CN110138795B - Multi-step mixed encryption and decryption method in communication process - Google Patents
Multi-step mixed encryption and decryption method in communication process Download PDFInfo
- Publication number
- CN110138795B CN110138795B CN201910433543.5A CN201910433543A CN110138795B CN 110138795 B CN110138795 B CN 110138795B CN 201910433543 A CN201910433543 A CN 201910433543A CN 110138795 B CN110138795 B CN 110138795B
- Authority
- CN
- China
- Prior art keywords
- key
- ciphertext
- mixed
- symmetric key
- combined information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/045—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention provides a multi-step mixed encryption method in a communication process, which comprises the following steps: a sending end sends a request to a receiving end to obtain a public key; generating a random number as a symmetric key using a pseudo random number generator; encrypting a communication plaintext by using the generated symmetric key to obtain a ciphertext; encrypting the symmetric key by using a public key of a receiving end to obtain a mixed key; and combining the ciphertext and the mixed key to obtain combined information, and sending the combined information to a receiving end. The invention also provides a multi-step mixed decryption method in the communication process, which comprises the following steps: the receiving end responds to the request of the sending end, sends the public key to the sending end and stores the private key in the receiving end; splitting the received combined information to respectively obtain a mixed key and a ciphertext; decrypting the mixed key by using a private key to obtain a symmetric key; and decrypting the ciphertext by using the symmetric key to obtain a plaintext. The invention greatly improves the encryption and decryption efficiency on the premise of ensuring the safe transmission of information.
Description
Technical Field
The invention relates to the field of file encryption and decryption, in particular to a multi-step mixed encryption and decryption method in a communication process.
Background
With the rapid development of the internet, people have changed their lives with the earth. The appearance of the E-mail and the horizontal emergence of social software such as QQ, WeChat and the like thoroughly change the working mode and the life mode of people.
However, problems such as leakage of information, exposure of privacy, and the like have also been followed. Information encryption technology is particularly important in the internet era.
The existing communication information encryption technology has the following problems: 1. the encryption form is too single; 2. the encryption technology is old and is easy to decrypt and identify; 3. some encryption algorithms are complex, but have poor performance and affect communication efficiency.
Disclosure of Invention
One of the technical problems to be solved by the present invention is to provide a multi-step hybrid encryption method in a communication process, which can improve the security of the encryption process and ensure the efficiency and quality of the communication process.
The invention realizes one of the technical problems as follows: a multi-step hybrid encryption method in a communication process, the method comprising:
a sending end sends a request to a receiving end to obtain a public key;
generating a random number as a symmetric key by using a pseudo-random number generator;
encrypting a communication plaintext by using the symmetric key to obtain a ciphertext;
encrypting the symmetric key by using the public key to obtain a mixed key;
and combining the ciphertext and the mixed key to obtain combined information, and sending the combined information to a receiving end.
And further, combining the ciphertext and the mixed key, separating the ciphertext and the mixed key by using a separator to obtain combined information, and sending the combined information to a receiving end.
Furthermore, a flag bit is added into the transmitted information, when the information is communicated for the first time, the combined information containing the ciphertext and the mixed key is transmitted, the flag bit is set to be 1, and when the information is communicated for the subsequent time, the ciphertext is directly transmitted, and the flag bit is set to be 0.
Further, the public key is used for encrypting the symmetric key through an RSA algorithm to obtain a mixed key.
Further, the symmetric key is used for encrypting the communication plaintext through an AES algorithm to obtain a ciphertext.
The second technical problem to be solved by the present invention is to provide a multi-step hybrid decryption method in the communication process, which can improve the security of the encryption process and ensure the efficiency and quality of the communication process.
The invention realizes the second technical problem in the following way: a multi-step hybrid decryption method in a communication process, the method comprising:
the receiving end responds to the request of the sending end, sends the public key to the sending end and stores the private key in the receiving end;
splitting the received combined information to respectively obtain a mixed key and a ciphertext;
decrypting the mixed key by using the private key to obtain a symmetric key;
and decrypting the ciphertext by using the symmetric key to obtain a plaintext.
And further, decrypting the mixed key by using the private key to obtain a symmetric key and storing the symmetric key, judging a zone bit before splitting the received combined information by the receiving end, splitting the combined information according to a set rule if the zone bit represents that the combined information contains the key, and directly decrypting the ciphertext by using the stored symmetric key if the zone bit represents that the combined information does not contain the key.
And further, decrypting the mixed key by using the private key through an RSA algorithm to obtain a symmetric key.
And further, decrypting the ciphertext by using the symmetric key through an AES algorithm to obtain a plaintext.
The invention has the following advantages:
the high efficiency of the symmetric encryption and decryption algorithm and the high safety of the asymmetric encryption and decryption algorithm are combined to form a multi-step hybrid encryption method, so that the defects that the encryption and decryption efficiency is easily identified or greatly improved on the premise of ensuring the safe transmission of information in the prior art are overcome.
Drawings
The invention will be further described with reference to the following examples with reference to the accompanying drawings.
Fig. 1 is a schematic diagram of a multi-step hybrid encryption process according to the present invention.
Fig. 2 is a schematic diagram of the multi-step hybrid decryption process of the present invention.
Detailed Description
Referring to fig. 1, one embodiment of the present invention is realized as follows:
a multi-step hybrid encryption method in a communication process, comprising:
a sending end sends a request to a receiving end to obtain a public key;
generating a random number as a symmetric key using a pseudo random number generator;
encrypting a communication plaintext by using the generated symmetric key (specifically, encrypting by using an AES symmetric encryption algorithm) to obtain a ciphertext;
encrypting the symmetric key (specifically, encrypting by using an RSA asymmetric encryption algorithm) by using a public key of the receiving end to obtain a mixed key;
and combining the ciphertext and the mixed key, separating the ciphertext and the mixed key by using a separator (such as "#") to obtain combined information, and sending the combined information to a receiving end.
The symmetric key is generated by using a good pseudo-random number generator, the number of bits of the random number should be controlled within a reasonable range, the security of the key is reduced if the number of bits is too small, the decryption efficiency is reduced if the number of bits is too large, and in practical application, the length of 128 bits and 16 bytes can be adopted, which is the length of the well-known symmetric key.
In a preferred embodiment, the symmetric encryption algorithm used for encrypting the ciphertext is an AES (advanced encryption standard) encryption algorithm which is the symmetric encryption algorithm with the highest comprehensive index of security and efficiency, and the efficiency of encryption can be ensured by encrypting the communication plaintext by using a symmetric key; the public key encryption adopts an RSA asymmetric encryption algorithm, the length of the key can be selected from 1024 bits (the more the theoretical upper number is, the greater the decryption difficulty is, and the longer the decryption time is, but the decryption length in the world can be at most 768 bits at present, so that the more reasonable key length is selected from 1024 bits), and the security of the key can be ensured by encrypting the public key by using the asymmetric key.
In a preferred embodiment, in order to further improve communication efficiency, the sending end may not request the receiving end to send the public key to generate the hybrid key before encrypting the plaintext data each time, but may repeatedly encrypt the ciphertext by using the symmetric key of the last communication, and add a flag bit in the sent information to distinguish whether the ciphertext is the pure ciphertext or the combined information, for example, "0" may be used to represent the pure ciphertext, and "1" may be used to represent the combined information of the ciphertext and the hybrid key. When the communication is carried out for the first time, sending combined information containing a cipher text and a mixed key at the same time, and setting the flag bit to be 1, and when the communication is carried out for the next time, directly sending the cipher text and setting the flag bit to be 0; the receiving end judges the flag bit after receiving the data, if the flag bit is '0', the data does not contain the mixed key, and the symmetric key stored after the last communication can be directly used for decrypting the ciphertext.
Referring to fig. 2, a second embodiment of the present invention is realized as follows:
a multi-step hybrid decryption method in a communication process, comprising:
the receiving end responds to the request of the sending end, sends the public key to the sending end, and stores the private key in the receiving end.
Splitting the received combined information to respectively obtain a mixed key and a ciphertext;
decrypting the mixed key by using a private key through an RSA algorithm to obtain a symmetric key;
and decrypting the ciphertext by using the symmetric key through an AES algorithm to obtain the plaintext.
In a preferred embodiment, in order to further improve communication efficiency, the receiving end decrypts the hybrid key by using the private key, and after obtaining the symmetric key, stores the symmetric key, the sending end may not request the receiving end to send the public key to generate the hybrid key before encrypting plaintext data each time, but repeatedly encrypt the ciphertext by using the symmetric key of the last communication, and add a flag bit into the sent information, so that the receiving end determines the flag bit before splitting the received information, if the flag bit represents the combined information (for example, "1"), the splitting is performed according to a set rule, and if the flag bit represents the ciphertext (for example, "0"), the stored symmetric key is used to directly decrypt the ciphertext.
The invention combines the high efficiency of the symmetric encryption and decryption algorithm and the high security of the asymmetric encryption and decryption algorithm to form a multi-step mixed encryption method, thereby overcoming the defects that the prior art is easy to decrypt and identify or greatly improving the encryption and decryption efficiency on the premise of ensuring the safe transmission of information.
Although specific embodiments of the invention have been described above, it will be understood by those skilled in the art that the specific embodiments described are illustrative only and are not limiting upon the scope of the invention, and that equivalent modifications and variations can be made by those skilled in the art without departing from the spirit of the invention, which is to be limited only by the appended claims.
Claims (6)
1. A multi-step hybrid encryption method in a communication process, the method comprising:
a sending end sends a request to a receiving end to obtain a public key;
generating a random number as a symmetric key by using a pseudo-random number generator;
encrypting a communication plaintext by using the symmetric key to obtain a ciphertext;
encrypting the symmetric key by using the public key to obtain a mixed key;
combining the ciphertext and the mixed key, separating the ciphertext and the mixed key by using a separator to obtain combined information, and sending the combined information to a receiving end;
adding a flag bit into the transmitted information, transmitting the combined information containing the cipher text and the mixed key during the first communication, setting the flag bit to be 1, and directly transmitting the cipher text during the subsequent second communication, and setting the flag bit to be 0.
2. The multi-step hybrid encryption method in communication according to claim 1, wherein: and encrypting the symmetric key by using the public key through an RSA algorithm to obtain a mixed key.
3. The multi-step hybrid encryption method in communication according to claim 1, wherein: and encrypting the communication plain text by using the symmetric key through an AES algorithm to obtain a ciphertext.
4. A multi-step hybrid decryption method in a communication process, the method comprising:
the receiving end responds to the request of the sending end, sends the public key to the sending end and stores the private key in the receiving end;
splitting the received combined information to respectively obtain a mixed key and a ciphertext;
decrypting the mixed key by using the private key to obtain a symmetric key;
decrypting the ciphertext by using the symmetric key to obtain a plaintext;
and decrypting the mixed key by using the private key to obtain a symmetric key and storing the symmetric key, judging a zone bit before splitting the received combined information by the receiving end, splitting the combined information according to a set rule if the zone bit represents that the combined information contains the key, and directly decrypting the ciphertext by using the stored symmetric key if the zone bit represents that the combined information does not contain the key.
5. The multi-step hybrid decryption method in communication according to claim 4, wherein: and decrypting the mixed key by using the private key through an RSA algorithm to obtain a symmetric key.
6. The multi-step hybrid decryption method in communication according to claim 4, wherein: and decrypting the ciphertext by using the symmetric key through an AES algorithm to obtain a plaintext.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910433543.5A CN110138795B (en) | 2019-05-23 | 2019-05-23 | Multi-step mixed encryption and decryption method in communication process |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910433543.5A CN110138795B (en) | 2019-05-23 | 2019-05-23 | Multi-step mixed encryption and decryption method in communication process |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110138795A CN110138795A (en) | 2019-08-16 |
| CN110138795B true CN110138795B (en) | 2021-11-19 |
Family
ID=67572753
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910433543.5A Active CN110138795B (en) | 2019-05-23 | 2019-05-23 | Multi-step mixed encryption and decryption method in communication process |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110138795B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110535868A (en) * | 2019-09-05 | 2019-12-03 | 山东浪潮商用系统有限公司 | Data transmission method and system based on Hybrid Encryption algorithm |
| CN110636502A (en) * | 2019-09-23 | 2019-12-31 | 华南理工大学 | Wireless encryption communication method and system |
| CN113300832B (en) * | 2020-02-21 | 2023-05-05 | 阿里巴巴集团控股有限公司 | Communication link establishment method, device, storage medium, processor and system |
| CN112653558B (en) * | 2020-12-31 | 2023-07-18 | 南威软件股份有限公司 | Validity identification method, device and medium for mobile equipment electronic signature |
| CN113438079A (en) * | 2021-06-22 | 2021-09-24 | 国家电网有限公司 | Hybrid encryption method for low-voltage Internet of things sensing terminal and intelligent electric meter |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2013042143A1 (en) * | 2011-09-19 | 2013-03-28 | Telespazio S.P.A. | Management of synchronized symmetric keys for securing data exchanged by communication nodes |
| CN107403312A (en) * | 2016-05-18 | 2017-11-28 | 北京三星通信技术研究有限公司 | Quick payment method and apparatus |
| CN109150923A (en) * | 2018-11-06 | 2019-01-04 | 江苏怡通数码科技有限公司 | Transmitted data on network security processing based on Hybrid Encryption |
-
2019
- 2019-05-23 CN CN201910433543.5A patent/CN110138795B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2013042143A1 (en) * | 2011-09-19 | 2013-03-28 | Telespazio S.P.A. | Management of synchronized symmetric keys for securing data exchanged by communication nodes |
| CN107403312A (en) * | 2016-05-18 | 2017-11-28 | 北京三星通信技术研究有限公司 | Quick payment method and apparatus |
| CN109150923A (en) * | 2018-11-06 | 2019-01-04 | 江苏怡通数码科技有限公司 | Transmitted data on network security processing based on Hybrid Encryption |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110138795A (en) | 2019-08-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110138795B (en) | Multi-step mixed encryption and decryption method in communication process | |
| CN107086915B (en) | Data transmission method, data sending end and data receiving end | |
| US6125185A (en) | System and method for encryption key generation | |
| CN109005027B (en) | Random data encryption and decryption method, device and system | |
| CN103684794A (en) | Communication data encryption and decryption method based on DES (Data Encryption Standard), RSA and SHA-1 (Secure Hash Algorithm) encryption algorithms | |
| CN104253694A (en) | Encrypting method for network data transmission | |
| CN112165443A (en) | Multi-key information encryption and decryption method and device and storage medium | |
| CN112055022A (en) | High-efficiency and high-security network file transmission double encryption method | |
| CN107181584B (en) | Asymmetric completely homomorphic encryption and key replacement and ciphertext delivery method thereof | |
| CN102355350A (en) | File encryption method applied for mobile intelligent terminal and system thereof | |
| CN103731270A (en) | Communication data encryption and decryption method based on BBS, RSA and SHA-1 encryption algorithm | |
| CN104270242A (en) | Encryption and decryption device used for network data encryption transmission | |
| CN106533656A (en) | Key multilayer mixed encryption/decryption method based on WSN | |
| AU2006221272A1 (en) | Data processing apparatus | |
| CN114499857B (en) | Method for realizing data correctness and consistency in encryption and decryption of large data quanta | |
| CN104486756B (en) | A kind of encryption and decryption method and system of close writing paper short message | |
| CN104618355B (en) | A kind of safety storage and the method for transmission data | |
| JP2005012466A (en) | Message authentication method and system | |
| CN108494554B (en) | Data symmetric encryption method based on double plaintexts | |
| CN115001758B (en) | Quantum encryption-based short byte message security encryption method | |
| CN101437145B (en) | Safety management method and apparatus for layering cipher key, and enciphering/deciphering device | |
| CN110047181B (en) | Intelligent door lock safety control method based on Zigbee | |
| CN104955037A (en) | Communication encryption method and device for GSM (global system for mobile communications) mobile phones | |
| CN107483387A (en) | A kind of method of controlling security and device | |
| CN111131158A (en) | Single byte symmetric encryption and decryption method, device and readable medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |