技术领域technical field
本发明涉及通信技术领域,尤其涉及信息安全,具体是指一种基于蓝牙的安全通话系统及方法。The present invention relates to the field of communication technology, in particular to information security, and specifically refers to a bluetooth-based secure call system and method.
背景技术Background technique
随着信息化时代的到来,计算机、网络、通信等技术迅猛发展,数字信息得到广泛应用,然而,数字信息很容易被复制和传播,对其应用带来了非常不利的影响,特别是对于保密力度高的机密信息,语音是人们进行交互的基础,当前语音信息又在信息产业中占据着举足轻重的地位,保障语音信息的安全意义重大,这里对现有技术进行说明With the advent of the information age, technologies such as computers, networks, and communications have developed rapidly, and digital information has been widely used. However, digital information is easily copied and disseminated, which has a very negative impact on its application, especially for confidentiality. For highly confidential information, voice is the basis for people to interact. At present, voice information occupies a pivotal position in the information industry. It is of great significance to ensure the security of voice information. Here is an explanation of the existing technology
DSP芯片也称数字信号处理器,是一种适合进行数字信号处理运算的微处理器,其主要应用是实时快速地实现各种数字信号处理算法。DSP除了具有普通微处理器所强调的高速运算和控制能力外,针对实时数字信号处理的特点,在处理器的结构、指令系统、指令流程上做了很大的改进,它采用多总线的哈佛结构,采用流水线技术实现多指令的并行执行,并且支持多处理器扩展。The DSP chip, also known as a digital signal processor, is a microprocessor suitable for digital signal processing operations. Its main application is to realize various digital signal processing algorithms in real time and quickly. In addition to the high-speed calculation and control capabilities emphasized by ordinary microprocessors, DSP has made great improvements in the structure, instruction system, and instruction flow of the processor for the characteristics of real-time digital signal processing. It uses the multi-bus Harvard Structure, using pipeline technology to achieve parallel execution of multiple instructions, and supports multi-processor extensions.
语音通信系统中采用的加密技术有两大类,模拟加密和数字加密,对于模拟加密技术,加密技术可以分为频域加密、时间域加密、变换域加密、多维域加密这四类,早期主要是采用时间域加密和频率域技术来对语音信号进行处理。但是由于在时间域上置乱语音信号时的置乱系数太少,加密安全性较差,人们转而研究频率域上的加密技术,其加密手段有语音频谱搬移和倒相等,但是这种方法加密后的语音信号冗余度高,即剩余可懂度高,安全性较差,后来有了在变换域对语音数据进行处理的方法;和模拟加密相比,数字加密采用了压缩编码技术。通过采集模拟语音信号,将其量化编码成为二进制的数据流,并利用编码算法提取出语音信号中的有用参量进行加密,加密后的数据仍然以数字信号传输。There are two types of encryption technologies used in voice communication systems, analog encryption and digital encryption. For analog encryption technologies, encryption technologies can be divided into four categories: frequency domain encryption, time domain encryption, transformation domain encryption, and multidimensional domain encryption. It uses time domain encryption and frequency domain technology to process the voice signal. However, because the scrambling coefficients are too few when scrambling the voice signal in the time domain, the encryption security is poor, so people turn to the encryption technology in the frequency domain. The encryption methods include voice spectrum shift and inverse equality, but this method The encrypted speech signal has high redundancy, that is, high residual intelligibility, and poor security. Later, there is a method of processing speech data in the transform domain; compared with analog encryption, digital encryption uses compression coding technology. By collecting the analog voice signal, it is quantized and encoded into a binary data stream, and the useful parameters in the voice signal are extracted by the encoding algorithm for encryption, and the encrypted data is still transmitted as a digital signal.
语音编解码方面,现在比较好的算法有混合激励线性预测编码、基音同步激励线性预测编码、正弦变换编码、时频域插值编码。In terms of speech coding and decoding, currently better algorithms include mixed excitation linear predictive coding, pitch synchronous excited linear predictive coding, sinusoidal transform coding, and time-frequency domain interpolation coding.
混沌系统的混沌性是指系统的动力学行为呈现一种局部不稳定而又具有有界性和某种整体混合性,混沌性在通信技术和信号处理方面已经有广泛应用,利用现在的集成芯片来实现混沌电路已经很成熟。The chaos of the chaotic system means that the dynamic behavior of the system presents a local instability but is bounded and a certain overall mixing. Chaos has been widely used in communication technology and signal processing. Using the current integrated chip It is very mature to realize the chaotic circuit.
密码学是以研究秘密通信为目的的一门科学,计算机和通信技术迅猛发展,大量敏感信息要通过公共信息设施或计算机网络进行交换,大量个人信息需要保密,密码学的商业和社会价值日益显著。Cryptography is a science for the purpose of studying secret communication. With the rapid development of computer and communication technology, a large amount of sensitive information needs to be exchanged through public information facilities or computer networks, and a large amount of personal information needs to be kept secret. The commercial and social value of cryptography is becoming more and more significant. .
请参阅图1所示,图1为现有技术中的语音通信的加密技术的结构示意图,手持设备到运营商基站之间在GSM/CDMA网络下具有空中加密技术,但信号在基站间的传输过程中并未加密,存在安全隐患。Please refer to Fig. 1. Fig. 1 is a structural schematic diagram of the encryption technology of voice communication in the prior art. There is air encryption technology under the GSM/CDMA network between the handheld device and the operator's base station, but the transmission of the signal between the base stations The process is not encrypted, which poses a security risk.
通过对已有的国内外主流手持设备点到点安全加密通信产品的研究,发现其技术路线主要基于的是GSM的数据通道,如Cryptophone的产品使用了SHA256的加密算法和Diffie-Hellman的秘钥交换协议。显然,用户常用的方式还包括语音通道和短信通道,还存在被监听的隐患。Through the research on the existing domestic and foreign mainstream handheld device point-to-point secure encryption communication products, it is found that its technical route is mainly based on the GSM data channel, such as the Cryptophone product uses the SHA256 encryption algorithm and the Diffie-Hellman key exchange agreement. Obviously, the methods commonly used by users also include voice channels and SMS channels, and there is still a hidden danger of being monitored.
发明内容Contents of the invention
本发明的目的是克服了上述现有技术的缺点,提供了一种解决当前语音通信仅支持无线(GSM/CDMA)接口加密的问题、通过蓝牙耳机实现双向的语音全程加密、不依赖于运营商、手机厂商、网络环境、安全完全自主化的基于蓝牙的安全通话系统及方法。The purpose of the present invention is to overcome the above-mentioned shortcoming of prior art, provide a kind of problem that solves the current voice communication and only support the wireless (GSM/CDMA) interface encryption, realize two-way voice full-process encryption through the bluetooth earphone, do not depend on the operator , mobile phone manufacturers, network environment, and a completely autonomous bluetooth-based secure call system and method.
为了实现上述目的,本发明的基于蓝牙的安全通话系统及方法具有如下构成:In order to achieve the above object, the bluetooth-based secure communication system and method of the present invention have the following components:
该基于蓝牙的安全通话系统,其主要特点是,所述的系统包括:The main feature of this bluetooth-based secure call system is that the system includes:
具有加解密模块的蓝牙耳机,用以加密蓝牙耳机的麦克风输入的语音信号以及解密蓝牙耳机的扬声器输出的语音信号;A bluetooth headset with an encryption and decryption module, which is used to encrypt the voice signal input by the microphone of the bluetooth headset and decrypt the voice signal output by the speaker of the bluetooth headset;
终端,用以接收蓝牙耳机加密的语音信号并发送至相应的基站,以及从相应的基站获取经加密的语音信号并发送至所述的蓝牙耳机;The terminal is used to receive the encrypted voice signal of the Bluetooth headset and send it to the corresponding base station, and obtain the encrypted voice signal from the corresponding base station and send it to the Bluetooth headset;
基站,用以实现基站间的语音信号的传输。The base station is used to realize the transmission of voice signals between the base stations.
进一步地,所述的具有加解密模块的蓝牙耳机具体包括:Further, the described bluetooth headset with encryption and decryption module specifically includes:
加解密模块,用以加密蓝牙耳机的麦克风输入的语音信号以及解密蓝牙耳机的扬声器输出的语音信号;The encryption and decryption module is used to encrypt the voice signal input by the microphone of the bluetooth headset and decrypt the voice signal output by the speaker of the bluetooth headset;
消息管理模块,用以实现加密的语音信号的接收和发送;A message management module for receiving and sending encrypted voice signals;
参数管理模块,用以处理所述的加解密模块产生或获取的秘钥。The parameter management module is used to process the secret key generated or obtained by the encryption and decryption module.
更进一步地,所述的蓝牙耳机还包括第一数据缓冲模块以及第二数据缓冲模块,所述的第一数据缓冲模块设置于所述的麦克风与所述的加解密模块之间以及所述的第二数据缓冲模块设置于所述的扬声器与所述的加解密模块之间。Furthermore, the Bluetooth headset also includes a first data buffer module and a second data buffer module, the first data buffer module is set between the microphone and the encryption and decryption module and the The second data buffer module is arranged between the speaker and the encryption and decryption module.
更进一步地,所述的蓝牙耳机还包括第一加扰数据模块以及第二加扰数据模块,所述的第一加扰数据模块设置于所述的蓝牙耳机的输入端与所述的加解密模块之间以及所述的第二加扰数据模块设置于所述的蓝牙耳机的输出端与所述的加解密模块之间。Furthermore, the bluetooth headset also includes a first scrambled data module and a second scrambled data module, the first scrambled data module is set at the input end of the bluetooth headset and the encryption and decryption Between the modules and the second scrambled data module is set between the output end of the bluetooth earphone and the encryption and decryption module.
本发明还涉及一种安全通话的方法,其主要特点是,所述的方法包括接收过程和发送过程:The present invention also relates to a method for secure communication, the main feature of which is that the method includes a receiving process and a sending process:
所述的发送过程包括以下步骤:The sending process includes the following steps:
(11)所述的蓝牙耳机获取从麦克风输入的语音信号;(11) The bluetooth earphone obtains the voice signal input from the microphone;
(12)所述的加解密模块对所述的语音信号进行加密,并发送至所述的终端;(12) The encryption and decryption module encrypts the voice signal and sends it to the terminal;
(13)所述的终端将已加密的语音信号发送至第一基站;(13) The terminal sends the encrypted voice signal to the first base station;
(14)所述的第一基站将该已加密的语音信号发送至目标基站;(14) The first base station sends the encrypted voice signal to the target base station;
所述的接收过程包括以下步骤:The receiving process includes the following steps:
(21)所述的终端从一基站中获取已加密的语音信号;(21) The terminal obtains an encrypted voice signal from a base station;
(22)所述的加解密模块将该已加密的语音信号解密;(22) The encrypted voice signal decrypted by the encryption and decryption module;
(23)所述的蓝牙耳机将已解密的语音信号发送至扬声器输出。(23) The Bluetooth earphone sends the decrypted voice signal to the speaker for output.
进一步地,所述的蓝牙耳机还包括消息管理模块以及参数管理模块,所述的步骤(12)具体包括以下步骤:Further, the Bluetooth headset also includes a message management module and a parameter management module, and the step (12) specifically includes the following steps:
(12.1)所述的参数管理模块生成一共享随机秘钥;The parameter management module described in (12.1) generates a shared random secret key;
(12.2)所述的加解密模块根据该共享随机秘钥对所述的语音信号进行加密;(12.2) the encryption and decryption module encrypts the voice signal according to the shared random secret key;
(12.3)所述的消息管理模块将加密后的语音信号发送至所述的终端。(12.3) The message management module sends the encrypted voice signal to the terminal.
更进一步地,所述的蓝牙耳机还包括消息管理模块以及参数管理模块,所述的步骤(22)具体包括以下步骤:Further, the Bluetooth headset also includes a message management module and a parameter management module, and the step (22) specifically includes the following steps:
(22.1)所述的消息管理模块接收该已加密的语音信号;The message management module described in (22.1) receives the encrypted voice signal;
(22.2)所述的参数管理模块识别所述的共享随机秘钥;(22.2) The parameter management module identifies the shared random secret key;
(22.3)所述的加解密模块根据该共享随机秘钥将该已加密的语音信号解密。The encryption and decryption module described in (22.3) decrypts the encrypted voice signal according to the shared random key.
进一步地,所述的蓝牙耳机还包括消息管理模块以及参数管理模块,所述的步骤(12)具体包括以下步骤:Further, the Bluetooth headset also includes a message management module and a parameter management module, and the step (12) specifically includes the following steps:
(12.a)所述的消息管理模块获取一预设的秘钥;(12.a) The message management module obtains a preset secret key;
(12.b)所述的加解密模块根据该预设的秘钥对所述的语音信号进行加密,并将加密后的语音信号发送至所述的终端;(12.b) The encryption and decryption module encrypts the voice signal according to the preset secret key, and sends the encrypted voice signal to the terminal;
(12.c)所述的消息管理模块将加密后的语音信号发送至所述的终端。(12.c) The message management module sends the encrypted voice signal to the terminal.
更进一步地,所述的蓝牙耳机还包括消息管理模块以及参数管理模块,所述的步骤(22)具体包括以下步骤:Further, the Bluetooth headset also includes a message management module and a parameter management module, and the step (22) specifically includes the following steps:
(22.a)所述的消息管理模块接收该已加密的语音信号;(22.a) The message management module receives the encrypted voice signal;
(22.b)所述的参数管理模块识别所述的预设的秘钥;(22.b) The parameter management module identifies the preset secret key;
(22.c)所述的加解密模块根据该预设的秘钥将该已加密的语音信号解密。The encryption and decryption module described in (22.c) decrypts the encrypted voice signal according to the preset secret key.
采用了该发明中的基于蓝牙的安全通话系统及方法,与现有技术相比,具有以下有益的技术效果:Compared with the prior art, the bluetooth-based safe communication system and method of the invention has been adopted, and has the following beneficial technical effects:
1、蓝牙外接式设计能够在所有的智能设备上便利使用;1. Bluetooth external design can be used conveniently on all smart devices;
2、不依赖于数字加密方法,不存在类似破解、监听的安全隐患;2. It does not rely on digital encryption methods, and there are no security risks like cracking and monitoring;
3、嵌入的DSP模块能够减小系统延迟至用户无感知状态,不影响传输效率;3. The embedded DSP module can reduce the system delay to the state where the user does not perceive it, without affecting the transmission efficiency;
4、无需二次改造智能设备或网络拓扑结构,兼容性强;4. There is no need to modify the smart device or network topology structure twice, and the compatibility is strong;
5、直接使用模拟信号加/解密(扰)技术,不需要加入额外的A/D、D/A模块;5. Directly use analog signal encryption/decryption (scrambling) technology without adding additional A/D and D/A modules;
6、语音保真率可以体现出处理之后的语音与原来语音的相似程度,本发明加解密之后的语音保真率可以达到90%以上,接收方不会感觉到语音是经过处理的;加解密算法处理性能决定加密和解密处理的时间响应速度,并且影响语音保真率高低,本发明加解密过程可以稳定限制在100ms以内,接收者不会感觉到因为加解造成的时间延迟;秘钥有效期及秘钥更新周期为20s,同步动态秘钥的时序差在100ms内,密码同步连续有效次数大于500万次。6. The voice fidelity rate can reflect the similarity between the processed voice and the original voice. The voice fidelity rate after encryption and decryption of the present invention can reach more than 90%, and the receiver will not feel that the voice is processed; encryption and decryption Algorithm processing performance determines the time response speed of encryption and decryption processing, and affects the voice fidelity rate. The encryption and decryption process of the present invention can be stably limited within 100ms, and the receiver will not feel the time delay caused by encryption and decryption; the validity period of the secret key And the secret key update period is 20s, the timing difference of synchronous dynamic secret key is within 100ms, and the number of consecutive valid password synchronization is more than 5 million times.
附图说明Description of drawings
图1为现有技术中的语音通信的加密技术的结构示意图。FIG. 1 is a schematic structural diagram of an encryption technology for voice communication in the prior art.
图2为本发明的基于蓝牙的安全通话系统的结构示意图。FIG. 2 is a schematic structural diagram of the bluetooth-based secure communication system of the present invention.
图3为本发明的加密语音蓝牙架构图。Fig. 3 is a structure diagram of the encrypted voice bluetooth of the present invention.
图4为本发明的语音处理的步骤流程图。Fig. 4 is a flow chart of steps of speech processing in the present invention.
具体实施方式detailed description
为了能够更清楚地描述本发明的技术内容,下面结合具体实施例来进行进一步的描述。In order to describe the technical content of the present invention more clearly, further description will be given below in conjunction with specific embodiments.
本发明的基于蓝牙的安全通话系统及方法解决了当前语音通信仅支持无线(GSM/CDMA)接口加密的问题,通过蓝牙耳机实现双向的语音全程加密,不依赖于运营商、手机厂商、网络环境,安全完全自主化。加密(加扰)后的语音信息能够在模拟线路和数字电路中传输、能够覆盖全制式包含且不限于2G/3G/4G的通信环境,全免杜绝利用木马等在任何传输过程中监听的可能。The bluetooth-based secure call system and method of the present invention solves the problem that the current voice communication only supports wireless (GSM/CDMA) interface encryption, realizes two-way voice full-process encryption through the bluetooth headset, and does not depend on operators, mobile phone manufacturers, and network environments , security is fully autonomous. Encrypted (scrambled) voice information can be transmitted in analog lines and digital circuits, and can cover the communication environment of all standards including but not limited to 2G/3G/4G, completely eliminating the possibility of using Trojan horses to monitor during any transmission process .
请参阅图2至图4所示,本发明给出了如图2的基于蓝牙的安全通话系统的结构示意图,只需要定制蓝牙耳机,加入音频模拟信号加/解密模块即可实现。其结构图如图3,左侧为麦克风(MICIN)和扬声器(SPK输出),通过高速的数据缓存模块输入/输出正常的(非加密)语音信号。在数据缓存模块后端加入核心加/解密协处理、完成语音的加解密。消息管理模块在加解密完成后,能实现同步信号的产生和检测。右侧为发送端和接收端,能够将加密数据发送/接收至匹配手机。在协处理器中还有参数管理模块,用于处理加/解密的秘钥,该秘钥位于图下方的持久库中,并通过秘钥交换插件同步生成。Please refer to Fig. 2 to Fig. 4, the present invention provides a schematic structural diagram of a bluetooth-based secure call system as shown in Fig. 2, which can be realized only by customizing bluetooth earphones and adding an audio analog signal encryption/decryption module. Its structure diagram is shown in Figure 3. The microphone (MICIN) and speaker (SPK output) are on the left, and normal (non-encrypted) voice signals are input/output through the high-speed data buffer module. Add core encryption/decryption co-processing at the back end of the data cache module to complete voice encryption and decryption. After the encryption and decryption is completed, the message management module can realize the generation and detection of synchronous signals. The right side is the sender and receiver, which can send/receive encrypted data to the matching mobile phone. There is also a parameter management module in the coprocessor, which is used to process the encryption/decryption key, which is located in the persistent library below the figure and is synchronously generated through the key exchange plug-in.
加密过程:输入语音信号由MACIN到数据缓存模块,读取持久库实时交换秘钥,经过语音加密模块处理,输出为蓝牙信号,后经过手机以任何形式的传输方式发送。Encryption process: input voice signal from MACIN to data cache module, read the persistent library to exchange secret key in real time, process it through voice encryption module, output it as bluetooth signal, and send it through mobile phone in any form of transmission.
解密过程:读取手机端传送到蓝牙的音频信号,读取持久库实时交换秘钥,经过语音解密模块处理还原语音,通过数据缓存输出到SPK端。Decryption process: read the audio signal transmitted from the mobile phone to Bluetooth, read the real-time exchange secret key from the persistent library, process and restore the voice through the voice decryption module, and output it to the SPK terminal through the data cache.
消息管理模块:主要完成消息的接收和发送,MIC输入的声音,在消息管理模块的控制下,以PCM格式存储在消息体中,经过DSP处理程序后加密,消息以CVSD格式从天线发出,接收者在收到声音消息后,消息重定向到DSP处理程序解密,然后处理解密后的PCM语音,最终通过耳机播放,消息的传递贯穿于其中。Message management module: It mainly completes the receiving and sending of messages. The voice input by MIC is stored in the message body in PCM format under the control of the message management module. After being encrypted by the DSP processing program, the message is sent from the antenna in CVSD format and received After the reader receives the sound message, the message is redirected to the DSP processing program for decryption, and then the decrypted PCM voice is processed, and finally played through the earphone, and the transmission of the message runs through it.
本发明的加解密算法的一优选的实施例:A preferred embodiment of the encryption and decryption algorithm of the present invention:
语音模拟信号加/解密(扰)原理:Voice analog signal encryption/decryption (scrambling) principle:
1、人耳仅能识别特定频率范围的声音f1,声带只能发出特定频率范围的声音f2。当前研究支持的数据为20Hz<f1<20kHz,70Hz<f2<4kH。1. The human ear can only recognize sound f1 in a specific frequency range, and the vocal cords can only produce sound f2 in a specific frequency range. The data supported by current research are 20Hz<f1<20kHz, 70Hz<f2<4kH.
2、语音信号的变化较缓慢,尽管是模拟信号,依然可将信号分为长度10至20ms的语音帧,并且在每一帧内满足频谱稳定。所以可以利用FFT和分帧技术把模拟信号变换到频域上,从而对频域上的语音进行操作。2. The voice signal changes slowly. Although it is an analog signal, the signal can still be divided into voice frames with a length of 10 to 20 ms, and the frequency spectrum is stable within each frame. Therefore, FFT and framing technology can be used to transform the analog signal into the frequency domain, so as to operate on the voice in the frequency domain.
3、傅里叶变换需要满足f(t)是t的周期函数,在一个以2T为周期内f(X)连续或只有有限个第一类间断点,所以在处理音频时对每个变换到频域上的语音做对称变换的操作。3. The Fourier transform needs to satisfy that f(t) is a periodic function of t. In a period of 2T, f(X) is continuous or has only a limited number of first-type discontinuities. Therefore, when processing audio, each transformation to Speech in the frequency domain performs a symmetrical transformation operation.
4、使用高速数据缓存,将长度为L的信号S,利用FFT将其变换到频域上后得倒频谱序列P,且P的长度为L,将P通过秘钥加密至4kHz以上,扰乱信号和并不可破解。4. Using high-speed data cache, transform the signal S of length L into the frequency domain by using FFT to obtain the cepstrum sequence P, and the length of P is L, encrypt P to above 4kHz with the secret key, and disturb the signal and are unbreakable.
5、逆向过程,在高速数据缓存内使用逆向FFT还原为模拟信号。5. Reverse process, using reverse FFT in the high-speed data cache to restore the analog signal.
FFT是快速傅里叶变换,仅对变换性能做出改进。语音信号处理流程如图4:在此过程中,会产生音频信号信息的丢失,引起失真,但不影响通话质量,通过调整分帧,加密算法,FFT参数能够实现用户无感知。FFT is Fast Fourier Transform, which only improves the transform performance. The voice signal processing flow is shown in Figure 4: In this process, audio signal information will be lost, causing distortion, but it will not affect the quality of the call. By adjusting the framing, encryption algorithm, and FFT parameters, the user can achieve no perception.
通话双方的安全蓝牙耳机经过客户初始分组分配的连接密码和连接过程中的动态交换密码,能够严格的限制通话范围和实现互信互认:必须是同样分组并建立握手通讯的安全蓝牙耳机,才能建立其有效的动态加密通话。如果一方使用安全蓝牙耳机通话,而另一方直接使用手机或不符合要求的蓝牙耳机接听,将只能接听到无需的杂音或者无声音。The secure bluetooth earphones of both sides of the call can strictly limit the scope of the call and realize mutual trust and mutual recognition through the connection password assigned by the customer's initial grouping and the dynamic exchange password during the connection process: only the secure bluetooth earphones that are grouped in the same group and establish handshake communication can be established Its effective dynamic encrypted calls. If one party uses a secure Bluetooth headset to make a call, and the other party directly uses a mobile phone or a Bluetooth headset that does not meet the requirements to answer the call, only unnecessary noise or no sound will be heard.
数字证书基于公钥密码体制,用于标志接收者和发送者的一种证书,用于在网络流通中让别人识别自己的身份,主要用于密钥管理上,数字证书具有安全性和唯一性,在使用语音传输过程中,接收方会先收到发送方的数字证书,证书中包含了发送方的公开密钥,再使用这个公开密钥加密接收方产生的对称密钥,就组成了数字信封。接收方会先查看证书是否过期,发行服务器证书的CA是否可靠,发行者证书的公钥能否正确解开发送方证书的“发行者的数字签名”。如果符合要求,用户就可以用该证书里的公钥来验证发送方私钥的签名自己的语音。Digital certificates are based on the public key cryptography system, a certificate used to mark the receiver and sender, and used to allow others to identify themselves in network circulation. It is mainly used for key management. Digital certificates are secure and unique , in the process of using voice transmission, the receiver will first receive the sender's digital certificate, which contains the sender's public key, and then use this public key to encrypt the symmetric key generated by the receiver to form a digital certificate. envelope. The receiver will first check whether the certificate has expired, whether the CA that issued the server certificate is reliable, and whether the public key of the issuer's certificate can correctly unlock the "issuer's digital signature" of the sender's certificate. If the requirements are met, the user can use the public key in the certificate to verify the signature of the sender's private key.
具体的加密采用两种模式:The specific encryption adopts two modes:
1、自动同步模式。每次加密通话时,通话双方按照交换生成的共享随机秘钥进行同步滚动,用户无需设置秘钥,任何非认证的第三方也无法监听。1. Automatic synchronization mode. Every time an encrypted call is made, the two parties in the call perform synchronous scrolling according to the shared random secret key generated by the exchange. The user does not need to set the secret key, and any non-authenticated third party cannot monitor it.
2、随机协商模式。每次加密通话前,通话双方事先商定秘钥,然后在安全蓝牙耳机上输入自定义的起始秘钥,而最终的加密语音是通过起始秘钥经过混沌系统的运算秘钥进行加密。2. Random negotiation mode. Before each encrypted call, the two parties in the call agree on the secret key in advance, and then enter the custom initial secret key on the secure Bluetooth headset, and the final encrypted voice is encrypted through the initial secret key and the operation key of the chaotic system.
实际上随机模式是提供了随机种子或随机接口的动态模式,动态模式采用KKK算法,算法基本原理为:In fact, the random mode is a dynamic mode that provides a random seed or a random interface. The dynamic mode uses the KKK algorithm. The basic principle of the algorithm is:
1、设备双方随机选择初始秘密值,且互不知道秘密值,双方通过TPM的互学习使得秘密值达到同步,然后立即停止互学习,此时秘密值可以作为密钥。1. The two sides of the device randomly select the initial secret value, and do not know each other's secret value. The two parties synchronize the secret value through TPM mutual learning, and then stop mutual learning immediately. At this time, the secret value can be used as the key.
2、TPM(TreeParityMachine)是基于神经的网络互学习的秘钥算法,每一个秘钥协商方使用一个TPM,假设这两个TPM为A和B,非认证参与的第三方TPM用E表示。则其算法能够保证A、B计算到同样的秘钥而E不可。2. TPM (TreeParityMachine) is a secret key algorithm based on neural network mutual learning. Each key negotiating party uses one TPM. Assume that the two TPMs are A and B, and the non-authenticated third-party TPM is represented by E. Then its algorithm can guarantee that A and B can calculate the same secret key but E cannot.
为保障安全手机和普通手机在外网应用时通话的安全性,本发明通过集成定制的加/解密DSP模块的专用安全蓝牙耳机,设计并优化了一套新型具有抗量子随机缺失的、基于FFT(快速傅氏变换)和分帧技术的加解密算法,使用动态秘钥交换技术实现了蓝牙设备-蓝牙设备的互认互信,直接加密用户语音并针对移动通讯网络优化并进行冗余处理,保障加密语音在失真环境传输仍然能够有效识别。In order to ensure the security of calls between secure mobile phones and ordinary mobile phones when they are used on the external network, the present invention designs and optimizes a new set of anti-quantum random loss-based FFT ( Fast Fourier transform) and framing technology encryption and decryption algorithm, using dynamic secret key exchange technology to realize mutual recognition and mutual trust between Bluetooth devices and Bluetooth devices, directly encrypt user voice and optimize for mobile communication networks and perform redundant processing to ensure encryption Speech can still be recognized effectively when transmitted in a distorted environment.
采用了该发明中的,与现有技术相比,具有以下有益的技术效果:Compared with the prior art, the invention has the following beneficial technical effects:
1、蓝牙外接式设计能够在所有的智能设备上便利使用;1. Bluetooth external design can be used conveniently on all smart devices;
2、不依赖于数字加密方法,不存在类似破解、监听的安全隐患;2. It does not rely on digital encryption methods, and there are no security risks like cracking and monitoring;
3、嵌入的DSP模块能够减小系统延迟至用户无感知状态,不影响传输效率;3. The embedded DSP module can reduce the system delay to the state where the user does not perceive it, without affecting the transmission efficiency;
4、无需二次改造智能设备或网络拓扑结构,兼容性强;4. There is no need to modify the smart device or network topology structure twice, and the compatibility is strong;
5、直接使用模拟信号加/解密(扰)技术,不需要加入额外的A/D、D/A模块;5. Directly use analog signal encryption/decryption (scrambling) technology without adding additional A/D and D/A modules;
6、语音保真率可以体现出处理之后的语音与原来语音的相似程度,本发明加解密之后的语音保真率可以达到90%以上,接收方不会感觉到语音是经过处理的;加解密算法处理性能决定加密和解密处理的时间响应速度,并且影响语音保真率高低,本发明加解密过程可以稳定限制在100ms以内,接收者不会感觉到因为加解造成的时间延迟;秘钥有效期及秘钥更新周期为20s,同步动态秘钥的时序差在100ms内,密码同步连续有效次数大于500万次。6. The voice fidelity rate can reflect the similarity between the processed voice and the original voice. The voice fidelity rate after encryption and decryption of the present invention can reach more than 90%, and the receiver will not feel that the voice is processed; encryption and decryption Algorithm processing performance determines the time response speed of encryption and decryption processing, and affects the voice fidelity rate. The encryption and decryption process of the present invention can be stably limited within 100ms, and the receiver will not feel the time delay caused by encryption and decryption; the validity period of the secret key And the secret key update period is 20s, the timing difference of synchronous dynamic secret key is within 100ms, and the number of consecutive valid password synchronization is more than 5 million times.
在此说明书中,本发明已参照其特定的实施例作了描述。但是,很显然仍可以作出各种修改和变换而不背离本发明的精神和范围。因此,说明书和附图应被认为是说明性的而非限制性的。In this specification, the invention has been described with reference to specific embodiments thereof. However, it is obvious that various modifications and changes can be made without departing from the spirit and scope of the invention. Accordingly, the specification and drawings are to be regarded as illustrative rather than restrictive.
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510662488.9ACN105338475A (en) | 2015-10-14 | 2015-10-14 | Bluetooth-based safety conversation system and method |
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510662488.9ACN105338475A (en) | 2015-10-14 | 2015-10-14 | Bluetooth-based safety conversation system and method |
| Publication Number | Publication Date |
|---|---|
| CN105338475Atrue CN105338475A (en) | 2016-02-17 |
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510662488.9APendingCN105338475A (en) | 2015-10-14 | 2015-10-14 | Bluetooth-based safety conversation system and method |
| Country | Link |
|---|---|
| CN (1) | CN105338475A (en) |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105933893A (en)* | 2016-03-30 | 2016-09-07 | 苏州美天网络科技有限公司 | Data encryption system for bluetooth headset intercom system |
| CN106412812A (en)* | 2016-11-23 | 2017-02-15 | 建荣半导体(深圳)有限公司 | Bluetooth voice communication method, Bluetooth voice communication system and Bluetooth headset |
| ES2616116A1 (en)* | 2016-07-13 | 2017-06-09 | Álvaro DÍAZ BAÑO | Portable definition of audio fund through tls protocol (Machine-translation by Google Translate, not legally binding) |
| CN113328857A (en)* | 2021-07-01 | 2021-08-31 | 北京创联易讯科技有限公司 | Single-chip entrance guard type end-to-end voice cipher machine |
| CN114867012A (en)* | 2022-05-30 | 2022-08-05 | 北京启星微电子有限公司 | Encryption earphone and voice communication method thereof |
| CN115002751A (en)* | 2022-05-27 | 2022-09-02 | 立讯电子科技(昆山)有限公司 | Encryption and decryption method and encryption and decryption earphone |
| CN117640868A (en)* | 2024-01-23 | 2024-03-01 | 宁波菊风系统软件有限公司 | Intelligent double-recording system and method |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060198520A1 (en)* | 2002-12-20 | 2006-09-07 | Peter Courtney | Secure transmission of digital audio signals |
| CN102843677A (en)* | 2012-08-14 | 2012-12-26 | 福建伊时代信息科技股份有限公司 | Voice communication method, device and system |
| CN103986503A (en)* | 2014-05-16 | 2014-08-13 | 北京民芯科技有限公司 | Safety Bluetooth headset and voice communication method thereof |
| CN104954951A (en)* | 2015-07-01 | 2015-09-30 | 深圳市百特连通科技有限公司 | Bluetooth headset with voice encryption function and voice encryption method of Bluetooth headset |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060198520A1 (en)* | 2002-12-20 | 2006-09-07 | Peter Courtney | Secure transmission of digital audio signals |
| CN102843677A (en)* | 2012-08-14 | 2012-12-26 | 福建伊时代信息科技股份有限公司 | Voice communication method, device and system |
| CN103986503A (en)* | 2014-05-16 | 2014-08-13 | 北京民芯科技有限公司 | Safety Bluetooth headset and voice communication method thereof |
| CN104954951A (en)* | 2015-07-01 | 2015-09-30 | 深圳市百特连通科技有限公司 | Bluetooth headset with voice encryption function and voice encryption method of Bluetooth headset |
| Title |
|---|
| 杨春燕等: "《新特电子元器件应用手册》", 31 October 2004* |
| 陈援非等: "《深入浅出物联网实例教程》", 31 July 2015* |
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105933893A (en)* | 2016-03-30 | 2016-09-07 | 苏州美天网络科技有限公司 | Data encryption system for bluetooth headset intercom system |
| ES2616116A1 (en)* | 2016-07-13 | 2017-06-09 | Álvaro DÍAZ BAÑO | Portable definition of audio fund through tls protocol (Machine-translation by Google Translate, not legally binding) |
| CN106412812A (en)* | 2016-11-23 | 2017-02-15 | 建荣半导体(深圳)有限公司 | Bluetooth voice communication method, Bluetooth voice communication system and Bluetooth headset |
| CN113328857A (en)* | 2021-07-01 | 2021-08-31 | 北京创联易讯科技有限公司 | Single-chip entrance guard type end-to-end voice cipher machine |
| CN113328857B (en)* | 2021-07-01 | 2022-05-24 | 北京创联易讯科技有限公司 | Single-chip entrance guard type end-to-end voice cipher machine |
| CN115002751A (en)* | 2022-05-27 | 2022-09-02 | 立讯电子科技(昆山)有限公司 | Encryption and decryption method and encryption and decryption earphone |
| CN114867012A (en)* | 2022-05-30 | 2022-08-05 | 北京启星微电子有限公司 | Encryption earphone and voice communication method thereof |
| CN117640868A (en)* | 2024-01-23 | 2024-03-01 | 宁波菊风系统软件有限公司 | Intelligent double-recording system and method |
| CN117640868B (en)* | 2024-01-23 | 2024-08-16 | 宁波菊风系统软件有限公司 | Intelligent double-recording system and method |
| Publication | Publication Date | Title |
|---|---|---|
| CN105338475A (en) | Bluetooth-based safety conversation system and method | |
| JP5628399B2 (en) | Apparatus and method for virtual pairing using existing wireless connection key | |
| CN103731270B (en) | Communication data encryption and decryption method based on BBS, RSA and SHA-1 encryption algorithm | |
| CN105790854B (en) | A kind of short range data transmission method and device based on sound wave | |
| CN102843677A (en) | Voice communication method, device and system | |
| CN105681310A (en) | Bluetooth based voice source real-time voice encryption method | |
| CN105721492B (en) | Method, device and terminal for voice processing | |
| CN103973696B (en) | A kind of data processing method of voice call | |
| CN105471899A (en) | End-to-end voice encryption communication method and device for mobile terminals | |
| CN106471831A (en) | The method of configuration, the device of configuration and equipment | |
| CN112182624B (en) | Encryption method, encryption device, storage medium and electronic device | |
| CN105471876A (en) | Method and device for communication encryption | |
| CN106412812A (en) | Bluetooth voice communication method, Bluetooth voice communication system and Bluetooth headset | |
| TWI570711B (en) | Dynamic spectrum audio encryption device and method thereof | |
| CN101567885A (en) | Voice call device as well as system and method thereof | |
| CN212086458U (en) | Noise reduction earphone with safety communication function | |
| US20160119303A1 (en) | Information security attachment device for voice communication and information security method for voice communication using the same | |
| CN203537408U (en) | End-to-end voice communication privacy device with assignable secret key | |
| CN103401675A (en) | Paired earphone end-to-end communication scrambling-descrambling method, device and scrambling-descrambling earphone | |
| WO2012024904A1 (en) | Method and system for pre-accessing conference telephone and network side device | |
| CN104581711A (en) | Mobile terminal with communication encryption function as well as communication encryption method thereof | |
| CN103986711A (en) | Data processing method for voice communication | |
| CN115361616A (en) | Bluetooth headset with voice message encryption, sending and receiving functions | |
| CN204836595U (en) | Cell -phone with pronunciation encryption function | |
| CN202818616U (en) | Voice communication device and system |
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication | Application publication date:20160217 |