CN116155482A - Voice data transmission method, device, equipment and storage medium - Google Patents

Voice data transmission method, device, equipment and storage medium Download PDF

Info

Publication number
CN116155482A
CN116155482A CN202111366764.9A CN202111366764A CN116155482A CN 116155482 A CN116155482 A CN 116155482A CN 202111366764 A CN202111366764 A CN 202111366764A CN 116155482 A CN116155482 A CN 116155482A
Authority
CN
China
Prior art keywords
voice data
session key
server
sent
terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111366764.9A
Other languages
Chinese (zh)
Inventor
余鹰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Mobile Communications Group Co Ltd
China Mobile Group Anhui Co Ltd
Original Assignee
China Mobile Communications Group Co Ltd
China Mobile Group Anhui Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Mobile Communications Group Co Ltd, China Mobile Group Anhui Co Ltd filed Critical China Mobile Communications Group Co Ltd
Priority to CN202111366764.9A priority Critical patent/CN116155482A/en
Publication of CN116155482A publication Critical patent/CN116155482A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • H04L63/0838Network architectures or network communication protocols for network security for authentication of entities using passwords using one-time-passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3228One-time or temporary data, i.e. information which is sent for every authentication or authorization, e.g. one-time-password, one-time-token or one-time-key

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Electromagnetism (AREA)
  • Theoretical Computer Science (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The application discloses a voice data transmission method device, equipment and storage medium, which are applied to a calling terminal, wherein the method comprises the following steps: when a call request is sent to a called terminal, sending the call request to a server; receiving a session key sent by a server; encrypting voice data by using a session key to obtain encrypted voice data; and sending the encrypted voice data to the called terminal so as to be used for decrypting the encrypted voice data by the called terminal by adopting the session key sent by the server. When in each call, the server receives the quantum random number sent by the quantum random number generator, generates a session key according to the quantum random number, sends the generated session key to the calling terminal and the called terminal, the calling terminal encrypts voice data by using the session key to obtain encrypted voice data, and the called terminal decrypts the encrypted voice data by using the session key to obtain the voice data, so that the storage space of the SIM card can be effectively saved, and the cost is saved.

Description

Voice data transmission method, device, equipment and storage medium
Technical Field
The present application belongs to the field of secure communications, and in particular, relates to a method, an apparatus, a device, and a storage medium for transmitting voice data.
Background
In the existing voice data transmission scheme, a calling terminal and a called terminal call stored quantum keys to carry out secret communication, a calling terminal mobile terminal calls the quantum keys to encrypt information data, the information data is transmitted to the called terminal mobile terminal through a public communication network, and the called terminal mobile terminal calls corresponding keys to decrypt the information to obtain plaintext information.
The existing voice data transmission scheme is suitable for one-to-one communication or communication among fewer users, and has the disadvantage that key negotiation becomes extremely complex with the increase of the number of people communicating in the case of one-to-many or no clear call range. Because each pair of users needs a key pool, the storage space of the SIM card has high requirement, a large space is required to store the key, and after the key is used up for a period of time, the users are required to change the card.
Disclosure of Invention
The embodiment of the application provides a voice data transmission method, device, equipment and storage medium.
In a first aspect, a voice data transmission method is applied to a calling terminal, and the method includes:
when a call request is sent to a called terminal, sending the call request to a server;
receiving a session key sent by a server;
encrypting the voice data by adopting the session key to obtain encrypted voice data;
and sending the encrypted voice data to the called terminal so as to be used for decrypting the encrypted voice data by the called terminal by adopting the session key sent by the server.
In one possible implementation, the calling end includes a quantum SIM card; after receiving the session key sent by the server, the method further comprises:
encrypting a session key by adopting a public key in the digital certificate stored by the SIM;
storing the encrypted session key to the SIM card.
In one possible implementation, encrypting voice data using a session key to obtain encrypted voice data includes:
decrypting the encrypted session key by adopting a private key in a data certificate stored by the calling terminal;
and encrypting the voice data by adopting the decrypted session key to obtain the encrypted voice data.
In one possible implementation, before encrypting the session key with the public key in the data certificate stored by the calling end, the method further comprises:
and acquiring the data certificate of the calling terminal from a Certificate Authority (CA).
In one possible implementation, the session key stored in the SIM card is deleted after the communication is completed.
In one possible implementation, the calling end further includes an authentication component, the method further comprising:
and reading the digital certificate stored by the quantum SIM card by adopting an authentication component and performing bidirectional authentication with the server.
In a second aspect, a voice data transmission method is applied to a server, and the method includes:
when a calling terminal sends a call request to a called terminal, receiving the call request sent by the calling terminal;
and respectively sending session keys to the calling terminal and the called terminal, wherein the session keys are used for encrypting and decrypting voice data transmission between the calling terminal and the called terminal.
In one possible implementation, sending session keys to a calling end and a called end, respectively, includes:
receiving a quantum random number sent by a quantum random number generator;
generating a session key according to the quantum random number;
and respectively sending the session key to the calling terminal and the called terminal.
In one possible implementation, the method further comprises:
before receiving a call request initiated by a calling terminal, two-way authentication is respectively established with the calling terminal and a called terminal.
In a third aspect, a voice data transmission method is applied to a called terminal, and the method includes:
receiving a call request sent by a server;
receiving a session key sent by a server;
receiving encrypted voice data sent by a calling terminal;
and decrypting the encrypted voice data by adopting the session key sent by the server.
In one possible implementation, the called end includes a quantum SIM card; after receiving the session key sent by the server, the method further comprises:
encrypting a session key by adopting a public key in a digital certificate stored by the SIM;
storing the encrypted session key to the SIM card.
In one possible implementation, the method further comprises:
after the communication is finished, deleting the session key stored in the SIM card.
In a fourth aspect, a calling party, the calling party comprising:
the sending module is used for sending a call request to the server when sending the call request to the called terminal;
the receiving module is used for receiving the session key sent by the server;
the processing module is used for encrypting the voice data by adopting the session key to obtain the encrypted voice data;
the sending module is further configured to send the encrypted voice data to the called terminal, so that the called terminal decrypts the encrypted voice data by using the session key sent by the server.
In one possible implementation, the calling end includes a quantum SIM card and a memory module;
the processing module is also used for encrypting the session secret key by adopting the public key in the digital certificate stored by the SIM;
and the storage module is used for storing the encrypted session key to the SIM card.
In one possible implementation:
the processing module is also used for decrypting the encrypted session key by adopting a private key in the data certificate stored by the calling terminal;
the processing module is further used for encrypting the voice data by adopting the decrypted session key to obtain the encrypted voice data.
In one possible implementation:
and the receiving module is also used for acquiring the data certificate of the calling terminal from a Certificate Authority (CA).
In one possible implementation, the calling end further includes a deletion module;
and the deleting module is used for deleting the session key stored in the SIM card after the communication is finished.
In one possible implementation, the calling end further includes an authentication module;
and the authentication module is used for reading the digital certificate stored by the quantum SIM card by adopting the authentication component and performing bidirectional authentication with the server.
In a fifth aspect, a server, the server comprising:
the receiving module is used for receiving the call request sent by the calling terminal when the calling terminal sends the call request to the called terminal;
and the sending module is used for respectively sending session keys to the calling terminal and the called terminal, wherein the session keys are used for encrypting and decrypting voice data transmission between the calling terminal and the called terminal.
In one possible implementation:
the receiving module is also used for receiving the quantum random number sent by the quantum random number generator;
the receiving module is further used for generating the session key according to the quantum random number;
