CN107454042A - Message sending, receiving method and device - Google Patents
Message sending, receiving method and device Download PDFInfo
- Publication number
- CN107454042A CN107454042A CN201610377962.8A CN201610377962A CN107454042A CN 107454042 A CN107454042 A CN 107454042A CN 201610377962 A CN201610377962 A CN 201610377962A CN 107454042 A CN107454042 A CN 107454042A
- Authority
- CN
- China
- Prior art keywords
- message
- algorithm
- identifying
- option
- corresponding relation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a kind of message sending, receiving method and device, wherein, the message method of reseptance includes:The identifying algorithm that receiving terminal with receiving message is consulted to determine to be used to be authenticated message and the first corresponding relation of the algorithm mark for identifying the identifying algorithm;It is determined that for the identifying algorithm assembled to message to be sent;The message to be sent is assembled using algorithm mark corresponding to the identifying algorithm of determination;The message to be sent of assembling is sent to receiving terminal.By the present invention, solve the problems, such as the identifying algorithm type of None- identified to each other between distinct device, reach the effect that identifying algorithm type to each other can be identified between distinct device.
Description
Technical field
The present invention relates to the communications field, in particular to a kind of message sending, receiving method and device.
Background technology
Transmission control protocol (Transmission Control Protocol, referred to as TCP) is a kind of connection-oriented
Agreement, it provides the service of byte stream that is two-way, reliable, having flow to control.In the simplified open system of computer network
In system interconnection (Open System Interconnect, referred to as OSI) model, it completes the work(specified by the 4th layer of transport layer
Energy.
In order to ensure the correctness of data transfer and legitimacy, TCP can use certification key and identifying algorithm to data
Certification is encrypted and decrypted.At present, TCP certifications are intended to support a variety of authentication options and identifying algorithm, and distinct device
Different authentication option types, identifying algorithm type can be supported, but the certification of None- identified to each other is selected between distinct device
Item, identifying algorithm type so that TCP certification compatibility is relatively low.
The content of the invention
The embodiments of the invention provide a kind of message sending, receiving method and device, at least to solve in correlation technique not
The problem of with equipment room None- identified authentication option to each other, identifying algorithm type.
According to one embodiment of present invention, there is provided a kind of file transmitting method, including:Receiving terminal with receiving message
The identifying algorithm for consulting to determine to be used to be authenticated message and the first couple of the algorithm mark for identifying the identifying algorithm
It should be related to;It is determined that for the identifying algorithm assembled to message to be sent;Using calculation corresponding to the identifying algorithm of determination
Method mark assembles to the message to be sent;The message to be sent of assembling is sent to receiving terminal.
Alternatively, assembling bag is carried out to the message to be sent using algorithm mark corresponding to the identifying algorithm of determination
Include:The authentication option that receiving terminal with receiving message is consulted to determine to be used to assemble message for identifying the certification with selecting
Second corresponding relation of the Option of item;It is determined that for the authentication option pending for sending message and being assembled;Using
The authentication option determined carries option mark corresponding to algorithm mark corresponding to the identifying algorithm and the authentication option
The mode of knowledge, the message to be sent is assembled.
Alternatively, consult to determine for the identifying algorithm for being authenticated message with being used in the receiving terminal with receiving message
After the first corresponding relation of algorithm mark for identifying the identifying algorithm, in addition to:Store first corresponding relation;With/
Or, it is used for the authentication option assembled to message and for identifying the certification in the receiving terminal negotiation determination with receiving message
After second corresponding relation of the Option of option, in addition to:Store second corresponding relation.
According to another embodiment of the invention, there is provided a kind of message method of reseptance, including:Transmission with sending message
The identifying algorithm that end consults to determine to be used to be authenticated message and first of the algorithm mark for identifying the identifying algorithm
Corresponding relation;Receive the message that the transmitting terminal is sent;Obtain the algorithm mark carried in the message;Using described in acquisition
Identifying algorithm corresponding to algorithm mark is authenticated to the message received.
Alternatively, obtaining the algorithm mark carried in the message includes:Transmitting terminal with sending message is consulted to determine to use
In the authentication option assembled to message and the second corresponding relation of the Option for identifying the authentication option;Obtain
The Option carried in the message received;The algorithm mark is obtained from authentication option corresponding to the Option
Know.
Alternatively, consult to determine for the identifying algorithm for being authenticated message with being used in the transmitting terminal with sending message
After the first corresponding relation of algorithm mark for identifying the identifying algorithm, in addition to:Store first corresponding relation;With/
Or, it is used for the authentication option assembled to message and for identifying the certification in the transmitting terminal negotiation determination with sending message
After second corresponding relation of the Option of option, in addition to:Store second corresponding relation.
Alternatively, the message received is authenticated using identifying algorithm corresponding to the algorithm mark of acquisition
Including:Judge whether identifying algorithm and pre-defined algorithm are consistent corresponding to the algorithm mark of acquisition;It is acquisition in judged result
The algorithm mark corresponding to identifying algorithm it is consistent with the pre-defined algorithm in the case of, judge to use the pre-defined algorithm pair
The message received carries out checking the first validation value of acquisition and obtained with carrying out checking to the message using the identifying algorithm
Whether the second validation value obtained is consistent;In the case of first validation value and the second validation value identical, it is determined that to institute
State message authentication success.
According to another embodiment of the invention, there is provided a kind of packet transmission device, including:First determining module, use
Consult to determine for the identifying algorithm for being authenticated message with calculating for identifying the certification in receiving the receiving terminal of message
First corresponding relation of the algorithm mark of method;Second determining module, for determining to be used to recognize what message to be sent was assembled
Demonstrate,prove algorithm;Module is assembled, for being carried out using algorithm mark corresponding to the identifying algorithm determined to the message to be sent
Assembling;Sending module, for the message to be sent of assembling to be sent into receiving terminal.
Alternatively, assembling module includes:First determining unit, for receive message receiving terminal consult determine be used for pair
The authentication option that message is assembled and the second corresponding relation of the Option for identifying the authentication option;Second determines
Unit, for determining to be used for the authentication option pending for sending message and being assembled;Module units, for using determination
The authentication option carries the side of Option corresponding to algorithm mark corresponding to the identifying algorithm and the authentication option
Formula, the message to be sent is assembled.
Alternatively, described device includes:First memory module, for being used in the receiving terminal negotiation determination with receiving message
The identifying algorithm being authenticated to message is with after the first corresponding relation of algorithm mark for identifying the identifying algorithm, depositing
Store up first corresponding relation;The assembling module includes:First memory cell, for consulting in the receiving terminal with receiving message
It is determined that for the authentication option that is assembled to message and the second corresponding pass of the Option for identifying the authentication option
After system, second corresponding relation is stored.
According to another embodiment of the invention, there is provided a kind of message reception device, including:3rd determining module, use
Consult to determine for the identifying algorithm for being authenticated message with calculating for identifying the certification in sending the transmitting terminal of message
First corresponding relation of the algorithm mark of method;Receiving module, the message sent for receiving the transmitting terminal;Acquisition module, use
The algorithm mark carried in the acquisition message;Authentication module, for using certification corresponding to the algorithm mark obtained
Algorithm is authenticated to the message received.
Alternatively, acquisition module includes:3rd determining unit, for send message transmitting terminal consult determine be used for pair
The authentication option that message is assembled and the second corresponding relation of the Option for identifying the authentication option;First obtains
Unit, for obtaining the Option carried in the message received;Second acquisition unit, for from the Option
The algorithm mark is obtained in corresponding authentication option.
Alternatively, described device also includes:Second memory module, for consulting to determine to use with receiving the receiving terminal of message
After the identifying algorithm being authenticated to message and the first corresponding relation identified for identifying the algorithm of the identifying algorithm,
Store first corresponding relation;The acquisition module includes:Second memory cell, for being assisted in the receiving terminal with receiving message
Business is determined for the second corresponding of the authentication option assembled to message and the Option for identifying the authentication option
After relation, second corresponding relation is stored.
Alternatively, authentication module includes:First judging unit, for judging certification corresponding to the algorithm mark of acquisition
Whether algorithm is consistent with pre-defined algorithm;Second judging unit, for being corresponding to the algorithm obtained identifies in judged result
In the case that identifying algorithm is consistent with the pre-defined algorithm, judge to carry out the message received using the pre-defined algorithm
Checking obtain the first validation value with using the identifying algorithm to the message carry out verify acquisition the second validation value whether one
Cause;Authentication unit, in the case of first validation value and the second validation value identical, it is determined that recognizing the message
Demonstrate,prove successfully.
According to still another embodiment of the invention, a kind of storage medium is additionally provided.The storage medium is arranged to storage and used
In the program code for performing following steps:The certification that receiving terminal with receiving message is consulted to determine to be used to be authenticated message is calculated
First corresponding relation of method and the algorithm mark for identifying the identifying algorithm;It is determined that for being assembled to message to be sent
Identifying algorithm;The message to be sent is assembled using algorithm mark corresponding to the identifying algorithm of determination;By group
The message to be sent of dress is sent to receiving terminal.
Alternatively, storage medium is also configured to the program code that storage is used to perform following steps:Using described in determination
Algorithm mark carries out assembling to the message to be sent corresponding to identifying algorithm includes:Receiving terminal with receiving message is consulted to determine
For the authentication option and the second corresponding relation of the Option for identifying the authentication option assembled to message;Really
It is fixed to be used for the authentication option pending for sending message and being assembled;The certification is carried using the authentication option of determination
The mode of Option, group is carried out to the message to be sent corresponding to algorithm mark corresponding to algorithm and the authentication option
Dress.
Alternatively, storage medium is also configured to the program code that storage is used to perform following steps:With receiving message
The identifying algorithm that receiving terminal is consulted to determine to be used to be authenticated message and the algorithm mark for identifying the identifying algorithm
After first corresponding relation, in addition to:Store first corresponding relation;And/or consult really in the receiving terminal with receiving message
The fixed authentication option for being used to assemble message and the second corresponding relation of the Option for identifying the authentication option
Afterwards, in addition to:Store second corresponding relation.
According to another embodiment of the invention, a kind of storage medium is additionally provided.The storage medium is arranged to storage and used
In the program code for performing following steps:The certification that transmitting terminal with sending message is consulted to determine to be used to be authenticated message is calculated
First corresponding relation of method and the algorithm mark for identifying the identifying algorithm;Receive the message that the transmitting terminal is sent;Obtain
The algorithm carried in the message is taken to identify;Using identifying algorithm corresponding to the algorithm mark of acquisition to described in receiving
Message is authenticated.
Alternatively, storage medium is also configured to the program code that storage is used to perform following steps:Obtain in the message
The algorithm mark of carrying includes:Transmitting terminal with sending message is consulted to determine to be used for the authentication option and use for assembling message
In the second corresponding relation of the Option for identifying the authentication option;Obtain the option mark carried in the message received
Know;The algorithm mark is obtained from authentication option corresponding to the Option.
Alternatively, storage medium is also configured to the program code that storage is used to perform following steps:With sending message
The identifying algorithm that transmitting terminal is consulted to determine to be used to be authenticated message and the algorithm mark for identifying the identifying algorithm
After first corresponding relation, in addition to:Store first corresponding relation;And/or consult really in the transmitting terminal with sending message
The fixed authentication option for being used to assemble message and the second corresponding relation of the Option for identifying the authentication option
Afterwards, in addition to:Store second corresponding relation.
Alternatively, storage medium is also configured to the program code that storage is used to perform following steps:Using described in acquisition
Identifying algorithm corresponding to algorithm mark is authenticated including to the message received:Judge the algorithm mark pair obtained
Whether the identifying algorithm answered is consistent with pre-defined algorithm;Judged result for obtain the algorithm mark corresponding to identifying algorithm with
In the case that the pre-defined algorithm is consistent, judge that carrying out checking to the message received using the pre-defined algorithm obtains the
One validation value verifies whether the second validation value of acquisition is consistent with being carried out using the identifying algorithm to the message;Described
In the case of one validation value and the second validation value identical, it is determined that to message authentication success.
By the present invention, the receiving terminal with receiving message is consulted to determine to be used for identifying algorithm and the use for being authenticated message
In the first corresponding relation of the algorithm mark for identifying the identifying algorithm;It is determined that for the certification assembled to message to be sent
Algorithm;The message to be sent is assembled using algorithm mark corresponding to the identifying algorithm of determination;By treating for assembling
Send message and be sent to receiving terminal.It is the reception with receiving message due to being sent to the algorithm carried in the message of receiving terminal mark
Consult what is determined in end, i.e. algorithm mark is the identifying algorithm being authenticated to message to be sent that transmitting-receiving two-end is consulted to determine
Corresponding algorithm mark, therefore, can solve the identifying algorithm class due to indicating corresponding identifying algorithm type between distinct device
Offset is inconsistent, the problem of causing the identifying algorithm type to each other of None- identified between distinct device, and it is simultaneous to reach enhancing TCP certifications
The effect of capacitive.
Brief description of the drawings
Accompanying drawing described herein is used for providing a further understanding of the present invention, forms the part of the application, this hair
Bright schematic description and description is used to explain the present invention, does not form inappropriate limitation of the present invention.In the accompanying drawings:
Fig. 1 is a kind of hardware block diagram of the mobile terminal of file transmitting method of the embodiment of the present invention;
Fig. 2 is the flow chart that message according to embodiments of the present invention is sent;
Fig. 3 is the enhanced authentication option form in draft-bonica-tcp-auth-06 according to embodiments of the present invention
Figure;
Fig. 4 is the flow chart of the file transmitting method of the preferred embodiment of the present invention;
Fig. 5 is the flow chart that message according to embodiments of the present invention receives;
Fig. 6 is the flow chart of the message method of reseptance of the preferred embodiment of the present invention;
Fig. 7 is the structured flowchart of packet transmission device according to embodiments of the present invention;
Fig. 8 is the structured flowchart that module 76 is assembled in packet transmission device according to embodiments of the present invention;
Fig. 9 is the preferred structure block diagram of packet transmission device according to embodiments of the present invention;
Figure 10 is the structured flowchart of message reception device according to embodiments of the present invention;
Figure 11 is the structured flowchart of acquisition module 106 in message reception device according to embodiments of the present invention;
Figure 12 is the preferred structure block diagram of message reception device according to embodiments of the present invention;
Figure 13 is the structured flowchart of authentication module 108 in packet transmission device according to embodiments of the present invention.
Embodiment
Describe the present invention in detail below with reference to accompanying drawing and in conjunction with the embodiments.It should be noted that do not conflicting
In the case of, the feature in embodiment and embodiment in the application can be mutually combined.
It should be noted that term " first " in description and claims of this specification and above-mentioned accompanying drawing, "
Two " etc. be for distinguishing similar object, without for describing specific order or precedence.
Embodiment 1
The embodiment of the method that the embodiment of the present application one is provided can be in mobile terminal, terminal or similar fortune
Calculate and performed in device.Exemplified by running on mobile terminals, Fig. 1 is a kind of movement of file transmitting method of the embodiment of the present invention
The hardware block diagram of terminal.Handled as shown in figure 1, mobile terminal 10 can include one or more (one is only shown in figure)
Device 102 (processor 102 can include but is not limited to Micro-processor MCV or PLD FPGA etc. processing unit),
Memory 104 for data storage and the transmitting device 106 for communication function.Those of ordinary skill in the art can be with
Understand, the structure shown in Fig. 1 is only to illustrate, and it does not cause to limit to the structure of above-mentioned electronic installation.For example, mobile terminal 10
It may also include more either less components than shown in Fig. 1 or there is the configuration different from shown in Fig. 1.
Memory 104 can be used for the software program and module of storage application software, such as the message in the embodiment of the present invention
Programmed instruction/module corresponding to sending method, processor 102 by operation be stored in software program in memory 104 and
Module, so as to perform various function application and data processing, that is, realize above-mentioned method.Memory 104 may include at a high speed with
Machine memory, may also include nonvolatile memory, as one or more magnetic storage device, flash memory or other it is non-easily
The property lost solid-state memory.In some instances, memory 104 can further comprise depositing relative to processor 102 is remotely located
Reservoir, these remote memories can pass through network connection to mobile terminal 10.The example of above-mentioned network is including but not limited to mutual
Networking, intranet, LAN, mobile radio communication and combinations thereof.
Transmitting device 106 is used to data are received or sent via a network.Above-mentioned network instantiation may include
The wireless network that the communication providerses of mobile terminal 10 provide.In an example, transmitting device 106 includes a Network adaptation
Device (Network Interface Controller, NIC), its can be connected by base station with other network equipments so as to it is mutual
Networking is communicated.In an example, transmitting device 106 can be radio frequency (Radio Frequency, RF) module, and it is used
In wirelessly being communicated with internet.
A kind of file transmitting method for running on above-mentioned mobile terminal is provided in the present embodiment, and Fig. 2 is according to this hair
The flow chart that the message of bright embodiment is sent, as shown in Fig. 2 the flow comprises the following steps:
Step S202, the identifying algorithm that the receiving terminal with receiving message is consulted to determine to be used to be authenticated message is with being used for
First corresponding relation of the algorithm mark of ID authentication algorithm;
Step S204, it is determined that for the identifying algorithm assembled to message to be sent;
Step S206, message to be sent is assembled using algorithm mark corresponding to the identifying algorithm of determination;
Step S208, the message to be sent of assembling is sent to receiving terminal.
By above-mentioned steps, because the corresponding relation between above-mentioned algorithm mark and identifying algorithm is that transmitting terminal is reported with receiving
The receiving terminal of text consults what is determined, i.e. in the algorithm mark carried during receiving terminal gets message, it is possible to determine transmitting terminal
The message is carried out to assemble used identifying algorithm, therefore, can be solved due to indicating that corresponding certification is calculated between distinct device
The identifying algorithm types value (i.e. above-mentioned algorithm mark) of method type is inconsistent, causes the recognizing to each other of None- identified between distinct device
The problem of demonstrate,proving algorithm types, reach the effect that identifying algorithm type to each other can be identified between distinct device.
Consult to determine for the identifying algorithm for being authenticated message with for mark recognizing in the receiving terminal with receiving message
When demonstrate,proving the first corresponding relation of algorithm mark of algorithm, various ways can be used, for example, (i.e. message is sent out at the both ends of docking
Sending end and receiving terminal), the algorithm types Alg ID values consulted (i.e. above-mentioned algorithm identifies) are configured by order, to identical
Algorithm, in sending and receiving end, the Alg ID values of configuration are consistent.Alternatively, after transmitting terminal chooses the algorithm types of needs, by it
Corresponding Alg ID values are converted into insert in authentication option;Receiving terminal is allowd to be worth to what transmitting terminal used according to Alg ID
Algorithm types.In another example at the both ends of docking, each algorithm types Alg ID values can be negotiated outside by band, then pass through and configure
Order configures the Alg ID values of each algorithm types, keeps transmitting-receiving two-end configuration consistency, the Alg ID values of configuration are registered in into equipment
In internal list item, convenient recognizer type of subsequently tabling look-up.If further for example, opposite end do not support consult configure, docking when,
Local terminal according to the algorithm types Alg ID values that opposite end is approved can carry out that registration is locally configured, and to multiple opposite ends, can enter respectively
Row configuration registration.
It is alternatively possible to directly be assembled using above-mentioned algorithm mark to message to be sent, can also use will be above-mentioned
Message carries and message to be sent is assembled in authentication option, but not limited to this.For example, above-mentioned message is carried when using
In the case of being assembled in authentication option to message to be sent, above-mentioned steps S206 is corresponding using the identifying algorithm of determination
Algorithm mark assembling is carried out to message to be sent can include:Receiving terminal with receiving message is consulted to determine to be used to enter message
The authentication option and the second corresponding relation of the Option for ID authentication option of row assembling;It is determined that for transmission pending
The authentication option that message is assembled;Algorithm mark corresponding to identifying algorithm and certification choosing are carried using the authentication option of determination
The mode of Option, is assembled to message to be sent corresponding to.
By above-mentioned steps, because the corresponding relation of above-mentioned type selecting mark and authentication option is transmitting terminal and reception message
Receiving terminal consults what is determined, i.e. the Option is the certification being authenticated to message to be sent that transmitting-receiving two-end is consulted to determine
Type selecting mark corresponding to type selecting, therefore, can solve the certification due to indicating corresponding certification type selecting type between distinct device
Type selecting types value (i.e. above-mentioned Option) is inconsistent, causes the certification type selecting type of None- identified to each other between distinct device
Problem, realize sending and receiving end simply and easily certification.
Consult to determine for the authentication option for assembling message with for mark recognizing in the receiving terminal with receiving message
When demonstrate,proving the second corresponding relation of the Option of option, various ways can be used, for example, at the both ends of docking, pass through order
The option type Kind values (with above-mentioned Option) consulted are configured, transmitting-receiving two-end Kind values are consistent.Alternatively, when
Using draft-bonica-tcp-auth-06 authentication option when sending message, transmitting terminal can should when sending message
In Kind values write-in message corresponding to authentication option so that the report that transmitting terminal is sent can be determined when receiving message according to Kind values
The authentication option of literary grace is draft-bonica-tcp-auth-06 authentication option., can be with another example at the both ends of docking
Option type Kind values are negotiated by the way that band is outer, then by configuration order config option type Kind values, keep transmitting-receiving two-end to match somebody with somebody
Put consistent.In another example if opposite end is not supported to consult to configure, in docking, local terminal can be according to the authentication option of opposite end accreditation
Type Kind values carry out that registration is locally configured, and to multiple opposite ends, can carry out configuration registration respectively.It is it should be noted that above-mentioned
Draft-bonica-tcp-auth-06 authentication option is a simple example, and above-described embodiment can also be applied to all
TCP option type, in the negotiation of identifying algorithm type, to strengthen the compatibility of TCP message.
Relative to correlation technique, due to indicating authentication option corresponding to corresponding TCP authentication options type between distinct device
Identifying algorithm types value corresponding to types value, identifying algorithm type is inconsistent, causes None- identified between distinct device to each other
Authentication option, identifying algorithm type.It is (i.e. above-mentioned by being identified to authentication option value (i.e. above-mentioned Option) and authentication algorithm values
Algorithm identifies) corresponding corresponding authentication option and identifying algorithm, realize recognizing to each other can be accurately identified distinct device
Option, identifying algorithm type are demonstrate,proved, realizes effective certification.
Fig. 3 is the enhanced authentication option form in draft-bonica-tcp-auth-06 according to embodiments of the present invention
Figure, as shown in figure 3, the enhanced authentication option format description in draft-bonica-tcp-auth-06 is as follows:
Kind fields grow 8 bits, for illustrating this enhanced authentication option form.
Length (length) field grows 8 bits, and numerical value is between 4-40 bytes, according to selected message authentication code
(Message Authentication Code, referred to as MAC) algorithm determines that the MAC length that different MAC algorithms are generated is not
One.
T fields grow 1 bit, calculate whether include TCP option part for distinguishing MAC, and 0 expression MAC, which is calculated, includes TCP
Option, 1 represents not including TCP option.
K fields grow 1 bit, reserve future usage, currently fill in 0.
Alg id fields grow 6 bits, define MAC algorithm types.
Res fields grow 2 bits, reserved bit, set to 0.
Key id fields grow 6 bits, show to generate Key used in MAC.
Authentication Data (authentication data):The MAC regions of variable-length.
Alternatively, consult to determine for the identifying algorithm for being authenticated message with being used in the receiving terminal with receiving message
After first corresponding relation of the algorithm mark of ID authentication algorithm, in addition to:Store the first corresponding relation;And/or with connecing
The receiving terminal of receiving text is consulted to determine for the authentication option for assembling message and the option mark for ID authentication option
After the second corresponding relation known, in addition to:Store the second corresponding relation.
By above-mentioned steps, due to having stored the identifying algorithm type consulted through transmitting-receiving two-end and algorithm mark
The corresponding relation of corresponding relation and authentication option type and type selecting mark, when can make it that the transmitting terminal sends message again,
Without consulting corresponding algorithm mark and Option, pair directly identified according to the identifying algorithm type of storage and algorithm again
It should be related to and the corresponding relation of authentication option type and type selecting type calls corresponding mark.By using above-mentioned place
Reason, realizes and quickly and efficiently sending and receiving end is authenticated.
For example, at the both ends of docking, the algorithm types Alg ID values consulted are configured by order, i.e., identical calculated
Method, in sending and receiving end, the Alg ID values of configuration are consistent, and now the value of configuration can be registered in the table of device interior.It is optional
Ground, after transmitting terminal chooses the algorithm types of needs, the registration form of equipment content can be searched, the algorithm chosen is converted into phase
The Alg ID values answered are inserted in authentication option;Receiving terminal is allowd to search stepping on for the equipment content of its own according to Alg ID numbers
Remember table, obtain the algorithm types that transmitting terminal uses.
Alternatively, above-mentioned registration form can be as shown in table 1, at the both ends of docking, consults to configure the Alg ID values of MD5 algorithms
Alg ID values for 3, SHA1 algorithms are that the Alg ID values of 6, HMAC-MD5 algorithms are that the Alg ID values of 5, HMAC-SHA1 algorithms are
7。
The identifying algorithm of table 1 and the example arrangement registration form of Alg ID values
Algorithm types | Alg ID values |
MD5 | 3 |
SHA1 | 6 |
HMAC-MD5 | 5 |
HMAC-SHA1 | 7 |
Alternatively, step S202 and step S204 execution sequence can exchange, you can to first carry out step S204,
Then S202 is performed again.
Fig. 4 is the flow chart of the file transmitting method of the preferred embodiment of the present invention.As shown in figure 4, this preferred embodiment side
The idiographic flow that method sends message is as follows:
1) selection sends the certification key and identifying algorithm that message uses, such as selection identifying algorithm HMAC-MD5;
2) identifying algorithm is looked into above-mentioned table 1, is converted to Alg ID values 5;
3) there is the MAC value of certification cipher key calculation outgoing packet according to algorithm types;
4) enhanced authentication option is assembled, inserts the Kind values such as 50 consulted, the Alg ID values 5 after conversion, selection
MAC value after the Key ID of key, and calculating etc.;
5) message is sent to receiving terminal.
Through the above description of the embodiments, those skilled in the art can be understood that according to above-mentioned implementation
The method of example can add the mode of required general hardware platform to realize by software, naturally it is also possible to by hardware, but a lot
In the case of the former be more preferably embodiment.Based on such understanding, technical scheme is substantially in other words to existing
The part that technology contributes can be embodied in the form of software product, and the computer software product is stored in a storage
In medium (such as ROM/RAM, magnetic disc, CD), including some instructions to cause a station terminal equipment (can be mobile phone, calculate
Machine, server, or network equipment etc.) perform method described in each embodiment of the present invention.
Embodiment 2
A kind of message method of reseptance for running on above-mentioned mobile terminal is additionally provided in the present embodiment, and Fig. 5 is according to this
The flow chart that the message of inventive embodiments receives, as shown in figure 5, the flow comprises the following steps:
Step S502, the identifying algorithm that the transmitting terminal with sending message is consulted to determine to be used to be authenticated message is with being used for
First corresponding relation of the algorithm mark of ID authentication algorithm;
Step S504, the message that receiving end/sending end is sent;
Step S506, obtain the algorithm mark carried in message;
Step S508, the message received is authenticated using identifying algorithm corresponding to the algorithm mark of acquisition.
By above-mentioned steps, because receiving terminal and transmitting terminal consult that the identifying algorithm for being authenticated message and calculation is determined
The corresponding relation of method mark so that receiving terminal can be recognized according to what the algorithm mark identification transmitting terminal in the message received used
Demonstrate,prove the type of algorithm.Therefore, can solve the identifying algorithm type due to indicating corresponding identifying algorithm type between distinct device
Value (i.e. above-mentioned algorithm identify) is inconsistent, the problem of causing the identifying algorithm type to each other of None- identified between distinct device, reaches
To the effect that identifying algorithm type to each other can be identified between distinct device.
It is alternatively possible to the algorithm mark for the identifying algorithm that transmitting terminal uses directly is obtained from the message received,
The algorithm mark for the identifying algorithm that transmitting terminal uses can be obtained from the authentication option in the message received, but is not limited to
This.For example, above-mentioned steps S506, obtaining the algorithm mark carried in message includes:Transmitting terminal with sending message is consulted to determine
For the authentication option and the second corresponding relation of the Option for ID authentication option assembled to message;Acquisition connects
The Option carried in the message received;Acquisition algorithm identifies from authentication option corresponding to Option.
By above-mentioned steps, because receiving terminal and transmitting terminal consult that the authentication option for assembling message and choosing is determined
The corresponding relation of item mark so that receiving terminal can be recognized according to what the Option identification transmitting terminal in the message received used
The type of option is demonstrate,proved, and then algorithm corresponding to the identifying algorithm that transmitting terminal uses is obtained from authentication option corresponding to Option
Mark.Therefore, can solve because the certification type selecting types value that corresponding certification type selecting type is indicated between distinct device is (i.e. above-mentioned
Option) inconsistent, the problem of causing the certification type selecting type to each other of None- identified between distinct device, realize sending and receiving end letter
Single convenient certification.
Alternatively, consult to determine for the identifying algorithm for being authenticated message with being used in the transmitting terminal with sending message
After first corresponding relation of the algorithm mark of ID authentication algorithm, in addition to:Store the first corresponding relation;And/or with hair
Option mark of the authentication option that literary transmitting terminal of delivering newspaper is consulted to determine to be used to assemble message with being used for ID authentication option
After the second corresponding relation known, in addition to:Store the second corresponding relation.
By above-mentioned steps, due to having stored the identifying algorithm type consulted through transmitting-receiving two-end and algorithm mark
The corresponding relation of corresponding relation and authentication option type and type selecting mark, when can make it that the receiving terminal receives message again,
Without consulting corresponding algorithm mark and Option, pair directly identified according to the identifying algorithm type of storage and algorithm again
It should be related to and the corresponding relation of authentication option type and type selecting type calls what the i.e. recognizable transmitting terminal of corresponding mark used
Authentication option type and identifying algorithm type.
Alternatively, the message received is authenticated including using identifying algorithm corresponding to the algorithm mark of acquisition:Sentence
Whether identifying algorithm and pre-defined algorithm are consistent corresponding to the disconnected algorithm mark obtained;Algorithm mark pair in judged result for acquisition
In the case that the identifying algorithm answered is consistent with pre-defined algorithm, judge to carry out checking acquisition to the message received using pre-defined algorithm
First validation value verifies whether the second validation value of acquisition is consistent with being carried out using identifying algorithm to message;The first validation value with
In the case of second validation value identical, it is determined that to message authentication success.By above-mentioned steps, the double authentication to message is realized,
Improve the security of transmitting message.
Alternatively, step S502 and step S504 execution sequence can exchange, you can to first carry out step S504,
Then S502 is performed again.
Fig. 6 is the flow chart of the message method of reseptance of the preferred embodiment of the present invention.As shown in fig. 6, this preferred embodiment side
The idiographic flow that method receives message is as follows:
1) message is received from transmitting terminal
2) TCP message is parsed, the enhanced authentication option in outgoing packet is parsed according to the Kind values 50 consulted.From enhancing
Key ID, Alg ID, MAC value are parsed in type authentication option.
3) Alg ID values 5 are tabled look-up 1, is converted to algorithm types HMAC-MD5
4) key being locally stored and algorithm types are obtained according to Key ID, the algorithm types in comparing 3) and local calculation
Whether method type is consistent, if it is inconsistent, authentication failed, if unanimously, performed 5);
5) MAC value is recalculated to the message received, contrasted with the MAC value in 2), if unanimously, be verified,
Otherwise, authentication failed.
Through the above description of the embodiments, those skilled in the art can be understood that according to above-mentioned implementation
The method of example can add the mode of required general hardware platform to realize by software, naturally it is also possible to by hardware, but a lot
In the case of the former be more preferably embodiment.Based on such understanding, technical scheme is substantially in other words to existing
The part that technology contributes can be embodied in the form of software product, and the computer software product is stored in a storage
In medium (such as ROM/RAM, magnetic disc, CD), including some instructions to cause a station terminal equipment (can be mobile phone, calculate
Machine, server, or network equipment etc.) perform method described in each embodiment of the present invention.
Embodiment 3
A kind of packet transmission device is additionally provided in the present embodiment, and the device is used to realize above-described embodiment and preferred reality
Mode is applied, had carried out repeating no more for explanation.As used below, term " module " can realize the soft of predetermined function
The combination of part and/or hardware.Although device described by following examples is preferably realized with software, hardware, or
The realization of the combination of software and hardware is also what may and be contemplated.
Fig. 7 is the structured flowchart of packet transmission device according to embodiments of the present invention, as shown in fig. 7, the device includes:
First determining module 72, for consulting to determine to be used for the certification for being authenticated message with receiving the receiving terminal of message
Algorithm and the first corresponding relation identified for the algorithm of ID authentication algorithm;
Second determining module 74, above-mentioned first determining module 72 is connected to, for determining to be used to carry out message to be sent
The identifying algorithm of assembling;
Module 76 is assembled, is connected to above-mentioned second determining module 74, for using algorithm corresponding to the identifying algorithm determined
Mark assembles to message to be sent;
Sending module 78, above-mentioned assembling module 76 is connected to, for the message to be sent of assembling to be sent into receiving terminal.
Fig. 8 is the structured flowchart that module 76 is assembled in packet transmission device according to embodiments of the present invention, as shown in figure 8,
Above-mentioned assembling module 76 includes:First determining unit 82, the second determining unit 84 and module units 86, are said separately below
It is bright.
First determining unit 82, for consulting to determine to be used for the certification for assembling message with receiving the receiving terminal of message
Second corresponding relation of option and the Option for ID authentication option;
Second determining unit 84, above-mentioned first determining unit 82 is connected to, for determining to be used to enter transmission message pending
The authentication option of row assembling;
Module units 86, above-mentioned second determining unit 84 is connected to, is calculated for carrying certification using the authentication option determined
The mode of Option, is assembled to message to be sent corresponding to algorithm mark corresponding to method and authentication option.
Fig. 9 is the preferred structure block diagram of packet transmission device according to embodiments of the present invention, as shown in figure 9, said apparatus
In addition to including all modules shown in Fig. 7, in addition to:First memory module 92, above-mentioned first determining module 72 is connected to, is used for
It is used for the identifying algorithm being authenticated to message and for ID authentication algorithm in the receiving terminal negotiation determination with receiving message
After first corresponding relation of algorithm mark, the first corresponding relation is stored, above-mentioned assembling module 86, which is removed, includes institute as shown in Figure 8
With outside unit, in addition to:First memory cell 94, above-mentioned first determining unit 82 is connected to, for receiving connecing for message
Receiving end consults to determine to be used for authentication option and the second couple of the Option for ID authentication option for assembling message
After should being related to, the second corresponding relation is stored.
It should be noted that above-mentioned modules can be realized by software or hardware, for the latter, Ke Yitong
Cross in the following manner realization, but not limited to this:Above-mentioned module is respectively positioned in same processor;Or above-mentioned modules are with any
The form of combination is located in different processors respectively.
Embodiment 4
A kind of message reception device is additionally provided in the present embodiment, and the device is used to realize above-described embodiment and preferred reality
Mode is applied, had carried out repeating no more for explanation.As used below, term " module " can realize the soft of predetermined function
The combination of part and/or hardware.Although device described by following examples is preferably realized with software, hardware, or
The realization of the combination of software and hardware is also what may and be contemplated.
Figure 10 is the structured flowchart of message reception device according to embodiments of the present invention, and as shown in Figure 10, the device includes:
3rd determining module 102, for consulting to determine that be used to be authenticated message recognizes with sending the transmitting terminal of message
Card algorithm and the first corresponding relation of the algorithm mark for identifying the identifying algorithm;
Receiving module 104, above-mentioned 3rd determining module 102 is connected to, the message sent for receiving the transmitting terminal;
Acquisition module 106, receiving module 104 is connected to, for obtaining the algorithm carried in the message mark;
Authentication module 108, above-mentioned acquisition module 106 is connected to, for recognizing using corresponding to the algorithm mark obtained
Card algorithm is authenticated to the message received.
Figure 11 is the structured flowchart of acquisition module 106 in message reception device according to embodiments of the present invention, such as Figure 11 institutes
Show, above-mentioned acquisition module 106 includes:
3rd determining unit 112, for consulting to determine that be used to assemble message recognizes with sending the transmitting terminal of message
Second corresponding relation of card option and the Option for identifying the authentication option;
First acquisition unit 114, above-mentioned 3rd determining unit 112 is connected to, for obtaining in the message received
The Option of carrying;
Second acquisition unit 116, above-mentioned first acquisition unit 114 is connected to, for recognizing from corresponding to the Option
The algorithm mark is obtained in card option.
Figure 12 is the preferred structure block diagram of message reception device according to embodiments of the present invention, as shown in figure 12, above-mentioned dress
Put in addition to including all modules shown in Figure 10, in addition to:Second memory module 122, it is connected to above-mentioned 3rd determining module
102, for being used for the identifying algorithm being authenticated to message and for identifying institute in the transmitting terminal negotiation determination with sending message
After the first corresponding relation of algorithm mark for stating identifying algorithm, first corresponding relation is stored, above-mentioned acquisition module 106 removes
Outside including unit therefor as shown in figure 11, in addition to:Also include:Second memory cell 124, it is connected to the above-mentioned 3rd and determines list
Member 112, for identifying institute with being used for the authentication option that the transmitting terminal of transmission message is consulted to determine to be used to assemble message
After the second corresponding relation for stating the Option of authentication option, second corresponding relation is stored.
Figure 13 is the structured flowchart of authentication module 108 in packet transmission device according to embodiments of the present invention, such as Figure 13 institutes
Show, above-mentioned authentication module 108 includes:
First judging unit 132, identifying algorithm corresponding to the algorithm mark obtained for judgement are with pre-defined algorithm
It is no consistent;
Second judging unit 134, above-mentioned first judging unit 132 is connected to, described in being obtained in judged result
In the case that identifying algorithm corresponding to algorithm mark is consistent with the pre-defined algorithm, judge using the pre-defined algorithm to receiving
The message carry out checking and obtain the first validation value verifying the of acquisition with carrying out the message using the identifying algorithm
Whether two validation values are consistent;
Authentication unit 136, above-mentioned second judging unit 134 is connected to, in first validation value and described second
In the case of validation value identical, it is determined that to message authentication success.
Embodiment 5
Embodiments of the invention additionally provide a kind of storage medium.Alternatively, in the present embodiment, above-mentioned storage medium can
The program code for performing following steps to be arranged to storage to be used for:
S1, the identifying algorithm that the receiving terminal with receiving message is consulted to determine to be used to be authenticated message for mark with recognizing
Demonstrate,prove the first corresponding relation of the algorithm mark of algorithm;
S2, it is determined that for the identifying algorithm assembled to message to be sent;
S3, message to be sent is assembled using algorithm mark corresponding to the identifying algorithm of determination;
S4, the message to be sent of assembling is sent to receiving terminal.
Alternatively, storage medium is also configured to the program code that storage is used to perform following steps:Using recognizing for determination
Algorithm mark carries out assembling to message to be sent corresponding to card algorithm includes:
S1, the authentication option that the receiving terminal with receiving message is consulted to determine to be used to assemble message for mark with recognizing
Demonstrate,prove the second corresponding relation of the Option of option;
S2, it is determined that for the authentication option assembled to transmission message pending;
S3, option corresponding to algorithm mark corresponding to identifying algorithm and authentication option is carried using the authentication option of determination
The mode of mark, message to be sent is assembled.
Alternatively, storage medium is also configured to the program code that storage is used to perform following steps:
S1, identified in the identifying algorithm for consulting to determine to be used to be authenticated message with receiving the receiving terminal of message with being used for
After first corresponding relation of the algorithm mark of identifying algorithm, in addition to:Store the first corresponding relation;And/or
S2, identified in the authentication option for consulting to determine to be used to assemble message with receiving the receiving terminal of message with being used for
After second corresponding relation of the Option of authentication option, in addition to:Store the second corresponding relation.
Embodiments of the invention provide a kind of storage medium again.Alternatively, in the present embodiment, above-mentioned storage medium can
The program code for performing following steps to be arranged to storage to be used for:
S1, the identifying algorithm that the transmitting terminal with sending message is consulted to determine to be used to be authenticated message for mark with recognizing
Demonstrate,prove the first corresponding relation of the algorithm mark of algorithm;
S2, the message that receiving end/sending end is sent;
S3, obtain the algorithm mark carried in message;
S4, the message received is authenticated using identifying algorithm corresponding to the algorithm mark of acquisition.
Alternatively, storage medium is also configured to the program code that storage is used to perform following steps:Obtain and taken in message
The algorithm mark of band includes:
S1, the authentication option that the transmitting terminal with sending message is consulted to determine to be used to assemble message for mark with recognizing
Demonstrate,prove the second corresponding relation of the Option of option;
S2, obtain the Option carried in the message received;
S3, acquisition algorithm identifies from authentication option corresponding to Option.
Alternatively, storage medium is also configured to the program code that storage is used to perform following steps:
S1, identified in the identifying algorithm for consulting to determine to be used to be authenticated message with sending the transmitting terminal of message with being used for
After first corresponding relation of the algorithm mark of identifying algorithm, in addition to:Store the first corresponding relation;And/or
S2, identified in the authentication option for consulting to determine to be used to assemble message with sending the transmitting terminal of message with being used for
After second corresponding relation of the Option of authentication option, in addition to:Store the second corresponding relation.
Alternatively, storage medium is also configured to the program code that storage is used to perform following steps:Using the calculation of acquisition
Identifying algorithm corresponding to method mark is authenticated including to the message received:
S1, judge whether identifying algorithm and pre-defined algorithm are consistent corresponding to the algorithm mark of acquisition;
S2, in the case where judged result is consistent with pre-defined algorithm for identifying algorithm corresponding to the algorithm mark of acquisition, sentence
Disconnected checking the first validation value of acquisition that carried out using pre-defined algorithm to the message received using identifying algorithm with being tested message
Whether consistent demonstrate,prove the second validation value obtained;
S3, in the case of the first validation value and the second validation value identical, it is determined that to message authentication success.
Alternatively, in the present embodiment, above-mentioned storage medium can include but is not limited to:USB flash disk, read-only storage (ROM,
Read-Only Memory), random access memory (RAM, Random Access Memory), mobile hard disk, magnetic disc or
CD etc. is various can be with the medium of store program codes.
Alternatively, in the present embodiment, processor performs according to the program code stored in storage medium:Reported with receiving
The identifying algorithm that the receiving terminal negotiation of text determines to be used to be authenticated message and the algorithm mark for ID authentication algorithm
First corresponding relation;It is determined that for the identifying algorithm assembled to message to be sent;Using corresponding to the identifying algorithm of determination
Algorithm mark assembles to message to be sent;The message to be sent of assembling is sent to receiving terminal.
Alternatively, in the present embodiment, processor performs according to the program code stored in storage medium:Using determination
Identifying algorithm corresponding to algorithm mark assembling carried out to message to be sent included:Receiving terminal with receiving message is consulted to determine to use
In the authentication option assembled to message and the second corresponding relation of the Option for ID authentication option;It is determined that it is used for
The authentication option assembled to transmission message pending;Algorithm mark corresponding to identifying algorithm is carried using the authentication option of determination
And the mode of Option corresponding to authentication option, message to be sent is assembled.
Alternatively, in the present embodiment, processor performs according to the program code stored in storage medium:With reception
The identifying algorithm that the receiving terminal of message is consulted to determine to be used to be authenticated message identifies with the algorithm for ID authentication algorithm
The first corresponding relation after, in addition to:Store the first corresponding relation;And/or consult to determine with receiving the receiving terminal of message
After the second corresponding relation for the authentication option assembled to message and for the Option of ID authentication option, also
Including:Store the second corresponding relation.
Alternatively, in the present embodiment, processor performs according to the program code stored in storage medium:Reported with sending
The identifying algorithm that the transmitting terminal negotiation of text determines to be used to be authenticated message and the algorithm mark for ID authentication algorithm
First corresponding relation;The message that receiving end/sending end is sent;Obtain the algorithm mark carried in message;Identified using the algorithm of acquisition
Corresponding identifying algorithm is authenticated to the message received.
Alternatively, in the present embodiment, processor performs according to the program code stored in storage medium:Obtain message
The algorithm mark of middle carrying includes:Transmitting terminal with sending message consult to determine to be used for the authentication option that is assembled to message with
The second corresponding relation for the Option of ID authentication option;Obtain the Option carried in the message received;From
Acquisition algorithm identifies in authentication option corresponding to Option.
Alternatively, in the present embodiment, processor performs according to the program code stored in storage medium:With transmission
The identifying algorithm that the transmitting terminal of message is consulted to determine to be used to be authenticated message identifies with the algorithm for ID authentication algorithm
The first corresponding relation after, in addition to:Store the first corresponding relation;And/or consult to determine with sending the transmitting terminal of message
After the second corresponding relation for the authentication option assembled to message and for the Option of ID authentication option, also
Including:Store the second corresponding relation.
Alternatively, in the present embodiment, processor performs according to the program code stored in storage medium:Using acquisition
Algorithm mark corresponding to identifying algorithm the message received is authenticated including:Recognize corresponding to the algorithm mark for judging to obtain
Demonstrate,prove algorithm and whether pre-defined algorithm is consistent;It is identifying algorithm and pre-defined algorithm one corresponding to the algorithm mark of acquisition in judged result
In the case of cause, judge that being carried out checking to the message received using pre-defined algorithm is obtained the first validation value and use identifying algorithm
Message is carried out to verify whether the second validation value of acquisition is consistent;In the case of the first validation value and the second validation value identical,
It is determined that to message authentication success.
Alternatively, the specific example in the present embodiment may be referred to described in above-described embodiment and optional embodiment
Example, the present embodiment will not be repeated here.
Obviously, those skilled in the art should be understood that above-mentioned each module of the invention or each step can be with general
Computing device realize that they can be concentrated on single computing device, or be distributed in multiple computing devices and formed
Network on, alternatively, they can be realized with the program code that computing device can perform, it is thus possible to they are stored
Performed in the storage device by computing device, and in some cases, can be with different from shown in order execution herein
The step of going out or describing, they are either fabricated to each integrated circuit modules respectively or by multiple modules in them or
Step is fabricated to single integrated circuit module to realize.So, the present invention is not restricted to any specific hardware and software combination.
The preferred embodiments of the present invention are the foregoing is only, are not intended to limit the invention, for the skill of this area
For art personnel, the present invention can have various modifications and variations.Within the spirit and principles of the invention, that is made any repaiies
Change, equivalent substitution, improvement etc., should be included in the scope of the protection.
Claims (14)
- A kind of 1. file transmitting method, it is characterised in that including:Receiving terminal negotiation determination with receiving message is used for the identifying algorithm being authenticated to message and for identifying the certification First corresponding relation of the algorithm mark of algorithm;It is determined that for the identifying algorithm assembled to message to be sent;The message to be sent is assembled using algorithm mark corresponding to the identifying algorithm of determination;The message to be sent of assembling is sent to receiving terminal.
- 2. according to the method for claim 1, it is characterised in that using algorithm mark corresponding to the identifying algorithm determined Carrying out assembling to the message to be sent includes:Receiving terminal negotiation determination with receiving message is used for the authentication option assembled to message and for identifying the certification Second corresponding relation of the Option of option;It is determined that for the authentication option assembled to the message to be sent;It is corresponding that algorithm mark and the authentication option corresponding to the identifying algorithm are carried using the authentication option of determination Option mode, the message to be sent is assembled.
- 3. method according to claim 1 or 2, it is characterised in thatWith receive the receiving terminal of message consult to determine to be used for the identifying algorithm that is authenticated to message with for recognizing described in identifying After the first corresponding relation of algorithm mark for demonstrate,proving algorithm, in addition to:Store first corresponding relation;And/orWith receive the receiving terminal of message consult to determine to be used for the authentication option that is assembled to message with for recognizing described in identifying After the second corresponding relation for demonstrate,proving the Option of option, in addition to:Store second corresponding relation.
- A kind of 4. message method of reseptance, it is characterised in that including:Transmitting terminal negotiation determination with sending message is used for the identifying algorithm being authenticated to message and for identifying the certification First corresponding relation of the algorithm mark of algorithm;Receive the message that the transmitting terminal is sent;Obtain the algorithm mark carried in the message;The message received is authenticated using identifying algorithm corresponding to the algorithm mark of acquisition.
- 5. according to the method for claim 4, it is characterised in that obtaining the algorithm mark carried in the message includes:Transmitting terminal negotiation determination with sending message is used for the authentication option assembled to message and for identifying the certification Second corresponding relation of the Option of option;Obtain the Option carried in the message received;The algorithm mark is obtained from authentication option corresponding to the Option.
- 6. the method according to claim 4 or 5, it is characterised in thatWith send the transmitting terminal of message consult to determine to be used for the identifying algorithm that is authenticated to message with for recognizing described in identifying After the first corresponding relation of algorithm mark for demonstrate,proving algorithm, in addition to:Store first corresponding relation;And/orWith send the transmitting terminal of message consult to determine to be used for the authentication option that is assembled to message with for recognizing described in identifying After the second corresponding relation for demonstrate,proving the Option of option, in addition to:Store second corresponding relation.
- 7. according to the method for claim 4, it is characterised in that using identifying algorithm corresponding to the algorithm mark obtained The message received is authenticated including:Judge whether identifying algorithm and pre-defined algorithm are consistent corresponding to the algorithm mark of acquisition;In the case where judged result is consistent with the pre-defined algorithm for identifying algorithm corresponding to the algorithm mark of acquisition, sentence Disconnected checking the first validation value of acquisition that carried out using the pre-defined algorithm to the message received is with using the identifying algorithm The message is carried out to verify whether the second validation value of acquisition is consistent;In the case of first validation value and the second validation value identical, it is determined that to message authentication success.
- A kind of 8. packet transmission device, it is characterised in that including:First determining module, for receive the receiving terminal of message consult to determine to be used for the identifying algorithm that is authenticated to message with The first corresponding relation that algorithm for identifying the identifying algorithm identifies;Second determining module, for determining to be used for the identifying algorithm for assembling message to be sent;Module is assembled, for carrying out group to the message to be sent using algorithm mark corresponding to the identifying algorithm determined Dress;Sending module, for the message to be sent of assembling to be sent into receiving terminal.
- 9. device according to claim 8, it is characterised in that assembling module includes:First determining unit, for receive the receiving terminal of message consult to determine to be used for the authentication option that is assembled to message with For the second corresponding relation of the Option for identifying the authentication option;Second determining unit, for determining to be used for the authentication option for assembling the message to be sent;Module units, identified for algorithm corresponding to the authentication option carrying identifying algorithm using determination and described The mode of Option corresponding to authentication option, the message to be sent is assembled.
- 10. device according to claim 8 or claim 9, it is characterised in thatDescribed device also includes:First memory module, for consulting to determine to be used to enter message with receiving the receiving terminal of message The identifying algorithm of row certification with after the first corresponding relation of algorithm mark for identifying the identifying algorithm, storage described the One corresponding relation;The assembling module also includes:First memory cell, for consulting to determine to be used for report with receiving the receiving terminal of message The authentication option that text is assembled is with after the second corresponding relation for the Option for identifying the authentication option, storing institute State the second corresponding relation.
- A kind of 11. message reception device, it is characterised in that including:3rd determining module, for send the transmitting terminal of message consult to determine to be used for the identifying algorithm that is authenticated to message with The first corresponding relation that algorithm for identifying the identifying algorithm identifies;Receiving module, the message sent for receiving the transmitting terminal;Acquisition module, for obtaining the algorithm carried in the message mark;Authentication module, for being recognized using identifying algorithm corresponding to the algorithm mark obtained the message received Card.
- 12. according to claim 11 described device, it is characterised in that acquisition module includes:3rd determining unit, for send the transmitting terminal of message consult to determine to be used for the authentication option that is assembled to message with For the second corresponding relation of the Option for identifying the authentication option;First acquisition unit, for obtaining the Option carried in the message received;Second acquisition unit, for obtaining the algorithm mark from authentication option corresponding to the Option.
- 13. according to the described device of claim 11 or 12, it is characterised in thatDescribed device also includes:Second memory module, for consulting to determine to be used to enter message with sending the transmitting terminal of message The identifying algorithm of row certification with after the first corresponding relation of algorithm mark for identifying the identifying algorithm, storage described the One corresponding relation;The acquisition module also includes:Second memory cell, consult to determine to be used for message for the transmitting terminal with sending message After the authentication option assembled and the second corresponding relation for the Option for identifying the authentication option, described in storage Second corresponding relation.
- 14. according to claim 11 described device, it is characterised in that authentication module includes:First judging unit, for judging whether identifying algorithm and pre-defined algorithm are consistent corresponding to the algorithm mark of acquisition;Second judging unit, for being identifying algorithm and the predetermined calculation corresponding to the algorithm mark of acquisition in judged result In the case that method is consistent, judge using the pre-defined algorithm to the message received carry out checking obtain the first validation value with The message is carried out using the identifying algorithm to verify whether the second validation value of acquisition is consistent;Authentication unit, in the case of first validation value and the second validation value identical, it is determined that to the message Certification success.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610377962.8A CN107454042A (en) | 2016-05-31 | 2016-05-31 | Message sending, receiving method and device |
PCT/CN2017/086394 WO2017206845A1 (en) | 2016-05-31 | 2017-05-27 | Packet transmitting and receiving methods and devices |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610377962.8A CN107454042A (en) | 2016-05-31 | 2016-05-31 | Message sending, receiving method and device |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107454042A true CN107454042A (en) | 2017-12-08 |
Family
ID=60479121
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610377962.8A Withdrawn CN107454042A (en) | 2016-05-31 | 2016-05-31 | Message sending, receiving method and device |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN107454042A (en) |
WO (1) | WO2017206845A1 (en) |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1471326A (en) * | 2002-07-26 | 2004-01-28 | ��Ϊ��������˾ | Method of wireless link encrypting aglorithm for autonomous selective secret communication |
CN101222322A (en) * | 2008-01-24 | 2008-07-16 | 中兴通讯股份有限公司 | Safety ability negotiation method in super mobile broadband system |
CN101296081A (en) * | 2007-04-29 | 2008-10-29 | 华为技术有限公司 | Authentication, method, system, access body and device for distributing IP address after authentication |
CN101594229A (en) * | 2009-06-30 | 2009-12-02 | 华南理工大学 | A kind of trusted network connection system and method based on combined public key |
CN101692636A (en) * | 2009-10-27 | 2010-04-07 | 中山爱科数字科技有限公司 | Data element and coordinate algorithm-based method and device for encrypting mixed data |
WO2012096749A2 (en) * | 2011-01-14 | 2012-07-19 | Flash Seats, Llc | Mobile application bar code identification method and system |
CN103259768A (en) * | 2012-02-17 | 2013-08-21 | 中兴通讯股份有限公司 | Method, system and device of message authentication |
CN103747001A (en) * | 2014-01-14 | 2014-04-23 | 中电长城(长沙)信息技术有限公司 | Audio-access mobile payment terminal based on security algorithm and communication method based on security algorithm |
Family Cites Families (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101335615B (en) * | 2008-05-30 | 2010-12-29 | 北京飞天诚信科技有限公司 | Method used in key consultation of USB KEY audio ciphering and deciphering device |
CN101345761A (en) * | 2008-08-20 | 2009-01-14 | 深圳市同洲电子股份有限公司 | Private data transmission method and system |
CN101790160A (en) * | 2009-01-23 | 2010-07-28 | 中兴通讯股份有限公司 | Method and device for safely consulting session key |
US9602498B2 (en) * | 2013-10-17 | 2017-03-21 | Fortinet, Inc. | Inline inspection of security protocols |
CN103685244B (en) * | 2013-11-28 | 2017-01-04 | 深圳大学 | A kind of differentiation authentication method and device |
-
2016
- 2016-05-31 CN CN201610377962.8A patent/CN107454042A/en not_active Withdrawn
-
2017
- 2017-05-27 WO PCT/CN2017/086394 patent/WO2017206845A1/en active Application Filing
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1471326A (en) * | 2002-07-26 | 2004-01-28 | ��Ϊ��������˾ | Method of wireless link encrypting aglorithm for autonomous selective secret communication |
CN101296081A (en) * | 2007-04-29 | 2008-10-29 | 华为技术有限公司 | Authentication, method, system, access body and device for distributing IP address after authentication |
CN101222322A (en) * | 2008-01-24 | 2008-07-16 | 中兴通讯股份有限公司 | Safety ability negotiation method in super mobile broadband system |
CN101594229A (en) * | 2009-06-30 | 2009-12-02 | 华南理工大学 | A kind of trusted network connection system and method based on combined public key |
CN101692636A (en) * | 2009-10-27 | 2010-04-07 | 中山爱科数字科技有限公司 | Data element and coordinate algorithm-based method and device for encrypting mixed data |
WO2012096749A2 (en) * | 2011-01-14 | 2012-07-19 | Flash Seats, Llc | Mobile application bar code identification method and system |
CN103259768A (en) * | 2012-02-17 | 2013-08-21 | 中兴通讯股份有限公司 | Method, system and device of message authentication |
CN103747001A (en) * | 2014-01-14 | 2014-04-23 | 中电长城(长沙)信息技术有限公司 | Audio-access mobile payment terminal based on security algorithm and communication method based on security algorithm |
Also Published As
Publication number | Publication date |
---|---|
WO2017206845A1 (en) | 2017-12-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10285050B2 (en) | Method and apparatus for managing a profile of a terminal in a wireless communication system | |
EP3557895A1 (en) | Method and apparatus for managing a profile of a terminal in a wireless communication system | |
US7280832B2 (en) | Method and apparatus for automatically selecting a bearer for a wireless connection | |
CN109644186A (en) | Method for carrying out UDP communication via multipath between two terminals | |
CN107787025A (en) | Method, control terminal and the system of equipment access network | |
CN107920354A (en) | The connection method of multiband equipment and system | |
US10924923B2 (en) | Method and apparatus for managing a profile of a terminal in a wireless communication system | |
CN101529937A (en) | Composed message authentication code | |
CN108259164A (en) | The identity identifying method and equipment of a kind of internet of things equipment | |
CN207766561U (en) | A kind of system of control terminal and equipment access network | |
CN112583639B (en) | Configuration method and device of network equipment | |
CN105898733A (en) | Machine changing method and device based on eSIM card, mobile terminal and server | |
CN113162917A (en) | Internet of things equipment access method, system, device and storage medium | |
CN110474922B (en) | Communication method, PC system and access control router | |
CN104205764A (en) | Frame passing based on ethertype | |
CN108476374A (en) | Communication control unit, wireless device, communication control system, communication control method and program | |
CN102547702B (en) | User authentication method, system and password processing device | |
CN105120454A (en) | Information transmission method, network access method and corresponding terminals | |
JP2010193146A (en) | Communication apparatus, and communication system | |
CN109429225A (en) | Message sink, sending method and device, terminal, network functional entity | |
CN102056168A (en) | Access method and device | |
CN107454042A (en) | Message sending, receiving method and device | |
CN101645774A (en) | Authentication method, device and system | |
CN108989173A (en) | A kind of method and device of message transmissions | |
CN113114465B (en) | Method and device for processing attribution authority, storage medium and electronic device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WW01 | Invention patent application withdrawn after publication | ||
WW01 | Invention patent application withdrawn after publication |
Application publication date: 20171208 |