WO2015117333A1 - Procédé et appareil de traitement d'informations, dispositif de chiffrement et support d'enregistrement informatique - Google Patents

Procédé et appareil de traitement d'informations, dispositif de chiffrement et support d'enregistrement informatique Download PDF

Info

Publication number
WO2015117333A1
WO2015117333A1 PCT/CN2014/087166 CN2014087166W WO2015117333A1 WO 2015117333 A1 WO2015117333 A1 WO 2015117333A1 CN 2014087166 W CN2014087166 W CN 2014087166W WO 2015117333 A1 WO2015117333 A1 WO 2015117333A1
Authority
WO
WIPO (PCT)
Prior art keywords
terminal
information
encryption
encrypted
encryption device
Prior art date
Application number
PCT/CN2014/087166
Other languages
English (en)
Chinese (zh)
Inventor
任鹏
Original Assignee
中兴通讯股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 中兴通讯股份有限公司 filed Critical 中兴通讯股份有限公司
Publication of WO2015117333A1 publication Critical patent/WO2015117333A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0471Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying encryption by an intermediary, e.g. receiving clear information at the intermediary and encrypting the received information at the intermediary before forwarding
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/037Protecting confidentiality, e.g. by encryption of the control plane, e.g. signalling traffic

Definitions

  • the present invention relates to encryption technologies, and in particular, to an information processing method and apparatus, an encryption device, and a computer storage medium.
  • the management software steals sensitive information due to its own authority
  • the software itself has artificial or unintentional loopholes, used by other software to launch attacks; for mobile phone enthusiasts, especially after the Root mobile phone, the application itself can enhance their own permissions without the user confirmation, An attack that cannot be completed before the upgrade is completed.
  • IMEI International Mobile Equipment Identity
  • IMSI International Mobile Subscriber Identification Number
  • GPS Global Positioning System
  • mobile terminals are usually equipped with a variety of sensor devices, such as GPS, microphone (MIC), camera, etc., which can be used by attackers to steal private information such as user's location, sound, and images in real time.
  • embodiments of the present invention provide an information processing method and apparatus, an encryption device, and a computer storage medium.
  • An embodiment of the present invention provides an information processing method, including:
  • Determining that the device accessed through the peripheral interface of the terminal is an encryption device that matches the terminal
  • Encryption related processing is performed on the information on the terminal.
  • the device that is determined to be connected to the peripheral interface of the terminal is an encryption device that matches the terminal, and includes:
  • the encrypting related processing on the information on the terminal includes at least one of the following:
  • Encryption-related functional settings are performed on the terminal.
  • the encrypting related information on the information on the terminal includes:
  • the encrypting and processing the information on the terminal includes:
  • the encrypted audio data is sent through the radio unit of the terminal.
  • the encrypting and processing the information on the terminal includes:
  • the voiceprint information of the user is collected by using the encryption device matched with the terminal, and the information to be encrypted is encrypted by using the collected voiceprint information.
  • the embodiment of the invention also discloses an information processing method, including:
  • the encryption device After the encryption device accesses the terminal through the peripheral interface of the terminal, the encryption device collects the voiceprint information of the user;
  • the encryption device encrypts the information that needs to be encrypted on the terminal that matches the user by using the collected voiceprint information of the user, or encrypts the collected voiceprint information of the user.
  • the embodiment of the invention further provides an information processing device, comprising: a determining unit and a processing unit; wherein
  • the determining unit is configured to determine that the device accessed through the peripheral interface of the terminal is an encryption device that matches the terminal, and determines that the device accessed through the peripheral interface of the terminal is an encryption device that matches the terminal. Triggering the processing unit;
  • the processing unit is configured to perform encryption related processing on the information on the terminal after receiving the trigger of the determining unit.
  • the determining unit includes: a detecting module, a first determining module, and a second determining Fixed module; among them,
  • the detecting module is configured to trigger the first determining module when a device that accesses the terminal through the peripheral interface is detected;
  • the first determining module is configured to trigger the second determining module when determining that the accessed device is an encryption device
  • the second determining module is configured to trigger the processing unit when the hardware identifier of the encryption device matches the encrypted information identifier saved on the terminal, after receiving the trigger of the first determining module.
  • the processing unit includes: a recording module, a prompting module, and a deleting module;
  • the recording module is configured to: when the security time limit function is set on the terminal, record each use situation of the encryption device that matches the terminal, and start timing;
  • the prompting module is configured to prompt the user to perform a corresponding operation when the duration of the timing reaches a preset security time limit
  • the deleting module is configured to delete all the encrypted information on the terminal after receiving the indication that the user performs the operation within the preset duration.
  • the processing unit includes: a first shutdown module and a first control module; wherein
  • the first shutdown module is configured to close the microphone that is provided by the terminal when the encrypted audio data needs to be encrypted, and disable all recording and collection functions of the terminal;
  • the first control module is configured to collect audio data of the user by using the encryption device matched with the terminal, and perform encryption processing on the collected audio data; and pass the encrypted audio data to the radio unit of the terminal. issue.
  • the processing unit includes: a second shutdown module and a second control module; wherein
  • the second shutdown module is configured to close the microphone that is provided by the terminal, and disable all recording and collection functions of the terminal;
  • the second control module is configured to collect the voiceprint information of the user by using the encryption device matched with the terminal, and perform encryption processing on the information that needs to be encrypted by using the collected voiceprint information.
  • An embodiment of the present invention further provides an encryption device, including: an acquisition unit and an encryption unit;
  • the collecting unit is configured to collect the voiceprint information of the user after the encryption device accesses the terminal through the peripheral interface of the terminal;
  • the encryption unit is configured to perform encryption processing on the information that needs to be encrypted on the terminal by using the collected voiceprint information of the user, or configured to perform encryption processing on the collected voiceprint information of the user.
  • the encryption device further includes: a storage unit configured to store important feature data of the user.
  • the encryption device further includes: a control unit configured to control work between the collection unit and the encryption unit.
  • control unit is further configured to control power of the encryption device.
  • An embodiment of the present invention further provides a computer storage medium, the computer storage medium comprising a set of instructions that, when executed, cause at least one processor to perform an information processing method as described above.
  • the information processing method and device, the encryption device, and the computer storage medium of the embodiment of the present invention encrypt the information on the terminal when the device accessed through the peripheral interface of the terminal is an encryption device that matches the terminal.
  • the encryption device is connected to the terminal through a terminal peripheral interface access form such as a headphone interface, a data interface, a near field communication (NFC, Near Field Communication) interface, a WIFI interface, or a Bluetooth interface.
  • a terminal peripheral interface access form such as a headphone interface, a data interface, a near field communication (NFC, Near Field Communication) interface, a WIFI interface, or a Bluetooth interface.
  • NFC Near Field Communication
  • WIFI Wireless Fidelity
  • FIG. 1 is a schematic flow chart of an information processing method according to an embodiment of the present invention.
  • FIG. 2 is a schematic flowchart of a method for processing information in a terminal according to Embodiment 3 of the present invention
  • FIG. 3 is a schematic flowchart of a method for processing information in a terminal after the terminal is lost according to Embodiment 4 of the present invention
  • FIG. 4 is a schematic flowchart of a method for implementing a call process security protection according to Embodiment 5 of the present invention.
  • FIG. 5 is a schematic flowchart of a method for encrypting and processing data according to a voiceprint password according to Embodiment 6 of the present invention.
  • FIG. 6 is a schematic structural diagram of an information processing apparatus according to Embodiment 7 of the present invention.
  • FIG. 7 is a schematic structural diagram of an eighth encryption device according to an embodiment of the present invention.
  • FIG. 8a is a schematic diagram showing the appearance of an encryption device in an actual application according to Embodiment 8 of the present invention.
  • FIG. 8b is a schematic diagram of an internal integration module of an encryption device in an actual application according to Embodiment 8 of the present invention.
  • hard encryption refers to the software to be protected and the hardware encryption lock, some important information, such as encryption key, sensitive data, Authorization files, custom algorithms, etc. are stored in the encryption lock.
  • Hard encryption has the incomparable advantages of soft encryption, such as high encryption strength, good encryption performance, and encryption mode. Live and so on.
  • Soft encryption means: before the mobile terminal sends the information, first calls the information security module to encrypt the information to be sent, and then sends the encrypted information; after receiving the encrypted information, the receiver decrypts using the corresponding decryption software, thereby obtaining Received information.
  • the implementation of soft encryption has the advantages of existing standard security application programming interface (API, Application Programming Interface) products, convenient implementation, good compatibility, etc., but also has some shortcomings, such as: the key management is very complicated. This is also a problem in the implementation of security API products. From the perspective of several existing security API products, the key distribution protocol has defects; in addition, since the implementation of using software encryption is encrypted inside the user's computer, It is easy to provide an attacker with an opportunity to use an analysis program to track, decompile, etc. to attack.
  • API Application Programming Interface
  • the information on the terminal is subjected to encryption related processing.
  • the information processing method of the embodiment of the present invention includes the following steps:
  • Step 101 Determine that the device accessed through the peripheral interface of the terminal is an encryption device that matches the terminal.
  • the hardware identifier of the encryption device When it is determined that the hardware identifier of the encryption device does not match the encrypted information identifier stored on the terminal, it indicates that the accessed encryption device is not an encryption device that matches the terminal. At this time, no operation is performed.
  • Step 102 Perform encryption related processing on the information on the terminal.
  • this step may include at least one of the following:
  • Encryption-related functional settings are performed on the terminal.
  • the corresponding operations on the encrypted information on the terminal may be: copying, migrating, deleting, decrypting, storing, etc.; all the encrypted information may be randomly transferred, and the original can still be replaced after the terminal is replaced.
  • the encrypted information is read, modified, and the like; for the existing encryption method, such as the T-card soft encryption mode, the solution of the embodiment of the present invention, the encrypted information is not restricted by the terminal, and can be migrated at any time, and the user replaces the terminal. After the encrypted information could not be read.
  • the function setting related to encryption on the terminal may be: setting a security time limit, whether to start an information security processing flow, and the like.
  • the encrypting related processing on the information on the terminal includes:
  • the user does not receive the indication that the operation is performed within the preset duration, it indicates that the terminal has been lost. After the encrypted information on the terminal is deleted, when the terminal is lost, the other party cannot obtain the encrypted information in the terminal. .
  • the information about the information on the terminal is encrypted, and specifically includes:
  • the encrypted audio data is sent through the radio unit of the terminal.
  • the receiving end needs to access an encryption device that matches the encryption device of the sending end.
  • the receiving end can decrypt the received audio data by using an encryption device connected to the receiving end. So that the receiving end can recognize the received audio data.
  • the encrypting and processing the information on the terminal specifically:
  • the voiceprint information of the user is collected by using the encryption device matched with the terminal, and the information to be encrypted is encrypted by using the collected voiceprint information.
  • the information encrypted by the collected voiceprint information can be arbitrarily transmitted, and the user only needs to decrypt by voiceprint information when using.
  • the encrypted information on the terminal may be sent by the radio unit of the terminal; correspondingly, the receiving end needs to access an encryption device matching the encryption device of the sending end, so that when receiving After receiving the encrypted information, the terminal may use the encryption device accessing the receiving end to decrypt the received information, so that the receiving end can recognize the received information.
  • the information processing method of the embodiment of the present invention when determining that the device accessed through the peripheral interface of the terminal is an encryption device that matches the terminal, performs encryption related processing on the information on the terminal, and the encryption device passes the terminal peripheral interface.
  • the encryption device With terminal access, because the encryption device needs to be used together, the information on the terminal can be encrypted and processed, that is, the form of hard encryption and software encryption is adopted, and the encryption reliability is higher, so that the individual in the terminal can be effectively guaranteed. Information security.
  • the encrypted information is operated accordingly; thus, all the encrypted information can be freely migrated, and the original encrypted information can still be read and modified after the terminal is replaced; the encryption related functional setting is performed on the terminal, when the terminal After the loss, the terminal needs to cooperate with the encryption device to obtain the encrypted information, and also deletes the encrypted information on the terminal, so that others cannot obtain the encrypted data in the terminal.
  • the encryption device and the terminal are separately arranged, so that even if the terminal is attacked, since the information on the terminal has been encrypted, the encrypted information on the terminal cannot be accessed; and the encryption device is separately set from the terminal, so that the encryption device can simultaneously.
  • the use of multiple terminals solves the shortcomings of many users currently using multiple terminals, and only one terminal has an encryption function; in addition, when the user has multiple terminals, as long as the encryption device is not lost, the terminal will be deleted if the terminal is lost.
  • the encrypted information on the lost terminal ensures the secure processing of the encrypted information after the terminal is lost.
  • the separate arrangement of the encryption device and the terminal makes the cost lower than the existing hard encryption terminal.
  • the MIC of the terminal is turned off, and all recording and collecting functions of the terminal are disabled, and the audio data is collected by using the encryption device, that is, all the audio data to be transmitted can only be
  • the encryption device collects and encrypts the data, and transmits it through the radio unit of the terminal.
  • the receiving end does not have a corresponding encryption device, the receiving end cannot recognize the encrypted audio data; the encryption device can be paired or used one-to-many.
  • the receiving end only needs to use the encryption device with the same identification code, so that the encrypted audio data can be clearly restored, and the content of the conversation between the two parties is ensured.
  • there are already encryption products on the market which are mostly integrated in the terminal.
  • the content of the call can be secure, it is limited to the fixed paired terminal.
  • the solution of the embodiment of the present invention can be used as long as the encryption device is successfully paired. A secure call is not restricted by the terminal being used.
  • the MIC of the terminal When the information is encrypted by the voiceprint password, the MIC of the terminal is turned off, and all recording and collection functions of the terminal are disabled, and the voiceprint information, that is, all voiceprint information is collected by using the encryption device. It can only be collected by an encryption device, thus ensuring the voiceprint recognition
  • the uniformity of the preparation ensures the minimum difference of the voiceprint information collected each time, and also ensures the safety during the collection of the voiceprint information.
  • the information processing method of the embodiment of the present invention includes: after the encryption device accesses the terminal through the peripheral interface of the terminal, the encryption device collects the voiceprint information of the user; and the encryption device uses the collected voiceprint information of the user to encrypt the terminal.
  • the information is encrypted; or the collected voiceprint information of the user is encrypted.
  • the voiceprint information may be audio information of the user.
  • the manner in which the encryption device encrypts the information that needs to be encrypted on the terminal by using the voiceprint information of the collected user may be referred to as a voiceprint encryption method
  • the encryption device encrypts the collected voiceprint information
  • the encryption algorithm of the encryption device encrypts the collected voiceprint information, so this method can be called hard encryption.
  • This embodiment uses a mobile phone as an example to describe a method for processing information in a terminal. As shown in FIG. 2, the method includes the following steps:
  • Step 201 Detect whether a device is connected to the mobile phone, if yes, go to step 202, otherwise, go to step 205;
  • the identification process is started.
  • Step 202 Determine whether the accessed device is an encryption device, if yes, proceed to step 203, otherwise, perform step 205;
  • each encryption device has a unique identification code, such as the IMEI as the unique identification code of each encryption device, and determines whether the accessed device encrypts the device by acquiring the unique identification code of the encryption device.
  • a unique identification code such as the IMEI as the unique identification code of each encryption device
  • Step 203 Determine whether the hardware identifier of the encryption device matches the saved encrypted information identifier. If yes, go to step 204, otherwise, go to step 205;
  • the supporting software matched with the encryption device on the mobile phone is started, and the supporting software determines whether the hardware identifier of the encryption device matches the saved encrypted information identifier.
  • the hardware identifier of the encryption device matches the saved encryption information identifier, it indicates that the encrypted device that is accessed is an encryption device that matches the mobile phone, and the encryption device can be used to process related information on the mobile phone, if the hardware identifier of the encryption device is If the stored encrypted information identifier does not match, it indicates that the encrypted device that is accessed is not an encrypted device that matches the mobile phone, and cannot process related information on the mobile phone.
  • Step 204 Perform encryption-related processing on the information on the mobile phone
  • the hardware identifier of the encryption device matches the saved encryption information identifier
  • the information may be fed back to the user interface (UI, User Interface) of the mobile phone to prompt the user.
  • UI User Interface
  • the information on the mobile phone may be subjected to encryption related processing; wherein the processing related to encrypting the information on the mobile phone may include: performing any operation on the encrypted information in the mobile phone, The encrypted information is encrypted, and the supporting software is functionally set;
  • any operation is performed on the encrypted information in the mobile phone, such as copying, migrating, deleting, decrypting, storing, etc.
  • the operations involving information encryption and decryption are performed by an encryption device.
  • the information that needs to be encrypted and decrypted may include: text information, picture information, and the like.
  • Step 205 No operation is performed.
  • the supporting software monitors the encrypted device in real time, and once it detects that the encrypted device is pulled out, immediately stops all operations and closes Closed mobile phone LCD (Liquid Crystal Display), all encrypted information will not be able to be read and operated.
  • LCD Liquid Crystal Display
  • the supporting software can be installed on one or more mobile phones at the same time; the user only needs to pair with the encryption device when using the first time, so that a device can encrypt the information of multiple mobile phones.
  • a mobile phone is taken as an example to describe a method for processing information in a terminal after the terminal is lost. As shown in FIG. 3, the method includes the following steps:
  • Step 300 Set a security time limit function on the supporting software matched with the encryption device.
  • the user can set the security time limit on the supporting software, and set the security time limit function after setting the security time limit; wherein, the security time limit can be set as needed, for example, setting the security time limit to one week.
  • Step 301 After setting the security time limit function on the supporting software matched with the encryption device, the supporting software records the usage of each encryption device, and starts timing;
  • the usage of the recorded encryption device mainly includes: the usage time of the device is encrypted each time.
  • Step 302 When the duration of the timing reaches the set security time duration, the UI prompts the user that the security time limit has arrived, and prompts the user to perform the corresponding operation, and then proceeds to step 303;
  • the supporting software restarts timing when the time when the encryption device is currently used is longer than the time when the encryption device is used last time.
  • the security mechanism When the duration of the timing reaches the set security time limit, the security mechanism is activated, so that the user security time limit has been reached through the UI, prompting the user to perform the corresponding operation.
  • the prompt operation may be preset in the supporting software, for example, the short message notifies the preset security mobile phone, or uploads the encrypted information to a preset security email.
  • Step 303 After receiving the instruction that the user performs the operation within the preset time period, the supporting software Delete all encrypted information on your phone.
  • the user after the user is prompted, if the user does not receive an instruction to perform the operation within the preset time period, the user has not performed any operation. In this case, the mobile phone may be considered to be lost, and the user is unable to use the mobile phone.
  • the companion software will delete all encrypted information on the phone.
  • a mobile phone is taken as an example to describe a method for implementing security protection of a call process by encrypting voiceprint information. As shown in FIG. 4, the method includes the following steps:
  • Step 401 Detect whether a device is connected to the mobile phone, if yes, proceed to step 402, otherwise, perform step 409;
  • the identification process is started.
  • Step 402 Determine whether the accessed device is an encryption device, if yes, proceed to step 403, otherwise, perform step 409;
  • each encryption device has a unique identification code, such as the IMEI as the unique identification code of each encryption device, and determines whether the accessed device encrypts the device by acquiring the unique identification code of the encryption device.
  • a unique identification code such as the IMEI as the unique identification code of each encryption device
  • Step 403 Determine whether the hardware identifier of the encryption device matches the saved encryption information identifier, if yes, go to step 404, otherwise, go to step 409;
  • the supporting software matched with the encryption device on the mobile phone is started, and the supporting software determines whether the hardware identifier of the encryption device matches the saved encrypted information identifier.
  • the hardware identifier of the encryption device matches the saved encryption information identifier, it indicates that the encrypted device that is accessed is an encryption device that matches the mobile phone, and the encryption device can be used to process related information on the mobile phone, if the hardware identifier of the encryption device is If the stored encrypted information identifier does not match, it indicates that the encrypted device that is accessed is not an encrypted device that matches the mobile phone, and cannot process related information on the mobile phone.
  • the performing related processing of the information on the mobile phone means: when the user initiates a voice call, encrypting the voice information.
  • Step 404 When the user initiates a voice call, it is determined whether to activate the call protection function, and if so, step 405 is performed, otherwise step 408 is performed;
  • the UI prompts the user whether to activate the call protection function, and after receiving the user's instruction to start the call protection function, step 405 is performed, and after receiving the instruction that the user does not activate the call protection function, step 408 is performed.
  • the call protection function can only be performed between two encrypted devices that have already been paired, that is, two mobile devices that have been paired are connected to the mobile phone as the sender and the mobile phone as the recipient.
  • Step 405 The supporting software turns off the MIC of the mobile phone, and disables all recording and collecting functions of the mobile phone, and then performs step 406;
  • the accessory software when receiving the indication that the user initiates the call protection function, the accessory software enters the call protection mode.
  • Step 406 After the call is established, the encryption device collects audio data of the user, and performs encryption processing on the collected audio data.
  • the encrypted audio data has no content to be recognized, and must be decrypted to be recognized.
  • Step 407 Send the encrypted audio data to the radio unit of the mobile phone
  • the hardware identifier of the encryption device corresponding to the encrypted audio data is read, and it is determined whether the read hardware identifier matches the hardware identifier of the local encryption device, and the matching is determined.
  • Decrypting the received audio data by using a local encryption device that is, restoring the received audio data, thereby identifying the audio data; determining When there is no match, the received audio data cannot be restored, and the received audio data cannot be recognized.
  • Both the calling party and the called party process the audio data in the above manner, so that the two communicating mobile phones establish an environment for encrypted calls.
  • Step 408 The mobile phone performs a normal voice call.
  • Step 409 No operation is performed.
  • the unique identification code of the encryption device can be sent to the pair to be matched by using the supporting software or generating a two-dimensional code.
  • the other is connected to the mobile phone with the encryption device, so that the two mobile phones with access to the encryption device are matched. Since the unique identification code of the encryption device needs to be used together with the encryption device, even if the unique identification code is intercepted by a third party, or the unique identification code is leaked, it cannot be used.
  • the supporting software can mark the corresponding names and permissions of the paired mobile phones with the encrypted device, and in this way, one-to-one or one-to-many pairing can be quickly realized.
  • the two mobile phones that have been paired with the encryption device can also send all the information except the audio data, such as picture information, short message information, and the like.
  • a mobile phone is taken as an example to describe a method for performing encryption related processing on data by a voiceprint password. As shown in FIG. 5, the method includes the following steps:
  • Step 501 Detect whether a device is connected to the mobile phone, if yes, go to step 502, otherwise, go to step 506;
  • the identification process is started.
  • Step 502 Determine whether the accessed device is an encryption device, if yes, go to step 503, otherwise, go to step 506;
  • each encryption device has a unique identification code, such as the IMEI as the unique identification code of each encryption device, and determines whether the accessed device encrypts the device by acquiring the unique identification code of the encryption device.
  • a unique identification code such as the IMEI as the unique identification code of each encryption device
  • Step 503 Determine whether the hardware identifier of the encryption device matches the saved encryption information identifier, if yes, go to step 504, otherwise, go to step 506;
  • the supporting software matched with the encryption device on the mobile phone is started, and the supporting software determines whether the hardware identifier of the encryption device matches the saved encrypted information identifier.
  • the hardware identifier of the encryption device matches the saved encryption information identifier, it indicates that the encrypted device that is accessed is an encryption device that matches the mobile phone, and the encryption device can be used to process related information on the mobile phone, if the hardware identifier of the encryption device is If the stored encrypted information identifier does not match, it indicates that the encrypted device that is accessed is not an encrypted device that matches the mobile phone, and cannot process related information on the mobile phone.
  • the performing related processing of the information on the mobile phone refers to: performing encryption processing on the information.
  • Step 504 When it is determined that the voiceprint encryption mode is adopted, the supporting software turns off the MIC of the mobile phone, and disables all the recording and collecting functions of the mobile phone, and then performs step 505;
  • the encryption device may be in two encryption modes, namely a hard encryption mode and a voiceprint encryption mode; wherein, the hard encryption mode refers to: directly using an encryption algorithm of the encryption device to perform encryption processing; the voiceprint encryption method refers to: using acquisition The voiceprint information is encrypted.
  • Step 505 The encryption device collects the voiceprint information of the user, and encrypts the information that needs to be encrypted by using the collected voiceprint information.
  • the encrypted information has no way to identify the content, and must be decrypted before it can be recognized. do not.
  • the information that needs to be encrypted is successfully encrypted by voiceprint information, it can be transmitted between the mobile phone and the mobile phone, or between the mobile phone and the computer. Users only need to decrypt the voiceprint information.
  • Step 506 No operation is performed.
  • the present embodiment provides an information processing apparatus.
  • the apparatus includes: a determining unit 61 and a processing unit 62;
  • the determining unit 61 is configured to determine that the device accessed through the peripheral interface of the terminal is an encryption device that matches the terminal, and when determining that the device accessed through the peripheral interface of the terminal is an encryption device that matches the terminal , trigger processing unit 62;
  • the processing unit 62 is configured to perform encryption related processing on the information on the terminal after receiving the trigger of the determining unit 61.
  • the determining unit 61 further includes: a detecting module, a first determining module, and a second determining module; wherein
  • a detecting module configured to trigger the first determining module when a device that accesses the terminal through the peripheral interface is detected
  • a first determining module configured to: when determining that the accessed device is an encrypted device, triggering a second determining module;
  • the second determining module is configured to trigger the processing unit 62 when it is determined that the hardware identifier of the encryption device matches the encrypted information identifier saved on the terminal after receiving the trigger of the first determining module.
  • the first determining module when it is determined that the accessed device is not an encrypted device, the first determining module does not perform any operation.
  • the encrypted device that is accessed is not the encryption device that matches the terminal.
  • the second determining module does not perform any operation.
  • the specific implementation of the encryption related processing on the information on the terminal may include at least one of the following:
  • Encryption-related functional settings are performed on the terminal.
  • the corresponding operations on the encrypted information on the terminal may be: copying, migrating, deleting, decrypting, storing, etc.; all the encrypted information may be randomly transferred, and the original can still be replaced after the terminal is replaced.
  • the encrypted information is read, modified, and the like; for the existing encryption method, such as the T-card soft encryption mode, the solution of the embodiment of the present invention, the encrypted information is not restricted by the terminal, and can be migrated at any time, and the user replaces the terminal. After the encrypted information could not be read.
  • the function setting related to encryption on the terminal may be: setting a security time limit, whether to start an information security processing flow, and the like.
  • the processing unit 62 includes: a recording module, a prompting module, and a deleting module;
  • a recording module configured to record each use situation of the encryption device that matches the terminal, and start timing
  • the prompting module is configured to prompt the user to perform corresponding operations when the duration of the timing reaches a preset security time limit
  • the module is deleted, and all the encrypted information on the terminal is deleted after the user does not receive the instruction to perform the operation within the preset duration.
  • the terminal does not receive the indication that the user performs the operation within the preset duration, it indicates that the terminal has been lost.
  • the deletion module deletes the encrypted information on the terminal, when the terminal is lost, the other party cannot obtain the already Encrypt information.
  • the processing unit 62 may include: a first shutdown module and a first control module; wherein
  • a first shutdown module configured to turn off the MIC that is provided by the terminal, and disable all recording and collection functions of the terminal
  • the first control module is configured to collect the audio data of the user by using the encryption device matched with the terminal, and perform encryption processing on the collected audio data; and send the encrypted audio data to the radio unit of the terminal.
  • the receiving end needs to access an encryption device that matches the encryption device of the sending end.
  • the receiving end can decrypt the received audio data by using an encryption device connected to the receiving end. So that the receiving end can recognize the received audio data.
  • the processing unit 62 may include: a second shutdown module and a second control module; wherein
  • a second shutdown module configured to turn off the MIC that is provided by the terminal, and disable all recording and collection functions of the terminal
  • the second control module is configured to collect the voiceprint information of the user by using the encryption device matched with the terminal, and perform encryption processing on the information that needs to be encrypted by using the collected voiceprint information.
  • the information encrypted by the collected voiceprint information can be arbitrarily transmitted, and the user only needs to decrypt by voiceprint information when using.
  • the encrypted information on the terminal may be sent by the radio unit of the terminal; correspondingly, the receiving end needs to access an encryption device matching the encryption device of the sending end, so that when receiving After receiving the encrypted information, the terminal may use the encryption device accessing the receiving end to decrypt the received information, so that the receiving end can recognize the received information.
  • the detecting module, the first determining module, the second determining module, the recording module, the deleting module, the first closing module, the first control module, the second closing module, and the second control module It can be implemented by a processor (CPU, Central Processing Unit), a digital signal processor (DSP) or a Field-Programmable Gate Array (FPGA) in the information processing device; the prompting module can be used in the information processing device Display implementation.
  • a processor Central Processing Unit
  • DSP digital signal processor
  • FPGA Field-Programmable Gate Array
  • the processing unit when the determining unit determines that the device accessed through the peripheral interface of the terminal is an encryption device that matches the terminal, the processing unit performs encryption related processing on the information on the terminal, and the encryption device Through the peripheral interface of the terminal and the terminal access, because the encryption device needs to be used together, the information on the terminal can be encrypted and processed, that is, the form of hard encryption and software encryption is adopted, and the encryption reliability is higher, so that the information can be effectively Ensure the security of personal information in the terminal.
  • the processing unit when it is determined that the encryption device matched with the terminal has accessed the terminal, the processing unit performs corresponding operations on the encrypted information on the terminal; thus, all the encrypted information can be freely migrated, and the original encryption can still be performed after the terminal is replaced.
  • the information is read and modified; the functional setting related to encryption is performed on the terminal. After the terminal is lost, the encrypted information can be obtained because the terminal needs to cooperate with the encryption device, and the encrypted information is also deleted. Encrypted information, so that others cannot obtain encrypted data in the terminal.
  • the encryption device and the terminal are separately arranged, so that even if the terminal is attacked, since the information on the terminal has been encrypted, the encrypted information on the terminal cannot be accessed; and the encryption device is separately set from the terminal, so that the encryption device can simultaneously.
  • the use of multiple terminals solves the shortcomings of many users currently using multiple terminals, and only one terminal has an encryption function; in addition, when the user has multiple terminals, as long as the encryption device is not lost, the terminal will be deleted if the terminal is lost.
  • the encrypted information on the lost terminal ensures the secure processing of the encrypted information after the terminal is lost.
  • the separate arrangement of the encryption device and the terminal makes the cost lower than the existing hard encryption terminal.
  • the first shutdown module turns off the MIC that is provided by the terminal, and disables all recording and collection functions of the terminal, and the first control module utilizes
  • the secret device collects audio data, that is, all audio data to be transmitted can only be collected and encrypted by the encryption device, and transmitted through the radio unit of the terminal.
  • the receiving end does not have a corresponding encryption device, the receiving end cannot The encrypted audio data is identified; the encryption device can be paired or used one-to-many, and the receiving end only needs to use the encryption device with the same identification code, so that the encrypted audio data can be clearly restored, and the content of the conversation between the two parties is ensured.
  • there are already encryption products on the market which are mostly integrated in the terminal.
  • the content of the call can be secure, it is limited to the fixed paired terminal.
  • the solution of the embodiment of the present invention can be used as long as the encryption device is successfully paired. A secure call is not restricted by the terminal being used.
  • the second shutdown module turns off the MIC that is provided by the terminal, and disables all recording and collection functions of the terminal, and the second control module uses the encryption device to collect the voiceprint.
  • Information that is, all voiceprint information can only be collected by the encryption device, thus ensuring the uniformity of the voiceprint recognition device, ensuring the minimum difference of the voiceprint information collected each time, and also ensuring the security during the voiceprint information collection process. .
  • the embodiment provides an encryption device.
  • the encryption device includes: an acquisition unit 71 and an encryption unit 72;
  • the collecting unit 71 is configured to collect the voiceprint information of the user after the encryption device accesses the terminal through the peripheral interface of the terminal;
  • the encryption unit 72 is configured to perform encryption processing on the information that needs to be encrypted on the terminal by using the collected voiceprint information of the user, or configured to perform encryption processing on the collected voiceprint information of the user.
  • the voiceprint information may be audio information of the user.
  • the encryption unit 72 uses the collected voiceprint information of the user to encrypt the information that needs to be encrypted on the terminal, which may be referred to as a voiceprint encryption method.
  • the encryption unit 72 encrypts the collected voiceprint information by using an encryption device.
  • the encryption algorithm of the own encrypts the collected voiceprint information, so this method can be called hard encryption.
  • the encryption device may further include: a storage unit configured to store important feature data of the user; the storage unit may serve as an extended data storage of the user; wherein the important feature data is determined according to a user's needs.
  • the encryption device may further include: a control unit configured to control operations between the units including the acquisition unit 71 and the encryption unit 72; and may be further configured to control power of the encryption device to supply power to the encryption device.
  • the acquisition unit 71 can be implemented by an MIC in an encryption device, and the encryption unit 72 and the control unit can be implemented by a CPU, a DSP or an FPGA in the encryption device, and the storage unit can be implemented by a memory in the encryption device.
  • the specifications of the encryption device conform to the standards of the peripheral interface of the mobile phone, such as a headphone interface, a USB interface, a WIFI interface, a Bluetooth interface, an NFC interface, etc., accordingly, the encryption device can be wired and wireless.
  • the terminal When connecting to a terminal, when a different interface is used, in order to implement the function of the voice device to collect voiceprint information, the terminal needs to support the related audio protocol corresponding to the adopted interface; for example, the selected interface is a USB interface. In order to implement the function of the voice device to collect voiceprint information, the terminal itself needs to support the function of audio transmission through the USB interface.
  • the terminal in order to implement the function of the voice device to collect voiceprint information, the terminal needs to support the terminal itself.
  • the shape of the encryption device can be made into various accessories, such as earrings and other wearing jewelry, or can be hung in the storage sleeve of the key chain, which is convenient for the user to carry around, and can also be stored separately from the terminal when the user does not use it, Security.
  • the encryption device is internally integrated with an audio module, a hardware encryption module, a storage module, and an integrated control module; respectively corresponding to the acquisition unit, the encryption unit, the storage unit, and the control unit in FIG.
  • the audio module collects audio information by using the MIC itself, and simultaneously distinguishes the voiceprint information
  • the hardware encryption module is the core component of the encryption device, and has built-in Ukey hard encryption information for users.
  • the main encryption algorithm can be placed inside the hardware encryption module to ensure the security of the user information, and all data is encrypted and decrypted by the hardware encryption module;
  • the storage module has a built-in memory for storing user information and information on the terminal, and the internal memory can be used as a user extended data storage to store important feature data;
  • An integrated control module that controls the power of the encryption device while controlling the operation between the modules.
  • embodiments of the present invention can be provided as a method, system, or computer program product. Accordingly, the present invention can take the form of a hardware embodiment, a software embodiment, or a combination of software and hardware. Moreover, the invention can take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage and optical storage, etc.) including computer usable program code.
  • the computer program instructions can also be stored in a computer readable memory that can direct a computer or other programmable data processing device to operate in a particular manner, such that the instructions stored in the computer readable memory produce an article of manufacture comprising the instruction device.
  • the apparatus implements the functions specified in one or more blocks of a flow or a flow and/or block diagram of the flowchart.
  • These computer program instructions can also be loaded onto a computer or other programmable data processing device such that a series of operational steps are performed on a computer or other programmable device to produce computer-implemented processing for execution on a computer or other programmable device. Instructions are provided for implementation The steps of a function specified in a block or blocks of a flow or a flow and/or a block diagram of a flow chart.

Abstract

L'invention concerne un procédé de traitement d'informations consistant : à déterminer un dispositif accessible par l'intermédiaire d'une interface périphérique d'un terminal pour être un dispositif de chiffrement mis en correspondance avec le terminal ; et à effectuer le traitement de chiffrement associé sur des informations concernant le terminal. L'invention porte dans le même temps sur un appareil de traitement d'informations, un dispositif électronique et un support d'enregistrement informatique.
PCT/CN2014/087166 2014-07-16 2014-09-23 Procédé et appareil de traitement d'informations, dispositif de chiffrement et support d'enregistrement informatique WO2015117333A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201410337525.4 2014-07-16
CN201410337525.4A CN104158657A (zh) 2014-07-16 2014-07-16 一种信息处理方法、装置及加密设备

Publications (1)

Publication Number Publication Date
WO2015117333A1 true WO2015117333A1 (fr) 2015-08-13

Family

ID=51884071

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2014/087166 WO2015117333A1 (fr) 2014-07-16 2014-09-23 Procédé et appareil de traitement d'informations, dispositif de chiffrement et support d'enregistrement informatique

Country Status (2)

Country Link
CN (1) CN104158657A (fr)
WO (1) WO2015117333A1 (fr)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110933647A (zh) * 2019-11-28 2020-03-27 长城汽车股份有限公司 一种车载蓝牙控制方法、系统及车辆
CN111356044A (zh) * 2018-12-20 2020-06-30 Gn 奥迪欧有限公司 音频通信系统及操作音频通信系统的方法
CN111601310A (zh) * 2020-04-03 2020-08-28 厦门快商通科技股份有限公司 基于声纹识别的通话加密方法、系统及移动终端
CN111756532A (zh) * 2020-06-08 2020-10-09 西安万像电子科技有限公司 数据传输方法及装置

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105792097A (zh) * 2014-12-24 2016-07-20 希姆通信息技术(上海)有限公司 信息发送端、接收端及信息传输系统
CN110059452B (zh) * 2016-10-14 2020-12-22 杭州优稳自动化系统有限公司 一种加密狗装置
CN106487659B (zh) * 2016-10-20 2022-12-20 宇龙计算机通信科技(深圳)有限公司 信息加密方法、信息加密装置及终端
CN108696351A (zh) * 2018-05-04 2018-10-23 济南浪潮高新科技投资发展有限公司 一种基于量子真随机数的加密设备
CN108601008A (zh) * 2018-05-04 2018-09-28 济南浪潮高新科技投资发展有限公司 一种基于量子真随机数带蓝牙的加密设备
CN108429969B (zh) * 2018-05-28 2019-12-03 Oppo广东移动通信有限公司 音频播放方法、装置、终端、耳机及可读存储介质
CN108924144B (zh) * 2018-07-13 2020-12-22 Oppo广东移动通信有限公司 数据获取方法、数据获取系统、终端及诊断工具
CN109492384B (zh) * 2018-09-26 2021-07-20 成都卫士通信息产业股份有限公司 接收实体访问、访问密码设备的方法、密码设备和实体

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101221519A (zh) * 2008-01-02 2008-07-16 青岛海信移动通信技术股份有限公司 一种处理器系统中闪存存储器的读写调试方法
CN203313411U (zh) * 2013-06-08 2013-11-27 山东量子科学技术研究院有限公司 一种即插即用式便携通话保密设备

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100426220C (zh) * 2001-12-29 2008-10-15 中兴通讯股份有限公司 在通信系统中利用单片机实现软件下载的装置及其方法
EP1913509B1 (fr) * 2005-08-05 2011-10-19 Hewlett-Packard Development Company, L.P. Systeme, procede et dispositif permettant d'obtenir une cle de chiffrement/dechiffrement/recuperation de donnees aupres d'un systeme de gestion de cle cryptographique d'entreprise
CN100461105C (zh) * 2007-02-01 2009-02-11 中兴通讯股份有限公司 一种智能化设备软件升级与修复的方法和系统
CN102436568B (zh) * 2010-09-29 2014-12-17 苏州慧尔科技发展有限公司 具有存储功能的计算机外置加密装置及其加密、解密方法

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101221519A (zh) * 2008-01-02 2008-07-16 青岛海信移动通信技术股份有限公司 一种处理器系统中闪存存储器的读写调试方法
CN203313411U (zh) * 2013-06-08 2013-11-27 山东量子科学技术研究院有限公司 一种即插即用式便携通话保密设备

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111356044A (zh) * 2018-12-20 2020-06-30 Gn 奥迪欧有限公司 音频通信系统及操作音频通信系统的方法
CN111356044B (zh) * 2018-12-20 2023-11-21 Gn 奥迪欧有限公司 音频通信系统及操作音频通信系统的方法
CN110933647A (zh) * 2019-11-28 2020-03-27 长城汽车股份有限公司 一种车载蓝牙控制方法、系统及车辆
CN110933647B (zh) * 2019-11-28 2022-09-30 长城汽车股份有限公司 一种车载蓝牙控制方法、系统及车辆
CN111601310A (zh) * 2020-04-03 2020-08-28 厦门快商通科技股份有限公司 基于声纹识别的通话加密方法、系统及移动终端
CN111756532A (zh) * 2020-06-08 2020-10-09 西安万像电子科技有限公司 数据传输方法及装置

Also Published As

Publication number Publication date
CN104158657A (zh) 2014-11-19

Similar Documents

Publication Publication Date Title
WO2015117333A1 (fr) Procédé et appareil de traitement d'informations, dispositif de chiffrement et support d'enregistrement informatique
JP6938702B2 (ja) 通信保護を備えた聴覚装置および関連する方法
US10038676B2 (en) Call encryption systems and methods
CN104486083A (zh) 监控录像处理方法及装置
WO2015158043A1 (fr) Procédé, terminal et système de protection de sécurité de terminal
WO2013078796A1 (fr) Téléphone mobile et son procédé de communication
JP6807153B2 (ja) セキュアな聴覚装置の通信のための装置および関係する方法
US20150304321A1 (en) An image management system and an image management method based on fingerprint authentication
JP6397046B2 (ja) アドレス帳保護方法、装置及び通信システム
CN106357678A (zh) 一种智能终端的云加密存储方法及智能终端
CN104065648A (zh) 一种语音通话的数据处理方法
CN105681365B (zh) 用于文件传输的方法和装置
CN104852800A (zh) 数据传输方法及装置
WO2011088660A1 (fr) Procédé et appareil pour protéger un contenu d'information d'un téléphone cellulaire
JP6349712B2 (ja) 携帯端末設定方法
KR20160121828A (ko) 단말간 음성 및 데이터 통신시 도청을 방지하기 위한 분리형 비화장치 및 방법
WO2015090055A1 (fr) Procédé, dispositif et appareil de mémorisation et de lecture de données
CN108270917B (zh) 一种加密智能手机
CN104703175B (zh) 移动终端的数据安全保护方法及设备
JP2007113245A (ja) 制御システム、及び携帯端末
JP6061617B2 (ja) 移動体通信端末及び端末制御用プログラム
TWI433526B (zh) 自動防衛模組及其通報方法
KR101049174B1 (ko) 보안기능을 구비한 핸즈프리 및 그 제어 방법
KR101527053B1 (ko) 사생활 보호 통신 모드가 가능한 통신 시스템
CN104038932A (zh) 一种安全设备

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14881570

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 14881570

Country of ref document: EP

Kind code of ref document: A1