CN109981294A - Electronic communication methods and system - Google Patents
Electronic communication methods and system Download PDFInfo
- Publication number
- CN109981294A CN109981294A CN201910250785.0A CN201910250785A CN109981294A CN 109981294 A CN109981294 A CN 109981294A CN 201910250785 A CN201910250785 A CN 201910250785A CN 109981294 A CN109981294 A CN 109981294A
- Authority
- CN
- China
- Prior art keywords
- session
- block
- module
- key
- identification code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/006—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving public key infrastructure [PKI] trust models
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3066—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
- H04L9/3252—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using DSA or related signature schemes, e.g. elliptic based signatures, ElGamal or Schnorr schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3297—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/50—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Algebra (AREA)
- Mathematical Analysis (AREA)
- Mathematical Optimization (AREA)
- Mathematical Physics (AREA)
- Pure & Applied Mathematics (AREA)
- Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the present invention discloses a kind of electronic communication methods and a kind of electronic communication system, wherein, electronic communication methods for example, communication system preparation process, session key transmitting step, session information signature step, session information transmitting step, session information verification step and session information save step.Electronics instant messaging may be implemented in electronic communication methods disclosed by the embodiments of the present invention, and have the characteristics that security level it is high, it is anonymous, can not distort and non-repudiation.
Description
Technical field
The present invention relates to field of communication technology more particularly to a kind of electronic communication methods and a kind of electronic communication system.
Background technique
Electronics instant messaging, which refers to, electronically carries out instant messaging.Unlike other types communication: electronics is
Shi Tongxin is built upon in network instant communication system, is as a result exported completely by program, is participated in without artificial.This is both electronics
The advantages of instant messaging is also disadvantage simultaneously.Since without artificial participation, communication is likely to be eavesdropped by hacker, existing electricity
Its safety problem of sub- instant messaging hinders the extensive use of electronics instant messaging.In this case, to electronics instant messaging
Process encrypt it is extremely important.
Summary of the invention
The present invention provides a kind of electronic communication methods and a kind of electronic communication system to solve above-mentioned the deficiencies in the prior art
System.
To achieve the goals above, the embodiment of the present invention provides a kind of electronic communication methods, is suitable for application in comprising sending
Module, receiving module, password preserving module, block generation module and information block chain electronic communication system in, comprising: communication
System preparation step: the block generation module generates first identifier code and the first decrypted private key, and according to first decryption
The first encrypted public key is calculated in private key;The block generation module sends out the first identifier code and first encrypted public key
It send to the password preserving module and is saved;The sending module generation second identification code and the second decrypted private key, and according to
The second encrypted public key is calculated in second decrypted private key;The sending module adds the second identification code and described second
Migong key is sent to the password preserving module and is saved;The receiving module generates third identification code and third decryption is private
Key, and third encrypted public key is calculated according to the third decrypted private key;The receiving module by the third identification code and
The third encrypted public key is sent to the password preserving module and is saved;Session key transmitting step: the sending module
Generate session key;The sending module reads the third encrypted public key that the password preserving module saves;The transmission
Session key after module encrypts the session key according to the third encrypted public key is sent to described connect
Receive module;The receiving module receives session key after the encryption, and decrypts the encryption according to the third decrypted private key
Session key obtains the session key afterwards;Session information signature step: the sending module initiates session, and assigns session letter
Cease the 4th identification code;The sending module encrypts the session information according to the session key to obtain encryption session letter
Breath;The sending module is sent according to the second identification code, the third identification code, the 4th identification code, session information
Session key generates the first cryptographic Hash after time, the encryption session information and the encryption;The sending module is according to
Second decrypted private key is signed to obtain the first signature to first cryptographic Hash;Session information transmitting step: the transmission mould
Block by the second identification code, the third identification code, the 4th identification code, the session information sending time, it is described plus
Session key and first signature are sent to the receiving module after close session information, the encryption;The receiving module from
The password preserving module reads second encrypted public key saved;The receiving module is tested according to second encrypted public key
Demonstrate,prove first signature;The receiving module is after verifying described first is signed successfully, according to session key decryption
Encryption session information obtains the session information;Session information verification step: the sending module is by the second identification code, institute
After stating third identification code, the 4th identification code, the session information sending time, the encryption session information, the encryption
Session key and first signature are sent to the block generation module;The block generation module saves mould from the password
Block reads second encrypted public key saved, and obtains described the according to second encrypted public key verifying, first signature
One cryptographic Hash;The block generation module is according to the second identification code, the third identification code, the 4th identification code, institute
Session key generates the second cryptographic Hash after stating session information sending time, the encryption session information and the encryption;The area
Block generation module compares first cryptographic Hash and second cryptographic Hash;It is breathed out when comparing first cryptographic Hash and described second
When uncommon value is identical, the block generation module sends confirmation message to the receiving module;Session information saves step: described to connect
It receives module and receives the confirmation message, and first signature is sent to the block generation module;The block generates mould
Block receives first signature that the receiving module is sent, and first signature sent with the sending module carries out pair
Than to confirm that session is errorless;After confirming that the session is errorless, the block generation module generates new information block, and by institute
It states new information block and is added to the information block chain.
In one embodiment of the invention, described according to first decryption in the communication system preparation process
It includes: to be calculated based on SM2 elliptic curve according to first decrypted private key that the first encrypted public key, which is calculated, in private key
First encrypted public key.
In one embodiment of the invention, described by the first identifier code in the communication system preparation process
Being sent to the password preserving module with first encrypted public key and save includes: by the first identifier code and described the
One encrypted public key is sent to the password preserving module by exit passageway and is saved.
In one embodiment of the invention, described to be encrypted according to the third in the session key transmitting step
Session key after public key encrypts the session key, comprising: based on described in the use of SM2 elliptic curve
Third encrypted public key encrypts the session key.It is described according to the session in the session information signature step
Session information described in key pair is encrypted to obtain encryption session information, comprising: uses the meeting based on SM4 block cipher
Session information described in words key pair is encrypted.
In one embodiment of the invention, described according to the second identifier in the session information signature step
Code, the third identification code, the 4th identification code, session information sending time, the encryption session information and the encryption
Session key generates the first cryptographic Hash afterwards, comprising: uses the second identification code, the third based on SM3 cryptographic Hash algorithm
Session key meter after identification code, the 4th identification code, session information sending time, the encryption session information and the encryption
Calculation obtains first cryptographic Hash.
In one embodiment of the invention, described according to second decryption in the session information signature step
Private key is signed to obtain the first signature to first cryptographic Hash, comprising: uses described second based on SM2 elliptic curve
Decrypted private key signs to first cryptographic Hash.
In one embodiment of the invention, in told session information transmitting step, verifying first signature
Successfully including: the receiving module obtains first cryptographic Hash according to second encrypted public key verifying, first signature,
Indicate that verifying described first is signed successfully.
In one embodiment of the invention, it is saved in step in the session information, the block generation module generates
New information block, comprising: generate the block-identified code for being associated with the new information block;Determine that the size of the new information block obtains
To block size;Area is obtained according to the block-identified code, the first identifier code, the block size and block generation time
Block cryptographic Hash, and the block cryptographic Hash is signed to obtain block signature;According to the block-identified code, first mark
Know the block head that code, the block size, the block generation time, block signature generate the new information block;
Upper block cryptographic Hash is generated according to the content of the new information block upper information block in the information block chain;According to
The second identification code, the third identification code, the 4th identification code, the session information sending time, the encryption meeting
Session key and first signature generate the block data of the new information block after words information, the encryption;And according to
The block head, the block data and the upper block cryptographic Hash generate the new information block.
In one embodiment of the invention, the first identifier code, the second identification code, the third identification code,
4th identification code and the block-identified code are the meaningless character string of the regular length generated at random.
To achieve the goals above, the embodiment of the present invention also provides a kind of electronic communication system, comprising: sending module connects
Receive module, password preserving module, block generation module and information block chain;Wherein, the sending module connects the reception mould
Block, the block generation module and the password preserving module;The receiving module is also connected with the block generation module and institute
State password preserving module;The block generation module is also connected with the information block chain and the password preserving module;When described
When electronic communication system executes electronic communication: communication system prepares: the block generation module generates first identifier code and first
Decrypted private key, and the first encrypted public key is calculated according to first decrypted private key;The block generation module is by described
One identification code and first encrypted public key are sent to the password preserving module and are saved;The sending module generates second
Identification code and the second decrypted private key, and the second encrypted public key is calculated according to second decrypted private key;The sending module
The second identification code and second encrypted public key are sent to the password preserving module to save;The receiving module
Third identification code and third decrypted private key are generated, and third encrypted public key is calculated according to the third decrypted private key;It is described
The third identification code and the third encrypted public key are sent to the password preserving module and saved by receiving module;Session
Cipher key delivery: the sending module generates session key;The sending module reads the described of the password preserving module preservation
Third encrypted public key;The sending module encrypts after obtaining encryption the session key according to the third encrypted public key
Session key is sent to the receiving module;The receiving module receives session key after the encryption, and according to the third
Session key obtains the session key after decrypted private key decrypts the encryption;Session information signature: the sending module is initiated
Session, and assign session information the 4th identification code;The sending module carries out the session information according to the session key
Encryption obtains encryption session information;The sending module is according to the second identification code, the third identification code, the 4th mark
Session key generates the first cryptographic Hash after knowledge code, session information sending time, the encryption session information and the encryption;It is described
Sending module is signed to obtain the first signature according to second decrypted private key to first cryptographic Hash;Session information passes
Defeated: the sending module sends out the second identification code, the third identification code, the 4th identification code, the session information
Session key and first signature after time, the encryption session information, the encryption is sent to be sent to the receiving module;Institute
It states receiving module and reads second encrypted public key saved from the password preserving module;The receiving module is according to described
Two encrypted public keys verifying, first signature;The receiving module is after verifying described first is signed successfully, according to the session
Key decrypts the encryption session information and obtains the session information;Session information verifying: the sending module is by described second
Identification code, the third identification code, the 4th identification code, the session information sending time, the encryption session information, institute
It states session key and first signature after encrypting and is sent to the block generation module;The block generation module is from described close
Code preserving module reads second encrypted public key saved, and is signed according to second encrypted public key verifying described first
To first cryptographic Hash;The block generation module is according to the second identification code, the third identification code, the 4th mark
Session key generates the second cryptographic Hash after knowledge code, the session information sending time, the encryption session information and the encryption;
The block generation module compares first cryptographic Hash and second cryptographic Hash;When comparing first cryptographic Hash and described
When second cryptographic Hash is identical, the block generation module sends confirmation message to the receiving module;Session information saves: described
Receiving module receives the confirmation message, and first signature is sent to the block generation module;The block generates
Module receives first signature that the receiving module is sent, and first signature sent with the sending module carries out
Comparison, to confirm that session is errorless;After confirming that the session is errorless, the block generation module generates new information block, and will
The new information block is added to the information block chain.
Above-mentioned technical proposal can have following advantage or the utility model has the advantages that electronic communication side provided in an embodiment of the present invention
Method, is able to carry out electronics instant messaging, and based on block chain realize instant messaging anonymity, can not tamper and could not
Recognizing property can support large-scale electronics instant messaging, have better security level.
Detailed description of the invention
In order to illustrate the technical solution of the embodiments of the present invention more clearly, required use in being described below to embodiment
Attached drawing be briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for this
For the those of ordinary skill of field, without creative efforts, it can also be obtained according to these attached drawings others
Attached drawing.
Fig. 1 is the flow chart of electronic communication methods provided in an embodiment of the present invention;
Fig. 2 is the flow chart of step S11 in electronic communication methods provided in an embodiment of the present invention;
Fig. 3 is the flow chart of step S12 in electronic communication methods provided in an embodiment of the present invention;
Fig. 4 is the flow chart of step S13 in electronic communication methods provided in an embodiment of the present invention;
Fig. 5 is the flow chart of step S14 in electronic communication methods provided in an embodiment of the present invention;
Fig. 6 is the flow chart of step S15 in electronic communication methods provided in an embodiment of the present invention;
Fig. 7 is the flow chart of step S16 in electronic communication methods provided in an embodiment of the present invention;
Fig. 8 is the flow chart of step S163 in electronic communication methods provided in an embodiment of the present invention;
Fig. 9 is the schematic diagram of the specific embodiment of electronic communication methods provided in an embodiment of the present invention;
Figure 10 a to Figure 10 d is information block in the specific embodiment of electronic communication methods provided in an embodiment of the present invention
Structural schematic diagram;
Figure 11 be another embodiment of the present invention provides electronic communication system structural schematic diagram.
Specific embodiment
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete
Site preparation description, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on
Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other
Embodiment shall fall within the protection scope of the present invention.
It should be noted that description and claims of this specification and term " first " in above-mentioned attached drawing, "
Two " etc. be to be used to distinguish similar objects, without being used to describe a particular order or precedence order.It should be understood that using in this way
Term be interchangeable under appropriate circumstances, so that the embodiment of the present invention described herein can be in addition to illustrating herein or retouching
Sequence other than those of stating is implemented.In addition, term " includes " and " having " and their any deformation, it is intended that covering
Non-exclusive includes, for example, the process, method, system, product or equipment for containing a series of steps or units are not necessarily limited to clearly
Those of list to Chu step or unit, but may include be not clearly listed or for these process, methods, product or
Other intrinsic step or units of equipment.
Referring to Fig. 1, a kind of electronic communication methods provided in an embodiment of the present invention.As shown in Figure 1, electronic communication methods are for example
Including step S11 to step S16.
Step S11: communication system preparation process;
Wherein, as shown in Fig. 2, step S11 is for example including step S111 to step S116.
Step S111: the block generation module generates first identifier code and the first decrypted private key, and according to described first
The first encrypted public key is calculated in decrypted private key;
Step S112: the first identifier code and first encrypted public key are sent to described by the block generation module
Password preserving module is saved;
Step S113: the sending module generates second identification code and the second decrypted private key, and according to second decryption
The second encrypted public key is calculated in private key;
Step S114: the second identification code and second encrypted public key are sent to the password by the sending module
Preserving module is saved;
Step S115: the receiving module generates third identification code and third decrypted private key, and is decrypted according to the third
Third encrypted public key is calculated in private key;
Step S116: the third identification code and the third encrypted public key are sent to the password by the receiving module
Preserving module is saved;
Step S12: session key transmitting step;
Wherein, as shown in figure 3, step S12 is for example including step S121 to step S124.
Step S121: the sending module generates session key;
Step S122: the sending module reads the third encrypted public key that the password preserving module saves;
Step S123: the sending module, which encrypts the session key according to the third encrypted public key, to be added
Session key after close, is sent to the receiving module;
Step S124: the receiving module receives session key after the encryption, and according to the third decrypted private key solution
Session key obtains the session key after the close encryption;
Step S13: session information signature step;
Wherein, as shown in figure 4, step S13 is for example including step S131 to step S134.
Step S131: the sending module initiates session, and assigns session information the 4th identification code;
Step S132: the sending module encrypts the session information according to the session key to obtain encryption meeting
Talk about information;
Step S133: the sending module is according to the second identification code, the third identification code, the 4th mark
Session key generates the first cryptographic Hash after code, session information sending time, the encryption session information and the encryption;
Step S134: the sending module is signed to obtain according to second decrypted private key to first cryptographic Hash
First signature;
Step S14: session information transmitting step.
Wherein, as shown in figure 5, step S14 is for example including step S141 to step S144.
Step S141: the sending module by the second identification code, the third identification code, the 4th identification code,
Session key and first signature are sent to after the session information sending time, the encryption session information, the encryption
The receiving module;
Step S142: the receiving module reads second encrypted public key saved from the password preserving module;
Step S143: the receiving module is according to second encrypted public key verifying, first signature;
Step S144: the receiving module decrypts institute after verifying described first is signed successfully, according to the session key
It states encryption session information and obtains the session information;
Step S15: session information verification step;
Wherein, as shown in fig. 6, step S15 is for example including step S151 to step S155.
Step S151: the sending module by the second identification code, the third identification code, the 4th identification code,
Session key and first signature are sent to after the session information sending time, the encryption session information, the encryption
The block generation module;
Step S152: it is public that the block generation module reads second encryption saved from the password preserving module
Key, and first cryptographic Hash is obtained according to second encrypted public key verifying, first signature;
Step S153: the block generation module is according to the second identification code, the third identification code, the 4th mark
Session key generates the second cryptographic Hash after knowledge code, the session information sending time, the encryption session information and the encryption;
Step S154: the block generation module compares first cryptographic Hash and second cryptographic Hash;
Step S155: when comparison first cryptographic Hash is identical with second cryptographic Hash, the block generation module
Confirmation message is sent to the receiving module;
Step S16: session information saves step;
Wherein, as shown in fig. 7, step S16 is for example including step S161 to step S163.
Step S161: the receiving module receives the confirmation message, and first signature is sent to the block
Generation module;
Step S162: the block generation module receives first signature that the receiving module is sent, and with it is described
First signature that sending module is sent compares, to confirm that session is errorless;
Step S163: after confirming that the session is errorless, the block generation module generates new information block, and will be described
New information block is added to the information block chain.
Specifically, in step s 11, that mentions obtains encrypted public key for example according to decrypted private key are as follows: oval bent based on SM2
Encrypted public key is calculated according to decrypted private key in line algorithm.Wherein, SM2 elliptic curve abbreviation SM2, recognizes for State Commercial Cryptography Administration
One of fixed domestic cryptographic algorithm is asymmetric arithmetic.The identification code mentioned, i.e. first identifier code, second identification code and
Three identification codes are the meaningless character string of the regular length generated at random.The password preserving module mentioned is, for example, a kind of data
Library is for example PKI (Public Key Infrastructure, underlying public key facility).PKI is to manage and maintain mark
The distributed data base of code and encrypted public key.That mentions is sent to password preserving module for encrypted public key and identification code and saves
Identification code and encrypted public key are for example, sent to password preserving module by exit passageway.Step S123 for example, be based on
SM2 elliptic curve encrypts the session key using the third encrypted public key.
Further, in step s 13, the 4th identification code mentioned also is the nonsense word of the regular length generated at random
Symbol string.Step S132 for example, the session information is added using the session key based on SM4 block cipher
It is close.The SM4 block cipher abbreviation SM4 mentioned calculates for one of the domestic cryptographic algorithm that State Commercial Cryptography Administration is assert to be symmetrical
Method.Step S133 for example, the second identification code, the third identification code, described is used based on SM3 cryptographic Hash algorithm
Session-key computation obtains described after 4th identification code, session information sending time, the encryption session information and the encryption
First cryptographic Hash.The SM3 cryptographic Hash algorithm abbreviation SM3 mentioned is one of the domestic cryptographic algorithm that State Commercial Cryptography Administration is assert,
For hash algorithm.Step S134 uses second decrypted private key to described first for example including SM2 elliptic curve is based on
Cryptographic Hash is signed.
Further, the verifying first that step S144 is mentioned is signed successfully for example, receiving module is according to described second
Encrypted public key verifying first signature obtains first cryptographic Hash, indicates that verifying described first is signed successfully.It needs herein
Illustrate, for receiving module, not can confirm that who issues its session information, when receiving module is public according to the second encryption
When the encrypted public key of key namely sending module the first signature of verifying, if available first cryptographic Hash, indicates to be proved to be successful, i.e.,
It determines that session information is sended over by sending module, can be decrypted to obtain session information.If verifying is unsuccessful, i.e.,
The first signature can not be verified according to the second encrypted public key and obtains the first cryptographic Hash, then it represents that session information is not by sending module
It sends over, so receiving module cannot be decrypted to obtain session information.
Further, in step S15, the second cryptographic Hash of generation that step S153 is mentioned is for example based on SM3 cryptographic Hash
The second cryptographic Hash is calculated in algorithm.Step S154 compares the first cryptographic Hash and the second cryptographic Hash, is to judge to transmit
Session information either with or without being modified.When comparison first cryptographic Hash is identical with second cryptographic Hash, session letter is indicated
Breath is not modified.
Further, the block generation module that step S162 is mentioned receives described first that the receiving module is sent
Signature, and first signature sent with the sending module compares, and is to confirm that sending module is sent to reception
The session information that module and sending module are sent to block generation module is same session information.When comparing, two signatures are identical
When, same session information can be proved, confirmation session is errorless, and block generation module can create new information block.Work as comparison
It when two signatures are not identical, then proves not being same session information, confirmation session is wrong, and block generation module cannot create newly
Information block.
Further, as shown in figure 8, step S163 is for example including step 1631 to step S1637.
Step S1631: the block generation module generates the block-identified code for being associated with the new information block;
Step S1632: the block generation module determines that the size of the new information block obtains block size;
Step S1633: the block generation module is according to the block-identified code, the first identifier code, the block
Size and block generation time obtain block cryptographic Hash, and are signed to obtain block signature to the block cryptographic Hash;
Step S1634: the block generation module is according to the block-identified code, the first identifier code, the block
Size, the block generation time, block signature generate the block head of the new information block;
Step S1635: the block generation module upper letter in the information block chain according to the new information block
The content for ceasing block generates upper block cryptographic Hash;
Step S1636: the block generation module is according to the second identification code, the third identification code, the described 4th
Session key and first signature after identification code, the session information sending time, the encryption session information, the encryption
Generate the block data of the new information block;
Step S1637: the block generation module is according to the block head, the block data and a upper block
Cryptographic Hash generates the new information block.
Wherein, in step S163, the nonsense word for the regular length that the block-identified code mentioned for example, generates at random
Symbol string.The block size mentioned is the total size of new information block.Mention to obtain block cryptographic Hash for example miscellaneous based on SM3 password
Block cryptographic Hash is calculated in the algorithm that gathers.The block signature that obtains mentioned for example is signed based on SM2 elliptic curve.It mentions
To new information block for example including block head, block data and upper block cryptographic Hash.Wherein, block head includes: area
Other identification code, first identifier code, block size, block generation time and block signature.Block data include: second identification code,
Session key and the first signature after third identification code, the 4th identification code, session information sending time, encryption session information, encryption.
In addition, step S11 for example further includes that the first block generates mould in electronic communication methods provided in this embodiment
Block generates first information block, to establish the information block chain.
The present embodiment in order to facilitate understanding carries out detailed below with reference to specific embodiment of the Fig. 9 and Figure 10 to the present embodiment
It describes in detail bright.
As shown in Figure 10, electronic communication methods provided in this embodiment are suitable for application in comprising sending module i.e. user A, connect
Receive module, that is, user B, password preserving module, that is, PKI, block generation module, that is, miner and information block chain electronic communication system
In.
Wherein, information block chain is the instant of the robustness of having based on distributed account book, high security and protection privacy
Communication structure.As shown in Figure 10 a, information block chain its sequentially connected and form by several information blocks, and first information block
Often it is referred to as wound generation block.PKI, that is, underlying public key facility is the identification code and encrypted public key for managing and maintaining user and miner
Distributed data base.Miner is responsible for verifying session information and generates the electronic module of information block.User A and user B it
Between can communicate, and respectively can with miner carry out information transmission.
Wherein, as shown in fig. lob, information block includes block head, block data and a upper block cryptographic Hash.
Specifically, as shown in figure l0c, block head includes: block ID (block-identified code), miner's ID (first identifier
Code), timestamp (block generation time), block size and miner sign (block signature).Wherein, block ID is allocated to information
The meaningless character string of one regular length generated at random of block.What miner ID be allocated to miner one generated at random
The meaningless character string of regular length.Timestamp is the character string for recording block submission time.Block size refers to information
The total size of block.Miner's signature is based on message authentication mode and cryptographic hash mode to block ID, miner ID, timestamp
The signature that the cryptographic Hash generated with block size is signed.
Further, as shown in fig. 10d, block data is information and information metadata pair.Information and information metadata pair
For example including session information ID (the 4th identification code), sender ID (second identification code), recipient ID (third identification code), information
Session key and sender's signature (the first signature) after timestamp (session information sending time), encryption session information, encryption.Its
In, session information ID is allocated to the meaningless character string of a regular length generated at random of session information.Sender ID
It is allocated to the meaningless character string of the regular length generated at random of sender.Recipient ID is allocated to recipient's
The meaningless character string of one regular length generated at random.Information time stamp is the word for the recording conversation access time
Symbol string.Encryption session information is to encrypt session information using session key based on message encryption mode.Session key is after encryption
Recipient's encrypted public key encrypted session key is used based on message authentication mode.Sender's signature be based on message authentication mode and
Cryptographic hash mode is to session after session information ID, sender ID, recipient ID, information time stamp, encryption session information, encryption
The cryptographic Hash that key generates is signed.
Further, a upper block cryptographic Hash is the Hash using an information block in cryptographic hash mode computation
Value.It assures that the integrality of a upper information block.Once information block generates, the cryptographic Hash of information block is calculated, it
It will not be able to be modified again.
Further, the cryptographic hash mode mentioned is to calculate cryptographic Hash based on SM3.Wherein, information block length is
512 bits, Hash length are 256 bits.Cryptographic hash mode includes information filling, information decomposition, Information expansion and message pressure
Contracting.
Wherein, information filling indicates that session information, r indicate the last one grouping using m.Session information is divided into several
512 bit groupings.As (r+k+1) %512=448, the last one packet bit 1 and k 0 are filled.If r < 448, the last one
Group padding length is 448 bits, otherwise, the last one group padding to 512 bits, and and a group padding is increased newly to 448
Bit.Then, the length binary representation of the last one group padding message m, is m ' via filled session information.
It is the grouping that m ' is resolved into n 512 bits, i.e. m '=B that information, which is decomposed,(0)B(1)...B(n-1)。
Information expansion is that each information block is extended to 132 words, the specific steps are as follows:
(a)B(i)It is divided into 16 words, W0,W1,...,W15。
(b) it definesFor j=16,17 ..., 67, we are calculated
(c) for j=0,1 ..., 63, we are calculated
(d) then, 132 words are calculated W0,W1,...,W67,W′0,W′1,...,W′63。
Information Compression uses following constant.
For i=0,1 ..., n-1, Information Compression V(i+1)=CF (V(i),B(i))) detailed process is as follows:
(1) we calculate ABCDEFGH=V(i), A, B, C, D, E, F, G, H are the registers of 32 bits.
(2) for j=0,1 ..., 63, following steps are calculated:
(2.1) SS1=((A < < < 12)+E+ (T is calculatedj< < < j)) < < < 7), TjBe a constant definition such as
Under.
(2.2) SS2=SS1+ (A < < < 12) and TT1=FF are calculatedj(A,B,C)+D+SS2+W′j, FFjIt is defined as follows.
(2.3) TT2=GG is calculatedj(A,B,C)+H+SS1+Wj, GGjIt is defined as follows.
(2.4) D=C, C=B < < < 9, B=A and A=TT1 are calculated.
(2.5) H=G, G=F < < < 19, F=E and E=P are calculated0(TT2), P0It is defined as follows.
(3) it calculates
(4) it calculates
(5) cryptographic Hash is y=ABCDEFGH.
Further, message encryption mode is realized based on SM4, and information block length is 128 bits, key length
128 bits.Specific ciphering process is as follows:
(a) plaintext of 128 bits is indicated using X.
X=(X0,X1,X2,X3)
(b) key of 128 bits is indicated using MK.
MK=(K0,K1,K2,K3)
(c) for i=0,1 ..., 31, CKiIt is constant, round key rk with FKiGenerating process is as follows.
τ is 4 parallel S-Box, and input is A (a0,a1,a2,a3), output is B=(b0,b1,b2,b3), a0,a1,a2,a3,
b0,b1,b2,b3It is finite field gf (28) element.
τ=(b0,b1,b2,b3)=(Sbox (a0),Sbox(a1),Sbox(a2),Sbox(a3))
L ' transform definition is as follows.
(d) for i=0,1 ..., 31, X is calculatedi+4=F (Xi,Xi+1,Xi+2,Xi+3), F is defined as follows.
L transform definition is as follows.
(e) ciphertext is X35,X34,X33,X32。
Further, message authentication mode is realized based on SM2, is indicated characteristic element using O, is used G=(xG,yG) table
Show elliptic curve basic point, indicates Prime Orders using n, make n × G=O.The signature generating process of message authentication mode is as follows.
(a) user generates private key d at randomA。
(b) Z is calculatedA=SM3 (ENTLA||IDA||a||b||xG||yG||xA||yA), IDAIt is the mark of user, ENTLAIt is
The length of mark.
(c) it calculates
(d) it calculates
(e) k is selected in [1, n-1] at random.
(f) calculated curve point (x1,y1)=[k] G.
(g) r=(e+x is calculated1) mod n, if r==0 or r+k==n, return (e).
(h) s=((1+d is calculatedA)-1(k=rdA))mod n.If s==0, return (e).
(i) signature (r, s) generates.
The process of the signature verification (r ', s ') of message authentication mode is as follows.
(a) user generates public key PA=[dA] G=(xA,yA)。
If (b)Signature is false.
If (c)Signature is false.
(d) it calculates
(e) it calculates
(f) t=(r '+s ') mod n is calculated, if t==0, signature is false.
(g) it calculates and removes curve point (x '1,y′1)=[s '] G+ [t] PA。
(h) R=(e '+x ' is calculated1) mod n, if R==r ', signature is true.
In the following, the electronic communication process description being related to the present embodiment specific embodiment is as follows in conjunction with Figure 10:
(1) miner is elected at random.
(2) each miner generates the ID of oneself at random.
(3) each miner generates the decrypted private key of oneself, and is based on message authentication mode computation encrypted public key.
(4) each miner gives the encrypted public key of oneself and ID to PKI by exit passageway.
(5) first miners generate first information block, to establish information block chain.
(6) user A and user B registration generates random ID.
(7) user A and user B generates the decrypted private key of oneself, and is based on message authentication mode computation encrypted public key.
(8) user A and user B is respectively given the encrypted public key of oneself and ID to PKI by exit passageway.
(9) user A generates session key at random.
(10) user A is sent out using ID, session key, timestamp, the signature of the encrypted public key encryption A of B by exit passageway
Give B.
(11) user B obtains session key using the decrypted private key decryption of B.
(12) session information is endowed random ID.
(13) user A encrypts session information using session key.
(14) user A generates session information ID, the ID of user A, the ID of user B, timestamp, encryption session information, encryption
First cryptographic Hash of session key afterwards.
(15) user A signs to the first cryptographic Hash that previous step obtains using the decrypted private key of A.
(16) user A will be after session Information ID, the ID of user A, the ID of user B, timestamp, encryption session information, encryption
Session key and signature issue user B.
(17) user B verifies signature using the encrypted public key of A.
(18) after verifying is signed successfully, user B decrypts encryption session information using session key and obtains session information.
(19) user A will be after session Information ID, the ID of user A, the ID of user B, timestamp, encryption session information, encryption
Session key and signature issue miner.
(20) miner obtains the encrypted public key of A from PKI.
(21) after miner generates session information ID, the ID of user A, the ID of user B, timestamp, encryption session information, encryption
Second cryptographic Hash of session key.
(22) miner obtains the first cryptographic Hash using the encrypted public key verifying signature of A.
(23) miner compares two cryptographic Hash.
(24) after two cryptographic Hash of comparison are identical, miner sends confirmation message and gives user B.
(25) the user A signature for issuing user B is issued miner by user B, and miner compares the signature and use that user B is sent
The signature that family A is sent.
(26) after two signatures of comparison are identical, miner generates new information block to store session information, and adds to letter
It ceases on block chain.
It should be noted that the process of generation signature and verifying signature that abovementioned steps (1) are mentioned into step (26)
It is to be realized based on SM2, specific the step of generating signature and signature verification can be found in the label of foregoing description message authentication mode
Name generating process and signature-verification process.The process for the generation cryptographic Hash mentioned is realized based on SM3, and specific cryptographic Hash generates
Step can be found in the calculating process of aforementioned cryptographic hash mode.Session information encryption is realized based on SM4, specific ciphering process
It can be found in the specific calculating process of aforementioned messages encryption mode.
In conclusion a kind of electronic communication methods provided in an embodiment of the present invention, are able to carry out electronics instant messaging, and base
In block chain realize instant messaging anonymity, can not tamper and non-repudiation, can support large-scale electronics i.e.
Shi Tongxin has better security level.
Referring to Figure 11, another embodiment of the present invention provides a kind of electronic communication systems.As shown in figure 11, electronic communication system
30 for example, sending module 31, receiving module 32, password preserving module 34, block generation module 33 and information block chain 35.
Wherein, sending module 31 connects receiving module 32, block generation module 33 and password preserving module 34.Receiving module 32 is also connected with
Block generation module 33 and password preserving module 34.Block generation module 33 is also connected with information block chain 35 and password preserving module
34。
Electronic communication system provided in this embodiment for example executes electronic communication methods described in previous embodiment.Citing and
Speech, when electronic communication system 30 executes electronic communication:
Communication system prepares:
Block generation module 33 generates first identifier code and the first decrypted private key, and is calculated according to first decrypted private key
Obtain the first encrypted public key;
The first identifier code and first encrypted public key are sent to password preserving module 34 by block generation module 33
It is saved;
Sending module 31 generates second identification code and the second decrypted private key, and is calculated according to second decrypted private key
Second encrypted public key;
The second identification code and second encrypted public key are sent to password preserving module 34 and carried out by sending module 31
It saves;
Receiving module 32 generates third identification code and third decrypted private key, and is calculated according to the third decrypted private key
Third encrypted public key;
The third identification code and the third encrypted public key are sent to password preserving module 34 and carried out by receiving module 32
It saves;
Session key transmission:
Sending module 31 generates session key;
Sending module 31 reads the third encrypted public key that password preserving module 34 saves;
Session is close after sending module 31 encrypts the session key according to the third encrypted public key
Key is sent to receiving module 32;
Receiving module 32 receives session key after the encryption, and after decrypting the encryption according to the third decrypted private key
Session key obtains the session key;
Session information signature:
Sending module 31 initiates session, and assigns session information the 4th identification code;
Sending module 31 encrypts the session information according to the session key to obtain encryption session information;
Sending module 31 is sent out according to the second identification code, the third identification code, the 4th identification code, session information
Session key after time, the encryption session information and the encryption is sent to generate the first cryptographic Hash;
Sending module 31 is signed to obtain the first signature according to second decrypted private key to first cryptographic Hash;
Session information transmission:
Sending module 31 is by the second identification code, the third identification code, the 4th identification code, the session information
Session key and first signature are sent to receiving module 32 after sending time, the encryption session information, the encryption;
Receiving module 32 reads second encrypted public key saved from password preserving module 34;
Receiving module 32 is according to second encrypted public key verifying, first signature;
Receiving module 32 is decrypted the encryption session according to the session key and is believed after verifying described first is signed successfully
Breath obtains the session information;
Session information verifying:
Sending module 31 is by the second identification code, the third identification code, the 4th identification code, the session information
Session key and first signature are sent to block generation module after sending time, the encryption session information, the encryption
33;
Block generation module 33 reads second encrypted public key saved from password preserving module 34, and according to described the
Two encrypted public keys verifying, first signature obtains first cryptographic Hash;
Block generation module 33 is according to the second identification code, the third identification code, the 4th identification code, the meeting
Session key generates the second cryptographic Hash after words access time, the encryption session information and the encryption;
Block generation module 33 compares first cryptographic Hash and second cryptographic Hash;
When comparison first cryptographic Hash is identical with second cryptographic Hash, block generation module 33 sends confirmation message
To receiving module 32;
Session information saves:
Receiving module 32 receives the confirmation message, and first signature is sent to block generation module 33;
Block generation module 33 receives first signature that the receiving module is sent, and sent with sending module 31
First signature compares, to confirm that session is errorless;
After confirming that the session is errorless, block generation module 33 generates new information block, and by the new information block
It is added to information block chain 35.
Wherein, password preserving module 34 is, for example, a kind of database, is for example PKI (Public Key
Infrastructure, underlying public key facility).PKI is the distributed data base for managing and maintaining identification code and encrypted public key.Letter
Breath block chain 35 is the robustness of having based on distributed account book, high security and the instant messaging structure for protecting privacy.Information
Block chain 35 includes several information blocks sequentially connected.The new information block mentioned is for example including block head, block data
With upper block cryptographic Hash.Wherein, when block head includes: distinctive mark code, first identifier code, block size, block generation
Between and block signature.Block data include: second identification code, third identification code, the 4th identification code, session information sending time,
Session key and first is signed after encrypting session information, encryption.
It should be noted that for example aforementioned implementation of electronic communication methods that the electronic communication system that the present embodiment is mentioned is realized
Described in example, particularly relevant content can refer to previous embodiment, for sake of simplicity, details are not described herein.
In conclusion a kind of electronic communication system provided in an embodiment of the present invention, is able to carry out electronics instant messaging, and base
In block chain realize instant messaging anonymity, can not tamper and non-repudiation, can support large-scale electronics i.e.
Shi Tongxin has better security level.
Finally, it should be noted that the above embodiments are merely illustrative of the technical solutions of the present invention, rather than its limitations;Although
Present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that: it still may be used
To modify the technical solutions described in the foregoing embodiments or equivalent replacement of some of the technical features;
And these are modified or replaceed, technical solution of various embodiments of the present invention that it does not separate the essence of the corresponding technical solution spirit and
Range.
Claims (10)
1. a kind of electronic communication methods are suitable for application in and generate comprising sending module, receiving module, password preserving module, block
In the electronic communication system of module and information block chain characterized by comprising
Communication system preparation process:
The block generation module generates first identifier code and the first decrypted private key, and is calculated according to first decrypted private key
To the first encrypted public key;
The first identifier code and first encrypted public key are sent to the password preserving module by the block generation module
It is saved;
The sending module generates second identification code and the second decrypted private key, and is calculated the according to second decrypted private key
Two encrypted public keys;
The second identification code and second encrypted public key are sent to the password preserving module and carried out by the sending module
It saves;
The receiving module generates third identification code and third decrypted private key, and is calculated the according to the third decrypted private key
Three encrypted public keys;
The third identification code and the third encrypted public key are sent to the password preserving module and carried out by the receiving module
It saves;
Session key transmitting step:
The sending module generates session key;
The sending module reads the third encrypted public key that the password preserving module saves;
Session key after the sending module encrypts the session key according to the third encrypted public key,
It is sent to the receiving module;
The receiving module receives session key after the encryption, and according to meeting after the third decrypted private key decryption encryption
Words key obtains the session key;
Session information signature step:
The sending module initiates session, and assigns session information the 4th identification code;
The sending module encrypts the session information according to the session key to obtain encryption session information;
The sending module is sent according to the second identification code, the third identification code, the 4th identification code, session information
Session key generates the first cryptographic Hash after time, the encryption session information and the encryption;
The sending module is signed to obtain the first signature according to second decrypted private key to first cryptographic Hash;
Session information transmitting step:
The sending module sends out the second identification code, the third identification code, the 4th identification code, the session information
Session key and first signature after time, the encryption session information, the encryption is sent to be sent to the receiving module;
The receiving module reads second encrypted public key saved from the password preserving module;
The receiving module is according to second encrypted public key verifying, first signature;
The receiving module decrypts the encryption session information after verifying described first is signed successfully, according to the session key
Obtain the session information;
Session information verification step:
The sending module sends out the second identification code, the third identification code, the 4th identification code, the session information
Session key and first signature after time, the encryption session information, the encryption is sent to be sent to the block and generate mould
Block;
The block generation module reads second encrypted public key saved from the password preserving module, and according to described the
Two encrypted public keys verifying, first signature obtains first cryptographic Hash;
The block generation module is according to the second identification code, the third identification code, the 4th identification code, the session
Session key generates the second cryptographic Hash after access time, the encryption session information and the encryption;
The block generation module compares first cryptographic Hash and second cryptographic Hash;
When comparison first cryptographic Hash is identical with second cryptographic Hash, the block generation module sends confirmation message extremely
The receiving module;
Session information saves step:
The receiving module receives the confirmation message, and first signature is sent to the block generation module;
The block generation module receives first signature that the receiving module is sent, and sent with the sending module
First signature compares, to confirm that session is errorless;
After confirming that the session is errorless, the block generation module generates new information block, and the new information block is added
Add to the information block chain.
2. electronic communication methods according to claim 1, which is characterized in that in the communication system preparation process, institute
Stating and the first encrypted public key is calculated according to first decrypted private key includes: based on SM2 elliptic curve according to described
First encrypted public key is calculated in one decrypted private key.
3. electronic communication methods according to claim 1, which is characterized in that in the communication system preparation process, institute
State by the first identifier code and first encrypted public key be sent to the password preserving module carry out save include: will be described
First identifier code and first encrypted public key are sent to the password preserving module by exit passageway and are saved.
4. electronic communication methods according to claim 1, which is characterized in that in the session key transmitting step, institute
State session key after being encrypted according to the third encrypted public key to the session key, comprising: ellipse based on SM2
Circular curve algorithm encrypts the session key using the third encrypted public key.
In the session information signature step, described encrypted according to the session key to the session information is added
Close session information, comprising: the session information is encrypted using the session key based on SM4 block cipher.
5. electronic communication methods according to claim 1, which is characterized in that in the session information signature step, institute
It states according to the second identification code, the third identification code, the 4th identification code, session information sending time, the encryption
Session key generates the first cryptographic Hash after session information and the encryption, comprising: uses described the based on SM3 cryptographic Hash algorithm
Two identification codes, the third identification code, the 4th identification code, session information sending time, the encryption session information and institute
Session-key computation obtains first cryptographic Hash after stating encryption.
6. electronic communication methods according to claim 1, which is characterized in that in the session information signature step, institute
It states and first cryptographic Hash is signed to obtain the first signature according to second decrypted private key, comprising: is oval bent based on SM2
Line algorithm signs to first cryptographic Hash using second decrypted private key.
7. electronic communication methods according to claim 1, which is characterized in that in the session information transmitting step, institute
Stating verifying described first and signing successfully includes: that the receiving module is signed according to second encrypted public key verifying described first
To first cryptographic Hash, indicate that verifying described first is signed successfully.
8. electronic communication methods according to claim 1, which is characterized in that saved in step in the session information, institute
It states block generation module and generates new information block, comprising:
Generate the block-identified code for being associated with the new information block;
Determine that the size of the new information block obtains block size;
Block Hash is obtained according to the block-identified code, the first identifier code, the block size and block generation time
Value, and the block cryptographic Hash is signed to obtain block signature;
According to the block-identified code, the first identifier code, the block size, the block generation time, the block
Signature generates the block head of the new information block;
Upper block cryptographic Hash is generated according to the content of the new information block upper information block in the information block chain;
According to the second identification code, the third identification code, the 4th identification code, the session information sending time, institute
State the block data that session key and first signature after encrypting session information, the encryption generate the new information block;
And
The new information block is generated according to the block head, the block data and the upper block cryptographic Hash.
9. electronic communication methods according to claim 8, which is characterized in that the first identifier code, the second identifier
Code, the third identification code, the 4th identification code and the block-identified code are being not intended to for the regular length generated at random
Adopted character string.
10. a kind of electronic communication system characterized by comprising sending module, receiving module, password preserving module, block are raw
At module and information block chain;Wherein, the sending module connects the receiving module, the block generation module and described close
Code preserving module;The receiving module is also connected with the block generation module and the password preserving module;The block generates
Module is also connected with the information block chain and the password preserving module;When the electronic communication system executes electronic communication:
Communication system prepares:
The block generation module generates first identifier code and the first decrypted private key, and is calculated according to first decrypted private key
To the first encrypted public key;
The first identifier code and first encrypted public key are sent to the password preserving module by the block generation module
It is saved;
The sending module generates second identification code and the second decrypted private key, and is calculated the according to second decrypted private key
Two encrypted public keys;
The second identification code and second encrypted public key are sent to the password preserving module and carried out by the sending module
It saves;
The receiving module generates third identification code and third decrypted private key, and is calculated the according to the third decrypted private key
Three encrypted public keys;
The third identification code and the third encrypted public key are sent to the password preserving module and carried out by the receiving module
It saves;
Session key transmission:
The sending module generates session key;
The sending module reads the third encrypted public key that the password preserving module saves;
Session key after the sending module encrypts the session key according to the third encrypted public key,
It is sent to the receiving module;
The receiving module receives session key after the encryption, and according to meeting after the third decrypted private key decryption encryption
Words key obtains the session key;
Session information signature:
The sending module initiates session, and assigns session information the 4th identification code;
The sending module encrypts the session information according to the session key to obtain encryption session information;
The sending module is sent according to the second identification code, the third identification code, the 4th identification code, session information
Session key generates the first cryptographic Hash after time, the encryption session information and the encryption;
The sending module is signed to obtain the first signature according to second decrypted private key to first cryptographic Hash;
Session information transmission:
The sending module sends out the second identification code, the third identification code, the 4th identification code, the session information
Session key and first signature after time, the encryption session information, the encryption is sent to be sent to the receiving module;
The receiving module reads second encrypted public key saved from the password preserving module;
The receiving module is according to second encrypted public key verifying, first signature;
The receiving module decrypts the encryption session information after verifying described first is signed successfully, according to the session key
Obtain the session information;
Session information verifying:
The sending module sends out the second identification code, the third identification code, the 4th identification code, the session information
Session key and first signature after time, the encryption session information, the encryption is sent to be sent to the block and generate mould
Block;
The block generation module reads second encrypted public key saved from the password preserving module, and according to described the
Two encrypted public keys verifying, first signature obtains first cryptographic Hash;
The block generation module is according to the second identification code, the third identification code, the 4th identification code, the session
Session key generates the second cryptographic Hash after access time, the encryption session information and the encryption;
The block generation module compares first cryptographic Hash and second cryptographic Hash;
When comparison first cryptographic Hash is identical with second cryptographic Hash, the block generation module sends confirmation message extremely
The receiving module;
Session information saves:
The receiving module receives the confirmation message, and first signature is sent to the block generation module;
The block generation module receives first signature that the receiving module is sent, and sent with the sending module
First signature compares, to confirm that session is errorless;
After confirming that the session is errorless, the block generation module generates new information block, and the new information block is added
Add to the information block chain.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910250785.0A CN109981294A (en) | 2019-03-29 | 2019-03-29 | Electronic communication methods and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910250785.0A CN109981294A (en) | 2019-03-29 | 2019-03-29 | Electronic communication methods and system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109981294A true CN109981294A (en) | 2019-07-05 |
Family
ID=67081778
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910250785.0A Withdrawn CN109981294A (en) | 2019-03-29 | 2019-03-29 | Electronic communication methods and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109981294A (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112333133A (en) * | 2020-07-08 | 2021-02-05 | 深圳Tcl新技术有限公司 | Data security transmission method, device, equipment and computer readable storage medium |
CN113691437A (en) * | 2020-05-18 | 2021-11-23 | 山东浪潮质量链科技有限公司 | Instant messaging method, equipment and medium based on block chain |
-
2019
- 2019-03-29 CN CN201910250785.0A patent/CN109981294A/en not_active Withdrawn
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113691437A (en) * | 2020-05-18 | 2021-11-23 | 山东浪潮质量链科技有限公司 | Instant messaging method, equipment and medium based on block chain |
CN112333133A (en) * | 2020-07-08 | 2021-02-05 | 深圳Tcl新技术有限公司 | Data security transmission method, device, equipment and computer readable storage medium |
CN112333133B (en) * | 2020-07-08 | 2024-06-07 | 深圳Tcl新技术有限公司 | Data security transmission method, device, equipment and computer readable storage medium |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8275997B2 (en) | Method of encrypting and transmitting data and system for transmitting encrypted data | |
EP0998799B1 (en) | Security method and system for transmissions in telecommunication networks | |
CN113259329B (en) | Method and device for data careless transmission, electronic equipment and storage medium | |
US10412063B1 (en) | End-to-end double-ratchet encryption with epoch key exchange | |
EP2361462B1 (en) | Method for generating an encryption/decryption key | |
US20060209843A1 (en) | Secure spontaneous associations between networkable devices | |
KR20080058460A (en) | System, method and computer program product for authenticating a data agreement between network entities | |
CN101262341A (en) | A mixed encryption method in session system | |
US6640303B1 (en) | System and method for encryption using transparent keys | |
CN112738051B (en) | Data information encryption method, system and computer readable storage medium | |
CN111049738B (en) | E-mail data security protection method based on hybrid encryption | |
JPH09312643A (en) | Key sharing method and ciphering communication method | |
CN109981294A (en) | Electronic communication methods and system | |
CN114422135A (en) | Verifiable accidental transmission method based on elliptic curve | |
CN109962924A (en) | Group chat construction method, group message sending method, group message receiving method and system | |
EP3462668A1 (en) | Plaintext equivalence proof techniques in communication systems | |
JP2011512762A (en) | P2P communication method that makes tampering, wiretapping and hacking impossible in a multi-subscriber network | |
KR100551992B1 (en) | encryption/decryption method of application data | |
US20040039918A1 (en) | Secure approach to send data from one system to another | |
TWI761243B (en) | Encryption system and encryption method for group instant massaging | |
US7526643B2 (en) | System for transmitting encrypted data | |
JP2002539489A (en) | Voice and data encryption method using encryption key split combiner | |
CN108768958A (en) | It is not revealed based on third party and is tested the data integrity of information and the verification method in source | |
Fatima et al. | Certificate based security services in adhoc sensor network | |
US7327845B1 (en) | Transmission of encrypted messages between a transmitter and a receiver utilizing a one-time cryptographic pad |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WW01 | Invention patent application withdrawn after publication |
Application publication date: 20190705 |
|
WW01 | Invention patent application withdrawn after publication |