CN113595740A - Data transmission method and device, electronic equipment and storage medium - Google Patents

Data transmission method and device, electronic equipment and storage medium Download PDF

Info

Publication number
CN113595740A
CN113595740A CN202110872828.6A CN202110872828A CN113595740A CN 113595740 A CN113595740 A CN 113595740A CN 202110872828 A CN202110872828 A CN 202110872828A CN 113595740 A CN113595740 A CN 113595740A
Authority
CN
China
Prior art keywords
authentication
equipment
authentication information
instruction
communication connection
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110872828.6A
Other languages
Chinese (zh)
Inventor
张元星
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Xiaomi Mobile Software Co Ltd
Original Assignee
Beijing Xiaomi Mobile Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Xiaomi Mobile Software Co Ltd filed Critical Beijing Xiaomi Mobile Software Co Ltd
Priority to CN202110872828.6A priority Critical patent/CN113595740A/en
Publication of CN113595740A publication Critical patent/CN113595740A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3215Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a plurality of channels
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y30/00IoT infrastructure
    • G16Y30/10Security thereof
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y40/00IoT characterised by the purpose of the information processing
    • G16Y40/50Safety; Security of things, users, data or systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/18Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/71Hardware identity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/77Graphical identity

Abstract

The disclosure relates to a data transmission method and device, an electronic device and a storage medium. The method comprises the following steps: if the distance between the first device and the second device is within a preset distance range, establishing communication connection with the second device; sending an authentication instruction to the second device based on the communication connection; performing authentication interaction with the second equipment in an out-of-band communication mode according to the authentication instruction; and after the authentication is passed, performing data transmission with the second equipment based on the communication connection. By the method, the safety of data transmission can be improved.

Description

Data transmission method and device, electronic equipment and storage medium
Technical Field
The present disclosure relates to the field of communications technologies, and in particular, to a data transmission method and apparatus, an electronic device, and a storage medium.
Background
The Internet of things is an important component of a new generation of information technology and is also an important development stage of the 'informatization' era. As the name implies, the Internet of things is the Internet with connected objects. This has two layers: firstly, the core and the foundation of the internet of things are still the internet, and the internet is an extended and expanded network on the basis of the internet; and secondly, the user side extends and expands to any article to perform information exchange and communication, namely, the article information. The internet of things is widely applied to network fusion through communication perception technologies such as intelligent perception, identification technology and pervasive computing, and is also called as the third wave of development of the world information industry after computers and the internet.
Based on the development of the internet of things technology, various intelligent household devices such as an intelligent air conditioner, an intelligent sound box and an intelligent lamp appear. However, how to improve the security of controlling each smart home device becomes a problem to be solved urgently.
Disclosure of Invention
The disclosure provides a data transmission method and device, an electronic device and a storage medium.
According to a first aspect of the embodiments of the present disclosure, there is provided a data transmission method, applied to a first device, including:
if the distance between the first device and the second device is within a preset distance range, establishing communication connection with the second device;
sending an authentication instruction to the second device based on the communication connection;
performing authentication interaction with the second equipment in an out-of-band communication mode according to the authentication instruction;
and after the authentication is passed, performing data transmission with the second equipment based on the communication connection.
In some embodiments, the method further comprises:
after the authentication is passed, acquiring a first secret key based on the out-of-band communication mode;
after the authentication is passed, the data transmission with the second device based on the communication connection includes:
and after the authentication is passed, based on the communication connection, encrypting the data to be transmitted by using the first key and then sending the encrypted data to the second equipment.
In some embodiments, the performing, according to the authentication instruction, authentication interaction with the second device in an out-of-band communication manner includes:
receiving the out-of-band authentication capability of the second device fed back by the second device based on the authentication instruction;
and after the authentication mode matched with the out-of-band authentication capability is determined, performing authentication interaction with the second equipment.
In some embodiments, said performing said authentication interaction with said second device comprises:
receiving input authentication information, or scanning a code of a coded image output by the second device to obtain the authentication information; wherein the input authentication information is obtained based on an output of the second device;
and responding to the authentication information matched with the authentication information stored in the first equipment, and sending an instruction that the authentication is passed to the second equipment.
In some embodiments, said performing said authentication interaction with said second device comprises:
receiving a message which is sent by the second equipment and carries authentication information;
and responding to the authentication information in the message matched with the authentication information stored in the first equipment or receiving a confirmation instruction of the authentication information, and sending an instruction that the authentication is passed to the second equipment.
In some embodiments, the message carrying the authentication information is triggered and sent after the second device detects an operation on a physical control on the second device.
In some embodiments, the authentication information comprises at least one of:
a device identification of the first device or the second device;
predetermined password information;
predetermined voice information.
In some embodiments, if the communication connection comprises an ultra-wideband communication connection, the out-of-band communication comprises:
a manner of wireless fidelity communication;
a mode of infrared communication;
a mode of ultrasonic communication;
manner of near field communication NFC.
According to a second aspect of the embodiments of the present disclosure, there is provided a data transmission method, applied to a second device, including:
if the distance between the first equipment and the first equipment is within a preset distance range, establishing communication connection with the first equipment;
receiving an authentication instruction sent by the first equipment based on the communication connection;
performing authentication interaction with the first equipment in an out-of-band communication mode according to the authentication instruction;
and after the authentication is passed, carrying out data transmission with the first equipment based on the communication connection.
In some embodiments, the method further comprises:
after the authentication is passed, acquiring a second key based on the out-of-band communication mode; the second key is used for decrypting the encrypted data transmitted by the first device based on the communication connection.
In some embodiments, the performing, according to the authentication instruction, authentication interaction with the first device in an out-of-band communication manner includes:
feeding back the out-of-band authentication capability of the second equipment to the first equipment according to the authentication instruction;
and after the first equipment determines the authentication mode matched with the out-of-band authentication capability, performing authentication interaction with the first equipment.
In some embodiments, said performing said authentication interaction with said first device comprises:
displaying authentication information or displaying a coded image containing the authentication information; the displayed authentication information is used for the first equipment to obtain, and the displayed coded image is used for the first equipment to scan codes to obtain the authentication information;
and receiving an authentication passing instruction sent by the first equipment after the first equipment authenticates the authentication information.
In some embodiments, said performing said authentication interaction with said first device comprises:
sending a message carrying authentication information to the first equipment;
and receiving an authentication passing instruction sent by the first device after the first device authenticates the authentication information in the message.
According to a third aspect of the embodiments of the present disclosure, there is provided a data transmission apparatus, applied to a first device, including:
the first connection module is configured to establish communication connection with the second equipment if the distance between the first connection module and the second equipment is within a preset distance range;
a sending module configured to send an authentication instruction to the second device based on the communication connection;
the first authentication module is configured to perform authentication interaction with the second device in an out-of-band communication mode according to the authentication instruction;
and the first transmission module is configured to perform data transmission with the second device based on the communication connection after the authentication is passed.
In some embodiments, the apparatus further comprises:
the first obtaining module is configured to obtain a first key based on the out-of-band communication mode after the authentication is passed;
and the first transmission module is further configured to encrypt the data to be transmitted by using the first key and send the encrypted data to the second device based on the communication connection after the authentication is passed.
In some embodiments, the first authentication module is further configured to receive an out-of-band authentication capability of the second device fed back by the second device based on the authentication instruction; and after the authentication mode matched with the out-of-band authentication capability is determined, performing authentication interaction with the second equipment.
In some embodiments, the first authentication module is further configured to receive input authentication information, or scan a code of a coded image output by the second device to obtain the authentication information; wherein the input authentication information is obtained based on an output of the second device; and responding to the authentication information matched with the authentication information stored in the first equipment, and sending an instruction that the authentication is passed to the second equipment.
In some embodiments, the first authentication module is further configured to receive a message carrying authentication information sent by the second device; and responding to the authentication information in the message matched with the authentication information stored in the first equipment or receiving a confirmation instruction of the authentication information, and sending an instruction that the authentication is passed to the second equipment.
In some embodiments, the message carrying the authentication information is triggered and sent after the second device detects an operation on a physical control on the second device.
In some embodiments, the authentication information comprises at least one of:
a device identification of the first device or the second device;
predetermined password information;
predetermined voice information.
In some embodiments, if the communication connection comprises an ultra-wideband communication connection, the out-of-band communication comprises:
a manner of wireless fidelity communication;
a mode of infrared communication;
a mode of ultrasonic communication;
manner of near field communication NFC.
According to a fourth aspect of the embodiments of the present disclosure, there is provided a data transmission apparatus, applied to a second device, including:
the second connection module is configured to establish communication connection with the first equipment if the distance between the second connection module and the first equipment is within a preset distance range;
a receiving module configured to receive an authentication instruction sent by the first device based on the communication connection;
the second authentication module is configured to perform authentication interaction with the first equipment in an out-of-band communication mode according to the authentication instruction;
and the second transmission module is configured to perform data transmission with the first equipment based on the communication connection after the authentication is passed.
In some embodiments, the apparatus further comprises:
the second obtaining module is configured to obtain a second key based on the out-of-band communication mode after the authentication is passed; the second key is used for decrypting the encrypted data transmitted by the first device based on the communication connection.
In some embodiments, the second authentication module is further configured to feed back the out-of-band authentication capability of the second device to the first device according to the authentication instruction; and after the first equipment determines the authentication mode matched with the out-of-band authentication capability, performing authentication interaction with the first equipment.
In some embodiments, the second authentication module is further configured to display authentication information or to display an encoded image containing the authentication information; the displayed authentication information is used for the first equipment to obtain, and the displayed coded image is used for the first equipment to scan codes to obtain the authentication information; and receiving an authentication passing instruction sent by the first equipment after the first equipment authenticates the authentication information.
In some embodiments, the second authentication module is further configured to send a message carrying authentication information to the first device; and receiving an authentication passing instruction sent by the first device after the first device authenticates the authentication information in the message.
According to a fifth aspect of embodiments of the present disclosure, there is provided an electronic apparatus including:
a processor;
a memory for storing processor-executable instructions;
wherein the processor is configured to perform the data transmission method as described in the first or second aspect above.
According to a sixth aspect of embodiments of the present disclosure, there is provided a storage medium comprising:
the instructions in the storage medium, when executed by a processor of a first device, enable the first device to perform the data transmission method as described in the first aspect above; the instructions in said storage medium, when executed by a processor of the second device, enable the second device to perform the data transmission method as described in the second aspect above.
The technical scheme provided by the embodiment of the disclosure can have the following beneficial effects:
in the embodiment of the disclosure, after the communication connection is established, the first device and the second device do not directly transmit data on the established communication link, but authenticate in an out-of-band communication manner to determine whether the first device or the second device has a control right to the other. After the authority is confirmed (namely the authentication is passed), data transmission is carried out based on the original communication link. By the method, on one hand, compared with a method that authority authentication is not performed after communication connection is established, the safety of data transmission can be improved after authentication is increased; on the other hand, compared with a mode of performing data transmission after authority authentication on the same communication link, the method can reduce the possibility of data unsafe transmission caused by counterfeit authentication after the original communication link is maliciously cracked, so that the security can be improved by using an out-of-band communication authentication mode.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and together with the description, serve to explain the principles of the disclosure.
Fig. 1 is a first flowchart of a data transmission method according to an embodiment of the present disclosure.
Fig. 2 is a flowchart of a data transmission method shown in the embodiment of the present disclosure.
Fig. 3 is a first exemplary diagram of a second device initiating an authentication interaction in an embodiment of the present disclosure.
Fig. 4 is an example diagram two of a second device initiating an authentication interaction in an embodiment of the disclosure.
Fig. 5 is an interaction diagram illustrating a data transmission method according to an embodiment of the present disclosure.
FIG. 6 is an example diagram illustrating out-of-band interaction, according to an embodiment of the present disclosure.
Fig. 7 is a diagram illustrating a data transmission apparatus one according to an example embodiment.
Fig. 8 is a diagram illustrating a data transmission apparatus according to an exemplary embodiment.
Fig. 9 is a block diagram of a terminal shown in an embodiment of the present disclosure.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The implementations described in the exemplary embodiments below are not intended to represent all implementations consistent with the present disclosure. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present disclosure, as detailed in the appended claims.
Ultra Wide Band (UWB) technology is a wireless carrier communication technology. The UWB technology utilizes nanosecond-level non-sine wave narrow pulses to transmit data, has the advantages of low system complexity, low power spectrum density of transmitted signals, high positioning accuracy and the like, and is particularly suitable for high-speed wireless access in dense multipath places such as indoor places and the like.
UWB can realize the high accuracy location of equipment, for example location distance and direction, is applicable to very much present day intelligent house application scenario. After high-precision positioning is realized, a UWB link can be further utilized for data transmission subsequently. For example, after the mobile phone is located in an Internet of Things (IoT) device, the mobile phone serves as a control terminal to control the IoT device in the environment.
For the control terminal device and the IoT device under the same account, device control can be directly performed. This is considered a way of controlling "strangers" between devices for different accounts. Since opening the device right in the "stranger" mode may result in unsafe transmission of data, for example, a situation may occur where the neighboring control terminal controls the own IoT device, effective protection in the "close range" needs to be added to ensure that the device control right is safely obtained in the "stranger" mode.
Fig. 1 is a flowchart of a first data transmission method shown in the embodiment of the present disclosure, and as shown in fig. 1, the data transmission method applied to a first device includes the following steps:
s11, if the distance between the first device and the second device is within a preset distance range, establishing communication connection with the second device;
s12, sending an authentication instruction to the second equipment based on the communication connection;
s13, according to the authentication instruction, performing authentication interaction with the second device in an out-of-band communication mode;
and S14, after the authentication is passed, carrying out data transmission with the second equipment based on the communication connection.
In the embodiment of the disclosure, the first device may be a control terminal such as a smart phone, a tablet computer, or a smart watch, or may also be a controlled terminal such as a smart sound box, a smart air conditioner, or a smart television. If the first equipment is a control terminal, the second equipment is a corresponding controlled terminal; and if the first equipment is the controlled terminal, the second equipment is the corresponding control terminal.
In step S11, if the distance between the first device and the second device is within the preset distance range, the first device establishes a communication connection with the second device, which is a short-distance communication connection. For example, each of the first device and the second device includes a UWB module, the first device and the second device establish a UWB communication connection after being positioned by the UWB module, and the first device and the second device may perform data transmission based on a UWB link.
In step S12, the first device may send an authentication command to the second device based on the communication connection established with the second device, where the authentication command is used to trigger the first device and the second device to perform the authority authentication based on step S13. It should be noted that, in the present disclosure, when performing the authority authentication, an Out Of Band (OOB) communication mode is adopted, that is, the first device and the second device perform the authentication interaction using a transmission channel different from the transmission channel after the communication connection is established in step S11.
In one embodiment, if the communication connection comprises an ultra-wideband communication connection, the out-of-band communication comprises:
a manner of wireless fidelity (Wi-Fi) communication;
a mode of infrared communication;
a mode of ultrasonic communication;
near Field Communication (NFC).
It should be noted that, in the present disclosure, the first device and the second device are not limited to establishing a UWB connection when the distance between the first device and the second device is within a preset range, and the first device and the second device may also be a communication connection established based on technologies such as infrared and NFC, and may also be a communication connection established based on bluetooth technology, for example. Correspondingly, the out-of-band communication mode when performing authentication interaction may be any mode different from the aforementioned communication connection.
In step S14, after the first device and the second device are authenticated by using out-of-band communication, data transmission can be performed with the second device on the original communication link based on the communication connection established in step S11.
It is understood that, in the present disclosure, after establishing the communication connection, the first device and the second device do not directly transmit data on the established communication link, but authenticate in an out-of-band communication manner to determine whether the first device or the second device has a control right to the other. After the authority is confirmed (namely the authentication is passed), data transmission is carried out based on the original communication link. By the method, on one hand, compared with a method that authority authentication is not performed after communication connection is established, the safety of data transmission can be improved after authentication is increased; on the other hand, compared with a mode of performing data transmission after authority authentication on the same communication link, the method can reduce the possibility of data unsafe transmission caused by counterfeit authentication after the original communication link is maliciously cracked, so that the security can be improved by using an out-of-band communication authentication mode.
It should be noted that, in the embodiment of the present disclosure, if the authentication between the first device and the second device is not passed, the first device cannot perform data transmission with the second device based on the original communication connection.
In one embodiment, the method further comprises:
after the authentication is passed, acquiring a first secret key based on the out-of-band communication mode;
after the authentication is passed, the data transmission with the second device based on the communication connection includes:
and after the authentication is passed, based on the communication connection, encrypting the data to be transmitted by using the secret key and then sending the encrypted data to the second equipment.
In the related art, data can be encrypted and transmitted after the key is shared by the devices with the same account through the cloud, however, for the devices with different accounts, the data may not be encrypted in a trusted manner, and a secure key exchange process is required to obtain the key of the controlled device, so that subsequent data secure transmission and device control can be performed.
In contrast, the present disclosure further obtains an encryption key (first key) based on the out-of-band communication after the authentication in the out-of-band manner is passed, so that when data is transmitted on the communication link connected to the original communication, the data is encrypted by using the encryption key and then sent to the second device. It can be understood that, compared with the way of obtaining the encryption key on the same communication link of data transmission, the security of data transmission can be further improved.
In an embodiment, the performing, according to the authentication instruction, authentication interaction with the second device in an out-of-band communication manner includes:
receiving the out-of-band authentication capability of the second device fed back by the second device based on the authentication instruction;
and after the authentication mode matched with the out-of-band authentication capability is determined, performing authentication interaction with the second equipment.
In the embodiment of the disclosure, the control terminal may receive the out-of-band authentication capability fed back by the controlled terminal after sending the authentication instruction, or the controlled device may send the authentication instruction and receive the out-of-band authentication capability fed back by the control device.
After the party receiving the out-of-band authentication capability determines the matchable authentication mode, the party can inform the other party of the authentication mode to be adopted.
In this embodiment, the first device is a smart phone, and the second device is a smart speaker, for example. And after receiving the authentication instruction, the intelligent sound box replies a message according to the equipment capability of the intelligent sound box, wherein the message comprises the out-of-band authentication capability supported by the intelligent sound box. The smartphone can determine the out-of-band authentication capability supported by the smart speaker according to the predetermined field information carried in the message, as shown in table 1 below:
TABLE 1 mapping table between predefined field information and out-of-band authentication capabilities
Out-of-band authentication capabilities supported by controlled devices Field value (1Byte)
Pairing button 1
Screen pop-up window 2
Infrared communication 3
Acoustic wave communication 4
NFC communication 5
The present disclosure will introduce specific ways of authentication interaction based on various out-of-band authentication capabilities one by one in the following description.
After receiving the out-of-band authentication capability of the second device, the first device can select an authentication mode matched with the out-of-band authentication capability of the second device to perform authentication interaction with the second device.
It should be noted that, in the embodiment of the present disclosure, if there are multiple out-of-band authentication manners matched between the first device and the second device, one authentication manner may be randomly selected, or the authentication manner may be determined according to a preset priority order. When the authentication modes are selected according to the priority ranking, for example, the authentication modes may be selected according to a specified ranking, the priority with the highest signal strength may be determined according to the current signal strength in various authentication modes, and the priority with the lowest power consumption may be determined according to the power consumption corresponding to the authentication modes. The disclosed embodiments are not so limited.
It can be understood that, in the present disclosure, the first device performs authentication interaction after selecting a matched out-of-band authentication mode in advance based on the out-of-band authentication capability fed back by the second device and the second device, which can reduce invalid interaction caused by blindly adopting the authentication interaction mode, thereby reducing power consumption of the first device and the second device.
In one embodiment, the performing the authentication interaction with the second device includes:
receiving input authentication information, or scanning a code of a coded image output by the second device to obtain the authentication information; wherein the input authentication information is obtained based on an output of the second device;
and responding to the authentication information matched with the authentication information stored in the first equipment, and sending an instruction that the authentication is passed to the second equipment.
In this embodiment, the authentication information is made available to the first device by outputting the authentication information directly on the second device, or by outputting an encoded image containing the authentication information. When the second device directly outputs the authentication information, the authentication information may be output in a screen display manner or in a voice manner.
For example, the authentication information directly displayed on the second device is manually input to the first device after the user of the first device can view the authentication information. Or the second device plays the authentication information in a voice mode, and the user of the first device hears the authentication information and inputs the authentication information to the first device manually or in a voice mode.
If the second device displays the coded image containing the authentication information, the first device can scan the coded image and obtain the authentication information after analysis.
After the first device obtains the authentication information, the first device can match the authentication information with the authentication information stored in the first device, and if the authentication information is consistent with the authentication information, the first device sends an authentication passing instruction to the second device to complete authentication interaction with the second device.
As mentioned above, the second device may support a pop-up mode, and the second device may trigger to display the authentication information in a pop-up mode or display a coded image containing the authentication information after receiving the authentication instruction.
It should be noted that, in the embodiment of the present disclosure, the authentication information includes at least one of the following:
a device identification of the first device or the second device;
predetermined password information;
predetermined voice information.
If the authentication information is the device identifier of the first device or the second device, the device identifier may be a Personal Identification Number (PIN) code of a user module in the device, or may be a device serial Number. The device identification of the first device or the second device can be stored in the first device respectively for matching verification.
If the authentication information is the preset password information, the first device can obtain the password information based on the password displayed by the second device or the coded image containing the password, and then match the password information with the password information stored by the first device.
If the authentication information is predetermined voice information, the second device may output the predetermined voice information in a voice manner, and the user of the first device receives the voice information by the first device after repeating the voice information, or the first device scans the code pattern displayed by the second device to obtain the voice information. The first device can be matched with the voice information stored by the first device after acquiring the voice information in the two modes.
In one embodiment, the performing the authentication interaction with the second device includes:
receiving a message which is sent by the second equipment and carries authentication information;
and responding to the authentication information in the message matched with the authentication information stored in the first equipment or receiving a confirmation instruction of the authentication information, and sending an instruction that the authentication is passed to the second equipment.
Different from the manner in which the second device displays or broadcasts the authentication information, in this embodiment, the first device may also receive the message sent by the second device, so as to obtain the authentication information carried in the message. The first device further determines whether the authentication information is matched with the authentication information stored in the first device, and sends an authentication passing instruction to the second device under the condition of matching or after receiving a confirmation instruction of the user on the authentication information after outputting the authentication information, so that authentication interaction with the second device is completed.
In the embodiment of the present disclosure, taking the UWB connection as an example, when the communication connection established based on the distance satisfying the condition is performed, and when authentication interaction is performed in an out-of-band communication manner, as described above, the first device and the second device may support a button pairing manner, in this manner, the second device may include an independent or reusable physical control key, the second device sends a message carrying authentication information through a Wi-Fi link after detecting an operation on a physical control on the second device, and the first device may perform a subsequent authentication interaction process with the second device after receiving the message.
It should be noted that, in the embodiment of the present disclosure, if the second device is a smart phone, the sound adjustment control of the smart phone may be reused, and for example, a message carrying the authentication information is sent to the first device when a preset time for pressing the sound control is longer than a preset time.
As previously mentioned, the first device and the second device may support infrared communication. In an embodiment, the second device may serve as an infrared transmitting end, the first device serves as an infrared receiving end, and the second device sends a message carrying the authentication information through the infrared transmitter and is received by the infrared receiver of the first device. It should be noted that the second device may transmit the fixed format infrared signal for reception by the first device. In addition, the second device may be a control terminal or a controlled terminal, and the embodiment of the present disclosure is not limited thereto.
As previously described, the first device and the second device may support NFC communication. For example, when the first device and the second device do not have the built-in NFC module, the external NFC bump sticker may also be used to open the NFC link, so that the second device sends a message carrying the authentication information to the first device.
As previously mentioned, the first device and the second device may also support acoustic wave communications. In this way, the second device sends the audio signal carrying the authentication information, and the authentication information is obtained by analyzing after being received by the first device. For example, if the authentication information carried in the audio signal is predetermined voice information, the first device recognizes the voice after receiving the predetermined voice information, and sends an instruction that the authentication is passed to the second device after determining that the voice information is consistent with the stored voice information.
Since the acoustic signal has an effect on a human or animal having a living body, the higher the frequency the less the effect on the living body but the greater the attenuation, but in conjunction with the scenario of close range transmission of the present disclosure, the effect of signal attenuation may not be great, so the present disclosure may employ the acoustic signal of higher frequency to reduce the harm to the human or animal. For example, the second device may be configured with a speaker capable of emitting signals with a capacity of 18K to 23K, and the first device may collect audio signals at a sampling frequency of not less than 44KHz and perform subsequent audio analysis.
It can be understood that the present disclosure provides various out-of-band communication modes to support sending and receiving of messages carrying authentication information, covers terminals with different communication capabilities, and has the characteristic of wide application range.
Fig. 2 is a flowchart of a data transmission method shown in the embodiment of the present disclosure, and as shown in fig. 2, the data transmission method applied to the second device includes the following steps:
s21, if the distance between the first device and the first device is within a preset distance range, establishing communication connection with the first device;
s22, receiving an authentication instruction sent by the first equipment based on the communication connection;
s23, according to the authentication instruction, performing authentication interaction with the first device in an out-of-band communication mode;
and S24, after the authentication is passed, carrying out data transmission with the first equipment based on the communication connection.
In the embodiment of the present disclosure, the second device may be a control terminal or a controlled terminal.
In step S21, if the distance between the second device and the first device is within the preset distance range, the second device establishes a short-range communication connection with the first device. In step S22, the second device may receive the authentication command sent by the first device based on the communication connection established with the first device, so as to trigger the first device and the second device to perform the permission authentication in the OOB manner based on step S23. And in step S24, after the authentication is passed, data transmission is performed with the first device over the existing communication link based on the communication connection established in step S21.
It is understood that, in the present disclosure, after establishing the communication connection, the first device and the second device do not directly transmit data on the established communication link, but authenticate in an out-of-band communication manner to determine whether the first device or the second device has a control right to the other. After the authority is confirmed (namely the authentication is passed), data transmission is carried out based on the original communication link. By the method, on one hand, compared with a method that authority authentication is not performed after communication connection is established, the safety of data transmission can be improved after authentication is increased; on the other hand, compared with a mode of performing data transmission after authority authentication on the same communication link, the method can reduce the possibility of data unsafe transmission caused by counterfeit authentication after the original communication link is maliciously cracked, so that the security can be improved by using an out-of-band communication authentication mode.
In one embodiment, the method further comprises:
after the authentication is passed, acquiring a second key based on the out-of-band communication mode; the second key is used for decrypting the encrypted data transmitted by the first device based on the communication connection.
After the authentication is passed by adopting the out-of-band mode, the decryption key (second key) is obtained based on the out-of-band communication mode, so that the encrypted data transmitted on the communication link connected with the original communication is decrypted to obtain the really transmitted data.
It should be noted that the first key and the second key may be keys corresponding to a symmetric encryption method, and in this case, the first key and the second key may be the same. In addition, the first key and the second key may also be keys corresponding to an asymmetric encryption method, and in this case, the first key and the second key are different. It can be understood that, compared with the way of acquiring the decryption key on the same communication link of data transmission, the security of data transmission can be further improved.
In an embodiment, the performing, according to the authentication instruction, authentication interaction with the first device in an out-of-band communication manner includes:
feeding back the out-of-band authentication capability of the second equipment to the first equipment according to the authentication instruction;
and after the first equipment determines the authentication mode matched with the out-of-band authentication capability, performing authentication interaction with the first equipment.
In the embodiment of the disclosure, after receiving the authentication instruction, the second device feeds back the out-of-band authentication capability of the second device to the first device, and after receiving the authentication mode determined by the first device, the second device may perform authentication interaction with the first device.
Fig. 3 is a first example diagram of the second device initiating authentication interaction in the embodiment of the present disclosure, for example, assuming that the second device is an IoT device, as shown in fig. 3, after the IoT device outputs the OOB verification information to initiate the OOB verification message interaction, the control terminal (first device) may receive a message carrying the authentication information to input the OOB verification information, for example, input information that the OOB verification passes through a confirmation operation of the user on the authentication information.
Fig. 4 is an example diagram two of a second device initiating an authentication interaction in an embodiment of the disclosure. For example, assuming that the second device is a control terminal, as shown in fig. 4, after the control terminal outputs the OOB verification information and initiates an OOB verification message interaction, the IoT device (the first device) may receive the message carrying the authentication information, and then input the OOB verification information, for example, input the information that the OOB verification passes through the confirmation operation of the user on the authentication information.
It can be understood that, in the present disclosure, the second device feeds back the out-of-band authentication capability to the first device based on the authentication instruction, so as to perform authentication interaction after determining the matched out-of-band authentication manner with the first device, which can reduce invalid interaction caused by blindly adopting the authentication interaction manner, thereby reducing power consumption of the first device and the second device.
In one embodiment, the authenticating interaction with the first device includes:
outputting authentication information or outputting a coded image containing the authentication information; the output authentication information is used for the first equipment to obtain, and the output coded image is used for the first equipment to scan codes to obtain the authentication information;
and receiving an authentication passing instruction sent by the first equipment after the first equipment authenticates the authentication information.
In this embodiment, the authentication information is output directly on the second device or a coded image containing the authentication information is output in a displayed manner, thereby enabling the first device to obtain the authentication information to complete the authentication interaction with the second device. In the embodiment of the disclosure, the second device may output the authentication information in a pop-up mode or output a coded image including the authentication information.
In one embodiment, the authenticating interaction with the first device includes:
sending a message carrying authentication information to the first equipment;
and receiving an authentication passing instruction sent by the first device after the first device authenticates the authentication information in the message.
In this embodiment, when the second device performs authentication interaction with the first device in an out-of-band communication manner, the second device may send a message carrying authentication information to the first device in an infrared communication manner, an NFC communication manner, a sound wave communication manner, or a Wi-Fi communication manner in combination with the pairing button. After the first device obtains the authentication information, whether the authentication information is matched with the authentication information stored in the first device is further determined, and under the condition of matching or after receiving a confirmation instruction of the user on the authentication information after the authentication information is output, an instruction of passing authentication is sent to the second device, so that authentication interaction with the second device is completed.
It can be understood that the present disclosure provides various out-of-band communication modes to support sending and receiving of messages carrying authentication information, covers terminals with different communication capabilities, and has the characteristic of wide application range.
Fig. 5 is an interaction diagram of a data transmission method shown in an embodiment of the present disclosure, and as shown in fig. 5, the data transmission method applied to the first device and the second device includes the following steps:
s31, if the distance between the first equipment and the second equipment is within a preset distance range, establishing communication connection with the second equipment;
s32, the first device sends an authentication instruction to the second device based on the communication connection;
s33, the second equipment performs authentication interaction with the first equipment in an out-of-band communication mode according to the authentication instruction;
and S34, after the authentication is passed, the second device performs data transmission with the first device based on the communication connection.
Exemplarily, the first device is a mobile phone, the second device is an IoT device, taking the communication connection established by the mobile phone and the IoT device in step S31 as an example, fig. 4 is a process diagram of performing authentication interaction in a manner that the mobile phone and the IoT device open out-of-band communication, as shown in fig. 4, in step 1, the mobile phone opens UWB proximity protection, that is, after the mobile phone and the IoT device establish the UWB communication connection, an authentication instruction is sent to the IoT device. In step 2, the IoT device replies to its own OOB capability, i.e., out-of-band authentication capability, for example, by replying to the OOB capability in the manner of table 1 above; in step 3, the mobile phone selects the OOB mode after receiving the out-of-band authentication capability of the IoT device, and as mentioned above, the mobile phone may randomly select or select according to a predetermined priority; in step 4, based on the selected OOB mode, the handset may interact out-of-band with the IoT device.
Fig. 6 is an example diagram of an out-of-band interaction mode shown in the embodiment of the present disclosure, and as shown in fig. 6, the mobile phone and the IoT device may perform the out-of-band interaction by using any one of a pairing button, a screen pop window, infrared communication, sound wave communication, or NFC communication.
It is understood that, in the present disclosure, after establishing the communication connection, the first device and the second device do not directly transmit data on the established communication link, but authenticate in an out-of-band communication manner to determine whether the first device or the second device has a control right to the other. After the authority is confirmed (namely the authentication is passed), data transmission is carried out based on the original communication link. By the method, on one hand, compared with a method that authority authentication is not performed after communication connection is established, the safety of data transmission can be improved after authentication is increased; on the other hand, compared with a mode of performing data transmission after authority authentication on the same communication link, the method can reduce the possibility of data unsafe transmission caused by counterfeit authentication after the original communication link is maliciously cracked, so that the security can be improved by using an out-of-band communication authentication mode.
Fig. 7 is a diagram illustrating a data transmission apparatus one according to an example embodiment. Referring to fig. 7, the data transmission apparatus applied to the first device includes:
the first connection module 101 is configured to establish communication connection with a second device if the distance between the first connection module and the second device is within a preset distance range;
a sending module 102 configured to send an authentication instruction to the second device based on the communication connection;
the first authentication module 103 is configured to perform authentication interaction with the second device in an out-of-band communication manner according to the authentication instruction;
and the first transmission module 104 is configured to perform data transmission with the second device based on the communication connection after the authentication is passed.
In some embodiments, the apparatus further comprises:
a first obtaining module 105, configured to obtain a first key based on the out-of-band communication after the authentication is passed;
the first transmission module 104 is further configured to, after the authentication is passed, encrypt the data to be transmitted by using the first key based on the communication connection, and send the encrypted data to the second device.
In some embodiments, the first authentication module 103 is further configured to receive an out-of-band authentication capability of the second device fed back by the second device based on the authentication instruction; and after the authentication mode matched with the out-of-band authentication capability is determined, performing authentication interaction with the second equipment.
In some embodiments, the first authentication module 103 is further configured to receive input authentication information, or scan a code of a coded image output by the second device to obtain the authentication information; wherein the input authentication information is obtained based on an output of the second device; and responding to the authentication information matched with the authentication information stored in the first equipment, and sending an instruction that the authentication is passed to the second equipment.
In some embodiments, the first authentication module 103 is further configured to receive a message carrying authentication information sent by the second device; and responding to the authentication information in the message matched with the authentication information stored in the first equipment or receiving a confirmation instruction of the authentication information, and sending an instruction that the authentication is passed to the second equipment.
In some embodiments, the message carrying the authentication information is triggered and sent after the second device detects an operation on a physical control on the second device.
In some embodiments, the authentication information comprises at least one of:
a device identification of the first device or the second device;
predetermined password information;
predetermined voice information.
In some embodiments, if the communication connection comprises an ultra-wideband communication connection, the out-of-band communication comprises:
a manner of wireless fidelity communication;
a mode of infrared communication;
a mode of ultrasonic communication;
manner of near field communication NFC.
Fig. 8 is a diagram illustrating a data transmission apparatus according to an exemplary embodiment. Referring to fig. 7, the data transmission apparatus applied to the second device includes:
the second connection module 201 is configured to establish communication connection with the first device if the distance between the second connection module and the first device is within a preset distance range;
a receiving module 202, configured to receive, based on the communication connection, an authentication instruction sent by the first device;
the second authentication module 203 is configured to perform authentication interaction with the first device in an out-of-band communication manner according to the authentication instruction;
and a second transmission module 204 configured to perform data transmission with the first device based on the communication connection after the authentication is passed.
In some embodiments, the apparatus further comprises:
a second obtaining module 205, configured to obtain a second key based on the out-of-band communication after the authentication is passed; the second key is used for decrypting the encrypted data transmitted by the first device based on the communication connection.
In some embodiments, the second authentication module 203 is further configured to feed back the out-of-band authentication capability of the second device to the first device according to the authentication instruction; and after the first equipment determines the authentication mode matched with the out-of-band authentication capability, performing authentication interaction with the first equipment.
In some embodiments, the second authentication module 203 is further configured to display authentication information or display an encoded image containing the authentication information; the displayed authentication information is used for the first equipment to obtain, and the displayed coded image is used for the first equipment to scan codes to obtain the authentication information; and receiving an authentication passing instruction sent by the first equipment after the first equipment authenticates the authentication information.
In some embodiments, the second authentication module 203 is further configured to send a message carrying authentication information to the first device; and receiving an authentication passing instruction sent by the first device after the first device authenticates the authentication information in the message.
With regard to the apparatus in the above-described embodiment, the specific manner in which each module performs the operation has been described in detail in the embodiment related to the method, and will not be elaborated here.
Fig. 9 is a block diagram illustrating a terminal apparatus 800 according to an example embodiment. For example, the apparatus 800 may be a master terminal (e.g., a first device), a controlled terminal (e.g., a second device), and the like.
Referring to fig. 9, the apparatus 800 may include one or more of the following components: processing component 802, memory 804, power component 806, multimedia component 808, audio component 810, input/output (I/O) interface 812, sensor component 814, and communication component 816.
The processing component 802 generally controls overall operation of the device 800, such as operations associated with display, telephone calls, data communications, camera operations, and recording operations. The processing components 802 may include one or more processors 820 to execute instructions to perform all or a portion of the steps of the methods described above. Further, the processing component 802 can include one or more modules that facilitate interaction between the processing component 802 and other components. For example, the processing component 802 can include a multimedia module to facilitate interaction between the multimedia component 808 and the processing component 802.
The memory 804 is configured to store various types of data to support operations at the apparatus 800. Examples of such data include instructions for any application or method operating on device 800, contact data, phonebook data, messages, pictures, videos, and so forth. The memory 804 may be implemented by any type or combination of volatile or non-volatile memory devices such as Static Random Access Memory (SRAM), electrically erasable programmable read-only memory (EEPROM), erasable programmable read-only memory (EPROM), programmable read-only memory (PROM), read-only memory (ROM), magnetic memory, flash memory, magnetic or optical disks.
Power components 806 provide power to the various components of device 800. The power components 806 may include a power management system, one or more power supplies, and other components associated with generating, managing, and distributing power for the apparatus 800.
The multimedia component 808 includes a screen that provides an output interface between the device 800 and a user. In some embodiments, the screen may include a Liquid Crystal Display (LCD) and a Touch Panel (TP). If the screen includes a touch panel, the screen may be implemented as a touch screen to receive an input signal from a user. The touch panel includes one or more touch sensors to sense touch, slide, and gestures on the touch panel. The touch sensor may not only sense the boundary of a touch or slide action, but also detect the duration and pressure associated with the touch or slide operation. In some embodiments, the multimedia component 808 includes a front facing camera and/or a rear facing camera. The front camera and/or the rear camera may receive external multimedia data when the device 800 is in an operating mode, such as a shooting mode or a video mode. Each front camera and rear camera may be a fixed optical lens system or have a focal length and optical zoom capability.
The audio component 810 is configured to output and/or input audio signals. For example, the audio component 810 includes a Microphone (MIC) configured to receive external audio signals when the apparatus 800 is in an operational mode, such as a call mode, a recording mode, and a voice recognition mode. The received audio signals may further be stored in the memory 804 or transmitted via the communication component 816. In some embodiments, audio component 810 also includes a speaker for outputting audio signals.
The I/O interface 812 provides an interface between the processing component 802 and peripheral interface modules, which may be keyboards, click wheels, buttons, etc. These buttons may include, but are not limited to: a home button, a volume button, a start button, and a lock button.
The sensor assembly 814 includes one or more sensors for providing various aspects of state assessment for the device 800. For example, the sensor assembly 814 may detect the open/closed status of the device 800, the relative positioning of components, such as a display and keypad of the device 800, the sensor assembly 814 may also detect a change in the position of the device 800 or a component of the device 800, the presence or absence of user contact with the device 800, the orientation or acceleration/deceleration of the device 800, and a change in the temperature of the device 800. Sensor assembly 814 may include a proximity sensor configured to detect the presence of a nearby object without any physical contact. The sensor assembly 814 may also include a light sensor, such as a CMOS or CCD image sensor, for use in imaging applications. In some embodiments, the sensor assembly 814 may also include an acceleration sensor, a gyroscope sensor, a magnetic sensor, a pressure sensor, or a temperature sensor.
The communication component 816 is configured to facilitate communications between the apparatus 800 and other devices in a wired or wireless manner. The device 800 may access a wireless network based on a communication standard, such as Wi-Fi, 2G, or 3G, or a combination thereof. In an exemplary embodiment, the communication component 816 receives a broadcast signal or broadcast related information from an external broadcast management system via a broadcast channel. In an exemplary embodiment, the communication component 816 further includes a Near Field Communication (NFC) module to facilitate short-range communications. For example, the NFC module may be implemented based on Radio Frequency Identification (RFID) technology, infrared data association (IrDA) technology, Ultra Wideband (UWB) technology, Bluetooth (BT) technology, and other technologies.
In an exemplary embodiment, the apparatus 800 may be implemented by one or more Application Specific Integrated Circuits (ASICs), Digital Signal Processors (DSPs), Digital Signal Processing Devices (DSPDs), Programmable Logic Devices (PLDs), Field Programmable Gate Arrays (FPGAs), controllers, micro-controllers, microprocessors or other electronic components for performing the above-described methods.
In an exemplary embodiment, a non-transitory computer-readable storage medium comprising instructions, such as the memory 804 comprising instructions, executable by the processor 820 of the device 800 to perform the above-described method is also provided. For example, the non-transitory computer readable storage medium may be a ROM, a Random Access Memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like.
A non-transitory computer readable storage medium in which instructions, when executed by a processor of a first device, enable the first device to perform a data transfer method, the method comprising:
if the distance between the first device and the second device is within a preset distance range, establishing communication connection with the second device;
sending an authentication instruction to the second device based on the communication connection;
performing authentication interaction with the second equipment in an out-of-band communication mode according to the authentication instruction;
and after the authentication is passed, performing data transmission with the second equipment based on the communication connection.
The instructions in the storage medium, when executed by a processor of a second device, enable the second device to perform a data transfer method, the method comprising:
if the distance between the first equipment and the first equipment is within a preset distance range, establishing communication connection with the first equipment;
receiving an authentication instruction sent by the first equipment based on the communication connection;
performing authentication interaction with the first equipment in an out-of-band communication mode according to the authentication instruction;
and after the authentication is passed, carrying out data transmission with the first equipment based on the communication connection.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This disclosure is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It will be understood that the present disclosure is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.

Claims (24)

1. A data transmission method, applied to a first device, the method comprising:
if the distance between the first device and the second device is within a preset distance range, establishing communication connection with the second device;
sending an authentication instruction to the second device based on the communication connection;
performing authentication interaction with the second equipment in an out-of-band communication mode according to the authentication instruction;
and after the authentication is passed, performing data transmission with the second equipment based on the communication connection.
2. The method of claim 1, further comprising:
after the authentication is passed, acquiring a first secret key based on the out-of-band communication mode;
after the authentication is passed, the data transmission with the second device based on the communication connection includes:
and after the authentication is passed, based on the communication connection, encrypting the data to be transmitted by using the first key and then sending the encrypted data to the second equipment.
3. The method of claim 1, wherein performing authentication interaction with the second device in an out-of-band communication manner according to the authentication instruction comprises:
receiving the out-of-band authentication capability of the second device fed back by the second device based on the authentication instruction;
and after the authentication mode matched with the out-of-band authentication capability is determined, performing authentication interaction with the second equipment.
4. The method of claim 3, wherein the authenticating interaction with the second device comprises:
receiving input authentication information, or scanning a code of a coded image output by the second device to obtain the authentication information; wherein the input authentication information is obtained based on an output of the second device;
and responding to the authentication information matched with the authentication information stored in the first equipment, and sending an instruction that the authentication is passed to the second equipment.
5. The method of claim 3, wherein the authenticating interaction with the second device comprises:
receiving a message which is sent by the second equipment and carries authentication information;
and responding to the authentication information in the message matched with the authentication information stored in the first equipment or receiving a confirmation instruction of the authentication information, and sending an instruction that the authentication is passed to the second equipment.
6. The method according to claim 5, wherein the message carrying the authentication information is triggered and sent after the second device detects an operation on a physical control on the second device.
7. A data transmission method, applied to a second device, the method comprising:
if the distance between the first equipment and the first equipment is within a preset distance range, establishing communication connection with the first equipment;
receiving an authentication instruction sent by the first equipment based on the communication connection;
performing authentication interaction with the first equipment in an out-of-band communication mode according to the authentication instruction;
and after the authentication is passed, carrying out data transmission with the first equipment based on the communication connection.
8. The method of claim 7, further comprising:
after the authentication is passed, acquiring a second key based on the out-of-band communication mode; the second key is used for decrypting the encrypted data transmitted by the first device based on the communication connection.
9. The method of claim 7, wherein performing authentication interaction with the first device in an out-of-band communication manner according to the authentication instruction comprises:
feeding back the out-of-band authentication capability of the second equipment to the first equipment according to the authentication instruction;
and after the first equipment determines the authentication mode matched with the out-of-band authentication capability, performing authentication interaction with the first equipment.
10. The method of claim 9, wherein the authenticating interaction with the first device comprises:
displaying authentication information or displaying a coded image containing the authentication information; the displayed authentication information is used for the first equipment to obtain, and the displayed coded image is used for the first equipment to scan codes to obtain the authentication information;
and receiving an authentication passing instruction sent by the first equipment after the first equipment authenticates the authentication information.
11. The method of claim 9, wherein the authenticating interaction with the first device comprises:
sending a message carrying authentication information to the first equipment;
and receiving an authentication passing instruction sent by the first device after the first device authenticates the authentication information in the message.
12. A data transmission apparatus, for use in a first device, the apparatus comprising:
the first connection module is configured to establish communication connection with the second equipment if the distance between the first connection module and the second equipment is within a preset distance range;
a sending module configured to send an authentication instruction to the second device based on the communication connection;
the first authentication module is configured to perform authentication interaction with the second device in an out-of-band communication mode according to the authentication instruction;
and the first transmission module is configured to perform data transmission with the second device based on the communication connection after the authentication is passed.
13. The apparatus of claim 12, further comprising:
the first obtaining module is configured to obtain a first key based on the out-of-band communication mode after the authentication is passed;
and the first transmission module is further configured to encrypt the data to be transmitted by using the first key and send the encrypted data to the second device based on the communication connection after the authentication is passed.
14. The apparatus of claim 12,
the first authentication module is further configured to receive the out-of-band authentication capability of the second device fed back by the second device based on the authentication instruction; and after the authentication mode matched with the out-of-band authentication capability is determined, performing authentication interaction with the second equipment.
15. The apparatus of claim 14,
the first authentication module is further configured to receive input authentication information, or scan a code of a coded image output by the second device to obtain the authentication information; wherein the input authentication information is obtained based on an output of the second device; and responding to the authentication information matched with the authentication information stored in the first equipment, and sending an instruction that the authentication is passed to the second equipment.
16. The apparatus of claim 14,
the first authentication module is further configured to receive a message carrying authentication information sent by the second device; and responding to the authentication information in the message matched with the authentication information stored in the first equipment or receiving a confirmation instruction of the authentication information, and sending an instruction that the authentication is passed to the second equipment.
17. The apparatus according to claim 16, wherein the message carrying the authentication information is triggered and sent by the second device after detecting an operation on a physical control on the second device.
18. A data transmission apparatus, for use in a second device, the apparatus comprising:
the second connection module is configured to establish communication connection with the first equipment if the distance between the second connection module and the first equipment is within a preset distance range;
a receiving module configured to receive an authentication instruction sent by the first device based on the communication connection;
the second authentication module is configured to perform authentication interaction with the first equipment in an out-of-band communication mode according to the authentication instruction;
and the second transmission module is configured to perform data transmission with the first equipment based on the communication connection after the authentication is passed.
19. The apparatus of claim 18, further comprising:
the second obtaining module is configured to obtain a second key based on the out-of-band communication mode after the authentication is passed; the second key is used for decrypting the encrypted data transmitted by the first device based on the communication connection.
20. The apparatus of claim 18,
the second authentication module is further configured to feed back the out-of-band authentication capability of the second device to the first device according to the authentication instruction; and after the first equipment determines the authentication mode matched with the out-of-band authentication capability, performing authentication interaction with the first equipment.
21. The apparatus of claim 20,
the second authentication module is further configured to display authentication information or display a coded image containing the authentication information; the displayed authentication information is used for the first equipment to obtain, and the displayed coded image is used for the first equipment to scan codes to obtain the authentication information; and receiving an authentication passing instruction sent by the first equipment after the first equipment authenticates the authentication information.
22. The apparatus of claim 20,
the second authentication module is further configured to send a message carrying authentication information to the first device; and receiving an authentication passing instruction sent by the first device after the first device authenticates the authentication information in the message.
23. An electronic device, comprising:
a processor;
a memory for storing processor-executable instructions;
wherein the processor is configured to perform the data transmission method of any one of claims 1 to 6 or the data transmission method of any one of claims 7 to 11.
24. A non-transitory computer readable storage medium, wherein instructions in the storage medium, when executed by a processor of a first device, enable the first device to perform the data transmission method of any one of claims 1 to 6; alternatively, the instructions in the storage medium, when executed by a processor of the second device, enable the second device to perform the data transmission method of any of claims 7 to 11.
CN202110872828.6A 2021-07-30 2021-07-30 Data transmission method and device, electronic equipment and storage medium Pending CN113595740A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110872828.6A CN113595740A (en) 2021-07-30 2021-07-30 Data transmission method and device, electronic equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110872828.6A CN113595740A (en) 2021-07-30 2021-07-30 Data transmission method and device, electronic equipment and storage medium

Publications (1)

Publication Number Publication Date
CN113595740A true CN113595740A (en) 2021-11-02

Family

ID=78252783

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110872828.6A Pending CN113595740A (en) 2021-07-30 2021-07-30 Data transmission method and device, electronic equipment and storage medium

Country Status (1)

Country Link
CN (1) CN113595740A (en)

Similar Documents

Publication Publication Date Title
US9819652B2 (en) Information interaction methods and devices
CN109493488B (en) Smart card authentication method, smart lock, smart card, system and device
KR101491392B1 (en) Indirect device communication
CN104869612A (en) Method and device for accessing network
CN104955031A (en) Information transmission method and device
CN105243318A (en) User equipment control right determining method and apparatus and terminal device
CN105282158A (en) Intelligent equipment networking method, routing equipment, intelligent equipment and system
US20230037251A1 (en) Device sharing method and electronic device
CN109246110B (en) Data sharing method and device and computer readable storage medium
CN106060098B (en) Processing method, processing unit and the processing system of identifying code
CN112202770A (en) Equipment networking method and device, equipment and storage medium
CN104852800A (en) Data transmission method and device
CN104980919A (en) Method for acquiring network service information and equipment
EP3139564B1 (en) Encryption coding module
CN105120452B (en) Transmit the method, apparatus and system of information
CN105635249B (en) Session management method and device
CN104540115A (en) Communication method and device
CN107612058B (en) Charging method and device
CN105306567A (en) Method and device for terminal connection
CN113595740A (en) Data transmission method and device, electronic equipment and storage medium
CN112512097A (en) Information processing method and device, electronic equipment and storage medium
CN114612886B (en) Law enforcement information input method and device
CN111818609B (en) Method and device for connecting wireless network, communication equipment and storage medium
CN110139230B (en) Method and device for forwarding short message and intelligent equipment
CN107318148B (en) Wireless local area network access information storage method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination