CN108390755A - The safe input method of SIM pasting cards based on built-in security chip - Google Patents

The safe input method of SIM pasting cards based on built-in security chip Download PDF

Info

Publication number
CN108390755A
CN108390755A CN201810022207.7A CN201810022207A CN108390755A CN 108390755 A CN108390755 A CN 108390755A CN 201810022207 A CN201810022207 A CN 201810022207A CN 108390755 A CN108390755 A CN 108390755A
Authority
CN
China
Prior art keywords
information
sender
key
recipient
sim
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810022207.7A
Other languages
Chinese (zh)
Other versions
CN108390755B (en
Inventor
付高磊
姚明月
罗东平
庞潼川
杨成功
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Core Shield (beijing) Information Technology Co Ltd
Original Assignee
Core Shield (beijing) Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Core Shield (beijing) Information Technology Co Ltd filed Critical Core Shield (beijing) Information Technology Co Ltd
Priority to CN201810022207.7A priority Critical patent/CN108390755B/en
Publication of CN108390755A publication Critical patent/CN108390755A/en
Application granted granted Critical
Publication of CN108390755B publication Critical patent/CN108390755B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/04Real-time or near real-time messaging, e.g. instant messaging [IM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L51/00User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail
    • H04L51/52User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail for supporting social networking services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Abstract

The invention discloses the safe input methods of the SIM pasting cards based on built-in security chip, include the following steps:S1, server registration:The ID of the cell-phone number of oneself, the public key that SIM pasting cards generate, SIM pasting cards is uploaded to server preservation by information sender and receiving party by server registration;S2, key exchange:Information sender and receiving party carry out the exchange of public key by server when adding good friend;S3, sender send encryption information:Acquisition encrypting traffic is encrypted to the information to be sent in information sender, and encrypting traffic is sent to receiving party by server;S4, recipient solve confidential information:The encrypting traffic received is decrypted in receiving party;S5, sender review encryption information:The encrypting traffic sent is decrypted in information sender, reviews the information sent.The present invention safe input method can with effective guarantee input information transmission process safety.

Description

The safe input method of SIM pasting cards based on built-in security chip
Technical field
The present invention relates to field of communication technology more particularly to a kind of safety of the SIM pasting cards based on built-in security chip Input method.
Background technology
With the fast development of mobile Internet, instant messaging has become the important communication way of people, but intelligence is eventually End and transmission channel itself are simultaneously dangerous, and major part instant messaging means are all made of the mode of plaintext transmission at present, are transmitted Information does not have security protection means, and chat message, short message, the Email Information of people, which all suffer from, to be stolen or be trapped Possibility.If some important personal information are intercepted and captured by malicious third parties, it is likely that cause heavy losses to people.
Although thering is section communication software or part input method to provide encrypted transmission or the function of encryption input, this side Formula is realized in a manner of software encryption and decryption, it is easy to be captured by Malware.Therefore, it is a kind of right in input method how to provide Input information carries out the technology of hardware encryption/decryption, one of the technical issues of becoming people's urgent need to resolve.
Invention content
The invention discloses a kind of safe input methods of the SIM pasting cards based on built-in security chip, it is therefore an objective to realize Hardware enciphering and deciphering is carried out in instant messaging, prevents the privacy leakage problem in instant messaging.The input method relies on built-in security core The SIM pasting cards of piece complete key generation and to the encryption and decryption of input information by the safety chip in pasting card.Pass through the SIM Pasting card and the safe input method may be implemented in instant messaging to carry out the information such as word, voice, picture, video, file Hardware enciphering and deciphering;The safe input method uses different keys, it can be achieved that a people one is close according to the difference of receiving party simultaneously; Using the key generated at random, it can be achieved that one-time pad when each session.Based on above 3 points, which can be effective Ensure safety of the input information in transmission process.
In order to realize these purposes and other advantages according to the present invention, the SIM patches based on built-in security chip are provided The safe input method of film card, includes the following steps:
S1, server registration:Information sender and receiving party are by server registration, by the mobile phone of oneself when registration Number, the ID of the public key that SIM pasting cards generate, SIM pasting cards be uploaded to server preservation, information sender and receiving party from The private key of body is stored in the safety chip in the SIM pasting cards of itself;
S2, key exchange:Information sender and receiving party carry out the exchange of public key by server when adding good friend And preserve other side's public key;
S3, sender send encryption information:Information sender is close using the session that SIM pasting card built-in security chips generate Recipient's public key of the public key of itself and private key, preservation that key, SIM pasting card built-in security chips generate is to the information to be sent Acquisition encrypting traffic is encrypted, and the encrypting traffic is sent to described information recipient by server;
S4, recipient solve confidential information:Receiving party using itself private key and preservation sender's public key to receiving The encrypting traffic be decrypted;
S5, sender review encryption information:Information sender using the private key and public key of itself to described in having sent plus Ciphertext data stream is decrypted, and reviews the information sent.
Preferably, the specific method of key exchange is in S2:
A preset foundation key in SIM pasting cards, sender, the foundation key of recipient are identical, sending direction service Device sends out the request that addition recipient is good friend, and server sends out the message that sender asks addition good friend to recipient;
When recipient agrees to that addition sender is good friend, server will pass through the encrypted reception of recipient's foundation key Square public key and the SIM pasting cards ID of recipient are handed down to sender, while will pass through the encrypted transmission of sender's foundation key Square public key and the SIM pasting cards ID of sender are handed down to recipient;
Recipient and sender are decrypted to obtain the public key of other side respectively with foundation key, so far complete the friendship of both sides' public key It changes, addition good friend's success, other side's public key is stored in the safety chip in itself SIM pasting card by sender and recipient.
Preferably, the specific method of sender's transmission encryption information is in S3:
Information sender generates a true random number using the safety chip built in its SIM pasting card and adds as session key The close information acquisition cipher-text information a for needing to transmit;
Information sender obtains cipher-text information b after the session key is encrypted using the public key of its own;
Information sender obtains cipher-text information c after the session key is encrypted using other side's public key of its preservation;
Information sender obtains digital signature after using its private key encryption information cryptographic Hash;
Information sender by information time stamp, sender's cell-phone number, recipient's cell-phone number, sender's same day ciphertext serial number, The information such as cryptographic Hash combine to obtain ciphertext index;
Information sender by the ciphertext index, the cipher-text information a, the cipher-text information b, the cipher-text information c and Encrypting traffic is obtained after digital signature sequence encapsulation, and the encrypting traffic is sent to described information by server and is connect Debit;
Information sender chooses sender's cell-phone number, date, sender's same day ciphertext serial number three from ciphertext index Point, become Chinese character or other characters as simplified ciphertext index by the mapping of mapping table, and reduced index is passed through into Instant Messenger Letter tool is sent to receiving party.
Preferably, the specific method of recipient's solution confidential information is in S4:
When recipient decrypts, the simplification ciphertext index received is replicated, is found in the mapping table of server corresponding true Information, i.e. sender's cell-phone number, information time stamp, sender's same day ciphertext serial number three parts, and find corresponding complete ciphertext Index, and then find corresponding complete ciphertext data;
Recipient obtains digest value H1 with the public key decryptions digital signature of sender;
Recipient decrypts cipher-text information c with the private key of oneself, obtains session key;
Recipient decrypts cipher-text information a with session key, obtains cleartext information;
Cleartext information is carried out Hash operation by recipient, obtains new digest value H2, digest value H2 and decryption are obtained Digest value H1 be compared, the two unanimously i.e. display decryption after cleartext information.
Preferably, the specific method that sender reviews encryption information in S5 is:
When sender reviews the encryption information oneself sent out, the ciphertext index received is replicated, is looked in server mapping table To corresponding real information, i.e. sender's cell-phone number, date, sender's same day ciphertext serial number three parts, and it is true by this Information finds corresponding complete ciphertext index, and then finds corresponding complete ciphertext data;
Sender obtains digest value H3 with the public key decryptions digital signature of oneself;
Sender decrypts cipher-text information b with the private key of oneself, obtains session key;
Sender decrypts cipher-text information a with session key, obtains cleartext information;
Cleartext information is carried out Hash operation by sender, obtains new digest value H4, digest value H4 and decryption are obtained Digest value H3 be compared, the two unanimously i.e. display decryption after cleartext information.
Preferably, specific mapping table content can be replaced according to demand in the mapping process of mapping table.
Preferably, all encryption and decryption processes are completed in the safety chip of SIM pasting cards, SIM pad pasting cartoons It crosses ISO7816 interfaces and SIM card and mobile phone etc. and supports that the terminal of SIM card is communicated, user need to only stick on SIM card surface Instant messaging encryption and decryption functions can be used in the pasting card of this built-in security chip, installation input method related application.
The beneficial effects of the invention are as follows:The SIM pasting cards of the present invention pass through the branch such as ISO7816 interfaces and SIM card and mobile phone The terminal for holding SIM card is communicated.User only need to stick the pasting card of this built-in security chip on SIM card surface, installation Instant messaging encryption and decryption functions can be used in input method related application.In information transmitting terminal by the safety chip in SIM pasting cards It realizes and hardware encryption is carried out to input content, realized by the safety chip in SIM pasting cards to receiving in information receiving end Encrypted content carries out hardware decryption, and private key does not all go out safety chip in entire encryption process, ensure that private key is communicating It is not stolen in the process, provides effective guarantee for user security communication, whole process effectively prevent information leakage, has following three Feature:
1, safety:Hardware enciphering and deciphering, encryption process are completed in safety chip, and private key does not go out safety chip, can be had Effect prevents information leakage;Both sides are needed to carry out key exchange before the use, a people one is close;In encrypting conversation procedure every time Newly-generated random number is used to encrypt session information, one-time pad as session key;Each encryption information carries digital signature, It can be used for authentication, and can ensure the integrality of information by comparing summary info and not be tampered;
2, convenience:User need to only stick built-in without existing SIM cards of mobile phones and mobile phone terminal is needed to change on SIM card surface Instant messaging encryption and decryption functions can be used in the pasting card of safety chip, installation input method related application;
3, concealment:When coded communication, which sends ciphertext index by instant messaging tools, passes through service Device sends the information such as ciphertext, voice, picture, video, document, and it is encrypted to be both well positioned to meet current user's instant messaging It is required that and be avoided that in instant messaging application frequently send encryption information cause concern and suspect, cause information filtered or By envelope account.
Part is illustrated to embody by further advantage, target and the feature of the present invention by following, and part will also be by this The research and practice of invention and be understood by the person skilled in the art.
Description of the drawings
Fig. 1 is the flow diagram of exchange of public keys;
Fig. 2 is the flow diagram of information encrypting and decrypting process.
Specific implementation mode
Present invention will be described in further detail below with reference to the accompanying drawings, to enable those skilled in the art with reference to specification text Word can be implemented according to this.
It should be appreciated that such as " having ", "comprising" and " comprising " term used herein do not allot one or more The presence or addition of a other elements or combinations thereof.
As shown in Fig. 1~2, the safe input method of the SIM pasting cards based on built-in security chip includes the following steps:
S1, server registration:Each SIM pasting cards can generate a pair of of public private key pair, and information sender and information receive By server registration, the ID of the cell-phone number of oneself, the public key that SIM pasting cards generate, SIM pasting cards is uploaded to by when registration for side Server preserves, while SIM pasting cards ID being bound with cell-phone number, the private key of information sender and receiving party itself It is stored in the safety chip of SIM pasting cards of itself;
S2, key exchange:Information sender and receiving party carry out the exchange of public key by server when adding good friend And preserve other side's public key;
S3, sender send encryption information:Information sender is close using the session that SIM pasting card built-in security chips generate Recipient's public key of the public key of itself and private key, preservation that key, SIM pasting card built-in security chips generate is to the information to be sent Acquisition encrypting traffic is encrypted, and the encrypting traffic is sent to described information recipient by server;
S4, recipient solve confidential information:Receiving party using itself private key and preservation sender's public key to receiving The encrypting traffic be decrypted;
S5, sender review encryption information:Information sender using the private key and public key of itself to described in having sent plus Ciphertext data stream is decrypted, and reviews the information sent.
The SIM pasting cards of the present invention support that the terminal of SIM card is led to by ISO7816 interfaces and SIM card and mobile phone etc. Letter.User only need to stick the pasting card of this built-in security chip on SIM card surface, and installation input method related application can make With instant messaging encryption and decryption functions.It is realized by the safety chip in SIM pasting cards in information transmitting terminal and input content is carried out firmly Part is encrypted, and is realized by the safety chip in SIM pasting cards in information receiving end and is carried out hardware decryption to the encrypted content received, Private key does not all go out safety chip in entire encryption process, ensure that private key is not stolen in communication process, is user Secure communication provides effective guarantee, and whole process effectively prevent information leakage.The input method relies on the SIM pad pastings of built-in security chip Card completes key generation and to the encryption and decryption of input information by the safety chip in pasting card.Pass through the SIM pasting cards and the peace Full input method may be implemented to carry out hardware enciphering and deciphering to information such as word, voice, picture, video, files in instant messaging;Together When the safe input method according to the difference of receiving party using different keys, it can be achieved that a people one is close;Make when each session With the key generated at random, it can be achieved that one-time pad.Based on above 3 points, which can be with effective guarantee input information In the safety of transmission process.
Further, the specific method of key exchange is in S2:
A preset foundation key in SIM pasting cards, sender, the foundation key of recipient are identical, sending direction service Device sends out the request that addition recipient is good friend, and server sends out the message that sender asks addition good friend to recipient;
When recipient agrees to that addition sender is good friend, server will pass through the encrypted reception of recipient's foundation key Square public key and the SIM pasting cards ID of recipient are handed down to sender, while will pass through the encrypted transmission of sender's foundation key Square public key and the SIM pasting cards ID of sender are handed down to recipient;
Recipient and sender are decrypted to obtain the public key of other side respectively with foundation key, so far complete the friendship of both sides' public key It changes, addition good friend's success, other side's public key is stored in the safety chip in itself SIM pasting card by sender and recipient.
Further, the specific method of sender's transmission encryption information is in S3:
Information sender generates a true random number using the safety chip built in its SIM pasting card and adds as session key The close information acquisition cipher-text information a for needing to transmit;Both sides need selection encryption contact person first before communication is encrypted, that is, The people for wanting receiving encryption key, according to selected encryption contact person in safety chip in find public key to be used, input will add Close information is simultaneously encrypted, and session key used in encryption information is one generated by the safety chip in SIM pasting cards A true random number, one-time pad;
Information sender obtains cipher-text information b after the session key is encrypted using the public key of its own;
Information sender obtains cipher-text information c after the session key is encrypted using other side's public key of its preservation;
Information sender obtains digital signature after using its private key encryption information cryptographic Hash;
Information sender by information time stamp, sender's cell-phone number, recipient's cell-phone number, sender's same day ciphertext serial number, The information such as cryptographic Hash combine to obtain ciphertext index;Ciphertext index for finding corresponding ciphertext, ciphertext index in the server Including information time stamp, sender's cell-phone number and safety equipment ID number, recipient's cell-phone number and safety equipment ID number, sender work as Day ciphertext serial number, information type (including:Text, voice, picture, video, document), cryptographic Hash;
Information sender by the ciphertext index, the cipher-text information a, the cipher-text information b, the cipher-text information c and Encrypting traffic is obtained after digital signature sequence encapsulation, and the encrypting traffic is sent to described information by server and is connect Debit;
Information sender chooses sender's cell-phone number, date, sender's same day ciphertext serial number three from ciphertext index Point, become Chinese character or other characters as simplified ciphertext index by the mapping of mapping table, and reduced index is passed through into Instant Messenger Letter tool is sent to receiving party.
Further, the specific method of recipient's solution confidential information is in S4:
When recipient decrypts, the simplification ciphertext index received is replicated, is found in the mapping table of server corresponding true Information, i.e. sender's cell-phone number, information time stamp, sender's same day ciphertext serial number three parts, and find corresponding complete ciphertext Index, and then find corresponding complete ciphertext data;
Recipient obtains digest value H1 with the public key decryptions digital signature of sender;
Recipient decrypts cipher-text information c with the private key of oneself, obtains session key;
Recipient decrypts cipher-text information a with session key, obtains cleartext information;
Cleartext information is carried out Hash operation by recipient, obtains new digest value H2, digest value H2 and decryption are obtained Digest value H1 be compared, the two unanimously i.e. display decryption after cleartext information.
Further, the specific method that sender reviews encryption information in S5 is:
When sender reviews the encryption information oneself sent out, the ciphertext index received is replicated, is looked in server mapping table To corresponding real information, i.e. sender's cell-phone number, date, sender's same day ciphertext serial number three parts, and it is true by this Information finds corresponding complete ciphertext index, and then finds corresponding complete ciphertext data;
Sender obtains digest value H3 with the public key decryptions digital signature of oneself;
Sender decrypts cipher-text information b with the private key of oneself, obtains session key;
Sender decrypts cipher-text information a with session key, obtains cleartext information;
Cleartext information is carried out Hash operation by sender, obtains new digest value H4, digest value H4 and decryption are obtained Digest value H3 be compared, the two unanimously i.e. display decryption after cleartext information.
Further, specific mapping table content can be replaced according to demand in the mapping process of mapping table.
Further, all encryption and decryption processes are completed in the safety chip of SIM pasting cards.
Number of devices and treatment scale described herein are the explanations for simplifying the present invention.To the present invention is based on built-in The application of the safe input method of the SIM pasting cards of safety chip, modifications and variations be to one skilled in the art it is aobvious and It is clear to.
Although the embodiments of the present invention have been disclosed as above, but its is not only in the description and the implementation listed With it can be fully applied to various fields suitable for the present invention, for those skilled in the art, can be easily Realize other modification, therefore without departing from the general concept defined in the claims and the equivalent scope, the present invention is simultaneously unlimited In specific details and legend shown and described herein.

Claims (7)

1. the safe input method of the SIM pasting cards based on built-in security chip, which is characterized in that include the following steps:
S1, server registration:Information sender and receiving party by server registration, when registration by the cell-phone number of oneself, The ID of public key, SIM pasting cards that SIM pasting cards generate is uploaded to server preservation, information sender and receiving party itself Private key be stored in the safety chip of SIM pasting cards of itself;
S2, key exchange:Exchange and the guarantor of public key are carried out when information sender and receiving party add good friend by server Deposit other side's public key;
S3, sender send encryption information:Information sender using SIM pasting card built-in security chips generate session key, SIM pasting card built-in security chips generate the public key of itself and private key, preservation recipient's public key to the information to be sent into Row encryption obtains encrypting traffic, and the encrypting traffic is sent to described information recipient by server;
S4, recipient solve confidential information:Receiving party using itself private key and preservation sender's public key to the institute that receives Encrypting traffic is stated to be decrypted;
S5, sender review encryption information:Information sender is using the private key and public key of itself to the encryption number that has sent It is decrypted according to stream, reviews the information sent.
2. the safe input method of the SIM pasting cards based on built-in security chip as described in claim 1, which is characterized in that S2 The specific method that middle key exchanges is:
A preset foundation key in SIM pasting cards, sender, the foundation key of recipient are identical, sending direction server hair Go out to add the request that recipient is good friend, server sends out the message that sender asks addition good friend to recipient;
When recipient agrees to that addition sender is good friend, it is public that server will pass through the encrypted recipient of recipient's foundation key Key and the SIM pasting cards ID of recipient are handed down to sender, while it is public to pass through the encrypted sender of sender's foundation key Key and the SIM pasting cards ID of sender are handed down to recipient;
Recipient and sender are decrypted to obtain the public key of other side respectively with foundation key, are so far completed the exchange of both sides' public key, are added Plusing good friend success, other side's public key is stored in the safety chip in itself SIM pasting card by sender and recipient.
3. the safe input method of the SIM pasting cards based on built-in security chip as described in claim 1, which is characterized in that S3 The specific method that middle sender sends encryption information is:
Information sender generates a true random number using the safety chip built in its SIM pasting card and is needed as session key encryption The information acquisition cipher-text information a to be transmitted;
Information sender obtains cipher-text information b after the session key is encrypted using the public key of its own;
Information sender obtains cipher-text information c after the session key is encrypted using other side's public key of its preservation;
Information sender obtains digital signature after using its private key encryption information cryptographic Hash;
Information sender is by information time stamp, sender's cell-phone number, recipient's cell-phone number, sender's same day ciphertext serial number, Hash Value information combines to obtain ciphertext index;
Information sender is by the ciphertext index, the cipher-text information a, the cipher-text information b, the cipher-text information c and number Encrypting traffic is obtained after signature sequence encapsulation, and the encrypting traffic is sent to described information by server and is received Side;
Information sender chooses sender's cell-phone number, date, sender's same day ciphertext serial number three parts from ciphertext index, warp Crossing the mapping of mapping table becomes Chinese character or other characters as simplified ciphertext index, and reduced index is passed through instant messaging tools It is sent to receiving party.
4. the safe input method of the SIM pasting cards based on built-in security chip as claimed in claim 3, which is characterized in that S4 The specific method that middle recipient solves confidential information is:
When recipient decrypts, the simplification ciphertext index received is replicated, corresponding real information is found in the mapping table of server, That is sender's cell-phone number, information time stamp, sender's same day ciphertext serial number three parts, and corresponding complete ciphertext index is found, And then find corresponding complete ciphertext data;
Recipient obtains digest value H1 with the public key decryptions digital signature of sender;
Recipient decrypts cipher-text information c with the private key of oneself, obtains session key;
Recipient decrypts cipher-text information a with session key, obtains cleartext information;
Cleartext information is carried out Hash operation by recipient, obtains new digest value H2, is plucked what digest value H2 and decryption were obtained Value H1 is compared, and the two unanimously shows the cleartext information after decryption.
5. the safe input method of the SIM pasting cards based on built-in security chip as claimed in claim 3, which is characterized in that S5 The specific method that middle sender reviews encryption information is:
When sender reviews the encryption information oneself sent out, the ciphertext index received is replicated, is found in server mapping table pair The real information answered, i.e. sender's cell-phone number, date, sender's same day ciphertext serial number three parts, and pass through the real information Corresponding complete ciphertext index is found, and then finds corresponding complete ciphertext data;
Sender obtains digest value H3 with the public key decryptions digital signature of oneself;
Sender decrypts cipher-text information b with the private key of oneself, obtains session key;
Sender decrypts cipher-text information a with session key, obtains cleartext information;
Cleartext information is carried out Hash operation by sender, obtains new digest value H4, is plucked what digest value H4 and decryption were obtained Value H3 is compared, and the two unanimously shows the cleartext information after decryption.
6. the safe input method of the SIM pasting cards based on built-in security chip as claimed in claim 3, which is characterized in that reflect Specific mapping table content can be replaced according to demand in the mapping process of firing table.
7. the safe input method of the SIM pasting cards based on built-in security chip as described in claim 1, which is characterized in that institute There are encryption and decryption processes to be completed in the safety chip of SIM pasting cards.
CN201810022207.7A 2018-01-10 2018-01-10 Safety input method of SIM (subscriber identity Module) film-pasting card based on built-in safety chip Active CN108390755B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810022207.7A CN108390755B (en) 2018-01-10 2018-01-10 Safety input method of SIM (subscriber identity Module) film-pasting card based on built-in safety chip

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810022207.7A CN108390755B (en) 2018-01-10 2018-01-10 Safety input method of SIM (subscriber identity Module) film-pasting card based on built-in safety chip

Publications (2)

Publication Number Publication Date
CN108390755A true CN108390755A (en) 2018-08-10
CN108390755B CN108390755B (en) 2021-01-12

Family

ID=63076058

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810022207.7A Active CN108390755B (en) 2018-01-10 2018-01-10 Safety input method of SIM (subscriber identity Module) film-pasting card based on built-in safety chip

Country Status (1)

Country Link
CN (1) CN108390755B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111131008A (en) * 2020-01-10 2020-05-08 河南芯盾网安科技发展有限公司 Method and device for disguising hidden ciphertext
CN111162901A (en) * 2019-12-11 2020-05-15 上海邮电设计咨询研究院有限公司 Application shared key obtaining method of non-SIM terminal
CN111431710A (en) * 2020-03-24 2020-07-17 数据通信科学技术研究所 Encryption method and device, reference method and device, supervision method and device
CN112291196A (en) * 2020-09-28 2021-01-29 北京芯盾集团有限公司 End-to-end encryption method and system suitable for instant messaging

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080212776A1 (en) * 2006-11-07 2008-09-04 Kabushiki Kaisha Toshiba Encryption processing circuit and encryption processing method
CN101986641A (en) * 2010-10-20 2011-03-16 杭州晟元芯片技术有限公司 Trusted computing platform chip applicable to mobile communication equipment and authentication method thereof
CN102831518A (en) * 2011-06-16 2012-12-19 同方股份有限公司 Mobile payment method and system supporting authorization of third party
WO2014136041A1 (en) * 2013-03-04 2014-09-12 Visa International Service Association Cryptographic label for attachment to a communication card
CN107342977A (en) * 2017-05-26 2017-11-10 芯盾网安(北京)科技发展有限公司 Suitable for the information security method of point-to-point instant messaging

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080212776A1 (en) * 2006-11-07 2008-09-04 Kabushiki Kaisha Toshiba Encryption processing circuit and encryption processing method
CN101986641A (en) * 2010-10-20 2011-03-16 杭州晟元芯片技术有限公司 Trusted computing platform chip applicable to mobile communication equipment and authentication method thereof
CN102831518A (en) * 2011-06-16 2012-12-19 同方股份有限公司 Mobile payment method and system supporting authorization of third party
WO2014136041A1 (en) * 2013-03-04 2014-09-12 Visa International Service Association Cryptographic label for attachment to a communication card
CN107342977A (en) * 2017-05-26 2017-11-10 芯盾网安(北京)科技发展有限公司 Suitable for the information security method of point-to-point instant messaging

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111162901A (en) * 2019-12-11 2020-05-15 上海邮电设计咨询研究院有限公司 Application shared key obtaining method of non-SIM terminal
CN111162901B (en) * 2019-12-11 2022-05-27 上海邮电设计咨询研究院有限公司 Application shared key obtaining method of non-SIM terminal
CN111131008A (en) * 2020-01-10 2020-05-08 河南芯盾网安科技发展有限公司 Method and device for disguising hidden ciphertext
CN111431710A (en) * 2020-03-24 2020-07-17 数据通信科学技术研究所 Encryption method and device, reference method and device, supervision method and device
WO2021189566A1 (en) * 2020-03-24 2021-09-30 数据通信科学技术研究所 Encryption method and device allowing for sender access and third party supervision
CN112291196A (en) * 2020-09-28 2021-01-29 北京芯盾集团有限公司 End-to-end encryption method and system suitable for instant messaging

Also Published As

Publication number Publication date
CN108390755B (en) 2021-01-12

Similar Documents

Publication Publication Date Title
US8499156B2 (en) Method for implementing encryption and transmission of information and system thereof
CN101188496B (en) A SMS encryption transport method
CN105450395A (en) Information encryption and decryption processing method and system
JPH0823330A (en) Safe data communication
CN101720071A (en) Short message two-stage encryption transmission and secure storage method based on safety SIM card
CN108390755A (en) The safe input method of SIM pasting cards based on built-in security chip
CN108090370A (en) Instant messaging encryption method and system based on index
CN107579903B (en) Picture message secure transmission method and system based on mobile device
CN106549858B (en) Instant messaging encryption method based on identification password
CN107666395A (en) One population file management method, user terminal, group chat system
CN101795315A (en) System and method for encrypting short messages by using mobile phone terminal
CN105281897A (en) File encryption method and device and file decryption method and device
CN103067897A (en) Asymmetrical mobile phone short message encryption method
CN105592431A (en) Short message encryption method based on iOS system mobile terminal
CN102523563B (en) Multimedia messaging service (MMS) encrypting method based on identity-based cryptograph (IBC) technology
CN103916834A (en) Short message encryption method and system allowing user to have exclusive secret key
Riaz et al. Development of a secure SMS application using advanced encryption standard (AES) on android platform
CN101262340A (en) MMS encryption method and mobile terminal for transmitting and receiving encrypted MMS
Sagheer et al. Sms security for smartphone
CN102413462B (en) Method and system for improving safety of voice communication of mobile terminal system based on safety micro secure digital (TF) card
CN104243291A (en) Instant messaging method and system thereof capable of guaranteeing safety of user communication content
CN201623859U (en) System for encrypting short messages through mobile phone terminal
US20230070408A1 (en) Secure communication device equipped with quantum encryption chip based quantum random number and method of providing secure communication service using the same
CN111541603B (en) Independent intelligent safety mail terminal and encryption method
CN103634313B (en) Address list processing method and device, as well as mobile terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 100085 Beijing Haidian District, Northeast Wangxi Road, No. 8 Courtyard, 2nd Floor 217

Applicant after: Beijing Shield Group Co., Ltd.

Address before: 102402 room 4, 4 floor, 2 building, 85 Hong Yuan Road, Fangshan District, Beijing.

Applicant before: Core shield (Beijing) Information Technology Co., Ltd.

CB02 Change of applicant information
GR01 Patent grant
GR01 Patent grant