CN104065650B

CN104065650B - A kind of data handling system of voice call

Info

Publication number: CN104065650B
Application number: CN201410247841.2A
Authority: CN
Inventors: 李东声
Original assignee: Tendyron Technology Co Ltd
Current assignee: Tendyron Technology Co Ltd
Priority date: 2014-06-05
Filing date: 2014-06-05
Publication date: 2017-12-08
Anticipated expiration: 2034-06-05
Also published as: CN104065650A

Abstract

The present invention provides a kind of data handling system of voice call, including：First safety chip, for obtaining the digital certificate of the second safety means；The call key of the first safety chip generation is encrypted, obtains the ciphertext of call key, signature processing is carried out using ciphertext of the private key of the first safety means at least to key of conversing or call key, obtains signed data；First transport module, for the ciphertext for key of conversing and signed data to be sent to the first call terminal by the first communication interface；First safety chip, it is additionally operable to verify the digital certificate of the second safety means using root certificate；First output module, the identification information of the digital certificate for exporting the second safety means；First reminding module, for prompting to confirm the identification information of the digital certificate of the second safety means；First safety chip, it is additionally operable to after the first confirmation instruction is obtained, starts and carry out encryption and decryption operation using voice call of the key of conversing to the first call terminal.

Description

Data processing system for voice call

Technical Field

The invention relates to the technical field of electronics, in particular to a data processing system for voice communication.

Background

In the prior art, the voice call between users has the possibility of being monitored, so that the current voice call has a safety risk. Aiming at the security risk, the mode adopted in the prior art is to encrypt the voice through a call key stored in a TF card on the mobile phone, so as to realize the protection of the voice call. However, in practical application, if malicious software is installed in the call terminal, a hacker can steal the call key in the TF card by means of the malicious software, and further crack the encrypted voice information, which causes a risk of voice data leakage of the call terminal, so how to safely perform voice encryption operation is an urgent technical problem to be solved; in addition, in the prior art, there is a possibility that a voice call is intercepted, so that it is also an urgent technical problem to reduce the possibility that a voice call is intercepted.

Disclosure of Invention

The present invention provides a data processing system for voice communication, which mainly aims to solve one of the above technical problems.

The invention provides a data processing system of voice call, comprising: the first security chip is used for acquiring a digital certificate of second security equipment, wherein the first security chip is positioned in the first security equipment, the first security equipment is independent of the first communication terminal, the first security equipment is connected with the first communication terminal through a first communication interface, and the second security equipment is the security equipment of the second communication terminal which performs voice communication with the first communication terminal; the first security chip is further used for encrypting the call key generated by the first security chip by using the public key of the second security device to obtain a ciphertext of the call key, and at least performing signature processing on the ciphertext of the call key or the call key by using the private key of the first security device to obtain signature data; the first transmission module is used for transmitting the ciphertext and the signature data of the call key to a first call terminal through a first communication interface, wherein the first transmission module is positioned in first safety equipment; the first security chip is also used for verifying the digital certificate of the second security device by utilizing the root certificate; the first output module is used for outputting the identification information of the digital certificate of the second safety equipment after the first safety chip verifies that the digital certificate of the second safety equipment passes, wherein the first output module is positioned in the first safety equipment or in the first call terminal; the first prompting module is used for prompting to confirm the identification information of the digital certificate of the second safety equipment, wherein the first prompting module is positioned in the first safety equipment or in the first call terminal; and the first security chip is also used for starting the encryption and decryption operation of the voice call of the first call terminal by using the call key after the first confirmation instruction is obtained.

The invention provides a data processing system of voice call, comprising: the first security chip is used for starting the encryption and decryption operation of the voice call of the first call terminal by using the call key generated by the first security chip, wherein the first security chip is positioned in the first security device; the first security chip is further used for acquiring a digital certificate of second security equipment, wherein the first security equipment is independent of the first call terminal, the first security equipment is connected with the first call terminal through the first communication interface, and the second security equipment is security equipment of the second call terminal which performs voice call with the first call terminal; the first security chip is further used for encrypting the call key by using the public key of the second security device to obtain a ciphertext of the call key, and performing signature processing on at least the ciphertext of the call key or the call key by using the private key of the first security device to obtain signature data; the first transmission module is used for transmitting the ciphertext and the signature data of the call key to a first call terminal through a first communication interface, wherein the first transmission module is positioned in first safety equipment; the first security chip is also used for verifying the digital certificate of the second security device by utilizing the root certificate; the first output module is used for outputting the identification information of the digital certificate of the second safety equipment after the digital certificate of the second safety equipment passes the verification, wherein the first output module is positioned in the first safety equipment or in the first call terminal; the first prompting module is used for prompting to confirm the identification information of the digital certificate of the second safety equipment, wherein the first prompting module is positioned in the first safety equipment or in the first call terminal; and the first security chip is further used for continuing the encryption and decryption operation on the voice call of the first call terminal by using the call key after the first confirmation instruction is obtained.

In addition, the first prompting module is specifically configured to: prompting to confirm whether the identification information of the digital certificate of the second safety equipment is consistent with the identity of the user of the second communication terminal; the first confirmation instruction is an instruction for confirming that the identification information of the digital certificate of the second safety device is consistent with the identity of the user of the second communication terminal.

In addition, the first secure chip is specifically configured to: acquiring a digital certificate of the second security device from prestored digital certificates; or receiving the digital certificate of the second security device sent by the first transmission module, wherein the digital certificate of the second security device is sent to the first transmission module by the first call terminal through the first communication interface.

In addition, the first output module is specifically configured to: converting the identification information of the digital certificate of the second safety equipment into sound information to obtain the sound information of the identification information of the digital certificate of the second safety equipment, and playing the sound information of the identification information of the digital certificate of the second safety equipment; alternatively, the identification information of the digital certificate of the second secure device is displayed.

In addition, the first security chip is further configured to delete the call key after the first security chip detects that the voice call of the first call terminal is ended.

Furthermore, the private key of the first secure device is generated by the first secure chip internally to the first secure chip.

The invention provides a data processing system of voice call, comprising: the second security chip is used for acquiring the digital certificate of the first security device, the second security chip is positioned in the second security device, the second security device is independent of the second communication terminal, the second security device is connected with the second communication terminal through a second communication interface, and the first security device is the security device of the first communication terminal which performs voice communication with the second communication terminal; the second transmission module is used for receiving the cryptograph and the signature data of the call key sent by the second call terminal through the second communication interface; the signature data is obtained by performing signature processing on a ciphertext of the call key, and the second transmission module is located in the second safety device; the second security chip is also used for verifying the signature data by using the public key of the first security device, and if the signature data passes the verification, the cipher text of the call key is decrypted by using the private key of the second security device to obtain the call key; the second security chip is also used for verifying the digital certificate of the first security device by utilizing the root certificate; the second output module is used for outputting the identification information of the digital certificate of the first safety equipment after the second safety chip verifies that the digital certificate of the first safety equipment passes, wherein the second output module is positioned in the second safety equipment or in the second communication terminal; the second prompting module is used for prompting to confirm the identification information of the digital certificate of the first safety equipment, wherein the second prompting module is positioned in the second safety equipment or in the second communication terminal; and the second security chip is also used for starting the encryption and decryption operation of the voice call of the second call terminal by using the call key after the second confirmation instruction is obtained.

The invention provides a data processing system of voice call, comprising: the second security chip is used for acquiring the digital certificate of the first security device, the second security chip is positioned in the second security device, the second security device is independent of the second communication terminal, the second security device is connected with the second communication terminal through a second communication interface, and the first security device is the security device of the first communication terminal which performs voice communication with the second communication terminal; the second transmission module is used for receiving the cryptograph and the signature data of the call key sent by the second call terminal through the second communication interface; the signature data is obtained by performing signature processing on the call key, and the second transmission module is located in the second safety device; the second security chip is also used for decrypting the ciphertext of the call key by using a private key of the second security device to obtain the call key; verifying the signature data by using a public key of the first safety device; the second security chip is also used for verifying the digital certificate of the first security device by utilizing the root certificate; the second output module is used for outputting the identification information of the digital certificate of the first safety equipment after the second safety chip verifies that the digital certificate of the first safety equipment passes, wherein the second output module is positioned in the second safety equipment or in the second communication terminal; the second prompting module is used for prompting to confirm the identification information of the digital certificate of the first safety equipment, wherein the second prompting module is positioned in the second safety equipment or in the second communication terminal; and the second security chip is also used for starting the encryption and decryption operation of the voice call of the second call terminal by using the call key after the signature data is verified to pass and a second confirmation instruction is obtained.

The invention provides a data processing system of voice call, comprising: the second security chip is used for acquiring the digital certificate of the first security device, the second security chip is positioned in the second security device, the second security device is independent of the second communication terminal, the second security device is connected with the second communication terminal through a second communication interface, and the first security device is the security device of the first communication terminal which performs voice communication with the second communication terminal; the second transmission module is used for receiving the cryptograph and the signature data of the call key sent by the second call terminal through the second communication interface; the signature data is obtained by performing signature processing on a ciphertext of the call key, and the second transmission module is located in the second safety device; the second security chip is also used for verifying the signature data by using the public key of the first security device, and if the signature data passes the verification, the cipher text of the call key is decrypted by using the private key of the second security device to obtain the call key; and starting the encryption and decryption operation of the voice call of the second call terminal by using the call key; the second security chip is also used for verifying the digital certificate of the first security device by utilizing the root certificate; the second output module is used for outputting the identification information of the digital certificate of the first safety equipment after the second safety chip verifies that the digital certificate of the first safety equipment passes, wherein the second output module is positioned in the second safety equipment or in the second communication terminal; the second prompting module is used for prompting to confirm the identification information of the digital certificate of the first safety equipment, wherein the second prompting module is positioned in the second safety equipment or in the second communication terminal; and the second security chip is also used for continuing the encryption and decryption operations on the voice call of the second call terminal by using the call key after the second confirmation instruction is obtained.

The invention provides a data processing system of voice call, comprising: the second security chip is used for acquiring the digital certificate of the first security device, the second security chip is positioned in the second security device, the second security device is independent of the second communication terminal, the second security device is connected with the second communication terminal through a second communication interface, and the first security device is the security device of the first communication terminal which performs voice communication with the second communication terminal; the second transmission module is used for receiving the cryptograph and the signature data of the call key sent by the second call terminal through the second communication interface; the signature data is obtained by performing signature processing on the call key, and the second transmission module is located in the second safety device; the second security chip is also used for decrypting the ciphertext of the call key by using a private key of the second security device to obtain the call key; verifying the signature data by using a public key of the first safety equipment, and if the signature data passes the verification, starting encryption and decryption operations on the voice call of the second call terminal by using a call key; the second security chip is also used for verifying the digital certificate of the first security device by utilizing the root certificate; the second output module is used for outputting the identification information of the digital certificate of the first safety equipment after the second safety chip verifies that the digital certificate of the first safety equipment passes, wherein the second output module is positioned in the second safety equipment or in the second communication terminal; the second prompting module is used for prompting to confirm the identification information of the digital certificate of the first safety equipment, wherein the second prompting module is positioned in the second safety equipment or in the second communication terminal; and the second security chip is also used for continuing the encryption and decryption operations on the voice call of the second call terminal by using the call key after the second confirmation instruction is obtained.

In addition, the second prompting module is specifically configured to: prompting to confirm whether the identification information of the digital certificate of the first safety equipment is consistent with the identity of the user of the first call terminal; the second confirmation instruction is an instruction for confirming that the identification information of the digital certificate of the first safety device is consistent with the identity of the user of the first communication terminal.

In addition, the second secure chip is specifically configured to: acquiring a digital certificate of first security equipment from prestored digital certificates; or receiving the digital certificate of the first security device sent by the second transmission module, wherein the digital certificate of the first security device is sent to the second transmission module by the second communication terminal through the second communication interface.

In addition, the second output module is specifically configured to: converting the identification information of the digital certificate of the first safety equipment into sound information to obtain the sound information of the identification information of the digital certificate of the first safety equipment, and playing the sound information of the identification information of the digital certificate of the first safety equipment; alternatively, identification information of the digital certificate of the first secure device is displayed.

In addition, the second security chip is further configured to delete the call key after the second security chip detects that the voice call of the second call terminal is ended.

Furthermore, the private key of the second secure device is generated by the second secure chip internally to the second secure chip.

Compared with the mode that the call key is generated on the TF card in the prior art, the system provided by the invention reduces the possibility of being attacked by malicious software on the first call terminal in the voice encryption process by generating the call key on the first safety equipment independent of the first call terminal; the first security chip in the first security device generates the first security chip, and based on the high security of the security chip, the possibility that a call key is stolen is reduced, and the security of voice encryption is ensured; in addition, when voice encryption is performed, the session key is used for encryption in the first security chip, so that the session key is called in a secure environment, and the secure use of the session key is ensured. In addition, the first security chip verifies the digital certificate of the second security device, after the verification is passed, the first output module outputs the identification information of the digital certificate of the second security device, the first prompt module prompts the identification information of the digital certificate of the second security device to be confirmed, and the identification of the holder of the digital certificate of the second security device is realized, so that the user of the first call terminal can determine whether the call is monitored, the success rate of monitoring the third person in the voice call is improved, the possibility of monitoring the voice call is reduced, and when the user determines that the call is monitored by the third person, the user can take a security measure for preventing monitoring in time to prevent information leakage, and the security of data transmission in the voice call is improved.

The cipher text of the call key received by the second safety equipment is encrypted by using the public key of the second safety equipment, so that the cipher text of the call key can only be decrypted by the private key of the second safety equipment, and the safety of the call key is ensured; the signature data received by the second safety device is obtained by performing signature processing on the call key or the ciphertext of the call key, and the second safety device verifies the signature data to ensure whether the source of the signature data is the first safety device. In addition, the second security chip verifies the digital certificate of the first security device, after the verification is passed, the second output module outputs the identification information of the digital certificate of the first security device, the second prompt module prompts to confirm the identification information of the digital certificate of the first security device, and the identification of the holder of the digital certificate of the first security device is realized, so that a user of the second communication terminal can determine whether the call is monitored, the success rate of monitoring the third person in the voice call is improved, the possibility of monitoring the voice call is reduced, and when the user determines that the call is monitored by the third person, the user can take a security measure for preventing monitoring in time to prevent information leakage, and the security of data transmission in the voice call is improved.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on the drawings without creative efforts.

Fig. 1 is a schematic diagram of a voice call data processing system according to a first embodiment and a second embodiment of the present invention;

fig. 2 is another schematic diagram of a voice call data processing system according to a first embodiment and a second embodiment of the present invention;

fig. 3 is a schematic diagram of a data processing system for voice call according to a third embodiment and a fourth embodiment of the present invention;

fig. 4 is another schematic diagram of a data processing system for voice call according to a third embodiment and a fourth embodiment of the present invention;

fig. 5 is a schematic diagram of the complete interaction between the system on the user side of the first communication terminal and the system on the user side of the second communication terminal provided in the present invention.

Detailed Description

The technical solutions in the embodiments of the present invention are clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments of the present invention without making any creative effort, shall fall within the protection scope of the present invention.

Example one

The data processing system for voice call provided by the embodiment of the invention comprises:

the first security chip is used for acquiring a digital certificate of second security equipment, wherein the first security chip is positioned in the first security equipment, the first security equipment is independent of the first communication terminal, the first security equipment is connected with the first communication terminal through a first communication interface, and the second security equipment is the security equipment of the second communication terminal which performs voice communication with the first communication terminal;

the first security chip is further used for encrypting the call key generated by the first security chip by using the public key of the second security device to obtain a ciphertext of the call key, and at least performing signature processing on the ciphertext of the call key or the call key by using the private key of the first security device to obtain signature data;

the first transmission module is used for transmitting the ciphertext and the signature data of the call key to a first call terminal through a first communication interface, wherein the first transmission module is positioned in first safety equipment;

the first security chip is also used for verifying the digital certificate of the second security device by utilizing the root certificate;

the first output module is used for outputting the identification information of the digital certificate of the second safety equipment after the first safety chip verifies that the digital certificate of the second safety equipment passes, wherein the first output module is positioned in the first safety equipment or in the first call terminal;

the first prompting module is used for prompting to confirm the identification information of the digital certificate of the second safety equipment, wherein the first prompting module is positioned in the first safety equipment or in the first call terminal;

and the first security chip is also used for starting the encryption and decryption operation of the voice call of the first call terminal by using the call key after the first confirmation instruction is obtained.

The first prompting module is specifically used for prompting whether the identification information of the digital certificate of the second safety equipment is consistent with the identity of the user of the second communication terminal or not to confirm; the first confirmation instruction is an instruction for confirming that the identification information of the digital certificate of the second safety device is consistent with the identity of the user of the second communication terminal.

The user of the first call terminal may input the first confirmation instruction on the first call terminal, or may input the first confirmation instruction on the first security device. The user of the first call terminal inputs the first confirmation instruction on the first safety device, attack of malicious software on the first call terminal is reduced, and voice call safety is guaranteed.

The execution timings of the following two sets of operations in the system in the first embodiment are explained:

a first set of operations: the first safety chip generates the cryptograph and the signature data of the call key and sends the cryptograph and the signature data of the call key;

a second set of operations: the first safety chip verifies the digital certificate of the second safety equipment, the first output module outputs the identification information of the digital certificate of the second safety equipment, and the first prompt module prompts the operation of confirming the identification information of the digital certificate of the second safety equipment.

The two groups of operations have no obvious precedence relationship in the execution sequence, and can be executed simultaneously, for example, if the system supports a multithreading processing function, the system in the first embodiment can complete the two groups of operations simultaneously; of course, the first group of operations and the second group of operations may also be executed sequentially according to the order, for example, in the first embodiment, the system executes the first group of operations first, and then executes the second group of operations; alternatively, in the first embodiment, the system first performs the second set of operations, and then performs the first set of operations.

Wherein the public key of the second security device is obtained from the digital certificate of the second security device.

Example two

The system provided by the second embodiment of the present invention is different from the first embodiment in the receiving timing of the first confirmation instruction, in the first embodiment, the first security chip starts the encryption and decryption operation for the voice call of the first call terminal by using the call key after obtaining the first confirmation instruction, and in the second embodiment, the first security chip obtains the first confirmation instruction after starting the encryption and decryption operation for the voice call of the first call terminal, and continues the encryption and decryption operation for the voice call of the first call terminal by using the call key.

An embodiment of the present invention provides a data processing system for voice call, including:

the first security chip is used for starting the encryption and decryption operation of the voice call of the first call terminal by using the call key generated by the first security chip, wherein the first security chip is positioned in the first security device;

the first security chip is further used for acquiring a digital certificate of second security equipment, wherein the first security equipment is independent of the first call terminal, the first security equipment is connected with the first call terminal through the first communication interface, and the second security equipment is security equipment of the second call terminal which performs voice call with the first call terminal;

the first security chip is further used for encrypting the call key by using the public key of the second security device to obtain a ciphertext of the call key, and performing signature processing on at least the ciphertext of the call key or the call key by using the private key of the first security device to obtain signature data;

the first output module is used for outputting the identification information of the digital certificate of the second safety equipment after the digital certificate of the second safety equipment passes the verification, wherein the first output module is positioned in the first safety equipment or in the first call terminal;

and the first security chip is further used for continuing the encryption and decryption operation on the voice call of the first call terminal by using the call key after the first confirmation instruction is obtained.

The execution timings of the following two sets of operations in the system in the second embodiment are explained:

The two groups of operations have no obvious precedence relationship in the execution sequence, and can be executed simultaneously, for example, if the system supports a multithreading processing function, the system in the second embodiment can complete the two groups of operations simultaneously; of course, the first group of operations and the second group of operations may also be executed sequentially according to the order, for example, in the second embodiment, the system executes the first group of operations first, and then executes the second group of operations; alternatively, in the second embodiment, the system first performs the second set of operations and then performs the first set of operations.

In the first and second embodiments, after the first prompting module prompts to confirm the identification information of the digital certificate of the second security device, if the user confirms that the identification information of the digital certificate of the second security device is consistent with the identity of the second communication terminal, the user inputs a first confirmation instruction on the first security device or the first communication terminal.

The method for the first security chip to obtain the first confirmation instruction includes: the first safety chip receives a first confirmation instruction sent by the first call terminal through the first communication interface; or the first security chip receives a first confirmation instruction sent by a confirmation key on the first security device.

The first security chip receives a first confirmation instruction sent by the confirmation key on the first security device, attack of malicious software on the first call terminal can be reduced, and voice call security is guaranteed.

The above description has been made on the systems of the first embodiment and the second embodiment, each having different features from each other, and the following description is made on the same features of the systems of the first embodiment and the second embodiment, respectively, that the following features are all applicable to the systems of the first embodiment and the second embodiment:

firstly, explaining a first safety device and a first call terminal:

the first security device may be a wearable device such as smart glasses, a smart watch, an earphone device, or integrated in the wearable device. Of course, the first security device may also be an intelligent Key device capable of communicating with the call terminal, such as an intelligent Key device USB Key with a USB interface, an intelligent Key device supporting an audio interface, an intelligent Key device with a bluetooth communication function, or integrated in an intelligent Key device capable of communicating with the call terminal; that is, the first security device is a separate device from the first telephony terminal and is not integrated with the first telephony terminal.

The first communication interface may be a wireless connection interface or a wired connection interface. If the first communication interface is a wireless connection interface, a wireless communication module, which can be a Wi-Fi module, a Wi-FiDirect module, an NFC module, a Bluetooth module or an infrared module, is arranged in the first safety device, for example, the first safety device is a Bluetooth headset; if the first communication interface is a wired connection interface, the first safety device may have a data transmission line, and an interface of the data transmission line may be an audio interface or a USB interface, for example, the first safety device is a line control earphone. Of course, the first safety device may also have two functions of wireless connection and wired connection, that is, the first safety device has a wireless communication module inside and a data transmission line outside.

If the first safety equipment is internally provided with a wireless communication module, a first transmission module in the first safety equipment realizes wireless connection with a first call terminal through a first communication interface; and if the first communication interface is a wired connection interface, the first transmission module in the first safety device realizes wired connection with the first call terminal through the first communication interface.

The first communication terminal is a terminal with voice communication capability, and may be a traditional communication device, such as a fixed phone and a mobile phone, or a terminal with a network telephone function, such as a PC, a notebook computer, a tablet computer, and the like.

Secondly, explaining the call key:

the session key may be generated using a key generation algorithm internal to the first secure chip, where the key generation algorithm may be a random number generation algorithm. Because the call key is generated by the first security chip in the first security device, compared with the key negotiation performed by the first call terminal in the prior art, the negotiation is completed by the first security device independent of the first call terminal, so that the possibility that the call key is attacked by malicious software in the first call terminal is reduced, and the call key generated by the first security chip in the first security device is safer and more reliable. In addition, the call key can be stored in the first security chip to ensure the storage security of the call key.

For the session key used by the first security device, after the first security chip in the first security device obtains the session key, the session key can be used to ensure the security of the voice call between the first security device and the second security device, which is equivalent to establishing a voice encryption channel between the first security device and the second security device based on the voice call in the prior art.

The voice encryption channel provided by the invention is a channel established between the first security device and the second security device, namely for the first security device, the voice encryption channel sequentially passes through the first security device, the first communication device, the second communication device and the second security device. Therefore, the voice encryption channel is established between the safety devices, so that the first communication terminal and the second communication terminal play a role in data transmission in the whole process from the establishment of the communication to the termination of the communication, the possibility of malicious software attack on the communication terminals is reduced, and the safety of data transmission is improved.

The first security chip is further configured to delete the call key after detecting that the voice call of the user of the first call terminal is ended.

After the call is finished, the first safety chip destroys the call key used by the voice call, so that the possibility that the call key is unreasonably utilized after being stolen can be reduced, the operation safety of the first safety chip is ensured, and the storage space of the first safety chip is effectively utilized.

The encryption and decryption operation of the voice call of the first call terminal is started by using the call key, and the encryption and decryption operation can be started when the user of the first call terminal and the user of the second call terminal start the voice call, and also can be started in the process of the voice call between the user of the first call terminal and the user of the second call terminal.

Thirdly, explaining the function of the first security chip for acquiring the digital certificate of the second security device:

the first security chip is specifically used for acquiring a digital certificate of the second security device from pre-stored digital certificates;

the first security chip may store digital certificates of one or more security devices in advance, and may search for a digital certificate of a second security device according to an identifier of the second security device; and because the digital certificate is pre-stored in the first security chip and is not directly acquired from the outside, the possibility of tampering the digital certificate is reduced.

Or the first security chip is specifically configured to receive a digital certificate of the second security device sent by the first transmission module, where the digital certificate of the second security device is sent to the first transmission module by the first call terminal through the first communication interface.

The receiving, by the first secure chip, the digital certificate of the second secure device sent by the first transmission module may be implemented in a manner including:

b1, the first call terminal acquires the digital certificate of the second security device from the digital certificate center, and sends the acquired digital certificate of the second security device to the first transmission module through the first communication interface, and the first transmission module sends the received digital certificate of the second security device to the first security chip;

b2, the second security device sends the digital certificate of the second security device to the second communication terminal, the second communication terminal sends the digital certificate of the second security device to the first communication terminal, the first communication terminal sends the digital certificate of the second security device to the first transmission module through the first communication interface after receiving the digital certificate of the second security device, and the first transmission module sends the received digital certificate of the second security device to the first security chip.

In the method B2, the triggering condition for the second security device to send the digital certificate of the second security device to the second communication terminal may be initiated by the second security device actively, or initiated by the second security device after receiving the certificate acquisition request sent by the first security device.

In the method B1 and the method B2, the digital certificate of the second security device can be obtained in two ways, but in comparison, the digital certificate of the second security device is obtained from the digital certificate center by the first session terminal in the method B1, because the source of the digital certificate is reliable, and the possibility that an attacker who monitors the session modifies the digital certificate is low, the possibility that the digital certificate is tampered is reduced, and the security that the first session terminal obtains the digital certificate of the second security device from the outside is ensured.

Fourthly, explaining the functions of the first output module and the first prompt module:

the first output module is specifically configured to convert the identification information of the digital certificate of the second security device into sound information, obtain the sound information of the identification information of the digital certificate of the second security device, and play the sound information of the identification information of the digital certificate of the second security device; alternatively, the identification information of the digital certificate of the second secure device is displayed.

The first output module may be a module with a playing function, such as a speaker or a loudspeaker; the sound information of the identification information of the digital certificate of the second security device can be played through the module with the playing function of the first security device, for example, the module with the playing function can be a loudspeaker or a loudspeaker; and playing can be carried out through a module with a playing function of the first call terminal.

Of course, the first output module may also be a module having a display function, such as a display screen; the identification information of the digital certificate of the second security device can be displayed through the module with the display function of the first security device, for example, the module with the display function can be a display screen; the display can also be performed through a module with a display function of the first call terminal.

Compared with the mode that the first output module outputs the identification information of the digital certificate of the second safety equipment on the first communication terminal, the mode that the first output module outputs the identification information of the digital certificate of the second safety equipment on the first safety equipment can reduce the possibility of malicious software attack on the first communication terminal and improve the safety of data transmission.

The first prompting module can be a module with a playing function, such as a loudspeaker or a loudspeaker; it may also be a module with a display function, such as a display screen. The first prompt module can play prompt information through a module with a play function on the first safety equipment, and can also display the prompt information through a module with a display function on the first safety equipment, so that the function of prompting to confirm the identification information of the digital certificate of the second safety equipment is realized. In addition, the prompt information can be played through a module with a playing function on the first call terminal, or the prompt information can be displayed through a module with a displaying function on the first call terminal, so that the function of confirming the identification information of the digital certificate of the second safety device is prompted.

Compared with the mode that the first prompt module prompts the identification information of the digital certificate of the second safety equipment to confirm on the first call terminal, the mode that the first prompt module prompts the identification information of the digital certificate of the second safety equipment to confirm on the first safety equipment can reduce the possibility of malicious software attack on the first call terminal and improve the safety of data transmission.

The first prompting module prompts that the information for confirming the identification information of the digital certificate of the second security device and the identification information of the digital certificate of the second security device output by the first output module can be output together, for example, outputting "please confirm the identification information XXX of the digital certificate of the second security device", where XXX represents the content of the identification information of the digital certificate of the second security device. The output mode can adopt a playing mode or a display mode.

Of course, the information that the first prompting module prompts confirmation of the identification information of the digital certificate of the second security device and the identification information of the digital certificate of the second security device output by the first output module may also be output separately, for example, first output information "please confirm the identification information of the digital certificate of the second security device" and then output information "the identification information of the digital certificate of the second security device is XXX", or first output information "the identification information of the digital certificate of the second security device is XXX" and then output information "please confirm the identification information of the digital certificate of the second security device". The output modes of the two pieces of information can be output in a playing mode or a display mode, and the output modes of the two pieces of information can be the same or different.

It can be seen from the above that, the first prompting module and the first output module may be the same module physically, or may be two independent modules, and when the first prompting module and the first output module are two independent modules, they may both be located in the first security device or the first communication terminal; one of them may be located in the first security device and the other in the first telephony terminal.

Fifthly, explaining the private key of the first safety device and the identification information of the digital certificate of the second safety device:

the private key of the first secure device is generated by the first secure chip internally to the first secure chip.

For the private key in the first secure device, the management mode of the private key in the prior art is generated from the outside and then imported into the first secure device, which is called a "ground mode", and the above mode is easy for hackers to intercept the private key before the private key is imported into the first secure device, so the management mode of the private key in the prior art has a certain security risk, and therefore, the private key used in the present invention is generated inside the first secure chip in the first secure device, that is, the generation environment of the private key is in the first secure device, that is, the generation program of the public-private key pair is directly burned in the first secure chip by a developer, and the public key cryptographic algorithm program is also burned in the first secure chip. After the public and private keys are generated, the private key is stored in a key area in the first security chip and is not allowed to be accessed externally. And when a public and private key pair in the key area is used for carrying out digital signature and asymmetric decryption operation, the private key is called inside the first security chip to execute operation. Since the use of the private key is called by the first security chip, the private key does not leave the first security device in the whole process of generating and using the private key, which is called as a mode of 'no landing', so a hacker has no opportunity to intercept the private key, thereby ensuring the security of the private key.

The identification information of the digital certificate of the second safety equipment is at least one of name information, contact information and identity information of a digital certificate holder of the second safety equipment; the name information can be name, network name, pen name, etc., the contact mode can be mobile phone number, electronic mail box, and the identity information can be ID card number, employee's card number, passport number.

Sixth, the function of the first security chip to verify the digital certificate of the second security device by using the root certificate is explained:

the root certificate is a certificate issued by the CA certificate authority to itself and is the starting point of the chain of trust. The digital certificate of the security device is issued by the CA certificate authority, and the root certificate of the CA certificate authority is stored in the security device. For example, the digital certificates of the first security device and the second security device are issued by the CA certificate authority, and the root certificate of the CA certificate authority is stored in each of the first security device and the second security device.

The root certificate of the CA certification center is used for authenticating the digital certificate issued by the CA certification center for the safety equipment so as to judge whether a certain digital certificate is a legal certificate issued by the CA certification center; for example, when the first security chip obtains the digital certificate of the second security device, the digital certificate of the second security device is verified by using the root certificate issued by the CA certificate authority, and if the verification is passed, it indicates that the digital certificate of the second security device is a legal certificate issued by the CA certificate authority; otherwise, the digital certificate indicating the second secure device is not a legal certificate issued by the CA certificate authority.

The digital certificate issued by the CA at least comprises three parts of information, namely the information of the user, the public key of the user and the signature of the CA certification center on the information in the digital certificate. The authenticity of the digital certificate can be verified by verifying the signature of the CA authentication center in the digital certificate on the information in the digital certificate. When the signature of the information in the digital certificate is verified by the CA certificate authority, the verification is completed by using the public key of the CA certificate authority, and the public key of the CA certificate authority is stored in the root certificate of the CA certificate authority, so that the root certificate needs to be stored in the security equipment in advance to realize the authentication of the digital certificate issued by the CA certificate authority to the security equipment.

For example, in the first and second embodiments, in order to verify whether the digital certificate of the second security device is legal, the first security chip needs to store in advance a root certificate of a CA certificate authority that issues digital certificates for the first security device and the second security device.

In addition, in the first and second embodiments of the present invention, a processing flow when the digital certificate of the second secure device is verified to pass and the first confirmation instruction is obtained is described, but of course, the first and second embodiments of the present invention also provide a processing manner in the following scenario:

if the first security chip verifies that the digital certificate of the second security device does not pass, the first output module outputs prompt information indicating that the verification fails so that a user of the first call terminal can end the voice call on the first call terminal or the first security device;

after the first prompting module prompts that the identification information of the digital certificate of the second safety equipment is confirmed, if the identification information of the digital certificate of the second safety equipment is inconsistent with the identity of the user of the second communication terminal, the first communication terminal or the first safety equipment receives an instruction for ending the voice communication.

The first and second embodiments of the present invention are further described below with an application scenario as an example:

the first embodiment and the second embodiment of the present invention are distinguished in that the signature objects are different, and the description is given by taking the ciphertext of which the signature object is the session key in the first embodiment as an example:

when the call terminal A and the call terminal B carry out voice call, the call terminal A is connected with the safety equipment A through the first communication interface, and the call terminal B is connected with the safety equipment B through the second communication interface. The method comprises the steps that a security device A generates a call key, the public key of the security device B is used for encrypting the call key to obtain a ciphertext AB of the call key, the private key of the security device A is used for signing the ciphertext AB of the call key to obtain signature data AB, and the security device A sends the ciphertext AB of the call key and the signature data AB to the security device B; and after the security device B receives the ciphertext AB and the signature data AB of the call key, verifying the signature data AB by using the public key of the security device A, and if the verification is passed, decrypting the ciphertext AB of the call key by using the private key of the security device B to obtain the call key, thereby realizing the operation of encrypting and decrypting the voice call of the security device A and the security device B by using the call key.

When a third person exists in the call process of the call terminal a and the call terminal B, wherein the call terminal of the third person is a call terminal C, and the security device of the call terminal C is a security device C, the voice call process is as follows:

the method comprises the steps that a security device A generates a call key, the public key of the security device C is used for encrypting the call key to obtain a ciphertext AC of the call key, the private key of the security device A is used for signing the ciphertext AC of the call key to obtain signature data AC, and the security device A sends the ciphertext AC of the call key and the signature data AC to the security device C; and after receiving the ciphertext AC and the signature data AC of the call key, the security device C verifies the signature data AC by using the public key of the security device A, and if the verification is passed, the security device C decrypts the ciphertext AC of the call key by using the private key of the security device C to obtain the call key.

The safety device C encrypts the call key by using the public key of the safety device B to obtain a ciphertext CB of the call key, signs the ciphertext CB of the call key by using the private key of the safety device C to obtain signature data CB, and sends the ciphertext CB of the call key and the signature data CB to the safety device B; and after the security device B receives the ciphertext CB of the call key and the signature data CB, the public key of the security device C is used for verifying the signature data CB, and if the verification is passed, the private key of the security device B is used for decrypting the ciphertext CB of the call key to obtain the call key.

Therefore, when a third person exists in the conversation process of the conversation terminal a and the conversation terminal B, the security device a and the security device B can still perform encryption and decryption operations on respective voice conversations by using the conversation key, but at the moment, the conversation of the conversation terminal a and the conversation terminal B is monitored by the third person.

Based on the above problems, the systems provided in the first and second embodiments of the present invention introduce the technical features of "verifying the digital certificate by using the root certificate" and "outputting the identification information of the digital certificate", so that the systems provided in the first and second embodiments of the present invention can solve the above problems, which are specifically described as follows:

the first security chip verifies the digital certificate of the second security device by using the root certificate;

if the first security chip fails to verify, the digital certificate of the second security device can be confirmed not to be a legal certificate issued by a CA (certificate authority); at the moment, in order to ensure the transmission safety of the call key, the first output module sends out alarm prompt information to prompt the user so that the user can take safety measures in time.

If the first security chip passes the verification, the digital certificate of the second security device can be confirmed to be a legal certificate issued by a CA (certificate authority); the first safety device still can not determine whether the holder of the certificate passing the verification is the user of the second communication terminal, so that the first output module outputs the identification information of the digital certificate of the second safety device, the first prompting module prompts to confirm the identification information of the digital certificate of the second safety device, and if the first safety chip receives the first confirmation instruction, the holder of the digital certificate of the second safety device is the user of the second communication terminal; otherwise, the holder of the digital certificate of the second safety device is not the user of the second communication terminal, that is, the holder of the digital certificate of the second safety device is the third person, so that the purpose of identifying whether the third person exists in the voice call is achieved.

The system comprising the above technical features is further explained by taking the above listed application scenarios as examples:

before the security device A encrypts the call key and signs the encrypted call key, the security device A verifies the digital certificate of the security device C by using the root certificate, if the verification is passed, the identification information of the digital certificate of the security device C is output, and the identification information of the digital certificate of the security device C is prompted to be confirmed, the user of the first call terminal can judge that the holder of the digital certificate of the security device C is not the user of the second call terminal according to the identification information of the digital certificate of the security device C, and therefore the situation that third person monitoring exists in the call of the call terminal A and the call terminal B can be judged.

Similarly, before the security device B decrypts the received cipher text of the session key and verifies the signature data, the security device B verifies the digital certificate of the security device C by using the root certificate, if the verification is passed, the identification information of the digital certificate of the security device C is output, and the identification information of the digital certificate of the security device C is prompted to be confirmed, and the user of the second session terminal can judge that the holder of the digital certificate of the security device C is not the user of the first session terminal according to the identification information of the digital certificate of the security device C, so that the situation that a third person monitors the session between the session terminal a and the session terminal B can be judged.

The system of the second embodiment is similar to the system of the first embodiment, and can achieve the technical effect similar to the system of the first embodiment, and the details are not repeated here.

In summary, it can be seen that the systems in the first and second embodiments at least include the following modules: the device comprises a first safety chip, a first output module, a first prompt module and a first transmission module. The first output module may be a module with a playing or displaying function, and the first prompt module may also be a module with a playing or displaying function.

In practical applications, the system in the first embodiment and the system in the second embodiment may have the following four structures, which are specifically described as follows:

s1, the system in the first embodiment and the system in the second embodiment include a first security device and a first call terminal, where the first security device includes a first security chip, a first transmission module, and a module having a play function; if the first output module and the first prompt module both use the playing function to realize the respective functions, the first output module and the first prompt module may both use the module with the playing function in the first safety device to realize the respective functions, or one of them may use the module with the playing function in the first safety device to realize, and the other one may use the module with the playing function in the first call terminal to realize;

s2, the system in the first embodiment and the system in the second embodiment include a first secure device and a first call terminal, the first secure device includes a first secure chip, a first transmission module, and a module having a display function; if the first output module and the first prompt module both use the display function to realize the respective functions, the first output module and the first prompt module may both use the module with the display function in the first security device to realize the respective functions, or one of them may use the module with the display function in the first security device to realize, and the other one may use the module with the display function in the first call terminal to realize;

s3, the system in the first embodiment and the system in the second embodiment include a first security device and a first call terminal, where the first security device includes a first security chip, a first transmission module, a module having a play function, and a module having a display function; the first output module and the first prompt module can both use a module with a playing function in the first safety equipment to realize respective functions; or, the first output module and the first prompt module may both use a module with a display function in the first security device to implement their respective functions, and of course, one of the first output module and the first prompt module may also use a module with a play function in the first security device, and the other may use a module with a display function in the first security device to implement the function; of course, one of the first output module and the first prompt module can be implemented by using a module with a playing or displaying function in the first safety device, and the other can be implemented by using a module with a playing and displaying function in the first call terminal; here, a module having a playing function in the first security device is taken as a first output module, and a module having a display function in the first security device is taken as a first prompt module to illustrate the systems in the first embodiment and the second embodiment, specifically referring to fig. 1, where fig. 1 is a schematic diagram of a data processing system for voice call provided in the first embodiment and the second embodiment of the present invention; when the system shown in fig. 1 is implemented, since the functions of the first output module and the first prompt module can be implemented on the first security device independent of the first call terminal, the attack of malicious software on the first call terminal is reduced, and the security of data is improved;

s4, the system in the first embodiment and the system in the second embodiment include a first security device and a first call terminal, where the first security device includes a first security chip and a first transmission module; the first output module and the first prompt module can both use a module with a playing function in the first call terminal to realize respective functions; or, the first output module and the first prompt module may both use a module with a display function in the first call terminal to implement their respective functions, and of course, one of the first output module and the first prompt module may also use a module with a play function in the first call terminal, and the other may use a module with a display function in the first call terminal to implement. Here, a module having a playing function in the first call terminal is taken as the first output module, and a module having a displaying function in the first call terminal is taken as the first prompt module to illustrate the systems in the first embodiment and the second embodiment, specifically referring to fig. 2, where fig. 2 is another schematic diagram of the data processing system for voice call provided in the first embodiment and the second embodiment of the present invention. When the system shown in fig. 2 is implemented, a module (e.g., a display screen) with a display function or a module (e.g., a speaker) with a play function of the first call terminal may be directly utilized, and the hardware of the first security device and the hardware of the first call terminal need not to be changed, so that the hardware cost is low, and the implementation is simple.

EXAMPLE III

The system provided by this embodiment corresponds to the system provided by the first embodiment, where the embodiment is a data processing system on the first security device side, and the embodiment is a data processing system on the second security device side corresponding to the first embodiment. When the first security device performs signature processing, two implementation systems may be used, that is, the cryptograph of the session key may be signed, and the session key may also be signed to obtain signature data.

A first voice communication data processing system provided in the third embodiment of the present invention includes:

the second security chip is used for acquiring the digital certificate of the first security device, the second security chip is positioned in the second security device, the second security device is independent of the second communication terminal, the second security device is connected with the second communication terminal through a second communication interface, and the first security device is the security device of the first communication terminal which performs voice communication with the second communication terminal;

the second transmission module is used for receiving the cryptograph and the signature data of the call key sent by the second call terminal through the second communication interface; the signature data is obtained by performing signature processing on a ciphertext of the call key, and the second transmission module is located in the second safety device;

the second security chip is also used for verifying the signature data by using the public key of the first security device, and if the signature data passes the verification, the cipher text of the call key is decrypted by using the private key of the second security device to obtain the call key;

the second security chip is also used for verifying the digital certificate of the first security device by utilizing the root certificate;

the second output module is used for outputting the identification information of the digital certificate of the first safety equipment after the second safety chip verifies that the digital certificate of the first safety equipment passes, wherein the second output module is positioned in the second safety equipment or in the second communication terminal;

the second prompting module is used for prompting to confirm the identification information of the digital certificate of the first safety equipment, wherein the second prompting module is positioned in the second safety equipment or in the second communication terminal;

and the second security chip is also used for starting the encryption and decryption operation of the voice call of the second call terminal by using the call key after the second confirmation instruction is obtained.

The second prompting module is specifically used for prompting whether the identification information of the digital certificate of the first safety device is consistent with the identity of the user of the first call terminal or not to confirm; the second confirmation instruction is an instruction for confirming that the identification information of the digital certificate of the first safety device is consistent with the identity of the user of the first communication terminal.

The execution timings of the following two sets of operations in the data processing system for voice call provided in the third embodiment are explained:

a first set of operations: the second security chip verifies the signature data and decrypts the ciphertext of the call key after the signature data passes the verification;

a second set of operations: the second safety chip verifies the digital certificate of the first safety equipment, the second output module outputs the identification information of the digital certificate of the first safety equipment, and the second prompt module prompts the operation of confirming the identification information of the digital certificate of the first safety equipment.

The two groups of operations have no obvious precedence relationship in the execution sequence, and can be executed simultaneously, for example, if the system supports a multithread processing function, the data processing system for the first voice call provided in the third embodiment can complete the two groups of operations simultaneously; of course, the first group of operations and the second group of operations may also be executed sequentially according to the order, for example, the data processing system for the first voice call provided in the third embodiment executes the first group of operations first, and then executes the second group of operations; alternatively, the data processing system for the first voice call provided in the third embodiment executes the second set of operations first, and then executes the first set of operations.

A second data processing system for voice communication provided in the third embodiment of the present invention includes:

the second transmission module is used for receiving the cryptograph and the signature data of the call key sent by the second call terminal through the second communication interface; the signature data is obtained by performing signature processing on the call key, and the second transmission module is located in the second safety device;

the second security chip is also used for decrypting the ciphertext of the call key by using a private key of the second security device to obtain the call key; verifying the signature data by using a public key of the first safety device;

and the second security chip is also used for starting the encryption and decryption operation of the voice call of the second call terminal by using the call key after the signature data is verified to pass and a second confirmation instruction is obtained.

The execution timings of the following two sets of operations in the data processing system for the second voice call provided in the third embodiment are explained:

a first set of operations: the second security chip decrypts the ciphertext of the call key and verifies the operation of the signature data;

The two groups of operations have no obvious precedence relationship in the execution sequence, and can be executed simultaneously, for example, if the system supports a multithread processing function, the second voice communication data processing system provided in the third embodiment can complete the two groups of operations simultaneously; of course, the first group of operations and the second group of operations may also be executed sequentially according to the order, for example, the data processing system for the second voice call provided in the third embodiment executes the first group of operations first, and then executes the second group of operations; alternatively, the data processing system for the second voice call provided in the third embodiment executes the second group of operations first, and then executes the first group of operations.

In the third embodiment of the present invention, the difference between the first voice communication data processing system and the second voice communication data processing system is that the processing flow of the signature data is different, the first voice communication data processing system processes the signature data obtained by signing the ciphertext of the call key based on the first security chip, and the second voice communication data processing system processes the signature data obtained by signing the call key based on the first security device.

Wherein the public key of the first security device is obtained from the digital certificate of the first security device.

Example four

The system provided in this embodiment corresponds to the system provided in the second embodiment, where the second embodiment is a data processing system on the first security device side, and the second embodiment is a data processing system on the second security device side corresponding to the second embodiment. When the first security device performs signature processing, two implementation systems may be used, that is, the cryptograph of the session key may be signed, and the session key may also be signed to obtain signature data.

A first voice communication data processing system provided in the fourth embodiment of the present invention includes:

the second security chip is also used for verifying the signature data by using the public key of the first security device, and if the signature data passes the verification, the cipher text of the call key is decrypted by using the private key of the second security device to obtain the call key; and starting the encryption and decryption operation of the voice call of the second call terminal by using the call key;

and the second security chip is also used for continuing the encryption and decryption operations on the voice call of the second call terminal by using the call key after the second confirmation instruction is obtained.

The user of the second communication terminal can input a second confirmation instruction on the second communication terminal, and can also input the second confirmation instruction on the second safety device. And the user of the second communication terminal inputs a second confirmation instruction on the second safety device, so that the attack of malicious software on the second communication terminal is reduced, and the voice communication safety is ensured.

The execution timings of the following two sets of operations in the data processing system for voice call provided in the fourth embodiment are explained:

The two groups of operations have no obvious precedence in the execution sequence, and can be executed simultaneously, for example, if the system supports a multithread processing function, the data processing system for the first voice call provided in the fourth embodiment can complete the two groups of operations simultaneously; of course, the first group of operations and the second group of operations may also be executed sequentially according to the order, for example, the data processing system for the first voice call provided in the fourth embodiment executes the first group of operations first, and then executes the second group of operations; alternatively, the data processing system for the first voice call provided in the fourth embodiment executes the second group of operations first, and then executes the first group of operations.

A second data processing system for voice communication provided in the fourth embodiment of the present invention includes:

the second security chip is also used for decrypting the ciphertext of the call key by using a private key of the second security device to obtain the call key; verifying the signature data by using a public key of the first safety equipment, and if the signature data passes the verification, starting encryption and decryption operations on the voice call of the second call terminal by using a call key;

The execution timings of the following two sets of operations in the data processing system for the second voice call provided in the fourth embodiment are explained:

The two groups of operations have no obvious precedence in the execution sequence, and can be executed simultaneously, for example, if the system supports a multithread processing function, the second voice communication data processing system provided in the fourth embodiment can complete the two groups of operations simultaneously; of course, the first group of operations and the second group of operations may also be executed sequentially according to the order, for example, the data processing system for the second voice call provided in the fourth embodiment executes the first group of operations first, and then executes the second group of operations; alternatively, the data processing system for the second voice call provided in the fourth embodiment executes the second group of operations first, and then executes the first group of operations.

In the fourth embodiment of the present invention, a difference between the data processing system for the first voice call and the data processing system for the second voice call is that a processing flow of the signature data is different, the data processing system for the first voice call processes the signature data obtained by signing the ciphertext of the call key based on the first security chip, and the data processing system for the second voice call processes the signature data obtained by signing the call key based on the first security device.

In the third and fourth embodiments, after the second prompting module prompts to confirm the identification information of the digital certificate of the first security device, if the user confirms that the identification information of the digital certificate of the first security device is consistent with the identity of the first call terminal, the user inputs a second confirmation instruction on the second security device or the second call terminal.

The mode for the second secure chip to obtain the second confirmation instruction includes: the second security chip receives a second confirmation instruction sent by the second communication terminal through the second communication interface; or the second security chip receives a second confirmation instruction sent by a confirmation key on the second security device.

The second security chip receives a second confirmation instruction sent by the confirmation key on the second security device, attack of malicious software on the second communication terminal can be reduced, and voice communication security is guaranteed.

While the above description has been made on the systems of the third embodiment and the fourth embodiment each having different features from each other, the following description is made on the same features of the systems of the third embodiment and the fourth embodiment, i.e., the following features are applicable to the systems of the third embodiment and the fourth embodiment:

firstly, a second safety device and a second communication terminal are explained:

the second security device may be a wearable device such as smart glasses, smart watches, an earphone device, or integrated in the wearable device. Of course, the second security device may also be an intelligent Key device capable of communicating with the call terminal, such as an intelligent Key device USB Key with a USB interface, an intelligent Key device supporting an audio interface, an intelligent Key device with a bluetooth communication function, or integrated in an intelligent Key device capable of communicating with the call terminal; i.e. the second security device is a separate device from the second telephony terminal and is not integrated in the second telephony terminal.

The second communication interface may be a wireless connection interface or a wired connection interface. If the second communication interface is a wireless connection interface, a wireless communication module, which can be a Wi-Fi module, a Wi-FiDirect module, an NFC module, a Bluetooth module or an infrared module, is arranged in the second safety device, for example, the second safety device is a Bluetooth headset; if the second communication interface is a wired connection interface, the second safety device may have a data transmission line, and an interface of the data transmission line may be an audio interface or a USB interface, for example, the second safety device is a line control earphone. Of course, the second safety device may also have two functions of wireless connection and wired connection, that is, the second safety device has a wireless communication module therein and is externally connected with a data transmission line.

If the second safety equipment is internally provided with a wireless communication module, a second transmission module in the second safety equipment realizes wireless connection with a second communication terminal through a second communication interface; and if the second communication interface is a wired connection interface, the second transmission module in the second safety equipment realizes wired connection with the second communication terminal through the second communication interface.

The second communication terminal is a terminal with voice communication capability, and may be a traditional communication device, such as a fixed phone and a mobile phone, or a terminal with a network telephone function, such as a PC, a notebook computer, a tablet computer, and the like.

Secondly, explaining the call key:

the cipher text of the call key received by the second safety device is encrypted by using the public key of the second safety device, so that the cipher text of the call key can only be decrypted by the private key of the second safety device, and the safety of the call key is ensured. The signature data received by the second safety device is obtained by performing signature processing on the call key or the ciphertext of the call key, and the second safety device verifies the signature data to ensure whether the source of the signature data is the first safety device.

For the session key used by the second security device, after the second security chip in the second security device obtains the session key, the session key can be used to ensure the security of the voice call between the first security device and the second security device, which is equivalent to establishing a voice encryption channel between the first security device and the second security device based on the voice call in the prior art.

The voice encryption channel provided by the invention is a channel established between the first security device and the second security device, namely for the first security device, the voice encryption channel sequentially passes through the second security device, the second communication device, the first communication device and the first security device. Therefore, the voice encryption channel is established between the safety devices, so that the first communication terminal and the second communication terminal play a role in data transmission in the whole process from the establishment of the communication to the termination of the communication, the possibility of malicious software attack on the communication terminals is reduced, and the safety of data transmission is improved.

And the second security chip is also used for deleting the call key after the voice call of the user of the second call terminal is detected to be finished.

After the call is finished, the second security chip destroys the call key used by the voice call, so that the possibility that the call key is unreasonably utilized after being stolen can be reduced, the operation security of the second security chip is ensured, and the storage space of the second security chip is effectively utilized.

The encryption and decryption operation of the voice call of the second call terminal is started by using the call key, and the encryption and decryption operation can be started when the user of the first call terminal and the user of the second call terminal start the voice call, and also can be started in the process of the voice call between the user of the first call terminal and the user of the second call terminal.

Thirdly, explaining the function of the second security chip for acquiring the digital certificate of the first security device:

the second security chip is specifically used for acquiring the digital certificate of the first security device from the pre-stored digital certificate;

the second security chip may pre-store digital certificates of one or more security devices, and may search the digital certificate of the first security device according to the identifier of the first security device; and because the digital certificate is pre-stored in the second security chip and is not directly acquired from the outside, the possibility that the digital certificate is tampered is reduced.

Or the second security chip is specifically configured to receive the digital certificate of the first security device sent by the second transmission module, where the digital certificate of the first security device is sent to the second transmission module by the second communication terminal through the second communication interface.

The receiving, by the second security chip, the digital certificate of the first security device sent by the second transmission module may be implemented in the following manner, including:

b1, the second communication terminal acquires the digital certificate of the first security device from the digital certificate center, and sends the acquired digital certificate of the first security device to the second transmission module through the second communication interface, and the second transmission module sends the received digital certificate of the first security device to the second security chip;

and B2, the first security device sends the digital certificate of the first security device to the first communication terminal, the first communication terminal sends the digital certificate of the first security device to the second communication terminal, the second communication terminal sends the digital certificate of the first security device to the second transmission module through the second communication interface after receiving the digital certificate of the first security device, and the second transmission module sends the received digital certificate of the first security device to the second security chip.

In the mode B2, the trigger condition for the first security device to send the digital certificate of the first security device to the first call terminal may be initiated by the first security device actively, or initiated by the first security device after receiving the certificate acquisition request sent by the second security device.

In the method B1 and the method B2, the digital certificate of the first security device can be obtained in two ways, but in comparison, the digital certificate of the first security device is obtained from the digital certificate center by the second session terminal in the method B1, because the source of the digital certificate is reliable, and the possibility that an attacker who monitors the session modifies the digital certificate is low, the possibility that the digital certificate is tampered is reduced, and the security that the second session terminal obtains the digital certificate of the first security device from the outside is ensured.

Fourthly, explaining the functions of the second output module and the second prompt module:

the second output module is specifically configured to convert the identification information of the digital certificate of the first security device into sound information, obtain the sound information of the identification information of the digital certificate of the first security device, and play the sound information of the identification information of the digital certificate of the first security device;

the second output module may be a module with a playing function, such as a speaker or a loudspeaker; the sound information of the identification information of the digital certificate of the first security device can be played through a module with a playing function of the second security device, for example, the module with the playing function can be a loudspeaker or a loudspeaker; and playing can be carried out through a module with a playing function of the second communication terminal.

Of course, the second output module may also be a module having a display function, such as a display screen; the identification information of the digital certificate of the first security device can be displayed through a module with a display function of the second security device, for example, the module with the display function can be a display screen; and the display can be carried out through a module with a display function of the second communication terminal.

Compared with the mode that the second output module outputs the identification information of the digital certificate of the first safety equipment on the second communication terminal, the mode that the second output module outputs the identification information of the digital certificate of the first safety equipment on the second safety equipment can reduce the possibility of malicious software attack on the second communication terminal and improve the safety of data transmission.

The second prompting module can be a module with a playing function, such as a loudspeaker or a loudspeaker; it may also be a module with a display function, such as a display screen. The second prompt module can play the prompt message through a module with a play function on the second security device, or display the prompt message through a module with a display function on the second security device, so as to realize the function of prompting to confirm the identification information of the digital certificate of the first security device. In addition, the prompt information can be played through a module with a playing function on the second communication terminal, or the prompt information can be displayed through a module with a displaying function on the second communication terminal, so that the function of confirming the identification information of the digital certificate of the first safety device is prompted.

Compared with the mode that the second prompt module prompts the identification information of the digital certificate of the first safety equipment to confirm on the second communication terminal, the mode that the second prompt module prompts the identification information of the digital certificate of the first safety equipment to confirm on the second safety equipment can reduce the possibility of malicious software attack on the second communication terminal and improve the safety of data transmission.

The second prompting module prompts that the information for confirming the identification information of the digital certificate of the first security device and the identification information of the digital certificate of the first security device output by the second output module can be output together, for example, outputting "please confirm the identification information XXX of the digital certificate of the first security device", where XXX represents the content of the identification information of the digital certificate of the first security device. The output mode can adopt a playing mode or a display mode.

Of course, the information that the second prompting module prompts confirmation of the identification information of the digital certificate of the first secure device and the identification information of the digital certificate of the first secure device output by the second output module may also be output separately, for example, first outputting information that "please confirm the identification information of the digital certificate of the first secure device" and then outputting information that "the identification information of the digital certificate of the first secure device is XXX", or first outputting information that "the identification information of the digital certificate of the first secure device is XXX" and then outputting information that "please confirm the identification information of the digital certificate of the first secure device". The output modes of the two pieces of information can be output in a playing mode or a display mode, and the output modes of the two pieces of information can be the same or different.

It can be seen from the above that, the second prompting module and the second output module may be the same module physically, or may be two independent modules, and when the second prompting module and the second output module are two independent modules, they may both be located in the second security device, or in the second communication terminal; one of them may be located in the second security device and the other in the second communication terminal.

Fifthly, explaining the private key of the second security device and the identification information of the digital certificate of the first security device:

the private key of the second secure device is generated by the second secure chip internally to the second secure chip.

For the private key in the second secure device, the management mode of the private key in the prior art is generated from the outside and then imported into the second secure device, which is called a "ground mode", and the above mode is easy for hackers to intercept the private key before the private key is imported into the second secure device, so the management mode of the private key in the prior art has a certain security risk, and therefore, the private key used in the present invention is generated inside the second secure chip in the second secure device, that is, the generation environment of the private key is in the second secure device, that is, the generation program of the public-private key pair is directly burned in the second secure chip by developers, and the public key cryptographic algorithm program is also burned in the second secure chip. After the public and private keys are generated, the private key is stored in a key area in the second security chip and is not allowed to be accessed externally. And when the public and private key pair in the key area is used for carrying out digital signature and asymmetric decryption operation, the private key is called inside the second security chip to execute operation. Since the use of the private key is called by the second security chip, the private key does not leave the second security device in the whole process of generating and using the private key, which is called as a mode of 'no landing', so a hacker has no opportunity to intercept the private key, thereby ensuring the security of the private key.

The identification information of the digital certificate of the first safety equipment is at least one of name information, contact information and identity information of a digital certificate holder of the first safety equipment; the name information can be name, network name, pen name, etc., the contact mode can be mobile phone number, electronic mail box, and the identity information can be ID card number, employee's card number, passport number.

Sixth, a function of the second security chip to verify the digital certificate of the first security device using the root certificate is explained:

The root certificate of the CA certification center is used for authenticating the digital certificate issued by the CA certification center for the safety equipment so as to judge whether a certain digital certificate is a legal certificate issued by the CA certification center; for example, when the second security chip obtains the digital certificate of the first security device, the digital certificate of the first security device is verified by using the root certificate issued by the CA certificate authority, and if the digital certificate of the first security device is verified to pass, the digital certificate of the first security device is a legal certificate issued by the CA certificate authority; otherwise, the digital certificate indicating the first secure device is not a legal certificate issued by the CA certificate authority.

For example, in the third embodiment and the fourth embodiment, in order to verify whether the digital certificate of the first secure device is legal, the second secure chip needs to store in advance a root certificate of a CA certificate authority that issues digital certificates for the first secure device and the second secure device.

In addition, the third and fourth embodiments of the present invention describe a processing flow when the digital certificate of the first security device is verified to pass and the second confirmation instruction is obtained, and of course, the third and fourth embodiments of the present invention further provide a processing manner of the following scenario:

if the second security chip verifies that the digital certificate of the first security device does not pass, the second output module outputs prompt information indicating that the verification fails so that a user of the second communication terminal can end the voice communication on the second communication terminal or the second security device;

after the second prompting module prompts that the identification information of the digital certificate of the first safety equipment is confirmed, if the identification information of the digital certificate of the first safety equipment is inconsistent with the identity of the user of the first communication terminal, the second communication terminal or the second safety equipment receives an instruction for ending the voice communication.

The third embodiment and the fourth embodiment of the present invention are further described below by taking an application scenario as an example:

the third embodiment of the present invention and the fourth embodiment of the present invention are different in signature object, and the description is given by taking the ciphertext of the signature object as the session key in the third embodiment as an example:

Based on the above problems, the systems provided in the third and fourth embodiments of the present invention introduce the technical features of "verifying the digital certificate by using the root certificate" and "outputting the identification information of the digital certificate", so that the systems provided in the third and fourth embodiments of the present invention can solve the above problems, which are specifically described as follows:

the second security chip verifies the digital certificate of the first security device by using the root certificate;

if the second security chip fails to verify, the digital certificate of the first security device can be confirmed not to be a legal certificate issued by a CA (certificate authority); at the moment, in order to ensure the transmission safety of the call key, the second output module sends out alarm prompt information to prompt the user so that the user can take safety measures in time.

If the second security chip passes the verification, the digital certificate of the first security device can be confirmed to be a legal certificate issued by a CA (certificate authority); the second security device still cannot determine whether the holder of the certificate passing the verification is the user of the first call terminal, so that the second output module outputs the identification information of the digital certificate of the first security device, the second prompting module prompts to confirm the identification information of the digital certificate of the first security device, and if the second security chip receives a second confirmation instruction, the holder of the digital certificate of the first security device is the user of the first call terminal; otherwise, the holder of the digital certificate of the first safety device is not the user of the first call terminal, that is, the holder of the digital certificate of the first safety device is the third person, so that the purpose of identifying whether the third person exists in the voice call is achieved.

The system of the fourth embodiment is similar to the system of the third embodiment, and the technical effect similar to that of the system of the third embodiment can be achieved, and details are not repeated here.

In summary, it can be seen that the systems in the third and fourth embodiments at least include the following modules: the second safety chip, the second output module and the second prompt module. The second output module may be a module with a playing or displaying function, and the second prompt module may also be a module with a playing or displaying function.

In practical applications, the systems in the third embodiment and the fourth embodiment may have the following four structures, which are specifically described as follows:

the system in the S1, the third embodiment and the fourth embodiment includes a second secure device and a second communication terminal, where the second secure device includes a second secure chip, a second transmission module, and a module having a playing function; if the second output module and the second prompt module both use the playing function to realize their respective functions, the second output module and the second prompt module may both use the module with the playing function in the second security device to realize their respective functions, or one of them may use the module with the playing function in the second security device to realize, and the other one may use the module with the playing function in the second communication terminal to realize;

the system in the S2, the third embodiment and the fourth embodiment includes a second secure device and a second communication terminal, where the second secure device includes a second secure chip, a second transmission module, and a module having a display function; if the second output module and the second prompt module both use the display function to realize the respective functions, the second output module and the second prompt module may both use a module with a display function in the second security device to realize the respective functions, or one of them may use a module with a display function in the second security device to realize, and the other one may use a module with a display function in the second communication terminal to realize;

the system in the S3, the third embodiment and the fourth embodiment includes a second security device and a second communication terminal, where the second security device includes a second security chip, a second transmission module, a module with a playing function, and a module with a display function; the second output module and the second prompt module can both use a module with a playing function in the second safety equipment to realize respective functions; or, the second output module and the second prompt module may both use a module with a display function in the second security device to implement their respective functions, and of course, one of the second output module and the second prompt module may also use a module with a play function in the second security device, and the other may use a module with a display function in the second security device to implement; of course, one of the second output module and the second prompt module can be implemented by using a module with a playing or displaying function in the second safety device, and the other can be implemented by using a module with a playing and displaying function in the second communication terminal; here, taking a module with a playing function in the second security device as the second output module, and a module with a display function in the second security device as the second prompt module as examples to illustrate the systems in the third embodiment and the fourth embodiment, specifically referring to fig. 3, where fig. 3 is a schematic diagram of a data processing system for voice call provided in the third embodiment and the fourth embodiment of the present invention; when the system shown in fig. 3 is implemented, since the functions of the second output module and the second prompt module can be implemented on the second security device independent of the second communication terminal, the attack of malicious software on the second communication terminal is reduced, and the security of data is improved;

the system in S4, the third embodiment and the fourth embodiment includes a second secure device and a second communication terminal, where the second secure device includes a second secure chip and a second transmission module; the second output module and the second prompt module can both use a module with a playing function in the second communication terminal to realize respective functions; or, the second output module and the second prompt module may both use a module with a display function in the second communication terminal to implement their respective functions, and certainly, one of the second output module and the second prompt module may also use a module with a play function in the second communication terminal, and the other may use a module with a display function in the second communication terminal to implement. Here, taking a module having a playing function in the second communication terminal as the second output module and a module having a displaying function in the second communication terminal as the second prompt module as examples to illustrate the systems in the third embodiment and the fourth embodiment, refer to fig. 4 specifically, where fig. 4 is another schematic diagram of the data processing system for voice call provided in the third embodiment and the fourth embodiment of the present invention. When the system shown in fig. 4 is implemented, a module (for example, a display screen) with a display function or a module (for example, a speaker) with a play function of the second communication terminal may be directly utilized, and there is no need to change any hardware of the second security device and the second communication terminal, so that the hardware cost is low, and the implementation is simple.

In the system provided in the third and fourth embodiments of the present invention, the ciphertext of the session key received by the second security device is encrypted by using the public key of the second security device, and thus, the ciphertext of the session key can only be decrypted by the private key of the second security device, so that the ciphertext of the session key can only be decrypted by the second security device, thereby ensuring the security of the session key; the signature data received by the second safety device is obtained by performing signature processing on the call key or the ciphertext of the call key, and the second safety device verifies the signature data to ensure whether the source of the signature data is the first safety device. In addition, the second security chip verifies the digital certificate of the first security device, after the verification is passed, the second output module outputs the identification information of the digital certificate of the first security device, the second prompt module prompts to confirm the identification information of the digital certificate of the first security device, and the identification of the holder of the digital certificate of the first security device is realized, so that a user of the second communication terminal can determine whether the call is monitored, the success rate of monitoring the third person in the voice call is improved, the possibility of monitoring the voice call is reduced, and when the user determines that the call is monitored by the third person, the user can take a security measure for preventing monitoring in time to prevent information leakage, and the security of data transmission in the voice call is improved.

In order to more clearly describe the above systems, the complete interaction between the system on the user side of the first call terminal and the system on the user side of the second call terminal is described:

fig. 5 is a schematic diagram of the complete interaction between the system on the user side of the first communication terminal and the system on the user side of the second communication terminal provided in the present invention. In the system shown in fig. 5, the first security device is connected to the first communication terminal through the first communication interface, the first communication terminal is connected to the second communication terminal through the communication network, and the second communication terminal is connected to the second security device through the second communication interface. The first security chip is located in the first security device, and the second security chip is located in the second security device.

The following several complete interaction embodiments are provided below, which specifically include:

complete interaction embodiment one

A data processing system for voice calls, comprising:

the first security chip is also used for verifying the digital certificate of the second security device by using the root certificate in the first security chip;

the first security chip is further used for starting the encryption and decryption operation of the voice call of the first call terminal by using the call key generated by the first security chip after the first confirmation instruction is obtained;

the first security chip is further used for encrypting the call key by using the public key of the second security device to obtain a ciphertext of the call key, and performing signature processing on at least the ciphertext of the call key by using the private key of the first security device to obtain signature data;

the second transmission module is used for receiving the ciphertext and the signature data of the call key sent by the second call terminal through the second communication interface, wherein the second transmission module is positioned in second safety equipment, and the second safety equipment is independent of the second call terminal;

the second security chip is used for verifying the signature data by using the public key of the first security device, and if the signature data passes the verification, the cipher text of the call key is decrypted by using the private key of the second security device to obtain the call key, wherein the second security chip is positioned in the second security device;

and the second security chip is also used for starting the encryption and decryption operation of the voice call of the second call terminal by using the call key after the signature data passes the verification.

Complete interaction embodiment two

A data processing system for voice calls, comprising:

the first security chip is used for generating a call key and starting encryption and decryption operations of voice calls of the first call terminal by using the call key, wherein the first security chip is positioned in first security equipment, the first security equipment is independent of the first call terminal, and the first security equipment is connected with the first call terminal;

the first security chip is also used for acquiring a digital certificate of second security equipment, wherein the second security equipment is security equipment of a second communication terminal which performs voice communication with the first communication terminal;

the first security chip is further used for continuing the encryption and decryption operation on the voice call of the first call terminal by using the call key after the first confirmation instruction is obtained;

the second security chip is used for verifying the signature data by using the public key of the first security device after the digital certificate of the first security device is acquired, and decrypting the ciphertext of the call key by using the private key of the second security device to obtain the call key if the signature data passes the verification;

Complete interaction example three

A data processing system for voice calls, comprising:

the first security chip is also used for encrypting the call key by using the public key of the second security device to obtain the ciphertext of the call key, and performing signature processing on the call key by using the private key of the first security device to obtain signature data,

the second security chip is used for decrypting the ciphertext of the call key by using the private key of the second security device after the digital certificate of the first security device is acquired, so that the call key is acquired; verifying the signature data by using a public key of the first safety device; and after the signature data passes the verification, starting the encryption and decryption operation of the voice call of the second call terminal by using the call key.

Complete interaction example four

A data processing system for voice calls, comprising:

the first security chip is also used for encrypting the call key by using the public key of the second security device to obtain a ciphertext of the call key, and performing signature processing on the call key by using the private key of the first security device to obtain signature data;

the second security chip is also used for decrypting the ciphertext of the call key by using the private key of the second security device after the digital certificate of the first security device is acquired, so as to obtain the call key; verifying the signature data by using a public key of the first safety device;

Complete interaction example five

A data processing system for voice calls, comprising:

the second security chip is used for acquiring the digital certificate of the first security device, wherein the second security chip is positioned in the second security device, the second security device is independent of the second communication terminal, and the second security device is connected with the second communication terminal through a second communication interface;

the second transmission module is used for receiving the ciphertext and the signature data of the call key sent by the second call terminal through the second communication interface, wherein the second transmission module is positioned in the second safety device;

the second security chip is also used for verifying the digital certificate of the first security device by using the root certificate in the second security chip;

Complete interaction example six

A data processing system for voice calls, comprising:

the second security chip is also used for verifying the signature data by using the public key of the first security device, and if the signature data passes the verification, the cipher text of the call key is decrypted by using the private key of the second security device to obtain the call key; starting the encryption and decryption operation of the voice call of the second call terminal by using the call key;

Full Interactive embodiment seven

A data processing system for voice calls, comprising:

the first security chip is further used for encrypting the call key by using the public key of the second security device to obtain a ciphertext of the call key, and at least performing signature processing on the call key by using the private key of the first security device to obtain signature data;

the second security chip is also used for decrypting the ciphertext of the call key by using a private key of the second security device to obtain the call key; verifying the signature data by using the public key of the first safety device;

and the second security chip is also used for starting the encryption and decryption operation of the voice call of the second call terminal by using the call key after the signature data passes the verification and the second confirmation instruction is obtained.

Full interaction embodiment eight

A data processing system for voice calls, comprising:

the second security chip is also used for decrypting the ciphertext of the call key by using a private key of the second security device to obtain the call key; verifying the signature data by using a public key of the first safety equipment, and if the signature data passes the verification, starting encryption and decryption operations on the voice call of the second call terminal by using the call key;

The following further describes the systems of the above-mentioned complete interactive embodiments one to eight:

the method for transmitting the cipher text and the signature data of the call key from the first security device to the second security device comprises the following steps:

the first communication terminal receives the ciphertext and the signature data of the communication key sent by the first safety equipment through the first communication interface, and sends the ciphertext and the signature data of the communication key to the second communication terminal through the communication network; and the second communication terminal receives the ciphertext and the signature data of the call key from the first communication terminal through the communication network and sends the ciphertext and the signature data of the call key to the second safety equipment through the second communication interface.

Any process or system descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing specific logical functions or steps of the process, and alternate implementations are included within the scope of the preferred embodiment of the present invention in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the present invention.

It should be understood that portions of the present invention may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, various steps or systems may be implemented in software or firmware stored in a memory and executed by a suitable instruction execution system. For example, if implemented in hardware, as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic gate circuit for implementing a logic function on a data signal, an application specific integrated circuit having an appropriate combinational logic gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), or the like.

It will be understood by those of ordinary skill in the art that all or part of the steps carried by the system implementing the above embodiments may be implemented by hardware associated with instructions of a program, which may be stored in a computer-readable storage medium, and when executed, includes one or a combination of the steps of the system embodiments.

In addition, functional units in the embodiments of the present invention may be integrated into one processing module, or each unit may exist alone physically, or two or more units are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. The integrated module, if implemented in the form of a software functional module and sold or used as a stand-alone product, may also be stored in a computer readable storage medium.

The storage medium mentioned above may be a read-only memory, a magnetic or optical disk, etc.

In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.

Although embodiments of the present invention have been shown and described above, it is understood that the above embodiments are exemplary and should not be construed as limiting the present invention, and that variations, modifications, substitutions and alterations can be made in the above embodiments by those of ordinary skill in the art without departing from the principle and spirit of the present invention. The scope of the invention is defined by the appended claims and equivalents thereof.

Claims

1. A data processing system for voice telephony, comprising:

the system comprises a first security chip, a second security chip and a third security chip, wherein the first security chip is located in the first security device, the first security device is independent of a first communication terminal, the first security device is connected with the first communication terminal through a first communication interface, and the second security device is a security device of a second communication terminal which performs voice communication with the first communication terminal;

the first security chip is further configured to encrypt the session key generated by the first security chip by using the public key of the second security device to obtain a ciphertext of the session key, and perform signature processing on at least the ciphertext of the session key or the session key by using the private key of the first security device to obtain signature data;

the first transmission module is used for sending the ciphertext of the call key and the signature data to the first call terminal through the first communication interface, wherein the first transmission module is located in the first safety device;

the first security chip is further configured to store a root certificate, and verify the digital certificate of the second security device by using the root certificate;

a first output module, configured to output identification information of the digital certificate of the second security device after the first security chip verifies that the digital certificate of the second security device passes, where the first output module is located in the first security device or in the first call terminal;

a first prompting module, configured to prompt to confirm whether identification information of a digital certificate of the second security device is consistent with an identity of a user of the second session terminal, where the first prompting module is located in the first security device or in the first session terminal;

the first security chip is further configured to start an encryption and decryption operation on a voice call of the first call terminal by using the call key after obtaining a first confirmation instruction, where the first confirmation instruction is an instruction for confirming that identification information of a digital certificate of the second security device is consistent with an identity of a user of the second call terminal.

2. A data processing system for voice telephony, comprising:

the first security chip is used for starting the encryption and decryption operation of the voice call of the first call terminal by using the call key generated by the first security chip, wherein the first security chip is positioned in first security equipment;

the first security chip is further configured to acquire a digital certificate of a second security device, where the first security device is independent of a first call terminal, the first security device is connected to the first call terminal through a first communication interface, and the second security device is a security device of a second call terminal that performs a voice call with the first call terminal;

the first security chip is further configured to encrypt the session key with the public key of the second security device to obtain a ciphertext of the session key, and perform signature processing on at least the ciphertext of the session key or the session key with the private key of the first security device to obtain signature data;

the first output module is used for outputting the identification information of the digital certificate of the second security device after the digital certificate of the second security device passes verification, wherein the first output module is located in the first security device or the first call terminal;

the first security chip is further configured to continue to perform encryption and decryption operations on the voice call of the first call terminal by using the call key after obtaining a first confirmation instruction, where the first confirmation instruction is an instruction to confirm that identification information of the digital certificate of the second security device is consistent with the identity of the user of the second call terminal.

3. The system according to claim 1 or 2, wherein the first secure chip is specifically configured to:

acquiring a digital certificate of the second security device from prestored digital certificates; or,

and receiving the digital certificate of the second security device sent by the first transmission module, wherein the digital certificate of the second security device is sent to the first transmission module by the first call terminal through the first communication interface.

4. The system according to any one of claims 1 to 3, wherein the first output module is specifically configured to:

converting the identification information of the digital certificate of the second security equipment into sound information to obtain the sound information of the identification information of the digital certificate of the second security equipment, and playing the sound information of the identification information of the digital certificate of the second security equipment; or displaying the identification information of the digital certificate of the second security device.

5. The system according to any one of claims 1 to 4,

the first security chip is further configured to delete the call key after the first security chip detects that the voice call of the first call terminal is ended.

6. The system of any of claims 1 to 5, wherein the private key of the first secure device is generated by the first secure chip internally to the first secure chip.

7. A data processing system for voice telephony, comprising:

the second security chip is used for acquiring a digital certificate of first security equipment, wherein the second security chip is positioned in the second security equipment, the second security equipment is independent of a second communication terminal, the second security equipment is connected with the second communication terminal through a second communication interface, and the first security equipment is security equipment of a first communication terminal which performs voice communication with the second communication terminal;

the second transmission module is used for receiving the cipher text and the signature data of the call key sent by the second call terminal through the second communication interface; the signature data is obtained by performing signature processing on a ciphertext of the call key, and the second transmission module is located in the second security device;

the second security chip is further configured to verify the signature data by using the public key of the first security device, and if the signature data is verified to pass, decrypt the ciphertext of the session key by using the private key of the second security device to obtain the session key;

the second security chip is further configured to store a root certificate, and verify the digital certificate of the first security device by using the root certificate;

a second output module, configured to output identification information of the digital certificate of the first security device after the second security chip verifies that the digital certificate of the first security device passes, where the second output module is located in the second security device or in the second communication terminal;

a second prompting module, configured to prompt to confirm whether identification information of the digital certificate of the first security device is consistent with an identity of a user of the first session terminal, where the second prompting module is located in the second security device or in the second session terminal;

and the second security chip is further configured to start an encryption and decryption operation on a voice call of the second call terminal by using the call key after a second confirmation instruction is obtained, where the second confirmation instruction is an instruction for confirming that identification information of the digital certificate of the first security device is consistent with the identity of the user of the first call terminal.

8. A data processing system for voice telephony, comprising:

the second transmission module is used for receiving the cipher text and the signature data of the call key sent by the second call terminal through the second communication interface; the signature data is obtained by performing signature processing on the call key, and the second transmission module is located in the second security device;

the second security chip is further configured to decrypt the ciphertext of the session key by using a private key of the second security device to obtain the session key; verifying the signature data by using a public key of the first security device;

and the second security chip is further configured to start encryption and decryption operations on voice calls of the second call terminal by using the call key after the signature data is verified to pass and a second confirmation instruction is obtained, where the second confirmation instruction is an instruction for confirming that identification information of the digital certificate of the first security device is consistent with the identity of the user of the first call terminal.

9. A data processing system for voice telephony, comprising:

the second security chip is further configured to verify the signature data by using the public key of the first security device, and if the signature data is verified to pass, decrypt the ciphertext of the session key by using the private key of the second security device to obtain the session key; and starting the encryption and decryption operation of the voice call of the second call terminal by using the call key;

and the second security chip is further configured to continue to perform encryption and decryption operations on the voice call of the second call terminal by using the call key after a second confirmation instruction is obtained, where the second confirmation instruction is an instruction to confirm that the identification information of the digital certificate of the first security device is consistent with the identity of the user of the first call terminal.

10. A data processing system for voice telephony, comprising:

the second security chip is further configured to decrypt the ciphertext of the session key by using a private key of the second security device to obtain the session key; verifying the signature data by using the public key of the first safety equipment, and if the signature data is verified to pass, starting encryption and decryption operations on the voice call of the second call terminal by using the call key;

11. The system according to any one of claims 7 to 10, characterized in that the second security chip is specifically configured to:

acquiring a digital certificate of the first security device from a prestored digital certificate; or,

and receiving the digital certificate of the first safety equipment sent by the second transmission module, wherein the digital certificate of the first safety equipment is sent to the second transmission module by the second communication terminal through a second communication interface.

12. The system according to any one of claims 7 to 11, wherein the second output module is specifically configured to:

converting the identification information of the digital certificate of the first security device into sound information to obtain the sound information of the identification information of the digital certificate of the first security device, and playing the sound information of the identification information of the digital certificate of the first security device; or displaying the identification information of the digital certificate of the first security device.

13. The system according to any one of claims 7 to 12,

and the second security chip is further configured to delete the call key after the second security chip detects that the voice call of the second call terminal is ended.

14. The system according to any one of claims 7 to 13, wherein the private key of the second secure device is generated by the second secure chip internally to the second secure chip.