the sending module is further configured to send session keys to the calling end and the called end respectively.
In one possible implementation, the server further comprises an authentication module;
and the authentication module is used for respectively establishing bidirectional authentication with the calling terminal and the called terminal before receiving the call request initiated by the calling terminal.
In a sixth aspect, a called terminal, the called terminal includes:
the sending module is used for receiving the call request sent by the server;
the receiving module is used for receiving the session key sent by the server;
the receiving module is also used for receiving the encrypted voice data sent by the calling terminal;
and the processing module is used for decrypting the encrypted voice data by adopting the session key sent by the server.
In one possible implementation, the called end further includes a storage module:
the processing module is also used for encrypting the session key by adopting a public key in the digital certificate stored by the SIM card;
and the storage module is used for storing the encrypted session key to the SIM card.
In one possible implementation, the called end further includes a deletion module:
and the deleting module is used for deleting the session key stored in the SIM card after the communication is finished.
In a seventh aspect, a computing device, the device comprising: a processor and a memory storing computer program instructions;
the processor executes the computer program instructions to implement the method for transmitting voice data according to any one of the first aspect to the third aspect.
In an eighth aspect, a computer storage medium has stored thereon computer program instructions which, when executed by a processor, implement the voice data transmission method according to any of the first to third aspects.
According to the voice data transmission method, device, equipment and storage medium, when in each call, the server receives the quantum random number sent by the quantum random number generator, generates the session key according to the quantum random number, sends the generated session key to the calling terminal and the called terminal, the calling terminal encrypts voice data by the session key to obtain encrypted voice data, and the called terminal decrypts the encrypted voice data by the session key to obtain the voice data, so that the one-time pad can be used for effectively saving the storage space of the SIM card and saving cost.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the embodiments of the present application will be briefly described, and it is possible for a person skilled in the art to obtain other drawings according to these drawings without inventive effort.
Fig. 1 is a logic architecture diagram of a voice data transmission method according to an embodiment of the present application;
fig. 2 is a schematic flow chart of a voice data transmission method according to an embodiment of the present application;
fig. 3 is a schematic flow chart of a voice data transmission method according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of a voice data transmission device according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of another voice data transmission device according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of another voice data transmission device according to an embodiment of the present application;
fig. 7 is a schematic diagram of an exemplary hardware architecture provided by an embodiment of the present application.
Detailed Description
Features and exemplary embodiments of various aspects of the present application are described in detail below to make the objects, technical solutions and advantages of the present application more apparent, and to further describe the present application in conjunction with the accompanying drawings and the detailed embodiments. It should be understood that the specific embodiments described herein are intended to be illustrative of the application and are not intended to be limiting. It will be apparent to one skilled in the art that the present application may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the present application by showing examples of the present application.
It is noted that relational terms such as first and second, and the like are used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Moreover, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other like elements in a process, method, article or apparatus that comprises the element.
In order to solve the problems in the prior art, embodiments of the present application provide a method, an apparatus, a device, and a storage medium for transmitting voice data. The following first describes a voice data transmission method provided in the embodiments of the present application.
Fig. 1 shows a logic architecture diagram of a voice data transmission method provided by the embodiment of the present application, as shown in fig. 1, the architecture includes a certificate authority CA, a quantum random number generator, a server, a calling terminal and a called terminal, the certificate authority CA issues digital certificates for the calling terminal and the called terminal respectively, the quantum random number generator generates true random numbers and sends the true random numbers to the server, and the server sends encrypted session keys to the calling terminal and the called terminal. Wherein the server may be a VOIP server.
Fig. 2 is a schematic flow chart of a voice data transmission method according to an embodiment of the present application; as shown in fig. 2, a method for transmitting voice data provided in an embodiment of the present application includes the following steps:
s101, when the calling terminal calls the called terminal, the calling terminal sends a call request to the server.
After the certificate authority CA respectively signs digital certificate signatures for the calling end and the called end according to the mobile phone numbers and other information (such as names) of the calling end and the called end and respectively sends the digital certificate signatures to the calling end and the called end, the calling end obtains the digital certificate signatures and carries out mutual authentication with a server to establish a connection channel C1; the called end also obtains a digital certificate signature, performs bidirectional authentication with the server, and establishes another connection channel C2; after the two channels are established, the calling end calls the called end to start an encryption communication mode, and a call request is sent to a server.
S102, the server sends a call request to the called terminal.
After receiving the call request sent by the calling terminal, the server sends the call request to the called terminal so as to establish a call. After receiving the call request sent by the server, the called terminal sends a response message to the server, and at the moment, the calling terminal and the called terminal establish communication connection.
S103, the server sends session keys to the calling terminal and the called terminal respectively.
After receiving the response message sent by the called terminal, the server generates a session key S according to the random number acquired from the quantum random number generator.
The server sends the session key S to a security service component of the calling terminal through a channel C1; the server sends the session key S to the security service component of the called end via channel C2. The security service component of the calling terminal encrypts S through a public key P (X) in the digital certificate and stores the encrypted session key in a key area of the calling terminal; the security service component of the called end encrypts S through the public key P (Y) in the digital certificate and stores the encrypted session key in the key area of the called end. The security service component of application X feeds back the encryption mode ready status to the server. The security service component of application Y feeds back the encryption mode ready status to the server.
S104, the calling terminal encrypts the voice data by using the session key to obtain the encrypted voice data.
When the calling terminal and the called terminal communicate, the calling terminal encrypts voice data by adopting a session key and packages the voice data into IP packets.
S105, the calling terminal sends the encrypted voice data to the called terminal.
The calling end transmits the voice data which is packaged into IP packets to the called end through the Internet.
S106, the called end adopts the session key to decrypt the encrypted voice data.
After the called terminal receives the encrypted voice data sent by the calling terminal, the called terminal decrypts the voice data according to the session key to obtain decrypted voice data.
By adopting the voice data transmission method of the embodiment of the application, the server receives the quantum random number sent by the quantum random number generator and generates the session key according to the quantum random number, the server sends the generated session key to the calling terminal and the called terminal, the calling terminal encrypts the voice data by adopting the session key to obtain the encrypted voice data, and the called terminal decrypts the encrypted voice data by adopting the session key to obtain the voice data, so that the one-time pad can be realized, the storage space of the SIM card is effectively saved, and the cost is saved.
In one embodiment, the calling and called ends each include a quantum SIM card. After the calling terminal and the called terminal receive the session key sent by the server, the session key is encrypted by adopting public keys in digital certificates stored in respective quantum SIM cards; and storing the encrypted session key to the quantum SIM card.
The session keys received by the calling terminal and the called terminal are respectively encrypted by adopting public keys in digital certificates stored in respective quantum SIM cards, and the session keys are stored in an encrypted form, so that the security is high.
In one embodiment, the calling end encrypts the voice data by using the session key to obtain encrypted voice data, including: the calling terminal adopts the private key in the digital certificate stored by the calling terminal to decrypt the encrypted session key; and encrypting the voice data by adopting the decrypted session key to obtain the encrypted voice data.
In one embodiment, the called end adopts a private key in the digital certificate stored by the called end to decrypt the encrypted session key; and decrypting the encrypted voice data by adopting the decrypted session key to obtain the voice data.
When in each call, the server generates a session key and sends the session key to the calling end and the called end, the calling end encrypts voice data by using the session key to obtain encrypted voice data, and the called end decrypts the encrypted voice data by using the session key to obtain the voice data, so that the one-time pad can effectively save the storage space of the SIM card and save the cost.
In one embodiment, the calling and called parties respectively obtain digital certificates from a certificate authority CA before encrypting the session keys with public keys in the digital certificates stored by the calling and called parties.
In one embodiment, the calling and called ends each further comprise an authentication component. Before a calling terminal sends a call request to a server, an authentication component of the calling terminal and an authentication component of the called terminal respectively read digital certificates stored by a quantum SIM card and perform bidirectional authentication with the server.
The calling end and the called end perform bidirectional authentication with the server, so that identity information of the calling end and the called end can be authenticated, and call safety is ensured.
In one embodiment, after the communication is finished, the calling end and the called end delete the session key stored in the quantum SIM card respectively.
After the communication is finished, the session keys stored in the calling end and the called end are deleted, so that the purposes of one-time pad and just-lost are achieved, meanwhile, the storage space of the SIM card is not required to be occupied too much, the quantum SIM card can be enabled to be free from larger storage space, and the cost is saved.
Fig. 3 shows a flow chart of a voice data transmission method provided in the embodiment of the present application, and as shown in fig. 3, the voice data transmission method includes a certificate authority CA, a quantum random number generator, a server, a calling terminal and a called terminal. The server includes a quantum service component and a server authentication component. The calling terminal comprises an application program X and a quantum SIM card, wherein the application program X comprises a security service component and an authentication component; the quantum SIM card comprises a security chip, wherein the security chip comprises a digital certificate C (X), a key area and a temporary area. The called terminal comprises an application program Y and a quantum SIM card, wherein the application program Y comprises a security service component and an authentication component; the quantum SIM card comprises a security chip, wherein the security chip comprises a digital certificate C (Y), a key area and a temporary area.
As shown in fig. 3, the quantum SIM card of the calling side and the quantum SIM card of the called side receive digital certificate signatures C (X) and C (Y), respectively, from the certificate authority CA. The authentication component of the application program X of the calling terminal obtains a digital certificate signature C (X) from the quantum SIM card of the calling terminal, and performs bidirectional authentication with the server authentication component to establish a connection channel C1; the authentication component of the called terminal application program Y obtains a digital certificate signature C (Y) from the quantum SIM card of the called terminal, and the authentication component of the server performs bidirectional authentication to establish a connection channel C2.
When the calling terminal calls the called terminal, a call request is initiated to the server, the server sends the call request to the application program Y of the called terminal, and the called terminal sends a response message to the server, and at the moment, the communication connection between the calling terminal and the called terminal is established.
The quantum service component of the server receives the true random number generated by the quantum random number generator, generates a session key S according to the true random number, and sends the session key S to the security service components of the calling terminal and the called terminal through C1 and C2 respectively. The security service components of the calling end and the called end encrypt S through a public key P (X) and a public key P (Y) in the digital certificate respectively, and store the encrypted session keys in key areas of the calling end and the called end respectively. The security service components of applications X and Y respectively feed back the encryption mode ready status to the server.
