CN106850191A - The encryption and decryption method and device of distributed memory system communication protocol - Google Patents
The encryption and decryption method and device of distributed memory system communication protocol Download PDFInfo
- Publication number
- CN106850191A CN106850191A CN201710088017.0A CN201710088017A CN106850191A CN 106850191 A CN106850191 A CN 106850191A CN 201710088017 A CN201710088017 A CN 201710088017A CN 106850191 A CN106850191 A CN 106850191A
- Authority
- CN
- China
- Prior art keywords
- field
- message
- communication protocol
- aes
- receiving terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/065—Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Storage Device Security (AREA)
Abstract
The present invention relates to memory system data security technology area, a kind of encryption and decryption method and device of distributed memory system communication protocol is disclosed, wherein encryption method includes:Transmitting terminal obtains initial data to be encrypted;Transmitting terminal builds the message of distributed memory system communication protocol;Transmitting terminal obtains the shared key of AES;Transmitting terminal by AES, using shared key to message in the second field to the 6th field be encrypted;Transmitting terminal by AES, using the interim request key of the 5th field in message to message in the 7th field be encrypted, transmitting terminal sends to receiving terminal the message after encryption.The present invention devises that a kind of length is variable, encryption method without repetitive sequence for the problem of RC4 AESs, increased the difficulty that encrypted data is cracked, and improves the security of data transfer.
Description
Technical field
The present invention relates to memory system data security technology area, more particularly to a kind of distributed memory system communication protocol
Encryption and decryption method and device.
Background technology
Distributed memory system, is to store in many independent equipment data dispersion.Distributed memory system is often
It is made up of multiple nodes, large-scale distributed storage is had across computer room, in public transfers on network control data, the feelings of file data
Condition.Particularly under internet environment, have attacker and message content is speculated according to message length, and then crack storage communication dress
Put, intercept key content information.How to ensure that safe and reliable transmission data have reformed into structure distributed storage system on public network
The Basic Problems of system.
Distributed storage communication protocol is to constitute the basis of distributed memory system, it ensure that state between different nodes,
The uniformity of metadata information, there is provided user accesses, uses the primary condition of storage system.But its information content is all exposed to
On public network, information security receives greatly threat, so certain measure must be taken just to can guarantee that information is passed to each other
Defeated security.
RC4 AESs are a kind of symmetric encipherment algorithms(Symmetric Key Encryption), it is one variable
Key length, the stream cipher of byte-oriented operation.Stream cipher falls within symmetric cryptography, but from unlike block encryption algorithm,
Stream cipher is not grouped to clear data, but the password stream of length is added to plaintext with key generation and plaintext
Close, encryption and decryption uses identical key.RC4 AESs are widely used in SSL/TLS(Secure shell protocol/transport layer peace
Full agreement)Standard, the standard is formulated to be communicated between web browser and server.
RC4 AES features:(1) algorithm is succinctly easy to software realization, and enciphering rate is fast, and security is higher;(2) it is close
Key length is variable, general with 256 bytes.Because RC4 AESs have realizes that simply, enciphering rate is fast, to hardware resource
Low advantage is expended, the ranks for making it rank among lightweight encryption algorithm.But its simple algorithm structure is also easily broken
Solution is attacked, and the Cipher Strength of RC4 AESs depends entirely on key, i.e. pseudo-random sequence and generates, and real random sequence
It is that impossible realize, pseudorandom can only be realized.Just unavoidably there is the repetition of key in this.RC4 AESs are either encrypted
Or decrypt, all only carried out XOR, once it means that sub-key sequence occurs in that repetition, ciphertext has with regard to pole can
Can be cracked.
Accordingly, it would be desirable to design a kind of safe distributed storage communication protocol encryption and decryption method, attacker is prevented
Communication message form is extrapolated according to message length and Repeating Field.
The content of the invention
For above technical problem, it is an object of the invention to provide a kind of encryption of distributed memory system communication protocol,
Decryption method and device, for the problem of RC4 AESs, devise that a kind of length is variable, encryption method without repetitive sequence,
The difficulty that encrypted data is cracked is increased, the security of data transfer is improve.
To reach above-mentioned purpose, the present invention is achieved through the following technical solutions:
The present invention provides a kind of encryption method of distributed memory system communication protocol, comprises the following steps:
Transmitting terminal obtains initial data to be encrypted;
Transmitting terminal builds the message of distributed memory system communication protocol, the message bag of the distributed memory system communication protocol
Seven fields are included, wherein the first field is to account for a random number for byte, the second field is to account for four magic numbers of byte, the
Three fields are to account for a length value for the 4th field of byte, and the 4th field is random-length, the rubbish word of random content, the
Five fields are interim request key, and the 6th field is Temporary Response key, and the 7th field is original number to be encrypted on transmitting terminal
According to;
Transmitting terminal obtains the shared key of AES;
Transmitting terminal by AES, using shared key to message in the second field to the 6th field be encrypted;
Transmitting terminal by AES, using the interim request key of the 5th field in message to message in the 7th field enter
Row encryption, transmitting terminal sends to receiving terminal the message after encryption.
Further, seven fields of the message of the distributed memory system communication protocol are by distributed memory system
Multiple memory node generations.
Further, the interim request key and Temporary Response key by distributed memory system each memory node
Random generation at intervals of set time.
Further, the AES is RC4 AESs.
The present invention also provides a kind of decryption method of distributed memory system communication protocol, comprises the following steps:
Receiving terminal receives the message after the encryption from transmitting terminal;
Receiving terminal builds the message of distributed memory system communication protocol, the message bag of the distributed memory system communication protocol
Seven fields are included, wherein the first field is to account for a random number for byte, the second field is to account for four magic numbers of byte, the
Three fields are to account for a length value for the 4th field of byte, and the 4th field is random-length, the rubbish word of random content, the
Five fields are interim request key, and the 6th field is Temporary Response key, and the 7th field is original number to be decrypted on receiving terminal
According to;
Receiving terminal obtains the shared key of AES;
Receiving terminal by AES, using shared key to message in the second field to the 6th field be decrypted, and will
First field to the 4th field contents is abandoned;
Receiving terminal by AES, using the Temporary Response key of the 6th field in message to the 6th field in message after
Byte is decrypted, the initial data after being decrypted.
Further, the receiving terminal is by AES, using shared key to message in the second field to the 6th
Field is decrypted, and the first field to the 4th field contents is abandoned, and is further included:
When in receiving terminal reading message, the first field is directly skipped and abandoned;
Receiving terminal by AES, using shared key to message in the second field be decrypted, and verify the second field
Whether the plaintext after decryption is magic number, if so, next step is then carried out, if it is not, then abandoning the message;
Receiving terminal reads the 3rd field in message, obtains the length value of the 4th field rubbish word in message;
Receiving terminal by AES, using shared key to message in the 4th field be decrypted, abandon the after decryption
The rubbish word of four fields;
Receiving terminal by AES, using shared key to message in the 5th field and the 6th field be decrypted.
The invention provides the distributed memory system of the encryption method based on above-mentioned distributed memory system communication protocol
The encryption device of communication protocol, including:
Initial data acquiring unit, initial data to be encrypted is obtained for transmitting terminal;
Transmitting terminal message construction unit, the message of distributed memory system communication protocol, the distribution are built for transmitting terminal
The message of storage system communication protocol includes seven fields, wherein the first field is to account for a random number for byte, the second field
To account for four magic numbers of byte, the 3rd field is to account for a length value for the 4th field of byte, and the 4th field is random
The rubbish word of length, random content, the 5th field is interim request key, and the 6th field is Temporary Response key, the 7th word
Section is initial data to be encrypted on transmitting terminal;
Shared key acquiring unit, the shared key of AES is obtained for transmitting terminal;
First ciphering unit, for transmitting terminal by AES, using shared key to message in the second field to the 6th
Field is encrypted;
Second ciphering unit, for transmitting terminal by AES, using the interim request key pair of the 5th field in message
The 7th field in message is encrypted, and transmitting terminal sends to receiving terminal the message after encryption.
Present invention also offers the distributed storage system of the decryption method based on above-mentioned distributed memory system communication protocol
The decryption device of communication protocol of uniting, including:
Message receiving unit, the message of the encryption from transmitting terminal is received for receiving terminal;
Receiving terminal message construction unit, receiving terminal builds the message of distributed memory system communication protocol, the distributed storage
The message of system communication protocol includes seven fields, wherein the first field is to account for a random number for byte, the second field is to account for
Four magic numbers of byte, the 3rd field is to account for a length value for the 4th field of byte, the 4th field be random-length,
The rubbish word of random content, the 5th field is interim request key, and the 6th field is Temporary Response key, and the 7th field is to connect
Initial data to be decrypted in receiving end;
Acquiring unit, the shared key of AES is obtained for receiving terminal;
First decryption unit, for receiving terminal by AES, using shared key to message in the second field to the 6th
Field is decrypted, and the first field to the 4th field contents is abandoned;
Second decryption unit, receiving terminal passes through AES, using the Temporary Response key of the 6th field in message in message
Byte after 6th field is decrypted, the initial data after being decrypted.
Further, the first decryption unit is further included:
First reading unit, during in receiving terminal reading message, directly skips and abandons the first field;
First decryption subelement, for receiving terminal by AES, using shared key to message in the second field carry out
Decryption, and verify whether the plaintext after the decryption of the second field is magic number, if so, next step is then carried out, if it is not, then abandon should
Message;
Second reading unit, the 3rd field in message is read for receiving terminal, obtains the 4th field rubbish word in message
Length value;
Second decryption subelement, for receiving terminal by AES, using shared key to message in the 4th field carry out
Decryption, abandons the rubbish word of the 4th field after decryption;
3rd decryption subelement, for receiving terminal by AES, using shared key to message in the 5th field and the
Six fields are decrypted.
Compared with prior art, a kind of encryption and decryption method of distributed memory system communication protocol of the invention is beneficial
Effect is as follows:
1. the message of the distributed memory system communication protocol that the present invention builds includes seven fields, wherein the 4th field is random
The rubbish word of length, random content, the message of such communication protocol does not have regular length, even the report of same type
Text, even same packet, the ciphertext content and length after encryption is different, increased what encrypted data was cracked
Difficulty, improves the security of data transfer;
2. due to the presence of interim request key and Temporary Response key in the message of distributed memory system communication protocol, and
It is to be generated at random at intervals of set time by each node of distributed memory system, effective time scope is current request-sound
Reply, accordingly even when be that the ciphertext that identical is generated after not encrypting in the same time in plain text is not also repeated, after equally increased encryption
The difficulty that data are cracked, improves the security of data transfer;
A kind of encryption of distributed memory system communication protocol, the beneficial effect of decryption device are logical with a kind of distributed memory system
Believe that the beneficial effect of the encryption and decryption method of agreement is similar to, will not be repeated here.
Brief description of the drawings
Fig. 1 is the schematic flow sheet of the encryption method of distributed memory system communication protocol of the present invention.
Fig. 2 is the schematic flow sheet of the decryption method of distributed memory system communication protocol of the present invention.
Fig. 3 is the structural representation of the encryption device of distributed memory system communication protocol of the present invention.
Fig. 4 is the structural representation of the decryption device of distributed memory system communication protocol of the present invention.
Specific embodiment
To make the purpose, technical scheme and advantage of the embodiment of the present invention clearer, below in conjunction with the embodiment of the present invention
In accompanying drawing, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is
A part of embodiment of the present invention, rather than whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art
The every other embodiment obtained under the premise of creative work is not made, belongs to the scope of protection of the invention.
The noun and concept that occur in the following example are explained below:
Distributed memory system, is that it uses expansible system architecture by data dispersion storage in many independent equipment,
Storage load is shared using many storage servers, storage information is positioned using location server, it not only increases system
Reliability, availability and access efficiency, are also easy to extension.Distributed memory system includes multiple memory nodes, memory node one
As be a storage server(Inevitable tape controller), interconnected by express network between server.
Communication protocol conventional at present has Secure Shell SSH in distributed memory system(Secure Shell)Agreement, peace
Full socket layer SSL(Security Socket Layer)Agreement and secure electronic transaction SET(Secure Electronic
Transaction)Agreement.
The security needs of data are protected using cryptographic technique in distributed memory system, and data encryption is all data
The core of safe practice.Common AES is segmented into three classes:Symmetric encipherment algorithm(Symmetric Key
Encryption), rivest, shamir, adelman(Asymmetric Key Encryption)And hash algorithm.The effect of AES
Can generally can be according to algorithm complexity in itself, key length(Key is more long safer), encryption/decryption speed etc. weighs.
Symmetric encipherment algorithm requirement encryption and decryption both sides are used for identical key, and typical symmetric encipherment algorithm includes DES(Data
Encryption Standard), 3DES, Bloefish, IDEA, RC4, RC5, RC6 and AES(Advanced Encryption
Standard).And rivest, shamir, adelman is to encrypt and decrypt both sides using mutually different key, trap door information is not being known
In the case of, encryption key and decruption key are can not be mutually derived, and typical rivest, shamir, adelman includes RSA, ECC,
DSA.Hash algorithm is used for the integrality of verification data, and typical hash algorithm includes MD2, MD4, MD5(Message-Digest
Algorithm 5)And SHA-1.
With reference to the accompanying drawings and detailed description to a kind of encryption of distributed memory system communication protocol of the invention, solution
Decryption method and device are further described:
Embodiment 1
Fig. 1 is refer to, a kind of encryption method of distributed memory system communication protocol is comprised the following steps:
Step S101:Transmitting terminal obtains initial data to be encrypted.
Step S102:Transmitting terminal builds the message of distributed memory system communication protocol, and the distributed memory system leads to
Believing the message of agreement includes seven fields, wherein the first field is to account for a random number for byte, the second field is to account for four words
The magic number of section, the 3rd field is to account for a length value for the 4th field of byte, the 4th field be random-length, it is random in
The rubbish word of appearance, the 5th field is interim request key, and the 6th field is Temporary Response key, and the 7th field is on transmitting terminal
Initial data to be encrypted.
What deserves to be explained is, seven fields of the message of distributed memory system communication protocol are by distributed memory system
Multiple memory node generations, interim request key and Temporary Response key are at intervals of set time by the every of distributed memory system
Individual memory node is generated at random, it is stipulated that time suggestion is 2 hours.The random number of the first field is used to escape protocol identification, attacks
Person can not conclude that the message is the communication protocol of distributed memory system using heading.The magic number of the second field is
0x195E8FF1, judges whether this is a communication protocol message, such as the communication protocol to distributed memory system oneself
Fruit will strengthen protection, and magic number can have multiple.In order to the network management personnel for defending or attacker are according to message length
Our message is blocked, agreement is filled with the rubbish word of one section of random-length, random content in the 4th field, and rubbish word can
To be pure digi-tal, length is 10 ~ 100 bytes.3rd field is the length for filling content at random.5th and the 6th field is plus solves
One of close key, this encryption and decryption key is the random generation of each memory node oneself, and effective range is current request-response
It is right, accordingly even when being that identical message is also differed in the ciphertext content not generated in the same time.
The interim request key is used for the transmitting terminal encryption to request message, sends the decryption of request message receiving terminal;Institute
Temporary Response key is stated for the transmitting terminal encryption to response message, the receiving terminal decryption of response message is received.
Step S103:Transmitting terminal obtains the shared key of AES.
Shared key is the character string of a string of participations encryption, and AES is operated under the control of shared key, right
Different keys are answered, identical AES and identical can produce entirely different ciphertext in plain text.
The acquisition modes of the shared key of AES can be key server, USB flash disk or Email.
AES of the present invention is RC4 AESs.RC4 AESs use XOR with data to be encrypted
(XOR)Computing generates ciphertext, and such as byte of shared key is 01101100, and the plaintext byte of be-encrypted data is 11001100,
The ciphertext byte for then drawing is 10100000.Same decrypting process is also that ciphertext and shared key carry out XOR(XOR)Computing, obtains
To corresponding initial data in plain text.
Step S104:Transmitting terminal by AES, using shared key to message in the second field to the 6th field
It is encrypted.
What deserves to be explained is, the random number of the first field need not be encrypted.
Step S105:Transmitting terminal passes through AES, using the interim request key of the 5th field in message to message
In the 7th field be encrypted, transmitting terminal sends to receiving terminal the message after encryption.
Since so, after the encryption method is encrypted, in addition to the first field is in plain text, the second to the 7th field is all
Ciphertext.
Embodiment 2
Fig. 2 is refer to, a kind of decryption method of distributed memory system communication protocol is comprised the following steps:
Step S201:Receiving terminal receives the message of the encryption from transmitting terminal.
Step S202:Receiving terminal builds the message of distributed memory system communication protocol, and the distributed memory system leads to
Believing the message of agreement includes seven fields, wherein the first field is to account for a random number for byte, the second field is to account for four words
The magic number 0x195E8FF1 of section, the 3rd field is to account for a length value for the 4th field of byte, and the 4th field is random
The rubbish word of length, random content, the 5th field is interim request key, and the 6th field is Temporary Response key, the 7th word
Section is initial data to be decrypted on receiving terminal.
Step S203:Receiving terminal obtains the shared key of AES.
Step S204:Receiving terminal by AES, using shared key to message in the second field to the 6th field
It is decrypted, and the first field to the 4th field contents is abandoned.
Step S205:Receiving terminal by AES, using the Temporary Response key of the 6th field to the 6th field after
Byte be decrypted, the initial data after being decrypted.
Receiving terminal preserves interim request key simultaneously, is used during for for sending respond request.
Above-mentioned steps S204 is further included:
Step S2041:When in receiving terminal reading message, the first field is directly skipped and abandoned;
Step S2042:Receiving terminal by AES, using shared key to message in the second field be decrypted, and test
Whether the plaintext demonstrate,proved after the decryption of the second field is magic number 0x195E8FF1, if so, next step step S2043 is then carried out, if
It is no, then abandon the message;
Step S2043:Receiving terminal reads the 3rd field in message, obtains the length of the 4th field rubbish word in message
Value, such as length of rubbish word are k bytes;
Step S2044:Receiving terminal is decrypted using shared key by AES to the 4th field of k bytes in message,
Abandon the rubbish word of the 4th field after decryption;
Step S2045:Receiving terminal by AES, using shared key to message in the 5th field and the 6th field carry out
Decryption.
Embodiment 3
Refer to Fig. 3, a kind of encryption device of distributed memory system communication protocol, including with lower unit:
Initial data acquiring unit 301, initial data to be encrypted is obtained for transmitting terminal;
Transmitting terminal message construction unit 302, the message of distributed memory system communication protocol, the distribution are built for transmitting terminal
The message of formula storage system communication protocol includes seven fields, wherein the first field is to account for a random number for byte, the second word
To account for four magic numbers of byte, the 3rd field is to account for a length value for the 4th field of byte to section, the 4th field be with
The rubbish word of captain's degree, random content, the 5th field is interim request key, and the 6th field is Temporary Response key, the 7th
Field is initial data to be encrypted on transmitting terminal;
Shared key acquiring unit 303, the shared key of AES is obtained for transmitting terminal;
First ciphering unit 304, for transmitting terminal by AES, using shared key to message in the second field to the
Six fields are encrypted;
Second ciphering unit 305, for transmitting terminal by AES, using the interim request key of the 5th field in message
The 7th field in message is encrypted, and transmitting terminal sends to receiving terminal the message after encryption.
Above-mentioned initial data acquiring unit 301 be linked in sequence successively transmitting terminal message construction unit 302, shared key acquisition
Unit 303, the first ciphering unit 304 and the second ciphering unit 305.
Embodiment 4
Refer to Fig. 4, a kind of decryption device of distributed memory system communication protocol, including with lower unit:
Message receiving unit 401, the message of the encryption from transmitting terminal is received for receiving terminal;
Receiving terminal message construction unit 402, receiving terminal builds the message of distributed memory system communication protocol, and the distribution is deposited
The message of storage system communication protocol includes seven fields, wherein the first field is to account for a random number for byte, the second field is
Four magic numbers of byte are accounted for, the 3rd field is to account for a length value for the 4th field of byte, and the 4th field is with captain
Degree, the rubbish word of random content, the 5th field are interim request key, and the 6th field is Temporary Response key, the 7th field
It is initial data to be decrypted on receiving terminal;
Acquiring unit 403, the shared key of AES is obtained for receiving terminal;
First decryption unit 404, for receiving terminal by AES, using shared key to message in the second field to the
Four fields are decrypted, and the first field to the 4th field contents is abandoned;
Second decryption unit 405, for receiving terminal by AES, using the Temporary Response key of the 6th field to the 6th word
Byte after section is decrypted, the initial data after being decrypted.
First decryption unit 404 is further included:
First reading unit 4041, during in receiving terminal reading message, directly skips and abandons the first field;
First decryption subelement 4042, for receiving terminal by AES, using shared key to message in the second field
It is decrypted, and verifies whether the plaintext after the decryption of the second field is magic number, if so, then carries out the second reading unit
4043, if it is not, then abandoning the message;
Second reading unit 4043, the 3rd field in message is read for receiving terminal, obtains the 4th field rubbish in message
The length value of word;
Second decryption subelement 4044, for receiving terminal by AES, using shared key to message in the 4th field
It is decrypted, abandons the rubbish word of the 4th field after decryption;
3rd decryption subelement 4045, for receiving terminal by AES, using shared key to message in the 5th field
It is decrypted with the 6th field.
Above-mentioned message receiving unit 401 is linked in sequence receiving terminal message construction unit 402, acquiring unit 403, first successively
The decryption unit 405 of decryption unit 404 and second, wherein the first decryption unit 404 further includes the first reading unit 4041,
One decryption subelement 4042, the second reading unit 4043, second decrypt the decryption subelement 4045 of subelement 4044 and the 3rd.
For device disclosed in the embodiment of the present invention, because it is corresponded to the method disclosed in Example, so retouching
State fairly simple, related part is referring to method part illustration.
Professional further appreciates that, with reference to the unit of each example of the embodiments described herein description
And algorithm steps, can be realized with electronic hardware, computer software or the combination of the two, in order to clearly demonstrate hardware and
The interchangeability of software, generally describes the composition and step of each example according to function in the above description.And this
A little functions are performed with hardware or software mode actually, depending on the application-specific and design constraint of technical scheme.Specially
Industry technical staff can realize described function to each specific application using distinct methods, but this realization is not
It is considered as beyond the scope of this invention.
Schematical specific embodiment of the invention is the foregoing is only, the scope of the present invention is not limited to, it is any
The equivalent variations that those skilled in the art is made on the premise of present inventive concept and principle is not departed from and modification, all should belong to
In the scope of protection of the invention.
Claims (9)
1. a kind of encryption method of distributed memory system communication protocol, it is characterised in that comprise the following steps:
Transmitting terminal obtains initial data to be encrypted;
Transmitting terminal builds the message of distributed memory system communication protocol, the message bag of the distributed memory system communication protocol
Seven fields are included, wherein the first field is to account for a random number for byte, the second field is to account for four magic numbers of byte, the
Three fields are to account for a length value for the 4th field of byte, and the 4th field is random-length, the rubbish word of random content, the
Five fields are interim request key, and the 6th field is Temporary Response key, and the 7th field is original number to be encrypted on transmitting terminal
According to;
Transmitting terminal obtains the shared key of AES;
Transmitting terminal by AES, using shared key to message in the second field to the 6th field be encrypted;
Transmitting terminal by AES, using the interim request key of the 5th field in message to message in the 7th field enter
Row encryption, transmitting terminal sends to receiving terminal the message after encryption.
2. the encryption method of distributed memory system communication protocol according to claim 1, it is characterised in that the distribution
Seven fields of the message of formula storage system communication protocol are generated by multiple memory nodes of distributed memory system.
3. the encryption method of distributed memory system communication protocol according to claim 1, it is characterised in that described interim
Request key and Temporary Response key are generated at random at intervals of set time by each memory node of distributed memory system.
4. the encryption method of distributed memory system communication protocol according to claim 1, it is characterised in that the encryption
Algorithm is RC4 AESs.
5. a kind of decryption method of distributed memory system communication protocol, it is characterised in that comprise the following steps:
Receiving terminal receives the message after the encryption from transmitting terminal;
Receiving terminal builds the message of distributed memory system communication protocol, the message bag of the distributed memory system communication protocol
Seven fields are included, wherein the first field is to account for a random number for byte, the second field is to account for four magic numbers of byte, the
Three fields are to account for a length value for the 4th field of byte, and the 4th field is random-length, the rubbish word of random content, the
Five fields are interim request key, and the 6th field is Temporary Response key, and the 7th field is original number to be decrypted on receiving terminal
According to;
Receiving terminal obtains the shared key of AES;
Receiving terminal by AES, using shared key to message in the second field to the 6th field be decrypted, and will
First field to the 4th field contents is abandoned;
Receiving terminal by AES, using the Temporary Response key of the 6th field in message to the 6th field in message after
Byte be decrypted, the initial data after being decrypted.
6. the decryption method of distributed memory system communication protocol according to claim 5, it is characterised in that the reception
End by AES, using shared key to message in the second field to the 6th field be decrypted, and by the first field
Abandoned to the 4th field contents, further included:
When in receiving terminal reading message, the first field is directly skipped and abandoned;
Receiving terminal by AES, using shared key to message in the second field be decrypted, and verify the second field
Whether the plaintext after decryption is magic number, if so, next step is then carried out, if it is not, then abandoning the message;
Receiving terminal reads the 3rd field in message, obtains the length value of the 4th field rubbish word in message;
Receiving terminal by AES, using shared key to message in the 4th field be decrypted, abandon the after decryption
The rubbish word of four fields;
Receiving terminal by AES, using shared key to message in the 5th field and the 6th field be decrypted.
7. the distribution of the encryption method based on the distributed memory system communication protocol any one of claim 1 ~ 4 is deposited
The encryption device of storage system communication protocol, it is characterised in that including:
Initial data acquiring unit, initial data to be encrypted is obtained for transmitting terminal;
Transmitting terminal message construction unit, the message of distributed memory system communication protocol, the distribution are built for transmitting terminal
The message of storage system communication protocol includes seven fields, wherein the first field is to account for a random number for byte, the second field
To account for four magic numbers of byte, the 3rd field is to account for a length value for the 4th field of byte, and the 4th field is random
The rubbish word of length, random content, the 5th field is interim request key, and the 6th field is Temporary Response key, the 7th word
Section is initial data to be encrypted on transmitting terminal;
Shared key acquiring unit, the shared key of AES is obtained for transmitting terminal;
First ciphering unit, for transmitting terminal by AES, using shared key to message in the second field to the 6th
Field is encrypted;
Second ciphering unit, for transmitting terminal by AES, using the interim request key pair of the 5th field in message
The 7th field in message is encrypted, and transmitting terminal sends to receiving terminal the message after encryption.
8. the distribution of the decryption method based on the distributed memory system communication protocol any one of claim 5 ~ 6 is deposited
The decryption device of storage system communication protocol, it is characterised in that including:
Message receiving unit, the message after the encryption from transmitting terminal is received for receiving terminal;
Receiving terminal message construction unit, receiving terminal builds the message of distributed memory system communication protocol, the distributed storage
The message of system communication protocol includes seven fields, wherein the first field is to account for a random number for byte, the second field is to account for
Four magic numbers of byte, the 3rd field is to account for a length value for the 4th field of byte, the 4th field be random-length,
The rubbish word of random content, the 5th field is interim request key, and the 6th field is Temporary Response key, and the 7th field is to connect
Initial data to be decrypted in receiving end;
Acquiring unit, the shared key of AES is obtained for receiving terminal;
First decryption unit, for receiving terminal by AES, using shared key to message in the second field to the 6th
Field is decrypted, and the first field to the 4th field contents is abandoned;
Second decryption unit, receiving terminal passes through AES, using the Temporary Response key of the 6th field in message to message
In the 6th field after byte be decrypted, the initial data after being decrypted.
9. the decryption device of distributed memory system communication protocol according to claim 8, it is characterised in that the first decryption
Unit is further included:
First reading unit, during in receiving terminal reading message, directly skips and abandons the first field;
First decryption subelement, for receiving terminal by AES, using shared key to message in the second field carry out
Decryption, and verify whether the plaintext after the decryption of the second field is magic number, if so, next step is then carried out, if it is not, then abandon should
Message;
Second reading unit, the 3rd field in message is read for receiving terminal, obtains the 4th field rubbish word in message
Length value;
Second decryption subelement, for receiving terminal by AES, using shared key to message in the 4th field carry out
Decryption, abandons the rubbish word of the 4th field after decryption;
3rd decryption subelement, for receiving terminal by AES, using shared key to message in the 5th field and the
Six fields are decrypted.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710088017.0A CN106850191B (en) | 2017-02-19 | 2017-02-19 | Encryption and decryption method and device for communication protocol of distributed storage system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710088017.0A CN106850191B (en) | 2017-02-19 | 2017-02-19 | Encryption and decryption method and device for communication protocol of distributed storage system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106850191A true CN106850191A (en) | 2017-06-13 |
| CN106850191B CN106850191B (en) | 2020-03-10 |
Family
ID=59127890
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710088017.0A Active CN106850191B (en) | 2017-02-19 | 2017-02-19 | Encryption and decryption method and device for communication protocol of distributed storage system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106850191B (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108540501A (en) * | 2018-07-18 | 2018-09-14 | 郑州云海信息技术有限公司 | A kind of method and apparatus of asymmetric cryptosystem |
| CN108833086A (en) * | 2018-05-04 | 2018-11-16 | 深圳绿米联创科技有限公司 | Fingerprint lock and its working method |
| CN109474425A (en) * | 2018-12-25 | 2019-03-15 | 国科量子通信网络有限公司 | A method of length derivative key is arbitrarily designated based on the acquisition of multiple shared keys |
| CN109815713A (en) * | 2018-12-27 | 2019-05-28 | 郑州新大方重工科技有限公司 | A kind of encryption method based on electric system of engineering machinery |
| CN112637225A (en) * | 2020-12-28 | 2021-04-09 | 厦门市美亚柏科信息股份有限公司 | Data sending method, data receiving method, client and server |
| CN113904789A (en) * | 2021-08-17 | 2022-01-07 | 卡斯柯信号有限公司 | Encryption method, equipment and storage medium of railway safety communication protocol |
| CN114500093A (en) * | 2022-02-24 | 2022-05-13 | 中国工商银行股份有限公司 | Safe interaction method and system for message information |
| CN117527238A (en) * | 2024-01-03 | 2024-02-06 | 成都新希望金融信息有限公司 | Key generation method, device, electronic equipment and storage medium |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20010023484A1 (en) * | 2000-03-14 | 2001-09-20 | Gen Ichimura | Transmission apparatus, reception apparatus, transmission method, reception method and recording medium |
| CN1777040A (en) * | 2005-12-14 | 2006-05-24 | 北京北大方正电子有限公司 | Variable length structural information coding and decoding method |
| CN101785272A (en) * | 2007-08-20 | 2010-07-21 | 高通股份有限公司 | Method and apparatus for generating a cryptosync |
| CN104156451A (en) * | 2014-08-18 | 2014-11-19 | 深圳市一五一十网络科技有限公司 | Data storage managing method and system |
| CN104796249A (en) * | 2015-03-19 | 2015-07-22 | 谭旗 | Method for encrypting serial communication data of microcomputer |
| CN105357004A (en) * | 2015-12-03 | 2016-02-24 | 万达信息股份有限公司 | Medical privacy data self-encryption method and self-decryption method |
| CN105847238A (en) * | 2016-03-16 | 2016-08-10 | 杭州狮说教育科技有限公司 | Safe data transmission method based on Real-Time Messaging Protocol (RTMP) connections |
-
2017
- 2017-02-19 CN CN201710088017.0A patent/CN106850191B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20010023484A1 (en) * | 2000-03-14 | 2001-09-20 | Gen Ichimura | Transmission apparatus, reception apparatus, transmission method, reception method and recording medium |
| CN1777040A (en) * | 2005-12-14 | 2006-05-24 | 北京北大方正电子有限公司 | Variable length structural information coding and decoding method |
| CN101785272A (en) * | 2007-08-20 | 2010-07-21 | 高通股份有限公司 | Method and apparatus for generating a cryptosync |
| CN104156451A (en) * | 2014-08-18 | 2014-11-19 | 深圳市一五一十网络科技有限公司 | Data storage managing method and system |
| CN104796249A (en) * | 2015-03-19 | 2015-07-22 | 谭旗 | Method for encrypting serial communication data of microcomputer |
| CN105357004A (en) * | 2015-12-03 | 2016-02-24 | 万达信息股份有限公司 | Medical privacy data self-encryption method and self-decryption method |
| CN105847238A (en) * | 2016-03-16 | 2016-08-10 | 杭州狮说教育科技有限公司 | Safe data transmission method based on Real-Time Messaging Protocol (RTMP) connections |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108833086A (en) * | 2018-05-04 | 2018-11-16 | 深圳绿米联创科技有限公司 | Fingerprint lock and its working method |
| CN108540501A (en) * | 2018-07-18 | 2018-09-14 | 郑州云海信息技术有限公司 | A kind of method and apparatus of asymmetric cryptosystem |
| CN109474425A (en) * | 2018-12-25 | 2019-03-15 | 国科量子通信网络有限公司 | A method of length derivative key is arbitrarily designated based on the acquisition of multiple shared keys |
| CN109474425B (en) * | 2018-12-25 | 2021-06-25 | 国科量子通信网络有限公司 | Method for obtaining derived key with any specified length based on multiple shared keys |
| CN109815713A (en) * | 2018-12-27 | 2019-05-28 | 郑州新大方重工科技有限公司 | A kind of encryption method based on electric system of engineering machinery |
| CN112637225A (en) * | 2020-12-28 | 2021-04-09 | 厦门市美亚柏科信息股份有限公司 | Data sending method, data receiving method, client and server |
| CN113904789A (en) * | 2021-08-17 | 2022-01-07 | 卡斯柯信号有限公司 | Encryption method, equipment and storage medium of railway safety communication protocol |
| CN113904789B (en) * | 2021-08-17 | 2024-03-29 | 卡斯柯信号有限公司 | Encryption method, equipment and storage medium of railway safety communication protocol |
| CN114500093A (en) * | 2022-02-24 | 2022-05-13 | 中国工商银行股份有限公司 | Safe interaction method and system for message information |
| CN117527238A (en) * | 2024-01-03 | 2024-02-06 | 成都新希望金融信息有限公司 | Key generation method, device, electronic equipment and storage medium |
| CN117527238B (en) * | 2024-01-03 | 2024-03-19 | 成都新希望金融信息有限公司 | Key generation method, device, electronic equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106850191B (en) | 2020-03-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Hasan et al. | Lightweight cryptographic algorithms for guessing attack protection in complex internet of things applications | |
| CN106850191A (en) | The encryption and decryption method and device of distributed memory system communication protocol | |
| CN104023013B (en) | Data transmission method, server side and client | |
| Mitali et al. | A survey on various cryptography techniques | |
| Harba | Secure data encryption through a combination of AES, RSA and HMAC | |
| CN112398651B (en) | Quantum secret communication method and device, electronic equipment and storage medium | |
| Saxena et al. | Dynamic secrets and secret keys based scheme for securing last mile smart grid wireless communication | |
| JP7353375B2 (en) | End-to-end double ratchet encryption with epoch key exchange | |
| Koko et al. | Comparison of Various Encryption Algorithms and Techniques for improving secured data Communication | |
| CN116321129B (en) | Lightweight dynamic key-based power transaction private network communication encryption method | |
| CN109104278A (en) | A kind of encrypting and decrypting method | |
| Agosta et al. | Cyber-security analysis and evaluation for smart home management solutions | |
| CN104954136A (en) | Network security encryption device under cloud computing environment | |
| Ding et al. | A lightweight and secure communication protocol for the IoT environment | |
| Sreehari et al. | A Review on FPGA Implementation of Lightweight Cryptography for Wireless Sensor Network | |
| Afolabi et al. | Comparative analysis of some selected cryptographic algorithms | |
| Kumar et al. | A novel framework for secure file transmission using modified AES and MD5 algorithms | |
| Purevjav et al. | Email encryption using hybrid cryptosystem based on Android | |
| CN108768923A (en) | A kind of real-time encrypted method of chat of the Encryption Algorithm based on Quantum Reversible Logic circuit | |
| Tripathy et al. | A new hybrid cryptography technique in wireless sensor network | |
| Gupta | Cryptography and Network Security | |
| Abdullah et al. | Extended spins framework for security wireless sensor network | |
| Hartl et al. | Subverting Counter Mode Encryption for Hidden Communication in High-Security Infrastructures | |
| Harba | Secure Data Encryption by Combination AES, RSA and HMAC | |
| Li | Exploring the Application of Data Encryption Technology in Computer Network Security |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |