CN108632296A - A kind of dynamic encryption and decryption method of network communication - Google Patents

A kind of dynamic encryption and decryption method of network communication Download PDF

Info

Publication number
CN108632296A
CN108632296A CN201810471937.5A CN201810471937A CN108632296A CN 108632296 A CN108632296 A CN 108632296A CN 201810471937 A CN201810471937 A CN 201810471937A CN 108632296 A CN108632296 A CN 108632296A
Authority
CN
China
Prior art keywords
data
value
key
seed
encrypted
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810471937.5A
Other languages
Chinese (zh)
Other versions
CN108632296B (en
Inventor
曾修建
谢闯
胡刚
罗春水
沈滨
王彤
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CHINA SPORTS LETTWAY TECHNOLOGY DEVELOPMENT Co Ltd
Original Assignee
CHINA SPORTS LETTWAY TECHNOLOGY DEVELOPMENT Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by CHINA SPORTS LETTWAY TECHNOLOGY DEVELOPMENT Co Ltd filed Critical CHINA SPORTS LETTWAY TECHNOLOGY DEVELOPMENT Co Ltd
Priority to CN201810471937.5A priority Critical patent/CN108632296B/en
Publication of CN108632296A publication Critical patent/CN108632296A/en
Application granted granted Critical
Publication of CN108632296B publication Critical patent/CN108632296B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • H04L63/205Network architectures or network communication protocols for network security for managing network security; network security policies in general involving negotiation or determination of the one or more network security mechanisms to be used, e.g. by negotiation between the client and the server or between peers or by selection according to the capabilities of the entities involved
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/068Network architectures or network communication protocols for network security for supporting key management in a packet data network using time-dependent keys, e.g. periodically changing keys

Abstract

The present invention provides a kind of dynamic encryption of network communication and decryption method, the dynamic encrypting method of the network communication includes:According to fixed character and timestamp dynamic generation signature source data;The random key seed and one that generates obscures value seed;Obtain a key in pool of keys according to the key seed, and according to it is described obscure value seed and obtain one in obscuring value pond obscure value;An Encryption Algorithm is randomly selected in Encryption Algorithm pond, using the Encryption Algorithm, according to the key and obscures value, the signature source data is encrypted, and is signed to encrypted signature source data, and encrypted signature data are obtained;Using the Encryption Algorithm, according to the key and value is obscured to asking source data to be encrypted, obtains a request encryption data;By the timestamp, the key seed, described obscure value seed, the encrypted signature data and the request encryption data and be sent to server.

Description

A kind of dynamic encryption and decryption method of network communication
Technical field
The present invention relates to network communication field, the dynamic encryption and decryption method of espespecially a kind of network communication.
Background technology
Computer network communication technology is widely used in all trades and professions at present, computer network has become for people's lives In indispensable important content, the dependence of computer network is continuously improved in people, the safety of computer network communication It receives more and more attention.Data encryption technology is to ensure the important technical and protection plan of computer network communication safety Slightly, the integrality and confidentiality of data can be not only effectively ensured that using data encryption technology, improves the safety coefficient of information, And it also can ensure that the healthy and orderly development of computer network communication technology.
In the prior art, client and server needs to appoint that the key of encryption and decryption, encryption and decryption obscure value in advance And encrypted algorithm, when client needs to send request, client utilizes the encrypted key appointed before these, mixed The data of request are encrypted in value of confusing and Encryption Algorithm, and server is sent to after encryption, and server receives the data of request The algorithm appointed, key are recycled afterwards, are obscured value and are decrypted.To ensure key in the realization of this technical solution, obscure The safety of value and Encryption Algorithm, only effectively ensures the safety of key, just can ensure that symmetry encryption method energy It is enough effectively to be used, it is ensured that the safety of network communicated information.Once the safety of key cannot be ensured effectively, right The encrypted important function of title formula also just loses specific effect, so the existing higher risk being cracked.
In addition, can also directly be communicated in the prior art using ssl, from third part purchase hardware key trusty, It recycles third-party tool to carry out the generation of all kinds of certificates of server and client side, and the certificate of client is written In key, firstly the need of the legitimacy of verification certificate when client and server end is communicated, and the key pair in key is used Data are encrypted, and encrypted data are sent to server end.The third-party CA mono- first in the realization of this technical solution Surely be believable, and if third party it is also safe, it is very strong to the dependence of hardware key, may certain scenes be not very suitable With because with a small hardware, it is understood that there may be it loses, the possibility of damage, then has to replace after losing damage, hardware needs Buying, buying require cost input, and especially when there are many client, and it is very high to provide the local cost input being not easy.
Invention content
The problems such as in order to solve that current Network Communicate Security is poor, applicability is low and be of high cost, the embodiment of the present invention provide A kind of dynamic encryption and decryption method of network communication.Wherein, the embodiment of the present invention provides a kind of dynamic encryption of network communication Method, the method includes:
According to fixed character and timestamp dynamic generation signature source data;
The random key seed and one that generates obscures value seed;
A key is obtained in pool of keys according to the key seed, and obscures value seed in obscuring value pond according to described It obtains one and obscures value;
An Encryption Algorithm is randomly selected in Encryption Algorithm pond, using the Encryption Algorithm, according to the key and is obscured Value, is encrypted the signature source data, and sign to encrypted signature source data, obtains encrypted signature data;
Using the Encryption Algorithm, according to the key and value is obscured to asking source data to be encrypted, obtains a request Encryption data;
By the timestamp, the key seed, it is described obscure value seed, the encrypted signature data with it is described request plus Ciphertext data is sent to server.
The embodiment of the present invention also provides a kind of dynamic decryption method of network communication, the method includes:
Receive client send timestamp, first key seed, first obscure value seed, the first encrypted signature data and Ask encryption data;
First key is obtained in pool of keys according to the first key seed, and is obscured value seed according to described first and existed Obscure acquisition first in value pond and obscures value;
A signature source data is generated according to fixed character and the timestamp, is mixed according to the first key, described first Confuse value, the signature source data is encrypted respectively using the algorithm in Encryption Algorithm pond, and to encrypted signed data It signs, obtains multiple second encrypted signature data;
Judge whether the first encrypted signature data and each second signed data are consistent successively;In first label When name encryption data is consistent with second signed data, calculated the algorithm in the used Encryption Algorithm pond as encryption Method;
Using the Encryption Algorithm, value is obscured according to the first key and first, the request encryption data is solved It is close, obtain request source data;
A packet source data is generated according to the request source data, and described time packet source data is sent to the client End.
The embodiment of the present invention also provides a kind of client, and the client includes:
Signature source data module, for according to fixed character and timestamp dynamic generation signature source data;
Initial point selection module obscures value seed for generating a key seed and one at random;
Parameter chooses module, for obtaining a key in pool of keys according to the key seed, and is obscured according to described Value seed obtains one in obscuring value pond and obscures value;
Signature source data encrypting module utilizes the encryption for randomly selecting an Encryption Algorithm in Encryption Algorithm pond Algorithm according to the key and obscures value, and the signature source data is encrypted, and is carried out to encrypted signature source data Signature, obtains the first encrypted signature data;
Request source data encryption module according to the key and obscures value to request source for utilizing the Encryption Algorithm Data are encrypted, and obtain a request encryption data;
Sending module, for by the timestamp, the key seed, it is described obscure value seed, it is described first signature plus Ciphertext data is sent to server with the request encryption data.
The embodiment of the present invention also provides a kind of server, and the server includes:
Data reception module, for receive client transmission timestamp, first key seed, first obscure value seed, First encrypted signature data and request encryption data;
Parameter chooses module, for obtaining first key in pool of keys according to the first key seed, and according to institute It states first and obscures value seed and obtain first in obscuring value pond and obscure value;
Signature source data encrypting module, for generating a signature source data according to fixed character and the timestamp, according to The first key, described first obscure value, are added respectively to the signature source data using the algorithm in Encryption Algorithm pond It is close, and sign to encrypted signed data, obtain multiple second encrypted signature data;
Judgment module, for judge successively the first encrypted signature data and each second signed data whether one It causes;
Algorithm picks module is used for when the first encrypted signature data are consistent with second signed data, by institute Algorithm in the Encryption Algorithm pond used is as Encryption Algorithm;
Deciphering module obscures value to the request for utilizing the Encryption Algorithm according to the first key and first Encryption data is decrypted, and obtains request source data;
Sending module for generating a packet source data according to the request source data, and described will return packet source data hair Give the client.
The present invention is by network communication, in the way of dynamic encryption decryption so that key that communicating pair uses, The important informations such as Encryption Algorithm have great randomness, while ensureing not influence communication efficiency, greatly improve logical The safety of letter effectively reduces cost, and all has good applicability under various network communications scenarios.
Description of the drawings
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, embodiment will be described below Needed in attached drawing be briefly described, it should be apparent that, the accompanying drawings in the following description be only the present invention some Embodiment for those of ordinary skill in the art without having to pay creative labor, can also be according to these Attached drawing obtains other attached drawings.
Fig. 1 is a kind of flow chart of the dynamic encrypting method of network communication of the embodiment of the present invention;
Fig. 2 is a kind of flow chart of the dynamic decryption method of network communication of the embodiment of the present invention;
Fig. 3 is a kind of structural schematic diagram of client of the embodiment of the present invention;
Fig. 4 is a kind of structural schematic diagram of server of the embodiment of the present invention.
Specific implementation mode
Following will be combined with the drawings in the embodiments of the present invention, and technical solution in the embodiment of the present invention carries out clear, complete Site preparation describes, it is clear that described embodiments are only a part of the embodiments of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, those of ordinary skill in the art are obtained every other without creative efforts Embodiment shall fall within the protection scope of the present invention.
It is a kind of flow chart of the dynamic encrypting method of network communication of the embodiment of the present invention, side as shown in the figure as shown in Figure 1 Method includes:
Step S11, according to fixed character and timestamp dynamic generation signature source data;
Step S12, the random key seed and one that generates obscure value seed;
Step S13 obtains a key according to the key seed in pool of keys, and obscures value seed mixed according to described One is obtained in value of confusing pond obscures value;
Step S14 randomly selects an Encryption Algorithm in Encryption Algorithm pond, using the Encryption Algorithm, according to described close Key and obscure value, the signature source data be encrypted, and signs to encrypted signature source data, obtain signature plus Ciphertext data;
Step S15 according to the key and obscures value to asking source data to be encrypted, obtains using the Encryption Algorithm To a request encryption data;
Step S16 by the timestamp, the key seed, described obscures value seed, the encrypted signature data and institute It states request encryption data and is sent to server.
In the present embodiment, signature source data is generated by fixed character and timestamp, and wherein fixed character can be by letter Composition, such as " abcd ", can also be made of, such as " 1234 " number, can also be made of letter and number combinatorics on words, such as " abcd1234 " or " 1a2b3c4d " etc..Fixed character length does not limit, can be according to actual use situation setting.It will be pre- The fixed character first set, timestamp corresponding with current time combine, you can generate signature source data.
Key seed and obscure value seed, in pool of keys key, to obscure the key in value pond and obscure value be one by one Corresponding relationship.Key seed can be number, such as " 1 ", " 12 " etc. with value seed is obscured, or alphabetical " a ", " ab " Deng.After randomly selecting key seed and obscuring value seed, according to the key seed and value seed can be obscured, be stored with In the pool of keys of multiple keys and be stored with it is multiple obscure the obscuring in value of value, match its corresponding key and obscure value.
It is stored with multiple Encryption Algorithm in Encryption Algorithm pond, an Encryption Algorithm is randomly selected out in Encryption Algorithm pond. According to the Encryption Algorithm, and using the key selected in above-mentioned steps and obscure value, signature source data is encrypted, and right Encrypted signature source data is signed, and encrypted signature data are thus obtained.Meanwhile according to the Encryption Algorithm, and utilize upper It states the key selected in step and obscures value, request source data is encrypted, obtain request encryption data.Wherein, it asks Source data for wanted encipherment protection target data.Finally, by encrypted signature data, timestamp, key seed, obscure value seed And request encryption data is sent to server end.
As an embodiment of the present invention, this method further include according to predefined rule generate the pool of keys with it is described Obscure value pond.Wherein, predefined rule may include input data and preset algorithm, and input data can be such as random number, Input data is input in preset algorithm, can obtain corresponding multiple as a result, multiple result constitutes pool of keys and mixes Value of confusing pond.
As an embodiment of the present invention, it is described an Encryption Algorithm is randomly selected in Encryption Algorithm pond before, verification And load Encryption Algorithm all in the Encryption Algorithm pond.Wherein, all Encryption Algorithm need to pass through verification, i.e., bidirectional identification is recognized After card, it is loaded into Encryption Algorithm pond from local, ensures that Encryption Algorithm will not be leaked with this.
In the present embodiment, by the timestamp, the key seed, described obscure value seed, the encrypted signature number It is sent to server according to the request encryption data, including:
According to http protocol, by the timestamp, the key seed, described value seed, the encrypted signature number are obscured Transmission data is converted to according to the request encryption data;
By the timestamp, the key seed, it is described obscure value seed and the encrypted signature data be set to it is described In the request header of transmission data, and the request encryption data is set in the request body of the transmission data;
The transmission data is sent to server.
Wherein, before transmitting data, need to convert transmitted data, according to http protocol, by timestamp, Key seed is obscured value seed and encrypted signature data and is set in the request header of transmission data, convenient for being sent to server end Afterwards, server can directly obtain above- mentioned information from request header.Request encryption data is set in request body, to service Device is decrypted request encryption data after obtaining.
The above method through the invention, by randomly selecting key, obscuring value and Encryption Algorithm, to needing to ask source data It is encrypted so that encrypted Information Security greatly promotes.And the above method of the present invention is easy to implement, and is not influencing to add While close efficiency, also there is good applicability, and can also reduce cost.
It is illustrated in figure 2 a kind of flow chart of the dynamic decryption method of network communication of the embodiment of the present invention, side as shown in the figure Method includes:
Step S21, receive client send timestamp, first key seed, first obscure value seed, first signature add Ciphertext data and request encryption data;
Step S22 obtains first key according to the first key seed in pool of keys, and obscures according to described first Value seed obtains first in obscuring value pond and obscures value;
Step S23 generates a signature source data, according to the first key, institute according to fixed character and the timestamp It states first and obscures value, the signature source data is encrypted respectively using the algorithm in Encryption Algorithm pond, and to encrypted Signed data is signed, and multiple second encrypted signature data are obtained;
Step S24 judges whether the first encrypted signature data and each second signed data are consistent successively;Institute State the first encrypted signature data it is consistent with second signed data when, by the used Encryption Algorithm pond algorithm make For Encryption Algorithm;
Step S25 obscures value according to the first key and first and encrypts number to the request using the Encryption Algorithm According to being decrypted, request source data is obtained;
Step S26 generates a packet source data according to the request source data, and described time packet source data is sent to institute State client.
In the present embodiment, it after receiving data, according to the first key seed received, is selected therewith in pool of keys The first key to match, and obscure value seed according to receive first, matched is found out in obscuring value pond One obscures value.Wherein, key seed is one-to-one relationship with the key in pool of keys, is obscured value seed and is obscured in value pond Obscure value be the corresponding relationship of meaning.Key seed and to obscure value seed can be digital, such as " 1 ", " 12 " etc., can also For alphabetical " a ", " ab " etc..Wherein, pool of keys and to obscure value pond is generated according to predefined rule, the predefined rule and objective Predefined rule in the end of family is consistent.
Signature source data is generated according to the timestamp received and local fixed character, wherein fixed character can be by word Mother's composition, such as " abcd ", can also be made of, such as " 1234 " number, can also be made of letter and number combinatorics on words, example Such as " abcd1234 " or " 1a2b3c4d ".Fixed character length does not limit, can be according to actual use situation setting.It will The fixed character pre-set is combined with timestamp is received, you can generates signature source data.Wherein, the fixed word Symbol is consistent with the fixed character in client.
After generating signature source data, the algorithm pair in value and Encryption Algorithm pond is obscured according to first key and first Signature source data is encrypted, and signs to encrypted signature source data, can obtain multiple second encrypted signature numbers According to.Ciphering process need to traverse the algorithm in Encryption Algorithm pond, that is, the algorithm in each Encryption Algorithm pond can correspond to generation one the Two encrypted signature data compare multiple second encryption datas of generation with the first encrypted signature data received one by one Compared with.When the second encrypted signature data are consistent with the first encrypted signature data, the corresponding algorithm of the second encryption data at this time is Encryption Algorithm, and according to the Encryption Algorithm, obscure value using first key and first and the request encryption data received is carried out Thus decryption obtains request source data.The request source data is handled accordingly, packet source data can be obtained back, that is, returned Should be in the returned data of request source data, and this time packet source data is sent to client.
As an embodiment of the present invention, before described time packet source data is sent to the client, according to institute State Encryption Algorithm, first key and first obscures value, described time packet source data is encrypted.To ensure to return to the number of client According to safety, need to be encrypted to returning packet source data.In the present embodiment, used encryption is calculated when being encrypted using client Method, first key and first obscure value and are encrypted to returning packet source data, and encrypted time packet source data is sent to client End.
As an embodiment of the present invention, random to select before described time packet source data is sent to the client It takes the second key seed and second to obscure value seed, the second key, root is obtained in pool of keys according to second key seed Obscure value seed according to described second and obtain second in obscuring value pond and obscures value;According to the Encryption Algorithm, described is utilized Two keys and second obscure value, described time packet source data is encrypted.
In the present embodiment, when being encrypted to returning packet source data, used Encryption Algorithm when being encrypted using client, But key is had chosen again and obscures value.It generates the second key seed and obscures value with second, and in pool of keys and obscure value pond In find out corresponding second key and second and obscure value.According to Encryption Algorithm, value is obscured to returning using the second key and second Packet source data is encrypted, and encrypted time packet source data is sent to client.
Further, Encryption Algorithm, key can also be replaced simultaneously in the present embodiment and obscure value, i.e., in Encryption Algorithm pond In randomly select an Encryption Algorithm again, using the key chosen again and obscuring value time packet source data be encrypted. Wherein, encrypted time packet source data is decrypted for the ease of client, can be again weighed according to the encryption method of client A newly-generated encrypted signature data are sent to client.In addition, key also can not be changed and obscure value, Encryption Algorithm is only replaced It is encrypted afterwards to returning packet source data, it is similar, it is also desirable to an encrypted signature data are generated according to the Encryption Algorithm after replacement, Itself and encrypted time packet source data are sent to client simultaneously.
In the present embodiment, described described time packet source data is sent to the client to include:
According to http protocol, second key seed, described second are obscured into value seed and described encrypted time packet Source data is converted to returned data;
Second key seed is obscured value seed with described second and is set in the request header of the returned data, and will The encrypted time packet source data is set in the request body of the returned data.
Wherein, it before sending encrypted time packet source data, needs to convert institute's returned data, be assisted according to HTTP View, obscures value seed by the second key seed and second and is set in the request header of returned data, after being sent to client, Above- mentioned information can be directly obtained from request header.Encrypted time packet source data is set in the request body of returned data, The data are decrypted after being obtained so as to client.
Further, the Encryption Algorithm that packet source data uses is encrypted back if having replaced, the timestamp that need to will be used when encrypting It is set in the request header of returned data with encrypted signature data.
As an embodiment of the present invention, the method further includes that an Encryption Algorithm is randomly selected in Encryption Algorithm pond As agreement Encryption Algorithm, the agreement Encryption Algorithm is sent to the client.In order to improve encryption efficiency, returning back When packet source data, used Encryption Algorithm when can arrange to communicate next time with client, the time spent in when reducing communication with this, And reduce volume of transmitted data.
The above method through the invention carries out encrypted signature data by receiving the key of client transmission, obscuring value Thus encryption finds Encryption Algorithm used in client, and request source data is decrypted, be sent to returning packet source data Client is achieved in the process of complete communication encryption and decryption.Method in through the invention can make encrypted Information Security greatly promotes, and the method for the present invention is easy to implement, and while not influencing encryption efficiency, also has good Applicability, and can also reduce cost.
It is illustrated in figure 3 a kind of structural schematic diagram of client of the embodiment of the present invention, client shown in figure includes:
Source data of signing module 11, for according to fixed character and timestamp dynamic generation signature source data;
Initial point selection module 12 obscures value seed for generating a key seed and one at random;
Parameter chooses module 13, for obtaining a key in pool of keys according to the key seed, and according to described mixed Value of confusing seed obtains one in obscuring value pond and obscures value;
Source data of signing encrypting module 14 is added for randomly selecting an Encryption Algorithm in Encryption Algorithm pond using described Close algorithm according to the key and obscures value, and the signature source data is encrypted, and to encrypted signature source data into Row signature, obtains the first encrypted signature data;
Request source data encryption module 15 according to the key and obscures value to request for utilizing the Encryption Algorithm Source data is encrypted, and obtains a request encryption data;
Sending module 16, for by the timestamp, the key seed, it is described obscure value seed, it is described first signature Encryption data is sent to server with the request encryption data.
In the present embodiment, signature source data is generated by fixed character and timestamp, and wherein fixed character can be by letter Composition, such as " abcd ", can also be made of, such as " 1234 " number, can also be made of letter and number combinatorics on words, such as " abcd1234 " or " 1a2b3c4d " etc..Fixed character length does not limit, can be according to actual use situation setting.It will be pre- The fixed character first set, timestamp corresponding with current time combine, you can generate signature source data.
Key seed and obscure value seed, in pool of keys key, to obscure the key in value pond and obscure value be one by one Corresponding relationship.Key seed can be number, such as " 1 ", " 12 " etc. with value seed is obscured, or alphabetical " a ", " ab " Deng.After randomly selecting key seed and obscuring value seed, according to the key seed and value seed can be obscured, be stored with In the pool of keys of multiple keys and be stored with it is multiple obscure the obscuring in value of value, match its corresponding key and obscure value.
It is stored with multiple Encryption Algorithm in Encryption Algorithm pond, an Encryption Algorithm is randomly selected out in Encryption Algorithm pond. According to the Encryption Algorithm, and using the key selected in above-mentioned steps and obscure value, signature source data is encrypted, and right Encrypted signature source data is signed, and encrypted signature data are thus obtained.Meanwhile according to the Encryption Algorithm, and utilize upper It states the key selected in step and obscures value, request source data is encrypted, obtain request encryption data.Wherein, it asks Source data for wanted encipherment protection target data.Finally, by encrypted signature data, timestamp, key seed, obscure value seed And request encryption data is sent to server end.
As an embodiment of the present invention, the client further includes parameter generation module 17, for according to predefined Rule generates the pool of keys and obscures value pond with described.Wherein, predefined rule may include input data and preset algorithm, defeated It can be such as random number to enter data, and input data is input in preset algorithm, can be obtained corresponding multiple as a result, this is more A result constitutes pool of keys and obscures value pond.
As an embodiment of the present invention, the client further includes correction verification module 18, for described in Encryption Algorithm Before randomly selecting an Encryption Algorithm in pond, verifies and load Encryption Algorithm all in the Encryption Algorithm pond.Wherein, own Encryption Algorithm need to pass through verification, i.e., after bidirectional identity authentication, be loaded into Encryption Algorithm pond from local, ensure Encryption Algorithm with this It will not be leaked.
As an embodiment of the present invention, the sending module is additionally operable to according to http protocol, by the timestamp, institute Key seed is stated, described value seed, the first encrypted signature data and the request encryption data obscured and is converted to transmission number According to;
By the timestamp, the key seed, described obscure value seed and be set to the first encrypted signature data In the request header of the transmission data, and the request encryption data is set in the request body of the transmission data;
The transmission data is sent to server.
Wherein, before transmitting data, need to convert transmitted data, according to http protocol, by timestamp, Key seed is obscured value seed and encrypted signature data and is set in the request header of transmission data, convenient for being sent to server end Afterwards, server can directly obtain above- mentioned information from request header.Request encryption data is set in request body, to service Device is decrypted request encryption data after obtaining.
Above-mentioned client through the invention, by randomly selecting key, obscuring value and Encryption Algorithm, to needing request source number According to being encrypted so that encrypted Information Security greatly promotes.And the ciphering process in the above-mentioned client of the present invention is just In realization, while not influencing encryption efficiency, also there is good applicability, and can also reduce cost.
It is illustrated in figure 4 a kind of structural schematic diagram of server of the embodiment of the present invention, server shown in figure includes:
Data reception module 21, for receive client transmission timestamp, first key seed, first obscure value plant Son, the first encrypted signature data and request encryption data;
Parameter chooses module 22, for obtaining first key in pool of keys according to the first key seed, and according to Described first, which obscures value seed, obtains first in obscuring value pond and obscures value;
Source data of signing encrypting module 23, for generating a signature source data, root according to fixed character and the timestamp Obscure value according to the first key, described first, the signature source data is carried out respectively using the algorithm in Encryption Algorithm pond Encryption, and sign to encrypted signed data, obtain multiple second encrypted signature data;
Judgment module 24, for judge successively the first encrypted signature data and each second signed data whether one It causes;
Algorithm picks module 25 is used for when the first encrypted signature data are consistent with second signed data, will Algorithm in the used Encryption Algorithm pond is as Encryption Algorithm;
Deciphering module 26 is obscured value according to the first key and first and is asked to described for utilizing the Encryption Algorithm It asks encryption data to be decrypted, obtains request source data;
Sending module 27 for generating a packet source data according to the request source data, and described will return packet source data It is sent to the client.
In the present embodiment, after data reception module 21 receives data, according to the first key seed received, in key Matched first key is selected in pond, and obscures value seed according to receive first, is found out in obscuring value pond Matched first obscures value.Wherein, key seed is one-to-one relationship with the key in pool of keys, obscures value kind Son obscures value for the corresponding relationship of meaning with obscuring in value pond.Key seed can be number with value seed is obscured, such as " 1 ", " 12 " etc., or alphabetical " a ", " ab " etc..Wherein, pool of keys with value pond is obscured is generated according to predefined rule , which is consistent with the predefined rule in client.
Signature source data is generated according to the timestamp received and local fixed character, wherein fixed character can be by word Mother's composition, such as " abcd ", can also be made of, such as " 1234 " number, can also be made of letter and number combinatorics on words, example Such as " abcd1234 " or " 1a2b3c4d ".Fixed character length does not limit, can be according to actual use situation setting.It will The fixed character pre-set is combined with timestamp is received, you can generates signature source data.Wherein, the fixed word Symbol is consistent with the fixed character in client.
After generating signature source data, the algorithm pair in value and Encryption Algorithm pond is obscured according to first key and first Signature source data is encrypted, and signs to encrypted signature source data, can obtain multiple second encrypted signature numbers According to.Ciphering process need to traverse the algorithm in Encryption Algorithm pond, that is, the algorithm in each Encryption Algorithm pond can correspond to generation one the Two encrypted signature data compare multiple second encryption datas of generation with the first encrypted signature data received one by one Compared with.When the second encrypted signature data are consistent with the first encrypted signature data, the corresponding algorithm of the second encryption data at this time is Encryption Algorithm, and according to the Encryption Algorithm, obscure value using first key and first and the request encryption data received is carried out Thus decryption obtains request source data.The request source data is handled accordingly, packet source data can be obtained back, that is, returned Should be in the returned data of request source data, and this time packet source data is sent to client.
As an embodiment of the present invention, the sending module 27 is additionally operable to described time packet source data being sent to institute Before stating client, value is obscured according to the Encryption Algorithm, first key and first, described time bag data is encrypted.For The data safety for ensureing return client needs to be encrypted to returning packet source data.In the present embodiment, it is encrypted using client When used Encryption Algorithm, first key and first obscure value and be encrypted to returning packet source data, and will encrypted time packet Source data is sent to client.
As an embodiment of the present invention, the sending module 27 is additionally operable to described time packet source data being sent to institute Before stating client, randomly selects the second key seed and second and obscure value seed, according to second key seed in key The second key is obtained in pond, is obscured value seed according to described second and is obtained second in obscuring value pond and obscures value;According to described Encryption Algorithm obscures value using second key and second, described time packet source data is encrypted.
In the present embodiment, when being encrypted to returning packet source data, used Encryption Algorithm when being encrypted using client, But key is had chosen again and obscures value.It generates the second key seed and obscures value with second, and in pool of keys and obscure value pond In find out corresponding second key and second and obscure value.According to Encryption Algorithm, value is obscured to returning using the second key and second Packet source data is encrypted, and encrypted time packet source data is sent to client.
Further, Encryption Algorithm, key can also be replaced simultaneously in the present embodiment and obscure value, i.e., in Encryption Algorithm pond In randomly select an Encryption Algorithm again, using the key chosen again and obscuring value time packet source data be encrypted. Wherein, encrypted time packet source data is decrypted for the ease of client, can be again weighed according to the encryption method of client A newly-generated encrypted signature data are sent to client.In addition, key also can not be changed and obscure value, Encryption Algorithm is only replaced It is encrypted afterwards to returning packet source data, it is similar, it is also desirable to an encrypted signature data are generated according to the Encryption Algorithm after replacement, Itself and encrypted time packet source data are sent to client simultaneously.
In the present embodiment, the sending module 27 is additionally operable to:
According to http protocol, second key seed, described second are obscured into value seed and described encrypted time packet Source data is converted to returned data;
Second key seed is obscured value seed with described second and is set in the request header of the returned data, and will The encrypted time packet source data is set in the request body of the returned data.
Wherein, it before sending encrypted time packet source data, needs to convert institute's returned data, be assisted according to HTTP View, obscures value seed by the second key seed and second and is set in the request header of returned data, after being sent to client, Above- mentioned information can be directly obtained from request header.Encrypted time packet source data is set in the request body of returned data, The data are decrypted after being obtained so as to client.
Further, the Encryption Algorithm that packet source data uses is encrypted back if having replaced, the timestamp that need to will be used when encrypting It is set in the request header of returned data with encrypted signature data.
As an embodiment of the present invention, the algorithm picks module 25 is additionally operable to randomly select in Encryption Algorithm pond The agreement Encryption Algorithm is sent to the sending module 27, the transmission by one Encryption Algorithm as agreement Encryption Algorithm The agreement Encryption Algorithm is sent to the client by module 27.
In the present embodiment, in order to improve encryption efficiency, when returning to back packet source data, it is logical next time can be arranged with client Used Encryption Algorithm when letter the time spent in when reducing communication with this, and reduces volume of transmitted data.
In addition, C/S architecture modes can be used in the present invention, in order to ensure the safety of the system in the case where customizing Linux system, when this Encryption in invention is checked with decryption method when being changed in customization linux system, and client needs the data that will be checked It is sent to server, thereby guarantees that the safety of terminating machine.
Above-mentioned server through the invention, by receive client send key, obscure value, to encrypted signature data into Thus row encryption finds Encryption Algorithm used in client, and request source data is decrypted, sent returning packet source data To client, it is achieved in the process of complete communication encryption and decryption.Client and the encryption in server through the invention With decrypting process, encrypted Information Security can be made to greatly promote, and client of the present invention and adding in server It is close to be easy to implement with decrypting process, while not influencing encryption efficiency, also there is good applicability, and can also reduce into This.
One of ordinary skill in the art will appreciate that implementing the method for the above embodiments can lead to It crosses program and is completed to instruct relevant hardware, which can be stored in a computer read/write memory medium, such as ROM/RAM, magnetic disc, CD etc..
Particular embodiments described above has carried out further in detail the purpose of the present invention, technical solution and advantageous effect Describe in detail it is bright, it should be understood that the above is only a specific embodiment of the present invention, the guarantor being not intended to limit the present invention Range is protected, all within the spirits and principles of the present invention, any modification, equivalent substitution, improvement and etc. done should be included in this Within the protection domain of invention.

Claims (18)

1. a kind of dynamic encrypting method of network communication, which is characterized in that the method includes:
According to fixed character and timestamp dynamic generation signature source data;
The random key seed and one that generates obscures value seed;
A key is obtained in pool of keys according to the key seed, and is obscured value seed according to described in obscuring value pond and obtained One obscures value;
An Encryption Algorithm is randomly selected in Encryption Algorithm pond, using the Encryption Algorithm, according to the key and obscures value, it is right The signature source data is encrypted, and signs to encrypted signature source data, obtains encrypted signature data;
Using the Encryption Algorithm, according to the key and value is obscured to asking source data to be encrypted, obtains request encryption Data;
By the timestamp, the key seed, described obscure value seed, the encrypted signature data and the request encryption number According to being sent to server.
2. according to the method described in claim 1, it is characterized in that, the method further includes:Institute is generated according to predefined rule It states pool of keys and obscures value pond with described.
3. according to the method described in claim 1, it is characterized in that, described randomly select an Encryption Algorithm in Encryption Algorithm pond Before, it verifies and loads Encryption Algorithm all in the Encryption Algorithm pond.
4. according to the method described in claim 1, it is characterized in that, by the timestamp, the key seed, described obscuring value Seed, the encrypted signature data and the request encryption data are sent to server, including:
According to http protocol, by the timestamp, the key seed, it is described obscure value seed, the encrypted signature data with The request encryption data is converted to transmission data;
By the timestamp, the key seed, described obscure value seed and the encrypted signature data and be set to the transmission In the request header of data, and the request encryption data is set in the request body of the transmission data;
The transmission data is sent to server.
5. a kind of dynamic decryption method of network communication, which is characterized in that the method includes:
Receive client send timestamp, first key seed, first obscure value seed, the first encrypted signature data with ask Encryption data;
First key is obtained in pool of keys according to the first key seed, and is obscured value seed according to described first and obscured First is obtained in value pond obscures value;
A signature source data is generated according to fixed character and the timestamp, value is obscured according to the first key, described first, The signature source data is encrypted respectively using the algorithm in Encryption Algorithm pond, and encrypted signed data is signed Name, obtains multiple second encrypted signature data;
Judge whether the first encrypted signature data and each second signed data are consistent successively;Add in first signature When ciphertext data is consistent with second signed data, using the algorithm in the used Encryption Algorithm pond as Encryption Algorithm;
Using the Encryption Algorithm, value is obscured according to the first key and first, the request encryption data is decrypted, Obtain request source data;
A packet source data is generated according to the request source data, and described time packet source data is sent to the client.
6. according to the method described in claim 5, it is characterized in that, by described time packet source data be sent to the client it Before, value is obscured according to the Encryption Algorithm, first key and first, described time packet source data is encrypted.
7. according to the method described in claim 5, it is characterized in that, by described time packet source data be sent to the client it Before, it randomly selects the second key seed and second and obscures value seed, is obtained in pool of keys according to second key seed Two keys obscure value seed according to described second and obtain second in obscuring value pond and obscure value;
According to the Encryption Algorithm, obscures value using second key and second, described time packet source data is encrypted.
8. the method according to the description of claim 7 is characterized in that described be sent to the client by described time packet source data Including:
According to http protocol, second key seed, described second are obscured into value seed and the encrypted sources the Hui Bao number According to being converted to returned data;
Second key seed is obscured value seed with described second and is set in the request header of the returned data, and will be described Encrypted time packet source data is set in the request body of the returned data.
9. according to the method described in claim 5, it is characterized in that, the method further includes being randomly selected in Encryption Algorithm pond The agreement Encryption Algorithm is sent to the client by one Encryption Algorithm as agreement Encryption Algorithm.
10. a kind of client, which is characterized in that the client includes:
Signature source data module, for according to fixed character and timestamp dynamic generation signature source data;
Initial point selection module obscures value seed for generating a key seed and one at random;
Parameter chooses module, for obtaining a key in pool of keys according to the key seed, and obscures value kind according to described Son obtains one in obscuring value pond and obscures value;
It signs source data encrypting module, for randomly selecting an Encryption Algorithm in Encryption Algorithm pond, using the Encryption Algorithm, According to the key and obscure value, the signature source data be encrypted, and signs to encrypted signature source data, Obtain the first encrypted signature data;
Request source data encryption module according to the key and obscures value to asking source data for utilizing the Encryption Algorithm It is encrypted, obtains a request encryption data;
Sending module, for by the timestamp, the key seed, described obscure value seed, the first encrypted signature number It is sent to server according to the request encryption data.
11. according to the client described in claim 10, which is characterized in that the client further includes parameter generation module, Obscure value pond with described for generating the pool of keys according to predefined rule.
12. according to the client described in claim 10, which is characterized in that the client further includes correction verification module, is used for It is described an Encryption Algorithm is randomly selected in Encryption Algorithm pond before, verify and load encryption all in the Encryption Algorithm pond Algorithm.
13. according to the client described in claim 10, which is characterized in that the sending module is additionally operable to be assisted according to HTTP View, by the timestamp, the key seed, it is described obscure value seed, the first encrypted signature data with it is described request add Ciphertext data is converted to transmission data;
By the timestamp, the key seed, it is described obscure value seed and the first encrypted signature data be set to it is described In the request header of transmission data, and the request encryption data is set in the request body of the transmission data;
The transmission data is sent to server.
14. a kind of server, which is characterized in that the server includes:
Data reception module, for receiving the timestamp of client transmission, first key seed, first obscuring value seed, first Encrypted signature data and request encryption data;
Parameter chooses module, for obtaining first key in pool of keys according to the first key seed, and according to described the One, which obscures value seed, obtains first in obscuring value pond and obscures value;
Signature source data encrypting module, for generating a signature source data according to fixed character and the timestamp, according to described First key, described first obscure value, and the signature source data is encrypted respectively using the algorithm in Encryption Algorithm pond, and It signs to encrypted signed data, obtains multiple second encrypted signature data;
Judgment module, for judging whether the first encrypted signature data and each second signed data are consistent successively;
Algorithm picks module, for when the first encrypted signature data are consistent with second signed data, will be used The Encryption Algorithm pond in algorithm as Encryption Algorithm;
Deciphering module is obscured value according to the first key and first and is encrypted to the request for utilizing the Encryption Algorithm Data are decrypted, and obtain request source data;
Sending module for generating a packet source data according to the request source data, and described time packet source data is sent to The client.
15. server according to claim 14, which is characterized in that the sending module is additionally operable to that described Bao Yuan will be being returned Data are sent to before the client, value are obscured according to the Encryption Algorithm, first key and first, to described time bag data It is encrypted.
16. server according to claim 14, which is characterized in that the sending module is additionally operable to that described Bao Yuan will be being returned Data are sent to before the client, are randomly selected the second key seed and second and are obscured value seed, close according to described second Key seed obtains the second key in pool of keys, obscures value seed according to described second and obtains second in obscuring value pond and obscures Value;
According to the Encryption Algorithm, obscures value using second key and second, described time packet source data is encrypted.
17. server according to claim 16, which is characterized in that the sending module is additionally operable to:
According to http protocol, second key seed, described second are obscured into value seed and the encrypted sources the Hui Bao number According to being converted to returned data;
Second key seed is obscured value seed with described second and is set in the request header of the returned data, and will be described Encrypted time packet source data is set in the request body of the returned data.
18. server according to claim 14 is set, which is characterized in that the algorithm picks module is additionally operable to calculate in encryption An Encryption Algorithm is randomly selected in method pond as agreement Encryption Algorithm, and the agreement Encryption Algorithm is sent to the transmission mould The agreement Encryption Algorithm is sent to the client by block, the sending module.
CN201810471937.5A 2018-05-17 2018-05-17 Dynamic encryption and decryption method for network communication Active CN108632296B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810471937.5A CN108632296B (en) 2018-05-17 2018-05-17 Dynamic encryption and decryption method for network communication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810471937.5A CN108632296B (en) 2018-05-17 2018-05-17 Dynamic encryption and decryption method for network communication

Publications (2)

Publication Number Publication Date
CN108632296A true CN108632296A (en) 2018-10-09
CN108632296B CN108632296B (en) 2021-08-13

Family

ID=63693475

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810471937.5A Active CN108632296B (en) 2018-05-17 2018-05-17 Dynamic encryption and decryption method for network communication

Country Status (1)

Country Link
CN (1) CN108632296B (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109861819A (en) * 2019-03-19 2019-06-07 天津中德应用技术大学 Based on the data ciphering method and decryption method for obscuring encryption block algorithm
CN110891061A (en) * 2019-11-26 2020-03-17 中国银联股份有限公司 Data encryption and decryption method and device, storage medium and encrypted file
CN111142484A (en) * 2019-12-24 2020-05-12 南京轩世琪源软件科技有限公司 Industrial control system and control method
CN111245802A (en) * 2020-01-06 2020-06-05 银清科技有限公司 Data transmission security control method, server and terminal
CN113204772A (en) * 2021-04-26 2021-08-03 五八有限公司 Data processing method, device, system, terminal, server and storage medium
CN113315761A (en) * 2021-05-13 2021-08-27 中国经济信息社有限公司 Client and server data transmission method and device

Citations (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050044351A1 (en) * 2001-09-13 2005-02-24 Harvey Ian Nigel Digital time stamping system
CN1645796A (en) * 2005-02-28 2005-07-27 胡祥义 Method for preventing user's pin from illegal use by double verification protocol
CN1819515A (en) * 2006-03-20 2006-08-16 胡祥义 Realizing method of security symmetric coding algorithm
CN1972237A (en) * 2006-12-06 2007-05-30 胡祥义 VPN system based on dynamic encryption algorithm
CN101572601A (en) * 2009-06-09 2009-11-04 普天信息技术研究院有限公司 Data encryption and transmission method and device thereof
CN102546179A (en) * 2011-12-31 2012-07-04 珠海市君天电子科技有限公司 Identity authentication method applied between server side and client side
CN105763322A (en) * 2016-04-13 2016-07-13 同济大学 Obfuscatable encryption key-insulated digital signature making method and system
CN105763315A (en) * 2014-12-16 2016-07-13 展讯通信(深圳)有限公司 Data encryption and decryption method and apparatus thereof, and communication system
CN106100842A (en) * 2016-06-22 2016-11-09 广西咪付网络技术有限公司 A kind of dynamic encryption and decryption method and system
CN106559217A (en) * 2015-09-29 2017-04-05 腾讯科技(深圳)有限公司 A kind of dynamic encrypting method, terminal, server
CN106714146A (en) * 2015-11-13 2017-05-24 广西咪付网络技术有限公司 Communication encryption method for Bluetooth BLE devices
CN106850220A (en) * 2017-02-22 2017-06-13 腾讯科技(深圳)有限公司 Data ciphering method, data decryption method and device
CN106953730A (en) * 2016-01-07 2017-07-14 上海格尔软件股份有限公司 The safety method of the Windows code signatures containing timestamp is realized under physical isolation network environment
CN107086920A (en) * 2017-06-20 2017-08-22 无锡井通网络科技有限公司 Copyright based on block chain really weighs method
CN107833032A (en) * 2017-10-26 2018-03-23 胡祥义 It is a kind of based on mobile phone without card Bank Account Number implementation method

Patent Citations (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050044351A1 (en) * 2001-09-13 2005-02-24 Harvey Ian Nigel Digital time stamping system
CN1645796A (en) * 2005-02-28 2005-07-27 胡祥义 Method for preventing user's pin from illegal use by double verification protocol
CN1819515A (en) * 2006-03-20 2006-08-16 胡祥义 Realizing method of security symmetric coding algorithm
CN1972237A (en) * 2006-12-06 2007-05-30 胡祥义 VPN system based on dynamic encryption algorithm
CN101572601A (en) * 2009-06-09 2009-11-04 普天信息技术研究院有限公司 Data encryption and transmission method and device thereof
CN102546179A (en) * 2011-12-31 2012-07-04 珠海市君天电子科技有限公司 Identity authentication method applied between server side and client side
CN105763315A (en) * 2014-12-16 2016-07-13 展讯通信(深圳)有限公司 Data encryption and decryption method and apparatus thereof, and communication system
CN106559217A (en) * 2015-09-29 2017-04-05 腾讯科技(深圳)有限公司 A kind of dynamic encrypting method, terminal, server
CN106714146A (en) * 2015-11-13 2017-05-24 广西咪付网络技术有限公司 Communication encryption method for Bluetooth BLE devices
CN106953730A (en) * 2016-01-07 2017-07-14 上海格尔软件股份有限公司 The safety method of the Windows code signatures containing timestamp is realized under physical isolation network environment
CN105763322A (en) * 2016-04-13 2016-07-13 同济大学 Obfuscatable encryption key-insulated digital signature making method and system
CN106100842A (en) * 2016-06-22 2016-11-09 广西咪付网络技术有限公司 A kind of dynamic encryption and decryption method and system
CN106850220A (en) * 2017-02-22 2017-06-13 腾讯科技(深圳)有限公司 Data ciphering method, data decryption method and device
CN107086920A (en) * 2017-06-20 2017-08-22 无锡井通网络科技有限公司 Copyright based on block chain really weighs method
CN107833032A (en) * 2017-10-26 2018-03-23 胡祥义 It is a kind of based on mobile phone without card Bank Account Number implementation method

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109861819A (en) * 2019-03-19 2019-06-07 天津中德应用技术大学 Based on the data ciphering method and decryption method for obscuring encryption block algorithm
CN110891061A (en) * 2019-11-26 2020-03-17 中国银联股份有限公司 Data encryption and decryption method and device, storage medium and encrypted file
WO2021103802A1 (en) * 2019-11-26 2021-06-03 中国银联股份有限公司 Methods and apparatuses for encrypting and decrypting data, storage medium and encrypted file
CN110891061B (en) * 2019-11-26 2021-08-06 中国银联股份有限公司 Data encryption and decryption method and device, storage medium and encrypted file
TWI809292B (en) * 2019-11-26 2023-07-21 大陸商中國銀聯股份有限公司 Data encryption and decryption method, device, storage medium and encrypted file
CN111142484A (en) * 2019-12-24 2020-05-12 南京轩世琪源软件科技有限公司 Industrial control system and control method
CN111142484B (en) * 2019-12-24 2021-04-30 南京轩世琪源软件科技有限公司 Industrial control system and control method
CN111245802A (en) * 2020-01-06 2020-06-05 银清科技有限公司 Data transmission security control method, server and terminal
CN111245802B (en) * 2020-01-06 2022-06-17 银清科技有限公司 Data transmission security control method, server and terminal
CN113204772A (en) * 2021-04-26 2021-08-03 五八有限公司 Data processing method, device, system, terminal, server and storage medium
CN113315761A (en) * 2021-05-13 2021-08-27 中国经济信息社有限公司 Client and server data transmission method and device
CN113315761B (en) * 2021-05-13 2023-01-31 中国经济信息社有限公司 Client and server data transmission method and device

Also Published As

Publication number Publication date
CN108632296B (en) 2021-08-13

Similar Documents

Publication Publication Date Title
CN108632296A (en) A kind of dynamic encryption and decryption method of network communication
CN106527673B (en) Bind method and apparatus, electric paying method and the device of wearable device
CN107358441B (en) Payment verification method and system, mobile device and security authentication device
CN109672539A (en) SM2 algorithm collaboration signature and decryption method, apparatus and system
EP3661118A1 (en) System and method for performing secure communications
US20060280297A1 (en) Cipher communication system using device authentication keys
CN103152362B (en) Based on the large data files encrypted transmission method of cloud computing
CN110050437A (en) The device and method of distributed certificate registration
CN106101150B (en) The method and system of Encryption Algorithm
US20150326395A1 (en) Method for setting up a secure connection between clients
CN104094267A (en) Method, device, and system for securely sharing media content from a source device
CN106375990B (en) A kind of encrypting and deciphering system and encipher-decipher method of mobile phone private data
CN101783800A (en) Embedded system safety communication method, device and system
US20190268145A1 (en) Systems and Methods for Authenticating Communications Using a Single Message Exchange and Symmetric Key
CN115001685B (en) Method, device, equipment and storage medium for inadvertent transmission
CN106817346A (en) Data transmission method and device and electronic equipment
CN103368975A (en) Method and system for safe transmission of batch of data
CN108199847A (en) Security processing method, computer equipment and storage medium
CN109687966A (en) Encryption method and its system
JP6930053B2 (en) Data encryption method and system using device authentication key
CN104753918B (en) A kind of method of mobile phone offline authentication
CN110383755A (en) The network equipment and trusted third party's equipment
CN113079002B (en) Data encryption method, data decryption method, key management method, medium, and device
CN105530089A (en) Attribute base encryption method and device
CN106295372B (en) A kind of encryption Hub device realized based on EMMC interface

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant