CN101917710A - Method, system and related device for mobile Internet encrypted communication - Google Patents

Method, system and related device for mobile Internet encrypted communication Download PDF

Info

Publication number
CN101917710A
CN101917710A CN201010264514XA CN201010264514A CN101917710A CN 101917710 A CN101917710 A CN 101917710A CN 201010264514X A CN201010264514X A CN 201010264514XA CN 201010264514 A CN201010264514 A CN 201010264514A CN 101917710 A CN101917710 A CN 101917710A
Authority
CN
China
Prior art keywords
terminal
key
mobile internet
internet server
public key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201010264514XA
Other languages
Chinese (zh)
Inventor
薛慧
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
ZTE Corp
Original Assignee
ZTE Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by ZTE Corp filed Critical ZTE Corp
Priority to CN201010264514XA priority Critical patent/CN101917710A/en
Priority to PCT/CN2010/079670 priority patent/WO2012024872A1/en
Publication of CN101917710A publication Critical patent/CN101917710A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/061Network architectures or network communication protocols for network security for supporting key management in a packet data network for key exchange, e.g. in peer-to-peer networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0822Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/043Key management, e.g. using generic bootstrapping architecture [GBA] using a trusted network node as an anchor
    • H04W12/0431Key distribution or pre-distribution; Key agreement

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Telephonic Communication Services (AREA)

Abstract

The invention discloses a method, a system and a related device for mobile internet encryption communication. The method comprises the following steps of: associating a terminal identifier and a key pair which is generated in advance through an asymmetric key algorithm and is composed of a public key and a private key by using a mobile internet server, and sending the public key in the key pair to a corresponding terminal for storing; and encrypting/decrypting by utilizing the asymmetric key algorithm and the public key in the key pair by the terminal, and encrypting/decrypting by utilizing the asymmetric key algorithm and the private key in the key pair by the mobile internet server. The network communication process between the mobile terminal and the server is encrypted and decrypted by the asymmetric key algorithm, so that the safety of the mobile network communication is improved, and hard cost is not increased.

Description

Method, system and related device for mobile internet encrypted communication
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a method, a system, and a related device for encrypted communications in a mobile internet.
Background
In the era of mobile internet, as more and more users are used, the security of the mobile internet is more and more important. In the application of the mobile internet, many of the applications are required to be secure and confidential, such as military network mobile phones, stock trading, mobile banking, mobile payment and the like.
At present, the security of mobile network communication may not be perfect enough, and the information transmission is not safe. For example, the operation of a dealer, the operation of a company and a stock, is to directly dial 95565 such service numbers and input accounts and passwords for trading, some mobile banking adopt the mode of electronic passwords and dynamic verification codes, the information transmission process is still clear, the account numbers and the passwords can be intercepted and are not safe enough; some mobile phones adopt SSL (Secure Socket Layer) security protocol to perform high-intensity data Encryption transmission, but each mobile phone can not support the SSL protocol, and some mobile phones using specific Encryption equipment, such as mobile phone wallets for China mobile phones, use RFID-SIM card support hardware DES (data Encryption Standard) Encryption, but the cost is high.
Disclosure of Invention
In view of the foregoing, the present invention provides a method, a system and a related device for mobile internet encrypted communication, so as to solve the problem of relatively low security or high cost of encryption hardware in the existing mobile network communication.
The purpose of the invention is mainly realized by the following technical scheme:
the invention provides a method for encrypting communication of a mobile internet, which comprises the following steps:
the mobile internet server associates the terminal identification with a key pair which is generated in advance through an asymmetric encryption algorithm and consists of a public key and a private key, and sends the public key in the key pair to a corresponding terminal for storage;
and the terminal encrypts and decrypts by using the asymmetric encryption algorithm and the public key in the key pair, and the mobile internet server encrypts and decrypts by using the asymmetric encryption algorithm and the private key in the key pair.
Further, before executing the method, the method further comprises:
and when the terminal accesses the mobile internet server and finds that the terminal does not locally encrypt the used public key, sending the terminal identification to the mobile internet server to request to acquire the public key.
Further, the encrypting and decrypting by the terminal using the asymmetric encryption algorithm and the public key in the key pair, and the encrypting and decrypting by the mobile internet server using the asymmetric encryption algorithm and the private key in the key pair specifically include:
the terminal encrypts data to be sent by using the asymmetric encryption algorithm and a public key in the key pair, and sends the encrypted data and the terminal identification to a mobile internet server; when the mobile internet server receives the data and the terminal identification sent by the terminal, finding a corresponding key pair according to the terminal identification, and decrypting the data sent by the terminal by using the asymmetric encryption algorithm and a private key in the key pair;
or,
the mobile internet server encrypts data to be sent by using the asymmetric encryption algorithm and a private key in the key pair, and sends the encrypted data to the terminal; and the terminal decrypts the data sent by the mobile Internet server by using the asymmetric encryption algorithm and the public key in the key pair.
The terminal identification is an international mobile subscriber identity.
The invention also provides a system for encrypting communication of the mobile internet, which comprises the following components:
the mobile internet server is used for associating the terminal identification with a key pair which is generated in advance through an asymmetric encryption algorithm and consists of a public key and a private key, and sending the public key in the key pair to the corresponding terminal for storage; the mobile internet service is also used for encrypting and decrypting by using the asymmetric encryption algorithm and a private key in the key pair;
and the terminal is used for carrying out corresponding encryption and decryption by utilizing the asymmetric encryption algorithm and the public key in the key pair.
Further, the terminal is further configured to send a terminal identifier to the mobile internet server to request to acquire the public key when the terminal wants to access the mobile internet server and finds that the public key used for encryption is not locally available at the terminal.
The present invention also provides a mobile internet server, comprising:
the association module is used for associating the terminal identification with a key pair which is generated in advance through an asymmetric encryption algorithm and consists of a public key and a private key, and sending the public key in the key pair to a corresponding terminal for storage;
the encryption and decryption module is used for finding a corresponding key pair according to the terminal identification when receiving data and the terminal identification sent by the terminal, and decrypting by using the asymmetric encryption algorithm and a private key in the key pair; or, the asymmetric encryption algorithm and the private key in the key pair are used for encrypting the data to be sent, and the encrypted data is sent to the terminal.
The present invention also provides a terminal, including:
the terminal comprises an acquisition module, a sending module and a sending module, wherein the acquisition module is used for sending a terminal identifier to a mobile internet server to request to acquire a public key when the terminal accesses the mobile internet server and finds that the public key used for encryption is not locally available in the terminal;
the encryption and decryption module is used for encrypting data to be sent by using a preset asymmetric encryption algorithm and the acquired public key and sending the encrypted data to the mobile internet server together with the terminal identification; or, the data sent by the mobile internet server is decrypted by using the asymmetric encryption algorithm and the obtained public key.
The invention has the following beneficial effects:
the invention uses the asymmetric encryption algorithm to encrypt and decrypt the network communication process of the mobile terminal and the server, improves the security of mobile network communication and does not increase the hardware cost.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
Drawings
Fig. 1 is a schematic flow chart of a mobile terminal acquiring a public key in the method according to the embodiment of the present invention;
fig. 2 is a schematic flow chart of encrypted communication performed by the mobile terminal through the mobile internet in the method according to the embodiment of the present invention;
FIG. 3 is a schematic structural diagram of a system according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a mobile internet server according to an embodiment of the present invention.
Fig. 5 is a schematic structural diagram of a mobile terminal according to an embodiment of the present invention.
Detailed Description
The preferred embodiments of the present invention will now be described in detail with reference to the accompanying drawings, which form a part hereof, and which together with the embodiments of the invention serve to explain the principles of the invention. For the purpose of clarity and simplicity, a detailed description of known functions and configurations in the devices described herein will be omitted when it may obscure the subject matter of the present invention.
First, a method for mobile internet encrypted communication according to an embodiment of the present invention will be described in detail with reference to fig. 1 and 2.
As shown in fig. 1, fig. 1 is a schematic flow chart of a method for a terminal to obtain a public key according to the embodiment of the present invention, which may specifically include the following steps:
step 101: generating a plurality of unique key pairs by an asymmetric encryption algorithm on a mobile internet server side, wherein each key pair consists of a public key (public key) and a private key (private key); and storing the key pairs and IMSI numbers (International Mobile Subscriber Identity, International Mobile Subscriber Identity, number allocated for uniquely identifying a Mobile Subscriber internationally) of the terminal SIM cards into a key table, wherein each IMSI number corresponds to a unique key pair;
step 102: when a terminal accesses a mobile internet server, if the terminal does not encrypt the used public key locally, a request message is sent to the mobile internet server to request the mobile internet server to distribute the public key for the terminal; the request sent needs to contain the IMSI number of the terminal SIM card, and the format of the request may be
“PZ IMSI=123456789012345”;
Step 103: after receiving a message which is sent by a terminal and requests to distribute a public key, a mobile internet server finds a group of key pairs which are not distributed yet, associates the IMSI number of the terminal with the key pair, and then sends the public key of the key pair to the terminal;
step 104: after receiving the public key sent by the mobile internet server, the terminal stores the IMSI number and the corresponding public key thereof into a Non-Volatile Random Access Memory (NVRAM) in the terminal in a matching manner; the matched storage is convenient for the mobile phone to be safely used after different SIM cards are replaced, and simultaneously, the situation that the IMSI number of other SIM cards cannot be used by falsifying is ensured.
As shown in fig. 2, fig. 2 is a schematic flow chart of a terminal performing encrypted communication through a mobile internet in the method according to the embodiment of the present invention, which may specifically include the following steps:
step 201: when a terminal sends a request message to a mobile internet server, packaging and packaging data for sending the request according to a specified format, then encrypting the data needing to send the request by using an asymmetric encryption algorithm which is the same as that of the mobile internet server and a public key in a key pair distributed to the terminal by the mobile internet server, and carrying the encrypted data together with the IMSI number of the terminal in the request message to send the mobile internet server;
step 202: after receiving the request message sent by the terminal, the mobile internet server searches a key pair corresponding to the terminal according to the IMSI number in the request message, and then decrypts the data in the request message by using an asymmetric encryption algorithm and a private key in the key pair;
step 203: the mobile internet server side sends a response message to the terminal, the data sending the response is packaged according to a specified format, and then the data sending the response is encrypted by using an asymmetric encryption algorithm and a private key in the key pair;
step 204: and after receiving the response message sent by the mobile internet server, the terminal directly decrypts the data in the response message by using the asymmetric encryption algorithm and the public key in the key pair.
It should be noted that, as a preferred embodiment of the present invention, a mode is adopted here in which when a terminal requests to obtain a public key, a mobile internet server selects a secret key to associate with an IMSI number of the terminal; the invention can also actively pre-distribute the key pair to the terminal with known IMSI number by the mobile internet server, respectively correlate the IMSI number of each terminal with a unique key pair and send the public key in the key pair to the corresponding terminal; furthermore, the asymmetric encryption algorithms mentioned in the method of the present invention are not limited to a specific method, but can be arbitrarily combined according to specific design requirements.
The mobile internet encrypted communication system according to the embodiment of the present invention will be described in detail below.
As shown in fig. 3, fig. 3 is a schematic structural diagram of a system according to an embodiment of the present invention, which may specifically include: a mobile internet server and a terminal, wherein,
the mobile internet server is mainly responsible for generating a plurality of groups of unique key pairs in advance through an asymmetric encryption algorithm, and each key pair comprises a public key and a private key; the mobile internet server associates the terminal identifier (such as an IMSI number) with a pre-generated key pair, and sends a public key in the key pair to a corresponding terminal for storage;
and the terminal sends the terminal identification to the mobile internet server when the terminal accesses the mobile internet server and finds that the terminal does not locally have the public key used for encryption, and requests the internet server to distribute the public key for the terminal.
When the terminal sends the request message, the data which needs to send the request is encrypted by using an asymmetric encryption algorithm and a public key obtained from the mobile internet server, and the encrypted data and the terminal identification are carried in the request message and sent to the mobile internet server; when receiving a request message sent by a terminal, the mobile internet server finds a corresponding key pair according to the terminal identification of the request message, and decrypts the data in the request message by using an asymmetric encryption algorithm and a private key in the key pair.
When the mobile internet server sends a response message to the terminal, encrypting the data for sending the response by using an asymmetric encryption algorithm and a private key in the key pair, and sending the encrypted data to the terminal; and after receiving the response message, the terminal decrypts the data in the response message by using the asymmetric encryption algorithm and the public key acquired from the mobile internet server.
Finally, the related device according to the embodiment of the present invention will be described in detail with reference to fig. 4 and 5.
As shown in fig. 4, fig. 4 is a schematic structural diagram of a mobile internet server according to an embodiment of the present invention, which may specifically include: an association module and an encryption and decryption module, wherein,
the association module associates the terminal identification with a key pair which is generated in advance through an asymmetric encryption algorithm and consists of a public key and a private key, and sends the public key in the key pair to a corresponding terminal for storage;
the encryption and decryption module finds a corresponding key pair according to the terminal identification when receiving data and the terminal identification sent by the terminal, and decrypts by using the asymmetric encryption algorithm and a private key in the key pair; or, the asymmetric encryption algorithm and the private key in the key pair are used for encrypting the data to be sent, and the encrypted data is sent to the terminal.
As shown in fig. 5, fig. 5 is a schematic structural diagram of a terminal according to an embodiment of the present invention, which may specifically include: an acquisition module and an encryption and decryption module, wherein,
the terminal comprises an acquisition module, a sending module and a sending module, wherein the acquisition module sends a terminal identifier to a mobile internet server to request to acquire a public key when the terminal accesses the mobile internet server and finds that the public key used for encryption is not locally available in the terminal;
the encryption and decryption module is used for encrypting data to be sent by using a preset asymmetric encryption algorithm and the obtained public key and sending the encrypted data and the terminal identification to the mobile internet server; or, the data sent by the mobile internet server is decrypted by using the asymmetric encryption algorithm and the obtained public key.
In summary, embodiments of the present invention provide a method, a system and a related device for mobile internet encrypted communication, which provide an encryption and decryption means for a mobile communication network requiring high security assurance. The embodiment of the invention uses an asymmetric encryption algorithm to encrypt and decrypt the network communication process of the terminal and the server, the public key and the private key are a pair, if the public key is used to encrypt data, only the corresponding private key can be used to decrypt the data; if the data is encrypted with a private key, it can only be decrypted with the corresponding public key. Because the terminal and the server respectively use two different keys, the data transmitted by the terminal network is difficult to crack even if intercepted, and the encrypted data can not be decrypted even if the terminal is taken, thereby greatly improving the security of mobile network communication. In addition, the embodiment of the invention does not need extra encryption equipment to participate, has no extra hardware cost, can be applied to the fields of mobile network payment, mobile network security trading, military network communication and the like, and can be supported by terminals (such as mobile phones, personal handyphones and the like) with unique identifiers.
The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention are included in the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.

Claims (8)

1.一种移动互联网加密通讯的方法,其特征在于,包括:1. A method for mobile Internet encrypted communication, characterized in that, comprising: 移动互联网服务器将终端标识与预先通过非对称加密算法生成的由公钥和私钥组成的密钥对进行关联,并将所述密钥对中的公钥发送给对应的终端进行保存;The mobile Internet server associates the terminal identifier with a key pair composed of a public key and a private key generated in advance through an asymmetric encryption algorithm, and sends the public key in the key pair to the corresponding terminal for storage; 所述终端利用所述非对称加密算法和所述密钥对中的公钥进行加解密,所述移动互联网服务器利用所述非对称加密算法和所述密钥对中的私钥进行加解密。The terminal uses the asymmetric encryption algorithm and the public key in the key pair to perform encryption and decryption, and the mobile Internet server uses the asymmetric encryption algorithm and the private key in the key pair to perform encryption and decryption. 2.根据权利要求1所述的方法,其特征在于,在执行所述方法之前还包括:2. The method according to claim 1, further comprising: 当终端要访问所述移动互联网服务器并发现所述终端本地没有加密所用的公钥时,将所述终端的终端标识发送给所述移动互联网服务器,请求获取所述公钥。When the terminal wants to access the mobile Internet server and finds that the terminal does not have the public key used for encryption locally, it sends the terminal identifier of the terminal to the mobile Internet server to request to obtain the public key. 3.根据权利要求1或2所述的方法,其特征在于,所述终端利用所述非对称加密算法和所述密钥对中的公钥进行加解密,所述移动互联网服务器利用所述非对称加密算法和所述密钥对中的私钥进行加解密的过程具体包括:3. The method according to claim 1 or 2, wherein the terminal uses the asymmetric encryption algorithm and the public key in the key pair to perform encryption and decryption, and the mobile Internet server uses the asymmetric encryption algorithm to perform encryption and decryption. The process of encrypting and decrypting the private key in the symmetric encryption algorithm and the key pair specifically includes: 所述终端利用所述非对称加密算法和所述密钥对中的公钥对需要发送的数据进行加密,并将加密后的数据连同终端标识一起发送给移动互联网服务器;所述移动互联网服务器在收到所述终端发来的数据和终端标识时,根据所述终端标识找到对应的密钥对,利用所述非对称加密算法和所述密钥对中的私钥对所述终端发送过来的数据进行解密;The terminal uses the asymmetric encryption algorithm and the public key in the key pair to encrypt the data to be sent, and sends the encrypted data together with the terminal identifier to the mobile Internet server; When receiving the data and the terminal identifier sent by the terminal, find the corresponding key pair according to the terminal identifier, and use the asymmetric encryption algorithm and the private key in the key pair to encrypt the data sent by the terminal. The data is decrypted; 或者,or, 所述移动互联网服务器利用所述非对称加密算法和所述密钥对中的私钥对需要发送的数据进行加密,并将加密后的数据发送给所述终端;所述终端利用所述非对称加密算法和所述密钥对中的公钥对所述移动互联网服务器发送过来的数据进行解密。The mobile Internet server uses the asymmetric encryption algorithm and the private key in the key pair to encrypt the data to be sent, and sends the encrypted data to the terminal; the terminal uses the asymmetric The encryption algorithm and the public key in the key pair decrypt the data sent by the mobile Internet server. 4.根据权利要求1或2所述的方法,其特征在于,所述终端标识为,国际移动用户识别码。4. The method according to claim 1 or 2, wherein the terminal identifier is an International Mobile Subscriber Identity. 5.一种移动互联网加密通讯的系统,其特征在于,包括:5. A system for mobile Internet encrypted communication, characterized in that it comprises: 移动互联网服务器,用于将终端标识与预先通过非对称加密算法生成的由公钥和私钥组成的密钥对进行关联,并将所述密钥对中的公钥发送给对应的终端进行保存;所述移动互联网服务还用于利用所述非对称加密算法和所述密钥对中的私钥进行加解密;The mobile Internet server is used to associate the terminal identifier with a key pair composed of a public key and a private key generated in advance through an asymmetric encryption algorithm, and send the public key in the key pair to the corresponding terminal for storage ; The mobile Internet service is also used to encrypt and decrypt using the asymmetric encryption algorithm and the private key in the key pair; 终端,用于利用所述非对称加密算法和所述密钥对中的公钥进行相应的加解密。The terminal is configured to use the asymmetric encryption algorithm and the public key in the key pair to perform corresponding encryption and decryption. 6.根据权利要求5所述的系统,其特征在于,所述终端还用于,在其要访问所述移动互联网服务器并发现所述终端本地没有加密所用的公钥时,将所述终端的终端标识发送给所述移动互联网服务器,请求获取所述公钥。6. The system according to claim 5, wherein the terminal is further configured to, when it wants to access the mobile Internet server and finds that the terminal does not have a public key for encryption locally, send the terminal's The terminal identifier is sent to the mobile Internet server to request to obtain the public key. 7.一种移动互联网服务器,其特征在于,包括:7. A mobile Internet server, characterized in that, comprising: 关联模块,用于将终端标识与预先通过非对称加密算法生成的由公钥和私钥组成的密钥对进行关联,并将所述密钥对中的公钥发送给对应的终端进行保存;An associating module, configured to associate the terminal identifier with a key pair composed of a public key and a private key generated in advance through an asymmetric encryption algorithm, and send the public key in the key pair to the corresponding terminal for storage; 加解密模块,用于在收到终端发来的数据和终端标识时,根据所述终端标识找到对应的密钥对,利用所述非对称加密算法和所述密钥对中的私钥进行解密;或者,利用所述非对称加密算法和所述密钥对中的私钥对需要发送的数据进行加密,并将加密后的数据发送给所述终端。An encryption and decryption module, configured to find a corresponding key pair according to the terminal identification when receiving the data and the terminal identification from the terminal, and decrypt using the asymmetric encryption algorithm and the private key in the key pair or, using the asymmetric encryption algorithm and the private key in the key pair to encrypt the data to be sent, and send the encrypted data to the terminal. 8.一种终端,其特征在于,包括:8. A terminal, characterized in that, comprising: 获取模块,用于在终端要访问移动互联网服务器并发现所述终端本地没有加密所用的公钥时,将终端标识发送给所述移动互联网服务器,请求获取所述公钥;An acquisition module, configured to send the terminal identifier to the mobile Internet server and request to obtain the public key when the terminal wants to access the mobile Internet server and finds that the terminal does not have a public key for encryption locally; 加解密模块,用于利用预定的非对称加密算法和获取到的所述公钥对需要发送的数据进行加密,并将加密后的数据连同终端标识一起发送给所述移动互联网服务器;或者,利用所述非对称加密算法和获取到的所述公钥对所述移动互联网服务器发送过来的数据进行解密。The encryption and decryption module is used to encrypt the data to be sent by using a predetermined asymmetric encryption algorithm and the obtained public key, and send the encrypted data to the mobile Internet server together with the terminal identification; or, use The asymmetric encryption algorithm and the obtained public key decrypt the data sent by the mobile Internet server.
CN201010264514XA 2010-08-27 2010-08-27 Method, system and related device for mobile Internet encrypted communication Pending CN101917710A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201010264514XA CN101917710A (en) 2010-08-27 2010-08-27 Method, system and related device for mobile Internet encrypted communication
PCT/CN2010/079670 WO2012024872A1 (en) 2010-08-27 2010-12-10 Method, system and related apparatus for encrypting communication in mobile internet

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201010264514XA CN101917710A (en) 2010-08-27 2010-08-27 Method, system and related device for mobile Internet encrypted communication

Publications (1)

Publication Number Publication Date
CN101917710A true CN101917710A (en) 2010-12-15

Family

ID=43325071

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201010264514XA Pending CN101917710A (en) 2010-08-27 2010-08-27 Method, system and related device for mobile Internet encrypted communication

Country Status (2)

Country Link
CN (1) CN101917710A (en)
WO (1) WO2012024872A1 (en)

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102098317A (en) * 2011-03-22 2011-06-15 浙江中控技术股份有限公司 Data transmitting method and system applied to cloud system
CN102857522A (en) * 2012-10-12 2013-01-02 广州市品高软件开发有限公司 Identity authentication method and system for cloud computing desktop terminal
CN103166757A (en) * 2011-12-19 2013-06-19 卓望数码技术(深圳)有限公司 Method and system capable of dynamically protecting user private data
CN103354637A (en) * 2013-07-22 2013-10-16 全渝娟 Internet of things terminal M2M communication encryption method
CN103428691A (en) * 2012-05-24 2013-12-04 希姆通信息技术(上海)有限公司 Mobile phone bank safety certificating method and system
CN103795780A (en) * 2013-12-06 2014-05-14 中国科学院深圳先进技术研究院 Cloud storage data protection method and device
CN104821944A (en) * 2015-04-28 2015-08-05 广东小天才科技有限公司 Hybrid encryption network data security method and system
CN104954378A (en) * 2015-06-19 2015-09-30 收付宝科技有限公司 Asymmetric message encryption method and system
CN105337741A (en) * 2015-10-14 2016-02-17 四川省宁潮科技有限公司 Trust device autonomous registering method based on asymmetric algorithm
CN105429753A (en) * 2015-12-30 2016-03-23 宇龙计算机通信科技(深圳)有限公司 Voice data method for improving security of VoLTE communication, system and mobile terminal
CN105873043A (en) * 2016-06-14 2016-08-17 周波 Network private key generating and applying method and system for mobile terminal
CN106330862A (en) * 2016-08-10 2017-01-11 武汉信安珞珈科技有限公司 Secure transmission method and system for dynamic password
CN106777993A (en) * 2016-12-22 2017-05-31 广东技术师范学院 A kind of medical detection system and its method based on internet
CN107590025A (en) * 2017-08-17 2018-01-16 深圳市优品壹电子有限公司 A kind of back-up restoring method and system
CN108471423A (en) * 2018-04-02 2018-08-31 北京奇艺世纪科技有限公司 A kind of acquisition methods and system of private key
CN110650113A (en) * 2018-04-24 2020-01-03 物联智慧股份有限公司 Data encryption and decryption method and system, networking device and data encryption and decryption method thereof
CN111080299A (en) * 2019-12-27 2020-04-28 广州骏伯网络科技有限公司 Anti-repudiation method for transaction information, client and server

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115333813B (en) * 2022-08-02 2024-11-29 中国电信股份有限公司 Data encryption transmission method, device, electronic device and storage medium
CN115694959A (en) * 2022-10-27 2023-02-03 天津津航计算技术研究所 A data unloading system and method based on an asymmetric encryption algorithm
CN116506188B (en) * 2023-05-04 2024-03-29 北京众谊越泰科技有限公司 Operation method and system of asymmetric encryption algorithm based on B/S architecture

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1790984A (en) * 2004-12-14 2006-06-21 中兴通讯股份有限公司 User identity secret-keeping method in communication system
US20060198517A1 (en) * 2005-03-07 2006-09-07 Microsoft Corporation Method and system for asymmetric key security
EP1843509A1 (en) * 2005-01-14 2007-10-10 Nan, XiangHao Identifier-based private key generating method and device
CN101183938A (en) * 2007-10-22 2008-05-21 华中科技大学 A wireless network security transmission method, system and device
CN101552668A (en) * 2008-03-31 2009-10-07 展讯通信(上海)有限公司 Certificating method, user equipment and base station for accessing user equipment into network

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101741555B (en) * 2008-11-12 2012-07-04 中兴通讯股份有限公司 Method and system for identity authentication and key agreement

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1790984A (en) * 2004-12-14 2006-06-21 中兴通讯股份有限公司 User identity secret-keeping method in communication system
EP1843509A1 (en) * 2005-01-14 2007-10-10 Nan, XiangHao Identifier-based private key generating method and device
US20060198517A1 (en) * 2005-03-07 2006-09-07 Microsoft Corporation Method and system for asymmetric key security
CN101183938A (en) * 2007-10-22 2008-05-21 华中科技大学 A wireless network security transmission method, system and device
CN101552668A (en) * 2008-03-31 2009-10-07 展讯通信(上海)有限公司 Certificating method, user equipment and base station for accessing user equipment into network

Cited By (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102098317B (en) * 2011-03-22 2013-12-18 浙江中控技术股份有限公司 Data transmitting method and system applied to cloud system
CN102098317A (en) * 2011-03-22 2011-06-15 浙江中控技术股份有限公司 Data transmitting method and system applied to cloud system
CN103166757A (en) * 2011-12-19 2013-06-19 卓望数码技术(深圳)有限公司 Method and system capable of dynamically protecting user private data
CN103428691A (en) * 2012-05-24 2013-12-04 希姆通信息技术(上海)有限公司 Mobile phone bank safety certificating method and system
CN102857522A (en) * 2012-10-12 2013-01-02 广州市品高软件开发有限公司 Identity authentication method and system for cloud computing desktop terminal
CN103354637B (en) * 2013-07-22 2016-03-02 全渝娟 A kind of internet-of-things terminal M2M communication encrypting method
CN103354637A (en) * 2013-07-22 2013-10-16 全渝娟 Internet of things terminal M2M communication encryption method
CN103795780A (en) * 2013-12-06 2014-05-14 中国科学院深圳先进技术研究院 Cloud storage data protection method and device
CN104821944A (en) * 2015-04-28 2015-08-05 广东小天才科技有限公司 Hybrid encryption network data security method and system
CN104954378A (en) * 2015-06-19 2015-09-30 收付宝科技有限公司 Asymmetric message encryption method and system
CN105337741A (en) * 2015-10-14 2016-02-17 四川省宁潮科技有限公司 Trust device autonomous registering method based on asymmetric algorithm
CN105429753A (en) * 2015-12-30 2016-03-23 宇龙计算机通信科技(深圳)有限公司 Voice data method for improving security of VoLTE communication, system and mobile terminal
CN105873043A (en) * 2016-06-14 2016-08-17 周波 Network private key generating and applying method and system for mobile terminal
CN105873043B (en) * 2016-06-14 2020-02-07 周波 Method and system for generating and applying network private key for mobile terminal
CN106330862A (en) * 2016-08-10 2017-01-11 武汉信安珞珈科技有限公司 Secure transmission method and system for dynamic password
CN106777993A (en) * 2016-12-22 2017-05-31 广东技术师范学院 A kind of medical detection system and its method based on internet
CN107590025A (en) * 2017-08-17 2018-01-16 深圳市优品壹电子有限公司 A kind of back-up restoring method and system
CN108471423A (en) * 2018-04-02 2018-08-31 北京奇艺世纪科技有限公司 A kind of acquisition methods and system of private key
CN110650113A (en) * 2018-04-24 2020-01-03 物联智慧股份有限公司 Data encryption and decryption method and system, networking device and data encryption and decryption method thereof
CN111080299A (en) * 2019-12-27 2020-04-28 广州骏伯网络科技有限公司 Anti-repudiation method for transaction information, client and server
CN111080299B (en) * 2019-12-27 2020-12-15 广州骏伯网络科技有限公司 Anti-repudiation method for transaction information, client and server

Also Published As

Publication number Publication date
WO2012024872A1 (en) 2012-03-01

Similar Documents

Publication Publication Date Title
CN101917710A (en) Method, system and related device for mobile Internet encrypted communication
CN113067699B (en) Data sharing method and device based on quantum key and computer equipment
US8499156B2 (en) Method for implementing encryption and transmission of information and system thereof
CN101789865B (en) Dedicated server used for encryption and encryption method
CN103763631B (en) Authentication method, server and television set
CN101720071B (en) Short message two-stage encryption transmission and secure storage method based on safety SIM card
CN104092550B (en) Cipher code protection method, system and device
CN108924147B (en) Communication terminal digital certificate issuing method, server and communication terminal
CA2879910C (en) Terminal identity verification and service authentication method, system and terminal
CN103297403A (en) Method and system for achieving dynamic password authentication
CN106101068A (en) Terminal communicating method and system
CN110493162A (en) Wearable device-based identity authentication method and system
CN101621794A (en) Method for realizing safe authentication of wireless application service system
CN112564906A (en) Block chain-based data security interaction method and system
CN107919958B (en) A data encryption processing method, device and equipment
CN105142134B (en) Parameter acquisition and parameter transmission method and device
KR20120051344A (en) Portable integrated security memory device and service processing apparatus and method using the same
WO2021129012A1 (en) Privacy information transmission method, apparatus, computer device and computer-readable medium
CN108270568A (en) A kind of mobile digital certificate device and its update method
WO2014146609A1 (en) Information processing method, trust server and cloud server
CN108718323A (en) A kind of identity identifying method and system
CN103916834A (en) Short message encryption method and system allowing user to have exclusive secret key
CN110572825A (en) A wearable device authentication device and authentication encryption method
Yoon et al. Security enhancement scheme for mobile device using H/W cryptographic module
CN108881300A (en) A kind of file encryption that supporting mobile phone terminal security cooperation and sharing method and system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C12 Rejection of a patent application after its publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20101215