method, it is characterised in that methods described includes:
The privately owned common key of communication two party is set up based on ZRTP agreements;
ZRTP session setups end information D0 is encrypted acquisition encryption information D1 according to the privately owned common key, and sends extremely
ZRTP conversational responses end, wherein, described information D0 includes any file;
The encryption information D1 is decrypted according to the privately owned common key for ZRTP conversational responses end, obtains described information D0.
2. the method as described in claim 1, it is characterised in that any file includes:Image file, audio file,
Video file and text file.
3. the method as described in claim 1, it is characterised in that described to set up privately owned common of communication two party based on ZRTP agreements
Key includes:
RTP sessions are set up in the ZRTP session setups end with the ZRTP conversational responses end, mutually send Hello message to logical
News connection is initialized, and carries out response to Correspondent Node by the way of HelloACK message is returned;
The ZRTP session setups end generates Commit message according to the Hello message at the ZRTP conversational responses end, and by institute
Commit message is stated to send to the ZRTP conversational responses end;
The ZRTP conversational responses end carries out DH with the ZRTP conversational responses end and exchanged, and determines that the communication two party is privately owned common
Same key.
4. method as claimed in claim 3, it is characterised in that the ZRTP session setups end is built with ZRTP conversational responses end
Vertical RTP sessions, mutually send Hello message and communication connection are initialized, including:
The ZRTP session setups end sends the Hello message at the ZRTP session setups end to the ZRTP conversational responses end,
If ZRTP agreements are supported at the ZRTP conversational responses end, by the HelloACK message at the ZRTP conversational responses end send to
The ZRTP session setups end, and the Hello message at the ZRTP conversational responses end is sent to the ZRTP session setups end,
The ZRTP session setups termination is received after the Hello message at the ZRTP conversational responses end, by the ZRTP session setups end
HelloACK message send to the ZRTP conversational responses end;
Wherein, the Hello message includes:ZRTP support protocol version, AES Cipher, digest algorithm hash,
SAS algorithms, public key type pkt and ZID;The ZID is 96bit random number, in the local common of communication two ends
Enjoy secret value rs1 and rs2 and SRTP configuration information srtps.
5. method as claimed in claim 3, it is characterised in that the Commit message includes:The ZRTP conversational responses
The Hello message at end supports information to support the common factor of information with local Hello message.
6. method as claimed in claim 3, it is characterised in that the ZRTP session setups end and the ZRTP conversational responses
End carries out DH exchanges, including:
The DHpart1 at the ZRTP conversational responses end is sent to the ZRTP session setups end, wherein, the ZRTP sessions
The DHpart1 of responder includes:
The private key pvr1=g at the ZRTP conversational responses endsvr1Mod p, wherein, p is prime number, and g is original with svr1 for p's
For the random number at the ZRTP conversational responses end;
The local shared secret value rs1 that the ZRTP conversational responses end is calculated using character string " Responder " is based on hash
Message authentication code rslIDr=HMAC (rs1, " Responder ");
The local shared secret value rs2 that the ZRTP conversational responses end is calculated using character string " Responder " is based on hash
Message authentication code rs2IDr=HMAC (rs2, " Responder ");
Message of the signaling information sigs based on hash that the ZRTP conversational responses end is calculated using character string " Responder " is recognized
Demonstrate,prove code sigsIDr=HMAC (sigs, " Responder ");
Message of the SRTP configuration informations based on hash that the ZRTP conversational responses end is calculated using character string " Responder " is recognized
Demonstrate,prove code srtpsIDr=HMAC (srtps, " Responder ");
The other information for the increase key complexity that the ZRTP conversational responses end is calculated using character string " Responder "
Other_secret based on hash message authentication code other_secretIDr=HMAC (other_secret,
“Responder”);
The ZRTP session setups termination is received after the DHpart1, and the value to pvr1 is checked, if pvr1 is 1 or is
P-1, then terminate ZRTP sessions, if pvr1 is not 1 or is p-1, the ZRTP session setups end is by its corresponding DHpart2
Send to the ZRTP conversational responses end, wherein, the DHpart2 includes:
The private key pvr2=g at the ZRTP session setups endsvr2mod p;
The local shared secret value rs1 that the ZRTP session setups end is calculated using character string " Initiator " is based on hash
Message authentication code rslIDr=HMAC (rs1, " Initiator ");
The local shared secret value rs2 that the ZRTP session setups end is calculated using character string " Initiator " is based on hash
Message authentication code rs2IDi=HMAC (rs2, " Initiator ");
Message of the signaling information sigs based on hash that the ZRTP session setups end is calculated using character string " Initiator " is recognized
Demonstrate,prove code sigsIDi=HMAC (sigs, " Initiator ");
Message of the SRTP configuration informations based on hash that the ZRTP session setups end is calculated using character string " Initiator " is recognized
Demonstrate,prove code srtpsIDi=HMAC (srtps, " Initiator ");
The other information for the increase key complexity that the ZRTP session setups end is calculated using character string " Initiator "
Other_secret based on hash message authentication code other_secretIDi=HMAC (other_secret,
“Initiator”)。
7. method as claimed in claim 3, it is characterised in that the ZRTP session setups end determines described logical in the steps below
Interrogate the privately owned common key of both sides:
DHSS1=hash (pvr1svr1mod p) (1)
In formula (1), DHSS1 is the privately owned shared key at the ZRTP session setups end;
The ZRTP conversational responses end determines the privately owned common key of the communication two party in the steps below:
DHSS2=hash (pvr2svr2mod p) (2)
In formula (2), DHSS2 is the privately owned shared key at the ZRTP session setups end;
Wherein, DHSS1=DHSS2.
8. the method as described in claim 1, it is characterised in that the ZRTP session setups end is according to the privately owned common key
Acquisition encryption information D1 information D0 is encrypted by AES encryption algorithm or md5 encryption algorithm.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610192910.3A CN107294703A (en) | 2016-03-30 | 2016-03-30 | A kind of mobile Internet instant messaging safe encryption method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610192910.3A CN107294703A (en) | 2016-03-30 | 2016-03-30 | A kind of mobile Internet instant messaging safe encryption method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107294703A true CN107294703A (en) | 2017-10-24 |
Family
ID=60086666
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610192910.3A Withdrawn CN107294703A (en) | 2016-03-30 | 2016-03-30 | A kind of mobile Internet instant messaging safe encryption method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107294703A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111953631A (en) * | 2019-05-14 | 2020-11-17 | 苏州会信捷信息科技有限公司 | Method and system for safely encrypting mobile internet communication instant message |
CN115277157A (en) * | 2022-07-22 | 2022-11-01 | 太原理工大学 | Efficient authentication key exchange method based on out-of-band channel |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070157026A1 (en) * | 2005-07-27 | 2007-07-05 | Zimmermann Philip R | Method and system for key management in voice over internet protocol |
CN102098397A (en) * | 2011-02-28 | 2011-06-15 | 北京交通大学 | Realization method of VoIP (Voice-over-IP) media stream trusted transmission based on Zimmermann Real-Time Transport Protocol key exchange |
US20110194696A1 (en) * | 2009-09-08 | 2011-08-11 | Information Assurance Specialists, Inc. | Secure protocol terminal adapter |
CN105141568A (en) * | 2014-05-28 | 2015-12-09 | 腾讯科技(深圳)有限公司 | Safe communication channel establishment method and system, client and server |
-
2016
- 2016-03-30 CN CN201610192910.3A patent/CN107294703A/en not_active Withdrawn
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070157026A1 (en) * | 2005-07-27 | 2007-07-05 | Zimmermann Philip R | Method and system for key management in voice over internet protocol |
US20110194696A1 (en) * | 2009-09-08 | 2011-08-11 | Information Assurance Specialists, Inc. | Secure protocol terminal adapter |
CN102098397A (en) * | 2011-02-28 | 2011-06-15 | 北京交通大学 | Realization method of VoIP (Voice-over-IP) media stream trusted transmission based on Zimmermann Real-Time Transport Protocol key exchange |
CN105141568A (en) * | 2014-05-28 | 2015-12-09 | 腾讯科技(深圳)有限公司 | Safe communication channel establishment method and system, client and server |
Non-Patent Citations (1)
Title |
---|
邓成军: ""基于SRTP和ZRTP协议的语音加密传输技术研究"", 《东南大学硕士学位论文》 * |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111953631A (en) * | 2019-05-14 | 2020-11-17 | 苏州会信捷信息科技有限公司 | Method and system for safely encrypting mobile internet communication instant message |
CN115277157A (en) * | 2022-07-22 | 2022-11-01 | 太原理工大学 | Efficient authentication key exchange method based on out-of-band channel |
CN115277157B (en) * | 2022-07-22 | 2023-11-14 | 太原理工大学 | Efficient authentication key exchange method based on out-of-band channel |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN103338215B (en) | The method setting up TLS passage based on the close algorithm of state | |
US7730309B2 (en) | Method and system for key management in voice over internet protocol | |
US8644515B2 (en) | Display authenticated security association | |
CN106164922B (en) | Self-organizing one-time pairing of remote devices using online audio fingerprinting | |
CN103974241B (en) | A kind of sound end-to-end encryption method towards android system mobile terminal | |
US20040073795A1 (en) | Systems and methods for password-based connection | |
CN102547688B (en) | Virtual-dedicated-channel-based establishment method for high-credibility mobile security communication channel | |
US20080077795A1 (en) | Method and apparatus for two-way authentication without nonces | |
CN108599926B (en) | HTTP-Digest improved AKA identity authentication system and method based on symmetric key pool | |
CN112425136A (en) | Internet of things security using multi-party computing (MPC) | |
CN109347626B (en) | Safety identity authentication method with anti-tracking characteristic | |
CN110635901B (en) | Local Bluetooth dynamic authentication method and system for Internet of things equipment | |
CN110519300A (en) | Client key method for secure storing based on password bidirectional authentication | |
CN110048849A (en) | A kind of session cipher negotiating method of multilayer protection | |
CN109951513A (en) | Anti- quantum calculation wired home quantum cloud storage method and system based on quantum key card | |
CN113572741A (en) | Method for realizing safe data transmission based on SM2-SM3-SM4 algorithm | |
WO2016082401A1 (en) | Conversation method and apparatus, user terminal and computer storage medium | |
CN108616350B (en) | HTTP-Digest class AKA identity authentication system and method based on symmetric key pool | |
CN105141629A (en) | Method for improving network security of public Wi-Fi based on WPA/WPA2 PSK multiple passwords | |
CN113507372A (en) | Bidirectional authentication method for interface request | |
CN106230840B (en) | A kind of command identifying method of high security | |
CN107294703A (en) | A kind of mobile Internet instant messaging safe encryption method | |
CN106209384B (en) | Use the client terminal of security mechanism and the communication authentication method of charging unit | |
CN109309648A (en) | A kind of method and apparatus of information transmission | |
CN107104888A (en) | A kind of safe instant communicating method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information |
Address after: 210019 Building No. 4, Jiaye International City, 158 Lushan Road, Jianye District, Nanjing City, Jiangsu Province, 1904 Applicant after: Nanjing Zhenxin Network Technology Co., Ltd. Address before: 210019 Building No. 4, Jiaye International City, 158 Lushan Road, Jianye District, Nanjing City, Jiangsu Province, 1904 Applicant before: Nanjing Hao Zhen Xin Network Technology Co., Ltd. |
|
CB02 | Change of applicant information | ||
WW01 | Invention patent application withdrawn after publication |
Application publication date: 20171024 |
|
WW01 | Invention patent application withdrawn after publication |