CN105262772A - Data transmission method, data transmission system and related apparatus for data transmission method and system - Google Patents
Data transmission method, data transmission system and related apparatus for data transmission method and system Download PDFInfo
- Publication number
- CN105262772A CN105262772A CN201510752718.0A CN201510752718A CN105262772A CN 105262772 A CN105262772 A CN 105262772A CN 201510752718 A CN201510752718 A CN 201510752718A CN 105262772 A CN105262772 A CN 105262772A
- Authority
- CN
- China
- Prior art keywords
- data
- key
- packet
- superencipher
- random
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0478—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
Abstract
The invention discloses a data transmission method, a data transmission system and a related apparatus for data transmission method and system, and is applied to the technical field of communication. In the method, a first communication device can generate a random secret key; the random secret key is used to perform secondary encryption of a data packet to be transmitted, wherein the data packet is encrypted primarily; and then a new data packet formed by the random secret key and the data packet to be transmitted after being encrypted is transmitted. Therefore, if the data packet after primary encryption only encrypts part of the content in the original data packet, the secondary encryption is performed by the method so that the safety of the transmitted data packet is further guaranteed; and as the dynamically generated random secret key is used to perform secondary encryption and a new data packet formed by the random secret key and the data after encryption is transmitted, the safety for encryption is further improved.
Description
Technical field
The present invention relates to communication technical field, particularly a kind of data transmission method, system and relevant apparatus.
Background technology
In existing data transmission procedure, in order to ensure the fail safe of data, generally can be encrypted the packet of transmission, such as adopting the method to whole Data Packet Encryption, or in order to simplify cryptographic algorithm, only the partial content of packet be encrypted.Wherein, when the partial content encryption to packet, a kind of method is had to be for information encryption important in packet, such as comprise header information 1, header information 2 and content-data at a packet, wherein header information 1 is fixed field, and header information 2 and content-data important, so only header information 2 and content-data are encrypted.But because the field in header information 1 is more fixing, with obvious feature, easily suffer the interception of fire compartment wall or router like this in the process of transfer of data, fail safe is poor.
Summary of the invention
The embodiment of the present invention provides a kind of data transmission method, system and relevant apparatus, achieves and carries out superencipher to packet to be transmitted.
The embodiment of the present invention provides a kind of data transmission method, comprising:
Generate random key, described random key comprises the encryption identification of data to be transmitted bag; Or, generate random key and described encryption identification; Described encryption identification is used to indicate and is encrypted described data to be transmitted bag;
With described random key, described data to be transmitted bag is encrypted;
By the described data to be transmitted bag composition new data packets after described random key and encryption, or, by the described data to be transmitted bag composition new data packets after described random key and encryption identification and encryption;
Transmit described new data packets.
The embodiment of the present invention provides a kind of data transmission method, comprising:
Receive packet, described packet comprises encryption identification;
If the encryption identification in described packet indicates described packet to carry out superencipher, decomposed by described packet, after decomposing, packet comprises the superencipher key of described packet and data to be decrypted;
Decrypt data to be decrypted according to described superencipher double secret key, and data after deciphering are deciphered again.
The embodiment of the present invention also provides a kind of communication equipment, comprising:
Key generating unit, for generating random key, described random key comprises the encryption identification of data to be transmitted bag; Or, generate random key and described encryption identification; Described encryption identification is used to indicate and is encrypted described data to be transmitted bag;
Ciphering unit, is encrypted described data to be transmitted bag for the random key generated with described Key generating unit;
Transmission unit, for forming new data packets with the described data to be transmitted bag after described random key and described encryption unit encrypts, or, by the described data to be transmitted bag composition new data packets after described random key and encryption identification and encryption, and transmit described new data packets.
The embodiment of the present invention also provides a kind of communication equipment, comprising:
Data receipt unit, for receiving packet, described packet comprises encryption identification;
Data decomposition unit, if indicate described packet to carry out superencipher for the encryption identification in the packet that described data receipt unit receives, decomposed by described packet, after decomposing, packet comprises the superencipher key of described packet and data to be decrypted;
Decryption unit, for decrypt data to be decrypted described in the superencipher double secret key that obtains according to described data decomposition unit, and deciphers again to data after deciphering.
The embodiment of the present invention also provides a kind of data communication system, comprises the first communication equipment and second communication sets, wherein:
Described first communication equipment comprises:
Key generating unit, for generating random key, described random key comprises the encryption identification of data to be transmitted bag; Or, generate random key and described encryption identification;
Ciphering unit, is encrypted described data to be transmitted bag for the random key generated with described Key generating unit;
Transmission unit, for forming new data packets with the described data to be transmitted bag after described random key and described encryption unit encrypts, or, by the described data to be transmitted bag composition new data packets after described random key and encryption identification and encryption, and transmit described new data packets;
Described second communication equipment comprises:
Data receipt unit, for receiving packet, described packet comprises encryption identification;
Data decomposition unit, if indicate described packet to carry out superencipher for the encryption identification in the packet that described data receipt unit receives, decomposed by described packet, after decomposing, packet comprises the superencipher key of described packet and data to be decrypted;
Decryption unit, for decrypt data to be decrypted described in the superencipher double secret key that obtains according to described data decomposition unit, and deciphers again to data after deciphering.
Visible, in the method for the present embodiment, first communication equipment can generate random key, then carries out superencipher with random key to the data to be transmitted bag once encrypted, and finally transmits according to the data to be transmitted bag composition new data packets after random key and encryption.If so once encrypt in the data to be transmitted obtained and just carried out the encryption of partial content to raw data packets, the method of the present embodiment is then adopted to carry out superencipher, ensure that the fail safe of the packet of transmission further, and the superencipher owing to using the random key dynamically generated to carry out in the present embodiment, and the new data packets that transmission random key and the data after encrypting form, further improve the fail safe of encryption.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
Fig. 1 is the flow chart of a kind of data transmission method that the embodiment of the present invention one provides;
Fig. 2 a is the schematic diagram after encrypting the header information 1 in packet to be transmitted in the embodiment of the present invention;
Fig. 2 b is the schematic diagram after being encrypted the partial content in packet to be transmitted in the embodiment of the present invention;
Fig. 2 c is the schematic diagram after being encrypted the overall content in packet to be transmitted in the embodiment of the present invention;
Fig. 3 is the flow chart of a kind of data transmission method that the embodiment of the present invention two provides;
Fig. 4 is the flow chart of a kind of data transmission method that the embodiment of the present invention three provides;
Fig. 5 is the structural representation of a kind of communication equipment that the embodiment of the present invention provides;
Fig. 6 is the structural representation of the another kind of communication equipment that the embodiment of the present invention provides;
Fig. 7 is the structural representation of the another kind of communication equipment that the embodiment of the present invention provides.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.
Term " first ", " second ", " the 3rd " " 4th " etc. (if existence) in specification of the present invention and claims and above-mentioned accompanying drawing are for distinguishing similar object, and need not be used for describing specific order or precedence.Should be appreciated that the data used like this can be exchanged in the appropriate case, so as embodiments of the invention described herein such as can with except here diagram or describe those except order implement.In addition, term " comprises " and " having " and their any distortion, intention is to cover not exclusive comprising, such as, contain those steps or unit that the process of series of steps or unit, method, system, product or equipment is not necessarily limited to clearly list, but can comprise clearly do not list or for intrinsic other step of these processes, method, product or equipment or unit.
The embodiment of the present invention one
There is provided a kind of data transmission method, the method mainly performed by one end communication equipment (such as the first communication equipment) of transmission data, flow chart as shown in Figure 1, comprising:
Step 101, generate random key, random key comprises the encryption identification of data to be transmitted bag; Or generate random key and encryption identification, wherein, encryption identification is used to indicate and is encrypted packet to be transmitted.
Be appreciated that, when the first communication equipment is to second communication equipment transmission data, need first once to encrypt the packet of transmission, form data to be transmitted bag, here once encryption can only be encrypted for content important in packet such as header information 2 and content-data, does not repeat at this; And then superencipher is carried out to packet to be transmitted, the method that the step 101 to 103 in the present embodiment method is transmitted after carrying out superencipher to packet to be transmitted exactly.Wherein, encryption identification is used to indicate to be encrypted packet to be transmitted, and this encryption identification can represent by partial bytes in random key, namely in random key, encryption identification is included, or this encryption identification is independent of random key, do not comprise encryption identification in the random key that such first communication equipment generates, also need to generate encryption identification in addition.
Step 102, is encrypted packet to be transmitted with random key.
Particularly, the first communication equipment can be encrypted by the overall content of random key to packet to be transmitted; Or in another case, the first communication equipment can be encrypted with the partial content of random key to packet to be transmitted.When being encrypted data to be transmitted, need certain cryptographic algorithm, such as Advanced Encryption Standard (AdvancedEncryptionStandard, AES), RC4 cryptographic algorithm or efficient cryptographic algorithm (TinyEncryptionAlgorithm, TEA) etc.
Such as, suppose that unencrypted header information 1 drawn together by the data to be transmitted handbag after once encrypting, the header information 2 of encryption and the content-data of encryption, wherein header information 1 is fixed field, be mainly used for the command number distinguishing the command type that communication two ends (i.e. the first communication equipment and second communication equipment) is transmitted, version number etc., header information 2 information that mainly user account etc. is important.When carrying out superencipher to packet to be transmitted, shown in figure 2a, only can carry out superencipher to header information 1 with random key; Or with reference to shown in figure 2b, superencipher can be carried out with random key to header information 1 and header information 2; Or with reference to shown in figure 2c, superencipher can be carried out by the overall content of random key to packet to be transmitted.
Step 103, if step 101 generates the random key comprising encryption identification, then by the data to be transmitted bag composition new data packets after random key and encryption, if step 101 generates random key and encryption identification, then by the data to be transmitted bag composition new data packets after random key and encryption identification and encryption, and transmission new data packets.
It should be noted that, above-mentioned steps 101 and 103 is after at the first communication equipment and second communication equipment, the enciphered message to the packet transmitted consults, data transmission method performed by first communication equipment, in the negotiations process of enciphered message, first communication equipment can obtain the length of random key, to the cryptographic algorithm that packet to be transmitted is encrypted, the information such as the first communication equipment and the command number required for second communication devices communicating can also be obtained.
Visible, in the method for the present embodiment, first communication equipment can generate random key, then carries out superencipher with random key to the data to be transmitted bag once encrypted, and finally transmits according to the data to be transmitted bag composition new data packets after random key and encryption.If so once encrypt in the data to be transmitted obtained and just carried out the encryption of partial content to raw data packets, and adopt the method for the present embodiment to carry out superencipher, ensure that the fail safe of the packet of transmission further, and the superencipher owing to using the random key dynamically generated to carry out in the present embodiment, and the new data packets that transmission random key and the data after encrypting form, further improve the fail safe of encryption.
In a specific embodiment, when the first communication equipment generates and comprises the random key of encryption identification in execution above-mentioned steps 101, specifically can realize as follows:
Steps A 1, generates the random number of n byte, be designated as [K0, K1 ..., K (n)].
Step B1, if the command number in the first byte random number hit data to be transmitted bag in random number, the first byte random number is replaced by the second byte random number, using the random number after replacement as random key, wherein, second byte random number is not included in the random number of n byte of above-mentioned generation, and the first byte random number can be the arbitrary byte random number in the random number of n byte.
The command number supposing data to be transmitted bag for [C0, C1 ..., C (i)], if the first byte random number K0 hits [C0, C1, ..., C (i)] in any one, then generate the second byte random number, particularly, can be created on [0, C0) the random number M of 1 byte in scope, then replace K0 with M, then the final random key generated is [M, K1, ..., K (N)], like this can with this random number M as encryption identification.Make the random key made number one avoid command number, whether the new data packets that so just just can be determined transmission by the random key made number one has carried out superencipher.
The embodiment of the present invention two
A kind of data transmission method is provided, mainly by the other end communication equipment (such as second communication equipment) of transmission data, the method performed by namely corresponding with above-mentioned first communication equipment other end communication equipment, flow chart as shown in Figure 3, comprising:
Step 201, receives the packet that the first communication equipment sends, comprises encryption identification in the packet.
Step 202, judges whether the encryption identification designation data bag in packet has carried out superencipher, if so, then performs step 203, if not, then packet is once deciphered.
Step 203, decomposes packet, and after decomposing, packet comprises: the superencipher key of packet and data to be decrypted.
Step 204, according to superencipher double secret key decrypt data to be decrypted, afterwards, also needs again to decipher data after deciphering.
Particularly, if include encryption identification in superencipher key, then second communication equipment can using the byte data of n before packet as superencipher key, using the data outside superencipher key in packet as described data to be decrypted.If do not comprise encryption identification in superencipher key, then packet can be divided into by second communication equipment: encryption identification, superencipher key and data to be decrypted.
The byte stream supposing the packet that second communication equipment receives is [B0, B1, ..., B (n)], if encryption identification B0 hits command number [C0, C1, ..., Ci] in any one, then determine not carry out superencipher to packet, if hit, then do not determine to have carried out superencipher to packet.Further, if determine to have carried out superencipher to packet, then packet is divided into the data [B0 of n byte length, B1 ..., B (N)] as superencipher key, and the data [B (N+1) in packet outside superencipher key, B (N+2) ..., B (N)] as data to be decrypted.
It should be noted that, above-mentioned steps 201 and 204 is after at the first communication equipment and second communication equipment, the enciphered message to the packet transmitted consults, data transmission method performed by second communication equipment, in the negotiations process of enciphered message, second communication equipment can obtain the length of superencipher key, to the decipherment algorithm utilizing described superencipher double secret key packet to be decrypted, the information such as the first communication equipment and the command number required for second communication devices communicating can also be obtained.
Visible, in the method for the present embodiment, second communication equipment is receiving packet, if the encryption identification in packet indicates packet carried out superencipher, then packet is decomposed and obtain the superencipher key of packet and data to be decrypted, then according to superencipher double secret key decrypt data to be decrypted, and data after deciphering are deciphered again.If so once encrypt in the data to be transmitted obtained and just carried out the encryption of partial content to raw data packets, then adopt the data packet transmission of carrying out superencipher in the method for the present embodiment, ensure that the fail safe of the packet of transmission further, and the superencipher owing to using the random key dynamically generated to carry out in the present embodiment, and the new data packets that transmission random key and the data after encrypting form, further improve the fail safe of encryption.
Following examples three illustrate data transmission method of the present invention with concrete application example, shown in figure 4, the embodiment of the present invention is mainly to the transmission of VoP, and in the present embodiment, the first communication equipment is voice client, second communication equipment is voice server, particularly:
Step 301, voice client sends to signal server the request of foundation, and request is set up and is connected with the call between voice server.
Step 302, signal server sends configuring request to voice server, the information of the superencipher of the VoP transmitted between request configured voice client and voice server, such as the need of the information of carrying out superencipher, the mutual command number needed between voice client and voice server, the length of random key, and the information such as superencipher algorithm.
The information of superencipher is configured to voice client by signal server by voice server.
Step 303, voice client, by needing the VoP of transmission after embodiment one carries out superencipher according to the method described above, is transferred to voice server.
Step 304, after voice server receives VoP, can embodiment two be decrypted according to the method described above.
The embodiment of the present invention also provides a kind of communication equipment, the first namely above-mentioned communication equipment, and its structural representation as shown in Figure 5, specifically can comprise:
Key generating unit 10, for generating random key, described random key comprises the encryption identification of data to be transmitted bag; Or, generate random key and described encryption identification; Described encryption identification is used to indicate and is encrypted described data to be transmitted bag;
If described data to be transmitted bag comprises the command number of the command type of communication two ends transmission, Key generating unit 10 is specifically for generating the random number of n byte; If the first byte random number in described random number hits the command number in described data to be transmitted bag, replace described first byte random number by the second byte random number, using the random number after replacement as described random key; Wherein, described second byte random number is not included in the random number of a described n byte.
Ciphering unit 11, is encrypted described data to be transmitted bag for the random key generated with described Key generating unit 10.This ciphering unit 11 random key, and use certain cryptographic algorithm to be encrypted packet to be transmitted.
Described ciphering unit 11, specifically for being encrypted by the overall content of described random key to described data to be transmitted bag; Or described ciphering unit 11, specifically for being encrypted with the partial content of described random key to described data to be transmitted bag.
Transmission unit 12, described data to be transmitted bag composition new data packets after encrypting for the random key that generates with described Key generating unit 10 and described ciphering unit 11, or, by the described data to be transmitted bag composition new data packets after described random key and encryption identification and encryption, and transmit described new data packets.
Further, with reference to the dotted portion in figure 5, the communication equipment in the present embodiment can also comprise: information acquisition unit 13, for obtaining the length of random key, and to the cryptographic algorithm that described data to be transmitted bag is encrypted.And the command number that this information acquisition unit 13 is used when can also obtain communication equipment and the second communication devices communicating of the present embodiment, generate random key to facilitate Key generating unit 10.Like this, Key generating unit 10 just generates random key according to the length of the random key of information acquisition unit 13 acquisition, and the cryptographic algorithm that ciphering unit 11 obtains according to this information acquisition unit 13 carries out superencipher to packet to be transmitted.
Visible, in the communication equipment of the present embodiment, Key generating unit 10 can generate random key, then ciphering unit 11 random key carries out superencipher to the data to be transmitted bag once encrypted, and last transmission unit 12 transmits according to the data to be transmitted bag composition new data packets after random key and encryption.If so once encrypt in the data to be transmitted obtained and just carried out the encryption of partial content to raw data packets, and adopt the equipment of the present embodiment to carry out superencipher, ensure that the fail safe of the packet of transmission further, and the superencipher owing to using the random key dynamically generated to carry out in the present embodiment, and the new data packets that transmission random key and the data after encrypting form, further improve the fail safe of encryption.
The embodiment of the present invention also provides a kind of communication equipment, namely above-mentioned second communication equipment, and its structural representation as shown in Figure 6, specifically can comprise:
Data receipt unit 20, for receiving packet, described packet comprises encryption identification.
Data decomposition unit 21, if indicate described packet to carry out superencipher for the encryption identification in the packet that described data receipt unit 20 receives, decomposed by described packet, after decomposing, packet comprises the superencipher key of described packet and data to be decrypted; If do not comprise encryption identification in superencipher key, then packet can be divided into by data decomposition unit 21: encryption identification, superencipher key and data to be decrypted.
Decryption unit 22, for decrypt data to be decrypted described in the superencipher double secret key that obtains according to described data decomposition unit 21, and deciphers again to data after deciphering.
Particularly, if superencipher key comprises the encryption identification in the packet of described data receipt unit 20 reception; Described data decomposition unit 21, specifically for using n byte data before described packet as described superencipher key, using the data outside superencipher key described in described packet as described data to be decrypted; A described n byte is the length of described superencipher key.
Further, with reference to the dotted portion shown in figure 6, the communication equipment of the present embodiment can also comprise decryption information acquiring unit 23, for obtaining the length of described superencipher key, and utilizes the decipherment algorithm that described in described superencipher double secret key, packet is decrypted.And the command number that this decryption information acquiring unit 23 is used when can also obtain communication equipment and first communication apparatus communication of the present embodiment.Like this, the length of superencipher key that data decomposition unit 21 just obtains according to decryption information acquiring unit 23 carrys out decomposition data bag, and decryption unit 22 is treated data decryption according to the decipherment algorithm that this decryption information acquiring unit 23 obtains and is decrypted.
In the communication equipment of the present embodiment, data receipt unit 20 is receiving packet, if the encryption identification in packet indicates packet carried out superencipher, then packet decomposition is obtained the superencipher key of packet and data to be decrypted by data decomposition unit 21, then decryption unit 22 is according to superencipher double secret key decrypt data to be decrypted, and again deciphers data after deciphering.If so once encrypt in the data to be transmitted obtained and just carried out the encryption of partial content to raw data packets, then the communication equipment of the present embodiment and the first communication equipment carry out the data packet transmission of superencipher, ensure that the fail safe of the packet of transmission further, and the superencipher owing to using the random key dynamically generated to carry out in the present embodiment, and the new data packets that transmission random key and the data after encrypting form, further improve the fail safe of encryption.
The embodiment of the present invention also provides a kind of communication equipment, its structural representation as shown in Figure 7, this communication equipment can produce larger difference because of configuration or performance difference, one or more central processing units (centralprocessingunits can be comprised, CPU) 30 (such as, one or more processors) and memory 31, one or more store the storage medium 32 (such as one or more mass memory units) of application program 321 or data 322.Wherein, memory 31 and storage medium 32 can be of short duration storages or store lastingly.The program being stored in storage medium 32 can comprise one or more modules (diagram does not mark), and each module can comprise a series of command operatings in communication equipment.Further, central processing unit 30 can be set to communicate with storage medium 32, performs a series of command operatings in storage medium 32 on a communications device.
Communication equipment also comprises one or more power supplys 33, one or more wired or wireless network interfaces 34, one or more input/output interfaces 35, and/or, one or more operating system 323, such as WindowsServerTM, MacOSXTM, UnixTM, LinuxTM, FreeBSDTM etc.
The step performed by the first communication equipment described in said method embodiment one can based on the structure of the communication equipment shown in this Fig. 7, and the step performed by second communication equipment described in said method embodiment two also can based on the structure of the communication equipment shown in this Fig. 7.
The embodiment of the present invention also provides a kind of data transmission system, mainly comprise the first communication equipment and second communication equipment, wherein the structure of the first communication equipment can the structure of communication equipment as shown in above-mentioned Fig. 5 or Fig. 7, the structure of second communication equipment can the structure of communication equipment as shown in above-mentioned Fig. 6 or Fig. 7, does not repeat at this.
One of ordinary skill in the art will appreciate that all or part of step in the various methods of above-described embodiment is that the hardware that can carry out instruction relevant by program has come, this program can be stored in a computer-readable recording medium, and storage medium can comprise: read-only memory (ROM), random access memory ram), disk or CD etc.
Above data transmission method, system and relevant device that the embodiment of the present invention provides are described in detail, apply specific case herein to set forth principle of the present invention and execution mode, the explanation of above embodiment just understands method of the present invention and core concept thereof for helping; Meanwhile, for one of ordinary skill in the art, according to thought of the present invention, all will change in specific embodiments and applications, in sum, this description should not be construed as limitation of the present invention.
Claims (15)
1. a data transmission method, is characterized in that, comprising:
Generate random key, described random key comprises the encryption identification of data to be transmitted bag; Or, generate random key and described encryption identification; Described encryption identification is used to indicate and is encrypted described data to be transmitted bag;
With described random key, described data to be transmitted bag is encrypted;
By the described data to be transmitted bag composition new data packets after described random key and encryption, or, by the described data to be transmitted bag composition new data packets after described random key and encryption identification and encryption;
Transmit described new data packets.
2. the method for claim 1, is characterized in that, described data to be transmitted bag comprises the command number of the command type of communication two ends transmission, described generation random key, and described random key comprises the encryption identification of data to be transmitted bag, specifically comprises:
Generate the random number of n byte, a described n byte is the length of described random key;
If the first byte random number in described random number hits the command number in described data to be transmitted bag, replace described first byte random number by the second byte random number, using the random number after replacement as described random key;
Wherein, described second byte random number is not included in the random number of a described n byte.
3. the method for claim 1, is characterized in that, is describedly encrypted described data to be transmitted bag with described random key, specifically comprises:
Be encrypted by the overall content of described random key to described data to be transmitted bag;
Or, be encrypted with the partial content of described random key to described data to be transmitted bag.
4. the method as described in any one of claims 1 to 3, is characterized in that, described generation random key, and described random key comprises the encryption identification of data to be transmitted bag; Or, before generating random key and described encryption identification, also comprise:
Obtain the length of random key, and to the cryptographic algorithm that described data to be transmitted bag is encrypted.
5. a data transmission method, is characterized in that, comprising:
Receive packet, described packet comprises encryption identification;
If the encryption identification in described packet indicates described packet to carry out superencipher, decomposed by described packet, after decomposing, packet comprises the superencipher key of described packet and data to be decrypted;
Decrypt data to be decrypted according to described superencipher double secret key, and data after deciphering are deciphered again.
6. method as claimed in claim 5, it is characterized in that, described superencipher key comprises described encryption identification, then described described packet to be decomposed, after decomposing, packet comprises the superencipher key of described packet and data to be decrypted, specifically comprise: using n byte data before described packet as described superencipher key, using the data outside superencipher key described in described packet as described data to be decrypted;
A described n byte is the length of described superencipher key.
7. the method as described in claim 5 or 6, is characterized in that, before described reception packet, also comprises:
Obtain the length of described superencipher key, and utilize the decipherment algorithm that described in described superencipher double secret key, packet is decrypted.
8. a communication equipment, is characterized in that, comprising:
Key generating unit, for generating random key, described random key comprises the encryption identification of data to be transmitted bag; Or, generate random key and described encryption identification; Described encryption identification is used to indicate and is encrypted described data to be transmitted bag;
Ciphering unit, is encrypted described data to be transmitted bag for the random key generated with described Key generating unit;
Transmission unit, for forming new data packets with the described data to be transmitted bag after described random key and described encryption unit encrypts, or, by the described data to be transmitted bag composition new data packets after described random key and encryption identification and encryption, and transmit described new data packets.
9. equipment as claimed in claim 8, is characterized in that,
If described data to be transmitted bag comprises the command number of the command type of communication two ends transmission, described Key generating unit, specifically for generating the random number of n byte; If the first byte random number in described random number hits the command number in described data to be transmitted bag, replace described first byte random number by the second byte random number, using the random number after replacement as described random key;
Wherein, described second byte random number is not included in the random number of a described n byte.
10. equipment as claimed in claim 8, is characterized in that,
Described ciphering unit, specifically for being encrypted by the overall content of described random key to described data to be transmitted bag; Or described ciphering unit, specifically for being encrypted with the partial content of described random key to described data to be transmitted bag.
11. equipment as described in any one of claim 8 to 10, is characterized in that, also comprise:
Information acquisition unit, for obtaining the length of random key, and to the cryptographic algorithm that described data to be transmitted bag is encrypted.
12. 1 kinds of communication equipments, is characterized in that, comprising:
Data receipt unit, for receiving packet, described packet comprises encryption identification;
Data decomposition unit, if indicate described packet to carry out superencipher for the encryption identification in the packet that described data receipt unit receives, decomposed by described packet, after decomposing, packet comprises the superencipher key of described packet and data to be decrypted;
Decryption unit, for decrypt data to be decrypted described in the superencipher double secret key that obtains according to described data decomposition unit, and deciphers again to data after deciphering.
13. equipment as claimed in claim 12, is characterized in that,
Described superencipher key comprises described encryption identification; Described data decomposition unit, specifically for using n byte data before described packet as described superencipher key, using the data outside superencipher key described in described packet as described data to be decrypted;
A described n byte is the length of described superencipher key.
14. equipment as described in claim 12 or 13, is characterized in that, also comprise:
Decryption information acquiring unit, for obtaining the length of described superencipher key, and utilizes the decipherment algorithm that described in described superencipher double secret key, packet is decrypted.
15. 1 kinds of data communication systems, it is characterized in that, comprise the first communication equipment and second communication sets, wherein said first communication equipment is the communication equipment as described in any one of claim 8 to 11, and described second communication equipment is the communication equipment as described in any one of claim 12 to 14.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510752718.0A CN105262772B (en) | 2015-11-06 | 2015-11-06 | Data transmission method, system and related device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510752718.0A CN105262772B (en) | 2015-11-06 | 2015-11-06 | Data transmission method, system and related device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN105262772A true CN105262772A (en) | 2016-01-20 |
| CN105262772B CN105262772B (en) | 2020-03-17 |
Family
ID=55102277
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510752718.0A Active CN105262772B (en) | 2015-11-06 | 2015-11-06 | Data transmission method, system and related device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105262772B (en) |
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105743917A (en) * | 2016-04-05 | 2016-07-06 | 腾讯科技(深圳)有限公司 | Message transmitting method and terminal |
| CN106303584A (en) * | 2016-08-10 | 2017-01-04 | 北京蛙视通信技术股份有限公司 | The audio, video data of transmission is carried out encipher-decipher method |
| CN107733841A (en) * | 2016-08-12 | 2018-02-23 | 阿里巴巴集团控股有限公司 | Method for message transmission and device based on multi-enciphering |
| CN108322776A (en) * | 2018-02-02 | 2018-07-24 | 深圳爱影科技有限公司 | Virtual reality cinema release system |
| CN108667599A (en) * | 2018-05-21 | 2018-10-16 | 平安科技(深圳)有限公司 | Encryption method, device, computer equipment and storage medium |
| CN108769740A (en) * | 2018-06-05 | 2018-11-06 | 苏州科达科技股份有限公司 | Video data encrypted transmission method, system, equipment and storage medium |
| WO2018214108A1 (en) * | 2017-05-25 | 2018-11-29 | 深圳市伊特利网络科技有限公司 | Secure implementation method and system for network link |
| CN110636031A (en) * | 2018-06-21 | 2019-12-31 | 视联动力信息技术股份有限公司 | Video conference data processing method and device |
| CN110751821A (en) * | 2019-11-14 | 2020-02-04 | 华南理工大学广州学院 | RGB (Red Green blue) collector based on wifi (Wireless Fidelity) transmission and collecting method |
| CN110944009A (en) * | 2019-12-13 | 2020-03-31 | 武汉理工光科股份有限公司 | Data dynamic encryption communication method and system based on two-wire system communication |
| CN111147461A (en) * | 2019-12-13 | 2020-05-12 | 北京像素软件科技股份有限公司 | Data transmission method, device, server and user terminal |
| CN111355645A (en) * | 2020-03-06 | 2020-06-30 | 海信(广东)空调有限公司 | Household appliance, cloud server and corresponding data transmission method thereof |
| CN112565656A (en) * | 2020-11-27 | 2021-03-26 | Oppo广东移动通信有限公司 | Video call method, device, system, electronic equipment and storage medium |
| CN113935059A (en) * | 2021-12-16 | 2022-01-14 | 国网浙江省电力有限公司杭州供电公司 | Dynamic encryption method and device suitable for financial data and storage medium |
| CN115866299A (en) * | 2022-11-22 | 2023-03-28 | 航天信息股份有限公司 | Video tamper-proofing method and device, electronic equipment and storage medium |
| CN116032662A (en) * | 2023-03-24 | 2023-04-28 | 中瑞科技术有限公司 | Interphone data encryption transmission system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101309138A (en) * | 2007-05-14 | 2008-11-19 | 三星电子株式会社 | Encryption-based security protection method for processor and apparatus thereof |
| US20110145573A1 (en) * | 2005-11-21 | 2011-06-16 | International Business Machines Corporation | System for secure packet communication |
| CN104009841A (en) * | 2014-06-20 | 2014-08-27 | 天津理工大学 | Message encrypting method under instant messaging situation |
| WO2015135063A1 (en) * | 2014-03-10 | 2015-09-17 | Xiaoyan Qian | System and method for secure deposit and recovery of secret data |
-
2015
- 2015-11-06 CN CN201510752718.0A patent/CN105262772B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20110145573A1 (en) * | 2005-11-21 | 2011-06-16 | International Business Machines Corporation | System for secure packet communication |
| CN101309138A (en) * | 2007-05-14 | 2008-11-19 | 三星电子株式会社 | Encryption-based security protection method for processor and apparatus thereof |
| WO2015135063A1 (en) * | 2014-03-10 | 2015-09-17 | Xiaoyan Qian | System and method for secure deposit and recovery of secret data |
| CN104009841A (en) * | 2014-06-20 | 2014-08-27 | 天津理工大学 | Message encrypting method under instant messaging situation |
Cited By (24)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105743917A (en) * | 2016-04-05 | 2016-07-06 | 腾讯科技(深圳)有限公司 | Message transmitting method and terminal |
| CN105743917B (en) * | 2016-04-05 | 2020-05-19 | 腾讯科技(深圳)有限公司 | Message transmission method and terminal |
| CN106303584A (en) * | 2016-08-10 | 2017-01-04 | 北京蛙视通信技术股份有限公司 | The audio, video data of transmission is carried out encipher-decipher method |
| CN107733841A (en) * | 2016-08-12 | 2018-02-23 | 阿里巴巴集团控股有限公司 | Method for message transmission and device based on multi-enciphering |
| CN107733841B (en) * | 2016-08-12 | 2021-01-26 | 阿里巴巴集团控股有限公司 | Message transmission method and device based on multiple encryption |
| WO2018214108A1 (en) * | 2017-05-25 | 2018-11-29 | 深圳市伊特利网络科技有限公司 | Secure implementation method and system for network link |
| CN108322776A (en) * | 2018-02-02 | 2018-07-24 | 深圳爱影科技有限公司 | Virtual reality cinema release system |
| WO2019223170A1 (en) * | 2018-05-21 | 2019-11-28 | 平安科技(深圳)有限公司 | Encryption method and apparatus, and computer device and storage medium |
| CN108667599A (en) * | 2018-05-21 | 2018-10-16 | 平安科技(深圳)有限公司 | Encryption method, device, computer equipment and storage medium |
| CN108769740A (en) * | 2018-06-05 | 2018-11-06 | 苏州科达科技股份有限公司 | Video data encrypted transmission method, system, equipment and storage medium |
| CN110636031A (en) * | 2018-06-21 | 2019-12-31 | 视联动力信息技术股份有限公司 | Video conference data processing method and device |
| CN110636031B (en) * | 2018-06-21 | 2022-05-17 | 视联动力信息技术股份有限公司 | Video conference data processing method and device |
| CN110751821A (en) * | 2019-11-14 | 2020-02-04 | 华南理工大学广州学院 | RGB (Red Green blue) collector based on wifi (Wireless Fidelity) transmission and collecting method |
| CN110944009A (en) * | 2019-12-13 | 2020-03-31 | 武汉理工光科股份有限公司 | Data dynamic encryption communication method and system based on two-wire system communication |
| CN111147461B (en) * | 2019-12-13 | 2022-01-11 | 北京像素软件科技股份有限公司 | Data transmission method, device, server and user terminal |
| CN110944009B (en) * | 2019-12-13 | 2022-03-18 | 武汉理工光科股份有限公司 | Data dynamic encryption communication method and system based on two-wire system communication |
| CN111147461A (en) * | 2019-12-13 | 2020-05-12 | 北京像素软件科技股份有限公司 | Data transmission method, device, server and user terminal |
| CN111355645A (en) * | 2020-03-06 | 2020-06-30 | 海信(广东)空调有限公司 | Household appliance, cloud server and corresponding data transmission method thereof |
| CN112565656A (en) * | 2020-11-27 | 2021-03-26 | Oppo广东移动通信有限公司 | Video call method, device, system, electronic equipment and storage medium |
| CN113935059A (en) * | 2021-12-16 | 2022-01-14 | 国网浙江省电力有限公司杭州供电公司 | Dynamic encryption method and device suitable for financial data and storage medium |
| CN113935059B (en) * | 2021-12-16 | 2022-03-15 | 国网浙江省电力有限公司杭州供电公司 | Dynamic encryption method and device suitable for financial data and storage medium |
| CN115866299A (en) * | 2022-11-22 | 2023-03-28 | 航天信息股份有限公司 | Video tamper-proofing method and device, electronic equipment and storage medium |
| CN116032662A (en) * | 2023-03-24 | 2023-04-28 | 中瑞科技术有限公司 | Interphone data encryption transmission system |
| CN116032662B (en) * | 2023-03-24 | 2023-06-16 | 中瑞科技术有限公司 | Interphone data encryption transmission system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN105262772B (en) | 2020-03-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105262772A (en) | Data transmission method, data transmission system and related apparatus for data transmission method and system | |
| CN105577364B (en) | A kind of encryption method, decryption method and relevant apparatus | |
| CN108510270B (en) | Mobile transfer method with safe quantum | |
| Boakye-Boateng et al. | Encryption protocol for resource-constrained devices in fog-based IoT using one-time pads | |
| CN105553951A (en) | Data transmission method and data transmission device | |
| CN102035845B (en) | Switching equipment for supporting link layer secrecy transmission and data processing method thereof | |
| EP2034778A3 (en) | Method and apparatus for providing security in wireless communication networks | |
| CN101707767B (en) | Data transmission method and devices | |
| CN102013975B (en) | Secret key management method and system | |
| CN105357218A (en) | Router with hardware encryption and decryption function and encryption and decryption method of router | |
| CN101103586A (en) | Apparatus and method for ciphering/deciphering a signal in acommunication system | |
| KR101608815B1 (en) | Method and system for providing service encryption in closed type network | |
| CN104202158A (en) | Symmetric and asymmetric hybrid data encryption/decryption method based on cloud computing | |
| CN103580851A (en) | Information encryption and decryption method | |
| CN108111308A (en) | One kind is based on the encrypted industry internet communication encryption method of dynamic random | |
| KR20180096189A (en) | LPWA Module performing Encrypted Communication and method thereof | |
| CN101867471A (en) | Irrational number based DES authentication encryption algorithm | |
| CN113193958B (en) | Quantum key service method and system | |
| Diallo et al. | A secure authentication scheme for bluetooth connection | |
| CN107659405A (en) | The encrypting and decrypting method that data communicate between a kind of transformer station boss station | |
| CN112184967A (en) | Unlocking method and system for power distribution net cage | |
| CN115967790A (en) | Monitoring system and monitoring data encryption transmission method | |
| KR101934899B1 (en) | Authenticated encryption device and method thereof | |
| CN109410394A (en) | A kind of method for sending information and information transmitting system of intelligent door lock | |
| Seo et al. | Network and data link layer security for DASH7 |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |