The invention relates to the communication field, in particular to a communication link protection method and device. The device comprises an equipment end and a calling end; the equipment end comprises a first generation module, a first sending module, a first receiving module, a second elliptic curve point generation module, a second link encryption key generation module, a second verification value generation module, a first judgment module, a first terminating module and a third verification value generation module; and the calling end comprises a second receiving module, a second generation module, a first elliptic curve point generation module, a first link encryption key generation module, a first verification value generation module, a fourth verification value generation module, asecond judgment module, a second terminating module and a second sending module. According to the device, factors of the calling end takes participate in the link encryption key negotiation process,and therefore the communication security is improved.