CN114531235A - End-to-end encrypted communication method and system - Google Patents

End-to-end encrypted communication method and system Download PDF

Info

Publication number
CN114531235A
CN114531235A CN202210193962.8A CN202210193962A CN114531235A CN 114531235 A CN114531235 A CN 114531235A CN 202210193962 A CN202210193962 A CN 202210193962A CN 114531235 A CN114531235 A CN 114531235A
Authority
CN
China
Prior art keywords
terminal
information
token
access
public
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210193962.8A
Other languages
Chinese (zh)
Other versions
CN114531235B (en
Inventor
王建民
雒海波
武延军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Institute of Software of CAS
Original Assignee
Institute of Software of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Institute of Software of CAS filed Critical Institute of Software of CAS
Priority to CN202210193962.8A priority Critical patent/CN114531235B/en
Publication of CN114531235A publication Critical patent/CN114531235A/en
Application granted granted Critical
Publication of CN114531235B publication Critical patent/CN114531235B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a communication method and a communication system for end-to-end encryption, and relates to the technical field of internet information communication. The method comprises the following steps: under a trusted environment, acquiring a public key2 and authentication information of the second terminal; the first ciphertext information is sent to the second terminal so as to obtain the access _ token, the symmetric key and the corresponding symmetric encryption algorithm returned by the second terminal; sending the access _ token and the second ciphertext information to the second terminal to obtain third ciphertext information returned by the second terminal; and decrypting the third ciphertext information by using the symmetric key and a corresponding symmetric encryption algorithm to obtain the data response information. According to the invention, the data security transmission between the two parties is realized based on the symmetric encryption algorithm in the transmission process, and the encryption scheme is preset in the preparation stage, so that the risk that a third party and a data transmission platform intercept a data packet from the middle layer to obtain user data is eliminated, and the data security is protected doubly.

Description

End-to-end encrypted communication method and system
Technical Field
The invention relates to the technical field of internet information communication, in particular to an end-to-end encrypted communication method and system.
Background
In the internet era, data information is the most important property of individuals, and the secure transmission of data is an important means for protecting the privacy of individuals. In order to protect the security of data transmission, encryption is usually required in a communication network, and a data encryption transmission scheme provided in the prior art relates to a plurality of encryption modes such as key information encryption, a network layer encryption mechanism, an application layer encryption mechanism and the like. The schemes still can not well avoid the risk of intercepting and cracking information by the intervention of a third party, and the data security is not protected safely.
Disclosure of Invention
Aiming at the problems, the invention discloses a communication method and a communication system for end-to-end encryption so as to realize the safe transmission of data.
The technical scheme of the invention comprises the following steps:
a communication method of end-to-end encryption is applied to a first terminal, and the steps comprise:
under a trusted environment, acquiring a public key2 and authentication information of the second terminal;
sending the first ciphertext information to the second terminal to obtain an access _ token, a symmetric key and a corresponding symmetric encryption algorithm returned by the second terminal, wherein the first ciphertext information comprises: the authentication information encrypted using the public key2, the access token having the symmetric key therein encrypted by a public key 2;
sending the access _ token and the second ciphertext information to the second terminal to obtain third ciphertext information returned by the second terminal, wherein the second ciphertext information comprises: data request information encrypted by using the symmetric key, wherein the third ciphertext information is obtained based on the second ciphertext information and the symmetric key included in the access _ token and encrypted by using the public key2, and the third ciphertext information comprises: encrypted data response information;
and decrypting the third ciphertext information by using the symmetric key and a corresponding symmetric encryption algorithm to obtain the data response information.
Further, the first terminal includes: client, PC or Web side.
Further, when the first terminal is a client, the acquiring the public key2 and the authentication information of the second terminal includes:
creating a public and private key pair;
and sending the public key1 in the public and private key pair and the identity information of the first terminal to the second client so as to obtain a public key2 and authentication information of the second terminal.
Further, when the first terminal is a client, the obtaining of the access _ token, the symmetric key, and the corresponding symmetric encryption algorithm returned by the second terminal includes:
sending the first ciphertext information to a second terminal, wherein the first ciphertext information further comprises: the first terminal uniform unique identification code encrypted by using the public key 2;
obtaining access _ token and fourth ciphertext information, wherein the fourth ciphertext information comprises: a symmetric key and corresponding symmetric encryption algorithm encrypted using public key 1;
and decoding the fourth ciphertext information by using the private key A to obtain a symmetric key and a corresponding symmetric encryption algorithm.
Further, when the first terminal is a PC terminal or a Web terminal, the acquiring the public key2 and the authentication information of the second terminal includes:
establishing connection with a third client, wherein the third client and the second terminal establish a trust relationship;
and receiving authentication information sent by the third client, wherein the authentication information is an authorization code or an invitation code generated by the second terminal, and the authorization code or the invitation code includes the public key 2.
Further, when the first terminal is a PC terminal or a Web terminal, the obtaining of the access _ token, the symmetric key, and the corresponding symmetric encryption algorithm returned by the second terminal includes:
generating a set of temporary symmetric keys;
under the trusted environment, the first ciphertext information is sent to the third client, so that the second terminal generates an access _ token based on the first ciphertext information sent by the third client and the identification information of the first terminal, and sends the access _ token, the symmetric key and the corresponding symmetric encryption algorithm to the first terminal, wherein the first ciphertext information further comprises: the temporary symmetric key encrypted using the public key 2.
Further, the third ciphertext information is obtained based on the second ciphertext information and the symmetric key included in the access _ token and encrypted by the public key 2:
verifying the first terminal identity information in the access _ token;
decrypting the symmetric key encrypted by the public key2 in the authenticated access _ token by using a private key keyB corresponding to the public key 2;
decrypting the second ciphertext information using the symmetric key to obtain the data request information;
obtaining data response information based on the data request information;
and encrypting the data response information by using the symmetric key and the corresponding symmetric encryption algorithm to generate third ciphertext information.
A storage medium having a computer program stored therein, wherein the computer program is arranged to perform any of the above methods when executed.
A terminal comprising a memory having a computer program stored therein and a processor arranged to run the computer program to perform any of the methods described above.
A communication system for end-to-end encryption comprises a first terminal and a second terminal,
the first terminal is used for acquiring a public key2 and authentication information of the second terminal in a trusted environment; sending the first ciphertext information to the second terminal to obtain an access _ token, a symmetric key and a corresponding symmetric encryption algorithm returned by the second terminal, wherein the first ciphertext information comprises: the authentication information encrypted using the public key2, the access token having the symmetric key therein encrypted by a public key 2; sending the access _ token and the second ciphertext information to the second terminal to obtain third ciphertext information returned by the second terminal, wherein the second ciphertext information comprises: data request information encrypted using the symmetric key; decrypting the third ciphertext information using the symmetric key and a corresponding symmetric encryption algorithm to obtain the data response information;
the second terminal is used for generating a public and private key pair; obtaining an access _ token, a symmetric key and a corresponding symmetric encryption algorithm according to the first ciphertext information; and obtaining the third ciphertext information based on the second ciphertext information and the symmetric key encrypted by the public key2 contained in the access _ token.
