CN111510294A - Method for improving office system security by using secret key - Google Patents
Method for improving office system security by using secret key Download PDFInfo
- Publication number
- CN111510294A CN111510294A CN202010378386.5A CN202010378386A CN111510294A CN 111510294 A CN111510294 A CN 111510294A CN 202010378386 A CN202010378386 A CN 202010378386A CN 111510294 A CN111510294 A CN 111510294A
- Authority
- CN
- China
- Prior art keywords
- key
- data
- application terminal
- security
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 28
- 238000012790 confirmation Methods 0.000 claims description 9
- 230000002708 enhancing effect Effects 0.000 claims description 7
- 238000013518 transcription Methods 0.000 claims description 2
- 230000035897 transcription Effects 0.000 claims description 2
- 230000005540 biological transmission Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 238000012552 review Methods 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 230000005610 quantum mechanics Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/10—Office automation; Time management
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Business, Economics & Management (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- Human Resources & Organizations (AREA)
- Strategic Management (AREA)
- Signal Processing (AREA)
- Entrepreneurship & Innovation (AREA)
- Computer Networks & Wireless Communication (AREA)
- Theoretical Computer Science (AREA)
- Marketing (AREA)
- Tourism & Hospitality (AREA)
- General Business, Economics & Management (AREA)
- General Physics & Mathematics (AREA)
- Quality & Reliability (AREA)
- Data Mining & Analysis (AREA)
- Operations Research (AREA)
- Economics (AREA)
- Electromagnetism (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention belongs to the technical field of office systems, and particularly relates to a method for improving the security of an office system by using a secret key, which comprises the following steps: s1: connecting the key device and the application terminal; s2: the registered application terminal obtains the quantum key by an off-line method or an on-line method; s3: the key equipment authenticates the identity of the user and authenticates the identity of the user, and during authentication, the application terminal and a security gateway of the mobile office system construct an encryption tunnel between the application terminal and the security gateway based on a quantum key; after decryption is successful, the application end receives data input by a user and transmits the data to the key equipment; s4: and a user inputs system office data through an application end connected with the key device, and a key module of the key device processes the system office data.
Description
Technical Field
The invention belongs to the technical field of office systems, and particularly relates to a method for improving the security of an office system by using a secret key.
Background
The mobile office system integrates the technologies of mobile communication technology, intelligent application terminal, VPN, identity authentication, Web service and the like, and provides a safe and rapid modern mobile office mechanism for users. The data transmission security of the mobile office system is based on the security of the VPN encryption tunnel; however, the data encryption key negotiation of the VPN security gateway of the conventional mobile office system is a key negotiation protocol based on a public key cryptographic algorithm, and the security is not high.
Key distribution is a new method of secure key distribution over a channel. The key distribution is based on the quantum mechanics principle that quantum state can not be accurately cloned and the like, has the characteristic of monitoring online eavesdropping in real time, can realize unconditional and safe key distribution, and can realize unconditional and safe data encryption transmission by combining an unconditional and safe one-time pad encryption algorithm. The security of the mobile office system can be improved by using the secret key.
Disclosure of Invention
In view of the problems raised by the above background art, the present invention is directed to: the method aims to provide a method for improving the security of an office system by using a secret key. In order to achieve the technical purpose, the technical scheme adopted by the invention is as follows:
a method for enhancing security of an office system using a key, comprising the steps of:
s1: connecting the key device and the application terminal;
s2: the registered application terminal obtains the quantum key by an off-line method or an on-line method;
s3: the key equipment authenticates the identity of the user and authenticates the identity of the user, and during authentication, the application terminal and a security gateway of the mobile office system construct an encryption tunnel between the application terminal and the security gateway based on a quantum key; namely, the security gateway encrypts data to be sent to the application terminal by using a quantum key, and the application terminal decrypts the data by using the key; the application terminal encrypts data needing to be sent to the security gateway by using the shared secret key, and the security gateway decrypts the data by using the shared secret key; after decryption is successful, the application end receives data input by a user and transmits the data to the key equipment;
s4: and a user inputs system office data through an application end connected with the key device, and a key module of the key device processes the system office data.
As a preferable embodiment of the present invention, in S4, the key device receives the data transmitted by the application, performs voice review, and performs digital signature or encryption on the data received by the key device after receiving the confirmation information input by the user according to the content that the key device performs voice review.
As a preferred aspect of the present invention, in S4, the key device generates an authentication code, and then repeats the authentication code by voice; and after receiving the confirmation code input by the user through the application terminal, verifying whether the confirmation code is consistent with the currently generated authentication code, and if so, performing digital signature or encryption on the data received by the key device.
As a preferred aspect of the present invention, the key identifier of the key device includes, but is not limited to, a batch number of the key and a serial number of the sub-key.
As a preferable aspect of the present invention, the key device generates the authentication code at random or generates a different authentication code each time.
As a preferred aspect of the present invention, the secure storage medium of the key device includes, but is not limited to, a system memory of the application terminal and an SD cryptographic card.
The invention has the beneficial effects that:
1. the invention has more flexible and efficient key acquisition mode, does not need to greatly change the technical system of the existing mobile office system, has flexible deployment mode and certifiable safety;
2. the application terminal and the security gateway share one-to-one secret key, and the secret key is supplemented after being used up, so that the communication safety of other application terminals and the mobile office system cannot be influenced when the application terminal accesses and quits the network and is out of control; .
Detailed Description
In order that those skilled in the art can better understand the present invention, the following embodiments are provided to further illustrate the present invention.
A method for enhancing security of an office system using a key, comprising the steps of:
s1: connecting the key device and the application terminal;
s2: the registered application terminal obtains the quantum key by an off-line method or an on-line method;
s3: the key equipment authenticates the identity of the user and authenticates the identity of the user, and an encryption tunnel between the application terminal and a security gateway of the mobile office system is constructed based on a quantum key during authentication; namely, the security gateway encrypts data to be sent to the application terminal by using a quantum key, and the application terminal decrypts the data by using the key; the application terminal encrypts data needing to be sent to the security gateway by using the shared secret key, and the security gateway decrypts the data by using the shared secret key; after the decryption is successful, the application end receives the data input by the user and transmits the data to the key equipment;
s4: the user inputs the system office data through the application end connected with the key device, and the key module of the key device processes the system office data.
In S4, the key device receives the data transmitted by the application, performs voice transcription, and performs digital signature or encryption on the data received by the key device after receiving the confirmation information input by the user according to the content transcribed by the key device.
In S4, the key device generates an authentication code, and then repeats the authentication code in voice; and after receiving the confirmation code input by the user through the application terminal, verifying whether the confirmation code is consistent with the currently generated authentication code, and if so, performing digital signature or encryption on the data received by the key device.
The key identifier of the key device includes, but is not limited to, a batch number of the key and a serial number of the sub-key.
Wherein the key device randomly generates the authentication code or generates a different authentication code each time.
The secure storage medium of the key device includes, but is not limited to, a system memory of the application terminal and an SD cryptographic card.
The foregoing embodiments are merely illustrative of the principles of the present invention and its efficacy, and are not to be construed as limiting the invention. Any person skilled in the art can modify or change the above-mentioned embodiments without departing from the spirit and scope of the present invention. Accordingly, it is intended that all equivalent modifications or changes which can be made by those skilled in the art without departing from the spirit and technical spirit of the present invention be covered by the claims of the present invention.
Claims (6)
1. A method for improving the security of an office system by using a secret key is characterized in that: the method comprises the following steps:
s1: connecting the key device and the application terminal;
s2: the registered application terminal obtains the quantum key by an off-line method or an on-line method;
s3: the key equipment authenticates the identity of the user and authenticates the identity of the user, and during authentication, the application terminal and a security gateway of the mobile office system construct an encryption tunnel between the application terminal and the security gateway based on a quantum key; namely, the security gateway encrypts data to be sent to the application terminal by using a quantum key, and the application terminal decrypts the data by using the key; the application terminal encrypts data needing to be sent to the security gateway by using the shared secret key, and the security gateway decrypts the data by using the shared secret key; after decryption is successful, the application end receives data input by a user and transmits the data to the key equipment;
s4: and a user inputs system office data through an application end connected with the key device, and a key module of the key device processes the system office data.
2. The method for enhancing the security of an office system by using a secret key according to claim 1, wherein: in S4, the key device receives the data transmitted by the application, performs voice transcription, and performs digital signature or encryption on the data received by the key device after receiving the confirmation information input by the user according to the content transcribed by the key device.
3. The method for enhancing the security of an office system by using a secret key according to claim 1, wherein: the key device in the S4 generates an authentication code, and then repeats the authentication code by voice; and after receiving the confirmation code input by the user through the application terminal, verifying whether the confirmation code is consistent with the currently generated authentication code, and if so, performing digital signature or encryption on the data received by the key device.
4. The method for enhancing the security of an office system by using a secret key according to claim 1, wherein: the key identification of the key device includes, but is not limited to, the batch number of the key and the serial number of the subkey.
5. The method for enhancing the security of an office system by using a secret key according to claim 1, wherein: the key device randomly generates an authentication code or generates a different authentication code each time.
6. The method for enhancing the security of an office system by using a secret key according to claim 1, wherein: the secure storage medium of the key device includes, but is not limited to, a system memory of an application terminal and an SD password card.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010378386.5A CN111510294A (en) | 2020-05-07 | 2020-05-07 | Method for improving office system security by using secret key |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010378386.5A CN111510294A (en) | 2020-05-07 | 2020-05-07 | Method for improving office system security by using secret key |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111510294A true CN111510294A (en) | 2020-08-07 |
Family
ID=71864327
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010378386.5A Pending CN111510294A (en) | 2020-05-07 | 2020-05-07 | Method for improving office system security by using secret key |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111510294A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112751674A (en) * | 2020-12-30 | 2021-05-04 | 上海果通通信科技股份有限公司 | Virtual private network access authentication method, system, device and readable storage medium |
| CN114531225A (en) * | 2020-11-02 | 2022-05-24 | 深圳Tcl新技术有限公司 | End-to-end communication encryption method, device, storage medium and terminal equipment |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101009562A (en) * | 2007-02-01 | 2007-08-01 | 北京飞天诚信科技有限公司 | Method and system for improving the security of the intelligent secret key device |
| CN109756325A (en) * | 2017-11-05 | 2019-05-14 | 成都零光量子科技有限公司 | A method of mobile office system safety is promoted using quantum key |
-
2020
- 2020-05-07 CN CN202010378386.5A patent/CN111510294A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101009562A (en) * | 2007-02-01 | 2007-08-01 | 北京飞天诚信科技有限公司 | Method and system for improving the security of the intelligent secret key device |
| CN109756325A (en) * | 2017-11-05 | 2019-05-14 | 成都零光量子科技有限公司 | A method of mobile office system safety is promoted using quantum key |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114531225A (en) * | 2020-11-02 | 2022-05-24 | 深圳Tcl新技术有限公司 | End-to-end communication encryption method, device, storage medium and terminal equipment |
| CN112751674A (en) * | 2020-12-30 | 2021-05-04 | 上海果通通信科技股份有限公司 | Virtual private network access authentication method, system, device and readable storage medium |
| CN112751674B (en) * | 2020-12-30 | 2023-05-02 | 上海优咔网络科技有限公司 | Virtual private network access authentication method, system, equipment and readable storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106130982B (en) | Intelligent household appliance remote control method based on PKI system | |
| US8402272B2 (en) | Master unit and slave unit | |
| CN102572817B (en) | Method and intelligent memory card for realizing mobile communication confidentiality | |
| KR101239297B1 (en) | System for protecting information and method thereof | |
| CN104704769A (en) | A wireless communication system | |
| CN101964805B (en) | Method, equipment and system for safely sending and receiving data | |
| CN101707767B (en) | Data transmission method and devices | |
| CN101820629A (en) | Identity authentication method, device and system in wireless local area network (WLAN) | |
| CN101895881B (en) | Method for realizing GBA secret key and pluggable equipment of terminal | |
| CN104901803A (en) | Data interaction safety protection method based on CPK identity authentication technology | |
| CN108848107A (en) | A kind of method of secure transmission web information | |
| CN112020038A (en) | Domestic encryption terminal suitable for rail transit mobile application | |
| CN111540093A (en) | Access control system and control method thereof | |
| CN101888626B (en) | Method and terminal equipment for realizing GBA key | |
| CN111416712B (en) | Quantum secret communication identity authentication system and method based on multiple mobile devices | |
| CN111510294A (en) | Method for improving office system security by using secret key | |
| CN114765534A (en) | Private key distribution system based on national password identification cryptographic algorithm | |
| KR102219086B1 (en) | HMAC-based source authentication and secret key sharing method and system for Unnamed Aerial vehicle systems | |
| CN110691359A (en) | Safety protection method for power marketing professional Bluetooth communication | |
| CN107888376B (en) | NFC authentication system based on quantum communication network | |
| CN107786978B (en) | NFC authentication system based on quantum encryption | |
| CN108881256A (en) | Key exchange method, device, water power stake and the network equipment | |
| CN107566119A (en) | A kind of guard method of eSIM cards data safety and system | |
| CN208369623U (en) | A kind of encryption equipment and encryption transmission system | |
| CN101420687A (en) | Identity verification method based on mobile terminal payment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200807 |