Nothing Special   »   [go: up one dir, main page]

CN114091088B - Method and apparatus for improving communication security - Google Patents

Method and apparatus for improving communication security Download PDF

Info

Publication number
CN114091088B
CN114091088B CN202210053353.2A CN202210053353A CN114091088B CN 114091088 B CN114091088 B CN 114091088B CN 202210053353 A CN202210053353 A CN 202210053353A CN 114091088 B CN114091088 B CN 114091088B
Authority
CN
China
Prior art keywords
key
data
communication
target
identification information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202210053353.2A
Other languages
Chinese (zh)
Other versions
CN114091088A (en
Inventor
彭炳辉
吕彦朋
陈彬
于海波
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Yunding Network Technology Beijing Co Ltd
Original Assignee
Yunding Network Technology Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Yunding Network Technology Beijing Co Ltd filed Critical Yunding Network Technology Beijing Co Ltd
Priority to CN202210053353.2A priority Critical patent/CN114091088B/en
Priority to CN202211095868.5A priority patent/CN115618374A/en
Publication of CN114091088A publication Critical patent/CN114091088A/en
Application granted granted Critical
Publication of CN114091088B publication Critical patent/CN114091088B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/58Random or pseudo-random number generators
    • G06F7/582Pseudo-random number generators
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/58Random or pseudo-random number generators
    • G06F7/588Random number generators, i.e. based on natural stochastic processes

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Mathematical Optimization (AREA)
  • Pure & Applied Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Computational Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Telephone Function (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Facsimile Transmission Control (AREA)

Abstract

The embodiment of the application discloses a method and a device for improving communication safety. One embodiment of the method comprises: acquiring a first secret key based on a root secret key and first identification information saved by a first communication party; acquiring a second key based on the first key; acquiring a third key based on the second key and the data information matched with the target application scene; and encrypting the target communication data based on the third key. According to the embodiment, different third keys are generated based on different application scenes, the third keys are used for encrypting the target communication data, so that the communication safety can be improved, and when the third keys in one application scene are leaked or cracked, the third keys in other scenes are not affected, so that the communication safety is improved.

Description

Method and apparatus for improving communication security
Technical Field
The present application relates to the field of communication security technologies, and in particular, to a method and an apparatus for improving communication security.
Background
With the continuous development of communication technology, communication security issues are receiving much attention. The communication party usually has a root key, and in order to ensure the security of the root key, the communication party often generates an application key based on the root key, and encrypts transmission data of a plurality of application scenarios by using the application key. When the application key is leaked or cracked, the security of the transmission data of various application scenes cannot be guaranteed.
Disclosure of Invention
The embodiment of the application provides a method and a device for improving communication safety.
In a first aspect, an embodiment of the present application provides a method for improving communication security, which is applied to a first communication party, and the method includes:
acquiring a first key based on a root key and first identification information saved by the first communication party; the first identification information is identification information of the first communication party;
acquiring a second key based on the first key;
responding to target communication data sent by a second communication party, and acquiring a third key based on the second key and data information matched with a target application scene; the target application scene is an application scene represented by the target communication data;
the target communication data is encrypted based on the third key.
In some embodiments, the obtaining a third key based on the second key and the data information matched with the target application scenario specifically includes:
acquiring a first character string and a second character string based on the target application scene;
processing the second key in a pseudo-random mode by using the first character string to obtain a pseudo-randomized key;
carrying out key length expansion processing on the pseudo-randomized key by using the second character string to obtain a key after length expansion;
a third key is generated based on the length-extended key.
In some embodiments, the method further comprises determining a target application scenario, comprising: at least one of the first and second modes;
the method I comprises the following steps: extracting a target application scene identifier from the target communication data, and determining a target application scene based on the target application scene identifier;
the second method comprises the following steps: and performing data feature recognition on the target communication data, and determining a target application scene based on a data feature recognition result.
In some embodiments, the generating a third key based on the length-extended key specifically includes:
and generating a third key based on the user binding key saved by the first communication party and the key after the length expansion.
In some embodiments, further comprising:
storing the encrypted target communication data, and discarding the unencrypted target communication data;
and in response to a use instruction of the target communication data, decrypting the encrypted target communication data based on the third key, acquiring the decrypted target communication data and using the target communication data based on the use instruction.
In some embodiments, the target communication data is sent by the second communication party after the authorization authentication, and the method further comprises authenticating the authorization of the second communication party, including:
acquiring second identification information of the second communication party, and judging whether the second identification information is matched with target identification information in a data group stored by the first communication party; wherein the data set includes: the corresponding first identification information, the root key and the target identification information;
and if the communication data is consistent with the target communication data, the authority authentication of the second communication party passes, and the target communication data sent by the second communication party is responded.
In some embodiments, the obtaining the second identification information of the second communication party, and determining whether the second identification information matches with the target identification information in the data group stored by the first communication party specifically includes:
acquiring inspection data;
sending verification data to the second party;
receiving encrypted data sent by the second communication party; the encrypted data is obtained by the second communication party through encryption operation on the verification data by using the second identification information;
decrypting the encrypted data by using the target identification information to obtain decrypted data;
comparing whether the decrypted data and the check data are consistent;
and if the first identification information of the second communication party is consistent with the second identification information of the first communication party, determining that the second identification information of the second communication party is matched with the target identification information in the data group stored by the first communication party.
In a second aspect, an embodiment of the present application provides an apparatus for improving communication security, where the apparatus includes:
a first key acquisition module configured to perform acquisition of a first key based on a root key and first identification information held by a first communication party; the first identification information is identification information of the first communication party;
a second key acquisition module configured to perform acquisition of a second key based on the first key;
a third key obtaining module configured to perform obtaining a third key based on the second key and data information matched with the target application scenario in response to the target communication data sent by the second communication party; the target application scene is an application scene represented by the target communication data;
an encryption module configured to perform encryption of the target communication data based on the third key.
In a third aspect, the present application provides a computer readable medium, on which a computer program is stored, where the program, when executed by a processor, implements the method as described in any implementation manner of the first aspect.
In a fourth aspect, an embodiment of the present application provides a processor, where the processor is configured to execute a program, where the program executes to perform the method described in any implementation manner of the first aspect.
In a fifth aspect, an embodiment of the present application provides an electronic device, including: one or more processors; a storage device having one or more programs stored thereon; the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the method as described in any implementation of the first aspect.
According to the method and the device for improving communication safety, the first secret key is obtained based on the root secret key and the first identification information stored by the first communication party, the second secret key is obtained based on the first secret key, the third secret key is obtained based on the second secret key and the data information matched with the target application scene, and the target communication data are encrypted based on the third secret key. According to the embodiment of the application, different third keys are generated under the conditions that the target application scenes are different and the data information matched with the target application scenes is different, and the third keys are used for encrypting the target communication data, so that when the third keys in one application scene are leaked or cracked, the third keys in other scenes are not influenced, and the communication safety is improved.
Of course, it is not necessary for any product or method of the present application to achieve all of the above-described advantages at the same time.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings used in the embodiments or the prior art descriptions will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present application, and it is also possible for those skilled in the art to obtain other drawings based on the drawings without creative efforts.
FIG. 1 is a flow diagram of one embodiment of a method for improving communication security according to the present application;
FIG. 2 is a flow diagram of yet another embodiment of a method for improving communication security according to the present application;
FIG. 3 is a timing diagram of one embodiment of a system for improving communication security according to the present application;
FIG. 4 is a timing diagram of another embodiment of a system for improving communication security according to the present application;
FIG. 5 is a timing diagram of another embodiment of a system for improving communication security according to the present application;
FIG. 6 is a schematic diagram illustrating an embodiment of an apparatus for enhancing communications security according to the present application;
FIG. 7 is a schematic block diagram illustrating one embodiment of an apparatus for enhancing communications security in accordance with the present application;
FIG. 8 is a schematic diagram of an electronic device suitable for use in implementing some embodiments of the present application.
Detailed Description
The present application will be described in further detail with reference to the following drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the relevant invention and not restrictive of the invention. The described embodiments are only some embodiments of the present application and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
It should be noted that, for convenience of description, only the portions related to the related invention are shown in the drawings. The embodiments and features of the embodiments in the present application may be combined with each other without conflict.
It should be understood that "system", "apparatus", "unit" and/or "module" as used herein is a method for distinguishing different components, elements, parts or assemblies at different levels. However, other words may be substituted by other expressions if they accomplish the same purpose.
As used in this application and the appended claims, the terms "a," "an," "the," and/or "the" are not intended to be inclusive in the singular, but rather are intended to be inclusive in the plural unless the context clearly dictates otherwise. In general, the terms "comprises" and "comprising" are intended to cover only the explicitly identified steps or elements as not constituting an exclusive list and that the method or apparatus may comprise further steps or elements. An element defined by the phrase "comprising an … …" does not exclude the presence of other identical elements in the process, method, article, or apparatus that comprises the element.
In the description of the embodiments herein, "/" means "or" unless otherwise specified, for example, a/B may mean a or B; "and/or" herein is merely an association describing an associated object, and means that there may be three relationships, e.g., a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone. In addition, in the description of the embodiments of the present application, "a plurality" means two or more than two.
In the following, the terms "first", "second" are used for descriptive purposes only and are not to be understood as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include one or more of that feature.
Flow charts are used herein to illustrate operations performed by systems according to embodiments of the present application. It should be understood that the preceding or following operations are not necessarily performed in the exact order in which they are performed. Rather, the various steps may be processed in reverse order or simultaneously. Meanwhile, other operations may be added to the processes, or a certain step or several steps of operations may be removed from the processes.
The application provides a method for improving communication security, which is applied to a first communication party and comprises the following steps:
step 101: acquiring a first secret key based on a root secret key and first identification information saved by a first communication party; the first identification information is identification information of the first communication party.
In this embodiment, the first communication party for improving the communication security may be hardware or software. When the first communication party is hardware, the first communication party may be various types of electronic devices, and may be electronic devices such as a smart phone, a tablet computer, a desktop computer, a wearable device, a vehicle-mounted device, an Augmented Reality (AR)/Virtual Reality (VR) device, an electronic book reader, an audio video player, and an electronic lock. When the first communication party is software, it can be installed in the electronic device listed above. The embodiment of the present application does not set any limit to the specific type of the electronic device. Optionally, the first communication party has a Chip therein, the first identification information may be identification information of the Chip, and the first identification information may be various types of identification information, such as identification information (Chip ID ), and the like.
As an optional implementation manner, a root key (RootKey) and/or first identification information may be stored in the security domain of the first communication party, and since the security domain is not allowed to be read by an external device, security of information stored in the security domain may be ensured. The security domain may be TrustZone or EFUSE in the chip. In order to improve the security of the root key, the communication data may be encrypted using another key generated based on the root key, instead of being encrypted directly using the root key. Step 101 may obtain a first key based on first identification information and a root key saved in a security domain of a first communication party.
Optionally, in order to avoid a problem of reduction of communication security due to different first communication parties having the same first key, the present application may make different first communication parties different from the first key obtained by the root key based on the first identification information by different root keys stored by different first communication parties and/or different first identification information stored by different first communication parties.
As an optional implementation manner, the first key obtained based on the root key and the first identification information stored by the first communication party may be a key that meets AES requirements, that is, an Advanced Encryption standard key (AES key). The first key may be obtained by using the root key as an input, using the first identification information as a salt value, and using a derivation algorithm to process the first key. Of course, the first key may also be obtained by other methods, such as: and embedding the first identification information into the root key to obtain a first key.
In some optional implementations of this embodiment, the first communication party may have a biometric algorithm chip, and the biometric identification may be one or more of fingerprint identification, finger vein identification, face identification, iris identification, voice print identification, palm print identification, and palm vein identification. The Root key and the Chip ID (first identification information) of the Chip can be burned into a secure domain of the biometric algorithm Chip, the Root key and the Chip ID in the secure domain can be loaded when the Chip is powered on, and a derivation algorithm is run to obtain the first key of the algorithm Chip, wherein the first key of the algorithm Chip can be an AesKey. The biological recognition algorithm chip can have a biological recognition function, a communication function with an external electronic device, a firmware upgrading function and the like.
Step 102: a second key is obtained based on the first key.
In this embodiment, the first communication party may obtain the second key based on the first key, and since the data is directly encrypted without using the first key, the communication security problem caused by the first key being leaked or cracked may be prevented. In addition, compared with a mode of acquiring the first key based on the root key and the first identification information stored by the first communication party, the mode of acquiring the second key based on the first key is more flexible, and the method can be applied to an application scenario with high key replacement frequency.
As an alternative embodiment, the method for obtaining the second key based on the first key may be to generate the second key for performing an encryption process on the first key. Optionally, the method for generating the second key by performing encryption processing on the first key may use a message digest algorithm to process the first key, and use a digest of the processed first key as the second key. Of course, the second key may also be generated by encrypting the first key by other methods, such as: and generating a second key by adopting a hash algorithm on the first key.
Step 103: responding to target communication data sent by a second communication party, and acquiring a third key based on the second key and data information matched with a target application scene; the target application scenario is an application scenario characterized by target communication data.
In this embodiment, the second communication party may be hardware or software. When the second communication party is hardware, the second communication party may be various types of electronic devices, such as a smart phone, a tablet computer, a desktop computer, a wearable device, an in-vehicle device, an Augmented Reality (AR)/Virtual Reality (VR) device, an e-book reader, an audio video player, an electronic lock, and other electronic devices. When the second communication party is software, it can be installed in the electronic device listed above. The embodiment of the present application does not set any limit to the specific type of the electronic device.
As an optional implementation manner, the first communication party receives target communication data sent by the second communication party, and the first communication party may perform encryption processing on the target communication data. In this embodiment, the first communication party may obtain the third key based on the second key and the data information matching the target application scenario. The data information may be a character string, or may be information such as text and graphics. The third key is generated based on the data information matched with the target application scene, and the data information matched with the target application scene can be different under the condition that the target application scenes are different, so that the first communication party can generate different third keys aiming at different application scenes, and the problems that the communication data under all application scenes are encrypted by directly utilizing the second key, and the safety of the transmission data of various application scenes cannot be guaranteed when the second key is leaked or cracked are solved. The method and the device can improve communication safety by generating different third keys aiming at different application scenes, and when the third key corresponding to one application scene is leaked or cracked, the third keys corresponding to other scenes are not influenced.
As an optional implementation manner, the method for the first communication party to obtain the third key based on the second key and the data information matched with the target application scenario may include: acquiring a first character string and a second character string based on a target application scene; processing the second key in a pseudo-random mode by using the first character string to obtain a pseudo-randomized key; performing key length expansion processing on the pseudo-randomized key by using a second character string to obtain a key after length expansion; a third key is generated based on the length-extended key.
Optionally, a key length required by the application scenario is obtained based on the target application scenario, the key after the length expansion is obtained through an HKDF algorithm, the key after the length expansion is used as a key value of the HMAC, and an HMAC message integrity authentication code is generated based on the HMAC algorithm, where the message integrity authentication code is used as a third key.
Alternatively, the method for processing the second key in a pseudo-random manner by using the first character string may be to embed a pseudo-random number into the second key to obtain a pseudo-randomized key. Of course, the method for processing the second key by using the first character string in the pseudo-random manner may also be to process the second key by using a hash function, and in the process of processing the second key, the length of the first character string is taken as the length of the hash value using the hash function.
As an optional implementation manner, one target application scenario corresponds to two types of character strings, which are a first character string and a second character string, respectively, the first character strings in different target application scenarios may be different, and the second character strings in different target application scenarios may also be different, so that the third keys corresponding to different target application scenarios may also be different. Alternatively, when the first communication party performs pseudo-randomization on the second key by using the first character string, the pseudo-randomization may be implemented by using a hash function, and the first character string may be used as a salt (salt) of a salt adding operation, and the length of the first character string is the hash value length of the hash function. Alternatively, when the first communication party performs the key length expansion process on the pseudo-randomized key using the second character string (info), the pseudo-randomized key may be expanded to a required length through a series of hash operations. In some alternative implementations of the present embodiment, the length of the pseudo-randomized key may be no less than the output digest length of the used hash algorithm, and the second string length may be no greater than 255 times the output digest length of the used hash algorithm.
As an alternative implementation, the first communication party may generate the third key based on the user binding key and the extended-length key stored by the first communication party. Since the user binding keys of different users can be different, and the third keys generated based on the user binding keys can also be different, the third keys can be distinguished for different users even under the same target application scene, and the flexibility of key generation can be improved. Alternatively, the method of generating the third key may be the HMAC-sha256 algorithm. In some optional implementation manners of this embodiment, a client with a user management function (e.g., a mobile phone mobile terminal APP, etc.) implants a user binding key (which may be a key bound with a user ID) into a security domain of a chip possessed by the first communication party, where the user ID is an identity of a user entered in the client with the user management function, so that a third key may be generated based on the user binding key and the key after the length expansion.
As an optional implementation, the first communication party may also generate the third key by other methods, for example: the third key may be generated based on a random string generated by the first communication party upon receipt of the target communication data and the length-extended key. Therefore, if different target communication data are received, the generated random character strings are different, the generated third secret key is also different, the flexibility of generating the third secret key is enhanced, and the communication safety is favorably improved. Alternatively, the method of generating the third key may be the HMAC-sha256 algorithm.
As an optional implementation manner, the method for determining the target application scenario may be: and extracting a target application scene identifier from the target communication data, and determining a target application scene based on the target application scene identifier. Under the method for determining the target application scene, the target communication data may carry a target application scene identifier, the first communication party may extract the target application scene identifier from the target communication data, and the target application scene is determined by using the target application scene identifier, so that the first character string and the second character string are obtained based on the target application scene, and the third key is generated.
As another optional implementation, the method for determining the target application scenario may be: and carrying out data feature recognition on the target communication data, and determining a target application scene based on a data feature recognition result. Under the method for determining the target application scenario, the first communication party can distinguish the target application scenario by using different data characteristics of target communication data transmitted under different application scenarios.
In some optional implementation manners of this embodiment, the target application scenario may be a biometric recognition scenario, the biometric recognition scenario may be determined by using a biometric recognition scenario identifier, and the biometric recognition scenario may also be determined by using a biometric feature.
In some optional implementation manners of this embodiment, the target application scenario may be a firmware upgrade scenario, the firmware upgrade scenario may be determined by using a firmware upgrade scenario identifier, and the firmware upgrade scenario may also be determined by using program data in the firmware.
In some optional implementation manners of this embodiment, the target application scenario may be a data communication scenario, and the data communication scenario may be determined by using a data communication scenario identifier, or may also be determined by using an encryption parameter of a communication key.
According to the application, a plurality of third keys (the third keys can be used as application master keys) are derived by using the second keys, the application master keys are different based on different application scenes, and when users are different, the application master keys in the same application scene are also different, so that the functions of one key of a communication party and multiple application master keys of multiple users of the communication party can be realized.
Step 104: and encrypting the target communication data based on the third key.
As an optional implementation manner, when encrypting the target communication data based on the third key, the first communication party may employ a symmetric encryption algorithm, for example, encrypt the target communication data using an AES algorithm, where the AES algorithm may be an AES-ECB-128 algorithm.
In some optional implementation manners of this embodiment, the target application scenario may be a biometric identification scenario, the target communication data may be a biometric of the user, and the first communication party encrypts the biometric based on the third key, so as to prevent an attacker from acquiring a real biometric of the user.
In some optional implementation manners of this embodiment, the target application scenario may be a firmware upgrade scenario, the target communication data may be upgrade firmware, and the first communication party encrypts the upgrade firmware based on the third key, so as to prevent an attacker from maliciously tampering with the upgrade firmware.
In some optional implementation manners of this embodiment, the target application scenario may be a data communication scenario, the target communication data may be a communication key, and the first communication party encrypts the communication key based on the third key, so as to prevent an attacker from stealing the communication key.
As an optional implementation manner, the method for improving communication security provided by the present application may further store encrypted target communication data, and discard unencrypted target communication data; and in response to a use instruction of the target communication data, performing decryption operation on the encrypted target communication data based on the third key, acquiring the decrypted target communication data and using the target communication data based on the use instruction.
In this embodiment, the first communication party may store the encrypted target communication data after encrypting the target communication data with the third key, and may discard the unencrypted target communication data in consideration of a security problem of the unencrypted target communication data. Since the third key is a symmetric key, the first communication party can decrypt the encrypted target communication data directly based on the third key after responding to the use instruction of the target communication data, and use the decrypted target communication data (i.e. the target communication data).
In some optional implementation manners of this embodiment, when the target application scenario is a biometric scenario, the instruction for using the target communication data may be an instruction for performing biometric comparison. When the target application scenario is a firmware upgrade scenario, the instruction for using the target communication data may be to boot up the upgrade firmware. When the target application scenario is a data communication scenario, the instruction for using the target communication data may be to perform an encryption or decryption operation on the transmission data by using a communication key.
The present application further provides a method for improving communication security, which is applied to a first communication party, and as shown in fig. 2, the method includes:
step 201: acquiring a first secret key based on a root secret key and first identification information saved by a first communication party; the first identification information is identification information of the first communication party.
Step 201 is similar to step 101 shown in fig. 1 and is not described again.
Step 202: a second key is obtained based on the first key.
Step 202 is similar to step 102 shown in fig. 1 and will not be described again.
Step 203: and acquiring second identification information of the second communication party, and judging whether the second identification information is matched with the target identification information in the data group stored by the first communication party. Wherein the data set comprises: corresponding first identification information, a root key and target identification information.
As an optional implementation manner, before encrypting target communication data sent by the second communication party, the first communication party may perform authority verification by using second identification information of the second communication party, may process the target communication data sent by the second communication party with authority, and does not process the target communication data sent by the second communication party without authority, so as to reduce an influence of a malicious second communication party on an attack on the first communication party, and may improve communication security of the first communication party.
As an optional implementation manner, the method for determining whether the second identification information matches the target identification information in the data group stored by the first communication party may be: receiving second identification information sent by a second communication party; comparing whether the second identification information is consistent with the target identification information; and if the first identification information of the second communication party is consistent with the target identification information in the data group stored by the first communication party, determining that the second identification information of the second communication party is matched with the target identification information in the data group stored by the first communication party. And if the first identification information of the second communication party is inconsistent with the target identification information in the data group stored by the first communication party, determining that the second identification information of the second communication party is not matched with the target identification information in the data group stored by the first communication party.
In some optional implementations of this embodiment, the data group may be a Root Key, a Chip ID (first identification information), and a second communication party ID (target identification information), and the second communication party ID may be stored in a security domain of the first communication party. The second communication party may send the target communication data to the first communication party, and the first communication party may send an authority verification instruction to the second communication party when receiving the target communication data, where the authority verification instruction may carry a second identification information instruction for verifying the second communication party. And after receiving the authority verification instruction sent by the first communication party, the second communication party sends second identification information of the second communication party to the first communication party. The first communication party may compare the second identification information with the second communication party ID, and when the second identification information is identical with the second communication party ID, it may be determined that the second identification information matches the target identification information in the data group stored by the first communication party.
As another alternative, the method for determining whether the second identification information matches the target identification information in the data group stored by the first communication party may be: acquiring inspection data; sending the verification data to a second communication party; receiving encrypted data sent by a second communication party; the encrypted data is obtained by the second communication party through the encryption operation of the verification data by utilizing the second identification information; decrypting the encrypted data by using the target identification information to obtain decrypted data; comparing the decrypted data with the check data to determine whether the decrypted data is consistent with the check data; and if so, determining that the second identification information of the second communication party is matched with the target identification information in the data group stored by the first communication party. Optionally, the encryption method in this process is a symmetric encryption method.
As another optional embodiment, the method for determining whether the second identification information matches the target identification information in the data group stored by the first communication party may further be: acquiring inspection data; encrypting the inspection data by using the target identification information to obtain encrypted inspection data, and sending the encrypted inspection data to the second communication party; receiving decrypted data sent by a second communication party; the decrypted data is obtained by the second communication party by decrypting the encrypted check data by using the second identification information; comparing the decrypted data with the check data to determine whether the decrypted data is consistent with the check data; if the first identification information of the second communication party is consistent with the target identification information in the data group stored by the first communication party, determining that the second identification information of the second communication party is matched with the target identification information in the data group stored by the first communication party; and if the first identification information is inconsistent with the second identification information of the second communication party, determining that the second identification information of the second communication party is not matched with the target identification information in the data group stored by the first communication party. Optionally, the encryption method in this process is a symmetric encryption method.
In some optional implementations of this embodiment, the data group may be a Root Key, a Chip ID (first identification information), and a user binding Key (target identification information), and the user binding Key may be stored in a security domain of the first communication party. The second communication party may send the target communication data to the first communication party, and the first communication party may send an authorization verification instruction to the second communication party when receiving the target communication data, where the authorization verification instruction may carry a user binding key instruction for verifying the second communication party and encrypted verification data. The authority verification instruction may further carry verification data and an instruction to encrypt the verification data based on the second identification information. And after receiving the instruction sent by the first communication party, the second communication party feeds back corresponding data to the first communication party, so that the first communication party determines whether the second identification information is matched with the target identification information in the data group stored by the first communication party.
It should be noted that the sequence of steps 201-203 is not limited, and step 203 may be placed before step 201 and/or step 202, or step 202 may be placed before step 201 and/or step 203.
Step 204: if the first secret key is consistent with the second secret key, the authority authentication of the second communication party is passed, the target communication data sent by the second communication party is responded, and a third secret key is obtained based on the second secret key and the data information matched with the target application scene; the target application scenario is an application scenario characterized by target communication data.
Step 204 is similar to step 103 shown in fig. 1 and will not be described again.
Step 205: and encrypting the target communication data based on the third key.
Step 205 is similar to step 104 shown in fig. 1 and will not be described again.
As an optional implementation manner, the method for improving communication security provided by the present application may further store encrypted target communication data, and discard unencrypted target communication data; and in response to the use instruction of the target communication data, decrypting the encrypted target communication data based on the third key, acquiring the decrypted target communication data and using the target communication data based on the use instruction.
FIG. 3 is a timing diagram of one embodiment of a system for improving communication security according to the present application, as shown in FIG. 3, which illustrates a timing diagram based on a biometric scene.
In this embodiment, the first communication party in the biometric scene may be an algorithm chip. Optionally, the algorithm chip may have a biometric storage function, and may also have a biometric identification function. The second communication party in the biometric recognition scenario may be a sensor, which may have a function of capturing a biometric feature of the user. The biological characteristic identification can be identification of fingerprints, finger veins, human faces, irises and the like. Based on this, in the present embodiment, the algorithm chip and the sensor are included for improving the communication security system.
As shown in fig. 3, in step 301, the algorithm Chip derives an AesKey of the algorithm Chip based on the Root Key and the Chip ID, and acquires a second Key based on the AesKey.
Burning Root Key and Chip ID of the Chip in a security domain of the algorithm Chip, and when the algorithm Chip is powered on, the Root Key and the Chip ID in the security domain can be loaded by Key management software in the algorithm Chip, and a derived algorithm is operated to obtain the AesKey of the algorithm Chip. And generating a second key by adopting a hash algorithm based on the AesKey.
In step 302, the sensor sends first biometric data to the algorithm chip.
Alternatively, the first biometric data may be the first time the sensor sends the biometric data to the algorithm chip, and the algorithm chip may encrypt and store the first biometric data. Certainly, the first biometric data may not be the biometric data sent by the sensor to the algorithm chip for the first time, and when the algorithm chip has a biometric storage space, the algorithm chip may encrypt and store the first biometric data.
In step 303, the algorithm chip sends an authentication instruction to the sensor.
The security field of the algorithm chip may store the ID number of the Sensor, i.e., the Sensor ID. For the biological identification module, the biological identification module can comprise an algorithm Chip and a Sensor, in order to realize the matching arrangement of the algorithm Chip and the Sensor in one biological identification module, the Root Key and the Chip ID of the algorithm Chip and the Sensor ID of the Sensor can be in one-to-one corresponding binding relationship, namely, the Sensor ID corresponding to the Chip is burnt in the security domain of the algorithm Chip, when the Sensor sends the biological characteristic data to the algorithm Chip, the algorithm Chip can only receive the biological characteristic data transmitted by the Sensor corresponding to the Chip, and at the moment, the ID number of the Sensor stored in the algorithm Chip can be utilized to carry out identity verification on the Sensor sending the biological characteristic data. Optionally, the ID instruction of the verification sensor may be carried in the authentication instruction.
In step 304, the sensor sends sensor identity information to the algorithm chip.
In an alternative embodiment, the sensor identity information may be a sensor ID.
In step 305, the algorithm chip compares the received Sensor identity information with the stored Sensor ID, if the comparison result is consistent, responds to the first biometric data sent by the Sensor, obtains a symmetric key 1 based on the second key and the data information matching with the biometric identification scene, encrypts the biometric based on the symmetric key 1, and stores the encrypted biometric to obtain the recorded biometric.
As an optional embodiment, the method for acquiring data information matching with a biometric scene may be to parse a biometric scene identifier from first biometric data sent by a sensor to an algorithm chip, and acquire corresponding data information based on the identifier. Of course, the method for acquiring the data information matched with the biometric scene may also perform feature recognition by using the first biometric data sent by the sensor to the algorithm chip, and determine the data information matched with the biometric scene based on the feature recognition result.
As another alternative, the symmetric key 1 may be obtained by using a derivation algorithm based on the second key and the data information matching the biometric scene. In the process of obtaining the symmetric key 1 by using the derivation algorithm, a first HMAC key may be obtained by using an HKDF algorithm based on the AesKey of the algorithm chip and the data information matched with the biometric identification scenario, and the symmetric key 1 may be obtained by using an HMAC-sha256 algorithm based on the first HMAC key and the user binding key. The symmetric key 1 is obtained through the user binding key, so that the attack to the algorithm chip through an unauthorized client or a client with an attack device can be prevented. Wherein, the symmetric key 1 can encrypt the biological characteristics transmitted by the sensor, and optionally, the biological characteristics can be encrypted by adopting an AES-ECB-128 algorithm based on the symmetric key 1.
As an alternative embodiment, if the comparison result is inconsistent, the algorithm chip may not respond to the first biometric data sent by the sensor. If the comparison result is inconsistent, the sensor may be replaced. When the sensor is replaced, an attacker can superpose fake biological characteristics on the sensor or monitor bus data between the sensor and the algorithm chip so as to obtain the real biological characteristics of the user, so that the algorithm chip can not store the biological characteristics transmitted by the sensor which do not pass identity verification or generate a biological identification verification passing instruction, and for some scenes that the algorithm chip needs to transmit the biological identification verification passing instruction and then load some functions of application software, the method can improve the communication safety based on the validity check of the biological identification module.
In some optional implementation manners of this embodiment, after the encrypted biometric is stored by the algorithm chip, the unencrypted biometric may be discarded in consideration of the security problem of the unencrypted biometric, so as to prevent an attacker from acquiring the real biometric of the user.
In some optional implementation manners of the embodiment, when the biometric information is not stored in the algorithm chip, the algorithm chip may store the biometric data; when the algorithm chip stores biological characteristic information but still has a space for storing the biological characteristic information, the algorithm chip can select to store or identify biological characteristic data based on a scene; when the algorithm chip does not store the biological characteristic information space, the algorithm chip can identify the biological characteristics.
In step 306, the sensor sends second biometric data to the algorithm chip.
Alternatively, the second biometric data may or may not match the first biometric data. The algorithm chip may identify the second biometric data when the second biometric data matches the first biometric data.
In step 307, the algorithm chip performs a decryption operation on the encrypted biometric data based on the symmetric key 1 in response to the usage instruction for the entered biometric data, and compares the entered biometric data with the second biometric data based on the usage instruction.
In an optional embodiment, the use instruction of the entered biometric feature may be a biometric comparison instruction obtained based on second biometric data sent by the sensor, before the biometric comparison, the algorithm chip may perform a decryption operation on the encrypted biometric feature based on the symmetric key 1, and the algorithm chip compares the currently received second biometric data with the entered biometric feature.
FIG. 4 is a timing diagram of another embodiment of a system for improving communication security according to the present application, as shown in FIG. 4, which illustrates a timing diagram based on a firmware upgrade scenario.
In this embodiment, the first communication party in the firmware upgrade scenario may be an algorithm chip. Optionally, the algorithm chip may have a firmware upgrade function. The second communication party in the firmware upgrade scenario may be a client, where the client may have a user management function and may also have a function of transmitting upgraded firmware. The upgrade firmware may upgrade firmware for a biometric algorithm. Based on this, in the present embodiment, the algorithm chip and the client are included for improving the communication security system.
As shown in fig. 4, in step 401, the algorithm Chip derives an AesKey of the algorithm Chip based on the Root Key and the Chip ID, and acquires a second Key based on the AesKey.
Step 401 is similar to step 301 shown in fig. 3 and will not be described again.
In step 402, the client sends the upgrade firmware to the algorithm chip.
Alternatively, the upgrade firmware may have stored therein a biometric identification program or a biometric storage program.
In step 403, the algorithm chip sends an authority verification instruction to the client.
As an alternative embodiment, the permission verification instruction may carry verification data and an instruction to encrypt the verification data based on the second identification information. The second identification information may be a user binding key stored by the client, and the verification data may be a random number generated by the algorithm chip.
In step 404, the client encrypts the verification data based on the second identification information.
As an optional implementation, the test data may be encrypted using AES-ECB-128 based on the second identification information.
In step 405, the client sends the encrypted data to the algorithm chip.
In step 406, the algorithm chip decrypts the encrypted data based on the stored user binding key, compares whether the decrypted data is consistent with the check data, if so, obtains a symmetric key 2 in response to the upgrade firmware sent by the client, based on the second key and the data information matched with the firmware upgrade scenario, encrypts the upgrade firmware based on the symmetric key 2, and stores the encrypted upgrade firmware.
The secure domain of the algorithm chip can store a user binding key, and the user binding key is a key bound with a user ID and implanted into the secure domain of the algorithm chip by using a client with a user management function. Key management software in the algorithm Chip can make a one-to-one corresponding binding relationship between the Root Key and the Chip ID of the security domain and the user binding Key, and can store the binding relationship in the security domain.
As an optional implementation manner, the method for acquiring the data information matched with the firmware upgrade scenario may be that a firmware upgrade scenario identifier is analyzed from the upgrade firmware sent from the client to the algorithm chip, and the corresponding data information is acquired based on the identifier. Of course, the method for acquiring the data information matched with the firmware upgrading scene may also be configured to perform program feature identification on the upgrading firmware sent by the client to the algorithm chip, and determine the data information matched with the firmware upgrading scene based on the program feature identification result.
As another alternative, the symmetric key 2 may be obtained by using a derivation algorithm based on the second key and the data information matching the firmware upgrade scenario. In the process of obtaining the symmetric key 2 by using the derivation algorithm, a second HMAC key may be obtained by using an HKDF algorithm based on the AesKey of the algorithm chip and the data information matched with the firmware upgrade scenario, and the symmetric key 2 may be obtained based on the second HMAC key. The symmetric key 2 may encrypt the upgrade firmware transmitted by the client, and optionally, the upgrade firmware may be encrypted by using an AES-ECB-128 algorithm based on the symmetric key 2.
In some optional implementation manners of this embodiment, the method for obtaining the symmetric key 2 based on the second HMAC key may be to obtain the symmetric key 2 based on the second HMAC key and the user binding key by using an HMAC-sha256 algorithm. Of course, the method for obtaining the symmetric key 2 based on the second HMAC key may also obtain the symmetric key 2 by using the HMAC-sha256 algorithm for the random number generated based on the second HMAC key and the algorithm chip. The symmetric key 2 obtained when the random numbers generated by the algorithm chip are different is also different, so that the flexibility of generating the symmetric key 2 can be improved. When the firmware is upgraded, different symmetric keys 2 are obtained through random numbers generated by the algorithm chip, so that the communication security is improved.
As an optional implementation manner, if the comparison result is consistent, the algorithm chip may perform integrity check on the received upgrade firmware before encrypting the upgrade firmware, and after determining that the upgrade firmware is complete, the algorithm chip encrypts the upgrade firmware by using the symmetric key 2, so as to prevent an attacker from maliciously tampering with the upgrade firmware.
As an optional implementation, if the comparison result is inconsistent, the algorithm chip may not respond to the upgrade firmware sent by the client. When the comparison result is inconsistent, it may indicate that the user binding key held by the client is illegal, and an attacker may not use the client or use the algorithm chip with the client of the attack apparatus. Therefore, the algorithm chip can not store or boot the upgraded firmware transmitted by the client which is not authenticated, so that the communication security is improved.
In some optional implementation manners of this embodiment, after the algorithm chip stores the encrypted upgrade firmware, the unencrypted upgrade firmware may be discarded in consideration of the security problem of the unencrypted upgrade firmware, so as to avoid the problem of the upgrade firmware being leaked.
In step 407, the algorithm chip, in response to the instruction for using the upgrade firmware, decrypts the encrypted upgrade firmware based on the symmetric key 2, and boots the decrypted upgrade firmware.
As an optional implementation manner, before booting and starting the decrypted upgrade firmware, integrity check may be performed on the decrypted firmware, and the upgrade firmware is started after passing the check, so that a problem that the upgrade firmware is not started due to incomplete upgrade firmware caused by power failure when the encrypted upgrade firmware is stored may be avoided. Optionally, the encrypted upgrade firmware may be decrypted using the AES-ECB-128 algorithm based on symmetric key 2.
Fig. 5 is a timing diagram of another embodiment of a system for improving communication security according to the present application, as shown in fig. 5, which illustrates a timing diagram based on a data communication scenario.
In this embodiment, the first communication party in the data communication scenario may be an algorithm chip. Optionally, the algorithm chip may have a function of communicating with an external electronic device. The second communication party in the data communication scenario may be a client, and the external electronic device may be an MCU (micro controller Unit). In order to guarantee the communication safety of the algorithm chip and the MCU, a communication key can be written into the algorithm chip and the MCU based on the client. Based on this, in the present embodiment, the system for improving the communication security system includes an algorithm chip, an MCU, and a client. In order to avoid the situation that an attacker does not use a client or uses an algorithm chip by using the client with an attack device, authority verification can be performed on the client firstly, and the specific process is as follows:
as shown in fig. 5, in step 501, the algorithm Chip derives an AesKey of the algorithm Chip based on the Root Key and the Chip ID, and acquires a second Key based on the AesKey.
Step 501 is similar to step 401 shown in fig. 4 and will not be described again.
In step 502, the client sends a communication key to the algorithm chip.
As an optional implementation, the client may send the communication key to the MCU, and the communication key sent by the client to the algorithm chip and the communication key sent by the client to the MUC may be the same.
As another optional embodiment, the MCU may store therein a communication key transmitted to the algorithm chip by the client.
In step 503, the algorithm chip sends a permission verification instruction to the client.
Step 503 is similar to step 403 shown in fig. 4 and will not be described again.
In step 504, the client encrypts the verification data based on the second identification information.
Step 504 is similar to step 404 shown in FIG. 4 and will not be described again.
In step 505, the client sends the encrypted data to the algorithm chip.
Step 505 is similar to step 405 shown in fig. 4 and will not be described again.
In step 506, the algorithm chip decrypts the encrypted data based on the stored user binding key, compares whether the decrypted data is consistent with the check data, if so, obtains a symmetric key 3 in response to the communication key sent by the client, based on the second key and the data information matched with the data communication scenario, encrypts the communication key based on the symmetric key 3, and stores the encrypted communication key.
The secure domain of the algorithm chip can store a user binding key, and the user binding key is a key bound with a user ID and implanted into the secure domain of the algorithm chip by using a client with a user management function. Key management software in the algorithm Chip can make a one-to-one corresponding binding relationship between the Root Key and the Chip ID of the security domain and the user binding Key, and can store the binding relationship in the security domain.
As an optional implementation manner, the obtaining of the data information matched with the data communication scenario may be to analyze a data communication scenario identifier from the communication information sent from the client to the algorithm chip, and obtain the corresponding data information based on the identifier. Of course, the method for acquiring the data information matched with the data communication scene may also be that the communication key sent by the client to the algorithm chip is used to perform encryption parameter identification, and the data information matched with the data communication scene is determined based on the encryption parameter identification result.
As another alternative, the symmetric key 3 may be obtained by using a derivation algorithm based on the second key and the data information matched with the data communication scenario. In the process of obtaining the symmetric key 3 by using the derivation algorithm, a third HMAC key may be obtained by using an HKDF algorithm based on the AesKey of the algorithm chip and the data information matched with the data communication scenario, and the symmetric key 3 may be obtained by using an HMAC-sha256 algorithm based on the third HMAC key and the user binding key. The symmetric key 3 is obtained through the user binding key, so that the attack to the algorithm chip through an unauthorized client or a client with an attack device can be prevented. The symmetric key 3 may encrypt the communication key transmitted by the client, and optionally, the communication key may be encrypted by using an AES-ECB-128 algorithm based on the symmetric key 3.
As an optional implementation, if the comparison result is inconsistent, the algorithm chip may not respond to the communication key sent by the client. When the comparison result is inconsistent, it may indicate that the user binding key held by the client is illegal, and an attacker may not use the client or use the algorithm chip with the client of the attack apparatus. Therefore, the algorithm chip can not store or encrypt data for the communication key transmitted by the client which is not authenticated, so that the communication security is improved.
In some optional implementation manners of this embodiment, after the algorithm chip stores the encrypted communication key, the unencrypted communication key may be discarded in consideration of the security problem of the unencrypted communication key, so as to avoid the problem of communication key leakage.
In step 507, the MCU encrypts the data to be communicated with using the stored communication key.
Alternatively, the data to be communicated may be at least one of information entry data, information identification data, and information deletion data.
In step 508, the MCU sends the encrypted communication data to the algorithm chip.
In step 509, the algorithm chip performs a decryption operation on the encrypted communication key based on the symmetric key 3 in response to the instruction for using the communication key, and decrypts the encrypted communication data with the decrypted communication key.
The present application also provides an apparatus for improving communication security, as shown in fig. 6, the apparatus including: a first key obtaining module 601, a second key obtaining module 602, a third key obtaining module 603 and an encryption module 604.
The first key obtaining module 601 is configured to perform obtaining a first key based on a root key and first identification information held by the first communication party. The first identification information is identification information of the first communication party.
A second key obtaining module 602 configured to perform obtaining a second key based on the first key.
A third key obtaining module 603 configured to perform obtaining a third key based on the second key and data information matching with the target application scenario in response to the target communication data sent by the second communication party; the target application scenario is an application scenario characterized by target communication data.
The third key obtaining module 603 specifically includes:
a character string acquisition unit configured to acquire the first character string and the second character string based on the target application scene.
And the pseudo-randomization processing unit is configured to perform pseudo-randomization processing on the second key by using the first character string to obtain a pseudo-randomized key.
And the length expansion processing unit is configured to perform key length expansion processing on the pseudo-randomized key by using the second character string to obtain a length expanded key.
A third key obtaining unit configured to generate a third key based on the length-extended key.
And the third key obtaining unit is specifically configured to generate a third key based on the user binding key and the extended-length key saved by the first communication party.
The third key obtaining module 603 further includes:
a target application scenario determination unit configured to determine a target application scenario in at least one of a manner one and a manner two:
the method I comprises the following steps: extracting a target application scene identifier from the target communication data, and determining a target application scene based on the target application scene identifier;
the second method comprises the following steps: and carrying out data feature recognition on the target communication data, and determining a target application scene based on a data feature recognition result.
An encryption module 604 configured to perform encryption of the target communication data based on the third key.
The application provides a device for improving communication security still includes:
and the storage module is configured to store the encrypted target communication data and discard the unencrypted target communication data.
And the using module is configured to respond to a using instruction of the target communication data, decrypt the encrypted target communication data based on the third key, acquire the decrypted target communication data and use the target communication data based on the using instruction.
In this embodiment, specific processing of the first key obtaining module 601, the second key obtaining module 602, the third key obtaining module 603, and the encryption module 604 and technical effects brought by the processing can refer to related descriptions of the embodiments corresponding to step 101, step 102, step 103, and step 104 in fig. 1, respectively, and are not described herein again.
The present application also provides an apparatus for improving communication security, as shown in fig. 7, the apparatus including: a first key obtaining module 701, a second key obtaining module 702, a right verification module 703, a third key obtaining module 704 and an encryption module 705.
The first key obtaining module 701 is configured to obtain a first key based on a root key and first identification information saved by a first communication party. The first identification information is identification information of the first communication party.
The first key obtaining module 701 is similar to the first key obtaining module 601 shown in fig. 6, and is not described again.
A second key obtaining module 702 configured to perform obtaining a second key based on the first key.
The second key obtaining module 702 is similar to the second key obtaining module 602 shown in fig. 6, and is not described again.
The permission verification module 703 is configured to obtain second identification information of the second communication party, and determine whether the second identification information matches target identification information in the data group stored by the first communication party. Wherein the data set comprises: corresponding first identification information, a root key and target identification information.
A rights verification module 703, specifically configured to obtain verification data; sending the verification data to a second communication party; receiving encrypted data sent by a second communication party; the encrypted data is obtained by the second communication party through the encryption operation of the verification data by utilizing the second identification information; decrypting the encrypted data by using the target identification information to obtain decrypted data; comparing the decrypted data with the check data to determine whether the data is consistent; and if the first identification information of the second communication party is consistent with the target identification information in the data group stored by the first communication party, determining that the second identification information of the second communication party is matched with the target identification information in the data group stored by the first communication party.
The permission verification module 703 may be further configured to receive second identification information sent by the second communication party; comparing whether the second identification information is consistent with the target identification information; and if so, determining that the second identification information of the second communication party is matched with the target identification information in the data group stored by the first communication party. And if the first identification information is inconsistent with the second identification information of the second communication party, determining that the second identification information of the second communication party is not matched with the target identification information in the data group stored by the first communication party.
A third key obtaining module 704 configured to perform that the second identification information is consistent with the target identification information, the authority authentication of the second communication party is passed, and in response to the target communication data sent by the second communication party, a third key is obtained based on the second key and the data information matched with the target application scenario; the target application scene is an application scene represented by the target communication data.
The third key obtaining module 704 is similar to the third key obtaining module 603 shown in fig. 6, and is not described again.
An encryption module 705 configured to encrypt the target communication data based on the third key.
The encryption module 705 is similar to the encryption module 604 shown in fig. 6 and will not be described in detail.
In this embodiment, specific processing of the first key obtaining module 701, the second key obtaining module 702, the permission verifying module 703, the third key obtaining module 704 and the encrypting module 705 and technical effects brought by the specific processing may refer to relevant descriptions of the embodiments of step 201, step 202, step 203, step 204 and step 205 in the corresponding embodiment of fig. 2, which are not described herein again.
It should be noted that the apparatus for communication security may be a chip, a component or a module, the apparatus for communication security may include a processor and a memory, the first key obtaining module 701, the second key obtaining module 702, the right verifying module 703, the third key obtaining module 704, the encrypting module 705, and the like are all stored in the memory as program units, and the processor executes the program units stored in the memory to implement corresponding functions.
The processor may include a kernel, which calls the corresponding program unit from the memory. The kernel can be provided with one or more, and communication safety is improved by adjusting kernel parameters.
The memory may include volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM), including at least one memory chip.
According to the device for pushing information provided by the embodiment of the application, different third keys are generated under the conditions that the target application scenes are different and the data information matched with the target application scenes is different, the third keys are used for encrypting the target communication data, when the third keys in one application scene are leaked or cracked, the third keys in other scenes are not affected, and the improvement of communication safety is facilitated. In addition, the second communication party is subjected to authority authentication by using the second identification information, and the target communication data sent by the second communication party can be received only after the authority authentication is passed, so that the safety performance of communication is further improved.
Referring now to FIG. 8, shown is a schematic diagram of an electronic device 800 suitable for use in implementing some embodiments of the present application. The electronic device shown in fig. 8 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present application.
As shown in fig. 8, the electronic device 800 may include a processor 801, a memory 802, a communication interface 803, an input unit 804, an output unit 805, and a communication bus 806. Wherein the processor 801 and the memory 802 are connected to each other by a communication bus 806. A communication interface 803, an input unit 804 and an output unit 805 are also connected to the communication bus 806.
The communication interface 803 may be an interface of a communication module, such as an interface of a GSM module. The communication interface 803 can be used by a user to acquire the biometric features sent by the sensor, and can also be used to acquire the upgrade firmware and the communication key sent by the client, and the communication interface 803 is also used to send the authority verification instruction to the sensor or the client.
In the embodiment of the present application, the processor 801 may be a Central Processing Unit (CPU), an application-specific integrated circuit (ASIC), a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf programmable gate array (FPGA), or other programmable logic devices.
In one possible implementation, the memory 802 may include a program storage area and a data storage area, wherein the program storage area may store an operating system, an application program required for at least one function (such as a biometric function, etc.), and the like; the storage data area may store data created during use of the computer, such as user data, user access data, and encryption data, among others.
Further, the memory 802 may include high speed random access memory and may also include non-volatile memory, such as at least one magnetic disk storage device or other volatile solid state storage device.
The processor 801 may invoke a program stored in the memory 802, and in particular, the processor 801 may execute a method for improving communication security as shown in any of the embodiments of fig. 1-5.
The memory 802 is used for storing one or more programs, the programs may include program codes, the program codes include computer operation instructions, and in this embodiment, the memory 802 stores at least the programs for implementing the following functions:
acquiring a first secret key based on a root secret key and first identification information saved by a first communication party; the first identification information is identification information of a first communication party; acquiring a second key based on the first key; responding to target communication data sent by a second communication party, and acquiring a third key based on the second key and data information matched with a target application scene; the target application scene is an application scene represented by target communication data; and encrypting the target communication data based on the third key.
The present application may further include an input unit 805, and the input unit 805 may include at least one of a touch sensing unit that senses a touch event on the touch display panel, a keyboard, a mouse, a camera, a microphone, and the like.
The output unit 804 may include: at least one of a display, a speaker, a vibration mechanism, a light, and the like. The display may comprise a display panel, such as a touch display panel or the like. In one possible case, the display panel may be configured in the form of a Liquid Crystal Display (LCD), an Organic Light-emitting diode (OLED), or the like. The vibration mechanism may displace the electronic device 800 during operation, and in one possible implementation, the vibration mechanism includes a motor and an eccentric vibrator, and the motor drives the eccentric vibrator to rotate so as to generate vibration. The brightness and/or color of the lamp can be adjusted, and in one possible implementation mode, different information can be embodied through at least one of the on-off, brightness and color of the lamp, for example, the lamp emits red light to embody alarm information.
Of course, the structure of the electronic device 800 shown in fig. 8 does not constitute a limitation of the electronic device in the embodiment of the present application, and in practical applications, the electronic device may include more or less components than those shown in fig. 8, or some components may be combined.
The present application provides a computer readable medium, on which a computer program is stored, wherein the program, when executed by a processor, implements the method for improving communication security described in the above method embodiments.
The embodiment of the present application provides a processor, configured to execute a program, where the program executes to implement the method for improving communication security described in the above method embodiments.
The present application further provides a computer program product which, when executed on a data processing device, causes the data processing device to implement the method for improving communication security as described in the above method embodiments.
In addition, the electronic device, the processor, the computer-readable medium, or the computer program product provided in the foregoing embodiments of the present application may be all used for executing the corresponding method provided above, and therefore, the beneficial effects achieved by the electronic device, the processor, the computer-readable medium, or the computer program product may refer to the beneficial effects in the corresponding method provided above, and are not described herein again.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). The memory is an example of a computer-readable medium.
Computer-readable media, which include both non-transitory and non-transitory, removable and non-removable media, may implement the information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The above description is only for the purpose of illustrating the preferred embodiments of the present application and the technical principles applied, and is not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. The scope of the invention according to the present application is not limited to the specific combinations of the above-described features, and may also cover other embodiments in which the above-described features or their equivalents are arbitrarily combined without departing from the spirit of the invention. For example, the above features may be replaced with (but not limited to) features having similar functions disclosed in the present application.

Claims (9)

1. A method for improving communication security, applied to a first communication party, the method comprising:
acquiring a first key based on a root key and first identification information saved by the first communication party; the first identification information is identification information of the first communication party; the first communication party is provided with a chip, a root key and first identification information are stored in a security domain of the first communication party, and the security domain is TrustZone or EFUSE in the chip;
acquiring a second key based on the first key;
responding to target communication data sent by a second communication party, and acquiring a third key based on the second key and data information matched with a target application scene; the target application scene is an application scene represented by the target communication data; wherein determining the target application scenario comprises: at least one of the first and second modes;
the first method is as follows: extracting a target application scene identifier from the target communication data, and determining a target application scene based on the target application scene identifier;
the second method comprises the following steps: performing data feature identification on the target communication data, and determining a target application scene based on a data feature identification result;
encrypting the target communication data based on the third key;
storing the encrypted target communication data, and discarding the unencrypted target communication data;
and in response to a use instruction of the target communication data, decrypting the encrypted target communication data based on the third key, acquiring the decrypted target communication data and using the target communication data based on the use instruction.
2. The method according to claim 1, wherein the obtaining a third key based on the second key and data information matched with a target application scenario specifically includes:
acquiring a first character string and a second character string based on the target application scene;
processing the second key in a pseudo-random mode by using the first character string to obtain a pseudo-randomized key;
performing key length expansion processing on the pseudo-randomized key by using the second character string to obtain a key after length expansion;
and generating a third key based on the key after the length expansion.
3. The method according to claim 2, wherein the generating a third key based on the length-extended key specifically includes:
and generating a third key based on the user binding key saved by the first communication party and the key after the length expansion.
4. The method for improving communication security as claimed in claim 1, wherein the target communication data is transmitted by the second communication party after passing the authority authentication, the method further comprising authenticating the authority of the second communication party, comprising:
acquiring second identification information of the second communication party, and judging whether the second identification information is matched with target identification information in a data group stored by the first communication party; wherein the data set comprises: the corresponding first identification information, the root key and the target identification information;
and if the target communication data is consistent with the target communication data, the authority authentication of the second communication party passes, and the target communication data sent by the second communication party is responded.
5. The method for improving communication security according to claim 4, wherein the obtaining second identification information of the second communication party and determining whether the second identification information matches target identification information in a data group stored by the first communication party comprises:
acquiring inspection data;
sending verification data to the second party;
receiving encrypted data sent by the second communication party; the encrypted data is obtained by the second communication party through encryption operation on the verification data by using the second identification information;
decrypting the encrypted data by using the target identification information to obtain decrypted data;
comparing whether the decrypted data and the check data are consistent;
and if so, determining that the second identification information of the second communication party is matched with the target identification information in the data group stored by the first communication party.
6. An apparatus for improving communication security, the apparatus comprising:
a first key acquisition module configured to perform acquisition of a first key based on a root key and first identification information held by a first communication party; the first identification information is identification information of the first communication party; the first communication party is provided with a chip, and a root key and first identification information are stored in a security domain of the first communication party, wherein the security domain is a TrustZone or an EFUSE in the chip;
a second key acquisition module configured to perform acquisition of a second key based on the first key;
a third key obtaining module configured to perform obtaining a third key based on the second key and data information matched with a target application scenario in response to target communication data sent by a second communication party; the target application scene is an application scene represented by the target communication data;
an encryption module configured to perform encryption of the target communication data based on the third key;
a module for storing encrypted target communication data and discarding unencrypted target communication data;
a module for performing decryption operation on the encrypted target communication data based on the third key in response to a use instruction for the target communication data, acquiring the decrypted target communication data and using the target communication data based on the use instruction;
the third key obtaining module further includes a target application scenario determining unit configured to determine a target application scenario by using at least one of a first manner and a second manner:
the first method is as follows: extracting a target application scene identifier from the target communication data, and determining a target application scene based on the target application scene identifier;
the second method comprises the following steps: and performing data feature recognition on the target communication data, and determining a target application scene based on a data feature recognition result.
7. A computer-readable medium, on which a computer program is stored which, when being executed by a processor, carries out the method for improving communication security according to any one of claims 1 to 5.
8. A processor for executing a program, wherein the program when executed implements the method for improving communication security as claimed in any one of claims 1-5.
9. An electronic device, comprising:
one or more processors;
a storage device having one or more programs stored thereon;
the one or more programs, when executed by the one or more processors, cause the one or more processors to implement the method for improving communication security as recited in any of claims 1-5.
CN202210053353.2A 2022-01-18 2022-01-18 Method and apparatus for improving communication security Active CN114091088B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202210053353.2A CN114091088B (en) 2022-01-18 2022-01-18 Method and apparatus for improving communication security
CN202211095868.5A CN115618374A (en) 2022-01-18 2022-01-18 Method and apparatus for improving communication security

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210053353.2A CN114091088B (en) 2022-01-18 2022-01-18 Method and apparatus for improving communication security

Related Child Applications (1)

Application Number Title Priority Date Filing Date
CN202211095868.5A Division CN115618374A (en) 2022-01-18 2022-01-18 Method and apparatus for improving communication security

Publications (2)

Publication Number Publication Date
CN114091088A CN114091088A (en) 2022-02-25
CN114091088B true CN114091088B (en) 2022-09-06

Family

ID=80308750

Family Applications (2)

Application Number Title Priority Date Filing Date
CN202211095868.5A Pending CN115618374A (en) 2022-01-18 2022-01-18 Method and apparatus for improving communication security
CN202210053353.2A Active CN114091088B (en) 2022-01-18 2022-01-18 Method and apparatus for improving communication security

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN202211095868.5A Pending CN115618374A (en) 2022-01-18 2022-01-18 Method and apparatus for improving communication security

Country Status (1)

Country Link
CN (2) CN115618374A (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104954125A (en) * 2014-03-25 2015-09-30 华为技术有限公司 Key agreement method, user equipment, router and location server
CN111008390A (en) * 2019-12-13 2020-04-14 江苏芯盛智能科技有限公司 Root key generation protection method and device, solid state disk and storage medium
CN113014572A (en) * 2021-02-22 2021-06-22 北京房江湖科技有限公司 Message communication system, method and device

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9806887B1 (en) * 2014-09-23 2017-10-31 Amazon Technologies, Inc. Authenticating nonces prior to encrypting and decrypting cryptographic keys
CN105722067B (en) * 2014-12-02 2019-08-13 阿里巴巴集团控股有限公司 Data method for encryption/decryption and device on mobile terminal

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104954125A (en) * 2014-03-25 2015-09-30 华为技术有限公司 Key agreement method, user equipment, router and location server
CN111008390A (en) * 2019-12-13 2020-04-14 江苏芯盛智能科技有限公司 Root key generation protection method and device, solid state disk and storage medium
CN113014572A (en) * 2021-02-22 2021-06-22 北京房江湖科技有限公司 Message communication system, method and device

Also Published As

Publication number Publication date
CN115618374A (en) 2023-01-17
CN114091088A (en) 2022-02-25

Similar Documents

Publication Publication Date Title
JP6882254B2 (en) Safety verification methods based on biological characteristics, client terminals, and servers
CN110677418B (en) Trusted voiceprint authentication method and device, electronic equipment and storage medium
AU2016217549B2 (en) Systems and methods for securely managing biometric data
US11258591B2 (en) Cryptographic key management based on identity information
US20150012748A1 (en) Method And System For Protecting Data
CN111401901B (en) Authentication method and device of biological payment device, computer device and storage medium
CN111614467B (en) System backdoor defense method and device, computer equipment and storage medium
KR20180003113A (en) Server, device and method for authenticating user
US11288381B2 (en) Calculation device, calculation method, calculation program and calculation system
KR20130008939A (en) Apparatus and method for preventing a copy of terminal's unique information in a mobile terminal
CN117349895B (en) Block chain-based automobile financial digital archive management method and device
CN115859267A (en) Method for safely starting application program, storage control chip and electronic equipment
CN112000933B (en) Application software activation method and device, electronic equipment and storage medium
TWI724681B (en) Managing cryptographic keys based on identity information
CN111585995A (en) Method and device for transmitting and processing safety wind control information, computer equipment and storage medium
CN114091088B (en) Method and apparatus for improving communication security
KR20200137126A (en) Apparatus and method for registering biometric information, apparatus and method for biometric authentication
CN117675182A (en) Identity authentication method, system, equipment and medium
CN117131522A (en) File processing method and device and electronic equipment
CN118862043A (en) Application calling method and device, electronic equipment and storage medium
CN117313144A (en) Sensitive data management method and device, storage medium and electronic equipment
CN118337503A (en) Secure access authorization method and electronic equipment
CN110555311A (en) Electronic signature system security design method and system based on pure soft cryptographic operation
Yang et al. A secure data access method based on eID for mobile Internet

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CP01 Change in the name or title of a patent holder
CP01 Change in the name or title of a patent holder

Address after: 100094 room 1101, 11 / F, building 1, zone 2, 81 Beiqing Road, Haidian District, Beijing

Patentee after: Yunding Network Technology (Beijing) Co.,Ltd.

Address before: 100094 room 1101, 11 / F, building 1, zone 2, 81 Beiqing Road, Haidian District, Beijing

Patentee before: YUN DING NETWORK TECHNOLOGY (BEIJING) Co.,Ltd.