CN106130999A - Data transmission method, apparatus and system - Google Patents

Data transmission method, apparatus and system Download PDF

Info

Publication number
CN106130999A
CN106130999A CN201610513903.9A CN201610513903A CN106130999A CN 106130999 A CN106130999 A CN 106130999A CN 201610513903 A CN201610513903 A CN 201610513903A CN 106130999 A CN106130999 A CN 106130999A
Authority
CN
China
Prior art keywords
data
transmitted
encryption
hardware
encrypted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610513903.9A
Other languages
Chinese (zh)
Inventor
曹明革
刘健皓
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Qizhi Software Beijing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd, Qizhi Software Beijing Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Priority to CN201610513903.9A priority Critical patent/CN106130999A/en
Publication of CN106130999A publication Critical patent/CN106130999A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a kind of data transmission method, Apparatus and system, relate to areas of information technology, it is possible to promote encryption efficiency and the safety of data transmission of data to be transmitted.Described method includes: the data to be transmitted that receiving terminal apparatus sends;By preset hardware cipher mode, described data to be transmitted is encrypted;Data after encryption are sent to described terminal unit, in order to described terminal unit transmits the data after described encryption.The present invention is applicable to the transmission of data.

Description

Data transmission method, Apparatus and system
Technical field
The present invention relates to areas of information technology, particularly relate to a kind of data transmission method, Apparatus and system.
Background technology
Along with the development of information technology, various terminal units occur therewith.Wherein, terminal unit is to service The data of device transmission are usually directed to some private datas.Transmission channel safety owing to carrying out data transmission at present is relatively low, Typically require when to server transmission data and data waiting for transmission are encrypted.
At present, when carrying out data transmission, generally by software cryptography mode, data to be transmitted is encrypted, the most again Be transmitted, i.e. data to be transmitted is encrypted by the encryption software by installing on terminal unit.But, software cryptography process In would generally occupy a large amount of system resource and encryption after data easily by professional person's Brute Force and attack.If passing through software Data to be transmitted is encrypted by cipher mode, is transmitted the most again, and data to be transmitted cryptographic calculation speed can be caused slower And the risk of data to be transmitted leakage is higher, thus cause the relatively low safety with data transmission of encryption efficiency of data to be transmitted Property is relatively low.
Summary of the invention
In view of this, the present invention provides a kind of data transmission method, Apparatus and system.Main purpose is to promote number The safety transmitted according to encryption efficiency and data.
According to one aspect of the invention, it is provided that a kind of data transmission method, including:
The data to be transmitted that receiving terminal apparatus sends;
By preset hardware cipher mode, described data to be transmitted is encrypted;
Data after encryption are sent to described terminal unit, in order to described terminal unit transmits the number after described encryption According to.
According to another aspect of the invention, it is provided that another kind of data transmission method, including:
Data to be transmitted is sent, in order to described hardware encryption device passes through preset hardware encryption side to hardware encryption device Described data to be transmitted is encrypted by formula;
Receive the data after encryption and be transmitted.
According to another aspect of the present invention, it is provided that a kind of hardware encryption device, including:
Receive unit, the data to be transmitted sent for receiving terminal apparatus;
Ciphering unit, for being encrypted described data to be transmitted by preset hardware cipher mode;
Transmitting element, for being sent to described terminal unit by the data after encryption, in order to described terminal unit transmits Data after described encryption.
According to another aspect of the present invention, it is provided that a kind of terminal unit, including:
Transmitting element, sends data to be transmitted to hardware encryption device, in order to described hardware encryption device is by preset Described data to be transmitted is encrypted by hardware cipher mode;
Receive unit, the data after receiving encryption;
Transmission unit, for being transmitted the data after described encryption.
According to still a further aspect of the present invention, it is provided that a kind of data transmission system, including:
Terminal unit, for sending data to be transmitted to hardware encryption device;
Hardware encryption device, for being encrypted described data to be transmitted by preset hardware cipher mode, and to institute State the data after the encryption that terminal unit sends;
Described terminal unit, is additionally operable to the data after transmission encryption.
By technique scheme, the technical scheme that the embodiment of the present invention provides at least has the advantage that
Embodiments provide a kind of data transmission method, Apparatus and system.First terminal unit is encrypted to hardware Equipment sends data to be transmitted, and then described data to be transmitted is added by hardware encryption device by preset hardware cipher mode Close;Data after encryption are sent to described terminal unit;Last described terminal unit transmits the data after described encryption.With mesh Before data to be transmitted is carried out software cryptography, be transmitted the most again comparing, the embodiment of the present invention pass through preset hardware encryption side Described data to be transmitted is encrypted by formula, is transmitted the most again, improves speed and the reduction of data to be transmitted encryption The risk of data to be transmitted leakage, thus improve encryption efficiency and the safety of data transmission of data to be transmitted.
Described above is only the general introduction of technical solution of the present invention, in order to better understand the technological means of the present invention, And can be practiced according to the content of description, and in order to allow above and other objects of the present invention, the feature and advantage can Become apparent, below especially exemplified by the detailed description of the invention of the present invention.
Accompanying drawing explanation
By reading the detailed description of hereafter preferred implementation, various other advantage and benefit common for this area Technical staff will be clear from understanding.Accompanying drawing is only used for illustrating the purpose of preferred implementation, and is not considered as the present invention Restriction.And in whole accompanying drawing, it is denoted by the same reference numerals identical parts.In the accompanying drawings:
Fig. 1 shows a kind of data transmission method flow chart that the embodiment of the present invention provides;
Fig. 2 shows the another kind of data transmission method flow chart that the embodiment of the present invention provides;
Fig. 3 shows another data transmission method flow chart that the embodiment of the present invention provides;
Fig. 4 shows another data transmission method flow chart that the embodiment of the present invention provides;
Fig. 5 shows a kind of hardware encryption device structural representation that the embodiment of the present invention provides;
Fig. 6 shows the another kind of hardware encryption device structural representation that the embodiment of the present invention provides;
Fig. 7 shows a kind of terminal unit structural representation that the embodiment of the present invention provides;
Fig. 8 shows the another kind of terminal unit structural representation that the embodiment of the present invention provides;
Fig. 9 shows a kind of data transmission system structural representation that the embodiment of the present invention provides.
Detailed description of the invention
It is more fully described the exemplary embodiment of the disclosure below with reference to accompanying drawings.Although accompanying drawing shows the disclosure Exemplary embodiment, it being understood, however, that may be realized in various forms the disclosure and should be by embodiments set forth here Limited.On the contrary, it is provided that these embodiments are able to be best understood from the disclosure, and can be by the scope of the present disclosure Complete conveys to those skilled in the art.
Embodiments provide a kind of data transmission method, as it is shown in figure 1, can apply to hardware encryption device, Described method includes:
101, the data to be transmitted that receiving terminal apparatus sends.
Wherein, described terminal unit can be mobile phone, computer, car-mounted terminal etc., and the embodiment of the present invention does not limits.Generally Terminal unit sends data to be transmitted by internal real time operating system.Described data to be transmitted can be that terminal unit is to be passed It is defeated by the data of server, it is also possible to for the terminal unit data being defeated by other-end equipment to be passed, the embodiment of the present invention is not done Limit.
Such as, when terminal unit is car-mounted terminal, data to be transmitted can be that car-mounted terminal is to be passed is defeated by server Location data.When terminal unit is mobile phone, data to be transmitted can be that mobile phone to be passed is defeated by the contact data of server, is regarded Frequency evidence, voice data etc..
It should be noted that software organization's structure can include in the executive agent hardware encryption device of the embodiment of the present invention Hardware abstraction layer (Hardware Abstraction Laye, HAL), virtual machine layer, framework interface layer, application container layer, communication Layer.Wherein, described application container layer may be used for carrying encryption application program, specifically can carry multiple encryption application program, Communication Layer may be used for carrying out data communication and transmission with other equipment.In the embodiment of the present invention, receiving terminal apparatus sends Data to be transmitted specifically may include that the data to be transmitted sent by Communication Layer receiving terminal apparatus.
102, by preset hardware cipher mode, data to be transmitted is encrypted.
Wherein, the executive agent hardware encryption device of the embodiment of the present invention can be the equipment comprising intelligent chip, hardware Encryption device is specifically as follows smart card, described smart card can be by C language develop do not possess after download application program The Native card of function, described smart card can also be can the most more by the built-in JavaCard virtual machine of java language development The java card of new internal applications, downloads function of application after possessing.Wherein, Java is that one can write cross-platform answering With the object oriented program language of software.When described smart card is rear download function of application, smart card is permissible Realize multiple safety check behavior, such as, limit the behavior frequency of failure of Brute Force smart card built-in key, it is to avoid cold open Dynamic attack, malicious code attack etc..
For the embodiment of the present invention, data to be transmitted is carried out hardware encryption can be realized by intelligent chip to be transmitted The encryption of data, intelligent chip is specifically as follows, based on the basis of virtual machine, data to be transmitted is carried out hardware encryption.Intelligence Chip has, at hardware physical layer, the SDK (Software that the production firm of high safety, only intelligent chip provides Development Kit, SDK) hardware physical layer could be accessed.By in hardware physical layer to number to be transmitted According to being encrypted, it is possible to avoid data to be transmitted to be attacked by probe and obtain such that it is able to promote the safety of data to be transmitted.
103, the data after encryption are sent to terminal unit.
Further, in order to described terminal unit transmits the data after described encryption.
Wherein it is possible to the data after encryption are sent to terminal unit by Communication Layer.Server is after receiving encryption Data can by encryption after data be decrypted obtain terminal unit transmission data.Specifically, can be by solving Data after encryption are decrypted by decryption key.
For the embodiment of the present invention, owing to the arithmetic speed of hardware encryption is higher and safety is higher, by to be passed Transmission of data carries out hardware encryption, is transmitted the most again, improve data to be transmitted encryption speed and reduce band to be passed The risk of transmission of data leakage, thus improve encryption efficiency and the safety of data transmission of data to be transmitted.
Embodiments provide a kind of data transmission method.First the data to be transmitted that receiving terminal apparatus sends; Then by preset hardware cipher mode, described data to be transmitted is encrypted;Finally the data after encryption are sent to described Terminal unit, further, in order to described terminal unit transmits the data after described encryption.With at present data to be transmitted is entered Row software cryptography, is transmitted comparing the most again, and the embodiment of the present invention passes through preset hardware cipher mode to described number to be transmitted According to being encrypted, it is transmitted the most again, improves the speed of data to be transmitted encryption and reduce data to be transmitted leakage Risk, thus improve the encryption efficiency of data to be transmitted and the safety of data transmission.
Embodiments provide another kind of data transmission method, set as in figure 2 it is shown, can apply to hardware encryption Standby, described method includes:
201, the data to be transmitted that receiving terminal apparatus is sent by serial communication protocol.
Wherein, the relevant explanation of described terminal unit and data to be transmitted has been carried out describing in detail, at this in step 101 Do not repeat.Serial communication protocol is specifically as follows ISO (International Organization for Standardization, ISO)/IEC (International Electro technical Commission, International Electrotechnical Commission) 7816 agreements, IIC (Inter-Integrated Circuit, IC bus) Communications protocol, serial port communicating protocol, the embodiment of the present invention does not limits.
It should be noted that hardware encryption device can be to be welded on the equipment within terminal unit, it is also possible to for terminal The external equipment of equipment, the embodiment of the present invention does not limits at this.When hardware encryption device is to be welded within terminal unit During equipment, the data to be transmitted that can be sent by ISO/IEC7816 agreement receiving terminal apparatus.When hardware encryption device is eventually During the external equipment of end equipment, the data to be transmitted that can be sent by IIC communications protocol receiving terminal apparatus.
202, by the preset AES within hardware encryption device, data to be transmitted is encrypted.
Wherein, preset AES can be the AES that hardware encryption device built in hardware coprocessor carries, tool Body can be symmetric encipherment algorithm.Symmetric encipherment algorithm can be DES (data encryption standards, Data Encryption Standard), 3DES, can also be AES (high-level data encryption standard, Advanced Encryption Standard) and Blowfish algorithm, the embodiment of the present invention does not limits.
For the embodiment of the present invention, step 202 specifically may include that the encryption key obtaining preset AES;According to Described data to be transmitted is encrypted by described encryption key by preset hardware cipher mode.
Wherein, the encryption key of preset AES can be the encryption key generated during the initialization of hardware encryption device. Described encryption key is specifically as follows the key generator generation built-in by hardware encryption device.
For the embodiment of the present invention, step 202 specifically may include that by preset block encryption algorithm by preset hardware Described data to be transmitted is encrypted by cipher mode.
Wherein, when generating many group encryption keys when hardware encryption device initializes, led to by preset block encryption algorithm Cross preset hardware cipher mode described data to be transmitted is encrypted.Preset hardware is being passed through by preset block encryption algorithm Before described data to be transmitted is encrypted by cipher mode, by certain bit length, data to be transmitted is grouped, obtains multiple treating Transmission data block.Described described data to be transmitted is added by preset hardware cipher mode by preset block encryption algorithm Close step specifically may include that when being encrypted computing every time, utilizes a group encryption password to a data to be transmitted block It is encrypted computing, until described data to be transmitted block encryption completes.
Individually hold, only at hardware terminal it should be noted that many group encryption keys are multiple technological development personnel During equipment distribution, just assembling block encryption key and pour in hardware encryption device, the risk of encryption key leakage is relatively low.Therefore, Described data to be transmitted is carried out by preset hardware cipher mode by the embodiment of the present invention by described hardware encryption device Encryption, can reduce the risk of data to be transmitted leakage, such that it is able to promote the safety of data transmission.
203, the data after encryption are sent to terminal unit.
Further, in order to described terminal unit transmits the data after described encryption.
Wherein it is possible to the data after encryption are sent to terminal unit by Communication Layer.Specifically can pass through ISO/ Data after encryption are sent to terminal unit by IEC7816 agreement or IIC communications protocol.
It should be noted that when data encryption to be transmitted is obtained by the data after encryption by symmetric encipherment algorithm Time, encryption key is identical with decruption key, after server or other-end equipment data after receiving encryption, and Ke Yizhi Data after encryption are decrypted by the decruption key connecting symmetric encipherment algorithm, obtain the data of terminal unit transmission.
Embodiments provide another kind of data transmission method.First the number to be transmitted that receiving terminal apparatus sends According to;Then by preset hardware cipher mode, described data to be transmitted is encrypted;Finally the data after encryption are sent to Described terminal unit, further, in order to described terminal unit transmits the data after described encryption.With at present to number to be transmitted According to carrying out software cryptography, being transmitted comparing, the embodiment of the present invention is by carrying out hardware encryption to data to be transmitted, so the most again After be transmitted again, improve the speed of data to be transmitted encryption and reduce the risk of data to be transmitted leakage, thus carrying Encryption efficiency and the safety of data transmission of data to be transmitted are risen.
Embodiments provide another data transmission method, as it is shown on figure 3, can apply to terminal unit, institute The method of stating includes:
301, data to be transmitted is sent to hardware encryption device.
Further, in order to described data to be transmitted is entered by described hardware encryption device by preset hardware cipher mode Row encryption.
Wherein, hardware encryption device can pass through pre-by the packet symmetric encipherment algorithm that built in hardware coprocessor carries Put hardware cipher mode described data to be transmitted is encrypted.Additionally, due to hardware co-processor disposal ability is very fast, pass through Hardware encryption device is encrypted computing to data to be transmitted, can promote data to be transmitted cryptographic calculation speed, such that it is able to Promote the encryption efficiency of data to be transmitted.
Additionally, due to the encryption key of hardware encryption device initialized packet symmetric encipherment algorithm is multiple technological development Personnel individually hold, and only when hardware terminal equipment is issued, just assemble block encryption key and pour in hardware encryption device, The risk of encryption key leakage is relatively low.Therefore, preset hardware cipher mode is passed through to described to be transmitted for the embodiment of the present invention Data are encrypted, and can reduce the risk of data to be transmitted leakage, such that it is able to promote the safety of data transmission.
302, receive the data after encrypting and be transmitted.
For the embodiment of the present invention, the data after encryption are transmitted step and are specifically as follows: be (super civilian by HTTPS This Encryption Transmission Protocol, Hyper Text Transfer Protocol over Secure Socket Layer) to encryption after Data be transmitted.Wherein, described HTTPS is HTTP passage (the Hyper Text Transfer with safety as target Protocol, HTML (Hypertext Markup Language)), be the safe version of HTTP, i.e. add under HTTP SSL (Secure Socket Layer, SSL) layer, owing to HTTPS have employed SSL, therefore by HTTPS, the data after encryption are transmitted, Ke Yijin One step promotes the safety of data transmission procedure.
Further, when the data after encryption being transmitted by HTTPS, the strong school of described HTTPS can be opened Test function.Wherein, the strong verifying function of described HTTPS can by being carried out data transmission by HTTPS time the additional merit that configured Can, may be used for the safety that protection is carried out data transmission by HTTPS.For the embodiment of the present invention, by HTTPS by described Before data are sent to server, open the strong verifying function of described HTTPS, can improve and be carried out data transmission by HTTPS Safety, decrease data transmission potential safety hazard.
For the embodiment of the present invention, the data after encryption are transmitted step and are also specifically as follows: by TLS (safety Transport layer protocol, Transport Layer Security) data after encryption are transmitted.Wherein, TLS is at two Confidentiality and data integrity are provided between communication application program.Owing to TLS have employed SSL, therefore by TLS to encryption after Data be transmitted, the safety of data transmission procedure can be promoted further.
Embodiments provide another kind of data transmission method.First number to be transmitted is sent to hardware encryption device According to, further, in order to described data to be transmitted is added by described hardware encryption device by preset hardware cipher mode Close;Then receive the data after encrypting and be transmitted.With at present data to be transmitted is carried out software cryptography, pass the most again Defeated comparing, described data to be transmitted is encrypted by the embodiment of the present invention by preset hardware cipher mode, passes the most again Defeated, improve the speed of data to be transmitted encryption and reduce the risk of data to be transmitted leakage, thus improving to be transmitted The encryption efficiency of data and the safety of data transmission.
Embodiments provide another data transmission method, as shown in Figure 4, can apply to terminal unit, institute The method of stating includes:
401, data to be transmitted is sent by serial communication protocol to hardware encryption device.
Further, in order to described data to be transmitted is entered by described hardware encryption device by preset hardware cipher mode Row encryption.
Wherein, described serial communication protocol can be ISO/IEC7816 agreement, IIC communications protocol, serial port communicating protocol, The embodiment of the present invention does not limits.
402, receive the data after encrypting and be transmitted.
For the embodiment of the present invention, specifically by HTTPS, the data after encryption can be transmitted, or can pass through Data after encryption are transmitted by TLS.Owing to HTTPS or TLS have employed SSL, therefore by HTTPS or TLS pair Data after encryption are transmitted, and can promote the safety of data transmission procedure further.
Embodiments provide another data transmission method.First number to be transmitted is sent to hardware encryption device According to, further, in order to described data to be transmitted is added by described hardware encryption device by preset hardware cipher mode Close;Then receive the data after encrypting and be transmitted.With at present data to be transmitted is carried out software cryptography, pass the most again Defeated comparing, described data to be transmitted is encrypted by the embodiment of the present invention by preset hardware cipher mode, passes the most again Defeated, improve the speed of data to be transmitted encryption and reduce the risk of data to be transmitted leakage, thus improving to be transmitted The encryption efficiency of data and the safety of data transmission.
Further, implementing as Fig. 1, embodiments provide a kind of hardware encryption device, such as Fig. 5 institute Showing, described equipment includes: receive unit 51, ciphering unit 52, transmitting element 53.
Receive unit 51, may be used for the data to be transmitted that receiving terminal apparatus sends.
Ciphering unit 52, may be used for being encrypted described data to be transmitted by preset hardware cipher mode.
Transmitting element 53, the data after may be used for encryption are sent to described terminal unit.
Further, in order to described terminal unit transmits the data after described encryption.
It should be noted that other of each functional unit involved by a kind of hardware encryption device of embodiment of the present invention offer Corresponding description, is referred to the corresponding description of method shown in Fig. 1, does not repeats them here.
Embodiments provide a kind of hardware encryption device.First the data to be transmitted that receiving terminal apparatus sends; Then by preset hardware cipher mode, described data to be transmitted is encrypted;Finally the data after encryption are sent to described Terminal unit, further, in order to described terminal unit transmits the data after described encryption.With at present data to be transmitted is entered Row software cryptography, is transmitted comparing the most again, and the embodiment of the present invention passes through preset hardware cipher mode to described number to be transmitted According to being encrypted, it is transmitted the most again, improves the speed of data to be transmitted encryption and reduce band data to be transmitted and let out The risk of leakage, thus improve encryption efficiency and the safety of data transmission of data to be transmitted.
Further, implementing as Fig. 2, embodiments provide another kind of hardware encryption device, such as Fig. 6 Shown in, described equipment includes: receive unit 61, ciphering unit 62, transmitting element 63.
Receive unit 61, may be used for the data to be transmitted that receiving terminal apparatus sends.
Ciphering unit 62, may be used for being encrypted described data to be transmitted by preset hardware cipher mode.
Transmitting element 63, the data after may be used for encryption are sent to described terminal unit.
Further, in order to described terminal unit transmits the data after described encryption.
Described ciphering unit 62, specifically for passing through preset hardware cipher mode to described to be passed by preset AES Transmission of data is encrypted.
Described ciphering unit 62 includes: acquisition module 6201 and encrypting module 6202.
Acquisition module 6201, for obtaining the encryption key of preset AES.
Encrypting module 6202, for according to described encryption key by preset hardware cipher mode to described data to be transmitted It is encrypted.
Described ciphering unit 62, is specifically additionally operable to pass through preset hardware cipher mode to institute by preset block encryption algorithm State data to be transmitted to be encrypted.
Described reception unit 61, the data to be transmitted sent by serial communication protocol specifically for receiving terminal apparatus.
It should be noted that its of each functional unit involved by the another kind of hardware encryption device of embodiment of the present invention offer He describes accordingly, is referred to the corresponding description of method shown in Fig. 2, does not repeats them here.
Embodiments provide another kind of hardware encryption device.First the number to be transmitted that receiving terminal apparatus sends According to;Then by preset hardware cipher mode, described data to be transmitted is encrypted;Finally the data after encryption are sent to Described terminal unit, further, in order to described terminal unit transmits the data after described encryption.With at present to number to be transmitted According to carrying out software cryptography, being transmitted comparing, the embodiment of the present invention passes through preset hardware cipher mode to described to be passed the most again Transmission of data is encrypted, and is transmitted the most again, improves the speed of data to be transmitted encryption and reduces band number to be transmitted According to the risk of leakage, thus improve encryption efficiency and the safety of data transmission of data to be transmitted.
Further, implementing as Fig. 3, embodiments provide a kind of terminal unit, as it is shown in fig. 7, Described equipment includes: transmitting element 71, reception unit 72, transmission unit 73.
Transmitting element 71, sends data to be transmitted to hardware encryption device.
Further, in order to described data to be transmitted is carried out by described hardware encryption device by preset hardware cipher mode Encryption.
Receive unit 72, the data after receiving the encryption that described hardware encryption device sends.
Transmission unit 73, for being transmitted the data after described encryption.
It should be noted that other of each functional unit involved by a kind of terminal unit of embodiment of the present invention offer are corresponding Describe, be referred to the corresponding description of method shown in Fig. 3, do not repeat them here.
Embodiments provide a kind of terminal unit.First send data to be transmitted to hardware encryption device, enter one Step ground, in order to described data to be transmitted is encrypted by described hardware encryption device by preset hardware cipher mode;Then Receive the data after encryption and be transmitted.With at present data to be transmitted is carried out software cryptography, be transmitted the most again comparing, Described data to be transmitted is encrypted by the embodiment of the present invention by preset hardware cipher mode, is transmitted the most again, promotes The speed of data to be transmitted encryption and reduce the risk of band data to be transmitted leakage, thus improve data to be transmitted Encryption efficiency and the safety of data transmission.
Further, implementing as Fig. 4, embodiments provide another kind of terminal unit, such as Fig. 8 institute Showing, described equipment includes: transmitting element 81, reception unit 82, transmission unit 83.
Transmitting element 81, may be used for sending data to be transmitted to hardware encryption device.
Further, in order to described data to be transmitted is carried out by described hardware encryption device by preset hardware cipher mode Encryption.
Receive unit 82, may be used for the data after receiving the encryption that described hardware encryption device sends.
Transmission unit 83, may be used for being transmitted the data after described encryption.
It should be noted that other phases of each functional unit involved by the another kind of terminal unit of embodiment of the present invention offer Should describe, be referred to the corresponding description of method shown in Fig. 4, do not repeat them here.
Embodiments provide another kind of terminal unit.First send data to be transmitted to hardware encryption device, enter One step ground, in order to described data to be transmitted is encrypted by described hardware encryption device by preset hardware cipher mode;So The rear data received after encrypting also are transmitted.With at present data to be transmitted is carried out software cryptography, be transmitted phase the most again Ratio, described data to be transmitted is encrypted by preset hardware cipher mode, is transmitted, carries by the embodiment of the present invention Rise the speed of data to be transmitted encryption and reduced the risk of band data to be transmitted leakage, thus having improved data to be transmitted Encryption efficiency and data transmission safety.
Embodiments provide a kind of data transmission system, as it is shown in figure 9, described system includes: terminal unit 91 With hardware encryption device 92.
Terminal unit 91, may be used for sending data to be transmitted to hardware encryption device 92.
Hardware encryption device 92, may be used for being encrypted described data to be transmitted by preset hardware cipher mode, And the data after the encryption that described terminal unit sends.
Described terminal unit 91, it is also possible to the data after transmitting encryption.
Embodiments provide a kind of data transmission system.First terminal unit sends to be passed to hardware encryption device Transmission of data, then described data to be transmitted is encrypted by hardware encryption device by preset hardware cipher mode;After encrypting Data be sent to described terminal unit;Last described terminal unit transmits the data after described encryption.With at present to be transmitted Data carry out software cryptography, are transmitted comparing the most again, and the embodiment of the present invention is treated described by preset hardware cipher mode Transmission data are encrypted, and are transmitted the most again, improve the speed of data to be transmitted encryption and reduce number to be transmitted According to the risk of leakage, thus improve encryption efficiency and the safety of data transmission of data to be transmitted.
In the above-described embodiments, the description to each embodiment all emphasizes particularly on different fields, and does not has the portion described in detail in certain embodiment Point, may refer to the associated description of other embodiments.
It is understood that the correlated characteristic in said method and device can mutually reference.It addition, in above-described embodiment " first ", " second " etc. be for distinguishing each embodiment, and do not represent the quality of each embodiment.
Those skilled in the art is it can be understood that arrive, for convenience and simplicity of description, and the system of foregoing description, The specific works process of device and unit, is referred to the corresponding process in preceding method embodiment, does not repeats them here.
Algorithm and display are not intrinsic to any certain computer, virtual system or miscellaneous equipment relevant provided herein. Various general-purpose systems can also be used together with based on teaching in this.As described above, construct required by this kind of system Structure be apparent from.Additionally, the present invention is also not for any certain programmed language.It is understood that, it is possible to use various Programming language realizes the content of invention described herein, and the description done language-specific above is to disclose this Bright preferred forms.
In description mentioned herein, illustrate a large amount of detail.It is to be appreciated, however, that the enforcement of the present invention Example can be put into practice in the case of not having these details.In some instances, it is not shown specifically known method, structure And technology, in order to do not obscure the understanding of this description.
Similarly, it will be appreciated that one or more in order to simplify that the disclosure helping understands in each inventive aspect, exist Above in the description of the exemplary embodiment of the present invention, each feature of the present invention is grouped together into single enforcement sometimes In example, figure or descriptions thereof.But, the method for the disclosure should not be construed to reflect an intention that i.e. required guarantor The application claims feature more more than the feature being expressly recited in each claim protected.More precisely, as following Claims reflected as, inventive aspect is all features less than single embodiment disclosed above.Therefore, The claims following detailed description of the invention are thus expressly incorporated in this detailed description of the invention, the most each claim itself All as the independent embodiment of the present invention.
Those skilled in the art are appreciated that and can carry out the module in the equipment in embodiment adaptively Change and they are arranged in one or more equipment different from this embodiment.Can be the module in embodiment or list Unit or assembly are combined into a module or unit or assembly, and can put them in addition multiple submodule or subelement or Sub-component.In addition at least some in such feature and/or process or unit excludes each other, can use any Combine all features disclosed in this specification (including adjoint claim, summary and accompanying drawing) and so disclosed appoint Where method or all processes of equipment or unit are combined.Unless expressly stated otherwise, this specification (includes adjoint power Profit requires, summary and accompanying drawing) disclosed in each feature can be carried out generation by providing identical, equivalent or the alternative features of similar purpose Replace.
Although additionally, it will be appreciated by those of skill in the art that embodiments more described herein include other embodiments Some feature included by rather than further feature, but the combination of the feature of different embodiment means to be in the present invention's Within the scope of and form different embodiments.Such as, in the following claims, embodiment required for protection appoint One of meaning can mode use in any combination.
The all parts embodiment of the present invention can realize with hardware, or to run on one or more processor Software module realize, or with combinations thereof realize.It will be understood by those of skill in the art that and can use in practice Microprocessor or digital signal processor (DSP) realize data transmission method according to embodiments of the present invention, device and are The some or all functions of the some or all parts in system.The present invention is also implemented as performing described here Part or all equipment of method or device program (such as, computer program and computer program).This The program realizing the present invention of sample can store on a computer-readable medium, or can have one or more signal Form.Such signal can be downloaded from internet website and obtain, or provides on carrier signal, or with any other Form provides.
The present invention will be described rather than limits the invention to it should be noted above-described embodiment, and ability Field technique personnel can design alternative embodiment without departing from the scope of the appended claims.In the claims, Any reference marks that should not will be located between bracket is configured to limitations on claims.Word " comprises " and does not excludes the presence of not Arrange element in the claims or step.Word "a" or "an" before being positioned at element does not excludes the presence of multiple such Element.The present invention and can come real by means of including the hardware of some different elements by means of properly programmed computer Existing.If in the unit claim listing equipment for drying, several in these devices can be by same hardware branch Specifically embody.Word first, second and third use do not indicate that any order.These word explanations can be run after fame Claim.
The embodiment of the invention discloses:
A1, a kind of data transmission method, including:
The data to be transmitted that receiving terminal apparatus sends;
By preset hardware cipher mode, described data to be transmitted is encrypted;
Data after encryption are sent to described terminal unit, in order to described terminal unit transmits the number after described encryption According to.
A2, method as described in A1, described be encrypted bag by preset hardware cipher mode to described data to be transmitted Include:
By the preset AES within hardware encryption device, described data to be transmitted is encrypted.
A3, method as described in A2, described by the preset AES within hardware encryption device to described to be transmitted Data are encrypted and include:
The encryption key of the acquisition preset AES within hardware encryption device;
According to described encryption key, described data to be transmitted is encrypted.
A4, method as described in A2, described by the preset AES within hardware encryption device to described to be transmitted Data are encrypted and include:
By the preset block encryption algorithm within hardware encryption device, described data to be transmitted is encrypted.
A5, method as described in A1, the data to be transmitted that described receiving terminal apparatus sends includes:
The data to be transmitted that receiving terminal apparatus is sent by serial communication protocol.
B6, a kind of data transmission method, including:
Data to be transmitted is sent, in order to described hardware encryption device passes through preset hardware encryption side to hardware encryption device Described data to be transmitted is encrypted by formula;
Receive the data after encryption and be transmitted.
B7, method as described in B6, described send data to be transmitted to hardware encryption device and include:
Data to be transmitted is sent to hardware encryption device by serial communication protocol.
C8, a kind of hardware encryption device, comprising:
Receive unit, the data to be transmitted sent for receiving terminal apparatus;
Ciphering unit, for being encrypted described data to be transmitted by preset hardware cipher mode;
Transmitting element, for being sent to described terminal unit by the data after encryption, in order to described terminal unit transmits Data after described encryption.
C9, equipment as described in C8,
Described ciphering unit, specifically for by the preset AES within hardware encryption device to described number to be transmitted According to being encrypted.
C10, equipment as described in C9, described ciphering unit includes:
Acquisition module, for obtaining the encryption key of the preset AES within hardware encryption device;
Encrypting module, for being encrypted described data to be transmitted according to described encryption key.
C11, equipment as described in C9,
Described ciphering unit, is specifically additionally operable to be treated described by the preset block encryption algorithm within hardware encryption device Transmission data are encrypted.
C12, equipment as described in C9,
Described reception unit, the data to be transmitted sent by serial communication protocol specifically for receiving terminal apparatus.
D13, a kind of terminal unit, including:
Transmitting element, sends data to be transmitted to hardware encryption device, in order to described hardware encryption device is by preset Described data to be transmitted is encrypted by hardware cipher mode;
Receive unit, the data after receiving the encryption that described hardware encryption device sends;
Transmission unit, for being transmitted the data after described encryption.
D14, equipment as described in D13,
Described transmitting element, specifically for sending data to be transmitted by serial communication protocol to hardware encryption device.
E15, a kind of data transmission system, including: hardware encryption device as described in any one of C8-C12 with such as D13-D14 Terminal unit described in any one.

Claims (10)

1. a data transmission method, it is characterised in that including:
The data to be transmitted that receiving terminal apparatus sends;
By preset hardware cipher mode, described data to be transmitted is encrypted;
Data after encryption are sent to described terminal unit, in order to described terminal unit transmits the data after described encryption.
Method the most according to claim 1, it is characterised in that described by preset hardware cipher mode to described to be transmitted Data are encrypted and include:
By the preset AES within hardware encryption device, described data to be transmitted is encrypted.
Method the most according to claim 2, it is characterised in that described by the preset encryption calculation within hardware encryption device Described data to be transmitted is encrypted and includes by method:
The encryption key of the acquisition preset AES within hardware encryption device;
According to described encryption key, described data to be transmitted is encrypted.
4. a data transmission method, it is characterised in that including:
Data to be transmitted is sent, in order to described hardware encryption device passes through preset hardware cipher mode pair to hardware encryption device Described data to be transmitted is encrypted;
Receive the data after encryption and be transmitted.
Method the most according to claim 4, it is characterised in that described to hardware encryption device transmission data to be transmitted bag Include:
Data to be transmitted is sent to hardware encryption device by serial communication protocol.
6. a hardware encryption device, it is characterised in that including:
Receive unit, the data to be transmitted sent for receiving terminal apparatus;
Ciphering unit, for being encrypted described data to be transmitted by preset hardware cipher mode;
Transmitting element, for being sent to described terminal unit by the data after encryption, in order to the transmission of described terminal unit is described Data after encryption.
Equipment the most according to claim 6, it is characterised in that
Described ciphering unit, specifically for entering described data to be transmitted by the preset AES within hardware encryption device Row encryption.
8. a terminal unit, it is characterised in that including:
Transmitting element, sends data to be transmitted to hardware encryption device, in order to described hardware encryption device passes through preset hardware Described data to be transmitted is encrypted by cipher mode;
Receive unit, the data after receiving the encryption that described hardware encryption device sends;
Transmission unit, for being transmitted the data after described encryption.
Equipment the most according to claim 8, it is characterised in that
Described transmitting element, specifically for sending data to be transmitted by serial communication protocol to hardware encryption device.
10. a data transmission system, it is characterised in that including: the hardware encryption device described in any one of claim 6-7 and Terminal unit described in any one of claim 8-9.
CN201610513903.9A 2016-06-30 2016-06-30 Data transmission method, apparatus and system Pending CN106130999A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610513903.9A CN106130999A (en) 2016-06-30 2016-06-30 Data transmission method, apparatus and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610513903.9A CN106130999A (en) 2016-06-30 2016-06-30 Data transmission method, apparatus and system

Publications (1)

Publication Number Publication Date
CN106130999A true CN106130999A (en) 2016-11-16

Family

ID=57468866

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610513903.9A Pending CN106130999A (en) 2016-06-30 2016-06-30 Data transmission method, apparatus and system

Country Status (1)

Country Link
CN (1) CN106130999A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109088889A (en) * 2018-10-16 2018-12-25 深信服科技股份有限公司 A kind of SSL encipher-decipher method, system and computer readable storage medium
CN109714292A (en) * 2017-10-25 2019-05-03 华为技术有限公司 The method and apparatus of transmitting message
CN109840395A (en) * 2017-11-24 2019-06-04 航天信息股份有限公司 A kind of method and system based on Java card downloading application program
CN113315787A (en) * 2021-07-28 2021-08-27 北京橙色云科技有限公司 Encryption protection method, device and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103379103A (en) * 2012-04-24 2013-10-30 长春易申软件有限公司 Linear encryption and decryption hardware implementation method
CN103457723A (en) * 2013-09-10 2013-12-18 徐光梅 Encryption method and encryption equipment based on same
EP2720402A1 (en) * 2012-10-12 2014-04-16 Altis Semiconductor Hardware encryption and decryption apparatus using a N round AES algorithm
CN104219234A (en) * 2014-08-28 2014-12-17 杭州华澜微科技有限公司 Security method of personal data in cloud storage
CN104253694A (en) * 2014-09-27 2014-12-31 杭州电子科技大学 Encrypting method for network data transmission

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103379103A (en) * 2012-04-24 2013-10-30 长春易申软件有限公司 Linear encryption and decryption hardware implementation method
EP2720402A1 (en) * 2012-10-12 2014-04-16 Altis Semiconductor Hardware encryption and decryption apparatus using a N round AES algorithm
CN103457723A (en) * 2013-09-10 2013-12-18 徐光梅 Encryption method and encryption equipment based on same
CN104219234A (en) * 2014-08-28 2014-12-17 杭州华澜微科技有限公司 Security method of personal data in cloud storage
CN104253694A (en) * 2014-09-27 2014-12-31 杭州电子科技大学 Encrypting method for network data transmission

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109714292A (en) * 2017-10-25 2019-05-03 华为技术有限公司 The method and apparatus of transmitting message
CN109714292B (en) * 2017-10-25 2021-05-11 华为技术有限公司 Method and device for transmitting message
CN109840395A (en) * 2017-11-24 2019-06-04 航天信息股份有限公司 A kind of method and system based on Java card downloading application program
CN109088889A (en) * 2018-10-16 2018-12-25 深信服科技股份有限公司 A kind of SSL encipher-decipher method, system and computer readable storage medium
CN113315787A (en) * 2021-07-28 2021-08-27 北京橙色云科技有限公司 Encryption protection method, device and storage medium

Similar Documents

Publication Publication Date Title
CN105450406B (en) The method and apparatus of data processing
CN105357191B (en) The encryption method and device of user data
US8332634B2 (en) Cryptographic systems for encrypting input data using an address associated with the input data, error detection circuits, and methods of operating the same
CN106130999A (en) Data transmission method, apparatus and system
CN105072125B (en) A kind of http communication system and method
CN106412024B (en) A kind of page acquisition methods and device
CN106549940B (en) Vehicle data transmission method and system
CN107358441A (en) Method, system and the mobile device and safety certificate equipment of payment verification
CN106100831B (en) A kind of method and system of transmission and processing data
CN108683665A (en) Data ciphering method, system in fiber optic communication and data transmitting equipment
CN106302422A (en) Business encryption and decryption method and device
Kerschbaum et al. Privacy-preserving billing for e-ticketing systems in public transportation
CN110519203A (en) A kind of data encryption and transmission method and device
CN109299944A (en) Data ciphering method, system and terminal in a kind of process of exchange
EP2950229B1 (en) Method for facilitating transactions, computer program product and mobile device
CN108965315A (en) A kind of authentic authentication method of terminal device, device and terminal device
CN111125788B (en) Encryption calculation method, computer equipment and storage medium
CN108306970A (en) A kind of download of firmware safety and calibration equipment and method based on safety chip
CN114615087B (en) Data sharing method, device, equipment and medium
CN106031079B (en) Operator in Encryption Algorithm is promoted
Carelli et al. Securing bitstream integrity, confidentiality and authenticity in reconfigurable mobile heterogeneous systems
CN109547404A (en) The acquisition methods and server of data
CN105553976B (en) A kind of data processing method, apparatus and system
Hurley-Smith et al. Bias in the mifare desfire ev1 trng
CN107612983A (en) A kind of radio communication function opens determination methods, system and the terminal device in region

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20161116