CN107294703A - A kind of mobile Internet instant messaging safe encryption method - Google Patents

A kind of mobile Internet instant messaging safe encryption method Download PDF

Info

Publication number
CN107294703A
CN107294703A CN201610192910.3A CN201610192910A CN107294703A CN 107294703 A CN107294703 A CN 107294703A CN 201610192910 A CN201610192910 A CN 201610192910A CN 107294703 A CN107294703 A CN 107294703A
Authority
CN
China
Prior art keywords
zrtp
conversational responses
message
session setups
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN201610192910.3A
Other languages
Chinese (zh)
Inventor
王海拉
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Hao Zhen Xin Network Technology Co Ltd
Original Assignee
Nanjing Hao Zhen Xin Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Hao Zhen Xin Network Technology Co Ltd filed Critical Nanjing Hao Zhen Xin Network Technology Co Ltd
Priority to CN201610192910.3A priority Critical patent/CN107294703A/en
Publication of CN107294703A publication Critical patent/CN107294703A/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The present invention relates to a kind of mobile Internet instant messaging safe encryption method, methods described includes:The privately owned common key of communication two party is set up based on ZRTP agreements;ZRTP session setups end information D0 is encrypted acquisition encryption information D1 according to the privately owned common key, and sends to ZRTP conversational responses end, wherein, described information D0 includes any file;The encryption information D1 is decrypted according to the privately owned common key for ZRTP conversational responses end, obtains described information D0;The method that the present invention is provided can be realized person to person's Direct Communication and can be realized as putting the safety communication of internuncial encryption independent of other conditions in mobile Internet in the communication process of social class.

Description

A kind of mobile Internet instant messaging safe encryption method
Technical field
The present invention relates to information security field, and in particular to a kind of mobile Internet instant messaging safe encryption method.
Background technology
One important need of internet communication is safety and privacy.It is ravesdropping, be stolen personal information, is one and all does daily The thing of generation, is a great hidden danger of internet communication.
Security mechanism on internet is mainly realized by encrypting.The final goal of safety communication is that only communication two party exchange is believed Breath, even if the data flow of any third party interception or stealing exchange, can not be decrypted.
The good solution of communication neither one between people and people (between mobile phone and mobile phone).Usual way is by clothes Device is engaged in accomplish, but server can be broken, and can be compromised.Not by server, point-to-point encryption is safe logical to realize News are a reliable directions.Wherein, OTR agreements and ZRTP agreements are proposed for non real-time communication and real-time communication respectively Scheme.
One major issue of point-to-point encryption is to prevent go-between from pretending to be.What OTR agreements significantly limit that go-between pretends to be can Can, but if communication two party is not or not a place, OTR agreements, which can not be effectively accomplished, prevents internuncial purpose.In order to This purpose is reached, ZRTP has used a password to compare mechanism.The password of point-to-point encryption is random by DH exchange generations. Password can only be produced in the both sides of exchange.If both call sides have different password, but can converse, illustrate there is go-between. Therefore, the call of real encryption anti-eavesdrop needs both call sides to verify password.Because password is very long, 4 are produced in ZRTP agreements Individual alphabetical password breathes out western code.Only need to proofread whether both sides there are 4 same letters just can be can reach in preventing Between people purpose.But ZRTP designs for speech communication.It is not directly applicable to picture, the encrypted transmission such as word.Institute So that internuncial immediate news systems and method are prevented in the reliable point-to-point encryption of neither one so far.
The content of the invention
The present invention provides a kind of mobile Internet instant messaging safe encryption method, and the purpose is to the social class in mobile Internet In communication process, realize person to person's Direct Communication and can be realized as putting the safety communication of internuncial encryption independent of other conditions.
The purpose of the present invention is realized using following technical proposals:
A kind of mobile Internet instant messaging safe encryption method, it is theed improvement is that, including:
The privately owned common key of communication two party is set up based on ZRTP agreements;
ZRTP session setups end information D0 is encrypted acquisition encryption information D1 according to the privately owned common key, and sends extremely ZRTP conversational responses end, wherein, described information D0 includes any file;
The encryption information D1 is decrypted according to the privately owned common key for ZRTP conversational responses end, obtains described information D0.
It is preferred that, any file includes:Image file, audio file, video file and text file.
It is preferred that, it is described the privately owned common key of communication two party is set up based on ZRTP agreements to include:
RTP sessions are set up in the ZRTP session setups end with the ZRTP conversational responses end, mutually send Hello message to logical News connection is initialized, and carries out response to Correspondent Node by the way of HelloACK message is returned;
The ZRTP session setups end generates Commit message according to the Hello message at the ZRTP conversational responses end, and by institute Commit message is stated to send to the ZRTP conversational responses end;
The ZRTP conversational responses end carries out DH with the ZRTP conversational responses end and exchanged, and determines that the communication two party is privately owned common Same key.
Further, RTP sessions are set up in the ZRTP session setups end with ZRTP conversational responses end, mutually send Hello and disappear Breath is initialized to communication connection, including:
The ZRTP session setups end sends the Hello message at the ZRTP session setups end to the ZRTP conversational responses end, If ZRTP agreements are supported at the ZRTP conversational responses end, by the HelloACK message at the ZRTP conversational responses end send to The ZRTP session setups end, and the Hello message at the ZRTP conversational responses end is sent to the ZRTP session setups end, The ZRTP session setups termination is received after the Hello message at the ZRTP conversational responses end, by the ZRTP session setups end HelloACK message send to the ZRTP conversational responses end;
Wherein, the Hello message includes:ZRTP support protocol version, AES Cipher, digest algorithm hash, SAS algorithms, public key type pkt and ZID, the ZID is 96bit random number, in the local common of communication two ends Enjoy secret value rs1 and rs2 and SRTP configuration information srtps.
Further, the Commit message includes:The Hello message at the ZRTP conversational responses end supports information and local Hello message supports the common factor of information.
Further, the ZRTP session setups end is exchanged with ZRTP conversational responses end progress DH, including:
The DHpart1 at the ZRTP conversational responses end is sent to the ZRTP session setups end, wherein, the ZRTP sessions The DHpart1 of responder includes:
The private key pvr1=g at the ZRTP conversational responses endsvr1Mod p, wherein, p is prime number, and g is original with svr1 for p's For the random number at the ZRTP conversational responses end;
The local shared secret value rs1 that the ZRTP conversational responses end is calculated using character string " Responder " is based on hash Message authentication code rslIDr=HMAC (rs1, " Responder ");
The local shared secret value rs2 that the ZRTP conversational responses end is calculated using character string " Responder " is based on hash Message authentication code rs2IDr=HMAC (rs2, " Responder ");
Message of the signaling information sigs based on hash that the ZRTP conversational responses end is calculated using character string " Responder " is recognized Demonstrate,prove code sigsIDr=HMAC (sigs, " Responder ");
Message of the SRTP configuration informations based on hash that the ZRTP conversational responses end is calculated using character string " Responder " is recognized Demonstrate,prove code srtpsIDr=HMAC (srtps, " Responder ");
The other information for the increase key complexity that the ZRTP conversational responses end is calculated using character string " Responder " Other_secret based on hash message authentication code other_secretIDr=HMAC (other_secret, “Responder”);
The ZRTP session setups termination is received after the DHpart1, and the value to pvr1 is checked, if pvr1 is 1 or is P-1, then terminate ZRTP sessions, if pvr1 is not 1 or is p-1, the ZRTP session setups end is by its corresponding DHpart2 Send to the ZRTP conversational responses end, wherein, the DHpart2 includes:
The private key pvr2=g at the ZRTP session setups endsvr2mod p;
The local shared secret value rs1 that the ZRTP session setups end is calculated using character string " Initiator " is based on hash Message authentication code rslIDr=HMAC (rs1, " Initiator ");
The local shared secret value rs2 that the ZRTP session setups end is calculated using character string " Initiator " is based on hash Message authentication code rs2IDi=HMAC (rs2, " Initiator ");
Message of the signaling information sigs based on hash that the ZRTP session setups end is calculated using character string " Initiator " is recognized Demonstrate,prove code sigsIDi=HMAC (sigs, " Initiator ");
Message of the SRTP configuration informations based on hash that the ZRTP session setups end is calculated using character string " Initiator " is recognized Demonstrate,prove code srtpsIDi=HMAC (srtps, " Initiator ");
The other information for the increase key complexity that the ZRTP session setups end is calculated using character string " Initiator " Other_secret based on hash message authentication code other_secretIDi=HMAC (other_secret, “Initiator”)。
Further, the ZRTP session setups end determines the privately owned common key of the communication two party in the steps below:
DHSS1=hash (pvr1svr1mod p) (1)
In formula (1), DHSS1 is the privately owned shared key at the ZRTP session setups end;
The ZRTP conversational responses end determines the privately owned common key of the communication two party in the steps below:
DHSS2=hash (pvr2svr2mod p) (2)
In formula (2), DHSS2 is the privately owned shared key at the ZRTP session setups end;
Wherein, DHSS1=DHSS2.
It is preferred that, the ZRTP session setups end passes through AES encryption algorithm or md5 encryption algorithm according to the privately owned common key Information D0 is encrypted acquisition encryption information D1.
Beneficial effects of the present invention:
A kind of mobile Internet instant messaging safe encryption method that the present invention is provided, it is mobile eventually based on the generation of ZRTP communication protocols End and the shared key of mobile terminal, communicating pair is by the shared key to files such as transmission image, audio, video and words It is encrypted and decrypted, it is achieved thereby that person to person's Direct Communication and can be realized as putting internuncial encryption independent of other conditions Safety communication, improve the reliability and safety of communication process.
Brief description of the drawings
Fig. 1 is a kind of flow chart of mobile Internet instant messaging safe encryption method of the invention;
Fig. 2 is to set up shared key process schematic based on ZRTP in the embodiment of the present invention.
Embodiment
The embodiment to the present invention elaborates below in conjunction with the accompanying drawings.
To make the purpose, technical scheme and advantage of the embodiment of the present invention clearer, below in conjunction with attached in the embodiment of the present invention Figure, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is the present invention A part of embodiment, rather than whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art are not having The all other embodiment obtained under the premise of creative work is made, the scope of protection of the invention is belonged to.
A kind of mobile Internet instant messaging safe encryption method that the present invention is provided, as shown in figure 1, including:
Step (1) sets up the privately owned common key of communication two party based on ZRTP agreements;
Step (2) ZRTP session setups end information D0 is encrypted acquisition encryption information D1 according to the privately owned common key, And send to ZRTP conversational responses end, wherein, described information D0 includes any file;
The encryption information D1 is decrypted according to the privately owned common key for step (3) ZRTP conversational responses end, obtains institute State information D0.
Wherein, any file includes:Image file, audio file, video file and text file.
Specifically, as shown in Fig. 2 described set up the privately owned common key of communication two party based on ZRTP agreements and include 3 stages: Discovery phase, key agreement phase, shared key confirmation, wherein:
First, RTP sessions are set up in discovery phase, the ZRTP session setups end with the ZRTP conversational responses end, mutually send Hello message is initialized to communication connection, and carries out response to Correspondent Node by the way of HelloACK message is returned;
The ZRTP session setups end sends the Hello message at the ZRTP session setups end to the ZRTP conversational responses end, If ZRTP agreements are supported at the ZRTP conversational responses end, by the HelloACK message at the ZRTP conversational responses end send to The ZRTP session setups end, and the Hello message at the ZRTP conversational responses end is sent to the ZRTP session setups end, The ZRTP session setups termination is received after the Hello message at the ZRTP conversational responses end, by the ZRTP session setups end HelloACK message send to the ZRTP conversational responses end;
Wherein, the Hello message includes:ZRTP support protocol version, AES Cipher, digest algorithm hash, SAS algorithms, public key type pkt and ZID, the ZID is 96bit random number, in the local common of communication two ends Enjoy secret value rs1 and rs2 and SRTP configuration information srtps.
In discovery phase, when the both sides of communication set up RTP sessions, ZRTP inject ZRTP using meeting into RTP packets Information, first to Correspondent Node send Hello message to connection initialize, included in Hello message in have ZRTP The protocol version supported, AES Cipher, digest algorithm hash, SAS algorithm, public key type pkt and ZID etc., ZID is 96bit random number, there is two effects:On the one hand it is used to protect after the local identification last session at communication two ends Shared key rs1, rs2 and SRTP configuration information srtps, srtps that stay calculation formula is:Srtps=hash (SRTP Master key | | SRTP master salt), if two kinds of shared keys in formula are not present, replaced with random number, On the other hand the ZRTP connections being also used for this are marked.When receiving terminal with HelloAck carries out response to Hello message, Expression, which is controlled oneself, supports ZRTP agreements, then allows transmitting terminal to send the Hello message controlled oneself, is disappeared in transmitting terminal by HelloAck Cease after response, discovery phase terminates.
2nd, key agreement phase, the ZRTP session setups end is generated according to the Hello message at the ZRTP conversational responses end Commit message, and the Commit message is sent to the ZRTP conversational responses end, the ZRTP conversational responses end with The ZRTP conversational responses end carries out DH exchanges, and determines the privately owned common key of the communication two party.
The Commit message includes:The Hello message at the ZRTP conversational responses end supports information and local Hello message Support the common factor of information.
The ZRTP session setups end carries out DH with the ZRTP conversational responses end and exchanged, including:
The DHpart1 at the ZRTP conversational responses end is sent to the ZRTP session setups end, wherein, the ZRTP sessions The DHpart1 of responder includes:
The private key pvr1=g at the ZRTP conversational responses endsvr1Mod p, wherein, p is prime number, and g is original with svr1 for p's For the random number at the ZRTP conversational responses end;
The local shared secret value rs1 that the ZRTP conversational responses end is calculated using character string " Responder " is based on hash Message authentication code rslIDr=HMAC (rs1, " Responder ");
The local shared secret value rs2 that the ZRTP conversational responses end is calculated using character string " Responder " is based on hash Message authentication code rs2IDr=HMAC (rs2, " Responder ");
Message of the signaling information sigs based on hash that the ZRTP conversational responses end is calculated using character string " Responder " is recognized Demonstrate,prove code sigsIDr=HMAC (sigs, " Responder ");
Message of the SRTP configuration informations based on hash that the ZRTP conversational responses end is calculated using character string " Responder " is recognized Demonstrate,prove code srtpsIDr=HMAC (srtps, " Responder ");
The other information for the increase key complexity that the ZRTP conversational responses end is calculated using character string " Responder " Other_secret based on hash message authentication code other_secretIDr=HMAC (other_secret, “Responder”);
The ZRTP session setups termination is received after the DHpart1, and the value to pvr1 is checked, if pvr1 is 1 or is P-1, then terminate ZRTP sessions, if pvr1 is not 1 or is p-1, the ZRTP session setups end is by its corresponding DHpart2 Send to the ZRTP conversational responses end, wherein, the DHpart2 includes:
The private key pvr2=g at the ZRTP session setups endsvr2mod p;
The local shared secret value rs1 that the ZRTP session setups end is calculated using character string " Initiator " is based on hash Message authentication code rslIDr=HMAC (rs1, " Initiator ");
The local shared secret value rs2 that the ZRTP session setups end is calculated using character string " Initiator " is based on hash Message authentication code rs2IDi=HMAC (rs2, " Initiator ");
Message of the signaling information sigs based on hash that the ZRTP session setups end is calculated using character string " Initiator " is recognized Demonstrate,prove code sigsIDi=HMAC (sigs, " Initiator ");
Message of the SRTP configuration informations based on hash that the ZRTP session setups end is calculated using character string " Initiator " is recognized Demonstrate,prove code srtpsIDi=HMAC (srtps, " Initiator ");
The other information for the increase key complexity that the ZRTP session setups end is calculated using character string " Initiator " Other_secret based on hash message authentication code other_secretIDi=HMAC (other_secret, “Initiator”)。
The ZRTP session setups end determines the privately owned common key of the communication two party in the steps below:
DHSS1=hash (pvr1svr1mod p) (1)
In formula (1), DHSS1 is the privately owned shared key at the ZRTP session setups end;
The ZRTP conversational responses end determines the privately owned common key of the communication two party in the steps below:
DHSS2=hash (pvr2svr2mod p) (2)
In formula (2), DHSS2 is the privately owned shared key at the ZRTP session setups end;
Wherein, DHSS1=DHSS2.
In key agreement phase, the promoter of DH exchange process is referred to as " Initiator ", and corresponding the opposing party turns into ZRTP session setups end is Initiator in " Responder ", Fig. 2, and ZRTP conversational responses end is Responder, is obtained After the shared key DHSS of communicating pair, in addition it is also necessary to calculate HMAC sequences, each value in DHpart1 and DHpart2 is judged Whether match, first (rs1IDr, rs2IDr, sigsIDr, srtpsIDr, the other_secretIDr) in DHPart1 message is made For set E, recycle formula rs1IDr=HMAC (rs1, " Responder ") computational methods calculate 5 shared key values pair The HMAC answered, result of calculation is used as set F.Set E and set F common factor is removed as the shared key of communicating pair.For The value that two set Zhong Bu areas match somebody with somebody then abandons and supplements Null replacements, so can be obtained by 5 different shared keys in source. Arranged by numerical values recited ascending order 5 shared key values are finally connected together to the shared key for obtaining this session with DHSS, Calculation formula be s0=hash (DHSS | | s1 | | s2 | | s3 | | s4 | | s5), DHPart2 message is similarly;
In ZRTP communication protocols, in addition to shared key determines the stage, in the main task in this stage is derived for SRTP Master key and the master salt of connection, and renewal is stored in two local shared keys, master key and master Salt calculation formula is as follows:
Srtpkeyi=HMAC (s0, " Initiator SRTP master key ")
Srtpsalti=HMAC (s0, " Initiator SRTP master salt ")
Srtpkeyr=HMAC (s0, " Responder SRTP master key ")
Srtpsaltr=HMAC (s0, " Responder SRTP master salt ")
Wherein srtpkeyi and srtpsalti are the master key and master used in B in this unidirectional connection from B to A Salt, srtpkeyr and srtpsaltr are the master key and master used in A in this unidirectional connection from A to B salt.There are master key and master salt, it is possible to derive SRTP using previously described key derivation method Session key, and then complete the interim common key that communication two party just has.
A kind of privately owned common key side of utilization communicating pair for mobile Internet instant messaging safe encryption method that the present invention is provided Face, can carry out encryption and decryption to transmission information using AES encryption algorithm or md5 encryption algorithm and obtain encryption information.
Finally it should be noted that:The above embodiments are merely illustrative of the technical scheme of the present invention and are not intended to be limiting thereof, although reference The present invention is described in detail above-described embodiment, those of ordinary skills in the art should understand that:Still can be to this The embodiment of invention is modified or equivalent substitution, and any modification without departing from spirit and scope of the invention or is waited With replacing, it all should cover within the claims of the present invention.

Claims (8)

1. a kind of mobile Internet instant messaging safe encryption method, it is characterised in that methods described includes:
The privately owned common key of communication two party is set up based on ZRTP agreements;
ZRTP session setups end information D0 is encrypted acquisition encryption information D1 according to the privately owned common key, and sends extremely ZRTP conversational responses end, wherein, described information D0 includes any file;
The encryption information D1 is decrypted according to the privately owned common key for ZRTP conversational responses end, obtains described information D0.
2. the method as described in claim 1, it is characterised in that any file includes:Image file, audio file, Video file and text file.
3. the method as described in claim 1, it is characterised in that described to set up privately owned common of communication two party based on ZRTP agreements Key includes:
RTP sessions are set up in the ZRTP session setups end with the ZRTP conversational responses end, mutually send Hello message to logical News connection is initialized, and carries out response to Correspondent Node by the way of HelloACK message is returned;
The ZRTP session setups end generates Commit message according to the Hello message at the ZRTP conversational responses end, and by institute Commit message is stated to send to the ZRTP conversational responses end;
The ZRTP conversational responses end carries out DH with the ZRTP conversational responses end and exchanged, and determines that the communication two party is privately owned common Same key.
4. method as claimed in claim 3, it is characterised in that the ZRTP session setups end is built with ZRTP conversational responses end Vertical RTP sessions, mutually send Hello message and communication connection are initialized, including:
The ZRTP session setups end sends the Hello message at the ZRTP session setups end to the ZRTP conversational responses end, If ZRTP agreements are supported at the ZRTP conversational responses end, by the HelloACK message at the ZRTP conversational responses end send to The ZRTP session setups end, and the Hello message at the ZRTP conversational responses end is sent to the ZRTP session setups end, The ZRTP session setups termination is received after the Hello message at the ZRTP conversational responses end, by the ZRTP session setups end HelloACK message send to the ZRTP conversational responses end;
Wherein, the Hello message includes:ZRTP support protocol version, AES Cipher, digest algorithm hash, SAS algorithms, public key type pkt and ZID;The ZID is 96bit random number, in the local common of communication two ends Enjoy secret value rs1 and rs2 and SRTP configuration information srtps.
5. method as claimed in claim 3, it is characterised in that the Commit message includes:The ZRTP conversational responses The Hello message at end supports information to support the common factor of information with local Hello message.
6. method as claimed in claim 3, it is characterised in that the ZRTP session setups end and the ZRTP conversational responses End carries out DH exchanges, including:
The DHpart1 at the ZRTP conversational responses end is sent to the ZRTP session setups end, wherein, the ZRTP sessions The DHpart1 of responder includes:
The private key pvr1=g at the ZRTP conversational responses endsvr1Mod p, wherein, p is prime number, and g is original with svr1 for p's For the random number at the ZRTP conversational responses end;
The local shared secret value rs1 that the ZRTP conversational responses end is calculated using character string " Responder " is based on hash Message authentication code rslIDr=HMAC (rs1, " Responder ");
The local shared secret value rs2 that the ZRTP conversational responses end is calculated using character string " Responder " is based on hash Message authentication code rs2IDr=HMAC (rs2, " Responder ");
Message of the signaling information sigs based on hash that the ZRTP conversational responses end is calculated using character string " Responder " is recognized Demonstrate,prove code sigsIDr=HMAC (sigs, " Responder ");
Message of the SRTP configuration informations based on hash that the ZRTP conversational responses end is calculated using character string " Responder " is recognized Demonstrate,prove code srtpsIDr=HMAC (srtps, " Responder ");
The other information for the increase key complexity that the ZRTP conversational responses end is calculated using character string " Responder " Other_secret based on hash message authentication code other_secretIDr=HMAC (other_secret, “Responder”);
The ZRTP session setups termination is received after the DHpart1, and the value to pvr1 is checked, if pvr1 is 1 or is P-1, then terminate ZRTP sessions, if pvr1 is not 1 or is p-1, the ZRTP session setups end is by its corresponding DHpart2 Send to the ZRTP conversational responses end, wherein, the DHpart2 includes:
The private key pvr2=g at the ZRTP session setups endsvr2mod p;
The local shared secret value rs1 that the ZRTP session setups end is calculated using character string " Initiator " is based on hash Message authentication code rslIDr=HMAC (rs1, " Initiator ");
The local shared secret value rs2 that the ZRTP session setups end is calculated using character string " Initiator " is based on hash Message authentication code rs2IDi=HMAC (rs2, " Initiator ");
Message of the signaling information sigs based on hash that the ZRTP session setups end is calculated using character string " Initiator " is recognized Demonstrate,prove code sigsIDi=HMAC (sigs, " Initiator ");
Message of the SRTP configuration informations based on hash that the ZRTP session setups end is calculated using character string " Initiator " is recognized Demonstrate,prove code srtpsIDi=HMAC (srtps, " Initiator ");
The other information for the increase key complexity that the ZRTP session setups end is calculated using character string " Initiator " Other_secret based on hash message authentication code other_secretIDi=HMAC (other_secret, “Initiator”)。
7. method as claimed in claim 3, it is characterised in that the ZRTP session setups end determines described logical in the steps below Interrogate the privately owned common key of both sides:
DHSS1=hash (pvr1svr1mod p) (1)
In formula (1), DHSS1 is the privately owned shared key at the ZRTP session setups end;
The ZRTP conversational responses end determines the privately owned common key of the communication two party in the steps below:
DHSS2=hash (pvr2svr2mod p) (2)
In formula (2), DHSS2 is the privately owned shared key at the ZRTP session setups end;
Wherein, DHSS1=DHSS2.
8. the method as described in claim 1, it is characterised in that the ZRTP session setups end is according to the privately owned common key Acquisition encryption information D1 information D0 is encrypted by AES encryption algorithm or md5 encryption algorithm.
CN201610192910.3A 2016-03-30 2016-03-30 A kind of mobile Internet instant messaging safe encryption method Withdrawn CN107294703A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610192910.3A CN107294703A (en) 2016-03-30 2016-03-30 A kind of mobile Internet instant messaging safe encryption method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610192910.3A CN107294703A (en) 2016-03-30 2016-03-30 A kind of mobile Internet instant messaging safe encryption method

Publications (1)

Publication Number Publication Date
CN107294703A true CN107294703A (en) 2017-10-24

Family

ID=60086666

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610192910.3A Withdrawn CN107294703A (en) 2016-03-30 2016-03-30 A kind of mobile Internet instant messaging safe encryption method

Country Status (1)

Country Link
CN (1) CN107294703A (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111953631A (en) * 2019-05-14 2020-11-17 苏州会信捷信息科技有限公司 Method and system for safely encrypting mobile internet communication instant message
CN115277157A (en) * 2022-07-22 2022-11-01 太原理工大学 Efficient authentication key exchange method based on out-of-band channel

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070157026A1 (en) * 2005-07-27 2007-07-05 Zimmermann Philip R Method and system for key management in voice over internet protocol
CN102098397A (en) * 2011-02-28 2011-06-15 北京交通大学 Realization method of VoIP (Voice-over-IP) media stream trusted transmission based on Zimmermann Real-Time Transport Protocol key exchange
US20110194696A1 (en) * 2009-09-08 2011-08-11 Information Assurance Specialists, Inc. Secure protocol terminal adapter
CN105141568A (en) * 2014-05-28 2015-12-09 腾讯科技(深圳)有限公司 Safe communication channel establishment method and system, client and server

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070157026A1 (en) * 2005-07-27 2007-07-05 Zimmermann Philip R Method and system for key management in voice over internet protocol
US20110194696A1 (en) * 2009-09-08 2011-08-11 Information Assurance Specialists, Inc. Secure protocol terminal adapter
CN102098397A (en) * 2011-02-28 2011-06-15 北京交通大学 Realization method of VoIP (Voice-over-IP) media stream trusted transmission based on Zimmermann Real-Time Transport Protocol key exchange
CN105141568A (en) * 2014-05-28 2015-12-09 腾讯科技(深圳)有限公司 Safe communication channel establishment method and system, client and server

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
邓成军: ""基于SRTP和ZRTP协议的语音加密传输技术研究"", 《东南大学硕士学位论文》 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111953631A (en) * 2019-05-14 2020-11-17 苏州会信捷信息科技有限公司 Method and system for safely encrypting mobile internet communication instant message
CN115277157A (en) * 2022-07-22 2022-11-01 太原理工大学 Efficient authentication key exchange method based on out-of-band channel
CN115277157B (en) * 2022-07-22 2023-11-14 太原理工大学 Efficient authentication key exchange method based on out-of-band channel

Similar Documents

Publication Publication Date Title
CN103338215B (en) The method setting up TLS passage based on the close algorithm of state
US7730309B2 (en) Method and system for key management in voice over internet protocol
US8644515B2 (en) Display authenticated security association
CN106164922B (en) Self-organizing one-time pairing of remote devices using online audio fingerprinting
CN103974241B (en) A kind of sound end-to-end encryption method towards android system mobile terminal
US20040073795A1 (en) Systems and methods for password-based connection
CN102547688B (en) Virtual-dedicated-channel-based establishment method for high-credibility mobile security communication channel
US20080077795A1 (en) Method and apparatus for two-way authentication without nonces
CN108599926B (en) HTTP-Digest improved AKA identity authentication system and method based on symmetric key pool
CN112425136A (en) Internet of things security using multi-party computing (MPC)
CN109347626B (en) Safety identity authentication method with anti-tracking characteristic
CN110635901B (en) Local Bluetooth dynamic authentication method and system for Internet of things equipment
CN110519300A (en) Client key method for secure storing based on password bidirectional authentication
CN110048849A (en) A kind of session cipher negotiating method of multilayer protection
CN109951513A (en) Anti- quantum calculation wired home quantum cloud storage method and system based on quantum key card
CN113572741A (en) Method for realizing safe data transmission based on SM2-SM3-SM4 algorithm
WO2016082401A1 (en) Conversation method and apparatus, user terminal and computer storage medium
CN108616350B (en) HTTP-Digest class AKA identity authentication system and method based on symmetric key pool
CN105141629A (en) Method for improving network security of public Wi-Fi based on WPA/WPA2 PSK multiple passwords
CN113507372A (en) Bidirectional authentication method for interface request
CN106230840B (en) A kind of command identifying method of high security
CN107294703A (en) A kind of mobile Internet instant messaging safe encryption method
CN106209384B (en) Use the client terminal of security mechanism and the communication authentication method of charging unit
CN109309648A (en) A kind of method and apparatus of information transmission
CN107104888A (en) A kind of safe instant communicating method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 210019 Building No. 4, Jiaye International City, 158 Lushan Road, Jianye District, Nanjing City, Jiangsu Province, 1904

Applicant after: Nanjing Zhenxin Network Technology Co., Ltd.

Address before: 210019 Building No. 4, Jiaye International City, 158 Lushan Road, Jianye District, Nanjing City, Jiangsu Province, 1904

Applicant before: Nanjing Hao Zhen Xin Network Technology Co., Ltd.

CB02 Change of applicant information
WW01 Invention patent application withdrawn after publication

Application publication date: 20171024

WW01 Invention patent application withdrawn after publication