CN111212047A - Communication establishing method and device - Google Patents
Communication establishing method and device Download PDFInfo
- Publication number
- CN111212047A CN111212047A CN201911368455.8A CN201911368455A CN111212047A CN 111212047 A CN111212047 A CN 111212047A CN 201911368455 A CN201911368455 A CN 201911368455A CN 111212047 A CN111212047 A CN 111212047A
- Authority
- CN
- China
- Prior art keywords
- resource component
- password
- vehicle control
- communication
- password resource
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/50—Network services
- H04L67/55—Push-based network services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a communication establishing method and a device, which are applied to the communication between a vehicle control application program and an application server and comprise the following steps: acquiring identity information of a user and submitting the identity information to a security center; receiving and storing a first password resource component pushed by the security center according to the identity information; establishing connection with an application server side, and performing bidirectional identity authentication; when the bidirectional identity authentication is successful, receiving a second password resource component and a third password resource component pushed by the application server, and recovering in the memory to obtain a first password resource; the first cryptographic resource includes a first cryptographic resource component, a second cryptographic resource component, and a third cryptographic resource component; negotiating a first master key with an application server; obtaining a first communication key according to the first master key and the first password resource; and communicating with the application server side through the first communication key. The invention increases the security of the secret key by the methods of password resource component storage and bidirectional identity authentication.
Description
Technical Field
The invention relates to the field of data security, in particular to a communication establishing method and device.
Background
With the continuous development of the car networking technology, the requirements on information security are gradually increased, and especially higher requirements on the security protection of a communication link are provided.
In the related art, the way of improving the security of the key is to store the key in a certain file, or encode the key into a code, and then perform code obfuscation, but this only increases the difficulty of reverse analysis, and by increasing the time of the reverse analysis, the key can still be restored, and the security of the key cannot be effectively guaranteed.
Disclosure of Invention
Therefore, the technical problem to be solved by the present invention is to overcome the defect in the prior art that the security of the secret key cannot be guaranteed, thereby providing a communication establishment method and apparatus.
According to a first aspect, an embodiment of the present invention discloses a communication establishing method, applied to communication between a vehicle control application program and an application server, including the following steps: acquiring identity information of a user and submitting the identity information to a security center; receiving and storing a first password resource component pushed by the security center according to the identity information; establishing connection with the application server side, and performing bidirectional identity authentication; when the bidirectional identity authentication is successful, receiving a second password resource component and a third password resource component which are pushed by the application server side, and recovering in the memory to obtain a first password resource; the first cryptographic resource comprises a first cryptographic resource component, a second cryptographic resource component, and a third cryptographic resource component; negotiating a first master key with the application server; obtaining a first communication key according to the first master key and the first password resource; and communicating with the application server side through the first communication key.
With reference to the first aspect, in a first implementation manner of the first aspect, the method further includes: when a registration request of a user is received, a public and private key pair is obtained, and a certificate application file is generated; and applying for a management certificate according to the certificate application file.
With reference to the first implementation manner of the first aspect, in a second implementation manner of the first aspect, after the applying for the management certificate according to the certificate application file, the method further includes: establishing connection with the security center, and performing bidirectional identity authentication according to the management certificate; when the bidirectional identity authentication is successful, receiving a fourth password resource component pushed by the security center; recovering the fourth password resource component in the memory to obtain a second password resource; the second password resource comprises a fourth password resource component and a preset password resource component; negotiating a second master key with the security center; obtaining a second communication key according to the second master key and the second password resource; establishing an encrypted communication channel with the security center through the second communication key; receiving a sixth password resource component and a seventh password resource component which are pushed by the security center through the encrypted communication channel, storing the sixth password resource component, and recovering the sixth password resource component and the seventh password resource component in a memory to obtain a third password resource; negotiating a third master key with the security center; obtaining a third communication key according to the third master key and the third password resource; and communicating with the security center through the encrypted communication channel according to the third communication key.
With reference to the second aspect and the second embodiment, in a third embodiment of the second aspect, the method further comprises: and updating the password resource component connected with the security center and the password resource component connected with the application server at preset time.
According to a second aspect, an embodiment of the present invention further discloses a communication establishing method, applied to communication between a vehicle control application program and an application server, including the following steps: acquiring identity information of a user, wherein the identity information is synchronized through a security center; receiving a fifth password resource component pushed by the security center according to the identity information; the fifth cryptographic resource component comprises a second cryptographic resource component and a third cryptographic resource component; establishing connection with the vehicle control application program, and performing bidirectional identity authentication; when the bidirectional identity authentication is successful, pushing the second password resource component and the third password resource component to the vehicle control application program; negotiating a first master key with the vehicle control application; acquiring a first communication key obtained according to the first master key and a first password resource; the first cryptographic resource comprises a second cryptographic resource component, a third cryptographic resource component, and a first cryptographic resource component; the first password resource component is pushed to the vehicle control application program by the security center; communicate with the vehicle control application via the first communication key.
With reference to the second aspect, in a first embodiment of the second aspect, the method further comprises: updating the cryptographic resource components connected to the vehicle control application at a preset time.
According to a third aspect, an embodiment of the present invention further discloses a communication establishing apparatus, applied to communication between a vehicle control application and an application server, including: the first acquisition module is used for acquiring the identity information of a user and submitting the identity information to the security center; the first receiving module is used for receiving and storing a first password resource component pushed by the security center according to the identity information; the first connection module is used for establishing connection with the application server and performing bidirectional identity authentication; the second receiving module is used for receiving a second password resource component and a third password resource component which are pushed by the application server side when the bidirectional identity authentication is successful, and recovering the second password resource component and the third password resource component in the memory to obtain a first password resource; the first cryptographic resource comprises a first cryptographic resource component, a second cryptographic resource component, and a third cryptographic resource component; the first negotiation module is used for negotiating a first master key with the application server side; the communication key acquisition module is used for acquiring a first communication key according to the first master key and the first password resource; and the first communication module is used for communicating with the application server through the first communication key.
According to a fourth aspect, an embodiment of the present invention further discloses a communication establishing apparatus, applied to communication between a vehicle control application and an application server, including: the second acquisition module is used for acquiring the identity information of the user, and the identity information is synchronized through the security center; a third receiving module, configured to receive a fifth password resource component pushed by the security center according to the identity information; the fifth cryptographic resource component comprises a second cryptographic resource component and a third cryptographic resource component; the second connection module is used for establishing connection with the vehicle control application program and performing bidirectional identity authentication; the pushing module is used for pushing the second password resource component and the third password resource component to the vehicle control application program when the bidirectional identity authentication is successful; a second negotiation module to negotiate a first master key with the vehicle control application; a third obtaining module, configured to obtain a first communication key obtained according to the first master key and the first cryptographic resource; the first cryptographic resource comprises a second cryptographic resource component, a third cryptographic resource component, and a first cryptographic resource component; the first password resource component is pushed to the vehicle control application program by the security center; a second communication module to communicate with the vehicle control application via the first communication key.
According to a fifth aspect, an embodiment of the present invention further discloses an interaction system between a vehicle control application and an application server, including: the system comprises a vehicle control application program, an application server and a safety center, wherein the vehicle control application program submits user identity information to the safety center and synchronizes the user identity information to the application server; the safety center pushes a first password resource component to the vehicle control application program and pushes a fifth password resource component to the application server; the vehicle control application program establishes connection with the application server side and carries out bidirectional identity authentication; when the bidirectional identity authentication is finished, the application server side pushes a second password resource component and a third password resource component to the vehicle control application program; the second password resource component and the third password resource component form a fifth password resource component; the vehicle control application program negotiates a first master key with the application server; the vehicle control application program and the application server side obtain a first communication key according to the first master key and the first password resource component; and the vehicle control application program and the application server side communicate according to the first communication key.
According to a sixth aspect, an embodiment of the present invention further discloses an electronic device, including: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to cause the at least one processor to perform the communication establishment method according to the first aspect or any of the embodiments of the first aspect or the second aspect or any of the embodiments of the second aspect.
According to a seventh aspect, the embodiment of the present invention further discloses a computer-readable storage medium, on which computer instructions are stored, and the computer instructions, when executed by a processor, implement the communication establishment method according to the first aspect or any of the embodiments of the first aspect, or the communication establishment method according to any of the embodiments of the second aspect or the second aspect.
The technical scheme of the invention has the following advantages:
1. the invention provides a communication establishing method, which is applied to communication between a vehicle control application program and an application server, and comprises the steps of acquiring identity information of a user, submitting the identity information to a security center, receiving and storing a first password resource component pushed by the security center according to the identity information, establishing connection with the application server, performing bidirectional identity authentication, receiving a second password resource component and a third password resource component pushed by the application server when the bidirectional identity authentication is successful, recovering in a memory to obtain a first password resource, negotiating a first master key with the application server, obtaining a first communication key according to the first master key and the first password resource, and communicating with the application server through the first communication key, the invention increases the security of the secret key by the password resource component storage and the bidirectional identity authentication method.
2. The communication establishing method provided by the invention is applied to the communication between a vehicle control application program and an application server side, the identity information of a user is obtained and is synchronized through a security center, a fifth password resource component pushed by the security center according to the identity information is received, the fifth password resource component comprises a second password resource component and a third password resource component, the connection with the vehicle control application program is established, bidirectional identity authentication is carried out, when the bidirectional identity authentication is successful, the second password resource component and the third password resource component are pushed to the vehicle control application program, a first master key is negotiated with the vehicle control application program, a first communication key obtained according to the first master key and the first password resource is obtained, and the first password resource comprises the second password resource component, the third password resource component and the first password resource component, the first cipher resource component is pushed to the vehicle control application program by the security center, and is communicated with the vehicle control application program through the first communication key. The invention increases the security of the secret key by the password resource component storage and the bidirectional identity authentication method.
3. According to the interactive system of the vehicle control application program and the application server, the password resource component is stored by the vehicle control application program, and the bidirectional identity authentication method of the vehicle control application program and the application server is adopted, so that the storage safety of the password resource is guaranteed, and the key safety is improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a diagram of an embodiment of a vehicle control application program communicating with an application server according to embodiment 1 of the present invention;
fig. 2 is a flowchart of a specific example of a communication establishment method according to embodiment 2 of the present invention;
fig. 3 is a flowchart of a specific example of a communication establishment method according to embodiment 3 of the present invention;
fig. 4 is a schematic block diagram of a specific example of a communication establishing apparatus in embodiment 4 of the present invention;
fig. 5 is a schematic block diagram of a specific example of a communication establishing apparatus in embodiment 5 of the present invention;
fig. 6 is a diagram showing an example of an electronic device in embodiment 6 of the present invention.
Detailed Description
The technical solutions of the present invention will be described clearly and completely with reference to the accompanying drawings, and it should be understood that the described embodiments are some, but not all embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terms "first," "second," and "third" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
In addition, the technical features involved in the different embodiments of the present invention described below may be combined with each other as long as they do not conflict with each other.
Example 1
The embodiment provides an interactive system between a vehicle control application program and an application server, as shown in fig. 1, including: the system comprises a vehicle control application program, an application server and a safety center.
The vehicle control application obtains the public and private key pair and generates a certificate application file.
Illustratively, when a user registers information for the first time by using the vehicle control application, the vehicle control application generates a public-private key pair through the key derivation interface and generates a certificate application file, and the vehicle control application sends the certificate application file and the public key to the certificate management center to apply for a certificate.
The vehicle control application applies for a management certificate according to the certificate application file.
Illustratively, the vehicle control application applies for a management certificate from a certificate authority, the certificate authority performs a one-way hash algorithm on a public key of the vehicle control application and a certificate application file to generate a digest, the certificate authority signs the digest with its own private key and returns the signed digest to the vehicle control application, and the vehicle control application integrates the private key and the signed digest to generate the management certificate.
The vehicle control application program establishes connection with the security center and performs bidirectional identity authentication according to the management certificate.
Illustratively, the vehicle control application program actively initiates a connection request, plaintext transmission request information contains version information, an encryption suite candidate list, a compression algorithm candidate list, a random number, an expansion field and other information, TLS handshake connection is established with the security center, and confidentiality and data integrity are provided for information interaction between the vehicle control application program and the security center; when the vehicle control application program and the security center perform bidirectional identity authentication, a management certificate containing relevant information of a certificate authority can be sent to the other side for authentication, the certificate is decrypted by using a public key of the certificate authority, the certificate is verified, the abstract is taken out, then the abstract is generated according to the same Hash algorithm, the two abstracts are compared, and the identity of the vehicle control application program is authenticated. Through bidirectional identity authentication, the security of the key is increased.
When the bidirectional identity authentication is successful, the vehicle control application program receives a fourth password resource component pushed by the security center; recovering the fourth password resource component in the memory to obtain a second password resource; the second cryptographic resource includes a fourth cryptographic resource component and a preset cryptographic resource component.
Exemplarily, a password resource component is preset in the vehicle control application program, and the preset password resource component may be at least one of a symmetric encryption algorithm, an asymmetric encryption algorithm, a hash algorithm, an algorithm parameter and a key pair, and the preset password resource component is not specifically limited in the embodiment of the present invention and may be set according to an actual situation; when the bidirectional identity authentication is successful, the security center pushes a fourth password resource component to the vehicle control application program, the vehicle control application program recovers the fourth password resource component in the memory, a second password resource is obtained after recovery, and the second password resource is not stored locally, so that the security of the password resource is guaranteed.
The vehicle control application negotiates a second master key with the security center.
Illustratively, the vehicle control application and the security center use an SSL protocol to generate a second master key, where the second master key is a secret key shared by the vehicle control application and the security center, and is mainly used to obtain a communication key through encryption, so as to ensure the security of the communication key during data transmission.
And obtaining a second communication key according to the second master key and the second password resource.
Illustratively, the second communication key is generated by calculation according to a second master key and a second cryptographic resource, the second communication key is used for ensuring the security of the cryptographic resource component pushed to the vehicle control application program by the security center in the following steps, the second communication key may include one or more sets of unordered check codes, two sets of the unordered check codes are generated according to a standard established when two parties generate the keys, one set of the encryption key is an encryption key, the other set of the encryption key is a decryption key, the two parties respectively store one set of the encryption key, and, or, unequal operations are performed on the binary coding bits of the plaintext according to a certain rule respectively to obtain encrypted information, the encrypted information is transmitted to the other party through a network, and the other party decrypts the information through the decryption key to obtain the plaintext.
The vehicle control application establishes an encrypted communication channel with the security center via the second communication key.
In the embodiment of the invention, the vehicle control application program and the security center initialize to generate a public-private key pair, and after a full-duplex encryption negotiation process, a communication channel encrypted by using a symmetric encryption algorithm is established between the vehicle control application program and the security center, and subsequent data transmission of the vehicle control application program and the security center is carried out under the communication channel. The communication channel encryption algorithm is not particularly limited in the embodiment of the application, and can be set according to actual conditions.
And the vehicle control application program receives the sixth password resource component and the seventh password resource component which are pushed by the security center through the encrypted communication channel, stores the sixth password resource component, and recovers the sixth password resource component and the seventh password resource component in the memory to obtain the third password resource.
Illustratively, in order to ensure communication security, the second cryptographic resource is updated, the sixth cryptographic resource component and the seventh cryptographic resource component are protected by using the second communication key, after the vehicle control application program receives the sixth cryptographic resource component and the seventh cryptographic resource component, the sixth cryptographic resource component is stored, the preset cryptographic resource component is replaced and updated, the sixth cryptographic resource component and the seventh cryptographic resource component are recovered in the memory, the third cryptographic resource is obtained, the cryptographic resource update is completed, the third communication key is generated according to the third cryptographic resource, and communication data between the subsequent vehicle control application program and the security center in a communication process is protected from being stolen.
The vehicle control application negotiates a third master key with the security center. The detailed description of the step "the vehicle control application program negotiates the second master key with the security center" is omitted here for details.
And the vehicle control application program obtains a third communication key according to the third master key and the third password resource, and communicates with the security center through an encrypted communication channel according to the third communication key.
Illustratively, the third communication key is generated by calculation according to the third master key and the third cryptographic resource, so that the communication data of the vehicle control application program and the security center in the subsequent communication process can be guaranteed not to be stolen.
After the vehicle control application program and the security center calculate the third communication key, the vehicle control application program submits the identity information to the security center.
The user identity information may be, for example, a name, a mobile phone number, an identification number, a mailbox, and the like of the user, and the user identity information is not limited in the embodiment of the present application and may be set according to an actual situation.
And the safety center pushes the first password resource component to the vehicle control application program according to the identity information, and pushes the fifth password resource component to the application server.
Illustratively, the security center synchronizes the user information to the application server, generates a first password resource between the user and the application server according to the user identity information, pushes a first password resource component to the vehicle control application program, pushes a fifth password resource component to the application server, and the vehicle control application program receives the first password resource component pushed by the security center and stores the first password resource component. The first password resource component and the fifth password resource component can be at least one of a symmetric encryption algorithm, an asymmetric encryption algorithm, a hash algorithm, an algorithm parameter and a key pair, and the first password resource component and the fifth password resource component are combined to generate a complete first password resource.
The vehicle control application program establishes connection with the application server side, and bidirectional identity authentication is carried out by sending an application certificate to the opposite side. In the specific implementation manner, the description of the step "the vehicle control application program establishes a connection with the security center and performs bidirectional identity authentication according to the management certificate" is not repeated here.
When the bidirectional identity authentication is successful, the vehicle control application program receives the second password resource component and the third password resource component pushed by the application server, and recovers in the memory to obtain the first password resource; the first cryptographic resource includes a first cryptographic resource component, a second cryptographic resource component, and a third cryptographic resource component.
Illustratively, the second password resource component and the third password resource component are pushed to the application server by the security center, the application server pushes the second password resource component and the third password resource component to the vehicle control application program, the vehicle control application program receives the second password resource component and the third password resource component and recovers the second password resource component and the third password resource component in the memory to obtain the first password resource, and the password resource is not locally stored.
The vehicle control application negotiates a first master key with the application server. The detailed description of the step "the vehicle control application program negotiates the second master key with the security center" is omitted here for details.
And obtaining a first communication key according to the first master key and the first password resource. In the specific embodiment, the description of the step "obtaining the second communication key according to the second master key and the second cryptographic resource" is omitted here for brevity.
The vehicle control application program communicates with the application server through the first communication key. In a specific embodiment, the description of the step "the vehicle control application program establishes the encrypted communication channel with the security center through the second communication key, and the vehicle control application program and the security center communicate with the security center through the encrypted communication channel" is given above, and details are not repeated herein.
According to the interactive system of the vehicle control application program and the application server, the password resource component is stored by the vehicle control application program, and the bidirectional identity authentication method of the vehicle control application program and the application server is adopted, so that the storage safety of the password resource is guaranteed, and the key safety is improved.
Example 2
The embodiment of the invention provides a communication establishing method, which is applied to communication between a vehicle control application program and an application server, and as shown in fig. 2, the communication establishing method comprises the following steps:
s11: and acquiring the identity information of the user and submitting the identity information to the security center. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
S12: and receiving and storing the first password resource component pushed by the security center according to the identity information. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
S13: and establishing connection with the application server side, and performing bidirectional identity authentication. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
S14: when the bidirectional identity authentication is successful, receiving a second password resource component and a third password resource component pushed by the application server, and recovering in the memory to obtain a first password resource; the first cryptographic resource includes a first cryptographic resource component, a second cryptographic resource component, and a third cryptographic resource component. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
S15: a first master key is negotiated with an application server. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
S16: and obtaining a first communication key according to the first master key and the first password resource. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
S17: and communicating with the application server side through the first communication key. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
The invention provides a communication establishing method, which is applied to communication between a vehicle control application program and an application server, and comprises the steps of acquiring identity information of a user, submitting the identity information to a security center, receiving and storing a first password resource component pushed by the security center according to the identity information, establishing connection with the application server, performing bidirectional identity authentication, receiving a second password resource component and a third password resource component pushed by the application server when the bidirectional identity authentication is successful, recovering in a memory to obtain a first password resource, negotiating a first master key with the application server, obtaining a first communication key according to the first master key and the first password resource, and communicating with the application server through the first communication key, the invention increases the security of the secret key by the password resource component storage and the bidirectional identity authentication method.
As an optional embodiment of the present application, the communication establishment method further includes: when a registration request of a user is received,
firstly, a public and private key pair is obtained, and a certificate application file is generated. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
Secondly, a management certificate is applied according to the certificate application file. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
As an optional embodiment of the present application, the communication establishment method further includes:
and establishing connection with a security center, and performing bidirectional identity authentication according to the management certificate. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
And when the bidirectional identity authentication is successful, receiving a fourth password resource component pushed by the security center. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
Recovering the fourth password resource component in the memory to obtain a second password resource; the second cryptographic resource includes a fourth cryptographic resource component and a preset cryptographic resource component. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
A second master key is negotiated with the security center. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
And obtaining a second communication key according to the second master key and the second password resource. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
An encrypted communication channel is established with the security center by means of the second communication key. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
Receiving a sixth password resource component and a seventh password resource component which are pushed by the security center through an encrypted communication channel, storing the sixth password resource component, and recovering the sixth password resource component and the seventh password resource component in the memory to obtain a third password resource; the specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
Negotiating a third master key with the security center; the specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
Obtaining a third communication key according to the third master key and the third password resource; the specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
And communicating with the security center through the encrypted communication channel according to the third communication key. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
According to the interactive system of the vehicle control application program and the application server, the password resource component is stored by the vehicle control application program, and the bidirectional identity authentication method of the vehicle control application program and the application server is adopted, so that the storage safety of the key resource is guaranteed, and the security of the key is improved.
As an optional embodiment of the present application, the communication establishment method further includes:
and updating the password resource component connected with the security center and the password resource component connected with the application server at preset time.
For example, the password resource component of the vehicle control application program has a life cycle, that is, a preset time, which may be one week or one month.
Example 3
The embodiment of the invention provides a communication establishing method, which is applied to communication between a vehicle control application program and an application server, and as shown in fig. 3, the communication establishing method comprises the following steps:
s21: and acquiring the identity information of the user, and synchronizing the identity information through the security center. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
S22: receiving a fifth password resource component pushed by the security center according to the identity information; the fifth cryptographic resource component includes the second cryptographic resource component and the third cryptographic resource component. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
S23: and establishing connection with a vehicle control application program, and performing bidirectional identity authentication. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
S24: and when the bidirectional identity authentication is successful, pushing the second password resource component and the third password resource component to the vehicle control application program. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
S25: a first master key is negotiated with a vehicle control application. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
S26: acquiring a first communication key obtained according to a first master key and a first password resource; the first cryptographic resource comprises a second cryptographic resource component, a third cryptographic resource component, and a first cryptographic resource component; the first cryptographic resource component is pushed to the vehicle control application by the security center. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
S27: the vehicle control application is communicated with through a first communication key. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
The communication establishing method provided by the invention is applied to the communication between a vehicle control application program and an application server side, the identity information of a user is obtained and is synchronized through a security center, a fifth password resource component pushed by the security center according to the identity information is received, the fifth password resource component comprises a second password resource component and a third password resource component, the connection with the vehicle control application program is established, bidirectional identity authentication is carried out, when the bidirectional identity authentication is successful, the second password resource component and the third password resource component are pushed to the vehicle control application program, a first master key is negotiated with the vehicle control application program, a first communication key obtained according to the first master key and the first password resource is obtained, and the first password resource comprises the second password resource component, the third password resource component and the first password resource component, the first cipher resource component is pushed to the vehicle control application program by the security center, and is communicated with the vehicle control application program through the first communication key. The invention increases the security of the secret key by the password resource component storage and the bidirectional identity authentication method.
As an optional embodiment of the present application, the communication establishment method further includes:
the cryptographic resource components connected to the vehicle control application are updated at a preset time. The specific implementation manner is shown in the corresponding steps of example 2, and is not described herein again.
Example 4
An embodiment of the present invention provides a communication establishing apparatus, which is applied to communication between a vehicle control application program and an application server, and as shown in fig. 4, the communication establishing apparatus includes:
the first obtaining module 31 is configured to obtain identity information of a user, and submit the identity information to the security center. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
And the first receiving module 32 is configured to receive and store the first password resource component pushed by the security center according to the identity information. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
The first connection module 33 is configured to establish a connection with the application server and perform bidirectional identity authentication. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
A second receiving module 34, configured to receive, when the bidirectional identity authentication is successful, a second password resource component and a third password resource component pushed by the application server, and recover in the memory to obtain a first password resource; the first cryptographic resource includes a first cryptographic resource component, a second cryptographic resource component, and a third cryptographic resource component. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
A first negotiation module 35, configured to negotiate a first master key with the application server. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
The communication key obtaining module 36 is configured to obtain a first communication key according to the first master key and the first cryptographic resource. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
And a first communication module 37, configured to communicate with the application server through the first communication key. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
The communication establishing device provided by the invention is applied to the communication between a vehicle control application program and an application server, the communication establishing device is connected with the application server by acquiring the identity information of a user and submitting the identity information to a security center, receiving and storing a first password resource component pushed by the security center according to the identity information, establishing connection with the application server, performing bidirectional identity authentication, receiving a second password resource component and a third password resource component pushed by the application server when the bidirectional identity authentication is successful, recovering in a memory to obtain a first password resource, negotiating a first master key with the application server, obtaining a first communication key according to the first master key and the first password resource, and communicating with the application server through the first communication key, the invention increases the security of the secret key by the password resource component storage and the bidirectional identity authentication method.
As an optional embodiment of the present application, the communication establishment method further includes: when a registration request of a user is received,
and the fourth acquisition module is used for acquiring the public and private key pair and generating a certificate application file. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
And the application module is used for applying for the management certificate according to the certificate application file. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
As an optional embodiment of the present application, the communication establishment method further includes:
and the authentication establishing module is used for establishing connection with the security center and performing bidirectional identity authentication according to the management certificate. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
And the fourth receiving module is used for receiving a fourth password resource component pushed by the security center when the bidirectional identity authentication is successful. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
The second password resource acquisition module is used for recovering the fourth password resource component in the memory to obtain a second password resource; the second cryptographic resource includes a fourth cryptographic resource component and a preset cryptographic resource component. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
And the third negotiation module is used for negotiating the second master key with the security center. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
And the second communication key acquisition module is used for obtaining a second communication key according to the second master key and the second password resource. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
And the third establishing module is used for establishing an encrypted communication channel with the security center through the second communication key. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
The fifth receiving module is used for receiving a sixth password resource component and a seventh password resource component which are pushed by the security center through the encrypted communication channel, storing the sixth password resource component, and recovering the sixth password resource component and the seventh password resource component in the memory to obtain a third password resource; the specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
The fourth negotiation module is used for negotiating a third master key with the security center; the specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
The third communication key obtaining module is used for obtaining a third communication key according to a third master key and a third password resource; the specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
And the third communication module is used for communicating with the security center through an encrypted communication channel according to the third communication key. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
As an optional embodiment of the present application, the communication establishment method further includes:
and the first updating module is used for updating the password resource component connected with the security center and the password resource component connected with the application server at preset time. The specific implementation manner is shown in the corresponding steps of example 2, and is not described herein again.
Example 5
An embodiment of the present invention provides a communication establishing apparatus, which is applied to communication between a vehicle control application program and an application server, as shown in fig. 5, and includes:
and a second obtaining module 41, configured to obtain identity information of the user, where the identity information is synchronized through the security center. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
A third receiving module 42, configured to receive a fifth password resource component pushed by the security center according to the identity information; the fifth cryptographic resource component includes the second cryptographic resource component and the third cryptographic resource component. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
And the second connection module 43 is used for establishing connection with the vehicle control application program and performing bidirectional identity authentication. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
And the pushing module 44 is configured to push the second password resource component and the third password resource component to the vehicle control application program when the bidirectional identity authentication is successful. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
A second negotiation module 45 for negotiating the first master key with the vehicle control application. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
A third obtaining module 46, configured to obtain a first communication key obtained according to the first master key and the first cryptographic resource; the first cryptographic resource comprises a second cryptographic resource component, a third cryptographic resource component, and a first cryptographic resource component; the first cryptographic resource component is pushed to the vehicle control application by the security center. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
And a second communication module 47 for communicating with the vehicle control application via the first communication key. The specific implementation manner is shown in the corresponding steps of example 1, and is not described herein again.
The communication establishing device provided by the invention is applied to the communication between a vehicle control application program and an application server side, the identity information of a user is obtained and is synchronized through a security center, a fifth password resource component pushed by the security center according to the identity information is received, the fifth password resource component comprises a second password resource component and a third password resource component, the connection with the vehicle control application program is established, bidirectional identity authentication is carried out, when the bidirectional identity authentication is successful, the second password resource component and the third password resource component are pushed to the vehicle control application program, a first master key is negotiated with the vehicle control application program, a first communication key obtained according to the first master key and the first password resource is obtained, and the first password resource comprises the second password resource component, the third password resource component and the first password resource component, the first cipher resource component is pushed to the vehicle control application program by the security center, and is communicated with the vehicle control application program through the first communication key. The invention increases the security of the secret key by the password resource component storage and the bidirectional identity authentication method.
As an optional embodiment of the present application, the communication establishment method further includes:
and the second updating module is used for updating the password resource component connected with the vehicle control application program at the preset time. The specific implementation manner is shown in the corresponding steps of example 2, and is not described herein again.
Example 6
An embodiment of the present invention further provides an electronic terminal, as shown in fig. 6, the electronic terminal may include a processor 51 and a memory 52, where the processor 51 and the memory 52 may be connected by a bus or in another manner, and fig. 6 takes the connection by the bus as an example.
The processor 51 may be a Central Processing Unit (CPU). The Processor 51 may also be other general purpose processors, Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components, or combinations thereof.
The memory 52 is a non-transitory computer readable storage medium, and can be used to store non-transitory software programs, non-transitory computer executable programs, and modules, such as program instructions/modules corresponding to the communication establishment method in the embodiment of the present invention (for example, the first obtaining module 31, the first receiving module 32, the first connection module 33, the second receiving module 34, the first negotiation module 35, the communication key obtaining module 36, and the first communication module 37 shown in fig. 4, or the second obtaining module 41, the third receiving module 42, the second connection module 43, the pushing module 44, the second negotiation module 45, the third obtaining module 46, and the second communication module 47 shown in fig. 5). The processor 51 executes various functional applications and data processing of the processor by running non-transitory software programs, instructions and modules stored in the memory 52, that is, implements the communication establishment method in the above-described method embodiment.
The memory 52 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created by the processor 51, and the like. Further, the memory 52 may include high speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, the memory 52 may optionally include memory located remotely from the processor 51, and these remote memories may be connected to the processor 51 via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The one or more modules are stored in the memory 52 and when executed by the processor 51 perform the communication establishment method as in the embodiment shown in fig. 2 or the communication establishment method as in the embodiment shown in fig. 3.
The details of the electronic terminal may be understood by referring to the corresponding related descriptions and effects in the embodiments shown in fig. 2 or fig. 3, and are not described herein again.
Example 7
The embodiment of the invention also provides a computer storage medium, wherein the computer storage medium stores computer executable instructions, and the computer executable instructions can execute the communication establishment method in any method embodiment. The storage medium may be a magnetic Disk, an optical Disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a Flash Memory (Flash Memory), a Hard Disk (Hard Disk Drive, abbreviated as HDD), a Solid State Drive (SSD), or the like; the storage medium may also comprise a combination of memories of the kind described above.
It should be understood that the above examples are only for clarity of illustration and are not intended to limit the embodiments. Other variations and modifications will be apparent to persons skilled in the art in light of the above description. And are neither required nor exhaustive of all embodiments. And obvious variations or modifications therefrom are within the scope of the invention.
Claims (11)
1. A communication establishing method is applied to communication between a vehicle control application program and an application server side, and is characterized by comprising the following steps:
acquiring identity information of a user and submitting the identity information to a security center;
receiving and storing a first password resource component pushed by the security center according to the identity information;
establishing connection with the application server side, and performing bidirectional identity authentication;
when the bidirectional identity authentication is successful, receiving a second password resource component and a third password resource component which are pushed by the application server side, and recovering in the memory to obtain a first password resource; the first cryptographic resource comprises a first cryptographic resource component, a second cryptographic resource component, and a third cryptographic resource component;
negotiating a first master key with the application server;
obtaining a first communication key according to the first master key and the first password resource;
and communicating with the application server side through the first communication key.
2. The method of claim 1, further comprising: when a registration request of a user is received,
acquiring a public and private key pair and generating a certificate application file;
and applying for a management certificate according to the certificate application file.
3. The method of claim 2, further comprising, after said applying for an administrative certificate in accordance with said certificate application document:
establishing connection with the security center, and performing bidirectional identity authentication according to the management certificate;
when the bidirectional identity authentication is successful, receiving a fourth password resource component pushed by the security center;
recovering the fourth password resource component in the memory to obtain a second password resource; the second password resource comprises a fourth password resource component and a preset password resource component;
negotiating a second master key with the security center;
obtaining a second communication key according to the second master key and the second password resource;
establishing an encrypted communication channel with the security center through the second communication key;
receiving a sixth password resource component and a seventh password resource component which are pushed by the security center through the encrypted communication channel, storing the sixth password resource component, and recovering the sixth password resource component and the seventh password resource component in a memory to obtain a third password resource;
negotiating a third master key with the security center;
obtaining a third communication key according to the third master key and the third password resource;
and communicating with the security center through the encrypted communication channel according to the third communication key.
4. The method of claim 3, further comprising:
and updating the password resource component connected with the security center and the password resource component connected with the application server at preset time.
5. A communication establishing method is applied to communication between a vehicle control application program and an application server side, and is characterized by comprising the following steps:
acquiring identity information of a user, wherein the identity information is synchronized through a security center;
receiving a fifth password resource component pushed by the security center according to the identity information; the fifth cryptographic resource component comprises a second cryptographic resource component and a third cryptographic resource component;
establishing connection with the vehicle control application program, and performing bidirectional identity authentication;
when the bidirectional identity authentication is successful, pushing the second password resource component and the third password resource component to the vehicle control application program;
negotiating a first master key with the vehicle control application;
acquiring a first communication key obtained according to the first master key and a first password resource; the first cryptographic resource comprises a second cryptographic resource component, a third cryptographic resource component, and a first cryptographic resource component; the first password resource component is pushed to the vehicle control application program by the security center;
communicate with the vehicle control application via the first communication key.
6. The method of claim 5, further comprising:
updating the cryptographic resource components connected to the vehicle control application at a preset time.
7. A communication establishing device applied to communication between a vehicle control application program and an application server side is characterized by comprising the following components:
the first acquisition module is used for acquiring the identity information of a user and submitting the identity information to the security center;
the first receiving module is used for receiving and storing a first password resource component pushed by the security center according to the identity information;
the first connection module is used for establishing connection with the application server and performing bidirectional identity authentication;
the second receiving module is used for receiving a second password resource component and a third password resource component which are pushed by the application server side when the bidirectional identity authentication is successful, and recovering the second password resource component and the third password resource component in the memory to obtain a first password resource; the first cryptographic resource comprises a first cryptographic resource component, a second cryptographic resource component, and a third cryptographic resource component;
the first negotiation module is used for negotiating a first master key with the application server side;
the communication key acquisition module is used for acquiring a first communication key according to the first master key and the first password resource;
and the first communication module is used for communicating with the application server through the first communication key.
8. A communication establishing device applied to communication between a vehicle control application program and an application server side is characterized by comprising the following components:
the second acquisition module is used for acquiring the identity information of the user, and the identity information is synchronized through the security center;
a third receiving module, configured to receive a fifth password resource component pushed by the security center according to the identity information; the fifth cryptographic resource component comprises a second cryptographic resource component and a third cryptographic resource component;
the second connection module is used for establishing connection with the vehicle control application program and performing bidirectional identity authentication;
the pushing module is used for pushing the second password resource component and the third password resource component to the vehicle control application program when the bidirectional identity authentication is successful;
a second negotiation module to negotiate a first master key with the vehicle control application;
a third obtaining module, configured to obtain a first communication key obtained according to the first master key and the first cryptographic resource; the first cryptographic resource comprises a second cryptographic resource component, a third cryptographic resource component, and a first cryptographic resource component; the first password resource component is pushed to the vehicle control application program by the security center;
a second communication module to communicate with the vehicle control application via the first communication key.
9. An interactive system between a vehicle control application and an application server, comprising: a vehicle control application program, an application server side and a safety center,
the vehicle control application program submits the user identity information to the safety center and synchronizes the user identity information to the application server;
the safety center pushes a first password resource component to the vehicle control application program and pushes a fifth password resource component to the application server;
the vehicle control application program establishes connection with the application server side and carries out bidirectional identity authentication;
when the bidirectional identity authentication is finished, the application server side pushes a second password resource component and a third password resource component to the vehicle control application program; the second password resource component and the third password resource component form a fifth password resource component;
the vehicle control application program negotiates a first master key with the application server;
the vehicle control application program and the application server side obtain a first communication key according to the first master key and the first password resource component;
and the vehicle control application program and the application server side communicate according to the first communication key.
10. An electronic device, comprising: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the one processor to cause the at least one processor to perform the communication establishment method of any one of claims 1 to 6.
11. A computer-readable storage medium having stored thereon computer instructions, which when executed by a processor, carry out a communication set-up method according to any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911368455.8A CN111212047B (en) | 2019-12-26 | 2019-12-26 | Communication establishing method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911368455.8A CN111212047B (en) | 2019-12-26 | 2019-12-26 | Communication establishing method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111212047A true CN111212047A (en) | 2020-05-29 |
| CN111212047B CN111212047B (en) | 2022-03-29 |
Family
ID=70788356
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911368455.8A Active CN111212047B (en) | 2019-12-26 | 2019-12-26 | Communication establishing method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111212047B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107682334A (en) * | 2017-09-30 | 2018-02-09 | 郑州信大捷安信息技术股份有限公司 | A kind of OBD interface data security protection system and data security protection method |
| EP3337119A1 (en) * | 2016-12-13 | 2018-06-20 | Nxp B.V. | Updating and distributing secret keys in a distributed network |
| CN110366176A (en) * | 2019-06-20 | 2019-10-22 | 北京邮电大学 | A kind of cryptographic key negotiation method of vehicular ad hoc network |
| CN110545252A (en) * | 2018-05-29 | 2019-12-06 | 华为技术有限公司 | Authentication and information protection method, terminal, control function entity and application server |
-
2019
- 2019-12-26 CN CN201911368455.8A patent/CN111212047B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP3337119A1 (en) * | 2016-12-13 | 2018-06-20 | Nxp B.V. | Updating and distributing secret keys in a distributed network |
| CN107682334A (en) * | 2017-09-30 | 2018-02-09 | 郑州信大捷安信息技术股份有限公司 | A kind of OBD interface data security protection system and data security protection method |
| CN110545252A (en) * | 2018-05-29 | 2019-12-06 | 华为技术有限公司 | Authentication and information protection method, terminal, control function entity and application server |
| CN110366176A (en) * | 2019-06-20 | 2019-10-22 | 北京邮电大学 | A kind of cryptographic key negotiation method of vehicular ad hoc network |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111212047B (en) | 2022-03-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110380852B (en) | Bidirectional authentication method and communication system | |
| EP3723399A1 (en) | Identity verification method and apparatus | |
| CN107358441B (en) | Payment verification method and system, mobile device and security authentication device | |
| CN107659406B (en) | Resource operation method and device | |
| WO2018000886A1 (en) | Application program communication processing system, apparatus, method, and client terminal, and server terminal | |
| CN111935712A (en) | Data transmission method, system and medium based on NB-IoT communication | |
| WO2016201732A1 (en) | Virtual sim card parameter management method, mobile terminal, and server | |
| CN109698746B (en) | Method and system for generating sub-keys of binding equipment based on master key negotiation | |
| CN102833253A (en) | Method and server for establishing safe connection between client and server | |
| US20190394029A1 (en) | Authenticating Secure Channel Establishment Messages Based on Shared-Secret | |
| CN107993073B (en) | Face recognition system and working method thereof | |
| CN110601825B (en) | Ciphertext processing method and device, storage medium and electronic device | |
| CN104683359A (en) | Safety channel establishment method, and data protection method and safety channel key updating method thereof | |
| CN105049434B (en) | Identity identifying method and encryption communication method under a kind of peer to peer environment | |
| CN110839240B (en) | Method and device for establishing connection | |
| TW201719476A (en) | Method and device for authorization between devices | |
| CN110690969A (en) | Method and system for completing bidirectional SSL/TLS authentication in cooperation of multiple parties | |
| CN114142995B (en) | Key security distribution method and device for block chain relay communication network | |
| CN105554008A (en) | User terminal, authentication server, middle server, system and transmission method | |
| CN105471896B (en) | Proxy Method, apparatus and system based on SSL | |
| CN114173328A (en) | Key exchange method and device and electronic equipment | |
| CN114079921B (en) | Session key generation method, anchor point function network element and system | |
| US20240113885A1 (en) | Hub-based token generation and endpoint selection for secure channel establishment | |
| CN107181739B (en) | Data security interaction method and device | |
| CN111093169B (en) | Communication establishing method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |