CN108075879B - Data encryption and decryption method, device and system - Google Patents
Data encryption and decryption method, device and system Download PDFInfo
- Publication number
- CN108075879B CN108075879B CN201610990502.2A CN201610990502A CN108075879B CN 108075879 B CN108075879 B CN 108075879B CN 201610990502 A CN201610990502 A CN 201610990502A CN 108075879 B CN108075879 B CN 108075879B
- Authority
- CN
- China
- Prior art keywords
- data
- binary
- key
- leaf node
- transmitted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a method, a device and a system for encrypting and decrypting data. The method comprises the following steps: generating a binary tree for encrypting data; generating a first traversal sequence and a second traversal sequence based on the binary tree; determining information stored by at least one leaf node in the binary tree as a key; generating key encryption information based on a binary tree encoding of at least one leaf node; converting information stored by each leaf node in the key into a binary system to obtain a binary key, and converting data to be transmitted into binary system data to be transmitted; calculating the binary key and the binary data to be transmitted according to a preset encryption algorithm to obtain encrypted data; and sending the first traversal sequence, the second traversal sequence, the key encryption information and the encrypted data to a receiving end of the data to be transmitted. The data encryption and decryption method disclosed by the invention can improve the security of data transmission.
Description
Technical Field
The present invention belongs to the field of communication technologies, and in particular, to a method, an apparatus, and a system for data encryption and decryption.
Background
With the development of internet technology, more and more information data are transmitted through a network, and the problem of how to ensure the data transmission security is increasingly prominent. At present, when people transmit data, the transmitted data is usually encrypted, so that the security of data transmission is ensured. There are many existing data encryption algorithms, and one of the commonly used data encryption algorithms is an encryption algorithm based on a binary tree. In the prior art, when an encryption algorithm based on a binary tree is applied, the binary tree is constructed based on data to be encrypted, so that the content of the data is stored in leaf nodes of the binary tree, plaintext data is converted into ciphertext data, the formation of the ciphertext data is determined by the structure of the binary tree, and then the generated binary tree information is transmitted to a receiving terminal. In the prior art, the plaintext data is stored in the generated binary tree, and transmitted binary tree information always contains all or part of plaintext data, so that encrypted data is easy to crack, and the safety of data transmission is reduced.
Disclosure of Invention
The embodiment of the invention provides a method, a device and a system for encrypting and decrypting data, which can solve the problems that the transmission of binary tree information used for encrypting plaintext data contains all or part of plaintext data, so that the encrypted data is easy to crack and the safety of data transmission is reduced.
In a first aspect, the present invention provides a method for encrypting data, including:
generating a binary tree for encrypting data;
generating a first traversal sequence and a second traversal sequence based on the binary tree, wherein the binary tree can be restored through the first traversal sequence and the second traversal sequence;
determining information stored by at least one leaf node in the binary tree as a key;
generating key encryption information based on a binary tree encoding of at least one leaf node;
converting information stored by each leaf node in the key into a binary system to obtain a binary key, and converting data to be transmitted into binary system data to be transmitted;
calculating the binary key and the binary data to be transmitted according to a preset encryption algorithm to obtain encrypted data;
and sending the first traversal sequence, the second traversal sequence, the key encryption information and the encrypted data to a receiving end of the data to be transmitted.
With reference to the first aspect, in a first implementation manner of the first aspect, before the sending the first traversal sequence, the second traversal sequence, the key encryption information, and the encrypted data to the receiving end of the data to be transmitted, the method further includes:
generating at least two different data packets including a first data packet and a second data packet, the at least two different data packets carrying the key encryption information and the encryption data, and the first data packet including the first traversal sequence and the second data packet including the second traversal sequence;
the sending the first traversal sequence, the second traversal sequence, the key encryption information, and the encrypted data to the receiving end of the data to be transmitted includes:
and sending the at least two different data packets to the receiving end, wherein the first data packet and the second data packet are respectively sent.
With reference to the first aspect, in a second implementation manner of the first aspect, the generating key encryption information based on binary tree coding of the at least one leaf node includes:
and arranging the binary tree codes of the at least one leaf node based on the arrangement sequence of the information stored in the at least one leaf node to obtain the key encryption information.
With reference to the first aspect, in a third implementation manner of the first aspect, an arrangement order of information stored by each leaf node in the key is the same as an order of information stored by each leaf node in the binary key;
the calculating the binary key and the binary data to be transmitted according to a preset encryption algorithm to obtain encrypted data comprises:
and calculating the binary data to be transmitted according to the arrangement sequence of the information stored by each leaf node in the binary key and the information stored by each leaf node in the binary key in sequence according to a preset encryption algorithm to obtain the encrypted data.
With reference to the first aspect or any one implementation manner of the first aspect, in a fourth implementation manner of the first aspect, the preset encryption algorithm includes an exclusive or algorithm.
In a second aspect, the present invention provides a method for decrypting data, including:
receiving a first traversal sequence, a second traversal sequence, key encryption information and encrypted data sent by a sending end of data to be transmitted;
restoring to obtain a binary tree based on the first traversal sequence and the second traversal sequence;
determining a key comprising information stored by at least one leaf node in the binary tree based on the restored binary tree and the key encryption information;
converting the information stored by each leaf node in the key into a binary system to obtain a binary key;
calculating the binary key and the encrypted data according to a preset decryption algorithm to obtain decrypted binary data to be transmitted, wherein the preset decryption algorithm corresponds to a preset encryption algorithm for encrypting the data to be transmitted by a transmitting end;
and converting the decrypted binary data to be transmitted into the data to be transmitted.
With reference to the second aspect, in a first implementation manner of the second aspect, the receiving the first traversal sequence, the second traversal sequence, the key information, and the encrypted data sent by the sending end of the data to be transmitted includes:
receiving at least two different data packets including a first data packet and a second data packet sent by the sending end, where the at least two different data packets carry the key encryption information and the encrypted data, the first data packet includes a first traversal sequence, the second data packet includes a second traversal sequence, and the first data packet and the second data packet are sent by the sending end respectively.
With reference to the second aspect, in a second implementation manner of the second aspect, the determining, based on the restored binary tree and the key encryption information, a key that includes information stored by at least one leaf node in the binary tree includes:
and determining the key and the arrangement sequence of the information stored by each leaf node in the key based on the restored binary tree and the key encryption information.
With reference to the second aspect, in a third implementation manner of the second aspect, the calculating the binary key and the encrypted data according to a preset decryption algorithm to obtain decrypted binary data to be transmitted includes:
calculating the encrypted data and the information stored by each leaf node in the binary key in sequence according to the arrangement sequence of the information stored by each leaf node in the binary key and a preset decryption algorithm to obtain decrypted binary data; alternatively, the first and second electrodes may be,
and calculating the encrypted data and the information stored by each leaf node in the binary key in sequence according to the reverse arrangement sequence of the information stored by each leaf node in the binary key and a preset decryption algorithm to obtain the decrypted binary data.
With reference to the third implementation manner of the second aspect, in a fourth implementation manner of the second aspect, when the step of calculating the binary key and the encrypted data according to a preset decryption algorithm to obtain the decrypted binary data to be transmitted adopts an execution method of calculating the encrypted data according to a reverse arrangement order of information stored by each leaf node in the binary key and information stored by each leaf node in the binary key according to a preset decryption algorithm to obtain the decrypted binary data, the preset decryption algorithm includes an exclusive or operation.
With reference to the second aspect or any one implementation manner of the second aspect, in a fifth implementation manner of the second aspect, the preset decryption algorithm and the preset encryption algorithm are inverse operations of each other.
In a third aspect, the present invention provides an apparatus for encrypting data, including:
a binary tree generating unit for generating a binary tree for encrypting data;
a sequence generating unit, configured to generate a first traversal sequence and a second traversal sequence based on a binary tree, where the binary tree can be restored by the first traversal sequence and the second traversal sequence;
the determining unit is used for determining information stored in at least one leaf node in the binary tree as a key;
a key encryption information generation unit for generating key encryption information based on a binary tree code of at least one leaf node;
the conversion unit is used for converting the information stored by each leaf node in the key into a binary system to obtain a binary key and converting the data to be transmitted into binary system data to be transmitted;
the computing unit is used for computing the binary key and the binary data to be transmitted according to a preset encryption algorithm to obtain encrypted data;
and the sending unit is used for sending the first traversal sequence, the second traversal sequence, the key encryption information and the encrypted data to a receiving end of the data to be transmitted.
With reference to the third aspect, in a first implementation manner of the third aspect, the method further includes:
a data packet generating unit, configured to generate at least two different data packets including a first data packet and a second data packet, where the at least two different data packets carry the key encryption information and the encrypted data, the first data packet includes a first traversal sequence, and the second data packet includes a second traversal sequence;
the sending unit is specifically configured to send the at least two different data packets to the receiving end, where the first data packet and the second data packet are sent separately.
With reference to the third aspect, in a second implementation manner of the third aspect, the key encryption information generating unit is specifically configured to arrange binary tree codes of the at least one leaf node based on an arrangement order of information stored in the at least one leaf node to obtain the key encryption information.
With reference to the third aspect, in a third implementation manner of the third aspect, an arrangement order of information stored by each leaf node in the key is the same as an ordering of information stored by each leaf node in the binary key;
the computing unit is specifically configured to compute the binary data to be transmitted according to an arrangement order of information stored in each leaf node in the binary key and information stored in each leaf node in the binary key in sequence according to a preset encryption algorithm to obtain the encrypted data.
With reference to the third aspect or any one implementation manner of the third aspect, in a fourth implementation manner of the third aspect, the preset encryption algorithm includes an exclusive or algorithm.
In a fourth aspect, the present invention provides an apparatus for decrypting data, comprising:
the receiving unit is used for receiving a first traversal sequence, a second traversal sequence, key encryption information and encrypted data sent by a sending end of data to be transmitted;
the binary tree restoration unit is used for restoring and obtaining a binary tree based on the first traversal sequence and the second traversal sequence;
a determining unit, configured to determine, based on the restored binary tree and the key encryption information, a key including information stored by at least one leaf node in the binary tree;
the binary system conversion unit is used for converting the information stored by each leaf node in the key into a binary system to obtain a binary system key;
the computing unit is used for computing the binary key and the encrypted data according to a preset decryption algorithm to obtain decrypted binary data to be transmitted, wherein the preset decryption algorithm corresponds to a preset encryption algorithm for encrypting the data to be transmitted by the transmitting end;
and the data conversion unit is used for converting the decrypted binary data to be transmitted into the data to be transmitted.
With reference to the first aspect, in a first implementation manner of the first aspect, the receiving unit is specifically configured to receive at least two different data packets that are sent by the sending end and include a first data packet and a second data packet, where the at least two different data packets carry the key encryption information and the encrypted data, the first data packet includes a first traversal sequence, the second data packet includes a second traversal sequence, and the first data packet and the second data packet are sent by the sending end respectively.
With reference to the first aspect, in a second implementation manner of the first aspect, the determining unit is specifically configured to determine the key and an arrangement order of information stored by each leaf node in the key based on the restored binary tree and the key encryption information.
With reference to the first aspect, in a third implementation manner of the first aspect, the calculating unit is specifically configured to calculate the encrypted data sequentially according to an arrangement order of information stored in each leaf node in the binary key and information stored in each leaf node in the binary key according to a preset decryption algorithm to obtain decrypted binary data, or calculate the encrypted data sequentially according to a reverse arrangement order of information stored in each leaf node in the binary key and information stored in each leaf node in the binary key according to a preset decryption algorithm to obtain decrypted binary data.
With reference to the third implementation manner of the first aspect, in a fourth implementation manner of the first aspect, when the calculating unit is specifically configured to calculate the encrypted data sequentially according to a reverse arrangement order of information stored in each leaf node in the binary key and information stored in each leaf node in the binary key according to a preset decryption algorithm to obtain decrypted binary data, the preset decryption algorithm includes an exclusive-or operation.
With reference to the first aspect or any implementation manner of the first aspect, in a fifth implementation manner of the first aspect, the preset decryption algorithm and the preset encryption algorithm are inverse operations of each other.
In a fifth aspect, the present invention provides a system for encrypting and decrypting data, comprising a device for encrypting data as described in the third aspect and a device for decrypting data as described in the fourth aspect.
The invention provides a method, a device and a system for encrypting and decrypting data, wherein a sending end of data to be transmitted generates a binary tree used for encrypting the data, and a first traversal sequence and a second traversal sequence which can restore the binary tree are sent to a receiving end of the data to be transmitted; after the transmitting end and the receiving end convert the information stored by at least one leaf node in the binary tree into a binary key, the transmitting end calculates the binary key and the data to be transmitted converted into the binary system according to a preset encryption algorithm to obtain encrypted data, and the receiving end calculates the binary key and the encrypted data according to a preset decryption algorithm to obtain decrypted binary system data to be transmitted; the transmitting end encrypts data to be transmitted according to information stored in at least one leaf node in a binary tree, but sends the information to the receiving end based on the binary tree code of the at least one leaf node to generate key information, and the receiving end can determine the information stored in the leaf node for encrypting the data to be transmitted according to the key information, so that the information for encrypting and decrypting the data to be transmitted is not directly transmitted between the transmitting end and the receiving end, but the key information for further encrypting the information for encrypting and decrypting the data to be transmitted is transmitted, and therefore the security of information transmission for encrypting and decrypting the data to be transmitted is improved, and the security of data transmission is further improved. In addition, when the data transmission is carried out at the sending end and the receiving end, the information of the unencrypted data to be transmitted cannot be involved, so that the problems that the encrypted data is easy to crack and the data transmission safety is reduced are solved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments of the present invention will be briefly described below, and it is obvious that the drawings described below are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
FIG. 1 shows a schematic flow diagram of a method of data encryption according to an embodiment of the invention;
FIG. 2 is a schematic diagram of a binary tree generated in the method of data encryption shown in FIG. 1;
FIG. 3 shows a schematic flow chart of a method of data encryption according to a further embodiment of the present invention;
FIG. 4 shows a schematic flow chart of a method of data decryption according to another embodiment of the present invention;
FIG. 5 shows a schematic block diagram of an apparatus for data encryption according to an embodiment of the present invention;
FIG. 6 shows a schematic block diagram of an apparatus for data encryption according to yet another embodiment of the present invention;
FIG. 7 shows a schematic block diagram of an apparatus for data decryption according to another embodiment of the present invention;
fig. 8 shows a schematic block diagram of a system for data encryption and decryption according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Features and exemplary embodiments of various aspects of the present invention will be described in detail below. In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of the present invention. It will be apparent, however, to one skilled in the art that the present invention may be practiced without some of these specific details. The following description of the embodiments is merely intended to provide a better understanding of the present invention by illustrating examples of the present invention. The present invention is in no way limited to any specific configuration and algorithm set forth below, but rather covers any modification, replacement or improvement of elements, components or algorithms without departing from the spirit of the invention. The embodiments and features of the embodiments in the present application may be combined with each other without conflict. The present application will be described in detail below with reference to the embodiments with reference to the attached drawings.
The embodiment of the invention is suitable for a scene of encrypting and transmitting data to be transmitted when the data are transmitted. After a sending end of data to be transmitted encrypts the data to be transmitted by the data encryption method in the embodiment of the invention, a receiving end of the data to be transmitted decrypts the encrypted data by the data decryption method in the embodiment of the invention according to information sent by the sending end, and finally, accurate data to be transmitted is obtained.
Fig. 1 shows a schematic flow diagram of a method of data encryption according to an embodiment of the invention. As shown in FIG. 1, the method can be used for a transmitting end of data to be transmitted, and includes the steps of S110, generating a binary tree for encrypting data; s120, generating a first traversal sequence and a second traversal sequence based on the binary tree; s130, determining information stored in at least one leaf node in the binary tree as a key; s140, generating key encryption information based on the binary tree code of at least one leaf node; s150, converting the information stored by each leaf node in the key into a binary system to obtain a binary key, and converting the data to be transmitted into binary system data to be transmitted; s160, calculating the binary key and the binary data to be transmitted according to a preset encryption algorithm to obtain encrypted data; s170, sending the first traversal sequence, the second traversal sequence, the key encryption information and the encrypted data to a receiving end of the data to be transmitted.
In step S110, the transmitting end may randomly generate a binary tree for encrypting data. For example, as shown in fig. 2, for a binary tree generated for encrypting data according to an embodiment of the present invention, the binary tree uses huffman coding, and for all nodes, if there is a left child, the branch pointing to the left child is coded as 0, and if there is a right child, the branch pointing to the right child is coded as 1.
In step S120, a unique binary tree (generated for the transmitting end) can be restored through the first traversal sequence and the second traversal sequence, that is, after the receiving end receives the first traversal sequence and the second traversal sequence, the binary tree generated by the transmitting end can be obtained according to the first traversal sequence and the second traversal sequence. Those skilled in the art can know that the binary tree obtains different traversal sequences through different traversal modes, and the traversal modes include: the first traversal sequence and the second traversal sequence in the step can be the pre-order traversal sequence, the middle-order traversal sequence, or the post-order traversal sequence, or the layer-order traversal sequence. For example, as shown in fig. 2, in a binary tree with a middle traversal sequence of DHBIEAFJCG and a front traversal sequence of ABDHEICFJG, if other devices obtain the middle traversal sequence (DHBIEAFJCG) and the front traversal sequence (ABDHEICFJG) of the binary tree shown in fig. 2, the binary tree shown in fig. 2 can be obtained.
In step S130, the information stored on at least one leaf node in the binary tree is determined as a key for encrypting data to be transmitted. For example, in the embodiment of the present invention, information stored in the leaf node GIJH in the binary tree shown in fig. 2 is selected as a key.
In step S140, key encryption information is generated based on the binary tree coding of the at least one leaf node determined in step S130, that is, after the information stored in the at least one leaf node is determined as a key in step S130, the binary tree corresponding to the determined leaf node in the binary tree is coded as the key encryption information of the key. Since the binary tree code is unique for the leaf node of the binary tree, the leaf node can be uniquely determined after the binary tree code of the binary tree and the leaf child node in the binary tree is determined. For example, in the embodiment of the present invention, information stored in the leaf child node GIJH in the binary tree shown in fig. 2 is selected as a key, and binary tree codes corresponding to each leaf child node are respectively: and G is coded as 11, I is coded as 010, J is coded as 101, H is coded as 001, and the key encryption information is (11010101001).
In step S150, since the binary system is simple to calculate and convenient to operate, the key and the data to be transmitted are converted into the binary system in this step and then calculated. The method of converting the secret key and the data to be transmitted into the binary system in this step is not limited, and for example, the secret key and the data to be transmitted may be converted by a correlation function, and the binary key obtained after the secret key GIJH is converted into the binary system is (01100111, 01101001, 01101010, 01101000).
In step S160, the encryption algorithm is preset, and may be specifically an exclusive or algorithm, and the like, which is not limited herein.
In the embodiment of the invention, a transmitting end of data to be transmitted generates a binary tree used for encrypting the data, and can restore a first traversal sequence and a second traversal sequence of the binary tree and transmit the binary tree to a receiving end of the data to be transmitted, so that the receiving end can accurately restore the binary tree generated by the transmitting end according to the two received traversal sequences, and the accuracy of decrypting the encrypted data to be transmitted is ensured; the transmitting end uses information stored by at least one leaf node in the binary tree as a secret key, converts the secret key into a binary system, and calculates the binary system and the to-be-transmitted data converted into the binary system according to a preset encryption algorithm to obtain encrypted data, so that the binary tree and the binary system operation are combined to encrypt and decrypt the to-be-transmitted data, the complexity of encryption and decryption is improved, and the safety of data transmission is higher; the information stored by at least one leaf node in the binary tree is used as the key by the sending end, but the key encryption information is generated based on the binary tree code of each leaf node in the key and sent to the receiving end, so that the receiving end can determine the information stored by the leaf node for encrypting the data to be transmitted according to the key encryption information, the key cannot be directly transmitted between the sending end and the receiving end, but the key encryption information for further encrypting the key is transmitted, the security of information transmission for encrypting and decrypting the data to be transmitted is improved, and the security of data transmission is improved. In addition, when the data transmission is carried out at the sending end and the receiving end, the information of the unencrypted data to be transmitted cannot be involved, so that the problems that the encrypted data is easy to crack and the data transmission safety is reduced are solved.
Fig. 3 shows a schematic flow chart of a method of data decryption according to a further embodiment of the present invention, the embodiment shown in fig. 3 differs from the embodiment shown in fig. 1 in that step S180 may be further performed before step S170 in the method to generate at least two different data packets including a first data packet and a second data packet; step S170 may be specifically performed as: step S171, at least two different data packets are sent to the receiving end.
At least two different data packets carry key encryption information and encryption data, the first data packet comprises a first traversal sequence, and the second data packet comprises a second traversal sequence. In step S180, the transmitting end generates a first traversal sequence, a second traversal sequence, key encryption information, and encrypted data to be transmitted to the receiving end into at least two data packets including a first data packet and a second data packet, where the first data packet includes the first traversal sequence and the second data packet includes the second traversal sequence, and the key encryption information and the encrypted data may be carried in any one of the at least two data packets.
In step S171, the first and second packets are transmitted, respectively. When the transmitting end transmits at least two data packets to the receiving end, the first data packet and the second data packet need to be respectively transmitted, so that the first traversal sequence and the second traversal sequence are prevented from being intercepted by an illegal person at the same time when the first traversal sequence and the second traversal sequence are transmitted together, the binary tree generated in the step S110 is prevented from being intercepted and restored when the first traversal sequence and the second traversal sequence are transmitted simultaneously, encrypted data is decoded, and the safety of data transmission is improved.
It should be noted that the manner in which the sending end sends the first data packet and the second data packet respectively may be sending simultaneously but through different channels, or sending end may send twice in sequence. The first traversal sequence and the second traversal sequence sent in S171 may also be encrypted and sent, so as to further improve the security of data transmission.
It is understood that step S140 may be specifically performed as: step S141, arranging the binary tree codes of at least one leaf node based on the arrangement sequence of the information stored in at least one leaf node to obtain the key encryption information.
In step S141, the information stored in at least one leaf node is the information stored in each leaf node in the key, and the binary tree code of at least one leaf node is the binary tree code of each leaf node constituting the key.
It should be noted that, when the key is composed of information stored in a plurality of leaf nodes, different permutation sequences may constitute different keys, and if the permutation sequences of the information stored in each leaf node in the key are different, which may result in obtaining different results when encrypting data to be encrypted in step S160, it is necessary that the permutation sequence of the binary tree codes of each leaf node in the key encryption information is consistent with the permutation sequence of the information stored in each leaf node in the key, so that after the transmitting end transmits the key encryption information to the receiving end, the receiving end may determine the information stored in each leaf node in the key according to the binary tree codes of each leaf node in the key encryption information, and determine the permutation sequence of the information stored in each leaf node in the key according to the permutation sequence of the binary tree codes of each leaf node in the key encryption information, thereby uniquely determining the key generated by the transmitting end, the accuracy of decrypting the encrypted data is ensured.
It can be understood that, in the method, the information stored by each leaf node in the key is arranged in the same order as the information stored by each leaf node in the binary key; step S160 may be specifically executed as step S161, in which the binary data to be transmitted and the information stored in each leaf node in the binary key are sequentially calculated according to a preset encryption algorithm to obtain encrypted data.
After the information stored in each leaf node in the key is converted into the binary system in step S150 to obtain the binary key, in step S160, the information stored in each leaf node in the binary key may be calculated as a whole with the binary system to-be-transmitted data, or the information stored in each leaf node in the binary key may be calculated with the binary system to-be-transmitted data in sequence. When the binary data to be transmitted is sequentially calculated with the information stored in each leaf node in the binary key, the sequence of the information stored in each leaf node in the key is the same as the sequence of the information stored in each leaf node in the binary key, and then step S161 is executed. Thus, after the sending end executes step S170, the receiving end may determine, according to the information sent by the sending end, the key for encrypting the data to be transmitted, and further determine, according to the arrangement order of the information stored by each leaf node in the key, the order in which the binary data to be transmitted and the information stored by each leaf node in the binary key are calculated when the sending end executes step S161, so as to correctly decrypt the data to be transmitted.
Specifically, taking the exclusive or operation between the binary key (01100111, 01101001, 01101010, 01101000) obtained in step S150 and the binary data to be transmitted as an example, the calculation process in step S161 is: (binary to-be-transmitted data) 01100111 ≦ 01101001 ≦ 01101010 ≦ 01101000.
It should be noted that, in step S160, the information stored in each leaf node in the binary key is sequentially calculated with the binary data to be transmitted, that is, the encrypted data is obtained after multiple calculations, so that the complexity of the encrypted data can be improved, the possibility of cracking the encrypted data is reduced, and the security of data transmission is improved.
It should be noted that, in the embodiment shown in fig. 1, before the step S170 is executed, the encrypted data may be converted into the original format of the data to be transmitted, and then the encrypted data converted into the original format of the data to be transmitted is sent to the receiving end in the step S170. The transmitting end may also transmit a communication request to the receiving end before performing step S110, and perform step S110 after receiving an acknowledgement reply from the receiving end.
Fig. 4 shows a schematic flow chart of a method of data decryption according to another embodiment of the invention. As shown in fig. 4, the method can be used for a receiving end of data to be transmitted, and includes the steps of S210, receiving a first traversal sequence, a second traversal sequence, key encryption information and encrypted data sent by a sending end of the data to be transmitted; s220, restoring to obtain a binary tree based on the first traversal sequence and the second traversal sequence; s230, determining a key comprising information stored by at least one leaf node in the binary tree based on the restored binary tree and the key encryption information; s240, converting the information stored by each leaf node in the key into a binary system to obtain a binary key; s250, calculating the binary key and the encrypted data according to a preset decryption algorithm to obtain decrypted binary data to be transmitted; and S260, converting the decrypted binary to-be-transmitted data into the to-be-transmitted data.
In step S210, the receiving end receives the first traversal sequence, the second traversal sequence, the key encryption information, and the encrypted data transmitted by the transmitting end in step S170. The first traversal sequence and the second traversal sequence are obtained by the transmitting end through step S120 after generating a binary tree through step S110, the key encryption information is obtained by the transmitting end through step S140, and the encrypted data is obtained by the transmitting end through step S160.
In step S220, since the transmitting end can obtain a unique binary tree in the first traversal sequence and the second traversal sequence obtained in step S120, that is, the binary tree generated by the transmitting end, in this step, the receiving end restores the binary tree through the first traversal sequence and the second traversal sequence, so as to determine the key based on the binary tree.
In step S230, since the key encryption information is a binary tree code of at least one leaf node in the binary tree, it can be determined which binary tree code of the leaf node is included in the key encryption information based on the key encryption information and the binary tree obtained in step S210, and the leaf nodes constitute the key.
In step S240, after the key is determined, the information stored in each leaf node in the key is converted into a binary system to obtain a binary key, and the binary system is used for calculation, so that the calculation process is simple and the operation is convenient.
In step S250, the preset decryption algorithm corresponds to a preset encryption algorithm for encrypting the data to be transmitted by the transmitting end. In step S160, the transmitting end obtains encrypted data from the binary to-be-transmitted data and the binary key according to a preset encryption algorithm, and in this step, the receiving end needs to obtain the binary to-be-transmitted data according to the binary key and the encrypted data according to a preset decryption algorithm, so that the preset encryption algorithm and the preset decryption algorithm should be corresponding to each other, so that it can be ensured that the binary to-be-transmitted data decrypted by the receiving end is correct. The corresponding relationship between the preset encryption algorithm and the preset decryption algorithm may include multiple types, for example, the preset decryption algorithm and the preset encryption algorithm are inverse operations, and the preset decryption algorithm and the preset encryption algorithm are the same algorithms such as exclusive or.
In step S260, since the binary data to be transmitted is obtained in step S250, the binary data to be transmitted is converted into the original format of the data to be transmitted in this step, that is, the data to be transmitted, which is to be transmitted from the sending end to the receiving end, is obtained.
In the embodiment of the invention, the sending end generates the first traversal sequence and the second traversal sequence which can restore the binary tree and sends the sequences to the receiving end, so that the receiving end can accurately restore the binary tree generated by the sending end according to the two received traversal sequences, and the accuracy of decrypting the encrypted data to be transmitted is ensured; the receiving end determines a key comprising information stored by at least one leaf node, the key is converted into a binary system, the binary system is calculated with decrypted data according to a preset decryption algorithm, and the decrypted binary system data to be transmitted are obtained, so that the binary tree and binary operation are combined to encrypt and decrypt the data to be transmitted, the complexity of decryption is improved, and the security of data transmission is higher; the receiving end receives the key encryption information sent by the sending end, and the information stored by the leaf node for encrypting the data to be transmitted can be determined according to the key encryption information, so that the key cannot be directly transmitted between the sending end and the receiving end, but the key encryption information for further encrypting the key is transmitted, the information transmission safety of encrypting and decrypting the data to be transmitted is improved, and the data transmission safety is further improved. In addition, when the data transmission is carried out at the sending end and the receiving end, the information of the unencrypted data to be transmitted cannot be involved, so that the problems that the encrypted data is easy to crack and the data transmission safety is reduced are solved.
It is understood that in the method, step S260 may be specifically performed as: step S261 receives at least two different data packets including a first data packet and a second data packet sent by the sending end.
In step S261, at least two different data packets carry the key encryption information and the encrypted data, the first data packet includes a first traversal sequence, the second data packet includes a second traversal sequence, and the first data packet and the second data packet are respectively sent by the sending end. The receiving end receives the first data packet and the second data packet respectively sent by the sending end, so that the first traversal sequence and the second traversal sequence are prevented from being transmitted between the sending end and the receiving end together, the first traversal sequence and the second traversal sequence can be prevented from being intercepted by an illegal person at the same time, the binary tree generated in the step S110 is prevented from being intercepted and restored when the first traversal sequence and the second traversal sequence are transmitted at the same time, encrypted data is decoded, and the safety of data transmission is improved.
It should be noted that the key information and the encrypted data received by the receiving end may be carried by the first information or the second information. The first information and the second information received in S261 may be encrypted information, which further improves the security of data transmission.
It is understood that step S230 may be specifically performed as: in step S231, the keys and the arrangement order of the information stored in each leaf node in the keys are determined based on the restored binary tree and the key encryption information.
When the key is composed of information stored in a plurality of leaf nodes, different permutation sequences may constitute different keys, if the permutation sequences of the information stored in each leaf node in the key are different, different results may be obtained when the data to be encrypted is encrypted in step S160, the permutation sequence of the binary tree codes of each leaf node in the key encryption information represents the permutation sequence of the information stored in each leaf node in the key, the receiving end needs to determine the information stored in each leaf node in the key according to the binary tree codes of each leaf node in the key encryption information, and determine the permutation sequence of the information stored in each leaf node in the key according to the permutation sequence of the binary tree codes of each leaf node in the key encryption information, thereby uniquely determining the key generated by the transmitting end, and ensuring the accuracy of decryption of the encrypted data.
For example, in the embodiment of the present invention, a binary tree as shown in fig. 2 is obtained, and if the key encryption information is (11010101001), it can be obtained that the leaf node constituting the key is G, I, J, H, and the order of the leaf nodes in the key is GIJH.
It is understood that in the method, step S250 may be specifically performed as: step S251, calculating the encrypted data sequentially according to the arrangement order of the information stored by each leaf node in the binary key and the information stored by each leaf node in the binary key according to a preset decryption algorithm to obtain the decrypted binary data, or calculating the encrypted data sequentially according to the reverse arrangement order of the information stored by each leaf node in the binary key and the information stored by each leaf node in the binary key according to a preset decryption algorithm to obtain the decrypted binary data.
In step S160, the information stored in each leaf node in the binary key may be calculated as a whole with the binary data to be transmitted, or the information stored in each leaf node in the binary key may be calculated with the binary data to be transmitted in sequence. When the binary data to be transmitted is sequentially calculated with the information stored in each leaf node in the binary key, after the sending end executes step S170, the receiving end may determine the key for encrypting the data to be transmitted according to the information sent by the sending end, further, the sequence of the binary data to be transmitted and the information stored in each leaf node in the binary key when the transmitting end executes step S161 is determined according to the sequence of the information stored in each leaf node in the key, then, in step S251, the receiving end sequentially calculates the decrypted binary data according to the arrangement order of the information stored in each leaf node in the binary key or according to the reverse arrangement order of the information stored in each leaf node in the binary key and the information stored in each leaf node in the binary key according to a preset decryption algorithm, so as to correctly decrypt the data to be transmitted.
It should be noted that, when step S250 adopts step S251, the encrypted data is sequentially calculated with the information stored in each leaf node in the binary key according to the reverse arrangement order of the information stored in each leaf node in the binary key and according to a preset decryption algorithm, so as to obtain the decrypted binary data, the preset decryption algorithm includes an exclusive or operation. When the step S251 is executed, it may be determined whether to perform the calculation according to the preset decryption algorithm or according to the reverse arrangement order of the information stored in each leaf node in the binary key, for example, if the preset decryption algorithm is an exclusive or operation, the step S251 needs to perform the calculation according to the reverse arrangement order of the information stored in each leaf node in the binary key; the step S251 may be executed in a manner selected arbitrarily for a preset decryption algorithm in which the order of arrangement of the information stored in each leaf node in the binary key has no influence on the calculation result.
Specifically, taking the example that the binary key (01100111, 01101001, 01101010, 01101000) obtained in step S240 is subjected to xor operation with the encrypted data to obtain binary data to be transmitted, the calculation process in step S161 is: (encrypted data) & gt 01101000 & gt 01101010 & gt 01101001 & gt 01100111, and then binary data to be transmitted is obtained.
It should be noted that, in the embodiment shown in fig. 2, if the sending end sends the encrypted data in the original format of the data to be transmitted in step S170, the receiving end needs to convert the encrypted data in the original format of the data to be transmitted into binary encrypted data before executing step S250, and then executes step S250. Before performing step S210, if the receiving end receives the communication request with the transmission of the transmitting end, the receiving end can transmit an acknowledgement reply to the transmitting end so that the transmitting end can continue to perform other procedures.
Fig. 5 shows a schematic block diagram of an apparatus 300 for data encryption according to an embodiment of the present invention. As shown in fig. 5, the apparatus 300 includes:
a binary tree generating unit 310 for generating a binary tree for encrypting data;
a sequence generating unit 320, configured to generate a first traversal sequence and a second traversal sequence based on the binary tree, where the binary tree can be restored through the first traversal sequence and the second traversal sequence;
a determining unit 330, configured to determine, as a key, information stored in at least one leaf node in the binary tree;
a key encryption information generating unit 340 for generating key encryption information based on the binary tree encoding of the at least one leaf node;
a converting unit 350, configured to convert information stored in each leaf node in the key into a binary system to obtain a binary key, and convert data to be transmitted into binary data to be transmitted;
the calculating unit 360 is configured to calculate the binary key and the binary to-be-transmitted data according to a preset encryption algorithm to obtain encrypted data;
a sending unit 370, configured to send the first traversal sequence, the second traversal sequence, the key encryption information, and the encrypted data to a receiving end of the data to be transmitted.
Fig. 6 shows a schematic block diagram of an apparatus for data encryption according to a further embodiment of the present invention. As shown in fig. 6, the apparatus 300 further includes:
a data packet generating unit 380, configured to generate at least two different data packets including a first data packet and a second data packet, where the at least two different data packets carry the key encryption information and the encrypted data, the first data packet includes a first traversal sequence, and the second data packet includes a second traversal sequence;
the sending unit 370 is specifically configured to send the at least two different data packets to the receiving end, where the first data packet and the second data packet are sent separately.
It can be understood that the key encryption information generating unit 340 is specifically configured to arrange the binary tree codes of the at least one leaf node based on the arrangement order of the information stored in the at least one leaf node to obtain the key encryption information.
It will be appreciated that the information stored by each leaf node in the key is ordered in the same order as the information stored by each leaf node in the binary key.
The calculating unit 360 is specifically configured to calculate the binary data to be transmitted according to the arrangement order of the information stored in each leaf node in the binary key and the information stored in each leaf node in the binary key in sequence according to a preset encryption algorithm to obtain the encrypted data.
Wherein the preset encryption algorithm comprises an exclusive OR algorithm. …
The apparatus 300 according to the embodiment of the present invention may correspond to an execution body in the method for data encryption according to the embodiment of the present invention, and the above and other operations and/or functions of each module in the apparatus 300 are respectively for implementing corresponding flows of each method in data encryption, and are not described herein again for brevity.
In the embodiment of the invention, the device 300 for data transmission generates a binary tree used for encrypting data, and can restore the first traversal sequence and the second traversal sequence of the binary tree and transmit the binary tree to the receiving end of the data to be transmitted, so that the receiving end can accurately restore the binary tree generated by the device 300 according to the two received traversal sequences, and the accuracy of decrypting the encrypted data to be transmitted is ensured; the device 300 uses information stored in at least one leaf node in the binary tree as a secret key, and calculates the secret key into a binary system and the binary system-converted data to be transmitted according to a preset encryption algorithm to obtain encrypted data, so that the binary tree and the binary system operation are combined to encrypt and decrypt the data to be transmitted, the complexity of encryption and decryption is improved, and the security of data transmission is higher; the device 300 uses the information stored in at least one leaf node in the binary tree as a key, but sends the key encryption information to the receiving end based on the binary tree code of each leaf node in the key, so that the receiving end can determine the information stored in the leaf node for encrypting the data to be transmitted according to the key encryption information, and thus the key encryption information for further encrypting the key is transmitted instead of directly transmitting the key between the device 300 and the receiving end, thereby improving the security of information transmission for encrypting and decrypting the data to be transmitted, and further improving the security of data transmission. In addition, when the device 300 and the receiving end perform data transmission, the invention does not relate to the information of the unencrypted data to be transmitted, thereby avoiding the problems that the encrypted data is easy to crack and the data transmission safety is reduced.
Fig. 7 shows a schematic block diagram of an apparatus 400 for data decryption according to another embodiment of the present invention. As shown in fig. 7, the apparatus 400 includes:
a receiving unit 410, configured to receive a first traversal sequence, a second traversal sequence, key encryption information, and encrypted data sent by a sending end of data to be transmitted;
a binary tree restoration unit 420, configured to restore a binary tree based on the first traversal sequence and the second traversal sequence;
a determining unit 430, configured to determine, based on the restored binary tree and the key encryption information, a key including information stored by at least one leaf node in the binary tree;
a binary conversion unit 440, configured to convert information stored in each leaf node in the key into a binary system to obtain a binary key;
the calculating unit 450 is configured to calculate the binary key and the encrypted data according to a preset decryption algorithm to obtain decrypted binary data to be transmitted, where the preset decryption algorithm corresponds to a preset encryption algorithm for encrypting data to be transmitted by the sending end;
a data conversion unit 460, configured to convert the decrypted binary to-be-transmitted data into the to-be-transmitted data.
It can be understood that the receiving unit 410 is specifically configured to receive at least two different data packets that are sent by the sending end and include a first data packet and a second data packet, where the at least two different data packets carry the key encryption information and the encrypted data, the first data packet includes a first traversal sequence, the second data packet includes a second traversal sequence, and the first data packet and the second data packet are sent by the sending end respectively.
It is to be understood that the determining unit 430 is specifically configured to determine the key and the arrangement order of the information stored by each leaf node in the key based on the restored binary tree and the key encryption information.
It can be understood that the calculating unit 450 is specifically configured to calculate the encrypted data sequentially according to the arrangement order of the information stored in each leaf node in the binary key and the information stored in each leaf node in the binary key according to a preset decryption algorithm to obtain decrypted binary data, or calculate the encrypted data sequentially according to the reverse arrangement order of the information stored in each leaf node in the binary key and the information stored in each leaf node in the binary key according to a preset decryption algorithm to obtain decrypted binary data.
When the calculating unit is specifically configured to calculate the encrypted data sequentially according to the reverse arrangement order of the information stored by each leaf node in the binary key and the information stored by each leaf node in the binary key according to a preset decryption algorithm to obtain the decrypted binary data, the preset decryption algorithm includes an exclusive-or operation. The preset decryption algorithm and the preset encryption algorithm are inverse operations.
The apparatus 400 according to the embodiment of the present invention may correspond to the execution main body in the method for decrypting data according to the embodiment of the present invention, and the above and other operations and/or functions of each module in the apparatus 400 are respectively for implementing corresponding flows of each method in decrypting data, and are not described herein again for brevity.
In the embodiment of the present invention, since the transmitting end generates the first traversal sequence and the second traversal sequence capable of restoring the binary tree and transmits the sequences to the apparatus 400, the apparatus 400 can accurately restore the binary tree generated by the transmitting end according to the two received traversal sequences, thereby ensuring the accuracy of decrypting the encrypted data to be transmitted; the device 400 determines a key comprising information stored by at least one leaf node, converts the key into a binary system, and calculates the binary system and decrypted data according to a preset decryption algorithm to obtain decrypted binary system data to be transmitted, so that the binary tree and binary operation are combined to encrypt and decrypt the data to be transmitted, the complexity of decryption is improved, and the security of data transmission is higher; the device 400 receives the key encryption information sent by the sending end, and can determine the information stored in the leaf node for encrypting the data to be transmitted according to the key encryption information, so that the key cannot be directly transmitted between the sending end and the device 400, but the key encryption information for further encrypting the key is transmitted, thereby improving the security of information transmission for encrypting and decrypting the data to be transmitted, and further improving the security of data transmission. In addition, when the sending end and the device 400 perform data transmission, the information of unencrypted data to be transmitted cannot be involved, so that the problems that encrypted data are easy to crack and the data transmission safety is reduced are solved.
Fig. 8 shows a system 500 for data encryption and decryption according to an embodiment of the present invention, and as shown in fig. 8, the system 500 includes an apparatus 300 for data encryption as shown in fig. 5 and an apparatus 400 for data decryption as shown in fig. 7.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
While the invention has been described with reference to specific embodiments, the invention is not limited thereto, and various equivalent modifications and substitutions can be easily made by those skilled in the art within the technical scope of the invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (23)
1. A method of data encryption, comprising:
generating a binary tree for encrypting data;
generating a first traversal sequence and a second traversal sequence based on the binary tree, wherein the binary tree can be restored through the first traversal sequence and the second traversal sequence;
determining information stored by at least one leaf node in the binary tree as a key;
generating key encryption information based on a binary tree encoding of the at least one leaf node;
converting the information stored by each leaf node in the key into a binary system to obtain a binary key, and converting the data to be transmitted into binary system data to be transmitted;
calculating the binary key and the binary data to be transmitted according to a preset encryption algorithm to obtain encrypted data;
and sending the first traversal sequence, the second traversal sequence, the key encryption information and the encrypted data to a receiving end of the data to be transmitted.
2. The method of claim 1, prior to the sending of the first traversal sequence, the second traversal sequence, the key encryption information, and the encrypted data to a receiving end of the data to be transmitted, the method further comprising:
generating at least two different data packets including a first data packet and a second data packet, the at least two different data packets carrying the key encryption information and the encryption data, and the first data packet including the first traversal sequence and the second data packet including the second traversal sequence;
the sending the first traversal sequence, the second traversal sequence, the key encryption information, and the encrypted data to the receiving end of the data to be transmitted includes:
and sending the at least two different data packets to the receiving end, wherein the first data packet and the second data packet are respectively sent.
3. The method of claim 1, generating key encryption information based on binary tree encoding of the at least one leaf node comprising:
and arranging the binary tree codes of the at least one leaf node based on the arrangement sequence of the information stored in the at least one leaf node to obtain the key encryption information.
4. The method of claim 1, wherein the information stored by each leaf node in the key is ordered in the same order as the information stored by each leaf node in the binary key;
the calculating the binary key and the binary data to be transmitted according to a preset encryption algorithm to obtain encrypted data comprises:
and calculating the binary data to be transmitted according to the arrangement sequence of the information stored by each leaf node in the binary key and the information stored by each leaf node in the binary key in sequence according to a preset encryption algorithm to obtain the encrypted data.
5. The method of any one of claims 1 to 4, the preset encryption algorithm comprising an XOR algorithm.
6. A method of data decryption, comprising:
receiving a first traversal sequence, a second traversal sequence, key encryption information and encryption data sent by a sending end of data to be transmitted, wherein the first traversal sequence and the second traversal sequence are generated based on a binary tree, information stored in at least one leaf node in the binary tree is a key, and the key encryption information is generated by binary tree coding based on the at least one leaf node;
restoring to obtain a binary tree based on the first traversal sequence and the second traversal sequence;
determining a key comprising information stored by at least one leaf node in the binary tree based on the restored binary tree and the key encryption information;
converting the information stored by each leaf node in the key into a binary system to obtain a binary key;
calculating the binary key and the encrypted data according to a preset decryption algorithm to obtain decrypted binary data to be transmitted, wherein the preset decryption algorithm corresponds to a preset encryption algorithm for encrypting the data to be transmitted by the transmitting end;
and converting the decrypted binary to-be-transmitted data into the to-be-transmitted data.
7. The method of claim 6, wherein the receiving of the first traversal sequence, the second traversal sequence, the key encryption information, and the encrypted data sent by the sender of the data to be transmitted comprises:
receiving at least two different data packets including a first data packet and a second data packet sent by the sending end, where the at least two different data packets carry the key encryption information and the encrypted data, the first data packet includes a first traversal sequence, the second data packet includes a second traversal sequence, and the first data packet and the second data packet are sent by the sending end respectively.
8. The method of claim 6, the determining a key that includes information stored by at least one leaf node in the binary tree based on the restored binary tree and the key encryption information comprising:
and determining the key and the arrangement sequence of the information stored by each leaf node in the key based on the restored binary tree and the key encryption information.
9. The method of claim 8, wherein the calculating the binary key and the encrypted data according to a preset decryption algorithm to obtain decrypted binary data to be transmitted comprises:
calculating the encrypted data and the information stored by each leaf node in the binary key in sequence according to the arrangement sequence of the information stored by each leaf node in the binary key and a preset decryption algorithm to obtain decrypted binary data; alternatively, the first and second electrodes may be,
and calculating the encrypted data and the information stored by each leaf node in the binary key in sequence according to the reverse arrangement sequence of the information stored by each leaf node in the binary key and a preset decryption algorithm to obtain the decrypted binary data.
10. The method according to claim 9, wherein when the step of calculating the binary key and the encrypted data according to a preset decryption algorithm to obtain the decrypted binary data to be transmitted adopts an execution method of calculating the encrypted data according to a reverse arrangement order of information stored in each leaf node in the binary key and information stored in each leaf node in the binary key according to a preset decryption algorithm to obtain the decrypted binary data, the preset decryption algorithm includes an exclusive or operation.
11. The method according to any one of claims 6 to 9, wherein the predetermined decryption algorithm and the predetermined encryption algorithm are inverse operations.
12. An apparatus for data encryption, comprising:
a binary tree generating unit for generating a binary tree for encrypting data;
a sequence generating unit, configured to generate a first traversal sequence and a second traversal sequence based on the binary tree, where the binary tree can be restored by the first traversal sequence and the second traversal sequence;
a determining unit, configured to determine information stored in at least one leaf node in the binary tree as a key;
a key encryption information generation unit for generating key encryption information based on the binary tree encoding of the at least one leaf node;
the conversion unit is used for converting the information stored by each leaf node in the key into a binary system to obtain a binary key and converting the data to be transmitted into binary system data to be transmitted;
the computing unit is used for computing the binary key and the binary data to be transmitted according to a preset encryption algorithm to obtain encrypted data;
and the sending unit is used for sending the first traversal sequence, the second traversal sequence, the key encryption information and the encrypted data to a receiving end of the data to be transmitted.
13. The apparatus of claim 12, further comprising:
a data packet generating unit, configured to generate at least two different data packets including a first data packet and a second data packet, where the at least two different data packets carry the key encryption information and the encrypted data, the first data packet includes a first traversal sequence, and the second data packet includes a second traversal sequence;
the sending unit is specifically configured to send the at least two different data packets to the receiving end, where the first data packet and the second data packet are sent separately.
14. The apparatus according to claim 12, wherein the key encryption information generating unit is specifically configured to obtain the key encryption information by arranging binary tree codes of the at least one leaf node based on an arrangement order of information stored in the at least one leaf node.
15. The apparatus of claim 14, wherein the key stores information in each leaf node in the same rank order as the binary key;
the computing unit is specifically configured to compute the binary data to be transmitted according to an arrangement order of information stored in each leaf node in the binary key and information stored in each leaf node in the binary key in sequence according to a preset encryption algorithm to obtain the encrypted data.
16. The apparatus of any one of claims 12-15, the preset encryption algorithm comprising an exclusive or algorithm.
17. An apparatus for decrypting data, comprising:
a receiving unit, configured to receive a first traversal sequence, a second traversal sequence, key encryption information, and encrypted data sent by a sending end of data to be transmitted, where the first traversal sequence and the second traversal sequence are generated based on a binary tree, information stored in at least one leaf node in the binary tree is a key, and the key encryption information is generated by a binary tree code based on the at least one leaf node;
the binary tree restoration unit is used for restoring and obtaining a binary tree based on the first traversal sequence and the second traversal sequence;
a determining unit, configured to determine, based on the restored binary tree and the key encryption information, a key including information stored by at least one leaf node in the binary tree;
the binary system conversion unit is used for converting the information stored by each leaf node in the key into a binary system to obtain a binary key;
the computing unit is used for computing the binary key and the encrypted data according to a preset decryption algorithm to obtain decrypted binary data to be transmitted, wherein the preset decryption algorithm corresponds to a preset encryption algorithm for encrypting the data to be transmitted by the transmitting end;
and the data conversion unit is used for converting the decrypted binary data to be transmitted into the data to be transmitted.
18. The apparatus according to claim 17, wherein the receiving unit is specifically configured to receive at least two different data packets that are sent by the sender and include a first data packet and a second data packet, where the at least two different data packets carry the key encryption information and the encrypted data, the first data packet includes a first traversal sequence, the second data packet includes the second traversal sequence, and the first data packet and the second data packet are sent by the sender separately.
19. The apparatus according to claim 17, wherein the determining unit is specifically configured to determine the key and an arrangement order of information stored by each leaf node in the key based on the restored binary tree and the key encryption information.
20. The apparatus according to claim 19, wherein the calculating unit is specifically configured to calculate the encrypted data sequentially according to an arrangement order of information stored in each leaf node in the binary key and information stored in each leaf node in the binary key according to a preset decryption algorithm to obtain decrypted binary data, or calculate the encrypted data sequentially according to a reverse arrangement order of information stored in each leaf node in the binary key and information stored in each leaf node in the binary key according to a preset decryption algorithm to obtain decrypted binary data.
21. The apparatus according to any of claims 17 to 20, wherein the predetermined decryption algorithm comprises an exclusive or operation when the calculating unit is specifically configured to calculate the encrypted data sequentially according to a reverse arrangement order of the information stored in each leaf node in the binary key and the information stored in each leaf node in the binary key according to a predetermined decryption algorithm to obtain the decrypted binary data.
22. The apparatus according to any one of claims 17-20, wherein the predetermined decryption algorithm and the predetermined encryption algorithm are inverse operations.
23. A system for encryption and decryption of data comprising means for encryption of data according to any one of claims 12 to 16 and means for decryption of data according to any one of claims 17 to 22.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610990502.2A CN108075879B (en) | 2016-11-10 | 2016-11-10 | Data encryption and decryption method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610990502.2A CN108075879B (en) | 2016-11-10 | 2016-11-10 | Data encryption and decryption method, device and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108075879A CN108075879A (en) | 2018-05-25 |
| CN108075879B true CN108075879B (en) | 2021-03-09 |
Family
ID=62154504
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610990502.2A Active CN108075879B (en) | 2016-11-10 | 2016-11-10 | Data encryption and decryption method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108075879B (en) |
Families Citing this family (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109495446B (en) * | 2018-10-02 | 2020-12-22 | 复旦大学 | Order-preserving encryption algorithm based on balanced ordering tree storage structure |
| CN109787755B (en) * | 2018-12-14 | 2021-11-12 | 魏勇 | Key generation method, key generation device and electronic equipment |
| CN110213228B (en) * | 2019-04-25 | 2021-09-07 | 平安科技(深圳)有限公司 | Method, device, storage medium and computer equipment for authenticating communication |
| CN110414567B (en) * | 2019-07-01 | 2020-08-04 | 阿里巴巴集团控股有限公司 | Data processing method and device and electronic equipment |
| CN110492992A (en) * | 2019-07-22 | 2019-11-22 | 哈尔滨工程大学 | A kind of data encryption and transmission method based on radio RF recognition technology |
| CN115361680B (en) * | 2022-10-20 | 2023-02-17 | 华信咨询设计研究院有限公司 | Medical insurance data intelligent sharing and exchanging system |
| CN117668886B (en) * | 2024-01-25 | 2024-04-12 | 南通云链通信息科技有限公司 | Secure storage method for applet development data |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7095850B1 (en) * | 2000-09-29 | 2006-08-22 | Cisco Technology, Inc. | Encryption method and apparatus with forward secrecy and random-access key updating method |
| CN101582760A (en) * | 2008-05-16 | 2009-11-18 | 中国科学院研究生院 | Key encrypting and storing method based on tree structure |
| CN103414552A (en) * | 2013-07-31 | 2013-11-27 | 深圳信息职业技术学院 | Method and device for encrypting and decrypting by using binary tree traversal mode |
| CN105245315A (en) * | 2015-10-27 | 2016-01-13 | 成都卫士通信息产业股份有限公司 | Method and system for information secrecy storage by encoding |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR101285597B1 (en) * | 2006-06-29 | 2013-07-15 | 삼성전자주식회사 | Method of updating group key and group key update device using the same |
-
2016
- 2016-11-10 CN CN201610990502.2A patent/CN108075879B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7095850B1 (en) * | 2000-09-29 | 2006-08-22 | Cisco Technology, Inc. | Encryption method and apparatus with forward secrecy and random-access key updating method |
| CN101582760A (en) * | 2008-05-16 | 2009-11-18 | 中国科学院研究生院 | Key encrypting and storing method based on tree structure |
| CN103414552A (en) * | 2013-07-31 | 2013-11-27 | 深圳信息职业技术学院 | Method and device for encrypting and decrypting by using binary tree traversal mode |
| CN105245315A (en) * | 2015-10-27 | 2016-01-13 | 成都卫士通信息产业股份有限公司 | Method and system for information secrecy storage by encoding |
Non-Patent Citations (1)
| Title |
|---|
| 一种改进的数据加密解密算法;王玉琼;《阜阳职业技术学院学报》;20171231;第28卷(第4期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108075879A (en) | 2018-05-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108075879B (en) | Data encryption and decryption method, device and system | |
| CN107196763B (en) | SM2 algorithm collaborative signature and decryption method, device and system | |
| CN113038468B (en) | Method for distributing and negotiating quantum key of wireless terminal of Internet of things | |
| JP4885960B2 (en) | Secret communication method and secret communication device | |
| CN111404672B (en) | Quantum key distribution method and device | |
| JP2016513825A (en) | Safety communication method and apparatus | |
| KR20150037913A (en) | Shared secret key generation device, encryption device, decryption device, shared secret key generation method, encryption method, decryption method, and program | |
| CN105071935A (en) | Data processing method, heterogeneous system and integrated system | |
| CN105024807A (en) | Data processing method and system | |
| US9002000B2 (en) | Method for conversion of a first encryption into a second encryption | |
| CN113890731A (en) | Key management method, key management device, electronic equipment and storage medium | |
| CN114499857B (en) | Method for realizing data correctness and consistency in encryption and decryption of large data quanta | |
| US9635003B1 (en) | Method of validating a private-public key pair | |
| CN114244507A (en) | Quantum direct communication method, device, equipment and system based on single-path transmission | |
| CN111404671B (en) | Mobile quantum secret communication method, gateway, mobile terminal and server | |
| CN112184967A (en) | Unlocking method and system for power distribution net cage | |
| CN111194531B (en) | Method for transmitting digital data on multiple channels | |
| CN111641500A (en) | Encryption and decryption method for unmanned aerial vehicle wireless video transmission safety | |
| CN115102768B (en) | Data processing method and device and computer equipment | |
| CN109889327B (en) | Shared key generation method and device | |
| CN115378614A (en) | Data transmission method and device and electronic equipment | |
| RU2206182C2 (en) | Method and device for cryptographic data protection in information technology | |
| US10171236B2 (en) | Method for operating a primary unit | |
| JP3610106B2 (en) | Authentication method in a communication system having a plurality of devices | |
| WO2010076899A1 (en) | Broadcast encryption system, sender apparatus, user apparatus, encapsulation/decapsulation method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |