WO2018113337A1 - Method and system for establishing secure communication environment for wearable device - Google Patents

Method and system for establishing secure communication environment for wearable device Download PDF

Info

Publication number
WO2018113337A1
WO2018113337A1 PCT/CN2017/099428 CN2017099428W WO2018113337A1 WO 2018113337 A1 WO2018113337 A1 WO 2018113337A1 CN 2017099428 W CN2017099428 W CN 2017099428W WO 2018113337 A1 WO2018113337 A1 WO 2018113337A1
Authority
WO
WIPO (PCT)
Prior art keywords
wearable device
terminal device
authentication key
establishing
wearable
Prior art date
Application number
PCT/CN2017/099428
Other languages
French (fr)
Chinese (zh)
Inventor
梁杰
Original Assignee
北京握奇数据股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 北京握奇数据股份有限公司 filed Critical 北京握奇数据股份有限公司
Publication of WO2018113337A1 publication Critical patent/WO2018113337A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • H04W76/14Direct-mode setup

Definitions

  • the present invention relates to the field of secure communication technologies, and in particular, to a method and system for establishing a secure communication environment of a wearable device.
  • wearable devices are capable of computing, mobile, intelligent and connected. With the rapid spread of mobile Internet and the widespread application of Internet of Things technology, wearable devices will accompany People's daily life, smart home, health care and fitness.
  • wearable devices are mostly in the form of portable accessories that have some computing functions and can be connected to mobile phones and various types of terminals. Users can pass other terminal devices (such as smart phones).
  • a client APP corresponding to the wearable device is installed, and communication with the wearable device is established through the APP.
  • wearable devices imprint information such as user's health index, life preferences, behavioral habits, and behavioral trajectories, the risk of data security and personal privacy leakage will increase greatly. There is no doubt that the greater the amount of data that can be recorded by wearable devices. The more personal privacy that can be obtained, the greater the information security risk. Therefore, the establishment of a secure communication environment for wearable devices has become an indispensable part of the development of wearable devices. Only wearable devices and terminal apps are established. A secure communication environment can effectively protect the user's information security.
  • an embodiment of the present invention provides a method for establishing a secure communication environment of a wearable device, including the following steps:
  • the wearable device receives the first security verification data packet, and returns a response confirmation packet to the first terminal device;
  • the first terminal device receives the response confirmation packet, and determines whether the response confirmation packet is correct. If yes, the process proceeds to the next step. If not, the connection with the wearable device is disconnected, indicating that the verification fails;
  • the first terminal device encrypts the second verification data according to the authentication key between the first terminal device and the wearable device, and sends the encrypted ciphertext to the wearable device;
  • the wearable device receives the ciphertext, decrypts the ciphertext according to the authentication key between the wearable device and the first terminal device, and obtains the decrypted plaintext and sends the decrypted plaintext to the first terminal device;
  • the first terminal device receives the plaintext, and compares the plaintext with the second verification data. If the plaintext and the second verification data are the same, the secure communication environment is established, and if not, Disconnect from the wearable device.
  • the first terminal device is installed with a client APP corresponding to the wearable device, and in the step (1), the establishing The communication connection between the first terminal device and the wearable device refers to establishing communication between the client APP and the wearable device on the first terminal device.
  • the method for establishing a secure communication environment of the wearable device after the first terminal device determines that the response confirmation packet is correct, and before encrypting the second verification data, the method further includes:
  • the first terminal device generates an authentication key between the first terminal device and the wearable device, and sends the authentication key to the wearable device;
  • the wearable device receives and stores the authentication key and returns receipt confirmation data to the first terminal device.
  • a method for establishing a secure communication environment of a wearable device if the first terminal device does not receive the reception confirmation data returned by the wearable device within a set time, disconnecting from the wearable device the connection between.
  • a method for establishing a secure communication environment of a wearable device the first terminal device generating the according to a universally unique identifier UUID of a client APP that is installed corresponding to the wearable device Authentication key.
  • a method for establishing a secure communication environment of a wearable device the first terminal device generating an authentication key according to the universal unique identifier UUID, including:
  • the specified byte of the MD5 value is intercepted as the authentication key.
  • the method for establishing a secure communication environment of the wearable device wherein the second verification data is data pre-stored in the first terminal device or data randomly generated by the first terminal device.
  • the embodiment of the present invention further provides a system for establishing a secure communication environment of a wearable device, including a first terminal device and a wearable device; the first terminal device includes:
  • a first communication module configured to establish a communication connection with the wearable device
  • a first security verification module configured to send, after establishing a communication connection with the wearable device, the first security verification data packet agreed between the two to the wearable device, and after receiving the response confirmation packet returned by the wearable device, Determining whether the response confirmation packet is correct, and if yes, entering the second security verification module; if not, disconnecting from the wearable device, indicating that the verification fails;
  • a second security verification module configured to encrypt the second verification data according to the authentication key between the first terminal device and the wearable device, send the encrypted ciphertext to the wearable device, and receive the wearable After the plaintext sent by the device compares whether the plaintext and the second verification data are the same, if yes, the secure communication environment is established, and if not, disconnecting from the wearable device;
  • the wearable device includes:
  • a second communication module configured to establish a communication connection with the first terminal device
  • a first acknowledgement packet sending module configured to return a response confirmation packet to the first terminal device after receiving the first security verification data packet
  • a second verification data sending module configured to: after receiving the ciphertext sent by the first terminal device, decrypt the ciphertext according to the authentication key between the first terminal device and the first terminal device, to obtain the decrypted plaintext and Send to the first terminal device.
  • the first terminal device further includes:
  • the authentication key generating module is configured to: after the first terminal device determines that the response confirmation packet is correct, generate an authentication key between the second authentication data and the wearable device, and generate an authentication key Sent to the wearable device;
  • the wearable device further includes:
  • the authentication key receiving module is configured to receive the authentication key, and return the receiving confirmation data to the first terminal device.
  • the authentication key generation module includes:
  • a wearable device unique identifier obtaining unit configured to acquire a universal unique identifier UUID of the client APP corresponding to the wearable device installed on the first terminal device;
  • An MD5 value calculation module configured to perform MD5 calculation on the universal unique identifier UUID to obtain an MD5 value
  • An authentication key determining unit is configured to intercept a specified byte of the MD5 value as the authentication key.
  • the beneficial effects of the present invention are: a method and system for establishing a secure communication environment of a wearable device provided in the embodiments of the present invention, by performing multiple security authentications between the connected terminal device and the wearable device, only multiple times The security authentication is passed, and the real data interaction can be performed.
  • the method and system establish a secure and reliable communication environment for the communication based on the wearable device, and effectively protect the security of the user's private information.
  • FIG. 1 is a schematic flowchart of a method for establishing a secure communication environment of a wearable device according to an embodiment of the present invention
  • FIG. 2 is a schematic flowchart of a method for establishing a secure communication environment of a wearable device according to an embodiment of the present invention
  • FIG. 3 is a schematic structural diagram of a system for establishing a secure communication environment of a wearable device according to an embodiment of the present invention
  • FIG. 4 is a schematic structural diagram of a system for establishing a secure communication environment of a wearable device according to an embodiment of the present invention
  • FIG. 5 is a schematic structural diagram of an authentication key generation module according to an embodiment of the present invention.
  • FIG. 1 is a schematic flowchart diagram of a method for establishing a secure communication environment according to an embodiment of the present invention. As can be seen from the figure, the method for establishing the method mainly includes the following steps:
  • Step S110 The first terminal device establishes a communication connection with the wearable device, and the first terminal device sends the first security verification data packet agreed between the two to the wearable device.
  • Step S120 The wearable device receives the first security verification data packet, and returns a response confirmation packet to the first terminal device.
  • Step S130 The first terminal device receives the response confirmation packet, and determines whether the response confirmation packet is correct. If yes, the process proceeds to the next step. If not, the connection with the wearable device is disconnected, and the verification fails.
  • the first terminal device includes but is limited to a mobile phone or a PC.
  • a client APP corresponding to the wearable device is installed on the first terminal device, and establishing a communication connection between the first terminal device and the wearable device refers to establishing the client APP and the wearable device on the first terminal device. Communication of the device.
  • the communication connection between the first terminal device and the wearable device includes, but is not limited to, a Bluetooth connection or a USB connection.
  • the first step security verification between the first terminal device and the wearable device is completed by the step S110 to the step S130, and the first terminal device sends the first security to the wearable device after establishing the connection with the wearable device.
  • the verification data packet performs TDP (Trusted Device Processing) between the two, the second terminal device receives the first security verification data packet, and returns a response confirmation packet to the first terminal device, the first terminal The device determines whether the wearable device is a security device bound thereto by determining whether the response confirmation packet is correct.
  • the first security verification data packet and the response confirmation packet are pre-agreed between the first terminal device and the wearable device, and the first security verification data packet and the response confirmation packet are in one-to-one correspondence, specifically The data can be selected according to actual needs.
  • the response confirmation packet received by the first terminal device is only the response confirmation packet corresponding to the first security verification data packet sent by the first terminal device, the first verification is passed, and the process proceeds to step S140. Otherwise, the connection to the wearable device is disconnected directly and the verification fails.
  • Step S140 The first terminal device generates an authentication key and sends the authentication key to the wearable device.
  • Step S150 The wearable device receives and stores the authentication key, and returns the receiving confirmation data to the first terminal device.
  • the first terminal device After completing the initial security verification between the two (ie, the first terminal device and the wearable device), the first terminal device generates an authentication key for further verification between the two and transmits it to the wearable device.
  • the specific generation manner of the authentication key may be selected according to actual needs.
  • the authentication key between a terminal device and a wearable device is unique.
  • the first terminal device in order to ensure the uniqueness of the authentication key, the first terminal device generates the authentication key according to the universal unique identifier UUID of the APP client that is installed by the wearable device. That is, the authentication key is generated based on the universal unique identifier UUID of the client APP of the wearable device installed on the first terminal device. Because the UUID is unique, the authentication key generated according to the UUID is also unique. That is, the authentication key between a terminal device and a wearable device is unique, and if the terminal device or the wearable device is replaced, the authentication key also changes.
  • the specific manner in which the first terminal device generates an authentication key according to the universal unique identifier UUID is:
  • the specified byte of the MD5 value is intercepted as the authentication key.
  • the specified byte in the value is directly intercepted as the authentication key.
  • the wearable device After receiving the authentication key, the wearable device returns the receiving response data to the first terminal device to notify the first terminal device that the authentication key has been received.
  • the wearable device may prompt the user to confirm the operation in the form of flashing lights or vibrations, and the user may confirm by clicking the wearable device or other operations, and the wearable device receives the After the confirmation action by the user, the received response data is responded to the first terminal device.
  • the method may further set a response time limit, and if the first terminal device does not receive the received response data returned by the wearable device within the set time, disconnecting from the wearable device Connection.
  • step S140 and the step S150 may be implemented only when the first terminal device and the wearable device establish a secure communication environment for the first time, and then when the connection is made again, the authentication key for the first communication is directly used between the two. Subsequent certification steps are sufficient.
  • Step S160 The first terminal device encrypts the second verification data according to the authentication key, and sends the encrypted ciphertext to the wearable device.
  • Step S170 The wearable device receives the ciphertext, decrypts the ciphertext according to the stored authentication key, and obtains the decrypted plaintext and sends the ciphertext to the first terminal device.
  • Step S180 The first terminal device compares the plaintext sent by the wearable device with the second verification data, and if yes, the secure communication environment is established, and if not, disconnects from the wearable device.
  • the further security verification between the first terminal device and the wearable device is completed, and the first terminal device sends the second verification data by sending the authentication key between the two terminals to the wearable device. Encrypted ciphertext, and receiving the decrypted plaintext returned by the wearable device. If the plaintext is the same as the first verification data, the authentication is passed again, and the secure communication environment between the two is complete, and true communication can be performed. If the plaintext received by the first terminal device is different from the first verification data, the connection with the wearable device is disconnected, and the verification fails.
  • the first terminal device and the wearable device can perform subsequent actual operations.
  • the authentication key may be used as the session key between the two, or a new session key may be generated. .
  • step S160 and step S170 in the process in which the first terminal device encrypts the second verification data according to the authentication key and the wearable device decrypts the key according to the authentication key, what encryption method is specifically used
  • the decryption mode can be selected according to actual needs, for example, an RC4 encryption algorithm or other encryption algorithm can be used, as long as the authentication key is used as a key parameter in the encryption algorithm.
  • the second verification data may be pre-stored data in the first terminal device, or may be random data generated by the first terminal device in real time, and specific data used as the second verification data may be actual according to actual conditions. Demand is chosen.
  • FIG. 2 is a flow chart showing a method for establishing a secure communication environment provided in an embodiment. As can be seen from the figure, the method for establishing includes the following steps:
  • Step S210 The first terminal device establishes a communication connection with the wearable device, and the first terminal device sends the first security verification data packet agreed between the two to the wearable device.
  • Step S220 The wearable device receives the first security verification data packet, and returns a response confirmation packet to the first terminal device.
  • Step S230 The first terminal device receives the response confirmation packet, and determines whether the response confirmation packet is correct. If yes, the process proceeds to the next step. If not, the connection with the wearable device is disconnected, and the verification fails.
  • Step S240 The first terminal device encrypts the second verification data according to the authentication key between the first terminal device and the wearable device, and sends the encrypted ciphertext to the wearable device.
  • Step S250 The wearable device receives the ciphertext, decrypts the ciphertext according to the authentication key between the wearable device and the first terminal device, and obtains the decrypted plaintext and sends the decrypted plaintext to the first terminal device.
  • Step S260 The first terminal device receives the plaintext, and compares the plaintext with the second verification data. If the plaintext and the second verification data are the same, the secure communication environment is established. If not, then Disconnect from the wearable device.
  • the method for establishing the method in this embodiment differs from the method shown in FIG. 1 in that, in this embodiment, there is no process in which the first terminal device generates the authentication key and the wearable device receives the authentication key.
  • the authentication key is generated by the first terminal device and has been sent to the wearable Wear the authentication key stored in the device. Only the first terminal device and the wearable device are matched, and the authentication key in the two is matched, and the wearable device can successfully decrypt the ciphertext according to the authentication key, and the obtained plaintext can be combined with the
  • the second verification data is the same before the verification can be completed.
  • the method for establishing a secure communication environment may perform one-to-one authentication binding between the first terminal device and the wearable device (the mobile phone app and the wearable device), and any one of the verification errors may be disconnected. Bluetooth connection between the two.
  • the one-to-one secure communication environment between the client APP and the wearable device of the terminal device is established.
  • the wearable device can be established by the method provided in the embodiment of the present invention.
  • the secure transmission environment between the user and its own mobile phone app improves the safety of the user's wearable device.
  • the solution shown in FIG. 1 when the first terminal device and the wearable device establish a secure communication environment for the first time, the solution shown in FIG. 1 is adopted, and the method shown in FIG. 2 may be used when re-establishing, but the first communication device is replaced or After the second communication device, the secure communication environment will be re-established, because for a new first terminal device, the authentication key will change, and for a new wearable device, the authentication key Will not exist.
  • an embodiment of the present invention further provides a system for establishing a secure communication environment, as shown in FIG. 3 , the system includes a first terminal device 100 and a wearable device 200;
  • the first terminal device 100 includes a first communication module 110, a first security verification module 120, and a second security verification module 140.
  • the wearable device 200 includes a second communication module 210, a first acknowledgement packet sending module 230, and a second verification.
  • Data sending module 240 is among them:
  • a first communication module 110 configured to establish a communication connection with the wearable device
  • the first security verification module 120 is configured to send, after establishing a communication connection with the wearable device, the first security verification data packet agreed between the two to the wearable device, and after receiving the response confirmation packet returned by the wearable device Determining whether the response confirmation packet is correct, and if yes, entering the second security verification module, and if not, disconnecting from the wearable device, indicating that the verification fails;
  • the second security verification module 140 is configured to encrypt the second verification data according to the authentication key between the first terminal device and the wearable device, and send the encrypted ciphertext to the wearable device, and receive the After the plaintext sent by the device is received, the plaintext is compared with the second verification data, and if yes, the secure communication environment is established, and if not, the connection with the wearable device is disconnected;
  • a second communication module 210 configured to establish a communication connection with the first terminal device
  • the first confirmation packet sending module 220 is configured to: after receiving the first security verification data packet, return a response confirmation packet to the first terminal device;
  • the second verification data sending module 240 is configured to: after receiving the ciphertext sent by the first terminal device, decrypt the ciphertext according to the authentication key between the first terminal device and the first terminal device, and obtain the decrypted plaintext. Send to the first terminal device.
  • the first terminal device 100 may further include an authentication key generation module 130, and the wearable device 200 may further include an authentication key receiving module 230. among them:
  • the authentication key generation module 130 is configured to: after the first terminal device determines that the response confirmation packet is correct, generate an authentication key between the first authentication data and the wearable device, and encrypt the authentication key The key is sent to the wearable device;
  • the authentication key receiving module 230 is configured to receive the authentication key and return the receiving confirmation data to the first terminal device.
  • the authentication key may be a symmetric key or an asymmetric key. If the symmetric key is used, the authentication key in both the first terminal device and the wearable device is the same.
  • the key is stored in the first terminal device as a private key, and the first terminal device sends the public key corresponding to the private key to the wearable device.
  • the authentication key generation module 130 includes a wearable device unique identifier acquisition unit 131, an MD5 value calculation module 132, and an authentication key determination unit 133, as shown in FIG. among them:
  • the wearable device unique identifier obtaining unit 131 is configured to acquire a universal unique identifier UUID of the client APP corresponding to the wearable device installed on the first terminal device;
  • the MD5 value calculation module 132 is configured to perform MD5 calculation on the universal unique identifier UUID to obtain an MD5 value
  • the authentication key determining unit 133 is configured to intercept the specified byte of the MD5 value as the authentication key.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephone Function (AREA)

Abstract

The present invention belongs to the technical field of secure communications, and disclosed in the embodiments of the present invention are a method and system for establishing a secure communication environment for a wearable device. The method comprises: communication connection is established between a first terminal device and a wearable device; the first terminal device sends to the wearable device a first secure verification data packet as appointed therebetween and receives a response acknowledgement packet from the wearable device; after confirming that the response acknowledgement packet is correct, the first terminal device sends ciphertext of second verification data to the wearable device and receives a plaintext which is returned by the wearable device and obtained by decrypting the ciphertext; and when the first terminal device determines by means of comparison that the plaintext is the same as the second verification data, the establishment of the secure communication environment is completed. According to the method and the system which are disclosed by the present invention, genuine data interaction between the terminal device and the wearable device is carried out only if multiple security verifications between the terminal device and the wearable device are passed; and a secure and reliable communication environment is established for wearable device-based communication, and the security of private information of a user is effectively protected.

Description

一种可穿戴设备的安全通信环境的建立方法及系统Method and system for establishing secure communication environment of wearable device 技术领域Technical field
本发明涉及安全通信技术领域,具体涉及一种可穿戴设备的安全通信环境的建立方法及系统。The present invention relates to the field of secure communication technologies, and in particular, to a method and system for establishing a secure communication environment of a wearable device.
背景技术Background technique
随着互联网通信技术的快速发展,各种电子终端设备已经成为人们生活必不可少的工具,用户的不同电子终端设备之间的数据传输也成为了人们的日常,设备间通信的安全保障也越来越成为为人们关注的重点。With the rapid development of Internet communication technology, various electronic terminal devices have become an indispensable tool for people's lives. The data transmission between different electronic terminal devices of users has become a daily life, and the security of communication between devices has become more and more secure. The more it has become the focus of attention.
目前,越来越多的可穿戴设备融入了人们的生活,可穿戴设备具有可计算及移动、智能、互联特点,随着移动互联网的快速普及和物联网技术的广泛应用,可穿戴设备将伴随人们的日常生活、智能家庭、医疗保健和健身运动,目前可穿戴设备多以具备部分计算功能及可连接手机和各类终端的便携式配件形式存在,用户其它终端设备(如智能手机等)上通过安装与所述可穿戴设备对应的客户端APP,通过APP建立起与可穿戴设备的通信。At present, more and more wearable devices are integrated into people's lives. Wearable devices are capable of computing, mobile, intelligent and connected. With the rapid spread of mobile Internet and the widespread application of Internet of Things technology, wearable devices will accompany People's daily life, smart home, health care and fitness. Currently, wearable devices are mostly in the form of portable accessories that have some computing functions and can be connected to mobile phones and various types of terminals. Users can pass other terminal devices (such as smart phones). A client APP corresponding to the wearable device is installed, and communication with the wearable device is established through the APP.
由于可穿戴设备到处印刻着用户的健康指数、生活偏好、行为习惯、行动轨迹等信息,导致数据安全和个人隐私泄露的危险将大大增加,毫无疑问,可穿戴设备可记录的数据量越大、可获得的个人隐私越多,信息安全隐患就越大,因此,对于可穿戴设备的安全通信环境的建立已经成为可穿戴设备发展中必不可少的一个环节,只有可穿戴设备与终端app建立起安全通信环境,才能有效的保护用户的信息安全。As wearable devices imprint information such as user's health index, life preferences, behavioral habits, and behavioral trajectories, the risk of data security and personal privacy leakage will increase greatly. There is no doubt that the greater the amount of data that can be recorded by wearable devices. The more personal privacy that can be obtained, the greater the information security risk. Therefore, the establishment of a secure communication environment for wearable devices has become an indispensable part of the development of wearable devices. Only wearable devices and terminal apps are established. A secure communication environment can effectively protect the user's information security.
发明内容Summary of the invention
针对现有技术中存在的缺陷及实际应用的需要,本发明实施例的目的在于提供一种能够克服上述问题或者至少能够部分地解决上述问题的。In view of the defects existing in the prior art and the needs of practical applications, it is an object of embodiments of the present invention to provide an ability to overcome the above problems or at least partially solve the above problems.
为实现上述目的,本发明的一个实施例中提供了:一种可穿戴设备的安全通信环境的建立方法,包括以下步骤: To achieve the above objective, an embodiment of the present invention provides a method for establishing a secure communication environment of a wearable device, including the following steps:
(1)建立第一终端设备和可穿戴设备的通信连接,第一终端设备向可穿戴设备发送两者之间约定的第一安全验证数据包;(1) establishing a communication connection between the first terminal device and the wearable device, the first terminal device transmitting, to the wearable device, the first security verification data packet agreed between the two;
(2)可穿戴设备接收所述第一安全验证数据包,并向第一终端设备返回应答确认包;(2) The wearable device receives the first security verification data packet, and returns a response confirmation packet to the first terminal device;
(3)第一终端设备接收应答确认包,并判断所述应答确认包是否正确,若是,则进入下一步,若否,则断开与可穿戴设备的连接,提示验证失败;(3) The first terminal device receives the response confirmation packet, and determines whether the response confirmation packet is correct. If yes, the process proceeds to the next step. If not, the connection with the wearable device is disconnected, indicating that the verification fails;
(4)第一终端设备根据其与可穿戴设备之间的认证密钥,对第二验证数据进行加密,将加密后的密文发送到可穿戴设备;(4) The first terminal device encrypts the second verification data according to the authentication key between the first terminal device and the wearable device, and sends the encrypted ciphertext to the wearable device;
(5)可穿戴设备接收所述密文,根据其与第一终端设备之间的认证密钥对密文进行解密,得到解密后的明文并发送到第一终端设备;(5) The wearable device receives the ciphertext, decrypts the ciphertext according to the authentication key between the wearable device and the first terminal device, and obtains the decrypted plaintext and sends the decrypted plaintext to the first terminal device;
(6)第一终端设备接收所述明文,将所述明文与所述第二验证数据比对,若所述明文与所述第二验证数据相同,则安全通信环境建立完成,若否,则断开与可穿戴设备的连接。(6) The first terminal device receives the plaintext, and compares the plaintext with the second verification data. If the plaintext and the second verification data are the same, the secure communication environment is established, and if not, Disconnect from the wearable device.
进一步,如上所述的一种可穿戴设备的安全通信环境的建立方法,所述第一终端设备上安装有与所述可穿戴设备相对应的客户端APP,步骤(1)中,所述建立第一终端设备和可穿戴设备的通信连接是指建立第一终端设备上所述客户端APP与可穿戴设备的通信。Further, in the method for establishing a secure communication environment of the wearable device, the first terminal device is installed with a client APP corresponding to the wearable device, and in the step (1), the establishing The communication connection between the first terminal device and the wearable device refers to establishing communication between the client APP and the wearable device on the first terminal device.
进一步,如上所述的一种可穿戴设备的安全通信环境的建立方法,第一终端设备判断所述应答确认包正确后,对第二验证数据进行加密前,还包括:Further, the method for establishing a secure communication environment of the wearable device, as described above, after the first terminal device determines that the response confirmation packet is correct, and before encrypting the second verification data, the method further includes:
第一终端设备生成其与可穿戴设备之间的认证密钥,并将认证密钥发送到可穿戴设备;The first terminal device generates an authentication key between the first terminal device and the wearable device, and sends the authentication key to the wearable device;
可穿戴设备接收并存储所述认证密钥,并向第一终端设备返回接收确认数据。The wearable device receives and stores the authentication key and returns receipt confirmation data to the first terminal device.
进一步,如上所述的一种可穿戴设备的安全通信环境的建立方法,若第一终端设备在设定时间内未收到可穿戴设备返回的所述接收确认数据,则断开与可穿戴设备之间的连接。 Further, as described above, a method for establishing a secure communication environment of a wearable device, if the first terminal device does not receive the reception confirmation data returned by the wearable device within a set time, disconnecting from the wearable device the connection between.
进一步,如上所述的一种可穿戴设备的安全通信环境的建立方法,所述第一终端设备根据其所安装的与所述可穿戴设备对应的客户端APP的通用唯一标识符UUID生成所述认证密钥。Further, as described above, a method for establishing a secure communication environment of a wearable device, the first terminal device generating the according to a universally unique identifier UUID of a client APP that is installed corresponding to the wearable device Authentication key.
进一步,如上所述的一种可穿戴设备的安全通信环境的建立方法,第一终端设备根据所述通用唯一标识符UUID生成认证密钥,包括:Further, as described above, a method for establishing a secure communication environment of a wearable device, the first terminal device generating an authentication key according to the universal unique identifier UUID, including:
将所述通用唯一标识符UUID进行MD5计算,得到MD5值;Performing MD5 calculation on the universal unique identifier UUID to obtain an MD5 value;
截取所述MD5值的指定字节作为所述认证密钥。The specified byte of the MD5 value is intercepted as the authentication key.
进一步,如上所述的一种可穿戴设备的安全通信环境的建立方法,所述第二验证数据为第一终端设备中预存储的数据或第一终端设备随机生成的数据。Further, the method for establishing a secure communication environment of the wearable device, wherein the second verification data is data pre-stored in the first terminal device or data randomly generated by the first terminal device.
本发明实施例中还提供了一种可穿戴设备的安全通信环境的建立系统,包括第一终端设备和可穿戴设备;所述第一终端设备包括:The embodiment of the present invention further provides a system for establishing a secure communication environment of a wearable device, including a first terminal device and a wearable device; the first terminal device includes:
第一通信模块,用于建立与可穿戴设备的通信连接;a first communication module, configured to establish a communication connection with the wearable device;
第一安全验证模块,用于在与可穿戴设备建立通信连接后,向可穿戴设备发送两者之间约定的第一安全验证数据包,并在接收到可穿戴设备返回的应答确认包后,判断所述应答确认包是否正确,若是,则进入第二安全验证模块,若否,则断开与可穿戴设备的连接,提示验证失败;a first security verification module, configured to send, after establishing a communication connection with the wearable device, the first security verification data packet agreed between the two to the wearable device, and after receiving the response confirmation packet returned by the wearable device, Determining whether the response confirmation packet is correct, and if yes, entering the second security verification module; if not, disconnecting from the wearable device, indicating that the verification fails;
第二安全验证模块,用于根据第一终端设备与可穿戴设备之间的认证密钥,对第二验证数据进行加密,将加密后的密文发送到可穿戴设备,并在接收到可穿戴设备发送的明文后,比对所述明文与所述第二验证数据是否相同,若是,则安全通信环境建立完成,若否,则断开与可穿戴设备的连接;a second security verification module, configured to encrypt the second verification data according to the authentication key between the first terminal device and the wearable device, send the encrypted ciphertext to the wearable device, and receive the wearable After the plaintext sent by the device compares whether the plaintext and the second verification data are the same, if yes, the secure communication environment is established, and if not, disconnecting from the wearable device;
所述可穿戴设备包括:The wearable device includes:
第二通信模块,用于建立与第一终端设备的通信连接;a second communication module, configured to establish a communication connection with the first terminal device;
第一确认包发送模块,用于在接收到所述第一安全验证数据包后,向第一终端设备返回应答确认包;a first acknowledgement packet sending module, configured to return a response confirmation packet to the first terminal device after receiving the first security verification data packet;
第二验证数据发送模块,用于在接收到第一终端设备发送的所述密文后,根据其与第一终端设备之间的认证密钥对密文进行解密,得到解密后的明文并 发送到第一终端设备。a second verification data sending module, configured to: after receiving the ciphertext sent by the first terminal device, decrypt the ciphertext according to the authentication key between the first terminal device and the first terminal device, to obtain the decrypted plaintext and Send to the first terminal device.
进一步,如上一种可穿戴设备的安全通信环境的建立系统,所述第一终端设备还包括:Further, as a system for establishing a secure communication environment of a wearable device, the first terminal device further includes:
认证密钥生成模块,用于在第一终端设备判断出所述应答确认包正确后,对第二验证数据进行加密前,生成其与可穿戴设备之间的认证密钥,并将认证密钥发送到可穿戴设备;The authentication key generating module is configured to: after the first terminal device determines that the response confirmation packet is correct, generate an authentication key between the second authentication data and the wearable device, and generate an authentication key Sent to the wearable device;
所述可穿戴设备还包括:The wearable device further includes:
认证密钥接收模块,用于接收所述认证密钥,并向第一终端设备返回接收确认数据。The authentication key receiving module is configured to receive the authentication key, and return the receiving confirmation data to the first terminal device.
进一步,如上一种可穿戴设备的安全通信环境的建立系统,所述认证密钥生成模块包括:Further, as a system for establishing a secure communication environment of a wearable device, the authentication key generation module includes:
穿戴设备唯一标识获取单元,用于获取第一终端设备上安装的与所述可穿戴设备相对应的客户端APP的通用唯一标识符UUID;a wearable device unique identifier obtaining unit, configured to acquire a universal unique identifier UUID of the client APP corresponding to the wearable device installed on the first terminal device;
MD5值计算模块,用于将所述通用唯一标识符UUID进行MD5计算,得到MD5值;An MD5 value calculation module, configured to perform MD5 calculation on the universal unique identifier UUID to obtain an MD5 value;
认证密钥确定单元,用于截取所述MD5值的指定字节作为所述认证密钥。An authentication key determining unit is configured to intercept a specified byte of the MD5 value as the authentication key.
本发明的有益效果在于:本发明实施例中所提供的可穿戴设备的安全通信环境建立方法及系统,通过在建立了连接的终端设备与可穿戴设备之间进行多次安全认证,只有多次安全认证均通过,才能够进行真正数据的交互,该方法及系统,为基于可穿戴设备的通信建立了安全可靠的通信环境,有效保护了用户的隐私信息的安全。The beneficial effects of the present invention are: a method and system for establishing a secure communication environment of a wearable device provided in the embodiments of the present invention, by performing multiple security authentications between the connected terminal device and the wearable device, only multiple times The security authentication is passed, and the real data interaction can be performed. The method and system establish a secure and reliable communication environment for the communication based on the wearable device, and effectively protect the security of the user's private information.
附图说明DRAWINGS
为了更清楚地说明本发明实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本发明的一些实施例,附图仅限于示出优选实施方式的目的,而并不认为是本发明的限制,且对于本领域普通技术人员来讲,在不 付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the description of the prior art will be briefly described below. Obviously, the drawings in the following description are only The present invention is not limited to the scope of the present invention, and is not considered to be a limitation of the present invention, and is not Other drawings can also be obtained from these drawings on the premise of creative work.
图1为本发明的一个实施例中的一种可穿戴设备的安全通信环境的建立方法的流程示意图;1 is a schematic flowchart of a method for establishing a secure communication environment of a wearable device according to an embodiment of the present invention;
图2为本发明的一个实施例中的一种可穿戴设备的安全通信环境的建立方法的流程示意图;2 is a schematic flowchart of a method for establishing a secure communication environment of a wearable device according to an embodiment of the present invention;
图3为本发明的一个实施例中的一种可穿戴设备的安全通信环境的建立系统的结构示意图;3 is a schematic structural diagram of a system for establishing a secure communication environment of a wearable device according to an embodiment of the present invention;
图4为本发明的一个实施例中的一种可穿戴设备的安全通信环境的建立系统的结构示意图;4 is a schematic structural diagram of a system for establishing a secure communication environment of a wearable device according to an embodiment of the present invention;
图5为本发明一个实施例中认证密钥生成模块的结构示意图。FIG. 5 is a schematic structural diagram of an authentication key generation module according to an embodiment of the present invention.
具体实施方式detailed description
下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,均属于本发明保护的范围。The technical solutions in the embodiments of the present invention are clearly and completely described in the following with reference to the accompanying drawings in the embodiments of the present invention. It is obvious that the described embodiments are only a part of the embodiments of the present invention, but not all embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments of the present invention without departing from the inventive scope are the scope of the present invention.
图1示出了本发明的一个实施例中提供的一种安全通信环境的建立方法的流程示意图,由图中可以看出,所述建立方法主要包括以下步骤:FIG. 1 is a schematic flowchart diagram of a method for establishing a secure communication environment according to an embodiment of the present invention. As can be seen from the figure, the method for establishing the method mainly includes the following steps:
步骤S110:第一终端设备和可穿戴设备建立通信连接,第一终端设备向可穿戴设备发送两者之间约定的第一安全验证数据包;Step S110: The first terminal device establishes a communication connection with the wearable device, and the first terminal device sends the first security verification data packet agreed between the two to the wearable device.
步骤S120:可穿戴设备接收所述第一安全验证数据包,并向第一终端设备返回应答确认包;Step S120: The wearable device receives the first security verification data packet, and returns a response confirmation packet to the first terminal device.
步骤S130:第一终端设备接收应答确认包,并判断所述应答确认包是否正确,若是,则进入下一步,若否,则断开与可穿戴设备的连接,提示验证失败;Step S130: The first terminal device receives the response confirmation packet, and determines whether the response confirmation packet is correct. If yes, the process proceeds to the next step. If not, the connection with the wearable device is disconnected, and the verification fails.
本实施例中,所述第一终端设备包括但限于手机或PC机等。所述第一终端设备上安装有与所述可穿戴设备相对应的客户端APP,建立第一终端设备和可穿戴设备的通信连接是指建立第一终端设备上所述客户端APP与可穿戴设备的通信。第一终端设备与可穿戴设备之间的通信连接方式包括但不限于蓝牙连接或USB连接等。 In this embodiment, the first terminal device includes but is limited to a mobile phone or a PC. A client APP corresponding to the wearable device is installed on the first terminal device, and establishing a communication connection between the first terminal device and the wearable device refers to establishing the client APP and the wearable device on the first terminal device. Communication of the device. The communication connection between the first terminal device and the wearable device includes, but is not limited to, a Bluetooth connection or a USB connection.
通过所述步骤S110~步骤S130,完成了第一终端设备与可穿戴设备之间的第一步安全验证,第一终端设备在与可穿戴设备建立起连接后,向可穿戴设备发送第一安全验证数据包进行两者之间的设备可信任处理TDP(Trusted Device Processing),第二终端设备接收到所述第一安全验证数据包,向第一终端设备返回响应的应答确认包,第一终端设备通过判断所述应答确认包是否正确来确定所述可穿戴设备是否是与其绑定的安全设备。The first step security verification between the first terminal device and the wearable device is completed by the step S110 to the step S130, and the first terminal device sends the first security to the wearable device after establishing the connection with the wearable device. The verification data packet performs TDP (Trusted Device Processing) between the two, the second terminal device receives the first security verification data packet, and returns a response confirmation packet to the first terminal device, the first terminal The device determines whether the wearable device is a security device bound thereto by determining whether the response confirmation packet is correct.
其中,所述第一安全验证数据包和所述应答确认包均是第一终端设备和可穿戴设备之间预先约定的,第一安全验证数据包和应答确认包是一一对应的,具体是哪些数据可以根据实际需要选择,第一终端设备接收到的应答确认包只有是与其发送的第一安全验证数据包相对应的应答确认包时,才判断第一步验证通过,进入到步骤S140,否则,则直接断开与可穿戴设备的连接,并提示验证失败。The first security verification data packet and the response confirmation packet are pre-agreed between the first terminal device and the wearable device, and the first security verification data packet and the response confirmation packet are in one-to-one correspondence, specifically The data can be selected according to actual needs. When the response confirmation packet received by the first terminal device is only the response confirmation packet corresponding to the first security verification data packet sent by the first terminal device, the first verification is passed, and the process proceeds to step S140. Otherwise, the connection to the wearable device is disconnected directly and the verification fails.
步骤S140:第一终端设备生成认证密钥,并发送到可穿戴设备;Step S140: The first terminal device generates an authentication key and sends the authentication key to the wearable device.
步骤S150:可穿戴设备接收并存储所述认证密钥,并向第一终端设备返回接收确认数据;Step S150: The wearable device receives and stores the authentication key, and returns the receiving confirmation data to the first terminal device.
在完成两者(即所述第一终端设备和可穿戴设备)之间的初步安全验证后,第一终端设备生成用于两者之间进一步验证的认证密钥,并发送到可穿戴设备。其中,所述认证密钥的具体生成方式可以根据实际需要进行选择。一个终端设备与一个可穿戴设备之间的认证密钥具有唯一性。After completing the initial security verification between the two (ie, the first terminal device and the wearable device), the first terminal device generates an authentication key for further verification between the two and transmits it to the wearable device. The specific generation manner of the authentication key may be selected according to actual needs. The authentication key between a terminal device and a wearable device is unique.
在本发明的一个实例中,为了保证认证密钥唯一性,所述第一终端设备根据其所安装的与所述可穿戴设备对应的APP客户端的通用唯一标识符UUID生成所述认证密钥,即以第一终端设备上所安装的所述可穿戴设备的客户端APP的通用唯一标识符UUID为依据生成认证密钥,因为UUID具有唯一性,因此根据UUID生成的认证密钥也具有唯一性,即一个终端设备与一个穿戴设备之间的认证密钥是唯一的,如果终端设备或可穿戴设备发生更换,认证密钥也会发生变化。In an example of the present invention, in order to ensure the uniqueness of the authentication key, the first terminal device generates the authentication key according to the universal unique identifier UUID of the APP client that is installed by the wearable device. That is, the authentication key is generated based on the universal unique identifier UUID of the client APP of the wearable device installed on the first terminal device. Because the UUID is unique, the authentication key generated according to the UUID is also unique. That is, the authentication key between a terminal device and a wearable device is unique, and if the terminal device or the wearable device is replaced, the authentication key also changes.
在本发明的一个实施例中,第一终端设备根据所述通用唯一标识符UUID生成认证密钥的具体方式:In an embodiment of the present invention, the specific manner in which the first terminal device generates an authentication key according to the universal unique identifier UUID is:
将所述通用唯一标识符UUID进行MD5(消息摘要算法第五版)计算,得到 MD5值;Calculating the universal unique identifier UUID by MD5 (Message Digest Algorithm Fifth Edition) MD5 value;
截取所述MD5值的指定字节作为所述认证密钥。The specified byte of the MD5 value is intercepted as the authentication key.
即从算出的长度固定的MD5值中,直接截取该值中的指定字节作为认证密钥。That is, from the calculated MD5 value whose length is fixed, the specified byte in the value is directly intercepted as the authentication key.
可穿戴设备接收到所述认证密钥后,向第一终端设备返回接收应答数据,以告知第一终端设备已经接收到了所述认证密钥。在实际操作中,穿戴设备接收到所述认证密钥后,可穿戴设备可以以闪灯或震动等形式提示用户进行确认操作,用户可以通过点击可穿戴设备或其它操作进行确认,可穿戴设备接收到用户的确认动作后,则向第一终端设备响应所述接收应答数据。After receiving the authentication key, the wearable device returns the receiving response data to the first terminal device to notify the first terminal device that the authentication key has been received. In actual operation, after the wearable device receives the authentication key, the wearable device may prompt the user to confirm the operation in the form of flashing lights or vibrations, and the user may confirm by clicking the wearable device or other operations, and the wearable device receives the After the confirmation action by the user, the received response data is responded to the first terminal device.
在本发明的一个实施例中,该方法还可以设置应答时限,若第一终端设备在设定时间内未收到可穿戴设备返回的所述接收应答数据,则断开与可穿戴设备之间的连接。In an embodiment of the present invention, the method may further set a response time limit, and if the first terminal device does not receive the received response data returned by the wearable device within the set time, disconnecting from the wearable device Connection.
在实际应用中,所述步骤S140和步骤S150可以只在第一终端设备与可穿戴设备首次建立安全通信环境时实施,之后再次连接时,两者之间直接采用首次通信时的认证密钥进行后续认证步骤即可。In an actual application, the step S140 and the step S150 may be implemented only when the first terminal device and the wearable device establish a secure communication environment for the first time, and then when the connection is made again, the authentication key for the first communication is directly used between the two. Subsequent certification steps are sufficient.
步骤S160:第一终端设备根据所述认证密钥,对第二验证数据进行加密,将加密后的密文发送到可穿戴设备;Step S160: The first terminal device encrypts the second verification data according to the authentication key, and sends the encrypted ciphertext to the wearable device.
步骤S170:可穿戴设备接收所述密文,根据其存储的认证密钥对密文进行解密,得到解密后的明文并发送到第一终端设备;Step S170: The wearable device receives the ciphertext, decrypts the ciphertext according to the stored authentication key, and obtains the decrypted plaintext and sends the ciphertext to the first terminal device.
步骤S180:第一终端设备比对可穿戴设备发送的明文与所述第二验证数据是否相同,若是,则安全通信环境建立完成,若否,则断开与可穿戴设备的连接。Step S180: The first terminal device compares the plaintext sent by the wearable device with the second verification data, and if yes, the secure communication environment is established, and if not, disconnects from the wearable device.
通过所述步骤S160~步骤S180,完成了第一终端设备与可穿戴设备之间的进一步安全验证,第一终端设备通过向可穿戴设备发送采用两者间的认证密钥对第二验证数据进行加密后的密文,并接收可穿戴设备返回的解密后的明文,如果该明文与所述第一验证数据相同,则再次验证通过,两者间的安全通信环境建立完整,可以进行真正的通讯数据的传输,如果第一终端设备接收到的明文与所述第一验证数据不相同,则断开与可穿戴设备的连接,提示验证失败。Through the step S160 to the step S180, the further security verification between the first terminal device and the wearable device is completed, and the first terminal device sends the second verification data by sending the authentication key between the two terminals to the wearable device. Encrypted ciphertext, and receiving the decrypted plaintext returned by the wearable device. If the plaintext is the same as the first verification data, the authentication is passed again, and the secure communication environment between the two is complete, and true communication can be performed. If the plaintext received by the first terminal device is different from the first verification data, the connection with the wearable device is disconnected, and the verification fails.
在安全通信环境建立之后,第一终端设备与可穿戴设备即可进行后续实际 通讯数据的传输,在实际应用中,第一终端设备与可穿戴设备进行真正通讯数据传输时,可以以所述认证密钥作为两者间的会话密钥,也可以再生成新的会话密钥。After the secure communication environment is established, the first terminal device and the wearable device can perform subsequent actual operations. In the actual application, when the first terminal device and the wearable device perform true communication data transmission, the authentication key may be used as the session key between the two, or a new session key may be generated. .
在实际应用中,步骤S160和步骤S170中,第一终端设备根据认证密钥对第二验证数据进行加密以及可穿戴设备根据认证密钥对密钥进行解密的处理中,具体采用何种加密方式和解密方式可以根据实际需求进行选择,如可以采用RC4加密算法或其它加密算法,只要所述认证密钥作为加密算法中的密钥参数即可。In an actual application, in step S160 and step S170, in the process in which the first terminal device encrypts the second verification data according to the authentication key and the wearable device decrypts the key according to the authentication key, what encryption method is specifically used The decryption mode can be selected according to actual needs, for example, an RC4 encryption algorithm or other encryption algorithm can be used, as long as the authentication key is used as a key parameter in the encryption algorithm.
本实施例中,所述第二验证数据可以是第一终端设备中预先存储的数据,也可以是第一终端设备实时生成的随机数据,具体采用哪些数据作为第二验证数据均是可以根据实际需求进行选择的。In this embodiment, the second verification data may be pre-stored data in the first terminal device, or may be random data generated by the first terminal device in real time, and specific data used as the second verification data may be actual according to actual conditions. Demand is chosen.
图2中示出了的一个实施例中提供的一种安全通信环境的建立方法的流程图,由图中可以看出,该建立方法包括以下步骤:FIG. 2 is a flow chart showing a method for establishing a secure communication environment provided in an embodiment. As can be seen from the figure, the method for establishing includes the following steps:
步骤S210:第一终端设备和可穿戴设备建立通信连接,第一终端设备向可穿戴设备发送两者之间约定的第一安全验证数据包;Step S210: The first terminal device establishes a communication connection with the wearable device, and the first terminal device sends the first security verification data packet agreed between the two to the wearable device.
步骤S220:可穿戴设备接收所述第一安全验证数据包,并向第一终端设备返回应答确认包;Step S220: The wearable device receives the first security verification data packet, and returns a response confirmation packet to the first terminal device.
步骤S230:第一终端设备接收应答确认包,并判断所述应答确认包是否正确,若是,则进入下一步,若否,则断开与可穿戴设备的连接,提示验证失败;Step S230: The first terminal device receives the response confirmation packet, and determines whether the response confirmation packet is correct. If yes, the process proceeds to the next step. If not, the connection with the wearable device is disconnected, and the verification fails.
步骤S240:第一终端设备根据其与可穿戴设备之间的认证密钥,对第二验证数据进行加密,将加密后的密文发送到可穿戴设备;Step S240: The first terminal device encrypts the second verification data according to the authentication key between the first terminal device and the wearable device, and sends the encrypted ciphertext to the wearable device.
步骤S250:可穿戴设备接收所述密文,根据其与第一终端设备之间的认证密钥对密文进行解密,得到解密后的明文并发送到第一终端设备;Step S250: The wearable device receives the ciphertext, decrypts the ciphertext according to the authentication key between the wearable device and the first terminal device, and obtains the decrypted plaintext and sends the decrypted plaintext to the first terminal device.
步骤S260:第一终端设备接收所述明文,将所述明文与所述第二验证数据比对,若所述明文与所述第二验证数据相同,则安全通信环境建立完成,若否,则断开与可穿戴设备的连接。Step S260: The first terminal device receives the plaintext, and compares the plaintext with the second verification data. If the plaintext and the second verification data are the same, the secure communication environment is established. If not, then Disconnect from the wearable device.
可见,本实施例中所述的建立方法与图1中所示方法的区别在于,本实施例中没有第一终端设备生成所述认证密钥以及可穿戴设备接收所述认证密钥的过程。本实施例中,所述认证密钥为第一终端设备生成的、并已经发送到可穿 戴设备中存储的认证密钥。只有第一终端设备和可穿戴设备是匹配的,两者中的所述认证密钥才是匹配的,可穿戴设备才能够根据认证密钥对密文解密成功,得到的明文才能够与所述第二验证数据相同,才能够完成验证。It can be seen that the method for establishing the method in this embodiment differs from the method shown in FIG. 1 in that, in this embodiment, there is no process in which the first terminal device generates the authentication key and the wearable device receives the authentication key. In this embodiment, the authentication key is generated by the first terminal device and has been sent to the wearable Wear the authentication key stored in the device. Only the first terminal device and the wearable device are matched, and the authentication key in the two is matched, and the wearable device can successfully decrypt the ciphertext according to the authentication key, and the obtained plaintext can be combined with the The second verification data is the same before the verification can be completed.
本发明实例中所提供的安全通信环境的建立方法,可以将第一终端设备和可穿戴设备(手机app与可穿戴设备)进行一对一的认证绑定,并且任何一步验证出错,都会断开两者之间的蓝牙连接。通过该方法,建立起的终端设备的客户端APP与可穿戴设备之间的一对一的安全通信环境,用户购买了可穿戴设备后,可以通过本发明实施例中提供的方法建立可穿戴设备与其自己的手机app之间的安全传输环境,提高了用户可穿戴设备的使用安全。The method for establishing a secure communication environment provided in the example of the present invention may perform one-to-one authentication binding between the first terminal device and the wearable device (the mobile phone app and the wearable device), and any one of the verification errors may be disconnected. Bluetooth connection between the two. Through the method, the one-to-one secure communication environment between the client APP and the wearable device of the terminal device is established. After the user purchases the wearable device, the wearable device can be established by the method provided in the embodiment of the present invention. The secure transmission environment between the user and its own mobile phone app improves the safety of the user's wearable device.
在实际应用中,第一终端设备与可穿戴设备首次建立安全通信环境时,采用图1中所示的方案,再次建立时采用图2中所示的方法即可,但是更换第一通信设备或第二通信设备后,都将会重新建立安全通信环境,因为对于一个新的第一终端设备而言,认证密钥将会改变,而对于一个新的可穿戴设备而言,所述认证密钥将不存在。In the actual application, when the first terminal device and the wearable device establish a secure communication environment for the first time, the solution shown in FIG. 1 is adopted, and the method shown in FIG. 2 may be used when re-establishing, but the first communication device is replaced or After the second communication device, the secure communication environment will be re-established, because for a new first terminal device, the authentication key will change, and for a new wearable device, the authentication key Will not exist.
对应于图1中所示的方法,本发明的实施例中还提供了一种安全通信环境的建立系统,如图3所示,该系统包括第一终端设备100和可穿戴设备200;所述第一终端设备100包括第一通信模块110、第一安全验证模块120和第二安全验证模块140,所述可穿戴设备200包括第二通信模块210、第一确认包发送模块230和第二验证数据发送模块240。其中:Corresponding to the method shown in FIG. 1 , an embodiment of the present invention further provides a system for establishing a secure communication environment, as shown in FIG. 3 , the system includes a first terminal device 100 and a wearable device 200; The first terminal device 100 includes a first communication module 110, a first security verification module 120, and a second security verification module 140. The wearable device 200 includes a second communication module 210, a first acknowledgement packet sending module 230, and a second verification. Data sending module 240. among them:
第一通信模块110,用于建立与可穿戴设备的通信连接;a first communication module 110, configured to establish a communication connection with the wearable device;
第一安全验证模块120,用于在与可穿戴设备建立通信连接后,向可穿戴设备发送两者之间约定的第一安全验证数据包,并在接收到可穿戴设备返回的应答确认包后,判断所述应答确认包是否正确,若是,则进入第二安全验证模块,若否,则断开与可穿戴设备的连接,提示验证失败;The first security verification module 120 is configured to send, after establishing a communication connection with the wearable device, the first security verification data packet agreed between the two to the wearable device, and after receiving the response confirmation packet returned by the wearable device Determining whether the response confirmation packet is correct, and if yes, entering the second security verification module, and if not, disconnecting from the wearable device, indicating that the verification fails;
第二安全验证模块140,用于根据第一终端设备与可穿戴设备之间的认证密钥,对第二验证数据进行加密,将加密后的密文发送到可穿戴设备,并在接收到可穿戴设备发送的明文后,比对所述明文与所述第二验证数据是否相同,若是,则安全通信环境建立完成,若否,则断开与可穿戴设备的连接;The second security verification module 140 is configured to encrypt the second verification data according to the authentication key between the first terminal device and the wearable device, and send the encrypted ciphertext to the wearable device, and receive the After the plaintext sent by the device is received, the plaintext is compared with the second verification data, and if yes, the secure communication environment is established, and if not, the connection with the wearable device is disconnected;
第二通信模块210,用于建立与第一终端设备的通信连接; a second communication module 210, configured to establish a communication connection with the first terminal device;
第一确认包发送模块220,用于在接收到所述第一安全验证数据包后,向第一终端设备返回应答确认包;The first confirmation packet sending module 220 is configured to: after receiving the first security verification data packet, return a response confirmation packet to the first terminal device;
第二验证数据发送模块240,用于在接收到第一终端设备发送的所述密文后,根据其与第一终端设备之间的认证密钥对密文进行解密,得到解密后的明文并发送到第一终端设备。The second verification data sending module 240 is configured to: after receiving the ciphertext sent by the first terminal device, decrypt the ciphertext according to the authentication key between the first terminal device and the first terminal device, and obtain the decrypted plaintext. Send to the first terminal device.
在本发明的一个实施例中,如图4所示,所述第一终端设备100还可以包括认证密钥生成模块130,可穿戴设备200还可以包括认证密钥接收模块230。其中:In an embodiment of the present invention, as shown in FIG. 4, the first terminal device 100 may further include an authentication key generation module 130, and the wearable device 200 may further include an authentication key receiving module 230. among them:
认证密钥生成模块130,用于在第一终端设备判断出所述应答确认包正确后,对第一验证数据进行加密前,生成其与可穿戴设备之间的认证密钥,并将认证密钥发送到可穿戴设备;The authentication key generation module 130 is configured to: after the first terminal device determines that the response confirmation packet is correct, generate an authentication key between the first authentication data and the wearable device, and encrypt the authentication key The key is sent to the wearable device;
认证密钥接收模块230,用于接收所述认证密钥,并向第一终端设备返回接收确认数据。The authentication key receiving module 230 is configured to receive the authentication key and return the receiving confirmation data to the first terminal device.
在实际应用中,所述认证密钥可以是对称密钥,也可以是非对称密钥,若是对称密钥,则第一终端设备和可穿戴设备两者中的认证密钥相同,若是非对称密钥,则第一终端设备中存储的是私钥,第一终端设备发送到可穿戴设备的则是与所述私钥对应的公钥。In an actual application, the authentication key may be a symmetric key or an asymmetric key. If the symmetric key is used, the authentication key in both the first terminal device and the wearable device is the same. The key is stored in the first terminal device as a private key, and the first terminal device sends the public key corresponding to the private key to the wearable device.
在本发明的一个实施例中,所述认证密钥生成模块130包括穿戴设备唯一标识获取单元131、MD5值计算模块132和认证密钥确定单元133,如图5所示。其中:In an embodiment of the present invention, the authentication key generation module 130 includes a wearable device unique identifier acquisition unit 131, an MD5 value calculation module 132, and an authentication key determination unit 133, as shown in FIG. among them:
穿戴设备唯一标识获取单元131,用于获取第一终端设备上安装的与所述可穿戴设备相对应的客户端APP的通用唯一标识符UUID;The wearable device unique identifier obtaining unit 131 is configured to acquire a universal unique identifier UUID of the client APP corresponding to the wearable device installed on the first terminal device;
MD5值计算模块132,用于将所述通用唯一标识符UUID进行MD5计算,得到MD5值;The MD5 value calculation module 132 is configured to perform MD5 calculation on the universal unique identifier UUID to obtain an MD5 value;
认证密钥确定单元133,用于截取所述MD5值的指定字节作为所述认证密钥。The authentication key determining unit 133 is configured to intercept the specified byte of the MD5 value as the authentication key.
需要说明的是,在本文中,诸如第一和第二等之类的关系术语仅仅用来 将一个实体或者操作与另一个实体或操作区分开来,而不一定要求或者暗示这些实体或操作之间存在任何这种实际的关系或者顺序。而且,术语“包括”、“包含”或者其任何其他变体意在涵盖非排他性的包含,从而使得包括一系列要素的过程、方法、物品或者设备不仅包括那些要素,而且还包括没有明确列出的其他要素,或者是还包括为这种过程、方法、物品或者设备所固有的要素。在没有更多限制的情况下,由语句“包括一个……”限定的要素,并不排除在包括所述要素的过程、方法、物品或者设备中还存在另外的相同要素。It should be noted that in this paper, relational terms such as first and second are used only to An entity or operation is distinguished from another entity or operation, and does not necessarily require or imply any such actual relationship or order. Furthermore, the term "comprises" or "comprises" or "comprises" or any other variations thereof is intended to encompass a non-exclusive inclusion, such that a process, method, article, or device that comprises a plurality of elements includes not only those elements but also Other elements, or elements that are inherent to such a process, method, item, or device. An element that is defined by the phrase "comprising a ..." does not exclude the presence of additional equivalent elements in the process, method, item, or device that comprises the element.
本说明书中的各个实施例均采用相关的方式描述,各个实施例之间相同相似的部分互相参见即可,每个实施例重点说明的都是与其他实施例的不同之处。尤其,对于装置实施例而言,由于其基本相似于方法实施例,所以描述的比较简单,相关之处参见方法实施例的部分说明即可。The various embodiments in the present specification are described in a related manner, and the same or similar parts between the various embodiments may be referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the device embodiment, since it is basically similar to the method embodiment, the description is relatively simple, and the relevant parts can be referred to the description of the method embodiment.
本领域普通技术人员可以理解实现上述装置实施方式中各部分的全部或部分可以以硬件实现,或者以在一个或多个硬件上运行的软件模块来实现,方法实施方式中的全部或部分步骤是可以通过程序来指令相关的硬件来完成。本领域技术人员应该明白,本发明所述的方法和装置并不限于具体实施方式中所述的实施例,上面的具体描述只是为了解释本发明的目的,并非用于限制本发明。本领域技术人员根据本发明的技术方案得出其他的实施方式,同样属于本发明的技术创新范围,本发明的保护范围由权利要求及其等同物限定。One of ordinary skill in the art can appreciate that implementing all or part of the various parts of the above apparatus embodiments may be implemented in hardware or in a software module running on one or more hardware. All or part of the steps in the method embodiment are This can be done by the program to instruct the relevant hardware. It should be understood by those skilled in the art that the present invention is not limited to the embodiments of the present invention. Other embodiments of the present invention will be apparent to those skilled in the art in the light of the appended claims.
显然,本领域的技术人员可以对本发明进行各种改动和变型而不脱离本发明的精神和范围。这样,倘若本发明的这些修改和变型属于本发明权利要求及其同等技术的范围之内,则本发明也意图包含这些改动和变型在内。 It is apparent that those skilled in the art can make various modifications and variations to the invention without departing from the spirit and scope of the invention. Thus, it is intended that the present invention cover the modifications and the modifications

Claims (10)

  1. 一种可穿戴设备的安全通信环境的建立方法,包括以下步骤:A method for establishing a secure communication environment of a wearable device includes the following steps:
    (1)建立第一终端设备和可穿戴设备的通信连接,第一终端设备向可穿戴设备发送两者之间约定的第一安全验证数据包;(1) establishing a communication connection between the first terminal device and the wearable device, the first terminal device transmitting, to the wearable device, the first security verification data packet agreed between the two;
    (2)可穿戴设备接收所述第一安全验证数据包,并向第一终端设备返回应答确认包;(2) The wearable device receives the first security verification data packet, and returns a response confirmation packet to the first terminal device;
    (3)第一终端设备接收应答确认包,并判断所述应答确认包是否正确,若是,则进入下一步,若否,则断开与可穿戴设备的连接,提示验证失败;(3) The first terminal device receives the response confirmation packet, and determines whether the response confirmation packet is correct. If yes, the process proceeds to the next step. If not, the connection with the wearable device is disconnected, indicating that the verification fails;
    (4)第一终端设备根据其与可穿戴设备之间的认证密钥,对第二验证数据进行加密,将加密后的密文发送到可穿戴设备;(4) The first terminal device encrypts the second verification data according to the authentication key between the first terminal device and the wearable device, and sends the encrypted ciphertext to the wearable device;
    (5)可穿戴设备接收所述密文,根据其与第一终端设备之间的认证密钥对密文进行解密,得到解密后的明文并发送到第一终端设备;(5) The wearable device receives the ciphertext, decrypts the ciphertext according to the authentication key between the wearable device and the first terminal device, and obtains the decrypted plaintext and sends the decrypted plaintext to the first terminal device;
    (6)第一终端设备接收所述明文,将所述明文与所述第二验证数据比对,若所述明文与所述第二验证数据相同,则安全通信环境建立完成,若否,则断开与可穿戴设备的连接。(6) The first terminal device receives the plaintext, and compares the plaintext with the second verification data. If the plaintext and the second verification data are the same, the secure communication environment is established, and if not, Disconnect from the wearable device.
  2. 根据权利要求1所述的一种可穿戴设备的安全通信环境的建立方法,其特征在于:所述第一终端设备上安装有与所述可穿戴设备相对应的客户端APP,步骤(1)中,所述建立第一终端设备和可穿戴设备的通信连接是指建立第一终端设备上所述客户端APP与可穿戴设备的通信。The method for establishing a secure communication environment of a wearable device according to claim 1, wherein the first terminal device is installed with a client APP corresponding to the wearable device, and step (1) The establishing a communication connection between the first terminal device and the wearable device refers to establishing communication between the client APP and the wearable device on the first terminal device.
  3. 根据权利要求2所述的一种可穿戴设备的安全通信环境的建立方法,其特征在于:第一终端设备判断所述应答确认包正确后,对第二验证数据进行加密前,还包括:The method for establishing a secure communication environment of a wearable device according to claim 2, wherein after the first terminal device determines that the response confirmation packet is correct, before encrypting the second verification data, the method further includes:
    第一终端设备生成其与可穿戴设备之间的认证密钥,并将认证密钥发送到可穿戴设备;The first terminal device generates an authentication key between the first terminal device and the wearable device, and sends the authentication key to the wearable device;
    可穿戴设备接收并存储所述认证密钥,并向第一终端设备返回接收确认数据。 The wearable device receives and stores the authentication key and returns receipt confirmation data to the first terminal device.
  4. 根据权利要求3所述的一种可穿戴设备的安全通信环境的建立方法,其特征在于:若第一终端设备在设定时间内未收到可穿戴设备返回的所述接收确认数据,则断开与可穿戴设备之间的连接。The method for establishing a secure communication environment of a wearable device according to claim 3, wherein if the first terminal device does not receive the reception confirmation data returned by the wearable device within a set time, Open the connection to the wearable device.
  5. 根据权利要求3所述的一种可穿戴设备的安全通信环境的建立方法,其特征在于:所述第一终端设备根据其所安装的与所述可穿戴设备对应的客户端APP的通用唯一标识符UUID生成所述认证密钥。The method for establishing a secure communication environment of a wearable device according to claim 3, wherein the first terminal device according to the universally unique identifier of the client APP that is installed corresponding to the wearable device The UUID generates the authentication key.
  6. 根据权利要求5所述的一种可穿戴设备的安全通信环境的建立方法,其特征在于:第一终端设备根据所述通用唯一标识符UUID生成认证密钥,包括:The method for establishing a secure communication environment of a wearable device according to claim 5, wherein the first terminal device generates an authentication key according to the universal unique identifier UUID, including:
    将所述通用唯一标识符UUID进行MD5计算,得到MD5值;Performing MD5 calculation on the universal unique identifier UUID to obtain an MD5 value;
    截取所述MD5值的指定字节作为所述认证密钥。The specified byte of the MD5 value is intercepted as the authentication key.
  7. 根据权利要求1至6之一所述的一种可穿戴设备的安全通信环境的建立方法,其特征在于:所述第二验证数据为第一终端设备中预存储的数据或第一终端设备随机生成的数据。The method for establishing a secure communication environment of a wearable device according to any one of claims 1 to 6, wherein the second verification data is data pre-stored in the first terminal device or random to the first terminal device Generated data.
  8. 一种可穿戴设备的安全通信环境的建立系统,包括第一终端设备和可穿戴设备;其特征在于,所述第一终端设备包括:A system for establishing a secure communication environment of a wearable device, comprising: a first terminal device and a wearable device; wherein the first terminal device comprises:
    第一通信模块,用于建立与可穿戴设备的通信连接;a first communication module, configured to establish a communication connection with the wearable device;
    第一安全验证模块,用于在与可穿戴设备建立通信连接后,向可穿戴设备发送两者之间约定的第一安全验证数据包,并在接收到可穿戴设备返回的应答确认包后,判断所述应答确认包是否正确,若是,则进入第二安全验证模块,若否,则断开与可穿戴设备的连接,提示验证失败;a first security verification module, configured to send, after establishing a communication connection with the wearable device, the first security verification data packet agreed between the two to the wearable device, and after receiving the response confirmation packet returned by the wearable device, Determining whether the response confirmation packet is correct, and if yes, entering the second security verification module; if not, disconnecting from the wearable device, indicating that the verification fails;
    第二安全验证模块,用于根据第一终端设备与可穿戴设备之间的认证密钥,对第二验证数据进行加密,将加密后的密文发送到可穿戴设备,并在接收到可穿戴设备发送的明文后,比对所述明文与所述第二验证数据是否相同,若是,则安全通信环境建立完成,若否,则断开与可穿戴设备的连接;a second security verification module, configured to encrypt the second verification data according to the authentication key between the first terminal device and the wearable device, send the encrypted ciphertext to the wearable device, and receive the wearable After the plaintext sent by the device compares whether the plaintext and the second verification data are the same, if yes, the secure communication environment is established, and if not, disconnecting from the wearable device;
    所述可穿戴设备包括: The wearable device includes:
    第二通信模块,用于建立与第一终端设备的通信连接;a second communication module, configured to establish a communication connection with the first terminal device;
    第一确认包发送模块,用于在接收到所述第一安全验证数据包后,向第一终端设备返回应答确认包;a first acknowledgement packet sending module, configured to return a response confirmation packet to the first terminal device after receiving the first security verification data packet;
    第二验证数据发送模块,用于在接收到第一终端设备发送的所述密文后,根据其与第一终端设备之间的认证密钥对密文进行解密,得到解密后的明文并发送到第一终端设备。a second verification data sending module, configured to: after receiving the ciphertext sent by the first terminal device, decrypt the ciphertext according to the authentication key between the first terminal device and the first terminal device, and obtain the decrypted plaintext and send the ciphertext To the first terminal device.
  9. 根据权利要求8所述的一种可穿戴设备的安全通信环境的建立系统,其特征在于:所述第一终端设备还包括:The system for establishing a secure communication environment of a wearable device according to claim 8, wherein the first terminal device further comprises:
    认证密钥生成模块,用于在第一终端设备判断出所述应答确认包正确后,对第二验证数据进行加密前,生成其与可穿戴设备之间的认证密钥,并将认证密钥发送到可穿戴设备;The authentication key generating module is configured to: after the first terminal device determines that the response confirmation packet is correct, generate an authentication key between the second authentication data and the wearable device, and generate an authentication key Sent to the wearable device;
    所述可穿戴设备还包括:The wearable device further includes:
    认证密钥接收模块,用于接收所述认证密钥,并向第一终端设备返回接收确认数据。The authentication key receiving module is configured to receive the authentication key, and return the receiving confirmation data to the first terminal device.
  10. 根据权利要求9所述的一种可穿戴设备的安全通信环境的建立系统,其特征在于:所述认证密钥生成模块包括:The system for establishing a secure communication environment of a wearable device according to claim 9, wherein the authentication key generation module comprises:
    穿戴设备唯一标识获取单元,用于获取第一终端设备上安装的与所述可穿戴设备相对应的客户端APP的通用唯一标识符UUID;a wearable device unique identifier obtaining unit, configured to acquire a universal unique identifier UUID of the client APP corresponding to the wearable device installed on the first terminal device;
    MD5值计算模块,用于将所述通用唯一标识符UUID进行MD5计算,得到MD5值;An MD5 value calculation module, configured to perform MD5 calculation on the universal unique identifier UUID to obtain an MD5 value;
    认证密钥确定单元,用于截取所述MD5值的指定字节作为所述认证密钥。 An authentication key determining unit is configured to intercept a specified byte of the MD5 value as the authentication key.
PCT/CN2017/099428 2016-12-23 2017-08-29 Method and system for establishing secure communication environment for wearable device WO2018113337A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201611203435.1 2016-12-23
CN201611203435.1A CN106792700A (en) 2016-12-23 2016-12-23 The method for building up and system of a kind of secure communication environment of wearable device

Publications (1)

Publication Number Publication Date
WO2018113337A1 true WO2018113337A1 (en) 2018-06-28

Family

ID=58897750

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2017/099428 WO2018113337A1 (en) 2016-12-23 2017-08-29 Method and system for establishing secure communication environment for wearable device

Country Status (2)

Country Link
CN (1) CN106792700A (en)
WO (1) WO2018113337A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114693018A (en) * 2020-12-28 2022-07-01 北京三快在线科技有限公司 Distribution state monitoring method, device, medium, terminal and wearable device

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106792700A (en) * 2016-12-23 2017-05-31 北京握奇数据系统有限公司 The method for building up and system of a kind of secure communication environment of wearable device
CN107872800A (en) * 2018-01-08 2018-04-03 深圳市芯中芯科技有限公司 A kind of bluetooth equipment BLE cut-in methods based on software double factor authentication
CN109041021B (en) * 2018-07-24 2021-08-10 百富计算机技术(深圳)有限公司 File transmission method based on Bluetooth, terminal equipment and storage medium
CN109890012A (en) * 2018-12-29 2019-06-14 北京旷视科技有限公司 Data transmission method, device, system and storage medium
CN111510214B (en) * 2020-04-23 2021-11-12 京东方科技集团股份有限公司 Optical communication device, optical communication system, and communication connection establishment method
CN113709088B (en) * 2020-05-22 2023-04-28 中国联合网络通信集团有限公司 Data transmission method, device, equipment and storage medium based on wearable equipment

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103326866A (en) * 2013-06-29 2013-09-25 安科智慧城市技术(中国)有限公司 Authentication method and system based on equipment MAC address
CN105246026A (en) * 2015-09-22 2016-01-13 东南大学 Secure pairing method for intelligent wearable equipment and other equipment
US20160080380A1 (en) * 2014-09-17 2016-03-17 Microsoft Technology Licensing, Llc Establishing trust between two devices
CN106034028A (en) * 2015-03-17 2016-10-19 阿里巴巴集团控股有限公司 Terminal equipment authentication method, apparatus and system thereof
CN106792700A (en) * 2016-12-23 2017-05-31 北京握奇数据系统有限公司 The method for building up and system of a kind of secure communication environment of wearable device

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103326866A (en) * 2013-06-29 2013-09-25 安科智慧城市技术(中国)有限公司 Authentication method and system based on equipment MAC address
US20160080380A1 (en) * 2014-09-17 2016-03-17 Microsoft Technology Licensing, Llc Establishing trust between two devices
CN106034028A (en) * 2015-03-17 2016-10-19 阿里巴巴集团控股有限公司 Terminal equipment authentication method, apparatus and system thereof
CN105246026A (en) * 2015-09-22 2016-01-13 东南大学 Secure pairing method for intelligent wearable equipment and other equipment
CN106792700A (en) * 2016-12-23 2017-05-31 北京握奇数据系统有限公司 The method for building up and system of a kind of secure communication environment of wearable device

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114693018A (en) * 2020-12-28 2022-07-01 北京三快在线科技有限公司 Distribution state monitoring method, device, medium, terminal and wearable device

Also Published As

Publication number Publication date
CN106792700A (en) 2017-05-31

Similar Documents

Publication Publication Date Title
WO2018113337A1 (en) Method and system for establishing secure communication environment for wearable device
KR102018971B1 (en) Method for enabling network access device to access wireless network access point, network access device, application server and non-volatile computer readable storage medium
WO2018076365A1 (en) Key negotiation method and device
CN113099443B (en) Equipment authentication method, device, equipment and system
KR101239297B1 (en) System for protecting information and method thereof
CN106603485A (en) Secret key negotiation method and device
WO2019199836A1 (en) Secure communication using device-identity information linked to cloud-based certificates
WO2016115807A1 (en) Wireless router access processing method and device, and wireless router access method and device
WO2012024872A1 (en) Method, system and related apparatus for encrypting communication in mobile internet
CN104219041A (en) Data transmission encryption method applicable for mobile internet
TWI636373B (en) Method and device for authorizing between devices
KR20040075293A (en) Apparatus and method simplifying an encrypted network
KR102325725B1 (en) Digital certificate management method and device
CN106998316B (en) Authentication method, application client and gateway equipment
TW201417546A (en) Instant messaging method and system
CN105162599A (en) Data transmission system and data transmission method
CN102868531A (en) Networked transaction certification system and method
CN107682152B (en) Group key negotiation method based on symmetric cipher
CN108306793B (en) Intelligent device, intelligent home gateway, and method and system for establishing connection
CN104243452A (en) Method and system for cloud computing access control
WO2014146609A1 (en) Information processing method, trust server and cloud server
WO2018014785A1 (en) System, method, and device for processing sub-account information
CN108199851B (en) Data secure transmission method, device and system
CN114331456A (en) Communication method, device, system and readable storage medium
JP2016019233A (en) Communication system, communication device, key managing device and communication method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17885178

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17885178

Country of ref document: EP

Kind code of ref document: A1