When in call, the application program X of the calling terminal requests the sub-SIM card to encrypt voice data, the security chip of the quantum SIM card decrypts the session key according to the private key S (X) of the digital certificate of the user program X, then the session key is put into a temporary zone, and the security chip encrypts the voice data according to the decrypted session key S of the temporary zone and sends the voice data to the application program Y of the called terminal. The application program Y requests the quantum SIM card of the called end to decrypt the voice data, the security chip of the quantum SIM card decrypts the session key according to the private key S (Y) of the digital certificate of the user program Y, then the session key is put into a temporary zone, the decrypted session key S is utilized to decrypt the voice data, and the decrypted voice data is returned.
After the call is terminated, the application program X clears the key area and the temporary area of the quantum SIM card; after the call is terminated, the application program Y clears the key area and the temporary area of the quantum SIM card. So far, the voice data transmission ends.
Fig. 4 is a schematic structural diagram of a voice data transmission device according to an embodiment of the present application, where the voice data transmission device includes:
a sending module 410, configured to send a call request to a server when sending the call request to a called terminal;
a receiving module 420, configured to receive a session key sent by a server;
a processing module 430, configured to encrypt the voice data using the session key to obtain encrypted voice data;
the sending module 410 is further configured to send the encrypted voice data to the called end, so that the called end decrypts the encrypted voice data using the session key sent by the server.
When sending a call request to a called end, the sending module 410 sends the call request to a server, the receiving module 420 receives a session key sent by the server, and the processing module 430 encrypts voice data by using the session key to obtain encrypted voice data; the sending module 410 is further configured to send the encrypted voice data to the called end, so that the called end decrypts the encrypted voice data using the session key sent by the server. Because the session key received by the receiving module 420 is generated during each call, the one-time pad can be used for effectively saving the storage space of the SIM card and saving the cost. The calling side includes a quantum SIM card and a memory module 440;
the processing module 430 is further configured to encrypt the session key with a public key in the digital certificate stored by the quantum SIM;
and the storage module 440 is configured to store the encrypted session key to the quantum SIM card.
The processing module 430 is further configured to decrypt the encrypted session key by using a private key in the data certificate stored in the calling side;
the processing module 430 is further configured to encrypt the voice data using the decrypted session key to obtain encrypted voice data.
The receiving module 420 is further configured to obtain the data certificate of the calling end from the certificate authority CA.
The calling terminal further comprises a deleting module 450, and the deleting module 450 is used for deleting the session key stored in the SIM card after the communication is finished.
The calling terminal also comprises an authentication module 460, wherein the authentication module 460 is used for reading the digital certificate stored by the quantum SIM card by adopting the authentication component and performing bidirectional authentication with the server.
Each module in the calling terminal shown in fig. 4 has a function of implementing each step in the voice data transmission method provided in the embodiment of the present application, and can achieve a corresponding technical effect, which is not described herein for brevity.
Fig. 5 is a schematic structural diagram of another voice data transmission device according to an embodiment of the present application, where the voice data transmission device includes:
a receiving module 510, configured to receive a call request sent by a calling terminal when the calling terminal sends the call request to a called terminal;
and the sending module 520 is configured to send session keys to a calling terminal and a called terminal, where the session keys are used for encrypting and decrypting voice data transmissions between the calling terminal and the called terminal.
The receiving module 510 is further configured to receive a quantum random number sent by the quantum random number generator;
the receiving module 510 is further configured to generate the session key according to the quantum random number;
the sending module 520 is further configured to send session keys to the calling end and the called end respectively.
In one possible implementation, the server further comprises an authentication module;
and the authentication module 530 is configured to establish mutual authentication with the calling terminal and the called terminal, respectively, before receiving the call request initiated by the calling terminal.
Each module in the called end shown in fig. 5 has a function of implementing each step in the voice data transmission method provided in the embodiment of the present application, and can achieve the corresponding technical effects, which is not described herein for brevity.
Fig. 6 is a schematic structural diagram of another voice data transmission device according to an embodiment of the present application;
a sending module 610, configured to receive a call request sent by a server;
a receiving module 620, configured to receive a session key sent by a server;
the receiving module 620 is further configured to receive encrypted voice data sent by the calling end;
and the processing module 630 is configured to decrypt the encrypted voice data by using the session key sent by the server.
The called end further includes a storage module 640:
the processing module 630 is further configured to encrypt the session key with a public key in a digital certificate stored in the SIM card;
and a storage module 640, configured to store the encrypted session key to the SIM card.
The called end further includes a delete module 650:
and the deleting module 650 is configured to delete the session key stored in the SIM card after the communication is completed.
The called end also comprises an authentication module 660, and the authentication module 660 is used for reading the digital certificate stored by the quantum SIM card by adopting the authentication component and performing bidirectional authentication with the server.
The processing module 630 is further configured to decrypt the voice data using the decrypted session key S.
Each module in the called end shown in fig. 6 has a function of implementing each step in the voice data transmission method provided in the embodiment of the present application, and can achieve the corresponding technical effects, which is not described herein for brevity.
Fig. 7 is a schematic diagram of an exemplary hardware architecture provided by an embodiment of the present application.
In a hardware architecture based on a voice data transmission method, a processor 701 and a memory 702 storing computer program instructions may be included.
In particular, the processor 701 described above may include a central processing unit (Central Processing Unit, CPU), or an application specific integrated circuit (Application Specific Integrated Circuit, ASIC), or may be configured to implement one or more integrated circuits of embodiments of the present application.
Memory 702 may include mass storage for data or instructions. By way of example, and not limitation, memory 702 may comprise a Hard Disk Drive (HDD), floppy Disk Drive, flash memory, optical Disk, magneto-optical Disk, magnetic tape, or universal serial bus (Universal Serial Bus, USB) Drive, or a combination of two or more of the foregoing. In one example, the memory 702 may include removable or non-removable (or fixed) media, or the memory 702 is a non-volatile solid state memory. Memory 702 may be internal or external to the integrated gateway disaster recovery device.
In one example, memory 702 may include Read Only Memory (ROM), random Access Memory (RAM), magnetic disk storage media devices, optical storage media devices, flash memory devices, electrical, optical, or other physical/tangible memory storage devices. Thus, in general, memory 702 includes one or more tangible (non-transitory) computer-readable storage media (e.g., memory devices) encoded with software comprising computer-executable instructions and when the software is executed (e.g., by one or more processors) it is operable to perform the operations described with reference to a method according to an aspect of the present application.
The processor 701 reads and executes the computer program instructions stored in the memory 702 to implement the voice transmission method/step in the embodiment of the present application, and achieves the corresponding technical effects achieved by executing the method/step in the examples shown in fig. 2 and 3, which are not described herein for brevity.
In one example, the hardware architecture of the voice data transmission method may also include a communication interface 703 and a bus 710. As shown in fig. 7, the processor 701, the memory 702, and the communication interface 703 are connected by a bus 710 and perform communication with each other.
The communication interface 703 is mainly used for implementing communication between each module, device, unit and/or apparatus in the embodiments of the present application.
Bus 710 includes hardware, software, or both that couple the components of the online data flow billing device to each other. By way of example, and not limitation, the buses may include an accelerated graphics port (Accelerated Graphics Port, AGP) or other graphics Bus, an enhanced industry standard architecture (Extended Industry Standard Architecture, EISA) Bus, a Front Side Bus (FSB), a HyperTransport (HT) interconnect, an industry standard architecture (Industry Standard Architecture, ISA) Bus, an infiniband interconnect, a Low Pin Count (LPC) Bus, a memory Bus, a micro channel architecture (MCa) Bus, a Peripheral Component Interconnect (PCI) Bus, a PCI-Express (PCI-X) Bus, a Serial Advanced Technology Attachment (SATA) Bus, a video electronics standards association local (VLB) Bus, or other suitable Bus, or a combination of two or more of the above. Bus 710 may include one or more buses, where appropriate. Although embodiments of the present application describe and illustrate a particular bus, the present application contemplates any suitable bus or interconnect.
The hardware architecture of the voice data transmission method can execute the voice data transmission method in the embodiment of the application based on the currently intercepted junk short message and the short message reported by the user, thereby realizing the voice data transmission method described in connection with fig. 1.
In addition, in combination with the voice data transmission method in the above embodiment, the embodiment of the application may be implemented by providing a computer storage medium. The computer storage medium has stored thereon computer program instructions; the computer program instructions, when executed by a processor, implement any of the voice data transmission methods of the above embodiments.
It should be clear that the present application is not limited to the particular arrangements and processes described above and illustrated in the drawings. For the sake of brevity, a detailed description of known methods is omitted here. In the above embodiments, several specific steps are described and shown as examples. However, the method processes of the present application are not limited to the specific steps described and illustrated, and those skilled in the art can make various changes, modifications, and additions, or change the order between steps, after appreciating the spirit of the present application.
The functional blocks shown in the above-described structural block diagrams may be implemented in hardware, software, firmware, or a combination thereof. When implemented in hardware, it may be, for example, an electronic circuit, an application specific integrated circuit (Application Specific Integrated Circuit, ASIC), suitable firmware, a plug-in, a function card, or the like. When implemented in software, the elements of the present application are the programs or code segments used to perform the required tasks. The program or code segments may be stored in a machine readable medium or transmitted over transmission media or communication links by a data signal carried in a carrier wave. A "machine-readable medium" may include any medium that can store or transfer information. Examples of machine-readable media include electronic circuitry, semiconductor memory devices, ROM, flash memory, erasable ROM (EROM), floppy disks, CD-ROMs, optical disks, hard disks, fiber optic media, radio Frequency (RF) links, and the like. The code segments may be downloaded via computer networks such as the internet, intranets, etc.
It should also be noted that the exemplary embodiments mentioned in this application describe some methods or systems based on a series of steps or devices. However, the present application is not limited to the order of the above-described steps, that is, the steps may be performed in the order mentioned in the embodiments, may be different from the order in the embodiments, or several steps may be performed simultaneously.
Aspects of the present application are described above with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, enable the implementation of the functions/acts specified in the flowchart and/or block diagram block or blocks. Such a processor may be, but is not limited to being, a general purpose processor, a special purpose processor, an application specific processor, or a field programmable logic circuit. It will also be understood that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware which performs the specified functions or acts, or combinations of special purpose hardware and computer instructions.
In the foregoing, only the specific embodiments of the present application are described, and it will be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working processes of the systems, modules and units described above may refer to the corresponding processes in the foregoing method embodiments, which are not repeated herein. It should be understood that the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive various equivalent modifications or substitutions within the technical scope of the present application, which are intended to be included in the scope of the present application.

Claims (17)

1. A method for transmitting voice data, applied to a calling terminal, the method comprising:
when a call request is sent to a called terminal, sending the call request to a server;
receiving a session key sent by a server;
encrypting the voice data by adopting the session key to obtain encrypted voice data;
and sending the encrypted voice data to the called terminal so as to be used for decrypting the encrypted voice data by the called terminal by adopting the session key sent by the server.
2. The method of claim 1, wherein the calling party comprises a quantum SIM card; after receiving the session key sent by the server, the method further includes:
encrypting the session key by adopting a public key in a digital certificate stored by the SIM card;
and storing the encrypted session key to the SIM card.
3. The method of claim 2, wherein encrypting the voice data using the session key results in encrypted voice data, comprising:
decrypting the encrypted session key by adopting a private key in the data certificate stored by the calling terminal;
and encrypting the voice data by adopting the decrypted session key to obtain the encrypted voice data.
4. A method according to claim 2 or 3, characterized in that before said encrypting said session key with a public key in a data certificate stored at the calling end, the method further comprises:
and acquiring the data certificate of the calling terminal from a Certificate Authority (CA).
5. The method according to claim 2, wherein the method further comprises:
and deleting the session key stored in the SIM card after the communication is finished.
6. The method of claim 1, wherein the calling end further comprises an authentication component, the method further comprising:
and the authentication component is adopted to read the digital certificate stored by the quantum SIM card and perform bidirectional authentication with a server.
7. A voice data transmission method, applied to a server, comprising:
when a calling terminal sends a call request to a called terminal, receiving the call request sent by the calling terminal;
and respectively sending session keys to the calling terminal and the called terminal, wherein the session keys are used for encrypting and decrypting voice data transmission between the calling terminal and the called terminal.
8. The method of claim 7, wherein the sending the session key to the calling and called parties, respectively, comprises:
receiving a quantum random number sent by a quantum random number generator;
generating the session key according to the quantum random number;
and respectively sending the session key to the calling terminal and the called terminal.
9. The method according to claim 7 or 8, characterized in that the method further comprises:
before receiving a call request initiated by the calling terminal, establishing mutual authentication with the calling terminal and the called terminal respectively.
10. A voice data transmission method, applied to a called terminal, comprising:
receiving a call request sent by a server;
receiving a session key sent by a server;
receiving encrypted voice data sent by a calling terminal;
and decrypting the encrypted voice data by adopting the session key sent by the server.
11. The method of claim 10, wherein the called end comprises a quantum SIM card; after receiving the session key sent by the server, the method further includes:
encrypting the session key by adopting a public key in a digital certificate stored by the SIM card;
and storing the encrypted session key to the SIM card.
12. The method of claim 11, wherein the method further comprises:
and deleting the session key stored in the SIM card after the communication is finished.
13. A calling party, the calling party comprising:
the sending module is used for sending a call request to the server when sending the call request to the called terminal;
the receiving module is used for receiving the session key sent by the server;
the processing module is used for encrypting the voice data by adopting the session key to obtain the encrypted voice data;
the sending module is further configured to send encrypted voice data to the called end, so that the called end decrypts the encrypted voice data by using the session key sent by the server.
14. A server, the server comprising:
the receiving module is used for receiving the call request sent by the calling terminal when the calling terminal sends the call request to the called terminal;
and the sending module is used for respectively sending session keys to the calling terminal and the called terminal, wherein the session keys are used for encrypting and decrypting voice data transmission between the calling terminal and the called terminal.
15. A called terminal, the called terminal comprising:
the sending module is used for receiving the call request sent by the server;
the receiving module is used for receiving the session key sent by the server;
the receiving module is also used for receiving the encrypted voice data sent by the calling terminal;
and the processing module is used for decrypting the encrypted voice data by adopting the session key sent by the server.
16. A computing device, the device comprising: a processor and a memory storing computer program instructions;
the processor, when executing the computer program instructions, implements a voice data transmission method as claimed in any one of claims 1 to 12.
17. A computer storage medium having stored thereon computer program instructions which, when executed by a processor, implement the voice data transmission method of any of claims 1 to 12.
CN202111366764.9A 2021-11-18 2021-11-18 Voice data transmission method, device, equipment and storage medium Pending CN116155482A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111366764.9A CN116155482A (en) 2021-11-18 2021-11-18 Voice data transmission method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111366764.9A CN116155482A (en) 2021-11-18 2021-11-18 Voice data transmission method, device, equipment and storage medium

Publications (1)

Publication Number Publication Date
CN116155482A true CN116155482A (en) 2023-05-23

Family

ID=86351096

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111366764.9A Pending CN116155482A (en) 2021-11-18 2021-11-18 Voice data transmission method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN116155482A (en)

Similar Documents

Publication Publication Date Title
CN103686713B (en) Method and apparatus for secure pairing of mobile devices with vehicles
CN102572817B (en) Method and intelligent memory card for realizing mobile communication confidentiality
CN101895877B (en) Method, device and system for key agreement
CN113569267B (en) Privacy safety data set intersection method, device, equipment and storage medium
KR20080104180A (en) Sim based authentication
CN103297403A (en) Method and system for achieving dynamic password authentication
CN111404664B (en) Quantum secret communication identity authentication system and method based on secret sharing and multiple mobile devices
CN101384042A (en) Mobile phone ciphering method based on safe digital interface ciphering card
WO2012024906A1 (en) Mobile communication system and voice call encryption method thereof
CN112671710B (en) Security encryption device based on national cryptographic algorithm, bidirectional authentication and encryption method
CN112602290B (en) Identity authentication method and device and readable storage medium
CN101909290A (en) Method, system and mobile terminal for encrypting voice call
CN100350816C (en) Method for implementing wireless authentication and data safety transmission based on GSM network
CN1349723A (en) Authentication methods for cellular communicaltions systems
CN105407467A (en) Short message encryption methods, devices and system
CN105142134A (en) Parameter obtaining and transmission methods/devices
CN103167494A (en) Information sending method and information sending system
CN108206738B (en) Quantum key output method and system
CN108882233B (en) IMSI encryption method, core network and user terminal
CN103945348A (en) Asymmetrical secret key short message encryption method and system
CN103458401A (en) Voice encryption communication system and voice encryption communication method
CN105262759A (en) Method and system for encrypted communication
CN106102053A (en) A kind of implementation method of voice communication authentication based on the close algorithm of state
CN116155482A (en) Voice data transmission method, device, equipment and storage medium
CN107277935B (en) Bluetooth communication method, device and application system and equipment thereof

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination