[go: up one dir, main page]

CN105610579B - A kind of data communication method of protection both sides' privacy of identities of dynamic negotiation identity - Google Patents

A kind of data communication method of protection both sides' privacy of identities of dynamic negotiation identity Download PDF

Info

Publication number
CN105610579B
CN105610579B CN201610070409.XA CN201610070409A CN105610579B CN 105610579 B CN105610579 B CN 105610579B CN 201610070409 A CN201610070409 A CN 201610070409A CN 105610579 B CN105610579 B CN 105610579B
Authority
CN
China
Prior art keywords
identity
public key
party
lpy
temporary
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610070409.XA
Other languages
Chinese (zh)
Other versions
CN105610579A (en
Inventor
韩洪慧
杨茂江
吴博
吴一博
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Pingan Network Technology Co Ltd
Original Assignee
Shanghai Pingan Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Pingan Network Technology Co Ltd filed Critical Shanghai Pingan Network Technology Co Ltd
Priority to CN201610070409.XA priority Critical patent/CN105610579B/en
Publication of CN105610579A publication Critical patent/CN105610579A/en
Application granted granted Critical
Publication of CN105610579B publication Critical patent/CN105610579B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0421Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/067Network architectures or network communication protocols for network security for supporting key management in a packet data network using one-time keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/083Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP]
    • H04L9/0833Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) involving central third party, e.g. key distribution center [KDC] or trusted third party [TTP] involving conference or group key

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Telephonic Communication Services (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a kind of data communication method of protection both sides' privacy of identities of dynamic negotiation identity, the data communication method is divided into two steps:Member initializes to be communicated between member.The present invention represents Virtual Space identity with public and private key, the legitimacy of public and private key is proved using third party, direct verification so as to avoid both sides to identity, in addition, communication is interim every time between member generates public key, it is equivalent to and is communicated every time from different members, avoid the tracking exposed using unique key to identity.

Description

A kind of data communication method of protection both sides' privacy of identities of dynamic negotiation identity
Technical field
The present invention relates to a kind of means of communication, the data of protection both sides' privacy of identities of specifically a kind of dynamic negotiation identity The means of communication.
Background technology
Mobile terminal with data-handling capacity, has been widely used.User often stores in the terminal It is many that many important data informations, including individual address, memorandum, photo, video, schedule, short message etc. are related to user Important personal information.Mobile terminal has become the portable essential tool of people, the neck of instant chat communication at present Domain is very burning hot, but in existing instant messaging is all the stranger that can not be screened, but is not wished when sometimes both sides' communication It hopes other side know the identity of itself, but is desirably communicated between the member of particular range, be not complete strange user, current Instant message applications can not all accomplish this point.
Invention content
The purpose of the present invention is to provide a kind of dynamic negotiation identity protection both sides' privacy of identities data communication method, To solve the problems mentioned in the above background technology.
To achieve the above object, the present invention provides the following technical solutions:
A kind of data communication method of protection both sides' privacy of identities of dynamic negotiation identity, the data communication method are divided into Two steps:Member initializes to be communicated between member;
The process of member's initialization:(1) identity third party generates the public private key pair (Pt, Kt) for representing oneself identity, will be public Key is externally announced;(2) after some participant N applies for that addition system, both sides confirm identity to identity third party, participant generates generation Public key Pn is sent to identity third party by the public private key pair (Pn, Kn) of table oneself identity, and identity third party is using Pn as participant The identity of N;
Communication process between member:(1) member X generates public and private key to (LPx, LKx) temporarily, is generated using initialization procedure The private key Kx of member carries out signature SKx (LPx) to temporary public key LPx, with temporary public key and signature generate temporary identity application to Identity third party sends;(2) identity third party receives temporary identity application, using member X public key Px to signing messages into Row verification;(3) identity third party carries out signature SKt (LPx) using the private key of oneself to the temporary public key of member X;(4) member X, Request is initiated the connection to member Y, third party approves that information is SKt (LPx);(5) after member Y receives request, identity third is used The public key Pt verification signature SKt (LPx) of side;(6) member Y generates public and private key to (LPy, LKy) temporarily, uses initialization procedure The private key Ky for generating member carries out signature SKy (LPy) to temporary public key LPy, and temporary identity Shen is generated with temporary public key and signature It is please sent to identity third party, content includes:I is member Y, and this time communication uses public key LPy, and signing messages is SKy (LPy); (7) identity third party receives temporary identity application, is verified to signing messages using the public key Py of member Y, if verification Pass through, then proves that request is transmitted by member Y;(8) identity third party carries out the temporary public key of member Y using the private key of oneself Sign SKt (LPy), the temporary identity for the member Y that expresses one's approval, and signature is sent to member Y;(9) member Y is sent to member X It responds, content is to include:I is one of member, and the public key that I uses is LPy, and third party approves that information is SKt (LPy);(10) After member X receives request, show to use if the verification passes using the third-party public key Pt verification signature SKt (LPy) of identity That public key LPy is one of member;(11) both sides' subsequent communications can be with being sent to pair after interim public key LPx, LPy encryption of other side Side or both sides renegotiate communication key and interact.
As further scheme of the invention:It is described to generate temporary identity application to identity the with temporary public key and signature Tripartite sends, and sends content and includes:I is member X, and this time communication uses public key LPx, and signing messages is SKx (LPx).
Compared with prior art, the beneficial effects of the invention are as follows:The present invention represents Virtual Space identity with public and private key, uses Third party proves the legitimacy of public and private key, the direct verification so as to avoid both sides to identity, in addition, leading to every time between member News are interim to generate public key, is equivalent to and is communicated every time from different members, avoids and is chased after to identity using unique key exposure Track.
Description of the drawings
Fig. 1 communication schematic diagrams between member in the data communication method of protection both sides' privacy of identities of dynamic negotiation identity.
Specific implementation mode
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation describes, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, it is obtained by those of ordinary skill in the art without making creative efforts every other Embodiment shall fall within the protection scope of the present invention.
Referring to Fig. 1, in the embodiment of the present invention, a kind of data communication of protection both sides' privacy of identities of dynamic negotiation identity Method, the data communication method are divided into two steps:Member initializes to be communicated between member;
The process of member's initialization:(1) identity third party generates the public private key pair (Pt, Kt) for representing oneself identity, will be public Key is externally announced;(2) after some participant N applies for that addition system, both sides confirm identity to identity third party, participant generates generation Public key Pn is sent to identity third party by the public private key pair (Pn, Kn) of table oneself identity, and identity third party is using Pn as participant The identity of N;
Communication process between member:(1) member X generates public and private key to (LPx, LKx) temporarily, is generated using initialization procedure The private key Kx of member carries out signature SKx (LPx) to temporary public key LPx, with temporary public key and signature generate temporary identity application to Identity third party sends;(2) identity third party receives temporary identity application, using member X public key Px to signing messages into Row verification then proves that request is transmitted by member X if the verification passes;(3) identity third party uses the private key of oneself to member The temporary public key of X carries out signature SKt (LPx), the temporary identity for the member X that expresses one's approval, and signature is sent to member X;(4) at Member X, initiates the connection request, request content is to include to member Y:I is one of member, and the public key that I uses is LPx, third party Approve that information is SKt (LPx);(5) after member Y receives request, signature SKt (LPx) is verified using the third-party public key Pt of identity, If the verification passes, show that using public key LPx be one of member;(6) member Y generates public and private key to (LPy, LKy) temporarily, The private key Ky that member is generated using initialization procedure carries out signature SKy (LPy) to temporary public key LPy, with temporary public key and signature It generates temporary identity application to send to identity third party, content includes:I is member Y, and this time communication uses public key LPy, signature Information is SKy (LPy);(7) identity third party receives temporary identity application, using member Y public key Py to signing messages into Row verification then proves that request is transmitted by member Y if the verification passes;(8) identity third party uses the private key of oneself to member The temporary public key of Y carries out signature SKt (LPy), the temporary identity for the member Y that expresses one's approval, and signature is sent to member Y;(9) at Member Y, sends back to member X and answers, content is to include:I is one of member, and the public key that I uses is LPy, and third party approves information It is SKt (LPy);(10) after member X receives request, using the third-party public key Pt verification signature SKt (LPy) of identity, if tested Card passes through, and shows that using public key LPy be one of member;(11) both sides' subsequent communications can use other side's temporary public key LPx, LPy It is sent to other side after encryption or both sides renegotiate communication key and interact.
It is obvious to a person skilled in the art that invention is not limited to the details of the above exemplary embodiments, Er Qie In the case of without departing substantially from spirit or essential attributes of the invention, the present invention can be realized in other specific forms.Therefore, no matter From the point of view of which point, the present embodiments are to be considered as illustrative and not restrictive, and the scope of the present invention is by appended power Profit requires rather than above description limits, it is intended that all by what is fallen within the meaning and scope of the equivalent requirements of the claims Variation is included within the present invention.Any reference signs in the claims should not be construed as limiting the involved claims.
In addition, it should be understood that although this specification is described in terms of embodiments, but not each embodiment is only wrapped Containing an independent technical solution, this description of the specification is merely for the sake of clarity, and those skilled in the art should It considers the specification as a whole, the technical solutions in the various embodiments may also be suitably combined, forms those skilled in the art The other embodiment being appreciated that.

Claims (2)

1. a kind of data communication method of protection both sides' privacy of identities of dynamic negotiation identity, which is characterized in that the data are logical Communication method is divided into two steps:Member initializes to be communicated between member;
The process of member's initialization:(1) identity third party generates the public private key pair (Pt, Kt) for representing oneself identity, by public key pair Outer announcement;(2) after some participant N applies for that addition system, both sides confirm identity to identity third party, participant, which generates, to be represented certainly Public key Pn is sent to identity third party by the public private key pair (Pn, Kn) of own identity, and identity third party is using Pn as participant N's Identity;
Communication process between member:(1) member X generates public and private key to (LPx, LKx) temporarily, and member is generated using initialization procedure Private key Kx signature SKx (LPx) is carried out to temporary public key LPx, generate temporary identity application to identity with temporary public key and signature Third party sends;(2) identity third party receives temporary identity application, is tested signing messages using the public key Px of member X Card;(3) identity third party carries out signature SKt (LPx) using the private key of oneself to the temporary public key of member X;(4) member X, Xiang Cheng Member Y initiates the connection request, and request content is to include:I is one of member, and the public key that I uses is LPx, and third party approves information It is SKt (LPx);(5) after member Y receives request, the third-party public key Pt verification signature SKt (LPx) of identity are used;(6) member Y Public and private key is generated temporarily to (LPy, LKy), and the private key Ky that member is generated using initialization procedure signs temporary public key LPy Name SKy (LPy) generates temporary identity application with temporary public key and signature and is sent to identity third party, and content includes:I is member Y, this time communication use public key LPy, and signing messages is SKy (LPy);(7) identity third party receives temporary identity application, uses The public key Py of member Y verifies signing messages, if the verification passes, then proves that request is transmitted by member Y;(8) identity Third party carries out signature SKt (LPy) using the private key of oneself to the temporary public key of member Y, the interim body for the member Y that expresses one's approval Part, and signature is sent to member Y;(9) member Y sends back to member X and answers, and content is to include:I is one of member, I makes Public key is LPy, and third party approves that information is SKt (LPy);(10) after member X receives request, the third-party public affairs of identity are used Key Pt verification signature SKt (LPy) show that using public key LPy be one of member if the verification passes;(11) both sides are subsequently led to News can be with being sent to other side or both sides renegotiate communication key and interact after other side's public key encryption.
2. the data communication method of protection both sides' privacy of identities of dynamic negotiation identity according to claim 1, feature It is, described to generate temporary identity application to identity third party transmission with temporary public key and signature, sending content includes:I is into Member X, this time communication use public key LPx, and signing messages is SKx (LPx).
CN201610070409.XA 2016-02-01 2016-02-01 A kind of data communication method of protection both sides' privacy of identities of dynamic negotiation identity Active CN105610579B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610070409.XA CN105610579B (en) 2016-02-01 2016-02-01 A kind of data communication method of protection both sides' privacy of identities of dynamic negotiation identity

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610070409.XA CN105610579B (en) 2016-02-01 2016-02-01 A kind of data communication method of protection both sides' privacy of identities of dynamic negotiation identity

Publications (2)

Publication Number Publication Date
CN105610579A CN105610579A (en) 2016-05-25
CN105610579B true CN105610579B (en) 2018-10-12

Family

ID=55990127

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610070409.XA Active CN105610579B (en) 2016-02-01 2016-02-01 A kind of data communication method of protection both sides' privacy of identities of dynamic negotiation identity

Country Status (1)

Country Link
CN (1) CN105610579B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108768958B (en) * 2018-05-07 2022-01-14 上海海事大学 Verification method for data integrity and source based on no leakage of verified information by third party

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1889433A (en) * 2006-07-20 2007-01-03 上海交通大学 Mutual identifying key consultation method and system based on hidden common key certificate
CN101908961A (en) * 2010-07-29 2010-12-08 北京交通大学 A Multi-Party Secret Handshake Method in Short Key Environment
CN103297241A (en) * 2013-05-31 2013-09-11 中国人民武装警察部队工程大学 Construction method for one-time anonymous signcryption of public key
CN104660415A (en) * 2015-02-10 2015-05-27 郑州轻工业学院 Multi-inter-domain asymmetric group key agreement protocol method in mobile cloud computing environment
US20150381580A1 (en) * 2010-04-30 2015-12-31 Donald Houston Graham, III System and method to use a cloud-based platform supported by an api to authenticate remote users and to provide pki- and pmi- based distributed locking of content and distributed unlocking of protected content

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1889433A (en) * 2006-07-20 2007-01-03 上海交通大学 Mutual identifying key consultation method and system based on hidden common key certificate
US20150381580A1 (en) * 2010-04-30 2015-12-31 Donald Houston Graham, III System and method to use a cloud-based platform supported by an api to authenticate remote users and to provide pki- and pmi- based distributed locking of content and distributed unlocking of protected content
CN101908961A (en) * 2010-07-29 2010-12-08 北京交通大学 A Multi-Party Secret Handshake Method in Short Key Environment
CN103297241A (en) * 2013-05-31 2013-09-11 中国人民武装警察部队工程大学 Construction method for one-time anonymous signcryption of public key
CN104660415A (en) * 2015-02-10 2015-05-27 郑州轻工业学院 Multi-inter-domain asymmetric group key agreement protocol method in mobile cloud computing environment

Also Published As

Publication number Publication date
CN105610579A (en) 2016-05-25

Similar Documents

Publication Publication Date Title
Sutikno et al. WhatsApp, viber and telegram: Which is the best for instant messaging?
CN108234443B (en) Subscription method, system and computer readable storage medium
Fakhruroji Mediatization of religion in “texting culture”: self-help religion and the shifting of religious authority
ES2174050T3 (en) ANONYMOUS EXCHANGE AND INFORMATION SECURITY IN A NETWORK.
CN104038406B (en) information prompting method and device
US20140236566A1 (en) Computer system and computer implemented method of setting up language translation services
CN109067808B (en) Method and device for realizing blockchain real-name system authentication based on social relationship guarantee
CN109889435B (en) A kind of application system online interaction method and device of integrated wechat public platform
CN105610579B (en) A kind of data communication method of protection both sides' privacy of identities of dynamic negotiation identity
CN105657024A (en) Online information interaction method
CN105763540B (en) A kind of data communication method of protection both sides' privacy of identities
CN103684981A (en) Instant messaging interactive method, system and server
CN103095841A (en) Communication system and communication method based on network video
Kaur et al. Remarkable contribution of WhatsApp in community
CN111539030B (en) Information verification method and node
CN103701683A (en) Method, device and system for acquiring friend information
Napolitano “MXing it up”: How African adolescents may affect social change through mobile phone use
Rusakova et al. THE DEVELOPMENT OF DIGITAL NOTARY PRODUCTION AS A NEW OPPORTUNITY FOR TRANSPARENCY OF THE JUDICIAL PROCESS AND CIVIL TURNOVER IN AFRICAN COUNTRIES: USING THE EXAMPLE OF NIGERIA
KR20140060166A (en) Transmitting server and transceiving method for private message
Crentsil ‘Kasapa'Mobile Telephony and Changing Healthcare Communication in Ghana
Lalitha et al. Mobile based secured student online exam system
AU2016101564A4 (en) OXTRAK - The online tracking tool that allows users to elicit responses from people in the virtual and physical world without revealing any information that could identify the user.
von Solms et al. Cyber Safety Awareness for first time Wi-Fi users in urban communities
TW200822639A (en) Video and audio E-mail system and the method of the same
US20160112352A1 (en) Method and Device for Real-Time Conversations of Participants and Comments with Each Other

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant