CN112565285A - Communication encryption method suitable for rail transit - Google Patents
Communication encryption method suitable for rail transit Download PDFInfo
- Publication number
- CN112565285A CN112565285A CN202011483780.1A CN202011483780A CN112565285A CN 112565285 A CN112565285 A CN 112565285A CN 202011483780 A CN202011483780 A CN 202011483780A CN 112565285 A CN112565285 A CN 112565285A
- Authority
- CN
- China
- Prior art keywords
- key
- terminal
- distributed
- central terminal
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
Abstract
The invention discloses a signal simulation and simulation system and a signal simulation and simulation method of a tramcar signal system, which relate to the technical field of rail transit communication encryption and comprise an encryption negotiation step, an encryption method used by a distributed terminal and a central terminal is unified in an automatic negotiation and adaptation mode, a key generation step is used for generating a corresponding key through a certain algorithm based on the same encryption method, a key exchange step is carried out, the generated key is exchanged by the distributed terminal and the central terminal through a transmission network in a safe mode, a key storage step is carried out, the key is stored by the distributed terminal and the central terminal in a ciphertext mode, a configuration and use step is carried out, the distributed terminal and the central terminal use the stored key to be configured on corresponding equipment, transmitted data is encrypted, the key is updated, and a key updating rule is set at the distributed terminal, the timeliness of the key is realized. Compared with the prior art, the method has the advantages of wide application range, high confidentiality and the like, and avoids the leakage or the cracking of the secret key, so that the safe operation of the rail transit is better ensured.
Description
Technical Field
The invention relates to the technical field of rail transit communication encryption, in particular to a communication encryption method suitable for rail transit.
Background
The urban rail transit signal system is a key system for ensuring the running safety of trains, realizing the traveling command and the modernization of the running of the trains and improving the transportation efficiency.
The urban rail transit signal system is generally composed of two parts, namely, an automatic train operation control system (ATC) and a vehicle section signal control system, and is used for train route control, train interval control, scheduling command, information management, equipment working condition monitoring and maintenance management, so that a high-efficiency comprehensive automatic system is formed. The automatic train control system (ATC) can be divided into the following parts according to the blocking distribution mode: the fixed and movable type, the fixed block mode can be divided into a speed code mode (step type) and a target distance code mode (curve type) according to a control mode. The transmission mode of the locomotive signal can be divided into a continuous mode and a point mode. The method can be divided into the following areas according to the regions where the system devices are located: the system comprises a control center subsystem, a station and trackside subsystem, a vehicle-mounted equipment subsystem and a parking lot subsystem.
In other words, in the urban rail transit, data transmission between different nodes is involved in a signal system, the types of transmission media used by the signal system are many, the distance is long, and part of the media exist in an open space range, so that a certain risk of unauthorized access exists, and transmission contents may be peeped, intercepted and even tampered. And at present, an authentication mechanism or a one-way authentication mechanism is not provided in the information system, only one fixed encryption algorithm or even no encryption algorithm is adopted during encryption algorithm selection, and the storage and the updating of the secret key lack corresponding mechanisms, so that the potential safety hazard exists.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provide an encryption method which is used by unifying distributed terminals and a central terminal in an automatic negotiation and adaptation mode, has the advantages of wide application range, high confidentiality and the like, avoids the leakage or the cracking of a secret key, and further better ensures the safe operation of rail transit.
The purpose of the invention is realized by the following technical scheme:
the invention relates to a communication encryption method suitable for rail transit, which is characterized by comprising the following steps of:
an initialization step, in which the same confidential encryption algorithm EA, equipment codes and equipment private keys as those in all distributed terminals are stored in a central terminal;
the authentication negotiation step, the distributed terminal sends an encrypted communication application to the central terminal, and the central terminal judges whether the distributed terminal sending the encrypted communication application is a legal terminal or not through authentication challenge and authentication response;
an encryption negotiation step, wherein the distributed terminal judged to be legal by the authentication negotiation step reports an encryption algorithm to the central terminal, and the central terminal receives the reported encryption algorithm and then approves the reported encryption algorithm to determine the encryption algorithm used by communication encryption;
a key generation step, wherein the distributed terminal and the central terminal respectively calculate and generate respective keys based on the encryption algorithm determined in the encryption negotiation step;
a key exchange step, in which the distributed terminal and the central terminal exchange the generated keys in a safe manner through a transmission network;
a key storage step, wherein the distributed terminal and the central terminal both store the key generated in the key exchange step in a form of ciphertext;
and a configuration and use step, wherein the distributed terminal and the central terminal encrypt data transmitted with each other by using keys stored in a form of ciphertext respectively.
The authentication negotiation step specifically includes the following steps:
step 201, the distributed terminal sends an encrypted communication application containing a device code SNo to the central terminal, the central terminal generates a randomly generated array as an authentication challenge code ACD after receiving the encrypted communication application of the distributed terminal and sends the generated array to the corresponding distributed terminal, and calls a corresponding device key Ks1 stored in the central terminal according to the device code SNo, and uses the device key Ks1 as a key to call an AES algorithm to encrypt the authentication challenge code ACD to obtain an authentication response code ARD 1; namely, the device key Ks1 is set at initialization, kept in use by the center terminal and the distributed terminal, and used for device authentication.
Step 202, after receiving the authentication challenge code ACD, the distributed terminal uses the device key Ks1 for device authentication in the device private key as a key, and invokes the AES algorithm to encrypt the authentication challenge code ACD to obtain an authentication response code ARD 2; the distributed terminal generates a confidential public key Ks2 and a confidential private key Ks3 by using a confidential encryption algorithm EA;
preferably, the confidential encryption algorithm EA, namely EA-KEY, is a special encryption tool, where the latest EA-KEY 3.1 adopts an AES 256-bit encryption algorithm to encrypt a file, and the confidential encryption algorithm EA is an elliptic curve public KEY encryption algorithm SM2 algorithm issued by the national crypto-authority on 12/17/2010, due to security requirements. The SM2 algorithm and the RSA algorithm are both public key cryptographic algorithms, the SM2 algorithm is a more advanced and secure algorithm, and compared with the RSA algorithm, the SM2 cryptographic algorithm is high in complexity, high in processing speed, low in machine performance consumption, better in performance and more secure, and is used for replacing the RSA algorithm in a national commercial cryptographic system.
And 203, the distributed terminal sends the authentication response code ARD2 and the confidential public key Ks2 obtained in the step 2 and the code of the confidential encryption algorithm EA to the central terminal, and the central terminal compares the authentication response code ARD2 of the distributed terminal with the authentication response code ARD1 calculated by the central terminal in the step 1 to judge consistency so as to finish the judgment on whether the distributed terminal is a legal terminal.
The encryption negotiation step specifically includes the following steps:
step 301, the central terminal calls a corresponding confidential encryption algorithm EA stored by the central terminal according to a confidential encryption algorithm code contained in an encrypted communication application sent by the distributed terminal, and the confidential encryption algorithm EA is used as an encryption algorithm for the communication with the distributed terminal;
step 302, the central terminal generates a session key Ks4 for data encryption according to the encryption algorithm determined in step 301, and then stores the session key Ks4 in a ciphertext manner;
step 303, the central terminal uses the key encryption algorithm EA, and the key public key Ks2 generated by the key encryption algorithm EA used by the distributed terminal and received by the central terminal, encrypts the session key Ks4 to generate a session cipher text Ks5, and transmits the session cipher text Ks5 to the distributed terminal; namely, the confidential public key Ks2 is generated by the distributed terminal and sent to the central terminal for storage and use, and is used for encrypting the session key Ks4, thereby generating a session cipher text Ks 5.
And step 304, the distributed terminal uses the secret key to generate Ks3, restores the session cipher text Ks5 received in step 303 to a session key Ks4 and stores the same in a cipher text mode, and the distributed terminal uses the restored session key Ks4 to encrypt and decrypt the communication data between the distributed terminal and the central terminal, and correspondingly, the central terminal also uses the session key Ks4 to encrypt and decrypt the communication data between the central terminal and the distributed terminal. The session key Ks4 is generated by the central terminal and sent to the distributed terminals, and is kept by the central terminal and the distributed terminals for use, so as to encrypt and decrypt communication data between the central terminal and the distributed terminals; the central terminal encrypts through the confidential public key Ks2 to generate a session cipher text Ks5, which is used to transmit the session key Ks4 to the distributed terminals in an encrypted form.
And further, a key updating step is included, a key updating rule is set at the distributed terminal, the distributed terminal periodically sends an encryption communication application to the central terminal according to the updating rule, and the key updating of the distributed terminal and the central terminal is completed by repeating the authentication negotiation step to the key storage step.
Specifically, the distributed terminal checks the key update rule of the key in real time, determines whether the time has exceeded 24 hours after receiving the session key Ks4, if the time has exceeded 24 hours, the distributed terminal notifies the central terminal to update the session key Ks4, and then re-executes step 302.
Compared with the prior art, the technical scheme comprises the following innovation points and beneficial effects (advantages):
the method has the advantages of wide application range, high confidentiality and the like, and avoids the leakage or the cracking of the secret key, thereby better ensuring the safe operation of the rail transit. The reliability is high, and the capability of the whole system for resisting data snooping modification can be improved by using different encryption algorithms in the same information system; the flexibility is high, different distributed terminals can adopt different encryption algorithms to meet different engineering requirements; the robustness is good, and the influence of external malicious attacks on the central terminal is reduced in a challenge authentication mode; the timeliness is good, and the difficulty of external malicious decoding is increased through a secret key updating mechanism.
Drawings
The foregoing and following detailed description of the invention will be apparent when read in conjunction with the following drawings, in which:
FIG. 1 is a logic diagram of the encryption method of the present invention;
FIG. 2 is a schematic diagram of the architecture of the central terminal storage and distributed terminals of the present invention;
fig. 3 is a schematic diagram of a data topology according to a basic scheme of the present invention.
Detailed Description
The technical solutions for achieving the objects of the present invention are further illustrated by the following specific examples, and it should be noted that the technical solutions claimed in the present invention include, but are not limited to, the following examples.
Example 1
As a specific implementation scheme of the communication encryption method suitable for rail transit, as shown in fig. 1, the communication encryption method comprises an initialization step, an authentication negotiation step, an encryption negotiation step, a key generation step, a key exchange step, a key storage step and a configuration use step, and an encryption method used by a distributed terminal and a central terminal is unified in an automatic negotiation and adaptation mode, so that the key is prevented from being leaked or cracked, and the safe operation of rail transit is better guaranteed.
Specifically, in the initialization step, the same confidential encryption algorithm EA, device code, and device private key as those in all the distributed terminals are stored in the central terminal.
In the authentication negotiation step, the distributed terminal sends an encrypted communication application to the central terminal, and the central terminal judges whether the distributed terminal sending the encrypted communication application is a legal terminal or not through authentication challenge and authentication response.
And the encryption negotiation step, namely the distributed terminal judged to be legal by the authentication negotiation step reports the encryption algorithm to the central terminal, and the central terminal accepts the reported encryption algorithm and determines the encryption algorithm used by the communication encryption.
In the key generation step, the distributed terminal and the central terminal respectively calculate and generate respective keys based on the encryption algorithm determined in the encryption negotiation step.
And in the key exchange step, the distributed terminal and the central terminal exchange the generated keys in a safe mode through a transmission network.
In the key storage step, the distributed terminal and the central terminal both store the key generated in the key exchange step in a form of ciphertext.
And in the configuration using step, the distributed terminal and the central terminal use the keys stored in the form of ciphertext respectively to encrypt the data transmitted mutually.
Compared with the prior art, the technical scheme has the advantages of wide application range, high confidentiality and the like, and avoids the leakage or the cracking of the secret key, thereby better ensuring the safe operation of the rail transit. The reliability is high, and the capability of the whole system for resisting data snooping modification can be improved by using different encryption algorithms in the same information system; the flexibility is high, different distributed terminals can adopt different encryption algorithms to meet different engineering requirements; the robustness is good, and the influence of external malicious attacks on the central terminal is reduced in a challenge authentication mode; the timeliness is good, and the difficulty of external malicious decoding is increased through a secret key updating mechanism.
Example 2
As a preferred implementation of the present invention, on the basis of the technical solution of the above embodiment 1, further, the step of negotiating authentication specifically includes the following steps:
step 201, the distributed terminal sends an encrypted communication application containing a device code SNo to the central terminal, the central terminal generates a randomly generated array as an authentication challenge code ACD after receiving the encrypted communication application of the distributed terminal and sends the generated array to the corresponding distributed terminal, and calls a corresponding device key Ks1 stored in the central terminal according to the device code SNo, and uses the device key Ks1 as a key to call an AES algorithm to encrypt the authentication challenge code ACD to obtain an authentication response code ARD 1; namely, the device key Ks1 is set at initialization, kept in use by the center terminal and the distributed terminal, and used for device authentication.
Step 202, after receiving the authentication challenge code ACD, the distributed terminal uses the device key Ks1 for device authentication in the device private key as a key, and invokes the AES algorithm to encrypt the authentication challenge code ACD to obtain an authentication response code ARD 2; the distributed terminal generates a confidential public key Ks2 and a confidential private key Ks3 by using a confidential encryption algorithm EA;
preferably, the confidential encryption algorithm EA, namely EA-KEY, is a special encryption tool, where the latest EA-KEY 3.1 adopts an AES 256-bit encryption algorithm to encrypt a file, and the confidential encryption algorithm EA is an elliptic curve public KEY encryption algorithm SM2 algorithm issued by the national crypto-authority on 12/17/2010, due to security requirements. The SM2 algorithm and the RSA algorithm are both public key cryptographic algorithms, the SM2 algorithm is a more advanced and secure algorithm, and compared with the RSA algorithm, the SM2 cryptographic algorithm is high in complexity, high in processing speed, low in machine performance consumption, better in performance and more secure, and is used for replacing the RSA algorithm in a national commercial cryptographic system.
And 203, the distributed terminal sends the authentication response code ARD2 and the confidential public key Ks2 obtained in the step 2 and the code of the confidential encryption algorithm EA to the central terminal, and the central terminal compares the authentication response code ARD2 of the distributed terminal with the authentication response code ARD1 calculated by the central terminal in the step 1 to judge consistency so as to finish the judgment on whether the distributed terminal is a legal terminal.
Further, the encryption negotiation step specifically includes the following steps:
step 301, the central terminal calls a corresponding confidential encryption algorithm EA stored by the central terminal according to a confidential encryption algorithm code contained in an encrypted communication application sent by the distributed terminal, and the confidential encryption algorithm EA is used as an encryption algorithm for the communication with the distributed terminal;
step 302, the central terminal generates a session key Ks4 for data encryption according to the encryption algorithm determined in step 301, and then stores the session key Ks4 in a ciphertext manner;
step 303, the central terminal uses the key encryption algorithm EA, and the key public key Ks2 generated by the key encryption algorithm EA used by the distributed terminal and received by the central terminal, encrypts the session key Ks4 to generate a session cipher text Ks5, and transmits the session cipher text Ks5 to the distributed terminal; namely, the confidential public key Ks2 is generated by the distributed terminal and sent to the central terminal for storage and use, and is used for encrypting the session key Ks4, thereby generating a session cipher text Ks 5.
And step 304, the distributed terminal uses the secret key to generate Ks3, restores the session cipher text Ks5 received in step 303 to a session key Ks4 and stores the same in a cipher text mode, and the distributed terminal uses the restored session key Ks4 to encrypt and decrypt the communication data between the distributed terminal and the central terminal, and correspondingly, the central terminal also uses the session key Ks4 to encrypt and decrypt the communication data between the central terminal and the distributed terminal. The session key Ks4 is generated by the central terminal and sent to the distributed terminals, and is kept by the central terminal and the distributed terminals for use, so as to encrypt and decrypt communication data between the central terminal and the distributed terminals; the central terminal encrypts through the confidential public key Ks2 to generate a session cipher text Ks5, which is used to transmit the session key Ks4 to the distributed terminals in an encrypted form.
Preferably, the method further comprises a key updating step, wherein a key updating rule is set at the distributed terminal, the distributed terminal periodically sends an encryption communication application to the central terminal according to the updating rule, and the key updating of the distributed terminal and the central terminal is completed by repeating the authentication negotiation step to the key storage step.
Specifically, the distributed terminal checks the key update rule of the key in real time, determines whether the time has exceeded 24 hours after receiving the session key Ks4, if the time has exceeded 24 hours, the distributed terminal notifies the central terminal to update the session key Ks4, and then re-executes step 302.
Claims (6)
1. A communication encryption method suitable for rail transit is characterized by comprising the following steps:
an initialization step, in which the same confidential encryption algorithm EA, equipment codes and equipment private keys as those in all distributed terminals are stored in a central terminal;
the authentication negotiation step, the distributed terminal sends an encrypted communication application to the central terminal, and the central terminal judges whether the distributed terminal sending the encrypted communication application is a legal terminal or not through authentication challenge and authentication response;
an encryption negotiation step, wherein the distributed terminal judged to be legal by the authentication negotiation step reports an encryption algorithm to the central terminal, and the central terminal receives the reported encryption algorithm and then approves the reported encryption algorithm to determine the encryption algorithm used by communication encryption;
a key generation step, wherein the distributed terminal and the central terminal respectively calculate and generate respective keys based on the encryption algorithm determined in the encryption negotiation step;
a key exchange step, in which the distributed terminal and the central terminal exchange the generated keys in a safe manner through a transmission network;
a key storage step, wherein the distributed terminal and the central terminal both store the key generated in the key exchange step in a form of ciphertext;
and a configuration and use step, wherein the distributed terminal and the central terminal encrypt data transmitted with each other by using keys stored in a form of ciphertext respectively.
2. The communication encryption method for rail transit according to claim 1, wherein the authentication negotiation step comprises the steps of:
step 201, the distributed terminal sends an encrypted communication application containing a device code SNo to the central terminal, the central terminal generates a randomly generated array as an authentication challenge code ACD after receiving the encrypted communication application of the distributed terminal and sends the generated array to the corresponding distributed terminal, and calls a corresponding device key Ks1 stored in the central terminal according to the device code SNo, and uses the device key Ks1 as a key to call an AES algorithm to encrypt the authentication challenge code ACD to obtain an authentication response code ARD 1;
step 202, after receiving the authentication challenge code ACD, the distributed terminal uses the device key Ks1 for device authentication in the device private key as a key, and invokes the AES algorithm to encrypt the authentication challenge code ACD to obtain an authentication response code ARD 2; the distributed terminal generates a confidential public key Ks2 and a confidential private key Ks3 by using a confidential encryption algorithm EA;
and 203, the distributed terminal sends the authentication response code ARD2 and the confidential public key Ks2 obtained in the step 2 and the code of the confidential encryption algorithm EA to the central terminal, and the central terminal compares the authentication response code ARD2 of the distributed terminal with the authentication response code ARD1 calculated by the central terminal in the step 1 to judge consistency so as to finish the judgment on whether the distributed terminal is a legal terminal.
3. The traffic encryption method for rail transit as recited in claim 2, wherein said machine encryption algorithm EA is SM2 algorithm.
4. The communication encryption method for rail transit according to claim 1 or 2, wherein the encryption negotiation step comprises the steps of:
step 301, the central terminal calls a corresponding confidential encryption algorithm EA stored by the central terminal according to a confidential encryption algorithm code contained in an encrypted communication application sent by the distributed terminal, and the confidential encryption algorithm EA is used as an encryption algorithm for the communication with the distributed terminal;
step 302, the central terminal generates a session key Ks4 for data encryption according to the encryption algorithm determined in step 301, and then stores the session key Ks4 in a ciphertext manner;
step 303, the central terminal uses the key encryption algorithm EA, and the key public key Ks2 generated by the key encryption algorithm EA used by the distributed terminal and received by the central terminal, encrypts the session key Ks4 to generate a session cipher text Ks5, and transmits the session cipher text Ks5 to the distributed terminal;
and step 304, the distributed terminal uses the secret key to generate Ks3, restores the session cipher text Ks5 received in step 303 to a session key Ks4 and stores the same in a cipher text mode, and the distributed terminal uses the restored session key Ks4 to encrypt and decrypt the communication data between the distributed terminal and the central terminal, and correspondingly, the central terminal also uses the session key Ks4 to encrypt and decrypt the communication data between the central terminal and the distributed terminal.
5. The communication encryption method suitable for rail transit according to claim 4, wherein: the method also comprises a key updating step, wherein a key updating rule is set at the distributed terminal, the distributed terminal periodically sends an encryption communication application to the central terminal according to the updating rule, and the key updating in the distributed terminal and the central terminal is completed by repeating the authentication negotiation step to the key storage step.
6. The communication encryption method suitable for rail transit according to claim 5, wherein: the distributed terminal checks the key update rule of the key in real time, determines whether the time has exceeded 24 hours after receiving the session key Ks4, if the time has exceeded 24 hours, the distributed terminal notifies the central terminal to update the session key Ks4, and then re-executes step 302.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011483780.1A CN112565285B (en) | 2020-12-16 | 2020-12-16 | Communication encryption method suitable for rail transit |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011483780.1A CN112565285B (en) | 2020-12-16 | 2020-12-16 | Communication encryption method suitable for rail transit |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112565285A true CN112565285A (en) | 2021-03-26 |
| CN112565285B CN112565285B (en) | 2023-03-24 |
Family
ID=75063862
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011483780.1A Active CN112565285B (en) | 2020-12-16 | 2020-12-16 | Communication encryption method suitable for rail transit |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112565285B (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114095156A (en) * | 2021-10-26 | 2022-02-25 | 卡斯柯信号(成都)有限公司 | Data protection method for rail transit mobile terminal |
| WO2022266845A1 (en) * | 2021-06-22 | 2022-12-29 | 华为技术有限公司 | Secure communication method and device |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1728635A (en) * | 2004-07-30 | 2006-02-01 | 华为技术有限公司 | Authentication method in use for digital clustering operation in CDMA system |
| CN101272251A (en) * | 2007-03-22 | 2008-09-24 | 华为技术有限公司 | Authentication and cryptographic key negotiation method, authentication method, system and equipment |
| CN109088810A (en) * | 2017-06-14 | 2018-12-25 | 北京信威通信技术股份有限公司 | Communication means, device, relevant device, system and the storage medium of group message |
| CN111064738A (en) * | 2019-12-26 | 2020-04-24 | 山东方寸微电子科技有限公司 | TLS (transport layer Security) secure communication method and system |
| EP3661244A1 (en) * | 2018-11-30 | 2020-06-03 | Nagravision SA | Key negotiation and provisioning for devices in a network |
| CN111756529A (en) * | 2019-03-28 | 2020-10-09 | 广东国盾量子科技有限公司 | Quantum session key distribution method and system |
| CN112020038A (en) * | 2020-09-25 | 2020-12-01 | 卡斯柯信号(郑州)有限公司 | Domestic encryption terminal suitable for rail transit mobile application |
-
2020
- 2020-12-16 CN CN202011483780.1A patent/CN112565285B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1728635A (en) * | 2004-07-30 | 2006-02-01 | 华为技术有限公司 | Authentication method in use for digital clustering operation in CDMA system |
| CN101272251A (en) * | 2007-03-22 | 2008-09-24 | 华为技术有限公司 | Authentication and cryptographic key negotiation method, authentication method, system and equipment |
| CN109088810A (en) * | 2017-06-14 | 2018-12-25 | 北京信威通信技术股份有限公司 | Communication means, device, relevant device, system and the storage medium of group message |
| EP3661244A1 (en) * | 2018-11-30 | 2020-06-03 | Nagravision SA | Key negotiation and provisioning for devices in a network |
| CN111756529A (en) * | 2019-03-28 | 2020-10-09 | 广东国盾量子科技有限公司 | Quantum session key distribution method and system |
| CN111064738A (en) * | 2019-12-26 | 2020-04-24 | 山东方寸微电子科技有限公司 | TLS (transport layer Security) secure communication method and system |
| CN112020038A (en) * | 2020-09-25 | 2020-12-01 | 卡斯柯信号(郑州)有限公司 | Domestic encryption terminal suitable for rail transit mobile application |
Non-Patent Citations (1)
| Title |
|---|
| 何宁等: "基于SSL协议的访问控制体系的分析与设计", 《控制工程》 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2022266845A1 (en) * | 2021-06-22 | 2022-12-29 | 华为技术有限公司 | Secure communication method and device |
| CN114095156A (en) * | 2021-10-26 | 2022-02-25 | 卡斯柯信号(成都)有限公司 | Data protection method for rail transit mobile terminal |
| CN114095156B (en) * | 2021-10-26 | 2023-05-12 | 卡斯柯信号(成都)有限公司 | Data protection method for rail transit mobile terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112565285B (en) | 2023-03-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109412794B (en) | Quantum key automatic charging method and system suitable for power business | |
| CN101599188B (en) | IPA security certification-based access control system | |
| CN107094076B (en) | Secret communication method based on quantum true random number and communication system | |
| CN112565285B (en) | Communication encryption method suitable for rail transit | |
| CN101420686B (en) | Industrial wireless network security communication implementation method based on cipher key | |
| CN102013975B (en) | Secret key management method and system | |
| CN109905371B (en) | Bidirectional encryption authentication system and application method thereof | |
| CN113114460B (en) | Quantum encryption-based power distribution network information secure transmission method | |
| CN100440775C (en) | Encryption communication method and device | |
| CN111148073B (en) | Secret key management method and system for train-ground communication transmission information | |
| Chothia et al. | An attack against message authentication in the ERTMS train to trackside communication protocols | |
| CN107070642B (en) | Heterogeneous resource pool multiplexing technology for multi-brand cipher machine | |
| CN101527708B (en) | Method and device for restoring connection | |
| CN112020037A (en) | Domestic communication encryption method suitable for rail transit | |
| CN208924259U (en) | A kind of Information Security system for train control system | |
| CN114866778B (en) | Monitoring video safety system | |
| CN111740941A (en) | Industrial scene real-time data file encryption transmission method | |
| CN212305665U (en) | Domestic communication encryption device suitable for rail transit | |
| CN112906032B (en) | File secure transmission method, system and medium based on CP-ABE and block chain | |
| AU2021244972B2 (en) | Method for data transfer and communication system | |
| CN212211022U (en) | Rail transit signal system based on quantum encryption | |
| CN112039663B (en) | Data transmission method and system | |
| CN114173303A (en) | Train-ground session key generation method and system for CTCS-3 level train control system | |
| CN114401085A (en) | Network architecture of quantum secret communication network and key storage method | |
| CN114362936A (en) | Secret key relay method in communication network based on quantum secrecy |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |