CN107689946A - A kind of data communication method and data communication system - Google Patents
A kind of data communication method and data communication system Download PDFInfo
- Publication number
- CN107689946A CN107689946A CN201610639441.5A CN201610639441A CN107689946A CN 107689946 A CN107689946 A CN 107689946A CN 201610639441 A CN201610639441 A CN 201610639441A CN 107689946 A CN107689946 A CN 107689946A
- Authority
- CN
- China
- Prior art keywords
- terminal
- data
- default value
- default
- value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/10—Integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/061—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
Abstract
The invention provides a kind of data communication method and system, this method includes:First terminal sends the first data, and the timing since when being sent completely the first data to second terminal, wherein, the first data comprise at least pending data;Second terminal receives the first data, and the timing since when finishing receiving the first data;When the numerical value that second terminal timing obtains reaches default value, second terminal sends the second data for carrying out obtaining after data processing to pending data to first terminal;In the effective range of default value, first terminal allows to start to receive the second data the numerical value that first terminal timing obtains.The strategy that the present invention sends first terminal timing and connect by receiving second terminal timing so that first terminal is even in the T2 for receiving the second data<During FWT, internuncial abduction still can be identified.
Description
Technical field
The present invention relates to a kind of electronic technology field, more particularly to a kind of data communication method and data communication system.
Background technology
In currently available technology, ISO14443, ISO15693 are all based on using the terminal of contactless card-reading mode
Carry out data transmission etc. agreement, exemplified by the Card Reader process between card reader and smart card, based on above-mentioned agreement, in card reader
During the Card Reader of smart card, after card reader have sent director data, a frame stand-by period (Frame is had
Waiting Time, FWT), indicating card reader the maximum time scope of smart card response data to be received such as allows.Namely
To say after card reader have sent instruction to smart card, card reader is just waiting the response data of smart card to be received, as long as
The data returned within frame stand-by period FWT, card reader will receive.
For existing smart card communication protocol, there may be problems with:For Card Reader process, as shown in figure 1, just
Trade company's card reader sends the data to the smart card of user in the case of often, and the smart card of user receives data and begun to respond to later
And processing data (the processing data time is t1), after processing terminates, response data is sent to trade company's card reader immediately, ignored
Tiny time (order of magnitude very little, being easy to simplify calculating) on line transmission, thus, trade company's card reader transmission data, which are accomplished to, to be connect
Receive the time T1=t1 required for the data of the smart card feedback of user.And if hacker carries out the situation of man-in-the-middle attack
Under, as shown in Fig. 2 internuncial smart card kidnaps the request data of trade company's card reader, the data that trade company's card reader is sent turn
Internuncial card reader is sent to, internuncial card reader may distort request data, and the data after distorting are sent to user
Smart card (kidnap the request data of trade company card reader to internuncial card reader by the number after distorting from internuncial smart card
Be tw1 according to the time of card reader sent to user), after the smart card of user receives the data after distorting, processing data (is located
Reason data time is t1), the data after processing, which are sent to internuncial card reader, internuncial card reader, may distort use
The processing data that the smart card at family returns, and sent the data after distorting to trade company's card reader by internuncial smart card
(processing data of the smart card return of user is received from internuncial card reader to after will be distorted by internuncial smart card
Data to send to the time of trade company's card reader be tw2), then, trade company's card reader is from data are sent completely to receiving user
Time T2=t1+tw1+tw2 required for the data of smart card feedback.
According to existing smart card communication protocol, as long as T2<FWT, trade company's card reader will receive internuncial intelligence
Block the data sent and carry out follow-up operation (such as transaction flow), thus exist go-between kidnap and trade company's card reader not
Informed danger, cause the economic loss of trade company.
The content of the invention
Present invention seek to address that one of above mentioned problem.
It is a primary object of the present invention to provide a kind of data communication method.
Another object of the present invention is to provide a kind of data communication system.
To reach above-mentioned purpose, what technical scheme was specifically realized in:
One aspect of the present invention provides a kind of data communication method, including:First terminal sends the first number to second terminal
According to, and the timing since being sent completely the time point of first data, wherein, first data comprise at least pending number
According to;Since the second terminal receive first data, and the timing finishing receiving the time point of first data;Work as institute
When stating the numerical value that second terminal timing obtains and reaching default value, the second terminal sends the second data to described first eventually
End, wherein, second data are the data that the second terminal to the pending data obtain after data processing;Institute
Numerical value that first terminal timing obtains is stated in the effective range of the default value, then the first terminal allows to start to receive
Second data.
Alternatively, the effective range of the default value is [S, S+2 Δ S], wherein, Δ S is by the first terminal and institute
State the maximum communication distance that the communication mode used between second terminal is supported and determine that S is the default value, wherein, S+2
Δ S's and corresponding duration be less than or equal to frame etc. as defined in the communication protocol that the first terminal and the second terminal use
Treat time FWT.
Alternatively, the communication mode between the first terminal and the second terminal includes:Short-distance wireless communication side
Formula.
Alternatively, it is described in the first terminal before timing being sent completely the time point of first data
Method also includes:
The first terminal carries out two-way authentication with the second terminal, passes through in the two-way authentication
Afterwards, the first terminal is consulted to obtain transmission key with the second terminal;The second terminal generates the default value, and
The default value is encrypted using the transmission key, the default value after encryption is sent to the first terminal;It is described
First terminal is decrypted to obtain the default value using the transmission key to the default value after the encryption, and preserves;Or
Person, the first terminal generates the default value, and the default value is encrypted using the transmission key, after encryption
Default value send to the second terminal;The second terminal is using the transmission key to the present count after the encryption
Value decryption obtains the default value, and preserves;Or
The first terminal carries out two-way authentication with the second terminal;Pass through in the two-way authentication
Afterwards, the second terminal generates the default value, and the default value is encrypted using the public key of the first terminal, will
Default value after encryption is sent to the first terminal;The first terminal is using its private key to the present count after the encryption
Value decryption obtains the default value, and preserves;Or in the two-way authentication by rear, the first terminal life
The default value is encrypted into the default value, and using the public key of the second terminal, by the default value after encryption
Send to the second terminal;The second terminal is decrypted to obtain described pre- using its private key to the default value after the encryption
If numerical value, and preserve.
Alternatively, before the first terminal sends the first data to second terminal, methods described also includes:Described
One terminal generates the default value;First data at least also include:The default value and based on the present count
The anti-tamper check value that value is calculated;After the second terminal receives first data, methods described also includes:
The second terminal obtains the default value and the anti-tamper check value from first data, and right
The anti-tamper check value is verified, and after verification passes through, preserves the default value.
Alternatively, the default value includes:Default duration;The Δ S is in the first terminal and described second
During the maximum communication distance that the distance between terminal is supported for the communication mode that both use, the first terminal transmits data
To the duration needed for the second terminal;Effective range of the numerical value that the first terminal timing obtains in the default value
It is interior, including:The first terminal duration that timing obtains after first data are sent completely is at [S, S+2 the Δ S]
In the range of;The numerical value that the second terminal timing obtains reaches the default value, including:The second terminal is from finishing receiving
The duration that timing obtains after first data reaches the default duration.
Alternatively, the default value includes:Default number of cycles;Lead in the first terminal and the second terminal
During the entire process of letter, the first terminal produces carrier signal all the time;The Δ S is that the carrier signal passes through described first
Number of cycles caused by the maximum communication distance that the communication mode used between terminal and the second terminal is supported;Its
In:The numerical value that the first terminal timing obtains in the effective range of the default value, including:The first terminal is from hair
Send complete to continue after first data number of cycles of the carrier signal that is sent to the second terminal it is described [S,
S+2 Δs S] in the range of;The numerical value that the second terminal timing obtains reaches the default value, including:The second terminal from
The number of cycles for finishing receiving the carrier signal persistently received after first data reaches the default cycle
Number;Or
The default value includes:Default pulse number;Communicated in the first terminal with the second terminal whole
During individual, the first terminal produces carrier signal all the time;The Δ S be the carrier signal by the first terminal with
Pulse number caused by the maximum communication distance that the communication mode used between the second terminal is supported;Wherein:It is described
The numerical value that first terminal timing obtains in the effective range of the default value, including:The first terminal is from being sent completely
The pulse number for the carrier signal for continuing to send to the second terminal after first data is in [S, the S+2 Δ
S] in the range of;The numerical value that the second terminal timing obtains reaches the default value, including:The second terminal is from having received
The pulse number of the carrier signal persistently received after into first data reaches the default pulse number;Or
Person,
The default value includes:Default phase difference;Communicated in the first terminal with the second terminal whole
During, the first terminal produces carrier signal all the time;The Δ S passes through the first terminal and institute for the carrier signal
State phase change value caused by the maximum communication distance that the communication mode used between second terminal is supported;Wherein:It is described
The numerical value that first terminal timing obtains in the effective range of the default value, including:The carrier signal is in first phase
Phase difference with second phase in the range of [S, S+2 the Δ S], wherein, the first phase is the carrier signal in institute
The phase that first terminal is sent completely the time point of first data is stated, the second phase is the carrier signal described
First terminal allows the phase for starting to receive the time point of second data;The numerical value that the second terminal timing obtains reaches
The default value, including:The carrier signal reaches the default phase in the phase difference of third phase and the 4th phase
Difference, wherein, the third phase is that the carrier signal is finishing receiving the time of first data in the second terminal
The phase of point, the 4th phase are that the carrier signal starts to send the time point of second data in the second terminal
Phase.
Another aspect of the present invention provides a kind of data communication system, including:First terminal, for being sent to second terminal
First data, and the timing since being sent completely the time point of first data, wherein, first data are comprised at least and treated
Processing data;The second terminal, opened for receiving first data, and from the time point for finishing receiving first data
Beginning timing;The second terminal, it is additionally operable to when the numerical value that the second terminal timing obtains reaches default value, by the second number
According to transmission to the first terminal, wherein, second data are that the second terminal carries out data to the pending data
The data obtained after processing;The first terminal, if being additionally operable to numerical value that the first terminal timing obtains in the present count
In the effective range of value, then allow to start to receive second data.
Alternatively, the effective range of the default value is [S, S+2 Δ S], wherein, Δ S is by the first terminal and institute
State the maximum communication distance that the communication mode used between second terminal is supported and determine that S is the default value, wherein, S+2
Δ S's and corresponding duration be less than or equal to frame etc. as defined in the communication protocol that the first terminal and the second terminal use
Treat time FWT.
Alternatively, the communication mode between the first terminal and the second terminal includes:Short-distance wireless communication side
Formula.
Alternatively, the first terminal, it is additionally operable in the first terminal from the time for being sent completely first data
Before point starts timing, two-way authentication is carried out with the second terminal, in the two-way authentication by rear, with
The second terminal consults to obtain transmission key;
The second terminal, it is additionally operable to generate the default value, and using the transmission key to the default value
Encryption, the default value after encryption is sent to the first terminal;The first terminal, it is additionally operable to utilize the transmission key
Default value after the encryption is decrypted to obtain the default value, and preserved;Or
The first terminal, it is additionally operable to generate the default value, and using the transmission key to the default value
Encryption, the default value after encryption is sent to the second terminal;The second terminal, it is additionally operable to utilize the transmission key
Default value after the encryption is decrypted to obtain the default value, and preserved.
Alternatively, the first terminal, it is additionally operable in the first terminal from the time for being sent completely first data
Before point starts timing, two-way authentication is carried out with the second terminal;
The second terminal, it is additionally operable to generate the default value, and utilize by rear in the two-way authentication
The public key of the first terminal is encrypted to the default value, and the default value after encryption is sent to the first terminal;Institute
First terminal is stated, is additionally operable to that the default value after the encryption is decrypted using the private key of the first terminal to obtain described preset
Numerical value, and preserve;
Or
The first terminal, it is additionally operable to generate the default value, and utilize by rear in the two-way authentication
The public key of the second terminal is encrypted to the default value, and the default value after encryption is sent to the second terminal;Institute
Second terminal is stated, is additionally operable to that the default value after the encryption is decrypted using the private key of the second terminal to obtain described preset
Numerical value, and preserve.
Alternatively, the first terminal, it is additionally operable to before the first terminal sends the first data to second terminal, it is raw
Into the default value;First data at least also include:The default value and calculated based on the default value
The anti-tamper check value arrived;The second terminal, it is additionally operable to after first data are received, also from first data
The default value and the anti-tamper check value are obtained, and the anti-tamper check value is verified, is passed through in verification
Afterwards, the default value is preserved.
Alternatively, the default value includes:Default duration;The Δ S is in the first terminal and described second
During the maximum communication distance that the distance between terminal is supported for the communication mode that both use, the first terminal transmits data
To the duration needed for the second terminal;Effective range of the numerical value that the first terminal timing obtains in the default value
It is interior, including:The first terminal duration that timing obtains after first data are sent completely is at [S, S+2 the Δ S]
In the range of;The numerical value that the second terminal timing obtains reaches the default value, including:The second terminal is from finishing receiving
The duration that timing obtains after first data reaches the default duration.
Alternatively, the default value includes:Default number of cycles;The first terminal, it is additionally operable to described first
During the entire process of terminal communicates with the second terminal, carrier signal is produced all the time;The Δ S passes through for the carrier signal
Cycle caused by the maximum communication distance that the communication mode used between the first terminal and the second terminal is supported
Number;Wherein:The numerical value that the first terminal timing obtains in the effective range of the default value, including:Described first
Terminal continues the number of cycles of the carrier signal sent to the second terminal after first data are sent completely
In the range of [S, S+2 the Δ S];The numerical value that the second terminal timing obtains reaches the default value, including:Described
Two terminals reach described pre- from the number of cycles for finishing receiving the carrier signal persistently received after first data
If number of cycles;Or
The default value includes:Default pulse number;The first terminal, it is additionally operable in the first terminal and institute
During the entire process of stating second terminal communication, carrier signal is produced all the time;The Δ S is that the carrier signal passes through described first
Pulse number caused by the maximum communication distance that the communication mode used between terminal and the second terminal is supported;Its
In:The numerical value that the first terminal timing obtains in the effective range of the default value, including:The first terminal is from hair
Send complete to continue after first data pulse number of the carrier signal that is sent to the second terminal it is described [S,
S+2 Δs S] in the range of;The numerical value that the second terminal timing obtains reaches the default value, including:The second terminal from
The pulse number for finishing receiving the carrier signal persistently received after first data reaches the default pulse
Number;Or
The default value includes:Default phase difference;The first terminal, be additionally operable to the first terminal with it is described
During the entire process of second terminal communication, carrier signal is produced all the time;The Δ S is that the carrier signal is whole by described first
Phase change value caused by the maximum communication distance that the communication mode used between end and the second terminal is supported;Its
In:The numerical value that the first terminal timing obtains in the effective range of the default value, including:The carrier signal is
The phase difference of one phase and second phase in the range of [S, S+2 the Δ S], wherein, the first phase be the carrier wave letter
The phase at the time point of first data number is sent completely in the first terminal, the second phase is the carrier signal
Allow the phase for starting to receive the time point of second data in the first terminal;The number that the second terminal timing obtains
Value reaches the default value, including:The carrier signal reaches described default in the phase difference of third phase and the 4th phase
Phase difference, wherein, the third phase be the carrier signal finishing receiving first data in the second terminal
Time point phase, the 4th phase be the carrier signal start to send second data in the second terminal
The phase at time point.
As seen from the above technical solution provided by the invention, the invention provides a kind of data communication method and it is
System, data are sent by second terminal timing (numerical value that timing obtains reaches default value S), (timing obtains for first terminal timing
The numerical value arrived default value effective range [S, S+2 Δ S] in) receive second terminal return data strategy avoid it is existing
The problem of in technology, the numerical value only obtained in timing due to first terminal are permitted in the effective range [S, S+2 Δ S] in default value
Perhaps the data that second terminal returns are received, do not allow to receive what second terminal returned outside the effective range of the default value
Data.Thus, if in the effective range of the default value, it is allowed to start to receive and receive second data, then say
It is bright that internuncial abduction is not present, but if allowing to start to receive but be not received by institute in the effective range of the default value
The second data are stated, then the situation of go-between's abduction occurs in explanation so that first terminal is even in the T2 for receiving the second data<
During FWT, still can recognise that there is a situation where go-between abduction, avoid user caused in the case where knowing nothing through
Ji loss.
Brief description of the drawings
In order to illustrate the technical solution of the embodiments of the present invention more clearly, required use in being described below to embodiment
Accompanying drawing be briefly described, it should be apparent that, drawings in the following description are only some embodiments of the present invention, for this
For the those of ordinary skill in field, on the premise of not paying creative work, other can also be obtained according to these accompanying drawings
Accompanying drawing.
Fig. 1 is that trade company's card reader sends data and is accomplished to and receives user's under normal circumstances in background of invention
Time diagram required for the data of smart card feedback;
Fig. 2 is that in the case where go-between occurs and kidnaps, trade company's card reader transmission data are accomplished in background of invention
Receive the time diagram required for the data of the smart card feedback of user;
Fig. 3 is the flow chart for the data communication method that the embodiment of the present invention 1 provides;
Fig. 4 is that a kind of specific first terminal that the embodiment of the present invention 1 provides consults the stream of default value with second terminal
Cheng Tu;
Fig. 5 is that a kind of specific first terminal that the embodiment of the present invention 1 provides consults the stream of default value with second terminal
Cheng Tu;
Fig. 6 is a kind of structural representation for data communication system that the embodiment of the present invention 2 provides.
Embodiment
With reference to the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete
Ground describes, it is clear that described embodiment is only part of the embodiment of the present invention, rather than whole embodiments.Based on this
The embodiment of invention, the every other implementation that those of ordinary skill in the art are obtained under the premise of creative work is not made
Example, belongs to protection scope of the present invention.
In the description of the invention, it is to be understood that term " " center ", " longitudinal direction ", " transverse direction ", " on ", " under ",
The orientation or position relationship of the instruction such as "front", "rear", "left", "right", " vertical ", " level ", " top ", " bottom ", " interior ", " outer " are
Based on orientation shown in the drawings or position relationship, it is for only for ease of the description present invention and simplifies description, rather than instruction or dark
Show that the device of meaning or element there must be specific orientation, with specific azimuth configuration and operation, thus it is it is not intended that right
The limitation of the present invention.In addition, term " first ", " second " are only used for describing purpose, and it is not intended that instruction or hint are relative
Importance or quantity or position.
In the description of the invention, it is necessary to illustrate, unless otherwise clearly defined and limited, term " installation ", " phase
Even ", " connection " should be interpreted broadly, for example, it may be being fixedly connected or being detachably connected, or be integrally connected;Can
To be mechanical connection or electrical connection;Can be joined directly together, can also be indirectly connected by intermediary, Ke Yishi
The connection of two element internals.For the ordinary skill in the art, with concrete condition above-mentioned term can be understood at this
Concrete meaning in invention.
The embodiment of the present invention is described in further detail below in conjunction with accompanying drawing.
Embodiment 1
Fig. 1 is the flow chart according to a kind of data communication method of the embodiment of the present invention 1.Referring to Fig. 1, this method is at least wrapped
Step S20 is included to step S60.
Step S20, first terminal sends the first data to second terminal, and is opened from the time point for being sent completely the first data
Beginning timing, wherein, first data comprise at least pending data.
In the present embodiment, the communication mode between first terminal and second terminal includes:Short-distance wireless communication mode, tool
Body, short-distance wireless communication mode comprises at least:NFC (Near Field Communication, near-field communication), Wi-Fi
(Wireless Fidelity, Wireless Fidelity), UWB (UltraWideband, ultra wide band), Zigbee, RFID (Radio
Frequency Identification, radio frequency identification), Infrared Transmission and bluetooth.Therefore, first terminal and second terminal
Between communication distance may be as little to several centimeter lengths to hundreds of meters.Based on above-mentioned short-distance wireless communication mode, corresponding to difference
Communication mode, to be communicated between first terminal and second terminal can also use corresponding communications protocol, to realize between the two
Wireless data transmission.Wherein, as an alternative embodiment, first terminal includes reading device, second terminal includes should
Answer device, reading device and answering device can be the terminal for supporting contactless card-reading mode, for example, reading device can be with
For the terminal of the card reader class such as POS, ATM, identity card reader, answering device can be intelligent cipher key equipment (such as industrial and commercial bank U
Shield, agricultural bank Key are precious), smart card, the terminal such as identity card, using the terminal of above-mentioned contactless card-reading mode, as card reader with
It can be carried out data transmission between smart card, between card reader and identity card using agreement ISO14443 and ISO15693, it is short
Distance wireless communication mode can include:The communication mode that ISO14443 and ISO15693 agreements are supported;In addition, reading device with
Answering device can also be the terminal that mobile terminal, PC, palm PC, smart machine etc. support short-distance wireless communication mode.
In this step, as an alternative embodiment, using first terminal as card reader, second terminal is smart card
Exemplified by, the pending data in the first data can be Card Reader request data, and certainly, the pending data in the first data is not
It is limited to this, so that first terminal and second terminal are mobile terminal as an example, the pending data in the first data can also be please
Second terminal is asked to return to request data of picture etc., the present embodiment does not carry out excessive to the pending data in the first data
Limitation, as long as the request data that first terminal is initiated to second terminal.
The problem of based on being proposed in background technology, the present embodiment is in order in T2<During FWT, in still can identifying
Between people abduction, using first terminal timing receipt second terminal timing send strategy, so, in this step, first eventually
The timing since being sent completely the time point of the first data is held, in effective range of the numerical value that timing obtains in default value
When, if receiving the data of second terminal return, illustrate internuncial abduction is not present, can if be not received by
Internuncial abduction be present to identify.
Since step S40, second terminal receive the first data, and the timing finishing receiving the time point of the first data.
In the present embodiment, can't be as prior art to first after second terminal receives the first data
The data after processing are sent to first terminal at once after the completion of data processing, but start timing, using first terminal timing
The strategy that second terminal timing is sent is received, when the numerical value that timing obtains reaches default value, second terminal is just sent to the
The second data obtained after pending data processing in one data, i.e. timing are sent (referring to step S60) so that first terminal
Receiving the T2 of the second data<During FWT, it still can recognise that go-between's abduction be present.
Step S60, when the numerical value that second terminal timing obtains reaches default value, second terminal sends the second data
To first terminal, wherein, the second data are to be obtained after second terminal carries out data processing to the pending data in the first data
Data.
In the present embodiment, the second data are not limited, the second data are that the pending data in the first data is entered
The data obtained after row processing.Using second terminal as smart card, first terminal is exemplified by card reader, the second data can be first
The data content for the smart card that terminal request is read, so that first terminal and second terminal are mobile terminal as an example, the first data
In pending data for request picture data, the second data are image data.As described in step S40, second terminal
Start timing at the time point for finishing receiving the first data, in this step, when the numerical value that timing obtains reaches default value S,
Second terminal sends the second data to first terminal, ensures that timing is sent.
Step S80, the numerical value that first terminal timing obtains is in the effective range of the default value, then first terminal is permitted
Permitted to start to receive second data.
Wherein, as an alternative embodiment, the effective range of default value is [S, S+2 Δ S], wherein, S is pre-
If numerical value, the maximum communication distance that Δ S is supported by the communication mode used between first terminal and second terminal determines.
In the present embodiment, as noted, the communication mode used between first terminal and second terminal can be for
Short-distance wireless communication, can include communication, and the maximum communication distance that every kind of communication mode is supported be it is different,
For example, NFC working frequency is 13.56MHz, the communication distance of support is within 20cm, and the working frequency of bluetooth is
2.4GHz, the communication distance of support can reach 20m, and WiFi can reach 100m.Δ S can be understood as by first terminal with
The numerical value needed for maximum communication distance that the communication mode used between second terminal is supported, for example, by the maximum communication
Duration needed for the data of Distance Transmission first etc., because the maximum communication distance that every kind of communication mode is supported is different, corresponding, Δ
S value also can be different, and certain Δ S can also include other implications, referring specifically to detailed description below.
It should be noted that the first data be continuously transmitted in a manner of byte it is continuous to second terminal, first terminal
The first byte, the second byte ... last byte of the first data are sent, second terminal continuously receives the of the first data
One byte, the second byte ... last byte.Due to using short haul connection mode between first terminal and second terminal,
First terminal starts during sending each byte of the first data, and second terminal has begun to receive each word of the first data
Section, it is contemplated that the duration order of magnitude that terminal receives single byte is smaller, can be ignored, thus, the first word of the first data
When reaching second terminal, last byte of the first data is not sent also section, i.e., first terminal is not sent completely also
First data.Do not considering on road in the case of transmission time, one can consider that first terminal sends the first data and second
Terminal receives the first data and carried out simultaneously, i.e., is that second terminal receives at the time of first terminal is sent completely the first data
At the time of completing the first data, on road is considered in the case of transmission time, the maximum for the numerical value that first terminal timing obtains
S+2 Δ S can be reached, that is, consider the time that the data mutually sent between first terminal and second terminal are on the way transmitted
(a length of 2 Δ S during the maximum that the computation of maximal distance supported according to communication mode obtains), so, in step S20 first eventually
The time point that end is sent completely the first data starts timing, in step s 40, when second terminal finishes receiving the first data
Between point start timing, do not considering on road in the case of transmission time, without internuncial abduction, first terminal should be able to be
The numerical value that timing obtains receives the second data when reaching S, on road is considered in the case of transmission time, without internuncial misfortune
Hold, first terminal should be able to start to receive the second data when the numerical value that timing obtains is more than S and is less than or equal to S+2 Δ S.
Based on being proposed in background technology the problem of presence for existing smart card communication protocol, present embodiments provide
A kind of data communication method.The data communication method passes through second terminal timing (numerical value that timing obtains reaches default value S)
Data are sent, first terminal timing (numerical value that timing obtains is in the effective range [S, S+2 Δ S] of default value) receives second
The strategy for the data that terminal returns avoids the problems of the prior art, wherein, first terminal can be understood as in background technology
Trade company's card reader, second terminal can be understood as the user smart card in background technology, because first terminal only obtains in timing
Numerical value default value effective range [S, S+2 Δ S] in allow receive second terminal return data, in the default value
Effective range outside do not allow receive second terminal return data.Thus, if the default value effective range
It is interior, it is allowed to start to receive and receive second data, then internuncial abduction is not present in explanation, but if in the present count
Allow to start to receive but be not received by second data in the effective range of value, then the feelings of go-between's abduction occurs in explanation
Condition.In the present embodiment, S+2 Δ S≤FWT, wherein, FWT is first terminal and frame as defined in the communication protocol of second terminal use
Stand-by period, such as frame stand-by period FWT as defined in agreement ISO14443 and ISO15693, so, first terminal (such as Card Reader
Device) smart card returned data can be waited within FWT time, while the scheme of the timing receipt of the present embodiment offer is provided, by
This, the method that the present embodiment provides can may recognize that internuncial abduction while compatible existing protocol.Occurring
During situation about being seized on both sides by the arms by go-between, even if T2<FWT, still, needed for transfer data between not ignoring two terminals when
In the case of long 2 Δ S, so that S is default duration as an example, second terminal timing reaches S and just sends data, therefore, T2=s1+s2
+ S+2 Δ S, wherein, T2 be first terminal from be sent completely data to receive second terminal feedback data required for when
Between, s1+s2 is that the time that go-between is distorted needed for processing (refer to tw1, tw2 in background technology, tw1 corresponds to s1, tw2 pairs
Answer s2), T2 has exceeded the maximum S+2 Δ S of the effective range of default value, so, first terminal rejection second terminal
The data of return, the communication with second terminal is interrupted, thus, even if T2<FWT, first terminal can also identify internuncial
Kidnap.It should be noted that S and Δ S can also include diversified forms, herein, be in addition to representing duration in the present embodiment
Readily appreciate, only illustrated by taking duration as an example, the present embodiment can hereafter mention the diversified forms that S and Δ S includes, specific ginseng
See below description.
In the present embodiment, default value S can be stored in the FX of terminal prefabricated before terminal is dispatched from the factory, nothing
Need to consult, can also consult to obtain with second terminal by first terminal, or, it can also be generated by a side and issue other side, or,
It can also be sent together when first terminal sends data to second terminal in the packet as defined in first terminal writes on agreement
To second terminal.Wherein, although the prefabricated default value that dispatches from the factory need not be consulted, without generation, first terminal and second terminal
Each data output is received and dispatched according to default value timing, and its drawback is exactly that the default value can not change, underaction,
At random, security is relatively low.And several modes for obtaining default value S can generate default value at random below, compared to dispatching from the factory
Prefabricated default value, more flexible, at random, security is higher.Can default value S for identify internuncial abduction extremely
Close important, therefore, in order to prevent default value S to be tampered, the present embodiment proposes several acquisition default value S modes,
Just following several modes for obtaining default value S are described in detail below.
As a kind of optional embodiment in the present embodiment, the present embodiment can be consulted by following steps to realize
To default value, can be held consultation on any opportunity before first terminal sends the first data to second terminal, compared to
Dispatch from the factory prefabricated default value, more flexible, and at random, security is higher.Specifically, in first terminal from being sent completely the first data
Time point start timing before, the present embodiment provide method also include:
First terminal carries out two-way authentication, in the two-way authentication by rear, first with second terminal
Terminal consults to obtain transmission key with second terminal;
Second terminal generates the default value, and the default value is encrypted using the transmission key, after encryption
Default value is sent to first terminal;First terminal is decrypted to obtain this pre- using the default value after the transmission key pair encryption
If numerical value, and preserve;Or first terminal generates the default value, and the default value is encrypted using the transmission key,
Default value after encryption is sent to second terminal;Second terminal utilizes the default value solution after the transmission key pair encryption
It is close to obtain the default value, and preserve.
Thus, the present embodiment can be ensured by first terminal and the two-way authentication of second terminal first terminal and
The legal identity of second terminal, further consult obtain transmit key, using the transmission key to default value encryption and decryption with
Ensure the security of transmitting procedure, so as to prevent that the default value for consulting to obtain from illegally being distorted, ensure default value
Security.In addition, either first terminal or second terminal, carrying out preservation after the default value of other side's transmission is received can
To be continuing with the default value when next data communicate, by preserving default value, two terminals without performing negotiation again
The interaction flow of default value, substantially increases data transmission efficiency.
Specifically, consulting to obtain the mode of default value in the optional embodiment can realize in several ways,
The present embodiment takes a single example, and consults to obtain the mode of default value in order to be expressly understood in optional embodiment.Such as Fig. 2 institutes
Show, present embodiments provide the flow that a kind of specific first terminal consults default value with second terminal, specifically include following
Step:
S110, first terminal initiate certification request to second terminal, carry in the certification request random number R 1 and
The digital certificate of first terminal.
Wherein, random number R 1 is the single authentication data of first terminal generation, and other illegality equipments can be prevented to first
The Replay Attack of terminal.
S111, second terminal receive the certification request, and the digital certificate of first terminal is verified, are being verified
Afterwards, signature generation signed data S1 is carried out to random number R 1 using the private key of second terminal, and generates random number R 2, utilize first
Public key in the digital certificate of terminal is encrypted to obtain ciphertext E1 to R2.
Wherein, random number R 2 is the single authentication data of second terminal generation, and other illegality equipments can be prevented to second
The Replay Attack of terminal.
S112, second terminal send the digital certificate of second terminal, signed data S1 and ciphertext E1 to first terminal.
S113, first terminal is verified to the digital certificate of second terminal, after being verified, using in digital certificate
Public key to signed data S1 sign tests, in sign test by rear, ciphertext E1 is decrypted to obtain R2, using the private key of first terminal to R2
Signature generation signed data S2, and random number R 3 is generated, R3 is encrypted using the public key of second terminal to obtain ciphertext E2, is based on
R2R3 generation transmission keys K.
Wherein, the sign test by first terminal to the signed data S1 of second terminal, it can be ensured that second terminal identity
Legitimacy.In addition, transmit key using the generating random number of each self-generating of both sides, it is ensured that even if there is hacker to intercept and capture one party
Random number, but because the random number of no other side can not also generate the transmission key, and then can guarantee that transmission key will not be by
Obtain easily.
S114, first terminal send signed data S2 and ciphertext E2 to second terminal.
S115, second terminal, to signed data S2 sign tests, are led to using the public key in the digital certificate of first terminal in sign test
Later, ciphertext E2 is decrypted to obtain R3, transmission key K is generated based on R2R3.
Wherein, the sign test by second terminal to the signed data S2 of first terminal, it can be ensured that first terminal identity
Legitimacy.
S116, first terminal generation default value S, encrypts to obtain ciphertext E3 using key K is transmitted.
S117, first terminal send E3 to second terminal.
S118, second terminal receives ciphertext E3, and E3 is decrypted to obtain default value S using key K is transmitted, and preserves pre-
If numerical value S.
In the optional embodiment, the two-way of first terminal and second terminal is completed from step S110~step S115
Certification and negotiation transmission key, in step S116~S118, the operation that first terminal performs with second terminal can exchange,
I.e., it is possible to generate default value S by second terminal, ciphertext E3 is obtained using K encryptions S, is sent to first terminal, first terminal profit
Decrypt to obtain default value S with transmission key K, and preserve.
It can be realized as another optional embodiment, the present embodiment in the present embodiment by following steps by one
Fang Shengcheng issues other side and obtains the mode of default value, can appoint before first terminal sends the first data to second terminal
When machine is held consultation, more flexible compared to the prefabricated default value that dispatches from the factory, and at random, security is higher.Specifically, first
Before timing being sent completely the time point of the first data, the method that the present embodiment provides also includes terminal:
First terminal carries out two-way authentication with second terminal;
In the two-way authentication by rear, second terminal generates the default value, and utilizes the public affairs of first terminal
Key is encrypted to the default value, and the default value after encryption is sent to first terminal;First terminal utilizes its private key pair encryption
Default value afterwards is decrypted to obtain the default value, and preserves;Or in the two-way authentication by rear, first eventually
End generates the default value, and the default value is encrypted using the public key of second terminal, and the default value after encryption is sent
To second terminal;Second terminal decrypts to obtain the default value using the default value after its private key pair encryption, and preserves.
Thus, the present embodiment can be ensured by first terminal and the two-way authentication of second terminal first terminal and
The legal identity of second terminal, further realized using public and private key to default value encryption and decryption to ensure the safety of transmitting procedure
Property, so as to prevent that the default value of side generation from illegally being distorted, ensure the security of default value.Compared to above
Optional embodiment, the optional embodiment are realized to default value using the public private key pair of first terminal and second terminal in itself
Encryption and decryption, without regenerate transmit key, reduce interactive step, shorten obtain default value time, improve effect
Rate.In addition, either first terminal or second terminal, preservation is carried out after the default value of other side's transmission is received can be
The default value is continuing with during next data communication, by preserving default value, two terminals are default without performing negotiation again
The interaction flow of numerical value, substantially increases data transmission efficiency.
Specifically, the mode of default value is obtained in the optional embodiment to be realized in several ways, this reality
Apply example to take a single example, in order to which the mode for obtaining default value in optional embodiment is expressly understood.As shown in figure 3, this reality
Apply example and provide the flow that a kind of specific first terminal consults default value with second terminal, specifically include following steps:
S120, first terminal initiate certification request to second terminal, random number R 1 are carried in the certification request;
Wherein, random number R 1 is the single authentication data of first terminal generation, and other illegality equipments can be prevented to first
The Replay Attack of terminal.
S121, second terminal receive the certification request, and carry out signature generation number of signature to random number R 1 using its private key
According to S1, and generate random number R 2;
Wherein, random number R 2 is the single authentication data of second terminal generation, and other illegality equipments can be prevented to second
The Replay Attack of terminal.
S122, second terminal send the digital certificate of second terminal, signed data S1 and random number R 2 to first eventually
End;
S123, first terminal is verified to the digital certificate of second terminal, after being verified, using in digital certificate
Public key to signed data S1 sign tests, in sign test by rear, R2 is signed generation signed data S2 using the private key of first terminal;
Wherein, the sign test by first terminal to the signed data S1 of second terminal, it can be ensured that second terminal identity
Legitimacy.
S124, first terminal send its digital certificate and signed data S2 to second terminal;
S125, second terminal is verified to the digital certificate of first terminal, after being verified, using in digital certificate
Public key to signed data S2 sign tests;
Wherein, the sign test by second terminal to the signed data S2 of first terminal, it can be ensured that first terminal identity
Legitimacy.
S126, in sign test by rear, second terminal generates default value S at random, using the public key of first terminal to default
Numerical value S encryption generation ciphertexts E;
S127, second terminal send E to first terminal;
S128, first terminal receive ciphertext E, and using its private key E are decrypted to obtain default value S, and preserve present count
Value S.
In the optional embodiment, realized from step S120~step S125 between first terminal and second terminal
Two-way authentication, and in two-way authentication by rear, second terminal generation default value, in step S126~S128, the
The operation that one terminal performs with second terminal can exchange, i.e. can generate default value S by first terminal, using second eventually
The public key at end is encrypted to obtain ciphertext E to default value S, sends to second terminal, second terminal and E is decrypted to obtain using its private key
Default value S, and preserve.Compared with the mode of the acquisition default value shown in Fig. 2, the optional embodiment is transmitted without consulting
Key, but encryption and decryption directly is carried out using the public and private key of first terminal and second terminal in itself, reduce negotiation transmission key
Interaction flow, can improve obtain default value efficiency.
As the optional embodiment of the third in the present embodiment, the present embodiment can be realized by by following steps
One terminal writes default value in packet as defined in agreement, is sent together when first terminal sends data to second terminal
Realize that both sides obtain the default value to second terminal, specifically, first terminal sends the to second terminal in step S20
Before one data, the method that the present embodiment provides also includes:First terminal generates default value;Second is sent in first terminal
At least also include in first data of terminal:The default value and the anti-tamper verification being calculated based on the default value
Value;In step s 40, after second terminal receives the first data, the method that the present embodiment provides also includes:Second terminal is from
The default value and anti-tamper check value are obtained in one data, and anti-tamper check value is verified, after verification passes through,
Preserve the default value.
In the optional embodiment, first terminal can generate a default value at random, the number according to as defined in agreement
According to the form of bag, the default value and anti-tamper check value are write in scheduled field, or, new field can also be increased,
By in the newly-increased field of the default value and the write-in of anti-tamper check value, the first data are sent to second terminal in first terminal
When, carry in the packet in the first data and send to second terminal.The tamperproof check value is calculated based on default value
Obtain, for example, the tamperproof check value can be the signed data being calculated based on the default value, i.e., to default value
Generation summary is calculated, and generation signed data is encrypted to summary using the private key of first terminal, second terminal is to tamperproof school
Test value to carry out verifying can using the public key of first terminal to signed data progress sign test, if sign test is by verifying
By illustrating that default value is not tampered with.In another example the tamperproof check value can be to be calculated based on default value using MAC
The MAC value that method is calculated, second terminal can also use identical MAC algorithm meters when being verified to tamperproof check value
Calculation obtains a MAC value, and whether compare two MAC values consistent, if unanimously, verification passes through, illustrate default value not by
Distort.
It should be noted that second terminal after the first data are finished receiving, starts timing, and obtained from the first data
Default value, if passed through to the verification of anti-tamper check value, the second terminal reaches present count in the numerical value that timing obtains
The second data are sent after value to first terminal, if follow-up first terminal does not receive second in the effective range of default value
The second data that terminal returns, then illustrate go-between's abduction occur;If the verification to tamperproof check value is not by second
Terminal can stop timing, now illustrate to be possible to the situation that go-between kidnaps data occurred.Thus, in the optional implementation
In mode, the identification that go-between kidnaps can also be realized by tamperproof check value, once moreover, default value is tampered, school
Testing cannot be by, and then can ensure that default value will not be distorted illegally, ensures the safety of default value.
In addition, in the present embodiment, as an alternative embodiment, default value can comprise at least:It is default
Duration, default number of cycles, default pulse number or default phase difference, therefore, in the present embodiment, first terminal and
Second terminal also correspondingly has different timing statisticals, and judge numerical value that timing obtains whether reach default value or
Mode in the effective range of default value, it is described in detail separately below for various default values.
As a kind of optional embodiment of the present embodiment, default value can include:Default duration, wherein, this is pre-
If duration be more than second terminal the duration of data processing carried out to the pending data in the first data for receiving (due to the
Two terminals, which need to reach the numerical value that timing obtains after processing data, just sends the second data), optionally, in addition, S+2 Δs S
≤FWT;The maximum communication that Δ S is supported for the communication mode that the distance between first terminal and second terminal is both uses
Apart from when, first terminal transfers data to the duration needed for second terminal, in step S80, number that first terminal timing obtains
It is worth in the effective range of default value, including:The first terminal duration that timing obtains after the first data are sent completely exists
In the range of [S, S+2 Δ S];In step S60, the numerical value that second terminal timing obtains reaches default value, including:Second terminal
The duration that timing obtains after the first data are finished receiving reaches default duration.
In this kind of optional embodiment, first terminal supports accurate timing work(with being respectively provided with timer in second terminal
Can, can pass through the duration obtained during timer judge whether to reach preset duration or whether preset duration effective range
It is interior.For example, second terminal can be the smart card with crystal oscillator, its internal clocking meter should can be passed through with the smart card of crystal oscillator
When the mode of duration count timing, its timing precision determines by the clock accuracy of smart card.For example, S=5 × 10- 3S, by taking bluetooth as an example, the maximum transmission distance 20m of support transmission duration Δ S is 60 × 10-9S, then second terminal reached in timing
To 5 × 10-3The second data are sent during s, first terminal is only [5 × 10-3s,(5×10-3+1.2×10-7) s] just allow to start
The second data are received, the second data are only received in the effective range of the default value and just illustrate that no appearance is internuncial
The situation of abduction, thus, it is possible to identify internuncial abduction.Although the optional embodiment is only entered with Blue-tooth communication method
Gone for example, but other short haul connection modes belong to the scope of protection of the invention.
For terminal (such as smart card) passive, without crystal oscillator, the terminal does not have clocking capability, and in the present embodiment
In, during the entire process of being communicated in first terminal with second terminal, first terminal produces carrier signal all the time, therefore, this
Propose different with clock timing timing statistical in embodiment, the present embodiment can also be by calculating week of carrier signal
Phase number, pulse number and phase difference count the numerical value that timing obtains, and default value can specifically include:Default carrier wave
The phase difference of the number of cycles of signal, the pulse number of default carrier signal and default carrier signal, Δ S specifically can be with
Indication carrier wave signal passes through the maximum communication distance that the communication mode used between first terminal and second terminal is supported and produced
Raw number of cycles, pulse number, and phase change value, wherein, no matter using above-mentioned any timing statistical, S+2
Δ S's and corresponding duration be all higher than second terminal and data processing carried out to the pending data in the first data for receiving
Duration, optionally, in addition, S+2 Δs S's and corresponding duration can be less than or equal to FWT.As a kind of optional embodiment party
Formula, default value can include:Default number of cycles;Δ S is carrier signal by being adopted between first terminal and second terminal
Number of cycles caused by the maximum communication distance that communication mode is supported;In step S80, first terminal timing obtains
Numerical value in the effective range of default value, including:First terminal continues to second eventually after the first data are sent completely
The number of cycles of the carrier signal sent is held in the range of [S, S+2 the Δ S];In step S60, second terminal timing obtains
Numerical value reaches default value, including:Second terminal is from the week for finishing receiving the carrier signal persistently received after the first data
Phase number reaches default number of cycles.
In the present embodiment, first terminal is producing carrier signal all the time, when first terminal needs to send data, example
Such as, it is to send the modulation of the first data to second terminal over the carrier signal that first terminal, which sends the first data, first eventually
End be when need not send data, and first terminal sends the carrier signal to second terminal, without carrying data in the carrier signal.
In the optional embodiment, first terminal is respectively provided with counter with second terminal, can calculate the cycle of carrier wave under the above situation
Number, the optional embodiment provide a kind of mode for the numerical value that optional statistics timing obtains, and first terminal and second is eventually
Holding without using clock timing, can also reach the purpose of accurate timing, for example, the terminal in a manner of supporting NFC communication
Exemplified by, the working frequency of first terminal and second terminal is 13.56MHZ, in first terminal and second terminal communication process, the
One terminal (such as card reader) produces 13.56MHz carrier wave all the time, and the period of time T of carrier wave is fixed, T=1/
13.56MHz, it is approximately equal to 74ns, the numerical value that timing obtains is counted with the cycle, unit can be as accurate as ns, it is possible thereby to reach
The effect accurately counted, moreover, the optional embodiment goes for the smart card of passive no crystal oscillator.Although the optional reality
Apply mode carried out only in a manner of NFC communication for example, but other short haul connection modes belong to the model protected of the present invention
Enclose.
In addition, as the optional embodiment of another the present embodiment, default value can include:Default pulse
Number;The maximum communication distance that Δ S is supported by carrier signal by the communication mode used between first terminal and second terminal
Caused pulse number;In step S80, the numerical value that first terminal timing obtains is in the effective range of default value, bag
Include:The pulse number for the carrier signal that first terminal continues to send to second terminal after the first data are sent completely is in [S, S
+ 2 Δ S] in the range of;In step S60, the numerical value that second terminal timing obtains reaches default value, including:Second terminal is from connecing
The pulse number for harvesting into the carrier signal persistently received after the first data reaches default pulse number.
The pulse number for counting carrier signal is the number for the peak value for counting carrier signal, is believed compared to above-mentioned statistics carrier wave
Number number of cycles mode, statistics pulse number can reach the effect further accurately counted, moreover, the optional embodiment party
Formula goes for the smart card of passive no crystal oscillator.
In addition, as the optional embodiment of another the present embodiment, default value can include:Default phase difference;
The maximum communication distance that Δ S is supported by carrier signal by the communication mode used between first terminal and second terminal is produced
Raw phase change value;In step S80, the numerical value that first terminal timing obtains in the effective range of default value, including:
Carrier signal in the phase difference of first phase and second phase in the range of [S, S+2 Δ S], wherein, first phase be carrier wave letter
The phase at the time point of the first data number is sent completely in first terminal, second phase is that carrier signal allows out in first terminal
The phase at the time point for the second data of reception that begin;In step S60, the numerical value that second terminal timing obtains reaches default value,
Including:Carrier signal reaches default phase difference in the phase difference of third phase and the 4th phase, wherein, third phase is carrier wave
For signal in phase of the second terminal at the time point for finishing receiving the first data, the 4th phase is that carrier signal is opened in second terminal
Originate the phase at the time point for sending second data.
For example, by the way of first terminal can obtain default value with second terminal using what is mentioned before, negotiation or one
Default phase difference S=(1/2+40) π of Fang Shengcheng, using first terminal as card reader, second terminal is Card Reader exemplified by smart card
Device is being sent completely after the first data and smart card is after first data are finished receiving, and communication waveforms between the two are exactly
The sine wave carrier of standard, the phase recorded this moment be 0 (i.e. first phase and third phase are 0), in carrier phase difference (i.e. the
The phase difference of three phases and the 4th phase) when reaching (1/2+40) π, smart card sends the second data, and now, card reader can lead to
Cross the phase difference that timing obtains allows to start to receive and receive the second data in the effective range of default value, to confirm not having
There is internuncial abduction.By taking NFC as an example, it is assumed that carry the carrier signals of the first data by the maximum transmitted that NFC is supported away from
From phase change value caused by 20cmThen first terminal only just allows to start to receive at [(1/2+40) π, 41 π]
Second data, the second data are only received in the effective range of the default value and are just illustrated without the internuncial abduction of appearance
Situation, thus, it is possible to identify internuncial abduction.
In the optional embodiment, exemplified by the terminal in a manner of supporting NFC communication, the work of first terminal and second terminal
Working frequency is 13.56MHz, and in first terminal and second terminal communication process, first terminal (such as card reader) produces all the time
13.56MHz carrier wave, the time cycle of carrier wave is fixed, T=1/13.56MHz, is approximately equal to 74ns, phase is can be by one
The individual cycle divides in 2 π angle, counts timing with phase, unit can be as accurate as 74/2 π ns, compared to above-mentioned statistics
The number of cycles of carrier signal and the mode of pulse number, statistics phase difference can reach the effect further accurately counted,
Moreover, the optional embodiment goes for the smart card of passive no crystal oscillator.Although the optional embodiment is only led to NFC
Letter mode carried out for example, but other short haul connection modes belong to the scope of protection of the invention.
By data communication method provided in an embodiment of the present invention, sent out by the timing of first terminal timing receipt second terminal
The strategy sent so that first terminal is even in the T2 for receiving the second data<During FWT, still it can recognise that in presence
Between people kidnap situation, avoid user from causing economic loss in the case where knowing nothing.
Embodiment 2
Based on same inventive concept, the embodiment of the present invention also provides a kind of data communication system.As shown in figure 4, the data
Communication system includes:First terminal and second terminal, wherein:
First terminal, for sending the first data to second terminal, and since the time point for being sent completely the first data
Timing, wherein, the first data comprise at least pending data;Second terminal, for receiving the first data, and from finishing receiving
The time point of one data starts timing;Second terminal, it is additionally operable to when the numerical value that second terminal timing obtains reaches default value,
Second data are sent to first terminal, wherein, the second data are to be obtained after second terminal carries out data processing to pending data
The data arrived;First terminal, if being additionally operable to numerical value that first terminal timing obtains in the effective range of default value, allow
Start to receive the second data.
Wherein, the maximum communication distance that Δ S is supported by the communication mode used between first terminal and second terminal is true
Fixed, S is default value.
In the present embodiment, the communication mode between first terminal and second terminal includes:Short-distance wireless communication mode, tool
Body, short-distance wireless communication mode comprises at least:NFC (Near Field Communication, near-field communication), Wi-Fi
(Wireless Fidelity, Wireless Fidelity), UWB (UltraWideband, ultra wide band), Zigbee, RFID (Radio
Frequency Identification, radio frequency identification), Infrared Transmission and bluetooth.Therefore, first terminal and second terminal
Between communication distance may be as little to several centimeter lengths to hundreds of meters.Based on above-mentioned short-distance wireless communication mode, corresponding to difference
Communication mode, to be communicated between first terminal and second terminal can also use corresponding communications protocol, to realize between the two
Wireless data transmission.Wherein, as an alternative embodiment, first terminal can be contactless to support with second terminal
Card-reading mode terminal, for example, first terminal can be the terminal of the card reader class such as POS, ATM, identity card reader,
Second terminal can be intelligent cipher key equipment (such as industrial and commercial bank's U-shield, agricultural bank Key are precious), smart card, identity card terminal, and use is above-mentioned
The terminal of contactless card-reading mode, as between card reader and smart card, association can be used between card reader and identity card
View ISO14443 and ISO15693 carries out data transmission, and short-distance wireless communication mode can include:ISO14443 and
The communication mode that ISO15693 agreements are supported;In addition, first terminal can also be mobile terminal, PC, palm electricity with second terminal
Brain, smart machine etc. support the terminal of short-distance wireless communication mode.
As an alternative embodiment, using first terminal as card reader, second terminal is the first number exemplified by smart card
Pending data in can be Card Reader request data, and certainly, the pending data in the first data is not limited to this, with
Exemplified by one terminal and second terminal are mobile terminal, the pending data in the first data can also be that request second terminal is returned
Request data of picture etc. is returned, the present embodiment is not limited excessively the pending data in the first data, as long as
The request data that first terminal is initiated to second terminal.In the present embodiment, the second data are not also limited, the second number
According to being the data that are obtained after handling the pending data in the first data.Using second terminal as smart card, first terminal
Exemplified by card reader, the second data can be the data content for the smart card that first terminal request is read, with first terminal and the
Exemplified by two terminals are mobile terminal, the pending data in the first data is the data of request picture, and the second data are to scheme
Sheet data.Second terminal starts timing at the time point for finishing receiving the first data, reaches present count in the numerical value that timing obtains
During value, second terminal sends the second data to first terminal, ensures that timing is sent.
The problem of based on being proposed in background technology, the present embodiment is in order in T2<During FWT, in still can identifying
Between people abduction, using first terminal timing receipt second terminal timing send strategy, so, in the present embodiment, first
Terminal timing since being sent completely the time point of the first data, in effective range of the numerical value that timing obtains in default value
When, if receiving the data of second terminal return, illustrate internuncial abduction is not present, can if be not received by
Internuncial abduction be present to identify.In the present embodiment, can't be as existing after second terminal receives the first data
Technology at once sends the data after processing to first terminal like that after the completion of to the first data processing, but starts timing,
The strategy sent using the timing of first terminal timing receipt second terminal, when the numerical value that timing obtains reaches default value, the
Two terminals just send the second data to being obtained after the pending data processing in the first data, i.e. timing is sent so that first
Terminal is receiving the T2 of the second data<During FWT, it still can recognise that go-between's abduction be present.
In the present embodiment, as an alternative embodiment, the effective range of default value is [S, S+2 Δ S], its
In, S is default value, the maximum communication distance that Δ S is supported by the communication mode used between first terminal and second terminal
It is determined that.As noted, the communication mode used between first terminal and second terminal can be short-distance wireless communication,
Communication can be included, and the maximum communication distance that every kind of communication mode is supported is different, for example, NFC work
Frequency is 13.56MHz, and the communication distance of support is within 20cm, and the working frequency of bluetooth is 2.4GHz, the communication of support away from
From that can reach 20m, WiFi can reach 100m.Δ S can be understood as by being used between first terminal and second terminal
The numerical value needed for maximum communication distance that communication mode is supported, for example, transmitting the first data institute by the maximum communication distance
Duration needed etc., corresponding because the maximum communication distance that every kind of communication mode is supported is different, Δ S value also can be different, when
Right Δ S can also include other implications, referring specifically to detailed description below.
It should be noted that the first data be continuously transmitted in a manner of byte it is continuous to second terminal, first terminal
The first byte, the second byte ... last byte of the first data are sent, second terminal continuously receives the of the first data
One byte, the second byte ... last byte.Due to using short haul connection mode between first terminal and second terminal,
First terminal starts during sending each byte of the first data, and second terminal has begun to receive each word of the first data
Section, it is contemplated that the duration order of magnitude that terminal receives single byte is smaller, can be ignored, thus, the first word of the first data
When reaching second terminal, last byte of the first data is not sent also section, i.e., first terminal is not sent completely also
First data.Do not considering on road in the case of transmission time, one can consider that first terminal sends the first data and second
Terminal receives the first data and carried out simultaneously, i.e., is that second terminal receives at the time of first terminal is sent completely the first data
At the time of completing the first data, on road is considered in the case of transmission time, the maximum for the numerical value that first terminal timing obtains
S+2 Δ S can be reached, that is, consider the time that the data mutually sent between first terminal and second terminal are on the way transmitted
(a length of 2 Δ S during the maximum that the computation of maximal distance supported according to communication mode obtains), so, it is sent completely in first terminal
The time point of first data starts timing, and the time point that the first data are finished receiving in second terminal starts timing, is not considering
On road in the case of transmission time, without internuncial abduction, first terminal should be able to be when the numerical value that timing obtains reaches S
The second data are received, on road is considered in the case of transmission time, without internuncial abduction, first terminal should be able to be
The numerical value that timing obtains is more than S and starts to receive the second data when being less than or equal to S+2 Δ S.
Based on being proposed in background technology the problem of presence for existing smart card communication protocol, present embodiments provide
A kind of data communication system.The data communication system passes through second terminal timing (numerical value that timing obtains reaches default value S)
Data are sent, first terminal timing (numerical value that timing obtains is in the effective range [S, S+2 Δ S] of default value) receives second
The strategy for the data that terminal returns avoids the problems of the prior art, wherein, first terminal can be understood as in background technology
Trade company's card reader, second terminal can be understood as the user smart card in background technology, because first terminal only obtains in timing
Numerical value default value effective range [S, S+2 Δ S] in allow receive second terminal return data, in the present count
Do not allow to receive the data that second terminal returns outside the effective range of value.Thus, if the default value effective model
In enclosing, it is allowed to start to receive and receive second data, then internuncial abduction is not present in explanation, but if default at this
Allow to start to receive but be not received by second data in the effective range of numerical value, then go-between's abduction occurs in explanation
Situation.In the present embodiment, S+2 Δ S≤FWT, wherein, FWT is as defined in the communication protocol that first terminal uses with second terminal
Frame stand-by period, such as frame stand-by period FWT as defined in agreement ISO14443 and ISO15693, so, first terminal (such as read
Card device) smart card returned data can be waited within FWT time, while the scheme of the timing receipt of the present embodiment offer is provided,
Thus, the method that the present embodiment provides can may recognize that internuncial abduction while compatible existing protocol.Going out
During situation about now being seized on both sides by the arms by go-between, even if T2<FWT, still, between two terminals are not ignored needed for transfer data
In the case of the Δ S of duration 2, so that S is default duration as an example, second terminal timing reaches S and just sends data, therefore, T2=s1+
S2+S+2 Δ S, wherein, T2 be first terminal from be sent completely data to receive second terminal feedback data required for when
Between, s1+s2 is that the time that go-between is distorted needed for processing (refer to tw1, tw2 in background technology, tw1 corresponds to s1, tw2 pairs
Answer s2), T2 has exceeded the maximum S+2 Δ S of the effective range of default value, so, first terminal rejection second terminal
The data of return, the communication with second terminal is interrupted, thus, even if T2<FWT, first terminal can also identify internuncial
Kidnap.It should be noted that S and Δ S can also include diversified forms, herein, be in addition to representing duration in the present embodiment
Readily appreciate, only illustrated by taking duration as an example, the present embodiment can hereafter mention the diversified forms that S and Δ S includes, specific ginseng
See below description.
In the present embodiment, default value S can be stored in the FX of terminal prefabricated before terminal is dispatched from the factory, nothing
Need to consult, can also consult to obtain with second terminal by first terminal, or, it can also be generated by a side and issue other side, or,
It can also be sent together when first terminal sends data to second terminal in the packet as defined in first terminal writes on agreement
To second terminal.Wherein, although the prefabricated default value that dispatches from the factory need not be consulted, without generation, first terminal and second terminal
Each data output is received and dispatched according to default value timing, and its drawback is exactly that the default value can not change, underaction,
At random, security is relatively low.And several modes for obtaining default value S can generate default value at random below, compared to dispatching from the factory
Prefabricated default value, more flexible, at random, security is higher.Can default value S for identify internuncial abduction extremely
Close important, therefore, in order to prevent default value S to be tampered, the present embodiment proposes several acquisition default value S modes,
Just following several modes for obtaining default value S are described in detail below.
As a kind of optional embodiment, first terminal in the present embodiment, it is additionally operable in first terminal from being sent completely
Before the time point of first data starts timing, two-way authentication is carried out with second terminal, is led in two-way authentication
Later, consult to obtain transmission key with second terminal;
Second terminal, it is additionally operable to generate default value, and default value is encrypted using the transmission key, after encryption
Default value is sent to first terminal;First terminal, it is additionally operable to utilize the default value after the transmission key pair encryption to decrypt
To default value, and preserve;Or first terminal, it is additionally operable to generate default value, and add default value using key is transmitted
It is close, the default value after encryption is sent to second terminal;Second terminal, it is additionally operable to utilize default after transmitting key pair encryption
Numerical value is decrypted to obtain default value, and preserves.
Thus, the present embodiment can be ensured by first terminal and the two-way authentication of second terminal first terminal and
The legal identity of second terminal, further consult obtain transmit key, using the transmission key to default value encryption and decryption with
Ensure the security of transmitting procedure, so as to prevent that the default value for consulting to obtain from illegally being distorted, ensure default value
Security.In addition, either first terminal or second terminal, carrying out preservation after the default value of other side's transmission is received can
To be continuing with the default value when next data communicate, by preserving default value, two terminals without performing negotiation again
The interaction flow of default value, substantially increases data transmission efficiency.Consult to obtain default value in the optional embodiment
Mode can be realized in several ways, specifically, may refer to the implementation shown in Fig. 2 in embodiment 1.
As a kind of optional embodiment, first terminal in the present embodiment, it is additionally operable in first terminal from being sent completely
Before the time point of first data starts timing, two-way authentication is carried out with second terminal;
Second terminal, it is additionally operable in two-way authentication by rear, generation default value, and utilizes the public affairs of first terminal
Key is encrypted to default value, and the default value after encryption is sent to first terminal;First terminal, it is additionally operable to utilize first terminal
Private key pair encryption after default value decrypt to obtain default value, and preserve;Or first terminal, it is additionally operable to two-way
Authentication generates default value by rear, and default value is encrypted using the public key of second terminal, will be after encryption it is default
Numerical value is sent to second terminal;Second terminal, it is additionally operable to the default value after the private key pair encryption using second terminal and decrypts
To default value, and preserve.
Thus, the present embodiment can be ensured by first terminal and the two-way authentication of second terminal first terminal and
The legal identity of second terminal, further realized using public and private key to default value encryption and decryption to ensure the safety of transmitting procedure
Property, so as to prevent that the default value of side generation from illegally being distorted, ensure the security of default value.Compared to above
Optional embodiment, the optional embodiment are realized to default value using the public private key pair of first terminal and second terminal in itself
Encryption and decryption, without regenerate transmit key, reduce interaction flow, shorten obtain default value time, improve effect
Rate.In addition, either first terminal or second terminal, preservation is carried out after the default value of other side's transmission is received can be
The default value is continuing with during next data communication, by preserving default value, two terminals are default without performing negotiation again
The interaction flow of numerical value, substantially increases data transmission efficiency.Consult to obtain the mode of default value in the optional embodiment
It can in several ways realize, specifically, may refer to the implementation shown in Fig. 3 in embodiment 1.
As the optional embodiment of the third in the present embodiment, first terminal, it is additionally operable to whole to second in first terminal
Before end sends the first data, default value is generated;First data at least also include:Default value and based on default value meter
Obtained anti-tamper check value;
Second terminal, it is additionally operable to after receiving the first data, default value is obtained also from the first data and prevents usurping
Change check value, and anti-tamper check value is verified, after verification passes through, preserve default value.
In the optional embodiment, first terminal can generate a default value at random, the number according to as defined in agreement
According to the form of bag, the default value and anti-tamper check value are write in scheduled field, or, new field can also be increased,
By in the newly-increased field of the default value and the write-in of anti-tamper check value, the first data are sent to second terminal in first terminal
When, carry in the packet in the first data and send to second terminal.The tamperproof check value is calculated based on default value
Obtain, for example, the tamperproof check value can be the signed data being calculated based on the default value, i.e., to default value
Generation summary is calculated, and generation signed data is encrypted to summary using the private key of first terminal, second terminal is to tamperproof school
Test value to carry out verifying can using the public key of first terminal to signed data progress sign test, if sign test is by verifying
By illustrating that default value is not tampered with.In another example the tamperproof check value can be to be calculated based on default value using MAC
The MAC value that method is calculated, second terminal can also use identical MAC algorithm meters when being verified to tamperproof check value
Calculation obtains a MAC value, and whether compare two MAC values consistent, if unanimously, verification passes through, illustrate default value not by
Distort.Thus, in the optional embodiment, the identification of go-between's abduction can also be realized by tamperproof check value, moreover,
Once default value is tampered, verification cannot be by, and then can ensure that default value will not be distorted illegally, ensures default
The safety of numerical value.
In addition, in the present embodiment, as an alternative embodiment, default value can comprise at least:It is default
Duration, default number of cycles, default pulse number or default phase difference, therefore, in the present embodiment, first terminal and
Second terminal also correspondingly has different timing statisticals, and judge numerical value that timing obtains whether reach default value or
Mode in the effective range of default value, it is described in detail separately below for various default values.
As a kind of optional embodiment of the present embodiment, default value can include:Default duration, wherein, S+2 Δs
S's and the duration of data processing is carried out (due to second to the pending data in the first data for receiving more than second terminal
Terminal, which needs to reach the numerical value that timing obtains after processing data, just sends the second data), optionally, in addition, S+2 Δs S<
FWT;Δ S for the distance between first terminal and second terminal be both maximum communications for being supported of communication mode for using away from
From when, first terminal transfers data to the duration needed for second terminal.The numerical value that the first terminal timing obtains is in present count
In the effective range of value, including:The first terminal duration that timing obtains after the first data are sent completely is in [S, the S+2
Δ S] in the range of;The numerical value that the second terminal timing obtains reaches default value, including:Second terminal is from finishing receiving first
The duration that timing obtains after data reaches default duration.
In this kind of optional embodiment, first terminal supports accurate timing work(with being respectively provided with timer in second terminal
Can, can pass through the duration obtained during timer judge whether to reach preset duration or whether preset duration effective range
It is interior.For example, second terminal can be the smart card with crystal oscillator, its internal clocking meter should can be passed through with the smart card of crystal oscillator
When the mode of duration count timing, its timing precision determines by the clock accuracy of smart card.For example, S=5 × 10- 3S, by taking bluetooth as an example, the maximum transmission distance 20m of support transmission duration Δ S is 60 × 10-9S, then second terminal reached in timing
To 5 × 10-3The second data are sent during s, first terminal is only [5 × 10-3s,(5×10-3+1.2×10-7) s] just allow to start
The second data are received, the second data are only received in the effective range of the default value and just illustrate that no appearance is internuncial
The situation of abduction, thus, it is possible to identify internuncial abduction.Although the optional embodiment is only entered with Blue-tooth communication method
Gone for example, but other short haul connection modes belong to the scope of protection of the invention.
For terminal (such as smart card) passive, without crystal oscillator, the terminal does not have clocking capability, and in the present embodiment
In, first terminal, it is additionally operable to during the entire process of first terminal communicates with second terminal, produces carrier signal all the time, therefore,
Different and clock timing timing statistical is proposed in the present embodiment, the present embodiment can also be by calculating carrier signal
Number of cycles, pulse number and phase difference count the numerical value that timing obtains, and default value can specifically include:Default load
The phase difference of the number of cycles of ripple signal, the pulse number of default carrier signal and default carrier signal, Δ S specifically may be used
The maximum communication distance institute supported with indication carrier wave signal by the communication mode used between first terminal and second terminal
Caused number of cycles, pulse number, and phase change value, wherein, no matter using above-mentioned any timing statistical, S+
2 Δs S's and corresponding duration be all higher than second terminal and data processing carried out to the pending data in the first data for receiving
Duration, optionally, in addition, S+2 Δs S's and corresponding duration can be less than or equal to FWT.As a kind of optional implementation
Mode, default value can include:Default number of cycles;Δ S is that carrier signal is passed through between first terminal and second terminal
Number of cycles caused by the maximum communication distance that the communication mode of use is supported;The numerical value that the first terminal timing obtains
In the effective range of default value, including:First terminal continues to send to second terminal after the first data are sent completely
Carrier signal number of cycles in the range of [S, S+2 the Δ S];The numerical value that the second terminal timing obtains reaches default
Numerical value, including:Second terminal reaches pre- from the number of cycles for finishing receiving the carrier signal persistently received after the first data
If number of cycles.
In the present embodiment, first terminal is producing carrier signal all the time, when first terminal needs to send data, example
Such as, it is to send the modulation of the first data to second terminal over the carrier signal that first terminal, which sends the first data, first eventually
End be when need not send data, and first terminal sends the carrier signal to second terminal, without carrying data in the carrier signal.
In the optional embodiment, first terminal is respectively provided with counter with second terminal, can calculate the cycle of carrier wave under the above situation
Number, the optional embodiment provide a kind of mode for the numerical value that optional statistics timing obtains, and first terminal and second is eventually
Holding without using clock timing, can also reach the purpose of accurate timing, for example, the terminal in a manner of supporting NFC communication
Exemplified by, the working frequency of first terminal and second terminal is 13.56MHZ, in first terminal and second terminal communication process, the
One terminal (such as card reader) produces 13.56MHz carrier wave all the time, and the period of time T of carrier wave is fixed, T=1/
13.56MHz, it is approximately equal to 74ns, the numerical value that timing obtains is counted with the cycle, unit can be as accurate as ns, it is possible thereby to reach
The effect accurately counted, moreover, the optional embodiment goes for the smart card of passive no crystal oscillator.Although the optional reality
Apply mode carried out only in a manner of NFC communication for example, but other short haul connection modes belong to the model protected of the present invention
Enclose.
In addition, as the optional embodiment of another the present embodiment, default value can include:Default pulse
Number;The maximum communication distance that Δ S is supported by carrier signal by the communication mode used between first terminal and second terminal
Caused pulse number;The numerical value that the first terminal timing obtains in the effective range of default value, including:First eventually
The pulse number for the carrier signal for continuing to send after the first data are sent completely to second terminal is held in [S, S+2 Δ S] model
In enclosing;The numerical value that the second terminal timing obtains reaches default value, including:Second terminal from finish receiving the first data it
The pulse number of the carrier signal persistently received afterwards reaches default pulse number.
The pulse number for counting carrier signal is the number for the peak value for counting carrier signal, is believed compared to above-mentioned statistics carrier wave
Number number of cycles mode, statistics pulse number can reach the effect further accurately counted, moreover, the optional embodiment party
Formula goes for the smart card of passive no crystal oscillator.
In addition, as the optional embodiment of another the present embodiment, default value can include:Default phase difference;
The maximum communication distance that Δ S is supported by carrier signal by the communication mode used between first terminal and second terminal is produced
Raw phase change value;The numerical value that the first terminal timing obtains in the effective range of default value, including:Carrier signal
In the phase difference of first phase and second phase in the range of [S, S+2 Δ S], wherein, first phase is carrier signal first
Terminal is sent completely the phase at the time point of the first data, and second phase is carrier signal allows to start reception the in first terminal
The phase at the time point of two data;The numerical value that the second terminal timing obtains reaches default value, including:Carrier signal is
The phase difference of three phases and the 4th phase reaches default phase difference, wherein, third phase is that carrier signal exists in second terminal
The phase at the time point of the first data is finished receiving, the 4th phase is that carrier signal starts to send second number in second terminal
According to time point phase.
For example, by the way of first terminal can obtain default value with second terminal using what is mentioned before, negotiation or one
Default phase difference S=(1/2+40) π of Fang Shengcheng, using first terminal as card reader, second terminal is Card Reader exemplified by smart card
Device is being sent completely after the first data and smart card is after first data are finished receiving, and communication waveforms between the two are exactly
The sine wave carrier of standard, the phase recorded this moment be 0 (i.e. first phase and third phase are 0), in carrier phase difference (i.e. the
The phase difference of three phases and the 4th phase) when reaching (1/2+40) π, smart card sends the second data, and now, card reader can lead to
Cross the phase difference that timing obtains allows to start to receive and receive the second data in the effective range of default value, to confirm not having
There is internuncial abduction.By taking NFC as an example, it is assumed that carry the carrier signals of the first data by the maximum transmitted that NFC is supported away from
From phase change value caused by 20cmThen first terminal only just allows to start to receive at [(1/2+40) π, 41 π]
Second data, the second data are only received in the effective range of the default value and are just illustrated without the internuncial abduction of appearance
Situation, thus, it is possible to identify internuncial abduction.
In the optional embodiment, exemplified by the terminal in a manner of supporting NFC communication, the work of first terminal and second terminal
Working frequency is 13.56MHz, and in first terminal and second terminal communication process, first terminal (such as card reader) produces all the time
13.56MHz carrier wave, the time cycle of carrier wave is fixed, T=1/13.56MHz, is approximately equal to 74ns, phase is can be by one
The individual cycle divides in 2 π angle, counts timing with phase, unit can be as accurate as 74/2 π ns, compared to above-mentioned statistics
The number of cycles of carrier signal and the mode of pulse number, statistics phase difference can reach the effect further accurately counted,
Moreover, the optional embodiment goes for the smart card of passive no crystal oscillator.Although the optional embodiment is only led to NFC
Letter mode carried out for example, but other short haul connection modes belong to the scope of protection of the invention.
By data communication system provided in an embodiment of the present invention, sent out by the timing of first terminal timing receipt second terminal
The strategy sent so that first terminal is even in the T2 for receiving the second data<During FWT, still it can recognise that in presence
Between people kidnap situation, avoid user from causing economic loss in the case where knowing nothing.
Any process or method described otherwise above description in flow chart or herein is construed as, and represents to include
Module, fragment or the portion of the code of the executable instruction of one or more the step of being used to realize specific logical function or process
Point, and the scope of the preferred embodiment of the present invention includes other realization, wherein can not press shown or discuss suitable
Sequence, including according to involved function by it is basic simultaneously in the way of or in the opposite order, carry out perform function, this should be of the invention
Embodiment person of ordinary skill in the field understood.
It should be appreciated that each several part of the present invention can be realized with hardware, software, firmware or combinations thereof.Above-mentioned
In embodiment, software that multiple steps or method can be performed in memory and by suitable instruction execution system with storage
Or firmware is realized.If, and in another embodiment, can be with well known in the art for example, realized with hardware
Any one of row technology or their combination are realized:With the logic gates for realizing logic function to data-signal
Discrete logic, have suitable combinational logic gate circuit application specific integrated circuit, programmable gate array (PGA), scene
Programmable gate array (FPGA) etc..
Those skilled in the art are appreciated that to realize all or part of step that above-described embodiment method carries
Suddenly it is that by program the hardware of correlation can be instructed to complete, described program can be stored in a kind of computer-readable storage medium
In matter, the program upon execution, including one or a combination set of the step of embodiment of the method.
In addition, each functional unit in each embodiment of the present invention can be integrated in a processing module, can also
That unit is individually physically present, can also two or more units be integrated in a module.Above-mentioned integrated mould
Block can both be realized in the form of hardware, can also be realized in the form of software function module.The integrated module is such as
Fruit is realized in the form of software function module and as independent production marketing or in use, can also be stored in a computer
In read/write memory medium.
Storage medium mentioned above can be read-only storage, disk or CD etc..
In the description of this specification, reference term " one embodiment ", " some embodiments ", " example ", " specifically show
The description of example " or " some examples " etc. means specific features, structure, material or the spy for combining the embodiment or example description
Point is contained at least one embodiment or example of the present invention.In this manual, to the schematic representation of above-mentioned term not
Necessarily refer to identical embodiment or example.Moreover, specific features, structure, material or the feature of description can be any
One or more embodiments or example in combine in an appropriate manner.
Although embodiments of the invention have been shown and described above, it is to be understood that above-described embodiment is example
Property, it is impossible to limitation of the present invention is interpreted as, one of ordinary skill in the art is not departing from the principle and objective of the present invention
In the case of above-described embodiment can be changed within the scope of the invention, change, replace and modification.The scope of the present invention
By appended claims and its equivalent limit.
Claims (13)
- A kind of 1. data communication method, it is characterised in that including:Since first terminal send the first data, and the timing being sent completely the time point of first data to second terminal, Wherein, first data comprise at least pending data;Since the second terminal receive first data, and the timing finishing receiving the time point of first data;When the numerical value that the second terminal timing obtains reaches default value, the second terminal sends the second data to institute First terminal is stated, wherein, second data are to be obtained after the second terminal carries out data processing to the pending data Data;The numerical value that the first terminal timing obtains is in the effective range of the default value, then the first terminal allows out Begin to receive second data.
- 2. according to the method for claim 1, it is characterised in thatThe effective range of the default value is [S, S+2 Δ S], wherein, S is the default value, and Δ S is by the first terminal Maximum communication distance that the communication mode used between the second terminal is supported determines, wherein, S+2 Δs be S's and correspondingly Duration be less than or equal to frame stand-by period FWT as defined in the communication protocol that the first terminal and the second terminal use.
- 3. according to the method for claim 2, it is characterised in thatThe communication mode used between the first terminal and the second terminal includes:Short-distance wireless communication mode.
- 4. according to the method described in any one of claims 1 to 3, it is characterised in thatIn the first terminal before timing being sent completely the time point of first data, methods described also includes:The first terminal carries out two-way authentication with the second terminal, in the two-way authentication by rear, The first terminal is consulted to obtain transmission key with the second terminal;The second terminal generates the default value, and profit The default value is encrypted with the transmission key, the default value after encryption is sent to the first terminal;Described One terminal decrypts to obtain the default value using the transmission key to the default value after the encryption, and preserves;Or The first terminal generates the default value, and the default value is encrypted using the transmission key, after encryption Default value is sent to the second terminal;The second terminal is using the transmission key to the default value after the encryption Decryption obtains the default value, and preserves;OrThe first terminal carries out two-way authentication with the second terminal;In the two-way authentication by rear, The second terminal generates the default value, and the default value is encrypted using the public key of the first terminal, will add Default value after close is sent to the first terminal;The first terminal is using its private key to the default value after the encryption Decryption obtains the default value, and preserves;Or in the two-way authentication by rear, the first terminal generation The default value, and the default value is encrypted using the public key of the second terminal, the default value after encryption is sent out Deliver to the second terminal;The second terminal decrypts to obtain described preset using its private key to the default value after the encryption Numerical value, and preserve.
- 5. according to the method described in any one of claims 1 to 3, it is characterised in thatBefore the first terminal sends the first data to second terminal, methods described also includes:The first terminal generation The default value;First data at least also include:The default value and the anti-tamper school being calculated based on the default value Test value;After the second terminal receives first data, methods described also includes:The second terminal obtains the default value and the anti-tamper check value from first data, and to described Anti-tamper check value is verified, and after verification passes through, preserves the default value.
- 6. according to the method described in any one of claim 2 to 5, it is characterised in thatThe default value includes:Default duration;The Δ S be between the first terminal and the second terminal away from During the maximum communication distance supported from the communication mode used for both, the first terminal transfers data to described second eventually Duration needed for end;The numerical value that the first terminal timing obtains in the effective range of the default value, including:Described One terminal is from being sent completely timing obtains after first data duration in the range of [S, S+2 the Δ S];The numerical value that the second terminal timing obtains reaches the default value, including:The second terminal is from finishing receiving State the duration that timing after the first data obtains and reach the default duration;OrThe default value includes:Default number of cycles;In the whole mistake that the first terminal communicates with the second terminal Cheng Zhong, the first terminal produce carrier signal all the time;The Δ S be the carrier signal by the first terminal with it is described Number of cycles caused by the maximum communication distance that the communication mode used between second terminal is supported;Wherein:Described first The numerical value that terminal timing obtains in the effective range of the default value, including:The first terminal is described from being sent completely The number of cycles for the carrier signal for continuing to send to the second terminal after first data is in [S, the S+2 Δ S] model In enclosing;The numerical value that the second terminal timing obtains reaches the default value, including:The second terminal is from finishing receiving The number of cycles for stating the carrier signal persistently received after the first data reaches the default number of cycles;OrThe default value includes:Default pulse number;In the whole mistake that the first terminal communicates with the second terminal Cheng Zhong, the first terminal produce carrier signal all the time;The Δ S be the carrier signal by the first terminal with it is described Pulse number caused by the maximum communication distance that the communication mode used between second terminal is supported;Wherein:Described first The numerical value that terminal timing obtains in the effective range of the default value, including:The first terminal is described from being sent completely The pulse number for the carrier signal for continuing to send to the second terminal after first data is in [S, the S+2 Δ S] model In enclosing;The numerical value that the second terminal timing obtains reaches the default value, including:The second terminal is from finishing receiving The pulse number for stating the carrier signal persistently received after the first data reaches the default pulse number;OrThe default value includes:Default phase difference;In the whole process that the first terminal communicates with the second terminal In, the first terminal produces carrier signal all the time;The Δ S is the carrier signal by the first terminal and described the Phase change value caused by the maximum communication distance that the communication mode used between two terminals is supported;Wherein:Described first The numerical value that terminal timing obtains in the effective range of the default value, including:The carrier signal is in first phase and the The phase difference of two phase in the range of [S, S+2 the Δ S], wherein, the first phase is the carrier signal described the One terminal is sent completely the phase at the time point of first data, and the second phase is the carrier signal described first Terminal allows the phase for starting to receive the time point of second data;The numerical value that the second terminal timing obtains reaches described Default value, including:The carrier signal reaches the default phase difference in the phase difference of third phase and the 4th phase, its In, the third phase be the carrier signal the second terminal the time point for finishing receiving first data phase Position, the 4th phase are that the carrier signal starts to send the phase at the time point of second data in the second terminal Position.
- 7. a kind of data communication system, including:First terminal, for sending the first data to second terminal, and since the time point for being sent completely first data Timing, wherein, first data comprise at least pending data;The second terminal, for receiving first data, and counted since being finished receiving the time point of first data When;The second terminal, it is additionally operable to when the numerical value that the second terminal timing obtains reaches default value, by the second data Send to the first terminal, wherein, second data are that the second terminal is carried out at data to the pending data The data obtained after reason;The first terminal, if being additionally operable to the effective range of numerical value that the first terminal timing obtains in the default value It is interior, then allow to start to receive second data.
- 8. system according to claim 7, it is characterised in thatThe effective range of the default value is [S, S+2 Δ S], wherein, S is the default value, and Δ S is by the first terminal Maximum communication distance that the communication mode used between the second terminal is supported determines, wherein, when corresponding to S+2 Δs S Frame stand-by period FWT as defined in the long communication protocol for being less than or equal to the first terminal and being used with the second terminal.
- 9. the system according to claim 7 or 8, it is characterised in thatCommunication mode between the first terminal and the second terminal includes:Short-distance wireless communication mode.
- 10. according to the system described in any one of claim 7 to 8, it is characterised in thatThe first terminal, be additionally operable to the first terminal since being sent completely the time point of first data timing it Before, two-way authentication is carried out with the second terminal, in the two-way authentication by rear, with the second terminal Negotiation obtains transmitting key;The second terminal, it is additionally operable to generate the default value, and the default value is encrypted using the transmission key, Default value after encryption is sent to the first terminal;The first terminal, it is additionally operable to using the transmission key to institute State the default value after encryption to decrypt to obtain the default value, and preserve;OrThe first terminal, it is additionally operable to generate the default value, and the default value is encrypted using the transmission key, Default value after encryption is sent to the second terminal;The second terminal, it is additionally operable to using the transmission key to institute State the default value after encryption to decrypt to obtain the default value, and preserve.
- 11. according to the system described in any one of claim 7 to 9, it is characterised in thatThe first terminal, be additionally operable to the first terminal since being sent completely the time point of first data timing it Before, carry out two-way authentication with the second terminal;The second terminal, it is additionally operable to generate the default value by rear in the two-way authentication, and described in utilizing The public key of first terminal is encrypted to the default value, and the default value after encryption is sent to the first terminal;Described One terminal, it is additionally operable to that the default value after the encryption is decrypted using the private key of the first terminal to obtain the present count Value, and preserve;OrThe first terminal, it is additionally operable to generate the default value by rear in the two-way authentication, and described in utilizing The public key of second terminal is encrypted to the default value, and the default value after encryption is sent to the second terminal;Described Two terminals, it is additionally operable to that the default value after the encryption is decrypted using the private key of the second terminal to obtain the present count Value, and preserve.
- 12. according to the system described in any one of claim 7 to 9, it is characterised in thatThe first terminal, it is additionally operable to before the first terminal sends the first data to second terminal, generates described default Numerical value;First data at least also include:The default value and it is calculated based on the default value anti-tamper Check value;The second terminal, it is additionally operable to after first data are received, is also obtained from first data described default Numerical value and the anti-tamper check value, and the anti-tamper check value is verified, after verification passes through, preserve described pre- If numerical value.
- 13. according to the system described in any one of claim 8 to 12, it is characterised in thatThe default value includes:Default duration;The Δ S be between the first terminal and the second terminal away from During the maximum communication distance supported from the communication mode used for both, the first terminal transfers data to described second eventually Duration needed for end;The numerical value that the first terminal timing obtains in the effective range of the default value, including:Described One terminal is from being sent completely timing obtains after first data duration in the range of [S, S+2 the Δ S];Described second The numerical value that terminal timing obtains reaches the default value, including:The second terminal from finish receiving first data it The duration that timing obtains afterwards reaches the default duration;OrThe default value includes:Default number of cycles;The first terminal, it is additionally operable in the first terminal and described the During the entire process of the communication of two terminals, carrier signal is produced all the time;The Δ S is that the carrier signal passes through the first terminal Number of cycles caused by the maximum communication distance that the communication mode used between the second terminal is supported;Wherein:Institute Numerical value that first terminal timing obtains is stated in the effective range of the default value, including:The first terminal is from having sent The number of cycles for the carrier signal for continuing to send to the second terminal after into first data is in [S, the S+2 Δ S] in the range of;The numerical value that the second terminal timing obtains reaches the default value, including:The second terminal is from reception The number of cycles for the carrier signal for completing persistently to receive after first data reaches the default number of cycles; OrThe default value includes:Default pulse number;The first terminal, it is additionally operable in the first terminal and described the During the entire process of the communication of two terminals, carrier signal is produced all the time;The Δ S is that the carrier signal passes through the first terminal Pulse number caused by the maximum communication distance that the communication mode used between the second terminal is supported;Wherein:Institute Numerical value that first terminal timing obtains is stated in the effective range of the default value, including:The first terminal is from having sent The pulse number for the carrier signal for continuing to send to the second terminal after into first data is in [S, the S+2 Δ S] in the range of;The numerical value that the second terminal timing obtains reaches the default value, including:The second terminal is from reception The pulse number for the carrier signal for completing persistently to receive after first data reaches the default pulse number; OrThe default value includes:Default phase difference;The first terminal, it is additionally operable in the first terminal and described second During the entire process of terminal communication, carrier signal is produced all the time;The Δ S be the carrier signal by the first terminal with Phase change value caused by the maximum communication distance that the communication mode used between the second terminal is supported;Wherein:Institute Numerical value that first terminal timing obtains is stated in the effective range of the default value, including:The carrier signal is in the first phase Position with the phase difference of second phase in the range of [S, S+2 the Δ S], wherein, the first phase exists for the carrier signal The first terminal is sent completely the phase at the time point of first data, and the second phase is the carrier signal in institute State the phase that first terminal allows to start to receive the time point of second data;The numerical value that the second terminal timing obtains reaches To the default value, including:The carrier signal reaches the default phase in the phase difference of third phase and the 4th phase Potential difference, wherein, the third phase be the carrier signal the second terminal finish receiving first data when Between the phase put, the 4th phase is that the carrier signal starts to send the time of second data in the second terminal The phase of point.
Priority Applications (5)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610639441.5A CN107689946B (en) | 2016-08-05 | 2016-08-05 | Data communication method and data communication system |
| US16/314,007 US10609552B2 (en) | 2016-08-05 | 2017-08-04 | System and method for data communication protection |
| PCT/CN2017/096025 WO2018024250A1 (en) | 2016-08-05 | 2017-08-04 | Data communication method and data communication system |
| KR1020187034251A KR101998543B1 (en) | 2016-08-05 | 2017-08-04 | Data communication method and data communication system |
| EP17836431.1A EP3495985A4 (en) | 2016-08-05 | 2017-08-04 | Data communication method and data communication system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610639441.5A CN107689946B (en) | 2016-08-05 | 2016-08-05 | Data communication method and data communication system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107689946A true CN107689946A (en) | 2018-02-13 |
| CN107689946B CN107689946B (en) | 2020-04-17 |
Family
ID=61151089
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610639441.5A Active CN107689946B (en) | 2016-08-05 | 2016-08-05 | Data communication method and data communication system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107689946B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112688774A (en) * | 2020-12-09 | 2021-04-20 | 天地融科技股份有限公司 | Secure communication method and system for protecting key negotiation by using timing communication |
| CN112713991A (en) * | 2020-12-09 | 2021-04-27 | 天地融科技股份有限公司 | Secure communication method and system for protecting key negotiation by using timing communication |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1936917A (en) * | 2006-10-23 | 2007-03-28 | 北京飞天诚信科技有限公司 | Method and apparatus for host machine and smart card to conduct information interaction |
| US20130136046A1 (en) * | 2011-11-30 | 2013-05-30 | Secureall Corporation | Establishment of wireless communications |
| CN103227816A (en) * | 2013-03-25 | 2013-07-31 | 北京小米科技有限责任公司 | Data transmission method, data processing method, device and system |
| WO2014062623A1 (en) * | 2012-10-15 | 2014-04-24 | Powered Card Solutions, Llc | System and method for secure remote access and remote payment using a mobile device and a powered display card |
| CN104320779A (en) * | 2014-11-13 | 2015-01-28 | 熊文俊 | Near field communication authentication method based on U/SIM card authentication response and time-limited feedback |
| CN104754501A (en) * | 2015-04-21 | 2015-07-01 | 北京云迹科技有限公司 | Method and device for transmitting data |
| CN104915616A (en) * | 2015-05-15 | 2015-09-16 | 飞天诚信科技股份有限公司 | Method for accessing smart card and card reader |
| CN105103619A (en) * | 2013-03-15 | 2015-11-25 | 波音公司 | Secure routing based on the physical locations of routers |
-
2016
- 2016-08-05 CN CN201610639441.5A patent/CN107689946B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1936917A (en) * | 2006-10-23 | 2007-03-28 | 北京飞天诚信科技有限公司 | Method and apparatus for host machine and smart card to conduct information interaction |
| US20130136046A1 (en) * | 2011-11-30 | 2013-05-30 | Secureall Corporation | Establishment of wireless communications |
| WO2014062623A1 (en) * | 2012-10-15 | 2014-04-24 | Powered Card Solutions, Llc | System and method for secure remote access and remote payment using a mobile device and a powered display card |
| CN105103619A (en) * | 2013-03-15 | 2015-11-25 | 波音公司 | Secure routing based on the physical locations of routers |
| CN103227816A (en) * | 2013-03-25 | 2013-07-31 | 北京小米科技有限责任公司 | Data transmission method, data processing method, device and system |
| CN104320779A (en) * | 2014-11-13 | 2015-01-28 | 熊文俊 | Near field communication authentication method based on U/SIM card authentication response and time-limited feedback |
| CN104754501A (en) * | 2015-04-21 | 2015-07-01 | 北京云迹科技有限公司 | Method and device for transmitting data |
| CN104915616A (en) * | 2015-05-15 | 2015-09-16 | 飞天诚信科技股份有限公司 | Method for accessing smart card and card reader |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112688774A (en) * | 2020-12-09 | 2021-04-20 | 天地融科技股份有限公司 | Secure communication method and system for protecting key negotiation by using timing communication |
| CN112713991A (en) * | 2020-12-09 | 2021-04-27 | 天地融科技股份有限公司 | Secure communication method and system for protecting key negotiation by using timing communication |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107689946B (en) | 2020-04-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11282057B2 (en) | Methods and arrangements for a personal point of sale device | |
| CN106527673B (en) | Bind method and apparatus, electric paying method and the device of wearable device | |
| US10609552B2 (en) | System and method for data communication protection | |
| US10979899B2 (en) | Data communication method and system | |
| CN101872507B (en) | Data safe transmission method for mobile payment | |
| CN107689946A (en) | A kind of data communication method and data communication system | |
| CN107690144B (en) | Data communication method and system | |
| CN107688760A (en) | A kind of data communication method and data communication system | |
| CN107690133B (en) | Data communication method and system | |
| CN101887503B (en) | Seed circulation supervision system and authentication method thereof | |
| CN107688761A (en) | A kind of data communication method and data communication system | |
| Kortvedt | Securing near field communication | |
| EP3496441B1 (en) | Data communication method and system | |
| KR20150101016A (en) | Method for Controlling Transaction Means by using End-To-End Mutual Authentication based on Near Field Communication | |
| CN107688749A (en) | A kind of safety communicating method and system | |
| CN107690143A (en) | A kind of data communications method and system | |
| CN107545426A (en) | Determine the method and system and method for commerce and system of payment mechanism | |
| CN107545421A (en) | Determine the method and system and method for commerce and system of payment mechanism | |
| CN107690142B (en) | Data communication method and system | |
| CN107690141B (en) | Data communication method and system | |
| A Mohammed | Performance Analysis of Security Measures in Near Field Communication | |
| CN107690145A (en) | A kind of safety communicating method and system | |
| CN107889099A (en) | A kind of data communication method and data communication apparatus | |
| CN107889100A (en) | A kind of data communication method and data communication apparatus | |
| Pan et al. | A New Mobile Information Security Solution Based on External Electronic Key |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20220414 Address after: Tiantianrong building, No. 1, Zhongguancun, Beiqing Road, Haidian District, Beijing 100094 Patentee after: TENDYRON Corp. Address before: 100086 room 603, building 12, taiyueyuan, Haidian District, Beijing Patentee before: Li Ming |