CN108769027A - Safety communicating method, device, mobile terminal and storage medium - Google Patents
Safety communicating method, device, mobile terminal and storage medium Download PDFInfo
- Publication number
- CN108769027A CN108769027A CN201810549348.4A CN201810549348A CN108769027A CN 108769027 A CN108769027 A CN 108769027A CN 201810549348 A CN201810549348 A CN 201810549348A CN 108769027 A CN108769027 A CN 108769027A
- Authority
- CN
- China
- Prior art keywords
- data
- ciphertext
- parameter
- algorithm
- secret key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/045—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3249—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using RSA or related signature schemes, e.g. Rabin scheme
Abstract
The present invention relates to the encrypted technical field of information more particularly to a kind of safety communicating method, device, mobile terminal and storage mediums, including step:Secret key, algorithm and ciphertext are generated, carries out obscuring operation, abstract operation is carried out and generates signed data;It recodes, generates new character strings, server-side is sent to as parameter together with the AppID of called side;License data, verify data validity and service call permission are obtained according to AppID, the ciphertext in the secret and parameter in license data is obscured into generation signature, is signed relatively and verifies legitimacy;It decrypts to obtain secondary decryption after secret key to the ciphertext in parameter, generates and be transmitted to transaction core in plain text, obtain response results data, encryption generates ciphertext and is sent to client;It is decrypted, is generated in plain text using secret key and algorithm.The present invention uses multi-enciphering mode safeguards system safe and stable operation, avoids information leakage.
Description
Technical field
The present invention relates to the technical field of information encryption and decryption more particularly to a kind of safety communicating method, device, mobile terminals
And storage medium.
Background technology
In the information age, communication is essential basis, the contact between not only convenient people but also is more had
Conducive to social management but how to ensure that the safety of communication information is then the most important thing, is necessarily required to introduce information encryption skill at this time
Art.
The Encryption Platform of network communication class on domestic market is broadly divided into two big classifications:That is dedicated encrypted core
Piece and software encryption system.Special encryption chip development cost is high, can only in most cases realize a kind of Encryption Algorithm, it is difficult to
Good be connected is carried out with upper layer application so that most of special encryption chips fail to be applied on specific product;It is soft
Part encryption system is to apply more security classes product currently on the market, and development process is simple, can be embedded into very well other
In application program.But cipher mode is more single between existing system, mostly uses a certain cipher mode and carries out safe control
System, exists by the defect of Brute Force, and severe patient can cause enterprise to generate economic loss.
Invention content
It is above-mentioned to solve present invention aims at a kind of safety communicating method of proposition, device, mobile terminal and storage medium
Shortcoming in background technology, for cipher mode between existing system, single, user password is let out by Brute Force, confidential information
Dew causes the serious problems such as economic loss and privacy exposure security vulnerabilities to be shielded, using multi-enciphering mode to prevent user
Privacy information or important business data are stolen, and data are intercepted and captured or distorted by third party, thus safeguards system safe and stable operation,
Two outposts of the tax office of close verification are also tested by setting, avoid information leakage, it is ensured that data access interface called side possesses matching permission.
To achieve the goals above, the present invention provides the following technical solutions:
A kind of safety communicating method, for realizing the multi-enciphering in communication, the safety communicating method, including following step
Suddenly:
S1:The interface that server-side provides is called in the interface called side of client, secret key and algorithm are generated, respectively to business
Operation is encrypted in parameter and secret key, generates corresponding service parameter ciphertext and secret key ciphertext, then the secret issued with gateway
It carries out obscuring operation, carries out abstract operation using algorithm, generate signed data;
S2:Ciphertext and signed data are recoded into line character, new character strings is generated, makees together with the AppID of called side
It is sent to server-side for required parameter, calls gateway interface, checking request parameter;It is independent that each described called side is owned by one
AppID;
S3:License data are obtained according to AppID, the validity and service call permission of verify data are generated using S1
Algorithm the ciphertext in the secret and parameter in license data is obscured into generation signed data, with the signature generated in S1
Data are compared, and verify signed data legitimacy;
S4:Ciphertext in parameter is decrypted after obtaining secret key, secondary decryption is carried out, generates in plain text and is transmitted to transaction core
The heart obtains response results data, response results data is encrypted, and generates ciphertext data and is sent to client;
S5:The ciphertext data of response results are obtained in client, the secret key generated in applying step S1 and algorithm are to ciphertext
Data are decrypted, and generate clear data.
In one embodiment, the step S1 includes:
S101:The interface that server-side provides is called in the interface called side of client, the first secret key is generated, according to generation
First secret key generates the first algorithm;
S102:Operation is encrypted using the first algorithm in the character code for obtaining service parameter to be encrypted, joins to its business
Number is encrypted, and generates corresponding service parameter ciphertext;
S103:The second algorithm is generated according to the public key that gateway is issued, behaviour is encrypted using second the first secret key of algorithm pair
Make, generates corresponding secret key ciphertext;
S104:The secret that the service parameter ciphertext and gateway of generation are issued is carried out to obscure operation, it is described to obscure operation
It is realized in such a way that the secret that increase gateway is issued in service parameter ciphertext is as suffix;
S105:Abstract operation is carried out using third algorithm, generates the signed data of this request, the signed data is used for
Verify the legitimacy of service parameter.
In one embodiment, the step S2 includes:
S201:The secret key ciphertext and step that will be generated in the service parameter ciphertext generated in step S102, step S103
The signed data application Base64 coding modes generated in S105 re-start character code, and generate new character after processing
String;
S202:The AppID that the new character string and gateway of generation is issued is used as required parameter together, by data transmission
It is sent to server-side, and calls the gateway interface of server-side, which is verified.
In one embodiment, the step S3 includes:
S301:The gateway interface of server-side is called, whether the type for the required parameter that service for checking credentials termination receives is complete, such as
It is complete, then judge that parameter is legal, and carry out in next step;There is any parameter to lack in the required parameter such as received, then judges
Parameter is illegal, and returns to error code;
S302:According to the AppID of called side, the licensing that the corresponding gateway that server-side preserves is presented to called side is obtained
License data;
S303:After obtaining the corresponding license data of the AppID, the validity and service call of license data are verified
Permission;
S304:Third algorithm in applying step S105 mixes the ciphertext in the secret and parameter in license data
Confuse and generates signed data;
S305:The signed data that the signed data that S304 is generated is generated with client in the step S105 is compared
Compared with verifying the legitimacy of signed data.
In one embodiment, the step S304 includes:
S30401:Increase the secret in license data in ciphertext in parameter as suffix, to close in parameter
Secret in text and license data carries out obscuring operation;
S30402:After carrying out obscuring operation, the third algorithm in applying step S105 carries out abstract operation, generates to be tested
The signed data of card.
In one embodiment, the step S4 includes:
S401:According to the second secret key of corresponding second algorithm in license, the second algorithm in applying step S103 will
The first secret key ciphertext in parameter is decrypted, and obtains the first secret key;
S402:It is decrypted using the first secret key and corresponding first algorithm of generation, it is bright that service parameter is generated after decryption
Text;
S403:Service parameter after decryption is transmitted to the transaction core of server-side in plain text, acquisition is transferred to transaction core
Response results data;
S404:The first secret key that the response results data are generated in applying step S401 and corresponding first algorithm
It is encrypted, generates the ciphertext data of response results data, and be sent to client.
Based on the same technical idea, the present invention also provides a kind of secure communication device, the secure communication device, packets
It includes:Generation module generates secret key and algorithm, respectively for calling the interface that server-side provides in the interface called side of client
Operation is encrypted to service parameter and secret key, generates corresponding service parameter ciphertext and secret key ciphertext, then issued with gateway
Secret carries out obscuring operation, carries out abstract operation using algorithm, generates signed data;Coding module is used for ciphertext and label
Name data carry out character recodification, generate new character strings, service is sent to as required parameter together with the AppID of called side
Gateway interface, checking request parameter are called in end;Each described called side is owned by an independent AppID;Authentication module is used
According to AppID acquisition license data, the validity and service call permission of verify data, using in above-mentioned generation module
Algorithm the ciphertext in the secret and parameter in license data is obscured into generation signed data, generated with generation module
Signed data be compared, verify signed data legitimacy;Acquisition module, for being obtained after the ciphertext in parameter is decrypted
To after secret key, secondary decryption is carried out, generates in plain text and be transmitted to trade center, response results data are obtained, to response results data
It is encrypted, generates ciphertext data and be sent to client;Deciphering module, the ciphertext for obtaining response results in client
Data are decrypted ciphertext data using the secret key and algorithm that are generated in generation module, generate clear data.
In one embodiment, generation module includes:
Secret key generation module, for the interface called side in client, the interface for calling server-side to provide generates business behaviour
Secret key needed for making;Algorithm generation module generates the algorithm used needed for business operation for the secret key according to generation;Ciphertext
Generation module after the character code for treating encrypted service parameter using algorithm is encrypted, generates corresponding business ginseng
It counts ciphertext and operation is encrypted to secret key using algorithm, generate corresponding secret key ciphertext;Signature generation module, for that will generate
Service parameter ciphertext and the secret that issues of gateway carry out obscuring operation, carry out abstract operation using third algorithm, generate industry
Required signed data is sought in business operation.
Based on the same technical idea, the present invention also provides a kind of mobile terminal, the mobile terminal, including:It is touch-sensitive aobvious
Show device;Memory;One or more processors;
The step of one or more of processors are configurable for executing above-mentioned safety communicating method.
Based on the same technical idea, the present invention also provides a kind of storage medium being stored with computer-readable instruction, institutes
When stating computer-readable instruction and being executed by one or more processors so that one or more processors execute above-mentioned secure communication
The step of method.
Above-mentioned safety communicating method, device, mobile terminal and storage medium call service in the interface called side of client
The interface provided is provided, secret key and algorithm is generated, operation is encrypted to service parameter and secret key respectively, generates corresponding business ginseng
Number ciphertext and secret key ciphertext, then the secret issued with gateway carry out obscuring operation, carry out abstract operation using algorithm, generate label
Name data;Ciphertext and signed data are recoded into line character, generate new character strings, is used as and asks together with the AppID of called side
It asks parameter to be sent to server-side, calls gateway interface, checking request parameter;It is independent that each described called side is owned by one
AppID;License data, the validity and service call permission of verify data, using aforementioned generation are obtained according to AppID
Ciphertext in secret and parameter in license data is obscured generation signed data by algorithm, the number of signature with aforementioned generation
According to being compared, signed data legitimacy is verified;Ciphertext in parameter is decrypted after obtaining secret key, secondary decryption is carried out,
Transaction core is generated in plain text and be transmitted to, response results data is obtained, response results data is encrypted, generates ciphertext number
According to being sent to client;The ciphertext data of response results are obtained in client, using the secret key and algorithm of aforementioned generation to ciphertext
Data are decrypted, and generate clear data.Compared with prior art, the beneficial effects of the invention are as follows:It is carried out using multiple form
Encryption, is not easy to be cracked, user privacy information or important business data is effectively prevent to be read.Effectively shield security protection leakage
Hole, safeguards system are safely and steadily run, and data is prevented to be intercepted by a third party or distort.Provided with testing two outposts of the tax office of close verification,
Avoid information leakage, it is ensured that data access interface called side possesses the permission that matches.
Description of the drawings
Fig. 1 is the flow chart of safety communicating method in one embodiment of the invention;
Fig. 2 is to carry out abstract operation in one embodiment of the invention, generates the flow chart of signed data;
Fig. 3 is to recode in one embodiment of the invention, calls the flow chart of gateway interface;
Fig. 4 is to carry out data verification, the flow chart of signature verification in one embodiment of the invention;
Fig. 5 is that ciphertext decryption is carried out in one embodiment of the invention, and request handles and returns to the flow chart of handling result;
Fig. 6 is the structure diagram of secure communication device in one embodiment of the invention;
Fig. 7 is the structure diagram of generation module in one embodiment of the invention;
One embodiment schematic block diagram of Fig. 8 mobile terminal part-structures provided in an embodiment of the present invention.
Specific implementation mode
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation describes, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, those of ordinary skill in the art are obtained every other without creative efforts
Embodiment shall fall within the protection scope of the present invention.
As shown in Figure 1, the present invention provides a kind of technical solution:
A kind of safety communicating method, the safety communicating method, is as follows:
S1:The interface that server-side provides is called in the interface called side of client, secret key and algorithm are generated, respectively to business
Operation is encrypted in parameter and secret key, generates corresponding service parameter ciphertext and secret key ciphertext, then the secret issued with gateway
It carries out obscuring operation, carries out abstract operation using algorithm, generate signed data;
In the present embodiment, the interface provided in the interface called side of client calling server-side, generation secret key, and according to
Operation is encrypted in secret key generating algorithm, generates ciphertext, carries out the secret that the ciphertext of generation and gateway are issued to obscure behaviour
Make, reapplies algorithm and carry out abstract operation, generate signed data.
S2:Ciphertext and signed data are recoded into line character, new character strings is generated, makees together with the AppID of called side
It is sent to server-side for required parameter, calls gateway interface, checking request parameter;It is independent that each called side is owned by one
AppID;
Recodification refers to the service parameter ciphertext for generating step S1, secret key ciphertext, signed data application Base64 codings
Mode re-starts character code, generates new character string after processing, then the AppID that new character string and gateway are issued makees
For required parameter, it is sent to server-side, the gateway interface of server-side is finally called, so as to checking request parameter.
The Base64 codings, refer to first selecting 64 printable character-- lowercase a-z, capitalization A-Z, numbers
Word 0-9, symbol "+", "/" (along with as completion word "=", actually 65 characters), as a base character
Collection.Then, the character other all symbols being all converted into this character set.
Using every three bytes as one group, 24 binary digits are come to.This 24 binary digits are divided into four groups, each
Group has 6 binary digits.Add two 00 before every group, is extended to 32 binary digits, i.e. four bytes.
If byte number less than three, is handled in this way:
A) the case where two bytes:16 binary digits altogether of this two bytes are changed into three according to above rule
Group, last group other than front adds two 0, behind also to add two 0.One three Base64 codings are obtained in this way,
Again one is filled at end "=" number.
B) the case where a byte:By 8 binary digits of this byte, two groups are changed into according to above rule, most
Later group other than front adds two 0, behind again plus 40.One two Base64 codings are obtained in this way, then at end
Fill two "=" number.
According to following table, the correspondence symbol of each byte after being expanded, the as encoded radio of Base64.
Conversion preceding 10,101,101 10,111,010 01110110
00,101,011 00,011,011 00,101,001 00110110 after conversion
The decimal system 43 27 41 54
Value r b p 2 in corresponding code table
S3:License data are obtained according to AppID, the validity and service call permission of verify data are generated using S1
Algorithm the ciphertext in the secret and parameter in license data is obscured into generation signed data, with the signature generated in S1
Data are compared, and verify signed data legitimacy;
The legitimacy of required parameter in server-side, verification step S2 obtains server-side according to the AppID in step S2
The corresponding gateway of preservation is presented to the licensing license data of called side, after obtaining corresponding data, verifies license numbers
According to validity and service call permission, using S1 generate algorithm will be close in the secret and parameter in license data
Text obscures generation signed data.Finally, the signed data that the signed data of generation is generated with client in step S1 is compared
Compared with verifying the legitimacy of signed data.
S4:Ciphertext in parameter is decrypted after obtaining secret key, secondary decryption is carried out, generates in plain text and is transmitted to transaction core
The heart obtains response results data, response results data is encrypted, and generates ciphertext data and is sent to client;
The secret key ciphertext in parameter is decrypted, is obtained using algorithm according to the secret key for corresponding to algorithm in license
Secret key, the secret key and corresponding algorithm for reapplying generation carry out secondary decryption, service parameter are generated after decryption in plain text.After decrypting
Service parameter be transmitted to the transaction core of server-side in plain text, obtain the response results data for being transferred to transaction core, will be described
Response results data are encrypted using the secret key and corresponding algorithm that are generated in above-mentioned steps, generate response results number
According to ciphertext data, and be sent to client.
S5:The ciphertext data of response results are obtained in client, the secret key generated in applying step S1 and algorithm are to ciphertext
Data are decrypted, and generate clear data;
Specifically, as shown in Fig. 2, the step S1 is further comprising the steps of:
S101:The interface that server-side provides is called in the interface called side of client, the first secret key is generated, according to generation
First secret key generates the first algorithm;
In the present embodiment, first algorithm selects aes algorithm, aes algorithm to can be used for protecting electronic data.Specifically
Ground, AES be an iteration, symmetric key grouping password, it can be by using 128,192 and 256 keys, and use
128 (16 byte) block encryptions and ciphertext data.Different using key pair from public key cryptography, symmetric key cipher uses
Identical key encrypting and decrypting data.Digit by the encryption data of block cipher return is identical as input data.Iteration
Encryption uses a loop structure, repeats to replace and replace input data in the cycle.In step S101, in client
Interface called side, the interface for calling server-side to provide generate AES secret keys, and aes algorithm is generated according to the secret key of generation.
S102:Operation is encrypted using the first algorithm in the character code for obtaining service parameter to be encrypted, joins to its business
Number is encrypted, and generates corresponding service parameter ciphertext;
In the present embodiment, the UTF-8 codings of service parameter to be encrypted are obtained, UTF-8 codings are a kind of for Unicode
The variable length character of (Unicode, Unicode, single code) encodes, also known as Unicode, and operation is encrypted using aes algorithm,
Service parameter is encrypted, corresponding service parameter ciphertext is generated.
S103:The second algorithm is generated according to the public key that gateway is issued, behaviour is encrypted using second the first secret key of algorithm pair
Make, generates corresponding secret key ciphertext;
In the present embodiment, the public key that the gateway is issued selects RSA public keys, second algorithm to select RSA Algorithm.Tool
Body, RSA key, one are the privacy key preserved by user, i.e. private key spoon, Ling Yiwei to described Mr. RSA Algorithm in a pair
Can external disclosure public-key cryptography, i.e. public key.Wherein, public key can be issued and be used for anyone, and private key is then certainly
Oneself is all to use for decryption.Decryption person possesses private key, and will calculate the public key publication generated to encipherer by private key.Encryption
When be all encrypted using public key, and ciphertext is sent to decryption person, decryption person is decrypted with private key and is decoded as ciphertext in plain text.On
It states in step S103, RSA Algorithm is generated according to the public key that gateway is issued, behaviour is encrypted to AES secret keys using the RSA Algorithm
Make, generates corresponding secret key ciphertext.
S104:The secret that the service parameter ciphertext and gateway of generation are issued is carried out to obscure operation, it is described to obscure operation
It is realized in such a way that the secret that increase gateway is issued in service parameter ciphertext is as suffix;
In the present embodiment, when the interface called side of client calls the interface that server-side provides, gateway can be issued accordingly
Secret, the suffix as the service parameter ciphertext generated in step S102.
S105:Abstract operation is carried out using third algorithm, generates the signed data of this request, the signed data is used for
Verify the legitimacy of service parameter.
In the present embodiment, the third algorithm selects SHA256 algorithms, and specifically, the SHA256 algorithms are for arbitrary
The message of length (being calculated by bit), can all generate 32 byte length datas, referred to as eap-message digest.When receiving message
When, whether this eap-message digest can change for verify data, that is, verify its integrality.In above-mentioned steps S105
In, abstract operation is carried out using the algorithm, generates the signed data of this request.
Specifically, as shown in figure 3, the step S2 is further comprising the steps of:
S201:The secret key ciphertext and step that will be generated in the service parameter ciphertext generated in step S102, step S103
The signed data application Base64 coding modes generated in S105 re-start character code, and generate new character after processing
String;S202:The AppID that the new character string and gateway of generation is issued is used as required parameter together, is sent by data transmission
To server-side, and the gateway interface of server-side is called, which is verified.
Specifically, as shown in figure 4, the step S3 is further comprising the steps of:
S301:The gateway interface of server-side is called, whether the type for the required parameter that service for checking credentials termination receives is complete, such as
It is complete, then judge that parameter is legal, and carry out in next step;There is any parameter to lack in the required parameter such as received, then judges
Parameter is illegal, and returns to error code;S302:According to the AppID of called side, obtains the corresponding gateway that server-side preserves and issue
To the licensing license data of called side;S303:After obtaining the corresponding license data of the AppID, license numbers are verified
According to validity and service call permission;S304:SHA256 algorithms in applying step S105 will be in license data
Secret obscures generation signed data with the ciphertext in parameter;S305:The signed data that S304 is generated and visitor in step S105
The signed data that family end generates is compared, and verifies the legitimacy of signed data.
Specifically, the step S304 includes the following steps:
S30401:Increase the secret in license data in ciphertext in parameter as suffix, to close in parameter
Secret in text and license data carries out obscuring operation;S30402:After carrying out obscuring operation, in applying step S105
Third algorithm carry out abstract operation, generate signed data to be verified.
Specifically, as shown in figure 5, the step S4 specifically includes following steps:
S401:According to the RSA secret keys for corresponding to RSA Algorithm in license, the RSA Algorithm in applying step S103, by parameter
In AES secret key ciphertexts be decrypted, obtain AES secret keys;S402:AES secret keys using generation and corresponding aes algorithm, solution
Service parameter is generated after close in plain text;S403:Service parameter after decryption is transmitted to the transaction core of server-side in plain text, acquisition is passed
The defeated response results data to transaction core;
S404:By the response results data, using the AES secret keys and corresponding aes algorithm generated in above-mentioned steps into
Row encryption, generates the ciphertext data of response results data, and is sent to client.
Based on the same technical idea, the present invention also provides a kind of secure communication devices, as shown in fig. 6, this is logical safely
T unit includes:
Generation module, for calling the interface that server-side provides, generation secret key and algorithm in the interface called side of client,
Operation is encrypted to service parameter and secret key respectively, generates corresponding service parameter ciphertext and secret key ciphertext, then issue with gateway
The secret of hair carries out obscuring operation, carries out abstract operation using algorithm, generates signed data;
Coding module generates new character strings, with called side for ciphertext and signed data to be recoded into line character
AppID is sent to server-side as required parameter together, calls gateway interface, checking request parameter;Each described called side
It is owned by an independent AppID;
Authentication module is used for according to AppID acquisition license data, the validity and service call permission of verify data,
The ciphertext in the secret and parameter in license data is obscured into generation number of signature using the algorithm in above-mentioned generation module
According to, be compared with the signed data generated in generation module, verify signed data legitimacy;
Acquisition module carries out secondary decryption, generates in plain text simultaneously for the ciphertext in parameter to be decrypted after obtaining secret key
It is transmitted to transaction core, response results data is obtained, response results data is encrypted, ciphertext data is generated and is sent to visitor
Family end;
Deciphering module, the ciphertext data for obtaining response results in client, using the secret key generated in generation module
Ciphertext data are decrypted with algorithm, generate clear data.
Specifically, as shown in fig. 7, the generation module includes:Secret key generation module is called for the interface in client
Side, the interface for calling server-side to provide generate the secret key needed for business operation;Algorithm generation module, for according to the secret of generation
Key generates the algorithm used needed for business operation;Ciphertext generation module, the word for treating encrypted service parameter using algorithm
After symbol coding is encrypted, generates corresponding service parameter ciphertext and operation is encrypted to secret key in application algorithm, generate corresponding
Secret key ciphertext;Signature generation module, the secret for issuing the service parameter ciphertext and gateway of generation carry out obscuring behaviour
Make, abstract operation is carried out using third algorithm, generates business operation and seek required signed data.
Based on the same technical idea, the present invention also provides a kind of mobile terminals such as schemes for realizing safety communicating method
Shown in 8, for convenience of description, related to the embodiment of the present invention 20 part is illustrated only, particular technique details is not disclosed, asked
With reference to present invention method part.The terminal can be include mobile phone, tablet computer, PDA (Personal Digital
Assistant, personal digital assistant), POS (Point of Sales, point-of-sale terminal), the arbitrary terminal device such as vehicle-mounted computer,
By taking mobile terminal is mobile phone as an example:
Fig. 8 shows the block diagram with the part-structure of the relevant mobile phone of mobile terminal provided in an embodiment of the present invention.Ginseng
Fig. 8 is examined, mobile phone includes:Baseband processing module 410, memory 420, input unit 430, display unit 440, sensor 450, sound
The portions such as frequency circuit 460, Wireless Fidelity (Wireless Fidelity, WiFi) module 470, processor 480 and power supply 490
Part.It will be understood by those skilled in the art that handset structure shown in Fig. 8 does not constitute the restriction to mobile phone, may include ratio
More or fewer components are illustrated, certain components or different components arrangement are either combined.
Baseband processing module 410 can be used for synthesizing the baseband signal that will emit, or the baseband signal to receiving carries out
Decoding.Specifically, being exactly that audio signal is compiled into the base band code for emitting when emitting;When reception, the base band received
Code is interpreted as audio signal.Meanwhile also being responsible for address information (cell-phone number, station address), text information (news in brief word, website
Word), the compiling of pictorial information (multimedia message).
Memory 420 can be used for storing software program and module, and processor 480 is stored in memory 420 by operation
Software program and module, to execute various function application and the data processing of mobile phone.Memory 420 can include mainly
Storing program area and storage data field, wherein storing program area can storage program area, the application journey needed at least one function
Sequence (such as sound-playing function, image player function etc.) etc.;Storage data field can be stored to be created according to using for mobile phone
Data (such as audio data, phone directory etc.) etc..It, can be in addition, memory 420 may include high-speed random access memory
Including nonvolatile memory, for example, at least a disk memory, flush memory device or other volatile solid-states
Part.
Input unit 430 can be used for receiving the number or character information of input, and generate with the user setting of mobile phone with
And the related key signals input of function control.Specifically, input unit 430 may include that touch panel 431 and other inputs are set
Standby 432.Touch panel 431, also referred to as touch screen, collect user on it or neighbouring touch operation (such as user use
The operation of any suitable object or attachment such as finger, stylus on touch panel 431 or near touch panel 431), and root
Corresponding attachment device is driven according to preset formula.Optionally, touch panel 431 may include touch detecting apparatus and touch
Two parts of controller.Wherein, the touch orientation of touch detecting apparatus detection user, and the signal that touch operation is brought is detected,
Transmit a signal to touch controller;Touch controller receives touch information from touch detecting apparatus, and is converted into touching
Point coordinates, then give processor 480, and order that processor 480 is sent can be received and executed.Furthermore, it is possible to using electricity
The multiple types such as resistive, condenser type, infrared ray and surface acoustic wave realize touch panel 431.In addition to touch panel 431, input
Unit 430 can also include other input equipments 432.Specifically, other input equipments 432 can include but is not limited to secondary or physical bond
It is one or more in disk, function key (such as volume control button, switch key etc.), trace ball, mouse, operating lever etc..
Display unit 440 can be used for showing information input by user or be supplied to user information and mobile phone it is various
Menu.Display unit 440 may include display panel 441, optionally, liquid crystal display (Liquid Crystal may be used
Display, LCD), the forms such as Organic Light Emitting Diode (Organic Light-Emitting Diode, OLED) it is aobvious to configure
Show panel 441.Further, touch panel 431 can cover display panel 441, when touch panel 431 detect it is on it or attached
After close touch operation, processor 480 is sent to determine the type of touch event, is followed by subsequent processing device 480 according to touch event
Type corresponding visual output is provided on display panel 441.Although in fig. 8, touch panel 431 and display panel 441
It is that input and the input function of mobile phone are realized as two independent components, but in some embodiments it is possible to by touch-control
Panel 431 and display panel 441 are integrated and that realizes mobile phone output and input function.
Mobile phone may also include at least one sensor 450, such as optical sensor, motion sensor and other sensors.
Specifically, optical sensor may include ambient light sensor and proximity sensor, wherein ambient light sensor can be according to ambient light
Light and shade adjust the brightness of display panel 441, proximity sensor can close display panel 441 when mobile phone is moved in one's ear
And/or backlight.As a kind of motion sensor, accelerometer sensor can detect in all directions (generally three axis) acceleration
Size, size and the direction of gravity are can detect that when static, can be used to identify the application of mobile phone posture, (for example horizontal/vertical screen is cut
Change, dependent game, magnetometer pose calibrating), Vibration identification correlation function (such as pedometer, tap) etc.;May be used also as mobile phone
The other sensors such as gyroscope, barometer, hygrometer, thermometer, the infrared sensor of configuration, details are not described herein.
Voicefrequency circuit 460, loud speaker 461, microphone 462 can provide the audio interface between user and mobile phone.Audio-frequency electric
The transformed electric signal of the audio data received can be transferred to loud speaker 461 by road 460, and sound is converted to by loud speaker 461
Signal exports;On the other hand, the voice signal of collection is converted to electric signal by microphone 462, is turned after being received by voicefrequency circuit 460
It is changed to audio data, then by after the processing of audio data output processor 480, through RF circuits 410 to be sent to such as another mobile phone,
Or audio data is exported to memory 420 to be further processed.
WiFi belongs to short range wireless transmission technology, and mobile phone can help user's transceiver electronics postal by WiFi module 470
Part, browsing webpage and access streaming video etc., it has provided wireless broadband internet to the user and has accessed.Although Fig. 8 is shown
WiFi module 470, but it is understood that, and it is not belonging to must be configured into for mobile phone, it can not change as needed completely
Become in the range of the essence of invention and omits.
Processor 480 is the control centre of mobile phone, using the various pieces of various interfaces and connection whole mobile phone, is led to
It crosses operation or executes the software program and/or module being stored in memory 420, and call and be stored in memory 420
Data execute the various functions and processing data of mobile phone, to carry out integral monitoring to mobile phone.Optionally, processor 480 can wrap
Include one or more processing units;In one embodiment, processor 480 can integrate application processor and modulation /demodulation processing
Device, wherein the main processing operation system of application processor, user interface and application program etc., modem processor is mainly located
Reason wireless communication.It is understood that above-mentioned modem processor can not also be integrated into processor 480.
Mobile phone further includes the power supply 490 (such as battery) powered to all parts, and in one embodiment, power supply can lead to
Cross power-supply management system and processor 480 be logically contiguous, to by power-supply management system realize management charging, electric discharge and
The functions such as power managed.
Although being not shown, mobile phone can also include camera, bluetooth module etc., and details are not described herein.
In embodiments of the present invention, the processor 480 included by the terminal can execute secure communication in above-described embodiment
The step of method.
Based on the same technical idea, the present invention also provides a kind of storage medium being stored with computer-readable instruction, institutes
When stating computer-readable instruction and being executed by one or more processors so that one or more processors execute in above-described embodiment
The step of safety communicating method.
One of ordinary skill in the art will appreciate that all or part of step in the various methods of above-described embodiment is can
It is completed with instructing relevant hardware by program, which can be stored in a computer readable storage medium, storage
Medium may include:Read-only memory (ROM, Read Only Memory), random access memory (RAM, Random
Access Memory), disk or CD etc..
One of ordinary skill in the art will appreciate that implement the method for the above embodiments be can be with
Relevant hardware is instructed to complete by program, the program can be stored in a kind of computer readable storage medium, on
It can be read-only memory, disk or CD etc. to state the storage medium mentioned.
Some exemplary embodiments of the invention above described embodiment only expresses, the description thereof is more specific and detailed, but
It cannot be construed as a limitation to the scope of the present invention.It should be pointed out that for the ordinary skill people of this field
For member, without departing from the inventive concept of the premise, various modifications and improvements can be made, these belong to the present invention's
Protection domain.Therefore, the protection domain of patent of the present invention should be determined by the appended claims.
Claims (10)
1. a kind of safety communicating method, which is characterized in that the safety communicating method includes:
S1:The interface that server-side provides is called in the interface called side of client, secret key and algorithm are generated, respectively to service parameter
Operation is encrypted with secret key, generates corresponding service parameter ciphertext and secret key ciphertext, then the secret issued with gateway is carried out
Obscure operation, carries out abstract operation using algorithm, generate signed data;
S2:Ciphertext and signed data are recoded into line character, generate new character strings, is used as and asks together with the AppID of called side
It asks parameter to be sent to server-side, calls gateway interface, checking request parameter;It is independent that each described called side is owned by one
AppID;
S3:License data, the validity and service call permission of verify data, the calculation generated using S1 are obtained according to AppID
Ciphertext in secret and parameter in license data is obscured generation signed data by method, with the signed data generated in S1
It is compared, verifies signed data legitimacy;
S4:Ciphertext in parameter is decrypted after obtaining secret key, secondary decryption is carried out, generates in plain text and be transmitted to transaction core,
Response results data are obtained, response results data are encrypted, ciphertext data is generated and is sent to client;
S5:The ciphertext data of response results are obtained in client, the secret key generated in applying step S1 and algorithm are to ciphertext data
It is decrypted, generates clear data.
2. safety communicating method according to claim 1, which is characterized in that the step S1 includes:
S101:The interface that server-side provides is called in the interface called side of client, the first secret key is generated, according to the first of generation
Secret key generates the first algorithm;
S102:Operation is encrypted using the first algorithm in the character code for obtaining service parameter to be encrypted, to its service parameter into
Row encryption, generates corresponding service parameter ciphertext;
S103:The second algorithm is generated according to the public key that gateway is issued, operation is encrypted using second the first secret key of algorithm pair, it is raw
At corresponding secret key ciphertext;
S104:The secret that the service parameter ciphertext and gateway of generation are issued is carried out to obscure operation, it is described to obscure operation use
Increase the secret that gateway is issued in service parameter ciphertext to realize as the mode of suffix;
S105:Abstract operation is carried out using third algorithm, generates the signed data of this request, the signed data is for verifying
The legitimacy of service parameter.
3. safety communicating method according to claim 2, which is characterized in that the step S2 includes:
S201:It will be in the secret key ciphertext and step S105 that are generated in the service parameter ciphertext that generated in step S102, step S103
The signed data application Base64 coding modes of generation re-start character code, and generate new character string after processing;
S202:The AppID that the new character string and gateway of generation is issued is used as required parameter together, is sent by data transmission
To server-side, and the gateway interface of server-side is called, which is verified.
4. safety communicating method according to claim 3, which is characterized in that the step S3 includes:
S301:The gateway interface of server-side is called, whether the type for the required parameter that service for checking credentials termination receives is complete, such as together
Entirely, then judge that parameter is legal, and carry out in next step;There is any parameter to lack in the required parameter such as received, then judges parameter
It is illegal, and return to error code;
S302:According to the AppID of called side, the licensing that the corresponding gateway that server-side preserves is presented to called side is obtained
License data;
S303:After obtaining the corresponding license data of the AppID, the validity and service call power of license data are verified
Limit;
S304:Ciphertext in secret and parameter in license data is obscured life by the third algorithm in applying step S105
At signed data;
S305:The signed data that S304 is generated is compared with the signed data that client in step S105 generates, verification label
The legitimacy of name data.
5. safety communicating method according to claim 4, which is characterized in that the step S304 includes:
S30401:In ciphertext in parameter increase license data in secret be used as suffix, in parameter ciphertext with
Secret in license data carries out obscuring operation;
S30402:After carrying out obscuring operation, the third algorithm in applying step S105 carries out abstract operation, generates to be verified
Signed data.
6. safety communicating method according to claim 4, which is characterized in that the step S4 includes:
S401:According to the second secret key of corresponding second algorithm in license, the second algorithm in applying step S103, by parameter
In the first secret key ciphertext be decrypted, obtain the first secret key;
S402:It is decrypted using the first secret key and corresponding first algorithm of generation, service parameter is generated after decryption in plain text;
S403:Service parameter after decryption is transmitted to the transaction core of server-side in plain text, obtains the sound for being transferred to transaction core
Answer result data;
S404:The first secret key that the response results data are generated in applying step S401 and corresponding first algorithm carry out
Encryption, generates the ciphertext data of response results data, and is sent to client.
7. a kind of secure communication device, which is characterized in that including:
Generation module generates secret key and algorithm, respectively for calling the interface that server-side provides in the interface called side of client
Operation is encrypted to service parameter and secret key, generates corresponding service parameter ciphertext and secret key ciphertext, then issued with gateway
Secret carries out obscuring operation, carries out abstract operation using algorithm, generates signed data;
Coding module generates new character strings, the AppID with called side for ciphertext and signed data to be recoded into line character
It is sent to server-side as required parameter together, calls gateway interface, checking request parameter;Each described called side is owned by
One independent AppID;
Authentication module, for obtaining license data, the validity and service call permission of verify data, application according to AppID
Ciphertext in secret and parameter in license data is obscured generation signed data by the algorithm in above-mentioned generation module, with
The signed data generated in generation module is compared, and verifies signed data legitimacy;
Acquisition module carries out secondary decryption, generates in plain text and be transmitted to for the ciphertext in parameter to be decrypted after obtaining secret key
Transaction core, obtains response results data, response results data is encrypted, and generates ciphertext data and is sent to client
End;
Deciphering module, the ciphertext data for obtaining response results in client, using the secret key and calculation generated in generation module
Ciphertext data are decrypted in method, generate clear data.
8. secure communication device according to claim 7, which is characterized in that the generation module includes:
Secret key generation module, for the interface called side in client, the interface for calling server-side to provide generates business operation institute
The secret key needed;
Algorithm generation module generates the algorithm used needed for business operation for the secret key according to generation;
Ciphertext generation module after the character code for treating encrypted service parameter using algorithm is encrypted, generates corresponding
Service parameter ciphertext and operation is encrypted to secret key using algorithm, generate corresponding secret key ciphertext;
Signature generation module, the secret for issuing the service parameter ciphertext and gateway of generation are carried out after obscuring operation, are answered
Abstract operation is carried out with third algorithm, business operation is generated and seeks required signed data.
9. a kind of mobile terminal, which is characterized in that including:
Touch-sensitive display;
Memory;
One or more processors;
One or more of processors are configurable for executing the secure communication side as described in any one of claim 1 to 6
The step of method.
10. a kind of storage medium being stored with computer-readable instruction, the computer-readable instruction is handled by one or more
When device executes so that one or more processors execute the step of the safety communicating method as described in any one of claim 1 to 6
Suddenly.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810549348.4A CN108769027B (en) | 2018-05-31 | 2018-05-31 | Secure communication method, device, mobile terminal and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810549348.4A CN108769027B (en) | 2018-05-31 | 2018-05-31 | Secure communication method, device, mobile terminal and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108769027A true CN108769027A (en) | 2018-11-06 |
| CN108769027B CN108769027B (en) | 2021-10-29 |
Family
ID=64001216
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810549348.4A Active CN108769027B (en) | 2018-05-31 | 2018-05-31 | Secure communication method, device, mobile terminal and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108769027B (en) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110138739A (en) * | 2019-04-15 | 2019-08-16 | 平安科技(深圳)有限公司 | Data information encryption method, device, computer equipment and storage medium |
| CN110769306A (en) * | 2019-10-12 | 2020-02-07 | 北京达佳互联信息技术有限公司 | Subtitle decryption method and device, client and storage medium |
| CN110868291A (en) * | 2019-11-26 | 2020-03-06 | 普联技术有限公司 | Data encryption transmission method, device, system and storage medium |
| CN111049897A (en) * | 2019-12-10 | 2020-04-21 | 北京百度网讯科技有限公司 | Method, device, equipment and medium for encrypted uploading and decrypted deployment of small program package |
| CN111177740A (en) * | 2019-11-14 | 2020-05-19 | 腾讯科技(深圳)有限公司 | Data confusion processing method, system and computer readable medium |
| CN112528309A (en) * | 2020-12-18 | 2021-03-19 | 福建天晴数码有限公司 | Data storage encryption and decryption method and device |
| CN112910843A (en) * | 2021-01-15 | 2021-06-04 | 深圳市欢太科技有限公司 | Data transmission method, electronic device, server, mobile terminal and storage medium |
| CN113259934A (en) * | 2021-06-25 | 2021-08-13 | 贵州大学 | Short message verification code encryption method, decryption method and encryption and decryption system |
| CN114614994A (en) * | 2022-03-25 | 2022-06-10 | 芜湖雄狮汽车科技有限公司 | API interface data communication method, device, client and storage medium |
| CN116722970A (en) * | 2023-08-09 | 2023-09-08 | 中国科学院长春光学精密机械与物理研究所 | Anti-attack gateway security system based on hardware implementation |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103916390A (en) * | 2014-03-20 | 2014-07-09 | 汉柏科技有限公司 | License control method and device in cloud calculating system |
| US20160357980A1 (en) * | 2015-06-04 | 2016-12-08 | Microsoft Technology Licensing, Llc | Secure storage and sharing of data by hybrid encryption using predefined schema |
| CN106570353A (en) * | 2016-09-30 | 2017-04-19 | 山东浪潮商用系统有限公司 | WEB-based license verification method, apparatus and system |
| CN107577958A (en) * | 2017-09-08 | 2018-01-12 | 中国联合网络通信集团有限公司 | Go privacy to melt put method and device, remove private data retrogressive method and device |
-
2018
- 2018-05-31 CN CN201810549348.4A patent/CN108769027B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103916390A (en) * | 2014-03-20 | 2014-07-09 | 汉柏科技有限公司 | License control method and device in cloud calculating system |
| US20160357980A1 (en) * | 2015-06-04 | 2016-12-08 | Microsoft Technology Licensing, Llc | Secure storage and sharing of data by hybrid encryption using predefined schema |
| CN106570353A (en) * | 2016-09-30 | 2017-04-19 | 山东浪潮商用系统有限公司 | WEB-based license verification method, apparatus and system |
| CN107577958A (en) * | 2017-09-08 | 2018-01-12 | 中国联合网络通信集团有限公司 | Go privacy to melt put method and device, remove private data retrogressive method and device |
Non-Patent Citations (1)
| Title |
|---|
| 陈乐堂: ""银行信息系统统一认证的应用安全研究"", 《中国优秀傅硕士学位论文全文数据库(硕士)信息科技辑》 * |
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110138739A (en) * | 2019-04-15 | 2019-08-16 | 平安科技(深圳)有限公司 | Data information encryption method, device, computer equipment and storage medium |
| CN110769306A (en) * | 2019-10-12 | 2020-02-07 | 北京达佳互联信息技术有限公司 | Subtitle decryption method and device, client and storage medium |
| CN110769306B (en) * | 2019-10-12 | 2023-05-09 | 北京达佳互联信息技术有限公司 | Subtitle decryption method and device, client and storage medium |
| CN111177740A (en) * | 2019-11-14 | 2020-05-19 | 腾讯科技(深圳)有限公司 | Data confusion processing method, system and computer readable medium |
| CN110868291A (en) * | 2019-11-26 | 2020-03-06 | 普联技术有限公司 | Data encryption transmission method, device, system and storage medium |
| CN111049897B (en) * | 2019-12-10 | 2023-02-17 | 北京百度网讯科技有限公司 | Method, device, equipment and medium for encrypted uploading and decrypted deployment of small program package |
| CN111049897A (en) * | 2019-12-10 | 2020-04-21 | 北京百度网讯科技有限公司 | Method, device, equipment and medium for encrypted uploading and decrypted deployment of small program package |
| CN112528309A (en) * | 2020-12-18 | 2021-03-19 | 福建天晴数码有限公司 | Data storage encryption and decryption method and device |
| CN112910843A (en) * | 2021-01-15 | 2021-06-04 | 深圳市欢太科技有限公司 | Data transmission method, electronic device, server, mobile terminal and storage medium |
| CN112910843B (en) * | 2021-01-15 | 2023-07-04 | 深圳市欢太科技有限公司 | Data transmission method, electronic device, server, mobile terminal and storage medium |
| CN113259934A (en) * | 2021-06-25 | 2021-08-13 | 贵州大学 | Short message verification code encryption method, decryption method and encryption and decryption system |
| CN114614994A (en) * | 2022-03-25 | 2022-06-10 | 芜湖雄狮汽车科技有限公司 | API interface data communication method, device, client and storage medium |
| CN116722970A (en) * | 2023-08-09 | 2023-09-08 | 中国科学院长春光学精密机械与物理研究所 | Anti-attack gateway security system based on hardware implementation |
| CN116722970B (en) * | 2023-08-09 | 2023-11-14 | 中国科学院长春光学精密机械与物理研究所 | Anti-attack gateway security system based on hardware implementation |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108769027B (en) | 2021-10-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108769027A (en) | Safety communicating method, device, mobile terminal and storage medium | |
| CN109472166B (en) | Electronic signature method, device, equipment and medium | |
| US10491379B2 (en) | System, device, and method of secure entry and handling of passwords | |
| ES2836114T3 (en) | Information sending method, information reception method, device and system | |
| CN109600223B (en) | Verification method, activation method, device, equipment and storage medium | |
| US10601795B2 (en) | Service processing method and electronic device | |
| CN104836664B (en) | A kind of methods, devices and systems executing business processing | |
| US20190260747A1 (en) | Securing a transaction performed from a non-secure terminal | |
| WO2017084288A1 (en) | Method and device for verifying identity | |
| CN105681032B (en) | Method for storing cipher key, key management method and device | |
| US20120303964A1 (en) | Portable terminal, and method for securing data transmitted between hardware modules | |
| CN106611310B (en) | Data processing method, wearable electronic device and system | |
| CN106845177A (en) | Cipher management method and system | |
| CN108011879A (en) | File encryption, method, apparatus, equipment and the storage medium of decryption | |
| CN108234124A (en) | Auth method, device and system | |
| CN107317796A (en) | The method and terminal of a kind of safety certification | |
| CN106599698A (en) | Method and device for picture encryption, and method and device for picture decryption | |
| CN115001841A (en) | Identity authentication method, identity authentication device and storage medium | |
| CN108234412A (en) | Auth method and device | |
| CN108737341B (en) | Service processing method, terminal and server | |
| CN110166461A (en) | User's unifying identifier processing method, device, equipment and storage medium | |
| CN111050316B (en) | Card locking method and device, computer readable storage medium and terminal equipment | |
| CN108234409A (en) | Auth method and device | |
| Lee et al. | Ubi-RKE: a rhythm key based encryption scheme for ubiquitous devices | |
| KR101648779B1 (en) | Method for secure text input in information terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 1257405 Country of ref document: HK |
|
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |