CN113473459A - Mobile terminal application level Bluetooth pairing method and system - Google Patents

Mobile terminal application level Bluetooth pairing method and system Download PDF

Info

Publication number
CN113473459A
CN113473459A CN202110906638.1A CN202110906638A CN113473459A CN 113473459 A CN113473459 A CN 113473459A CN 202110906638 A CN202110906638 A CN 202110906638A CN 113473459 A CN113473459 A CN 113473459A
Authority
CN
China
Prior art keywords
random number
key
bluetooth
data
equipment
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110906638.1A
Other languages
Chinese (zh)
Inventor
张超
李俊
胡永亮
赵一方
左勇勇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Guomin Andun Technology Co ltd
Original Assignee
Beijing Guomin Andun Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Guomin Andun Technology Co ltd filed Critical Beijing Guomin Andun Technology Co ltd
Priority to CN202110906638.1A priority Critical patent/CN113473459A/en
Publication of CN113473459A publication Critical patent/CN113473459A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/50Secure pairing of devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/77Graphical identity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/06Selective distribution of broadcast services, e.g. multimedia broadcast multicast service [MBMS]; Services to user groups; One-way selective calling services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/80Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W76/00Connection management
    • H04W76/10Connection setup
    • H04W76/14Direct-mode setup

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Multimedia (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephone Function (AREA)

Abstract

The invention discloses a mobile terminal application level Bluetooth pairing method, which comprises the following steps: starting Bluetooth pairing in the application programs of the first device and the second device; the first device generates security data, wherein the security data comprises a first random number, a second random number and a first secret key; the first random number is used for identifying a first device, and the second random number is used for identifying a second device; the security data is accessible by the second device; the first equipment takes the first random number as content to carry out Bluetooth broadcast and searches for Bluetooth equipment taking the broadcast content as a second random number; after the second device acquires the security data, searching the Bluetooth device with the broadcast content as the first random number, and broadcasting by using the second random number as the content; the first device and the second device establish Bluetooth connection after searching broadcast contents of each other; the first device and the second device generate a second key based on the first key; the first device and the second device encrypt the communication packet using the second key to transmit data.

Description

Mobile terminal application level Bluetooth pairing method and system
Technical Field
The invention relates to the technical field of wireless communication, in particular to a method and a system for pairing mobile terminal application level Bluetooth.
Background
At present, the Bluetooth safe data interaction between mobile phones depends on pairing, and a user needs to perform digital comparison or password verification in the pairing process. This operation has the following drawbacks:
1. the process is complicated, and each new device needs to be paired again;
2. for the mobile terminal, the pairing is at a system layer level, that is, all applications in the current operating system share a pairing encryption key; if the mobile terminal has malicious applications, the Bluetooth device can be directly controlled.
Therefore, the invention is especially provided.
Disclosure of Invention
The invention aims to provide a method and a system for pairing mobile terminal application level Bluetooth, which have high safety, limit Bluetooth data transmission on an application level, and prevent other applications from sending and acquiring transmission text data.
To solve the foregoing problems, in a first aspect, an embodiment of the present invention provides a method for pairing mobile-end application-level bluetooth, including:
starting Bluetooth pairing in the application programs of the first device and the second device;
the first device generates secure data, the secure data comprising a first random number, a second random number, and a first key; the first random number is used for identifying a first device, and the second random number is used for identifying a second device; the security data is accessible by the second device;
the first equipment takes the first random number as content to carry out Bluetooth broadcast, and searches for Bluetooth equipment taking the broadcast content as a second random number;
after the second device acquires the safety data, searching the Bluetooth device with the broadcast content as the first random number, and broadcasting by using the second random number as the content;
the first device and the second device establish Bluetooth connection after searching broadcast contents of each other;
the first device and the second device generate a second key based on the first key;
the first device and the second device encrypt the communication packet using the second key to transmit data.
Further, the first device and the second device generating a second key based on the first key comprises:
the first equipment generates a third random number and sends the third random number to the second equipment;
the second equipment generates a fourth random number, and processes the third random number and the fourth random number by using the first key to generate a second key;
the second equipment encrypts the fourth random number and the second random number by using a second key to generate encrypted data, and returns the encrypted data and the fourth random number to the first equipment;
the first equipment generates a second key by matching a fourth random number with the third random number and the first key, and verifies the encrypted data by using the second key;
after the authentication is passed, the first device and the second device have a common second key, which is only used for encrypted communication between the specific applications of the first device and the second device.
Further, after the first device generates the security data, the security data is displayed in the form of a graphic code, so that the second device can acquire the security data by scanning the graphic code.
In a second aspect, an embodiment of the present invention provides a mobile terminal application level bluetooth pairing system, including a first device and a second device; wherein:
starting Bluetooth pairing in the application programs of the first device and the second device;
the first device generates secure data, the secure data comprising a first random number, a second random number, and a first key; the first random number is used for identifying a first device, and the second random number is used for identifying a second device; the security data is accessible by the second device;
the first equipment takes the first random number as content to carry out Bluetooth broadcast, and searches for Bluetooth equipment taking the broadcast content as a second random number;
after the second device acquires the safety data, searching the Bluetooth device with the broadcast content as the first random number, and broadcasting by using the second random number as the content;
the first device and the second device establish Bluetooth connection after searching broadcast contents of each other;
the first device and the second device generate a second key based on the first key;
the first device and the second device encrypt the communication packet using the second key to transmit data.
Further, the first device and the second device generating a second key based on the first key comprises:
the first equipment generates a third random number and sends the third random number to the second equipment;
the second equipment generates a fourth random number, and processes the third random number and the fourth random number by using the first key to generate a second key;
the second equipment encrypts the fourth random number and the second random number by using a second key to generate encrypted data, and returns the encrypted data and the fourth random number to the first equipment;
the first equipment generates a second key by matching a fourth random number with the third random number and the first key, and verifies the encrypted data by using the second key;
after the verification is passed, the first device and the second device have a common second key; the second key is only used for encrypted communication between the first device and a specific application of the second device.
Further, the first device is provided with an interface, the second device is provided with a graphic code recognition device, and after the first device generates the safety data, the safety data are displayed on the interface in the form of a graphic code, so that the second device can acquire the safety data in a mode of scanning the graphic code.
Compared with the prior art, the invention has the following beneficial effects: the Bluetooth data transmission is limited on an application layer by using a separately generated communication key on a preset application, so that two Bluetooth devices share one section of data before interaction every time, the data is relied on for security verification and device identification, the safety is high, and other applications cannot send and acquire transmission original text data. In addition, the method also has the advantages of good user experience, simple operation process, few steps and the like.
Drawings
Fig. 1 is a schematic structural diagram of a mobile-end application-level bluetooth pairing system according to an embodiment of the present invention;
fig. 2 is a flowchart of a method for pairing mobile-end application-level bluetooth according to an embodiment of the present invention;
fig. 3 is a flow chart of second key generation.
Detailed Description
The principles and spirit of the present invention will be described with reference to a number of exemplary embodiments shown in the drawings. It should be understood that these embodiments are described only to enable those skilled in the art to better understand and to implement the present invention, and are not intended to limit the scope of the present invention in any way.
Referring to fig. 1-3, an embodiment of the present invention provides a method for pairing mobile terminal application level bluetooth, including:
s1: bluetooth pairing is enabled in an application of the first device and the second device.
The bluetooth matching method provided by this embodiment is an application level-based bluetooth pairing method. Thus, when the first device and the second device are ready to establish bluetooth communication, it is necessary to initiate bluetooth pairing in a predetermined application. The first device and the second device may be any devices that need to establish bluetooth communication, such as a mobile phone, a tablet computer, a laptop computer, a wearable device, etc.
S2: the first device generates security data, the security data including a first random number (device1Eid), a second random number (device2Eid), and a first key (sessionPreKey); the first random number is used to identify the first device and the second random number is used to identify the second device.
In step S2, the first key is a randomly generated key, which is used to generate a second key after the two devices are paired (as described below).
S3: the first device presents the secure data in the form of a graphical code.
The graphic code can be a two-dimensional code, a bar code and any other form capable of bearing safety data. Generally, the first device has a display screen, such as a smart phone, and the security data can be generated into a two-dimensional code and displayed on the display screen.
S4: the first device performs Bluetooth broadcasting by using the first random number as content, and searches for Bluetooth devices of which the broadcasting content is the second random number.
S5: and scanning the graphic code by the second equipment to obtain the safety data.
In this embodiment, the second device is also a smart phone, and the security data including the first random number, the second random number, and the first key may be obtained by analyzing by scanning the two-dimensional code displayed on the display screen of the first device.
S6: the second device searches for the Bluetooth device whose broadcast content is the first random number, and broadcasts with the second random number as the content.
S7: the first device and the second device establish a bluetooth connection after searching for each other's broadcast content.
When the first device and the second device carry out Bluetooth configuration, the first key is used for handshaking, Bluetooth connection is established for the first time, and preparation is made for subsequently generating a second key.
S8: the first device and the second device generate a second key based on the first key.
To avoid the problem that the first device and the second device need to share a key at the system level each time they communicate. In step S8, the first device and the second device generate a second key based on the first key, the second key being dedicated to encrypted communication between the specific applications in the present embodiment. Therefore, if other applications on the first device and the second device need to perform encrypted communication based on Bluetooth, the second key cannot be used, so that other malicious applications cannot intercept Bluetooth communication data of the applications, and communication safety is guaranteed. Specifically, step S8 includes the following sub-steps:
s81: the first device generates a third random number (challenge1) and sends the third random number to the second device;
the second device generates a fourth random number (challenge2), processes the third random number (challenge1) and the fourth random number (challenge2) by using the first key (sessionPreKey), and generates a second key (sessionKey), wherein the processing algorithm may adopt an algorithm known in the art, and will not be described herein.
S82: the second device encrypts the fourth random number (challenge2) and the second random number (device2Eid) by using the second key (sessionKey) to generate encrypted data, and returns the encrypted data and the fourth random number (challenge2) to the first device;
the first device generates a second key (sessionKey) by matching a fourth random number (challenge2) with a third random number (challenge1) and the first key (sessionPreKey), and verifies the encrypted data by using the second key (sessionKey), wherein an algorithm for generating the second key is the same as an algorithm for generating the second key by the second device.
S83: after the authentication is passed, the first device and the second device possess a common second key, and the second key is only used for encrypted communication between specific applications of the first device and the second device.
S9: the first device and the second device encrypt the communication packet using the second key to transmit data.
After the first Bluetooth pairing is completed, the first device and the second device adopt the second secret key for encryption communication based on the Bluetooth communication between a certain specific application, so that all subsequent communication contents cannot be acquired by other malicious applications.
The embodiment of the invention also provides a mobile terminal application level Bluetooth pairing system corresponding to the method, which comprises a first device and a second device; wherein:
starting Bluetooth pairing in the application programs of the first device and the second device;
the first device generates secure data, the secure data comprising a first random number, a second random number, and a first key; the first random number is used for identifying a first device, and the second random number is used for identifying a second device; the security data is accessible by the second device;
the first equipment takes the first random number as content to carry out Bluetooth broadcast, and searches for Bluetooth equipment taking the broadcast content as a second random number;
after the second device acquires the safety data, searching the Bluetooth device with the broadcast content as the first random number, and broadcasting by using the second random number as the content;
the first device and the second device establish Bluetooth connection after searching broadcast contents of each other;
the first device and the second device generate a second key based on the first key;
the first device and the second device encrypt the communication packet using the second key to transmit data.
It should be understood that, the steps performed by the first device and the second device correspond to the steps S1-S9 in the above method embodiment, and please refer to the foregoing description for details of implementation.
The inventive concept is explained in detail herein using specific examples, which are given only to aid in understanding the core concepts of the invention. It should be understood that any obvious modifications, equivalents and other improvements made by those skilled in the art without departing from the spirit of the present invention are included in the scope of the present invention.

Claims (6)

1. The method for pairing the mobile terminal application level Bluetooth is characterized by comprising the following steps:
starting Bluetooth pairing in the application programs of the first device and the second device;
the first device generates secure data, the secure data comprising a first random number, a second random number, and a first key; the first random number is used for identifying a first device, and the second random number is used for identifying a second device; the security data is accessible by the second device;
the first equipment takes the first random number as content to carry out Bluetooth broadcast, and searches for Bluetooth equipment taking the broadcast content as a second random number;
after the second device acquires the safety data, searching the Bluetooth device with the broadcast content as the first random number, and broadcasting by using the second random number as the content;
the first device and the second device establish Bluetooth connection after searching broadcast contents of each other;
the first device and the second device generate a second key based on the first key;
the first device and the second device encrypt the communication packet using the second key to transmit data.
2. The method of claim 1, wherein the first device and the second device generating a second key based on the first key comprises:
the first equipment generates a third random number and sends the third random number to the second equipment;
the second equipment generates a fourth random number, and processes the third random number and the fourth random number by using the first key to generate a second key;
the second equipment encrypts the fourth random number and the second random number by using a second key to generate encrypted data, and returns the encrypted data and the fourth random number to the first equipment;
the first equipment generates a second key by matching a fourth random number with the third random number and the first key, and verifies the encrypted data by using the second key;
after the authentication is passed, the first device and the second device have a common second key, which is only used for encrypted communication between the specific applications of the first device and the second device.
3. The method for Bluetooth pairing at the application level of the mobile terminal according to claim 1, wherein after the first device generates the security data, the security data is displayed in a form of a graphic code, so that the second device can acquire the security data by scanning the graphic code.
4. The mobile terminal application level Bluetooth pairing system is characterized by comprising a first device and a second device; wherein:
starting Bluetooth pairing in the application programs of the first device and the second device;
the first device generates secure data, the secure data comprising a first random number, a second random number, and a first key; the first random number is used for identifying a first device, and the second random number is used for identifying a second device; the security data is accessible by the second device;
the first equipment takes the first random number as content to carry out Bluetooth broadcast, and searches for Bluetooth equipment taking the broadcast content as a second random number;
after the second device acquires the safety data, searching the Bluetooth device with the broadcast content as the first random number, and broadcasting by using the second random number as the content;
the first device and the second device establish Bluetooth connection after searching broadcast contents of each other;
the first device and the second device generate a second key based on the first key;
the first device and the second device encrypt the communication packet using the second key to transmit data.
5. The mobile-end application-level bluetooth pairing system of claim 4, wherein the first device and the second device generating a second key based on the first key comprises:
the first equipment generates a third random number and sends the third random number to the second equipment;
the second equipment generates a fourth random number, and processes the third random number and the fourth random number by using the first key to generate a second key;
the second equipment encrypts the fourth random number and the second random number by using a second key to generate encrypted data, and returns the encrypted data and the fourth random number to the first equipment;
the first equipment generates a second key by matching a fourth random number with the third random number and the first key, and verifies the encrypted data by using the second key;
after the verification is passed, the first device and the second device have a common second key; the second key is only used for encrypted communication between the first device and a specific application of the second device.
6. The system for Bluetooth pairing at the application level of the mobile terminal according to claim 4, wherein the first device has an interface, the second device has a graphic code recognition device, and after the first device generates the security data, the security data is displayed on the interface in a graphic code form, so that the second device can acquire the security data by scanning the graphic code.
CN202110906638.1A 2021-08-09 2021-08-09 Mobile terminal application level Bluetooth pairing method and system Pending CN113473459A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110906638.1A CN113473459A (en) 2021-08-09 2021-08-09 Mobile terminal application level Bluetooth pairing method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110906638.1A CN113473459A (en) 2021-08-09 2021-08-09 Mobile terminal application level Bluetooth pairing method and system

Publications (1)

Publication Number Publication Date
CN113473459A true CN113473459A (en) 2021-10-01

Family

ID=77867639

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110906638.1A Pending CN113473459A (en) 2021-08-09 2021-08-09 Mobile terminal application level Bluetooth pairing method and system

Country Status (1)

Country Link
CN (1) CN113473459A (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106161449A (en) * 2016-07-19 2016-11-23 青松智慧(北京)科技有限公司 Transmission method without key authentication and system
CN112291774A (en) * 2020-12-31 2021-01-29 飞天诚信科技股份有限公司 Method and system for communicating with authenticator
CN112291773A (en) * 2020-12-31 2021-01-29 飞天诚信科技股份有限公司 Authenticator and communication method thereof
CN112311544A (en) * 2020-12-31 2021-02-02 飞天诚信科技股份有限公司 Method and system for communication between server and authenticator

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106161449A (en) * 2016-07-19 2016-11-23 青松智慧(北京)科技有限公司 Transmission method without key authentication and system
CN112291774A (en) * 2020-12-31 2021-01-29 飞天诚信科技股份有限公司 Method and system for communicating with authenticator
CN112291773A (en) * 2020-12-31 2021-01-29 飞天诚信科技股份有限公司 Authenticator and communication method thereof
CN112311544A (en) * 2020-12-31 2021-02-02 飞天诚信科技股份有限公司 Method and system for communication between server and authenticator

Similar Documents

Publication Publication Date Title
CN107341387B (en) Electronic seal system for security enhancement and control method thereof
US10182255B2 (en) Method, terminal, and system for communication pairing of a digital television terminal and a mobile terminal
US10972908B2 (en) Wireless network connection method, apparatus, and system
US20220191016A1 (en) Methods, apparatuses, and computer program products for frictionless electronic signature management
CN109905350B (en) Data transmission method and system
CN107786331B (en) Data processing method, device, system and computer readable storage medium
CN105337740B (en) A kind of auth method, client, trunking and server
CN113055867A (en) Method and device for auxiliary network distribution of terminal and electronic equipment
CN107306261B (en) Encryption communication method, device and system
WO2017031849A1 (en) Fingerprint authentication method, connection device, and terminal device
CN109145628B (en) Data acquisition method and system based on trusted execution environment
CN106778285B (en) Method and device for upgrading equipment
CN106572427B (en) Method and device for establishing near field communication
CN106685897B (en) Safe input method, device and system
CN114039734A (en) Device resetting method and device
CN103973543A (en) Method and device for instant messaging
US20240073020A1 (en) Digital key pairing method, pairing system, and vehicle
CN112491907A (en) Data transmission method, device, system, storage medium and electronic equipment
CN108513272B (en) Short message processing method and device
US20150156173A1 (en) Communication system utilizing fingerprint information and use thereof
US20230401300A1 (en) Data transmission method and electronic device
CN113473459A (en) Mobile terminal application level Bluetooth pairing method and system
CN106385684B (en) Method and device for sharing wireless network and method and device for accessing wireless network
CN114679287B (en) Data processing method, system, electronic device and storage medium
TW201608864A (en) Communication security system and method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination