CN112235789A - Interrupt recoverable secret communication processing method, device and system - Google Patents
Interrupt recoverable secret communication processing method, device and system Download PDFInfo
- Publication number
- CN112235789A CN112235789A CN202011216668.1A CN202011216668A CN112235789A CN 112235789 A CN112235789 A CN 112235789A CN 202011216668 A CN202011216668 A CN 202011216668A CN 112235789 A CN112235789 A CN 112235789A
- Authority
- CN
- China
- Prior art keywords
- key
- user terminal
- server
- transmission
- session
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/143—Termination or inactivation of sessions, e.g. event-controlled end of session
- H04L67/145—Termination or inactivation of sessions, e.g. event-controlled end of session avoiding end of session, e.g. keep-alive, heartbeats, resumption message or wake-up for inactive or interrupted session
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W76/00—Connection management
- H04W76/10—Connection setup
- H04W76/19—Connection re-establishment
Abstract
The invention relates to the technical field of communication safety, and discloses a method, a device and a system for processing interrupt recoverable secret communication, wherein the method comprises the following steps: the method comprises the steps of establishing a background database, reading an identifier by adopting an identity key, obtaining a transmission key through the identifier, transmitting a session key through the transmission key, and establishing an encryption session through the session key, wherein the device comprises a user terminal, a server and the background database, and the system comprises one or more processors, a storage device and an interrupt restorable secret communication processing device.
Description
Technical Field
The invention relates to the technical field of communication security, in particular to a method, a device and a system for processing interrupt recoverable secret communication.
Background
With the continuous development of the technology, mobile or wireless communication is widely used as a convenient communication mode, and with the increasing popularization of the wireless or mobile communication technology, the communication security problem is highlighted, which becomes an important issue of attention.
In conventional communication, in order to realize secure communication, secure conversation, that is, encryption of communication data is also performed frequently. In the secret communication, in the call establishment process of each secret call, key agreement is generally required between a terminal and a network or between the terminal and the terminal, so that two communication parties obtain a key of the secret call, the key obtained in the call establishment process is used for encrypting communication data sent out by the communication parties in the call establishment process, and the received encrypted communication data is decrypted.
Disclosure of Invention
Aiming at the defects of the prior art, the invention provides an interrupt recoverable secret communication processing method, which is used for solving the problems in the background art.
The technical scheme adopted by the invention for solving the technical problems is as follows:
the invention provides an interrupt recoverable secret communication processing method, which comprises the following steps:
establishing a background database, wherein the background database comprises an identifier ID of each user terminal and a corresponding identity Key set under each identifierdAnd transmission Key Keyt;
The user terminal stores the ID corresponding to the terminal and the identity KeydAnd transmission Key Keyt(ii) a User terminal passing identity KeydEncrypting the identifier ID, transmitting the identifier ID to a server, and calling the identity Key stored in a background database by the serverdSequentially decrypting, and reading the ID of the identifier to obtainTo transmission Key Keyt;
Server randomly generating session KeysTransfer Key KeytSession Key using 3DES algorithmsCarrying out encryption transmission to the user terminal;
user terminal utilizing transmission KeytDecrypting to obtain the session Keys;
The user terminal and the server establish an encrypted session:
the server establishes a temporary database, carries out serial number IID on the encrypted session and stores a transmission Key KeytAnd the generated session KeysAnd a corresponding user terminal identifier;
the serial number IID adopts a session Key KeysTransmitting to the user terminal for decryption and storing;
carrying out encryption and decryption operation on transmission data at a user terminal and a server side by using a session key by adopting an AES algorithm to finish data encryption transmission;
and after the data transmission is finished, the server deletes the session key and the serial number IID corresponding to the user terminal in the temporary database, and the user terminal deletes the session key and the serial number IID.
Preferably, if the encrypted session between the server and the user terminal is interrupted, the resuming the call includes:
by using transmission keys KeytAnd encrypting the number IID and sending the encrypted number IID to the server, calling the transmission key in the temporary database by the server to perform matching decryption to obtain the number IID and the session key, and continuing to complete the session.
Preferably, a period counter corresponding to each identifier is set in the server, when the encryption session between the user terminal corresponding to the identifier and the server is ended, the period counter is incremented, and when the period counter exceeds a threshold value, the transmission Key corresponding to the identifier is updatedt。
Preferably, the transmission data is further processed as follows before being encrypted:
splitting transmission data into K minimum encryption units, and generating random with K digits by user terminal or server for encryptionPerforming XOR operation on each bit of the K-bit random number and the lowest bit of the K minimum encryption units in sequence, and performing the XOR operation on the K minimum encryption units after the operation is finished by using the session KeysAdopts AES algorithm to encrypt, and simultaneously utilizes the transmission Key Key to the random numbertEncrypting and sending the encrypted data to a server or a user terminal to be received and decrypted;
and the server or the user terminal to receive and decrypt decrypts the received encrypted random number to obtain a K-bit random number, and then performs reverse operation on the lowest of K decrypted minimum encryption units by using the K-bit random number, and performs splicing to obtain transmission data.
Preferably, when the transmission data cannot be split into K minimum encryption units, bit complement operation is performed, the number N of bit complement bits is connected with the random number, and a transmission Key Key is adoptedtAnd the encryption is jointly transmitted to a server or a user terminal to be received and decrypted, the server or the user terminal to be received and decrypted decrypts the received encrypted random number to obtain a K-bit random number and a complementary bit number, then the K-bit random number is used for carrying out reverse operation on the lowest of K minimum decrypted encryption units, and the K-bit random number is spliced to remove the complementary bit number to obtain transmission data.
Preferably, the data transmission between the user terminal and the server is performed by wireless network, wireless short-range radio frequency technology, bluetooth or wired network.
Preferably, if the server calls the identity Key stored in the background databasedAnd if the encrypted ID fails to be decrypted in sequence or the decrypted ID number does not exist in the background database, the server stops responding to the user terminal.
The invention also provides an interrupt recoverable secret communication processing device, which comprises:
a user terminal;
a background database;
a server;
the user terminal stores corresponding unique identifier ID and corresponding identity Key set under each identifierdAnd transmission Key KeytFor passing identity KeydEncrypting the identifier ID, transmitting to the server, and using the transmission Key Key by the user terminaltDecrypting to obtain the session Keys;
The background database is used for storing the unique identifier ID set by each user terminal and setting the corresponding identity Key under each identifierdAnd transmission Key Keyt;
The server is used for calling the identity Key stored in the background databasedSequentially decrypting, reading the identifier ID if the decryption is successful, and obtaining the transmission Key Keyt(ii) a Random generation of session KeysTransfer Key KeytSession Key using 3DES algorithmsCarrying out encryption transmission to the user terminal;
after the encrypted session is established, the server establishes a temporary database, carries out serial number IID on the encrypted session, and stores a transmission Key KeytAnd the generated session KeysAnd a corresponding user terminal identifier; the serial number IID adopts a session Key KeysTransmitting to the user terminal for decryption and storing;
and the user terminal and the server establish an encryption session, and encryption and decryption operations are carried out on the transmission data at the user terminal and the server by using a session key and adopting an AES algorithm to finish data encryption transmission.
The invention also provides an interrupt recoverable secret communication processing system, comprising:
one or more processors;
storage means for storing one or more programs;
interrupt recoverable secure communication processing means;
when the one or more programs are executed by the one or more processors, the one or more programs cause the interrupt-recoverable secure communication processing apparatus to implement, in cooperation with the one or more processors, the interrupt-recoverable secure communication processing method as described above.
The present invention also provides a storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of interrupt-recoverable secure communication processing as described above.
Compared with the prior art, the invention has the following beneficial effects:
according to the invention, the identity key, the transmission key and the session key are set and used as the preambles of the session key, the ID, the identity key, the transmission key and the session key are not interacted or transmitted in an encryption mode in the whole interaction process, so that the danger caused by plaintext transmission is reduced, meanwhile, through the mutual cooperation of the identity key, the ID and the transmission key, the double authentication of the identity is realized, the session key is randomly generated at last, the bidirectional encryption and decryption are carried out, one session and one secret are realized, and the possibility of malicious attack and secret stealing is effectively prevented;
the invention can also realize that the session key and the identifier ID are quickly matched by adopting the encryption and decryption of the session number after the encryption session is unexpectedly interrupted, so that the session can be quickly recovered, and the continuous encryption and the security are ensured.
Further salient features and significant advances with respect to the present invention over the prior art are described in further detail in the examples section.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
It should be noted that certain names are used throughout the specification and claims to refer to particular components. It will be understood that one of ordinary skill in the art may refer to the same component by different names. The present specification and claims do not intend to distinguish between components that differ in name but not function. As used in the specification and claims of this application, the terms "comprises" and "comprising" are intended to be open-ended terms that should be interpreted as "including, but not limited to," or "including, but not limited to. The embodiments described in the detailed description are preferred embodiments of the present invention and are not intended to limit the scope of the present invention.
Moreover, those skilled in the art will appreciate that aspects of the present invention may be embodied as a system, method or computer program product. Accordingly, various aspects of the present invention may be embodied in a combination of hardware and software, which may be referred to herein generally as a "circuit," module "or" system. Furthermore, in some embodiments, various aspects of the invention may also be embodied in the form of a computer program product in one or more microcontroller-readable media having microcontroller-readable program code embodied therein.
The interrupt recoverable secret communication processing method comprises the following steps:
establishing a background database, wherein the background database comprises an identifier ID of each user terminal and a corresponding identity Key set under each identifierdAnd transmission Key Keyt;
The user terminal stores the ID corresponding to the terminal and the identity KeydAnd transmission Key Keyt(ii) a User terminal passing identity KeydEncrypting the identifier ID, transmitting the identifier ID to a server, and calling the identity Key stored in a background database by the serverdSequentially decrypting, reading the identifier ID if the decryption is successful, and obtaining the transmission Key Keyt;
Server randomly generating session KeysTransfer Key KeytSession Key using 3DES algorithmsCarrying out encryption transmission to the user terminal;
the 3DES is also called Triple DES, and the 3DES is a generic term of Triple Data Encryption (TDEA) block cipher, and is an Algorithm scheme that can be used in reverse. . It is equivalent to applying the DES encryption algorithm three times per block. The length of the secret key is 128 bits and 192 bits (bit), and if the number of the secret bits is less than or equal to 64 bits, the encryption result is the same as DES;
the concrete implementation is as follows: let Ek () and Dk () represent the encryption and decryption process of the DES algorithm, K represents the key used by the DES algorithm, M represents the plaintext, C represents the ciphertext, such that:
the 3DES encryption process is as follows: c ═ Ek3(Dk2(Ek1(M)))
The 3DES decryption process is as follows: M-Dk 1(EK2(Dk3(C)))
User terminal utilizing transmission KeytDecrypting to obtain the session Keys;
The user terminal and the server establish an encrypted session:
the server establishes a temporary database, carries out serial number IID on the encrypted session and stores a transmission Key KeytAnd the generated session KeysAnd a corresponding user terminal identifier;
the serial number IID adopts a session Key KeysTransmitting to the user terminal for decryption and storing;
carrying out encryption and decryption operation on transmission data at a user terminal and a server side by using a session key by adopting an AES algorithm to finish data encryption transmission;
the AES is a block cipher, belonging to the field of symmetric ciphers, the module of the AES algorithm is frequently used in the field of symmetric ciphers, especially in the field of block ciphers, the AES encryption algorithm relates to 4 operations: byte substitution (SubBytes), row shifting (ShiftRows), column obfuscation (MixColumns), and round key addition (AddRoundKey), for AES in this embodiment, plaintext and ciphertext are in one-to-one correspondence over the entire input space with the keys fixed. Therefore, each component of the algorithm is also reversible, the operation sequence of each component is designed to be reversible, the ciphertext can be correctly decrypted, the AES encryption algorithm can be divided into 128 bits, 192 bits and 256 bits according to different key lengths, and in the embodiment, the randomly generated session key can be paired and selected to be 128 bits, 192 bits or 256 bits according to needs.
And after the data transmission is finished, the server deletes the session key and the serial number IID corresponding to the user terminal in the temporary database, and the user terminal deletes the session key and the serial number IID.
In this embodiment, if the encrypted session between the server and the user terminal is interrupted, the recovering the session includes:
by using transmission keys KeytAnd encrypting the number IID and sending the encrypted number IID to the server, calling the transmission key in the temporary database by the server to perform matching decryption to obtain the number IID and the session key, and continuing to complete the session.
In this embodiment, a period counter corresponding to each identifier is set in the server, when the encryption session between the user terminal corresponding to the identifier and the server is ended, the period counter is incremented, and when the period counter exceeds a threshold, the transmission Key corresponding to the identifier is updatedt。
The transmission data in this embodiment is further processed as follows before being encrypted:
splitting transmission data into K minimum encryption units, generating a random number with the digit of K by a user terminal or a server which performs encryption processing, performing exclusive OR operation on each digit of the K random number and the lowest digit of the K minimum encryption units in sequence, and performing exclusive OR operation on the K minimum encryption units after the operation by using a session Key KeysAdopts AES algorithm to encrypt, and utilizes transmission Key Key to make random numbertAnd encrypting and sending the encrypted data to a server or a user terminal to be received and decrypted together.
In this embodiment, the server or the user terminal to receive and decrypt the encrypted random number decrypts the received encrypted random number to obtain a K-bit random number, and then performs reverse operation on the lowest of the K minimum decrypted encryption units using the K-bit random number, and performs splicing to obtain transmission data.
The invention also creatively carries out fragmentation and recombination on the transmitted data, further enhances the safety of the data, and ensures that a malicious attacker is difficult to confirm the confidential data on the premise of ensuring lower calculation complexity and hardware burden increase by carrying out low-order reversible operation on the minimum encryption unit in cooperation with the random number, thereby ensuring the safety of data transmission in a real sense.
In this embodiment, the data transmission between the user terminal and the server is performed through a wireless network, a wireless short-range radio frequency technology, a bluetooth or a wired network.
In this embodiment, if the server retrieves the identity Key stored in the background databasedAnd if the encrypted ID fails to be decrypted in sequence or the decrypted ID number does not exist in the background database, the server stops responding to the user terminal.
In this embodiment, when the transmission data cannot be split into K minimum encryption units, bit padding operation is performed, a bit padding number N is connected to the random number, and a transmission Key is usedtAnd the encryption is jointly transmitted to a server or a user terminal to be received and decrypted, the server or the user terminal to be received and decrypted decrypts the received encrypted random number to obtain a K-bit random number and a complementary bit number, then the K-bit random number is used for carrying out reverse operation on the lowest of K minimum decrypted encryption units, and the K-bit random number is spliced to remove the complementary bit number to obtain transmission data.
The adoption of the bit complementing mode can keep the consistency of the algorithm, reduce the complexity of the algorithm and ensure the fluency and the integrity of data transmission.
The present embodiment further provides an interrupt recoverable secure communication processing apparatus, including:
a user terminal;
a background database;
a server;
the user terminal stores corresponding unique identifier ID and corresponding identity Key set under each identifierdAnd transmission Key KeytFor passing identity KeydEncrypting the identifier ID, transmitting to the server, and using the transmission Key Key by the user terminaltDecrypting to obtain the session Keys;
The background database is used for storing the unique identifier ID set by each user terminal and setting the corresponding identity Key under each identifierdAnd transmission Key Keyt;
The server is used for calling the identity Key stored in the background databasedSequentially decrypting, reading the identifier ID if the decryption is successful, and obtaining the transmission Key Keyt(ii) a Random generation of session KeysTransfer Key KeytSession Key using 3DES algorithmsCarrying out encryption transmission to the user terminal;
and the user terminal and the server establish an encryption session, and encryption and decryption operations are carried out on the transmission data at the user terminal and the server by using a session key and adopting an AES algorithm to finish data encryption transmission.
The embodiment provides an interrupt recoverable secure communication processing system, comprising:
one or more processors;
storage means for storing one or more programs;
interrupt recoverable secure communication processing means;
when the one or more programs are executed by the one or more processors, the one or more programs cause the interrupt-recoverable secure communication processing apparatus to implement, in cooperation with the one or more processors, the interrupt-recoverable secure communication processing method as described above.
The present embodiment also provides a storage medium having a computer program stored thereon, the computer program, when executed by a processor, performing the steps of the interrupt-recoverable secure communication process as described above.
The interrupt recoverable secret communication processing method, the device and the system can realize accurate recovery of accidental interrupt of the encryption session, and prevent secret data from being attacked by malicious eavesdropping or impersonation by adopting effective unification of identification of both data transmission parties and secret data transmission, thereby having better practical value.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein.
Furthermore, it should be understood that although the present description refers to embodiments, not every embodiment may contain only a single embodiment, and such description is for clarity only, and those skilled in the art should integrate the description, and the embodiments may be combined as appropriate to form other embodiments understood by those skilled in the art.
Claims (10)
1. An interrupt recoverable secure communication processing method, comprising the steps of:
establishing a background database, wherein the background database comprises an identifier ID of each user terminal and a corresponding identity Key set under each identifierdAnd transmission Key Keyt;
The user terminal stores the ID corresponding to the terminal and the identity KeydAnd transmission Key Keyt(ii) a User terminal passing identity KeydEncrypting the identifier ID, transmitting the identifier ID to a server, and calling the identity Key stored in a background database by the serverdSequentially decrypting, reading the identifier ID if the decryption is successful, and obtaining the transmission Key Keyt;
Server randomly generating session KeysTransfer Key KeytSession Key using 3DES algorithmsCarrying out encryption transmission to the user terminal;
user terminal utilizing transmission KeytDecrypting to obtain the session Keys;
The user terminal and the server establish an encrypted session:
the server establishes a temporary database, carries out serial number IID on the encrypted session and stores a transmission Key KeytAnd the generated session KeysAnd a corresponding user terminal identifier;
the serial number IID adopts a session Key KeysTransmitting to the user terminal for decryption and storing;
carrying out encryption and decryption operation on transmission data at a user terminal and a server side by using a session key by adopting an AES algorithm to finish data encryption transmission;
and after the data transmission is finished, the server deletes the session key and the serial number IID corresponding to the user terminal in the temporary database, and the user terminal deletes the session key and the serial number IID.
2. The method of claim 1, wherein if the encrypted session between the server and the user terminal is interrupted, resuming the session comprises:
by using transmission keys KeytAnd encrypting the number IID and sending the encrypted number IID to the server, calling the transmission key in the temporary database by the server to perform matching decryption to obtain the number IID and the session key, and continuing to complete the session.
3. The method of claim 1, wherein a period counter corresponding to each identifier is set in the server, and when the encryption session between the user terminal corresponding to the identifier and the server is over, the period counter is incremented by one, and when the period counter exceeds a threshold, the transmission Key corresponding to the identifier is updatedt。
4. The method for handling interrupt recoverable secure communication of claim 1, wherein said transmitted data is further processed before being encrypted by:
splitting transmission data into K minimum encryption units, generating a random number with the digit of K by a user terminal or a server which performs encryption processing, performing exclusive OR operation on each digit of the K random number and the lowest digit of the K minimum encryption units in sequence, and performing exclusive OR operation on the K minimum encryption units after the operation by using a session Key KeysAdopts AES algorithm to encrypt, and simultaneously utilizes the transmission Key Key to the random numbertEncrypting and sending the encrypted data to a server or a user terminal to be received and decrypted;
and the server or the user terminal to receive and decrypt decrypts the received encrypted random number to obtain a K-bit random number, and then performs reverse operation on the lowest of K decrypted minimum encryption units by using the K-bit random number, and performs splicing to obtain transmission data.
5. The method of claim 4, wherein the bit padding operation is performed when the transmission data cannot be split into K minimum encryption units, the number N of bit padding bits is connected to the random number, and the transmission Key Key is usedtAnd the encryption is jointly transmitted to a server or a user terminal to be received and decrypted, the server or the user terminal to be received and decrypted decrypts the received encrypted random number to obtain a K-bit random number and a complementary bit number, then the K-bit random number is used for carrying out reverse operation on the lowest of K minimum decrypted encryption units, and the K-bit random number is spliced to remove the complementary bit number to obtain transmission data.
6. The method as claimed in claim 1, wherein the user terminal and the server perform data transmission via wireless network, wireless short-range radio frequency technology, bluetooth or wired network.
7. The method for processing the interrupt recoverable secret communication according to claim 1, wherein if the server calls an identity Key stored in a background databasedAnd if the encrypted ID fails to be decrypted in sequence or the decrypted ID number does not exist in the background database, the server stops responding to the user terminal.
8. An interrupt-recoverable secure communication processing apparatus, comprising:
a user terminal;
a background database;
a server;
the user terminal stores corresponding unique identifier ID and corresponding identity Key set under each identifierdAnd transmission Key KeytFor passing identity KeydEncrypting the identifier ID and transmitting to the garmentServer, user terminal using transmission Key KeytDecrypting to obtain the session Keys;
The background database is used for storing the unique identifier ID set by each user terminal and setting the corresponding identity Key under each identifierdAnd transmission Key Keyt;
The server is used for calling the identity Key stored in the background databasedSequentially decrypting, reading the identifier ID if the decryption is successful, and obtaining the transmission Key Keyt(ii) a Random generation of session KeysTransfer Key KeytSession Key using 3DES algorithmsCarrying out encryption transmission to the user terminal;
after the encrypted session is established, the server establishes a temporary database, carries out serial number IID on the encrypted session, and stores a transmission Key KeytAnd the generated session KeysAnd a corresponding user terminal identifier; the serial number IID adopts a session Key KeysTransmitting to the user terminal for decryption and storing;
and the user terminal and the server establish an encryption session, and encryption and decryption operations are carried out on the transmission data at the user terminal and the server by using a session key and adopting an AES algorithm to finish data encryption transmission.
9. An interrupt recoverable secure communication processing system, comprising:
one or more processors;
storage means for storing one or more programs;
interrupt recoverable secure communication processing means;
the one or more programs, when executed by the one or more processors, cause an interrupt-recoverable secure communications processing apparatus to implement, in cooperation with the one or more processors, the interrupt-recoverable secure communications processing method as recited in any of claims 1 to 7.
10. A storage medium having stored thereon a computer program for performing the steps of interrupting a recoverable secure communication process as claimed in any of claims 1 to 7 when executed by a processor.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011216668.1A CN112235789A (en) | 2020-11-04 | 2020-11-04 | Interrupt recoverable secret communication processing method, device and system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011216668.1A CN112235789A (en) | 2020-11-04 | 2020-11-04 | Interrupt recoverable secret communication processing method, device and system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112235789A true CN112235789A (en) | 2021-01-15 |
Family
ID=74121500
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011216668.1A Withdrawn CN112235789A (en) | 2020-11-04 | 2020-11-04 | Interrupt recoverable secret communication processing method, device and system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112235789A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113905359A (en) * | 2021-08-24 | 2022-01-07 | 福建升腾资讯有限公司 | Bluetooth safety communication method, device, equipment and medium for bank peripheral |
-
2020
- 2020-11-04 CN CN202011216668.1A patent/CN112235789A/en not_active Withdrawn
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113905359A (en) * | 2021-08-24 | 2022-01-07 | 福建升腾资讯有限公司 | Bluetooth safety communication method, device, equipment and medium for bank peripheral |
CN113905359B (en) * | 2021-08-24 | 2023-11-10 | 福建升腾资讯有限公司 | Bluetooth safety communication method, device, equipment and medium for bank peripheral equipment |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107294937B (en) | Data transmission method based on network communication, client and server | |
CN101707767B (en) | Data transmission method and devices | |
US20190268145A1 (en) | Systems and Methods for Authenticating Communications Using a Single Message Exchange and Symmetric Key | |
CN105791258A (en) | Data transmission method, terminal and open platform | |
CN113726725A (en) | Data encryption and decryption method and device, electronic equipment and storage medium | |
CN105208005A (en) | Fingerprint authentication method, connection equipment and terminal equipment | |
CN111884802B (en) | Media stream encryption transmission method, system, terminal and electronic equipment | |
CN109005151A (en) | A kind of encryption of information, decryption processing method and processing terminal | |
JPH09312643A (en) | Key sharing method and ciphering communication method | |
CN111988301A (en) | Secure communication method for preventing client from hacker violence attack | |
CN112532384B (en) | Method for quickly encrypting and decrypting transmission key based on packet key mode | |
JPH1139082A (en) | Keyboard device having security function and method therefor | |
JP2005244534A (en) | Device and method for cipher communication | |
Diallo et al. | A secure authentication scheme for bluetooth connection | |
CN112235789A (en) | Interrupt recoverable secret communication processing method, device and system | |
CN101420687B (en) | Identity verification method based on mobile terminal payment | |
CN111901553A (en) | Data encryption and decryption method, device, equipment, server and storage medium | |
CN111049641A (en) | Bidirectional authentication based image multiple secret transmission method, device and system | |
CN108599922B (en) | Novel method for generating integrity authentication code of message containing secret key | |
CN114785527B (en) | Data transmission method, device, equipment and storage medium | |
CN105827601A (en) | Data encryption application method and system of mobile device | |
JP4615128B2 (en) | Voice and data encryption method using encryption key split combiner | |
CN116248316A (en) | File encryption method, file decryption method, device and storage medium | |
CN112149166B (en) | Unconventional password protection method and intelligent bank machine | |
CN111212068B (en) | Method for encrypting and decrypting characters by input method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WW01 | Invention patent application withdrawn after publication |
Application publication date: 20210115 |
|
WW01 | Invention patent application withdrawn after publication |