摘要 |
Embodiments of the present invention provide a method, a device, and a system for establishing a secure connection. The method includes: securely obtaining, by a first device, a first public key estimated value of a second device in an out-of-band manner; encrypting an asymmetric encryption public key by using the first public key estimated value; sending the encrypted asymmetric encryption public key to the second device; receiving an encrypted first key-exchange public key sent by the second device; decrypting the encrypted first key-exchange public key by using an asymmetric encryption private key; performing, by using a preset algorithm, an operation based on the decrypted first key-exchange public key, to obtain a second public key estimated value; and when the first public key estimated value is consistent with the second public key estimated value, determining that the decrypted first key-exchange public key is correct, generating a shared key by using a key-exchange private key and the first key-exchange public key, and establishing a secure connection to the second device by using the shared key. The present invention solves a problem of poor security of a network connection between devices in the prior art. The present invention relates to the field of mobile communications technologies. |