Compared with the prior art, the invention has at least the following advantages:
1. the invention presets an encryption scheme in the preparation stage of data transmission, thereby ensuring that the data is in a relatively safe environment before starting transmission;
2. in the transmission process, the invention realizes the safe data transmission of both parties by using a symmetric encryption algorithm, thereby eliminating the risk that a third party and a data transmission platform intercept a data packet from the middle layer to obtain user data, and the data safety is protected doubly.
Drawings
FIG. 1 is a system diagram of the present invention.
FIG. 2 is a flow chart of the method of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings, and it is to be understood that the described embodiments are merely specific embodiments of the present invention, rather than all embodiments. All other embodiments, which can be obtained by a person skilled in the art without any inventive step based on the embodiments of the present invention, are within the scope of the present invention.
The invention provides an end-to-end encryption communication system, as shown in fig. 1, comprising a first terminal and a second terminal, wherein the first terminal and the second terminal establish a communication connection with the opposite terminal, including but not limited to a client, a PC end or a Web end; the second terminal is the opposite terminal for establishing communication connection with the first terminal, and is a service that can be stored and run in the operating system, and may include but is not limited to an electronic device with a processor and a memory or a computer readable storage medium.
As shown in fig. 2, the encryption communication method provided by the present invention includes:
step 110: under the trusted environment, the public key2 and the authentication information of the second terminal are obtained.
In an example, when the first terminal is a client, the initialized first terminal performs pairing connection with the second terminal in a trusted environment. Optionally, the trusted environment may be implemented based on bluetooth functionality or usb disk transmission.
After the two ends are connected, the first terminal creates keys 1 (public key), key a (private key), and the second terminal creates keys 2 (public key), key B (private key).
At this time, in the trusted environment, the first terminal transmits the content such as the public key1 and the identity information to the second terminal, and the second terminal receives the content such as the public key2 and the authentication information and transmits the content to the first terminal.
In another example, when the first terminal is in the form of a terminal other than a client, such as a PC terminal or a Web terminal, the trusted environment can be implemented based on a third client since the first terminal does not have bluetooth function. Namely, a third client side which establishes a trust relationship with the second terminal based on the trusted environment is selected.
Then, the second terminal creates a key2 (public key) and a key B (private key), and sends an authentication information (such as an authorization code or an invitation code) carrying the public key2 to the third client.
The first terminal obtains the public key2 from the authentication information acquired from the third client.
Step 120: and sending the first ciphertext information to the second terminal to obtain the access _ token, the symmetric key and the corresponding symmetric encryption algorithm returned by the second terminal.
In one example, when the first terminal is a client, the first terminal encrypts the authentication information (e.g., auth _ key) and the client-UUID (terminal uniform unique identifier) with the public key2 using an RSA asymmetric encryption algorithm to obtain first ciphertext information, and sends the first ciphertext information to the second terminal.
And after receiving the first ciphertext information, the second terminal generates an access _ token, wherein the access _ token comprises the symmetric key encrypted by the public key2, and returns an access certificate access _ token, the symmetric key encrypted by the public key1 and algorithm information of AES (advanced Encryption Standard) symmetric Encryption, so that the two ends establish an interconnection access trust relationship.
In another example, when the first terminal is in the form of a terminal other than the client, the first terminal may generate a set of temporary symmetric keys and encrypt the set of temporary symmetric keys and the authorization/invitation code using the public key2 to send to the second terminal.
And the second terminal generates an access certificate access _ token after verifying the identity of the second terminal, wherein the access _ token comprises the symmetric key encrypted by the public key2, and returns the access _ token, the symmetric key and the symmetric encryption algorithm information to the first terminal in a trusted environment, so that the two ends establish a mutual connection access trust relationship.
In the two examples, the symmetric encryption algorithm information is used for algorithm information used by the first terminal for decryption in subsequent data transmission, and includes basic contents such as formula information of the algorithm; alternatively, the symmetric algorithm information may be aes (advanced Encryption standard), des (data Encryption standard), or the like.
Step 130: and sending the access _ token and the second ciphertext information to the second terminal to obtain third ciphertext information returned by the second terminal.
After the step 110 and the step 120, the mutual trust relationship between the first terminal and the second terminal is established, and at this time, the first terminal may perform data transmission with the corresponding second terminal by means of the acquired access _ token, which specifically includes:
step 1301: the first terminal obtains second ciphertext information by using the data request information encrypted by the symmetric key, and sends the access _ token and the second ciphertext information to the second terminal;
step 1302: after receiving the access _ token and the second ciphertext information, the second terminal verifies the access _ token and the first terminal identity information contained in the access _ token so as to judge the identity of the first terminal;
step 1303: after the verification is passed, decrypting the access _ token by using the private key keyB to obtain a symmetric key;
step 1304: decrypting the first ciphertext information by using the symmetric key to obtain data request information;
step 1305: generating data response information of the data request information;
step 1306: and encrypting the data response information by using the symmetric key, and generating and sending third ciphertext information to the first terminal.
Step 140: and decrypting the third ciphertext information by using the symmetric key and a corresponding symmetric encryption algorithm to obtain data response information.
And after receiving the third ciphertext, the first terminal decrypts the third ciphertext information by using the symmetric key and the corresponding symmetric encryption algorithm, so as to obtain corresponding information of the data generated by the second terminal.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents, improvements and the like that fall within the spirit and principle of the present invention are intended to be included therein.

Claims (10)

1. A communication method of end-to-end encryption is applied to a first terminal, and the steps comprise:
under a trusted environment, acquiring a public key2 and authentication information of the second terminal;
sending the first ciphertext information to the second terminal to obtain an access _ token, a symmetric key and a corresponding symmetric encryption algorithm returned by the second terminal, wherein the first ciphertext information comprises: the authentication information encrypted using the public key2, the access token having the symmetric key therein encrypted by a public key 2;
sending the access _ token and the second ciphertext information to the second terminal to obtain third ciphertext information returned by the second terminal, wherein the second ciphertext information comprises: data request information encrypted by using the symmetric key, wherein the third ciphertext information is obtained based on the second ciphertext information and the symmetric key included in the access _ token and encrypted by using the public key2, and the third ciphertext information comprises: encrypted data response information;
and decrypting the third ciphertext information by using the symmetric key and a corresponding symmetric encryption algorithm to obtain the data response information.
2. The method of claim 1, wherein the first terminal comprises: client, PC end or Web end.
3. The method as claimed in claim 2, wherein when the first terminal is a client, the obtaining 2 the public key and the authentication information of the second terminal includes:
creating a public and private key pair;
and sending the public key1 in the public and private key pair and the identity information of the first terminal to the second client so as to obtain a public key2 and authentication information of the second terminal.
4. The method of claim 3, wherein when the first terminal is a client, the obtaining of the access _ token, the symmetric key and the corresponding symmetric encryption algorithm returned by the second terminal comprises:
sending the first ciphertext information to a second terminal, where the first ciphertext information further includes: the first terminal uniform unique identification code encrypted by using the public key 2;
obtaining access _ token and fourth ciphertext information, wherein the fourth ciphertext information comprises: a symmetric key and corresponding symmetric encryption algorithm encrypted using public key 1;
and decoding the fourth ciphertext information by using the private key A to obtain a symmetric key and a corresponding symmetric encryption algorithm.
5. The method as claimed in claim 2, wherein when the first terminal is a PC terminal or a Web terminal, the obtaining the public key2 and the authentication information of the second terminal includes:
establishing connection with a third client, wherein the third client and the second terminal establish a trust relationship;
and receiving authentication information sent by the third client, wherein the authentication information is an authorization code or an invitation code generated by the second terminal, and the authorization code or the invitation code includes the public key 2.
6. The method of claim 5, wherein when the first terminal is a PC terminal or a Web terminal, the obtaining of the access _ token, the symmetric key and the corresponding symmetric encryption algorithm returned by the second terminal comprises:
generating a set of temporary symmetric keys;
under the trusted environment, the first ciphertext information is sent to the third client, so that the second terminal generates an access _ token based on the first ciphertext information sent by the third client and the identification information of the first terminal, and sends the access _ token, the symmetric key and the corresponding symmetric encryption algorithm to the first terminal, wherein the first ciphertext information further comprises: the temporary symmetric key encrypted using the public key 2.
7. The method of claim 1, wherein the third ciphertext information is derived based on the second ciphertext information and the symmetric key included in the access token that is encrypted by a public key 2:
verifying the first terminal identity information in the access _ token;
decrypting the symmetric key encrypted by the public key2 in the authenticated access _ token by using a private key keyB corresponding to the public key 2;
decrypting the second ciphertext information using the symmetric key to obtain the data request information;
obtaining data response information based on the data request information;
and encrypting the data response information by using the symmetric key and the corresponding symmetric encryption algorithm to generate third ciphertext information.
8. A storage medium having a computer program stored thereon, wherein the computer program is arranged to, when executed, perform the method of any of claims 1-6.
9. A terminal, characterized in that it comprises a memory in which a computer program is stored and a processor arranged to run the computer program to perform the method according to any of claims 1-6.
10. A communication system for end-to-end encryption comprises a first terminal and a second terminal,
the first terminal is used for acquiring a public key2 and authentication information of the second terminal in a trusted environment; sending the first ciphertext information to the second terminal to obtain an access _ token, a symmetric key and a corresponding symmetric encryption algorithm returned by the second terminal, wherein the first ciphertext information comprises: the authentication information encrypted using the public key2, the access token having the symmetric key therein encrypted by a public key 2; sending the access _ token and the second ciphertext information to the second terminal to obtain third ciphertext information returned by the second terminal, wherein the second ciphertext information comprises: data request information encrypted using the symmetric key; decrypting the third ciphertext information using the symmetric key and a corresponding symmetric encryption algorithm to obtain the data response information;
the second terminal is used for generating a public and private key pair; obtaining an access _ token, a symmetric key and a corresponding symmetric encryption algorithm according to the first ciphertext information; and obtaining the third ciphertext information based on the second ciphertext information and the symmetric key encrypted by the public key2 contained in the access _ token.
CN202210193962.8A 2022-03-01 2022-03-01 Communication method and system for end-to-end encryption Active CN114531235B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210193962.8A CN114531235B (en) 2022-03-01 2022-03-01 Communication method and system for end-to-end encryption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210193962.8A CN114531235B (en) 2022-03-01 2022-03-01 Communication method and system for end-to-end encryption

Publications (2)

Publication Number Publication Date
CN114531235A true CN114531235A (en) 2022-05-24
CN114531235B CN114531235B (en) 2023-06-13

Family

ID=81626135

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210193962.8A Active CN114531235B (en) 2022-03-01 2022-03-01 Communication method and system for end-to-end encryption

Country Status (1)

Country Link
CN (1) CN114531235B (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106506470A (en) * 2016-10-31 2017-03-15 大唐高鸿信安(浙江)信息科技有限公司 network data security transmission method
US20170208045A1 (en) * 2014-09-24 2017-07-20 Samsung Electronics Co., Ltd. Method, apparatus and system for secure data communication
CN108809936A (en) * 2018-04-20 2018-11-13 山东大学 A kind of intelligent mobile terminal auth method and its realization system based on Hybrid Encryption algorithm
US20200059470A1 (en) * 2012-02-02 2020-02-20 Josiah Johnson Umezurike Industrial internet encryption system
CN111193695A (en) * 2019-07-26 2020-05-22 腾讯科技(深圳)有限公司 Encryption method and device for third party account login and storage medium
CN111556025A (en) * 2020-04-02 2020-08-18 深圳壹账通智能科技有限公司 Data transmission method, system and computer equipment based on encryption and decryption operations
CN113225352A (en) * 2021-05-28 2021-08-06 国网绿色能源有限公司 Data transmission method and device, electronic equipment and storage medium
CN113489585A (en) * 2021-07-02 2021-10-08 北京明朝万达科技股份有限公司 Identity authentication method and system of terminal equipment, storage medium and electronic equipment

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20200059470A1 (en) * 2012-02-02 2020-02-20 Josiah Johnson Umezurike Industrial internet encryption system
US20170208045A1 (en) * 2014-09-24 2017-07-20 Samsung Electronics Co., Ltd. Method, apparatus and system for secure data communication
CN106506470A (en) * 2016-10-31 2017-03-15 大唐高鸿信安(浙江)信息科技有限公司 network data security transmission method
CN108809936A (en) * 2018-04-20 2018-11-13 山东大学 A kind of intelligent mobile terminal auth method and its realization system based on Hybrid Encryption algorithm
CN111193695A (en) * 2019-07-26 2020-05-22 腾讯科技(深圳)有限公司 Encryption method and device for third party account login and storage medium
CN111556025A (en) * 2020-04-02 2020-08-18 深圳壹账通智能科技有限公司 Data transmission method, system and computer equipment based on encryption and decryption operations
CN113225352A (en) * 2021-05-28 2021-08-06 国网绿色能源有限公司 Data transmission method and device, electronic equipment and storage medium
CN113489585A (en) * 2021-07-02 2021-10-08 北京明朝万达科技股份有限公司 Identity authentication method and system of terminal equipment, storage medium and electronic equipment

Non-Patent Citations (5)

* Cited by examiner, † Cited by third party
Title
LAI X: "International Data Encryption Algorithm", HEPATOLOGY *
任一新;: "网络信息安全中加密算法及应用研究", 中国信息化, no. 11 *
奚宇航;黄一平;苏检德;王淑沛;: "基于国密算法的即时通信加密软件系统的设计与实现", 计算机应用与软件, no. 06 *
孙建伟;樊柯辛;张守晨;: "智能燃气系统中的通信加密方法", 计算机系统应用, no. 06 *
濮琳;罗伟凡;夏喜林;王博;: "一种混合型数据传输加密技术研究", 信息技术与标准化, no. 11 *

Also Published As

Publication number Publication date
CN114531235B (en) 2023-06-13

Similar Documents

Publication Publication Date Title
US7688975B2 (en) Method and apparatus for dynamic generation of symmetric encryption keys and exchange of dynamic symmetric key infrastructure
US7584505B2 (en) Inspected secure communication protocol
KR100990320B1 (en) Method and system for providing client privacy when requesting content from a public server
US8627440B2 (en) PassThru for client authentication
US9055047B2 (en) Method and device for negotiating encryption information
US20020038420A1 (en) Method for efficient public key based certification for mobile and desktop environments
CN110932851B (en) PKI-based multi-party cooperative operation key protection method
JP2009529832A (en) Undiscoverable, ie secure data communication using black data
CN108809633B (en) Identity authentication method, device and system
WO2010078755A1 (en) Method and system for transmitting electronic mail, wlan authentication and privacy infrastructure (wapi) terminal thereof
JP2008250931A (en) System for restoring distributed information, information utilizing device, and verification device
KR100860573B1 (en) Method for User Authentication
KR101531662B1 (en) Method and system for mutual authentication between client and server
WO2005088892A1 (en) A method of virtual challenge response authentication
CN113779619B (en) Ceph distributed object storage system encryption and decryption method based on cryptographic algorithm
KR20090098542A (en) Encryption data communication system using proxy and method for encryption data communication thereof
US7360238B2 (en) Method and system for authentication of a user
US20060053288A1 (en) Interface method and device for the on-line exchange of content data in a secure manner
KR100984275B1 (en) Method for generating secure key using certificateless public key in insecure communication channel
TW200803392A (en) Method, device, server arrangement, system and computer program products for securely storing data in a portable device
KR20070035342A (en) Method for mutual authentication based on the user's password
KR20040105064A (en) Key-exchange protocol method for mobile communication system
CN112035820B (en) Data analysis method used in Kerberos encryption environment
CN114531235B (en) Communication method and system for end-to-end encryption
CN103312671A (en) Method and system for verifying server

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant