CN112637166B - Data transmission method, device, terminal and storage medium - Google Patents
Data transmission method, device, terminal and storage medium Download PDFInfo
- Publication number
- CN112637166B CN112637166B CN202011476863.8A CN202011476863A CN112637166B CN 112637166 B CN112637166 B CN 112637166B CN 202011476863 A CN202011476863 A CN 202011476863A CN 112637166 B CN112637166 B CN 112637166B
- Authority
- CN
- China
- Prior art keywords
- data
- encryption algorithm
- client
- asymmetric encryption
- transmitted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
Abstract
The invention discloses a data transmission method, a data transmission device, a terminal and a storage medium, which are applied to a first client side, wherein the method comprises the following steps: loading a pre-configured asymmetric encryption algorithm table when plaintext data to be transmitted is detected; acquiring the priority of each asymmetric encryption algorithm in the asymmetric encryption algorithm table, and determining the optimal asymmetric encryption algorithm based on the priority; detecting whether data communication among a plurality of internal chips is invaded or not, collecting a current face image for authority authentication when the data communication among the plurality of internal chips is not invaded, and extracting private key data from a preset key database after the authentication is successful; encrypting plaintext data based on an optimal asymmetric encryption algorithm and private key data to generate ciphertext data; and sending the ciphertext data to the second client through a pre-established data sharing network. By adopting the embodiment of the application, the data transmission method and the data transmission device, the data transmission can be prevented from being tampered, and the risk of data leakage is reduced. Meanwhile, the invention is also suitable for the block chain technology.
Description
Technical Field
The present invention relates to the field of information security, and in particular, to a data transmission method, apparatus, terminal, and storage medium.
Background
Data encryption transmission is an important technology in the field of data security, and with the advent of the big data era, the data security problem is more and more emphasized by people, especially in the financial field, for example: sensitive information of a client, access authority of a financial information system, encryption of transaction quantitative sensitive information and the like. The leakage of sensitive information can not only cause loss to the operation of enterprises, but also influence the reputation of the enterprises, so that the encryption and the quick transmission of sensitive data are very important in the modern internet industry, particularly the financial insurance industry.
In the existing data transmission, the data transmission method mainly comprises the steps that a transmitter and a receiver jointly establish a data transmission secure channel, and the transmitter and the receiver perform data exchange processing operation in the secure channel to ensure the data security.
Disclosure of Invention
Based on this, it is necessary to provide a data transmission method, an apparatus, a terminal, and a storage medium for solving the problem that there may be a risk of tampering in the data transmission process.
A data transmission method is applied to a first client, and comprises the following steps: when plaintext data to be transmitted is detected, loading a pre-configured asymmetric encryption algorithm table; acquiring the priority of each asymmetric encryption algorithm in the asymmetric encryption algorithm table, and determining the optimal asymmetric encryption algorithm based on the high-low sequence of the priority; detecting whether data communication among a plurality of internal chips is invaded, collecting a current face image to carry out authority authentication when the data communication among the plurality of internal chips is not invaded, and extracting private key data from a preset key database after the authentication is successful; encrypting the plaintext data to be transmitted based on the optimal asymmetric encryption algorithm and the private key data to generate ciphertext data; and sending the ciphertext data to a second client through a pre-established data sharing network.
In one embodiment, the obtaining the priority of each asymmetric encryption algorithm in the asymmetric encryption algorithm table, and determining an optimal asymmetric encryption algorithm based on the high-low order of the priority includes: analyzing the plaintext data to be transmitted, and determining the security level of the plaintext data to be transmitted; and acquiring the asymmetric encryption algorithm corresponding to the current moment from the asymmetric encryption algorithm table based on the security level.
In one embodiment, detecting plaintext data to be transmitted comprises: when the transmission mode of the plaintext data to be transmitted is detected to be a hardware mode, acquiring the plaintext data to be transmitted in real time through a flow probe; or when the transmission mode of the plaintext data to be transmitted is detected to be a software mode, acquiring the message information generated currently in real time through an application programming interface; analyzing the message information, and searching whether an encryption identifier exists in the analyzed message information or not; and when the encrypted identifier exists in the analyzed message information, acquiring plaintext data to be transmitted corresponding to the encrypted identifier from the message information.
In one embodiment, obtaining the priority of each asymmetric encryption algorithm in the asymmetric encryption algorithm table includes: acquiring set time indicated by each asymmetric encryption algorithm in the asymmetric encryption algorithm table; and determining the priority of each asymmetric encryption algorithm based on the time length from the set time indicated by each asymmetric encryption algorithm to the current time.
In one embodiment, obtaining the priority of each asymmetric encryption algorithm in the asymmetric encryption algorithm table includes: acquiring the use frequency of each asymmetric encryption algorithm in the asymmetric encryption algorithm table; and determining the priority of each asymmetric encryption algorithm based on the use frequency of each asymmetric encryption algorithm.
In one embodiment, the method further comprises: when a response of the second client to the ciphertext data sent by the first client is received, acquiring the ciphertext data sent by the second client to the first client; acquiring a public key of the second client, decrypting the ciphertext data sent by the second client aiming at the first client based on the public key of the second client, and obtaining decrypted data after the decryption is successful; and secondarily decrypting the decrypted data based on the extracted private key data to generate plaintext data.
A data transmission method is applied to a second client side, and comprises the following steps: when a data access request sent by a first client aiming at a second client is received, acquiring ciphertext data sent by the first client aiming at the second client; acquiring a public key of the first client, decrypting the ciphertext data based on the public key of the first client, and generating plaintext data after decryption is successful; acquiring data information required by a first client based on the plaintext data, and loading an asymmetric encryption algorithm table; determining the security level corresponding to the data information required by the first client; acquiring an asymmetric encryption algorithm corresponding to the current moment from the asymmetric encryption algorithm table based on the security level; encrypting the data information required by the first client based on the public key of the first client and the asymmetric encryption algorithm corresponding to the current moment to generate encrypted data information; detecting whether data communication among a plurality of internal chips is invaded or not, collecting a current face image for authority authentication when the data communication among the plurality of internal chips is not invaded, and extracting second private key data from a preset key database after the authority authentication is successful; encrypting the encrypted data information again based on the second private key data and the asymmetric encryption algorithm corresponding to the current moment to generate ciphertext data after secondary encryption; and responding the encrypted ciphertext data subjected to the secondary encryption to the first client through a pre-established data sharing network.
A data transmission device is applied to a first client, and comprises: the device comprises a to-be-transmitted data detection module, a data transmission module and a data transmission module, wherein the to-be-transmitted data detection module is used for loading a pre-configured asymmetric encryption algorithm table when plaintext data to be transmitted is detected; the optimal asymmetric encryption algorithm determining module is used for acquiring the priority of each asymmetric encryption algorithm in the asymmetric encryption algorithm table and determining the optimal asymmetric encryption algorithm based on the high-low sequence of the priority; the private key data extraction module is used for detecting whether data communication among a plurality of chips in the private key data extraction module is invaded, collecting a current face image for authority authentication when the data communication is not invaded, and extracting private key data from a preset key database after the authentication is successful; the data encryption module is used for encrypting the plaintext data to be transmitted based on the optimal asymmetric encryption algorithm and the private key data to generate ciphertext data; and the ciphertext data sending module is used for sending the ciphertext data to a second client through a pre-established data sharing network.
A terminal comprising a memory and a processor, the memory having stored therein computer readable instructions which, when executed by the processor, cause the processor to perform the steps of the above-described data transmission method.
A storage medium having stored thereon computer-readable instructions which, when executed by one or more processors, cause the one or more processors to perform the steps of the above-described data transmission method.
In the embodiment of the data transmission method, the data transmission device, the terminal and the storage medium, the first client loads the pre-configured asymmetric encryption algorithm table when detecting that the plaintext data to be transmitted exists, and the priority of each asymmetric encryption algorithm in the asymmetric encryption algorithm table is obtained, then the optimal asymmetric encryption algorithm is determined based on the sequence of the priority, and then detecting whether data communication among a plurality of internal chips is invaded, acquiring a current face image to carry out authority authentication when the data communication is not invaded, extracting private key data from a preset key database after the authentication is successful, encrypting the plaintext data to be transmitted based on the optimal asymmetric encryption algorithm and the private key data to generate ciphertext data, and finally sending the ciphertext data to a second client through a pre-established data sharing network. According to the method and the device, the optimal asymmetric encryption algorithm is selected from the preset asymmetric encryption algorithm table according to the priority level and the data is encrypted and decrypted by combining the prestored asymmetric encryption public key and private key file during data transmission, so that the data can be prevented from being tampered in the data transmission process, and the possibility of data leakage is further reduced.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the invention and together with the description, serve to explain the principles of the invention.
Fig. 1 is a diagram of an implementation environment of a data transmission method provided in an embodiment of the present application;
fig. 2 is a schematic diagram of an internal structure of a terminal according to an embodiment of the present application;
fig. 3 is a schematic diagram of a data transmission method provided in an embodiment of the present application;
fig. 4 is a schematic diagram of another data transmission method provided in an embodiment of the present application;
fig. 5 is a schematic device diagram of a data transmission device according to an embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
It will be understood that, as used herein, the terms "first," "second," and the like may be used herein to describe various elements, but these elements are not limited by these terms. These terms are only used to distinguish one element from another.
Fig. 1 is a diagram of an implementation environment of a data transmission method provided in an embodiment, as shown in fig. 1, in the implementation environment, including a first client 110 and a second client 120.
The first client 110 is a computer device, for example, a computer device for encrypting sensitive data to be transmitted, and the data encryption tool is installed on the first client 110. The second client 120 is installed with an application that needs to perform operations such as decryption on data corresponding to a task to be transmitted, when data encryption is needed, sensitive data to be transmitted can be subjected to data encryption at the first client 110, the first client 110 detects plaintext data to be transmitted, and the first client 110 loads a preconfigured asymmetric encryption algorithm table when detecting that the plaintext data to be transmitted exists; the first client 110 obtains the priority of each asymmetric encryption algorithm in the asymmetric encryption algorithm table, and the first client 110 determines the optimal asymmetric encryption algorithm based on the high-low order of the priority; the first client 110 detects whether data communication among a plurality of internal chips is invaded, acquires a current face image to carry out authority authentication when the data communication is not invaded, and extracts private key data from a preset key database after the authentication is successful; the first client 110 encrypts the plaintext data to be transmitted based on the optimal asymmetric encryption algorithm and the private key data to generate ciphertext data; the first client 110 sends the ciphertext data to the second client 120 through a pre-established data sharing network.
When receiving a data access request sent by a first client to a second client, the second client 120 acquires ciphertext data sent to the second client; the second client 120 acquires the public key of the first client, decrypts the ciphertext data based on the public key of the first client, and generates plaintext data after decryption is successful; the second client 120 acquires data information required by the first client based on plaintext data, and determines an optimal asymmetric encryption algorithm based on the priority order of the asymmetric encryption algorithms in the asymmetric encryption algorithm table; the second client 120 encrypts the data information required by the first client based on the public key of the first client and the optimal asymmetric encryption algorithm to generate encrypted data information; the second client 120 detects whether data communication among a plurality of internal chips is invaded, acquires a current face image for authority authentication when the data communication is not invaded, and extracts private key data from a preset key database after the authentication is successful; the second client 120 encrypts the encrypted data information again based on the private key data and the optimal asymmetric encryption algorithm to generate secondarily encrypted data information; the second client 120 responds the secondarily encrypted data information to the first client 110 through a pre-established data sharing network.
When the first client 110 receives a data response sent by the second client to the first client, the first client 110 obtains ciphertext data sent to the first client; the first client 110 obtains the public key of the second client, decrypts the ciphertext data sent by the first client based on the public key of the second client, and obtains decrypted data after the decryption is successful; the first client 110 decrypts the decrypted data twice based on the extracted private key data, and generates plaintext data.
It should be noted that the client 120 may be a smart phone, a tablet computer, a notebook computer, a desktop computer, and the like, but is not limited thereto. The server 110 and the client 120 may be connected through bluetooth, USB (Universal Serial Bus), or other communication connection manners, which is not limited herein.
Fig. 2 is a schematic diagram of an internal structure of the terminal in one embodiment. As shown in fig. 2, the terminal includes a processor, a nonvolatile storage medium, a memory, and a network interface, which are connected through a system bus. The non-volatile storage medium of the terminal stores an operating system, a database and computer readable instructions, the database can store control information sequences, and the computer readable instructions can enable the processor to realize a data transmission method when being executed by the processor. The processor of the terminal is used to provide computing and control capabilities to support the operation of the entire terminal. The memory of the terminal may have stored therein computer readable instructions that, when executed by the processor, may cause the processor to perform a data transmission method. The network interface of the terminal is used for connecting and communicating with the terminal. Those skilled in the art will appreciate that the configuration shown in fig. 2 is a block diagram of only a portion of the configuration associated with the present application and does not constitute a limitation on the terminal to which the present application is applied, and that a particular terminal may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
The data transmission method provided in the embodiments of the present application will be described in detail below with reference to fig. 3 to fig. 4. The method may be implemented in dependence on a computer program, operable on a data transmission device based on the von neumann architecture. The computer program may be integrated into the application or may run as a separate tool-like application.
Referring to fig. 3, a schematic flow chart of a data transmission method applied to a first client is provided in the embodiment of the present application. As shown in fig. 3, the method of the embodiment of the present application may include the following steps:
s101, when plaintext data to be transmitted is detected to exist, loading a pre-configured asymmetric encryption algorithm table;
generally, when a plurality of clients perform data transmission, the data sharing network is pre-established, and the data sharing network can be regarded as an internally established local area network, and the network only provides data transmission service for the clients which successfully join the data sharing network. The data sharing network can also be regarded as an intranet of a company, only provides network transmission service for the client of the company, other external clients cannot access the host added into the data sharing network, the establishment of the data sharing network can guarantee the security of the host inside the company, and meanwhile, data transmission among all hosts of the company can be monitored, so that the security level of the data of the company is further improved.
Further, the shared network is in communication connection with a blockchain network deployed by the cloud service, and the blockchain stores a private key for data encryption of the current host. The private key is stored in the block chain network, so that the security of the private key can be further improved.
Further, after the data sharing network is established, after the plurality of hosts join the data sharing network, the plurality of hosts can perform data transmission based on the network.
In the embodiment of the present application, the preconfigured asymmetric cryptographic algorithm table is an asymmetric cryptographic algorithm library set by an administrator, the asymmetric cryptographic algorithm library stores a plurality of different asymmetric cryptographic algorithms, and each of the plurality of different asymmetric cryptographic algorithms has a priority. When the client encrypts the plaintext data, the encryption algorithm can be acquired from the asymmetric encryption algorithm library for encryption. Because the asymmetric encryption algorithm library is managed by an administrator, the asymmetric encryption algorithms in the asymmetric encryption algorithm library can be updated in real time along with the change of time. When the operations such as adding, deleting, modifying, checking and the like are performed on the algorithms in the asymmetric encryption algorithm library, the parameter information is recorded corresponding to the operation time, the operation times and the like.
In a possible implementation manner, when two clients in a data sharing network are added to perform data transmission, the clients detect whether plaintext data to be transmitted exists in real time, the detection manner can be a hardware detection manner or a software detection manner, for example, the hardware detection manner can be detection by a flow probe, the software detection manner can be detection by a manner of detecting an identifier in a message, when plaintext data to be transmitted is detected, the clients are connected with a pre-created asymmetric encryption algorithm library, and a pre-configured asymmetric encryption algorithm table is loaded from the asymmetric encryption algorithm library.
Further, when detecting whether plaintext data to be transmitted exists or not in a software detection mode, all message data generated by a current client are acquired in real time, the message data comprise a data encryption instruction generated by a user through a key, and the instruction comprises an identifier set in advance in a software system, for example, the identifier of the data encryption instruction is 'encryption'. When a user generates a data encryption instruction through a client key, a message in the instruction is in a form of plaintext data plus an identifier, and the plaintext data is detected by the identifier when the message is found to have the identifier.
S102, acquiring the priority of each asymmetric encryption algorithm in the asymmetric encryption algorithm table, and determining the optimal asymmetric encryption algorithm based on the high-low sequence of the priority;
generally, the priority of each asymmetric encryption algorithm is preset by an administrator, and the setting of the priority can be defined in various ways.
For example, in a possible implementation manner, the client first obtains algorithm setting time indicated by each asymmetric encryption algorithm in the asymmetric encryption algorithm table, and then determines the priority of each encryption algorithm based on the time length from the algorithm setting time to the current time. In a possible implementation manner, the priority of each algorithm in the preset algorithm table is determined according to the set time, namely the shorter the set time is, the algorithm is added newly, and the newly added algorithm indicates that the encryption strength is higher.
Specifically, when the priority order of each algorithm in the algorithm table is determined, the setting time of each encryption algorithm in the encryption algorithm table is firstly obtained, the time interval set by each algorithm is obtained by making a difference between the setting time and the current time, and the encryption algorithm with the minimum time interval is selected as the most optimal encryption algorithm to perform encryption operation. The optimal encryption algorithm is selected by calculating the set time of each algorithm in the encryption algorithm table, so that the encryption strength is guaranteed to be higher.
For example, in another possible implementation manner, the client first obtains the use frequency of each asymmetric encryption algorithm in the asymmetric encryption algorithm table, and finally determines the priority of each asymmetric encryption algorithm based on the use frequency of each asymmetric encryption algorithm. In another possible implementation manner, the application defines that the determination of the priority of the algorithm is determined according to the frequency of use, and the less frequency of use of the algorithm indicates that the algorithm is not cracked less risk, i.e. the encryption strength of the encryption algorithm is higher.
Specifically, when the priority order of each encryption algorithm in the encryption algorithm table is determined, the use frequency of each encryption algorithm in the encryption algorithm table is firstly obtained, the encryption algorithm with the minimum use frequency is determined according to the use frequency data of each encryption algorithm, and finally the encryption algorithm with the minimum use frequency is determined as the current optimal encryption algorithm. According to the method and the device, the optimal encryption algorithm is selected according to the using frequency of each algorithm in the encryption algorithm table, and the higher encryption strength is guaranteed.
It should be noted that the priority may also be set according to other manners, which is not described herein again.
S103, detecting whether data communication among a plurality of internal chips is invaded, collecting a current face image for authority authentication when the data communication among the plurality of internal chips is not invaded, and extracting private key data from a preset key database after the authority authentication is successful;
generally, the internal multiple chips are communication chip devices used in data transmission in the data sharing network, and the internal multiple communication chips are detected to determine whether the current data sharing network is invaded by external intrusion, for example, an attack initiated by an external computer device for obtaining a private key stored in the computer device in the data sharing network, so that the data transmission can be stopped in time and the security of the data transmission can be ensured when the private key stored in the computer device in the data sharing network is leaked.
Specifically, when detecting whether data communication among a plurality of internal chips is invaded, two-way non-homogeneous communication modes among a plurality of communication chips in a shared data network are generally subjected to protocol analysis, comparison and analysis processing, if the communication data volume is the same as the communication data content, invasion is considered to be not suffered, and if the communication data volume is different from the communication data content, invasion is considered to be suffered.
The method comprises the steps of detecting whether computer equipment in a data sharing network is implanted with viruses or not, acquiring private key file data stored in the computer equipment in a virus implantation mode, wherein the virus implantation mode comprises self-checking and/or checking by a third-party trusted security company, the self-checking checks the capacity of a program storage area of the self-checking, when the capacity is increased, a newly added program file is searched in a traversal mode, parameters carried by the program file are analyzed, and when the analyzed parameters are unidentified parameter information, early warning is carried out, and the program is automatically deleted.
Further, when the intrusion is not found, the face image of the current user is collected through a camera of the current computer equipment to be encrypted for identification, after the identification passes the authority verification, the computer equipment is connected with the block chain network through the data sharing network, the current user information is sent to the block chain network for re-authentication, and after the authentication is successful, the block chain network responds the private key of the current computer equipment to the computer equipment through the sharing network, is connected with a database for storing the key file, and automatically acquires the private key data in the key file.
By checking whether the current shared data network is invaded, whether viruses exist in the current computer equipment, and whether the current user is a person with authority. When the three kinds of verification pass, the computer equipment can be connected with the key database to obtain the private key, the security during data transmission is further guaranteed by the mode, and data is prevented from being hijacked and tampered by people in the transmission process due to the fact that the private key is leaked.
S104, encrypting the plaintext data to be transmitted based on the optimal asymmetric encryption algorithm and the private key data to generate ciphertext data;
in a possible implementation manner, after the optimal asymmetric encryption algorithm is obtained based on step S102 and the private key data is obtained according to step S103, the plaintext data and the private key data to be transmitted are input into the optimal asymmetric encryption algorithm for encryption, and after the encryption is finished, ciphertext data is generated.
For example, a is plaintext data to be transmitted, and a is encrypted by an asymmetric encryption algorithm and a public key ek to obtain a ciphertext s ═ Eek (a), where Eek () is a public key encryption operation of the asymmetric encryption algorithm.
The asymmetric encryption Algorithm in the asymmetric encryption Algorithm table used in the embodiment of the present application may include a Hash Algorithm, an MD5(Message Digest Algorithm 5) Algorithm, a sha (secure Hash Algorithm) Algorithm, and the like, and preferably, during encryption, if the optimal asymmetric encryption Algorithm is RSA, 1024-bit private key numbers are preferably used, if the optimal asymmetric encryption Algorithm is ECC, 160-bit private keys are preferably used, and if the optimal asymmetric encryption Algorithm is AES, 128-bit private key data are preferably used.
And S105, sending the ciphertext data to a second client through a pre-established data sharing network.
Typically, the second client is a client that receives the ciphertext data.
For example, if the host a needs to query a certain data on the host B, the host a first encrypts the data to be queried into a through its own private key, and the host a sends a to the host B.
Further, step S102 further includes: the optimal encryption algorithm can be selected by calculating the data volume of the plaintext data to be encrypted, and the encryption algorithm can also be selected by the data importance degree of the data to be encrypted, and the encryption algorithm is specifically determined according to the actual data information to be transmitted, which is not limited here.
Further, in step S103, the key database generation method includes: the current computer equipment can generate private keys with different digits according to a plurality of set modes, then generate public key data according to the private key data with different digits, and finally send the generated private keys with different digits and the public keys corresponding to the private keys with different digits to a key database for storage. The method for generating the private key includes not only generating the private key by generating a random number, but also generating the private key by a current time plus the random number, and the specific generation method can be set by itself according to an actual application scenario and is not limited here.
Further, in order to ensure faster data transmission and save time, the encrypted data can be optimized by compression, and the currently commonly used algorithm is to transmit changed data items and ignore unchanged data items. When the amount of data variation is not large, the number of transmitted redundant bits is large, which results in a slow transmission speed. Thus, the variable bit and the non-variable bit are clearly separated, and compression is performed on a bit-by-bit level, so that an extremely high compression rate can be achieved even with an extremely simple run-length encoding compression algorithm.
Further, a data transmission method of the TCP/IP protocol is preferable in data transmission.
Further, when a data response sent by a second client to a first client is received, firstly ciphertext data sent to the first client is obtained, then a public key of the second client is obtained, the ciphertext data sent to the first client is decrypted based on the public key of the second client, decrypted data is obtained after the decryption is successful, and finally the decrypted data is decrypted for the second time based on the extracted private key data to generate plaintext data.
In the embodiment of the application, a first client side loads a pre-configured asymmetric encryption algorithm table when plaintext data to be transmitted is detected to exist, the priority of each asymmetric encryption algorithm in the asymmetric encryption algorithm table is obtained, an optimal asymmetric encryption algorithm is determined based on the sequence of the priority, whether data communication among a plurality of chips in the first client side is invaded or not is detected, a current face image is collected to conduct authority authentication when the data communication is not invaded, private key data are extracted from a preset key database after the authentication is successful, the plaintext data to be transmitted are encrypted based on the optimal asymmetric encryption algorithm and the private key data to generate ciphertext data, and the ciphertext data are transmitted to a second client side through a pre-established data sharing network. According to the method and the device, the optimal asymmetric encryption algorithm is selected from the preset asymmetric encryption algorithm table according to the priority level and the data is encrypted and decrypted by combining the prestored asymmetric encryption public key and private key file during data transmission, so that the data can be prevented from being tampered in the data transmission process, and the possibility of data leakage is further reduced.
Referring to fig. 4, a schematic flow chart of a data transmission method applied to a first client is provided in the embodiment of the present application. As shown in fig. 4, the method of the embodiment of the present application may include the following steps:
s201, when a data access request sent by a first client aiming at a second client is received, acquiring ciphertext data sent by the first client aiming at the second client;
s202, acquiring a public key of the first client, decrypting the ciphertext data based on the public key of the first client, and generating plaintext data after decryption is successful;
s203, determining a security level corresponding to the data information required by the first client, and acquiring an asymmetric encryption algorithm corresponding to the current moment from the asymmetric encryption algorithm table based on the security level;
s204, encrypting the data information required by the first client based on the public key of the first client and the asymmetric encryption algorithm corresponding to the current moment to generate encrypted data information;
s205, detecting whether data communication among a plurality of internal chips is invaded, collecting a current face image to carry out authority authentication when the data communication among the plurality of internal chips is not invaded, and extracting second private key data from a preset key database after the authentication is successful;
s206, encrypting the encrypted data information again based on the second private key data and the asymmetric encryption algorithm corresponding to the current moment to generate ciphertext data after secondary encryption;
and S207, responding the encrypted ciphertext data subjected to the secondary encryption to the first client through a pre-established data sharing network.
In the embodiment of the application, a first client loads a preconfigured asymmetric encryption algorithm table when plaintext data to be transmitted is detected to exist, the priority of each asymmetric encryption algorithm in the asymmetric encryption algorithm table is obtained, an optimal asymmetric encryption algorithm is determined based on the priority sequence, whether data communication among a plurality of chips in the first client is invaded or not is detected, a current face image is collected to perform authority authentication when the data communication is not invaded, private key data is extracted from a preset key database after the authentication is successful, the plaintext data to be transmitted is encrypted based on the optimal asymmetric encryption algorithm and the private key data to generate ciphertext data, and the ciphertext data is transmitted to a second client through a pre-established data sharing network. According to the method and the device, the optimal asymmetric encryption algorithm is selected from the preset asymmetric encryption algorithm table according to the priority level and the data is encrypted and decrypted by combining the prestored asymmetric encryption public key and private key file during data transmission, so that the data can be prevented from being tampered in the data transmission process, and the possibility of data leakage is further reduced.
The following are embodiments of the apparatus of the present invention that may be used to perform embodiments of the method of the present invention. For details which are not disclosed in the embodiments of the apparatus of the present invention, reference is made to the embodiments of the method of the present invention.
Referring to fig. 5, a schematic structural diagram of a data transmission apparatus according to an exemplary embodiment of the present invention is shown, which is applied to a first client. The data transmission system may be implemented as all or part of a terminal, in software, hardware or a combination of both. The device 1 comprises a data detection module 10 to be transmitted, an optimal asymmetric encryption algorithm determination module 20, a private key data extraction module 30, a data encryption module 40 and a ciphertext data sending module 50.
The data transmission device comprises a to-be-transmitted data detection module 10, a data transmission module and a data transmission module, wherein the to-be-transmitted data detection module is used for loading a pre-configured asymmetric encryption algorithm table when plaintext data to be transmitted is detected to exist;
an optimal asymmetric encryption algorithm determining module 20, configured to obtain priorities of the asymmetric encryption algorithms in the asymmetric encryption algorithm table, and determine an optimal asymmetric encryption algorithm based on a high-low order of the priorities;
the private key data extraction module 30 is used for detecting whether data communication among a plurality of chips in the private key data extraction module is invaded, collecting a current face image for authority authentication when the data communication is not invaded, and extracting private key data from a preset private key database after the authentication is successful;
the data encryption module 40 is configured to encrypt the plaintext data to be transmitted based on the optimal asymmetric encryption algorithm and the private key data to generate ciphertext data;
and the ciphertext data sending module 50 is configured to send the ciphertext data to the second client through a pre-established data sharing network.
It should be noted that, when the data transmission system provided in the foregoing embodiment executes the data transmission method, only the division of each functional module is illustrated, and in practical applications, the function distribution may be completed by different functional modules according to needs, that is, the internal structure of the device is divided into different functional modules, so as to complete all or part of the functions described above. In addition, the data transmission system and the data transmission method provided by the above embodiments belong to the same concept, and details of implementation processes thereof are referred to in the method embodiments and are not described herein again.
The above-mentioned serial numbers of the embodiments of the present application are merely for description and do not represent the merits of the embodiments.
In the embodiment of the application, a first client side loads a pre-configured asymmetric encryption algorithm table when plaintext data to be transmitted is detected to exist, the priority of each asymmetric encryption algorithm in the asymmetric encryption algorithm table is obtained, an optimal asymmetric encryption algorithm is determined based on the sequence of the priority, whether data communication among a plurality of chips in the first client side is invaded or not is detected, a current face image is collected to conduct authority authentication when the data communication is not invaded, private key data are extracted from a preset key database after the authentication is successful, the plaintext data to be transmitted are encrypted based on the optimal asymmetric encryption algorithm and the private key data to generate ciphertext data, and the ciphertext data are transmitted to a second client side through a pre-established data sharing network. According to the method and the device, the optimal asymmetric encryption algorithm is selected from the preset asymmetric encryption algorithm table according to the priority level and the data is encrypted and decrypted by combining the prestored asymmetric encryption public key and private key file during data transmission, so that the data can be prevented from being tampered in the data transmission process, and the possibility of data leakage is further reduced.
In one embodiment, a terminal is provided, the terminal comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing the following steps when executing the computer program: when detecting that plaintext data to be transmitted exist, a first client loads a pre-configured asymmetric encryption algorithm table; acquiring the priority of each asymmetric encryption algorithm in the asymmetric encryption algorithm table, and determining the optimal asymmetric encryption algorithm based on the high-low sequence of the priority; detecting whether data communication among a plurality of internal chips is invaded, collecting a current face image to carry out authority authentication when the data communication among the plurality of internal chips is not invaded, and extracting private key data from a preset key database after the authentication is successful; encrypting the plaintext data to be transmitted based on the optimal asymmetric encryption algorithm and the private key data to generate ciphertext data; and sending the ciphertext data to a second client through a pre-established data sharing network. The method comprises the steps that when a second client receives a data access request sent by a first client aiming at the second client, ciphertext data sent aiming at the second client are obtained; acquiring a public key of a first client, decrypting the ciphertext data based on the public key of the first client, and generating plaintext data after decryption is successful; acquiring data information required by a first client based on plaintext data, and determining an optimal asymmetric encryption algorithm according to the priority of each asymmetric encryption algorithm in the asymmetric encryption algorithm table and the high and low order of the priority; encrypting the data information required by the first client based on the public key of the first client and the optimal asymmetric encryption algorithm to generate encrypted data information; detecting whether data communication among a plurality of internal chips is invaded or not, collecting a current face image for authority authentication when the data communication among the plurality of internal chips is not invaded, and extracting private key data from a preset key database after the authentication is successful; encrypting the encrypted data information again based on the private key data and the optimal asymmetric encryption algorithm to generate secondarily encrypted data information; and responding the data information subjected to the secondary encryption to the first client through a pre-established data sharing network. When receiving a data response sent by a second client aiming at a first client, a first client acquires ciphertext data sent aiming at the first client; acquiring a public key of a second client, decrypting ciphertext data sent by the first client based on the public key of the second client, and obtaining decrypted data after decryption is successful; and secondarily decrypting the decrypted data based on the extracted private key data to generate plaintext data.
In one embodiment, when the first client executed by the processor detects plaintext data to be transmitted, the following steps are further executed: the first client connects to a pre-created data sharing network.
In one embodiment, when the processor detects plaintext data to be transmitted, the following steps are specifically performed: when the mode of detecting the plaintext data to be transmitted is a hardware mode, the first client acquires the plaintext data to be transmitted in real time through a flow probe; or when the mode of detecting the plaintext data to be transmitted is a software mode, acquiring the message information generated currently in real time through an application programming interface; analyzing the message information, and searching for an encryption identifier in the analyzed message information; and when the encryption identifier exists, acquiring plaintext data to be transmitted corresponding to the encryption identifier.
In one embodiment, when the processor executes the first client to obtain the priority of each asymmetric encryption algorithm in the asymmetric encryption algorithm table, the following steps are specifically executed: the first client acquires the set time indicated by each asymmetric encryption algorithm in the asymmetric encryption algorithm table; and determining the priority of each asymmetric encryption algorithm based on the time length from the set time to the current time.
In one embodiment, when the processor executes the first client to obtain the priority of each asymmetric encryption algorithm in the asymmetric encryption algorithm table, the following steps are specifically executed: the first client acquires the use frequency of each asymmetric encryption algorithm in the asymmetric encryption algorithm table; the priority of each asymmetric encryption algorithm is determined based on the frequency of use of each asymmetric encryption algorithm.
In one embodiment, a storage medium is provided that stores computer-readable instructions that, when executed by one or more processors, cause the one or more processors to perform the steps of: when detecting that plaintext data to be transmitted exists, a first client loads a preconfigured asymmetric encryption algorithm table; acquiring the priority of each asymmetric encryption algorithm in the asymmetric encryption algorithm table, and determining the optimal asymmetric encryption algorithm based on the high-low sequence of the priority; detecting whether data communication among a plurality of internal chips is invaded or not, collecting a current face image for authority authentication when the data communication among the plurality of internal chips is not invaded, and extracting private key data from a preset key database after the authentication is successful; encrypting the plaintext data to be transmitted based on the optimal asymmetric encryption algorithm and the private key data to generate ciphertext data; and sending the ciphertext data to a second client through a pre-established data sharing network. When receiving a data access request sent by a first client aiming at a second client, a second client acquires ciphertext data sent aiming at the second client; acquiring a public key of a first client, decrypting the ciphertext data based on the public key of the first client, and generating plaintext data after decryption is successful; acquiring data information required by a first client based on plaintext data, and determining an optimal asymmetric encryption algorithm based on the priority order of the asymmetric encryption algorithms in the asymmetric encryption algorithm table; encrypting the data information required by the first client based on the public key of the first client and the optimal asymmetric encryption algorithm to generate encrypted data information; detecting whether data communication among a plurality of internal chips is invaded or not, collecting a current face image for authority authentication when the data communication among the plurality of internal chips is not invaded, and extracting private key data from a preset key database after the authentication is successful; encrypting the encrypted data information again based on the private key data and the optimal asymmetric encryption algorithm to generate data information after secondary encryption; and responding the data information subjected to the secondary encryption to the first client through a pre-established data sharing network. When receiving a data response sent by a second client aiming at a first client, a first client acquires ciphertext data sent aiming at the first client; acquiring a public key of a second client, decrypting the ciphertext data sent by the first client based on the public key of the second client, and obtaining decrypted data after decryption is successful; and secondarily decrypting the decrypted data based on the extracted private key data to generate plaintext data.
In one embodiment, when the first client executed by the processor detects plaintext data to be transmitted, the following steps are further executed: the first client connects to a pre-created data sharing network.
In one embodiment, when the processor detects plaintext data to be transmitted, the following steps are specifically performed: when the mode of detecting the plaintext data to be transmitted is a hardware mode, the first client acquires the plaintext data to be transmitted in real time through a flow probe; or when the mode of detecting the plaintext data to be transmitted is a software mode, acquiring the message information generated currently in real time through an application programming interface; analyzing the message information, and searching the encrypted identifier in the analyzed message information; and when the encryption identifier exists, acquiring the plaintext data to be transmitted corresponding to the encryption identifier.
In one embodiment, when the processor executes the first client to obtain the priority of each asymmetric encryption algorithm in the asymmetric encryption algorithm table, the following steps are specifically executed: the first client acquires the set time indicated by each asymmetric encryption algorithm in the asymmetric encryption algorithm table; and determining the priority of each asymmetric encryption algorithm based on the time length from the set time to the current time.
In one embodiment, when the processor executes the first client to obtain the priority of each asymmetric encryption algorithm in the asymmetric encryption algorithm table, the following steps are specifically executed: the first client acquires the use frequency of each asymmetric encryption algorithm in the asymmetric encryption algorithm table; the priority of each asymmetric encryption algorithm is determined based on the frequency of use of each asymmetric encryption algorithm.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above may be implemented by a computer program, which may be stored in a computer readable storage medium, and when executed, may include the processes of the embodiments of the methods described above. The storage medium may be a non-volatile storage medium such as a magnetic disk, an optical disk, a Read-Only Memory (ROM), or a Random Access Memory (RAM).
All possible combinations of the technical features in the above embodiments may not be described for the sake of brevity, but should be considered as being within the scope of the present disclosure as long as there is no contradiction between the combinations of the technical features.
The above examples only show several embodiments of the present invention, and the description thereof is specific and detailed, but not to be construed as limiting the scope of the present invention. It should be noted that various changes and modifications can be made by those skilled in the art without departing from the spirit of the invention, and these changes and modifications are all within the scope of the invention. Therefore, the protection scope of the present patent shall be subject to the appended claims.
Claims (9)
1. A data transmission method is applied to a first client, and is characterized in that the method comprises the following steps:
when plaintext data to be transmitted is detected, loading a pre-configured asymmetric encryption algorithm table;
acquiring the priority of each asymmetric encryption algorithm in the asymmetric encryption algorithm table, and determining the optimal asymmetric encryption algorithm based on the high-low sequence of the priority;
detecting whether data communication among a plurality of internal chips is invaded or not, collecting a current face image for authority authentication when the data communication among the plurality of internal chips is not invaded, and extracting private key data from a preset key database after the authentication is successful;
encrypting the plaintext data to be transmitted based on the optimal asymmetric encryption algorithm and the private key data to generate ciphertext data;
sending the ciphertext data to a second client through a pre-established data sharing network; wherein the content of the first and second substances,
the data sharing network is in communication connection with a block chain network, and the private key data is stored in the block chain network;
the method further comprises the following steps:
when a response of the second client to the ciphertext data sent by the first client is received, acquiring the ciphertext data sent by the second client to the first client;
acquiring a public key of the second client, decrypting the ciphertext data sent by the second client aiming at the first client based on the public key of the second client, and obtaining decrypted data after the decryption is successful;
and secondarily decrypting the decrypted data based on the extracted private key data to generate plaintext data.
2. The method according to claim 1, wherein the obtaining the priority of each asymmetric encryption algorithm in the asymmetric encryption algorithm table, and determining the optimal asymmetric encryption algorithm based on the high-low order of the priority comprises:
analyzing the plaintext data to be transmitted, and determining the security level of the plaintext data to be transmitted;
and acquiring the asymmetric encryption algorithm corresponding to the current moment from the asymmetric encryption algorithm table based on the security level.
3. The method according to claim 1, wherein the manner of detecting the plaintext data to be transmitted comprises hardware detection or software detection;
detecting the plaintext data to be transmitted, including:
when the transmission mode of the plaintext data to be transmitted is detected to be a hardware mode, acquiring the plaintext data to be transmitted in real time through a flow probe; or alternatively
When detecting that the transmission mode of the plaintext data to be transmitted is a software mode, acquiring currently generated message information in real time through an application programming interface;
analyzing the message information, and searching whether an encryption identifier exists in the analyzed message information or not;
and when the encrypted identifier exists in the analyzed message information, acquiring plaintext data to be transmitted corresponding to the encrypted identifier from the message information.
4. The method of claim 1, wherein obtaining the priority of each asymmetric encryption algorithm in the asymmetric encryption algorithm table comprises:
acquiring the set time indicated by each asymmetric encryption algorithm in the asymmetric encryption algorithm table;
and determining the priority of each asymmetric encryption algorithm based on the time length from the set time indicated by each asymmetric encryption algorithm to the current time.
5. The method of claim 1, wherein obtaining the priority of each asymmetric encryption algorithm in the asymmetric encryption algorithm table comprises:
acquiring the use frequency of each asymmetric encryption algorithm in the asymmetric encryption algorithm table;
determining the priority of each asymmetric encryption algorithm based on the using frequency of each asymmetric encryption algorithm.
6. A data transmission method applied to a second client, the method comprising:
when a data access request sent by a first client aiming at a second client is received, acquiring ciphertext data sent by the first client aiming at the second client;
acquiring a public key of the first client, decrypting the ciphertext data based on the public key of the first client, and generating plaintext data after decryption is successful;
acquiring data information required by a first client based on the plaintext data, and loading an asymmetric encryption algorithm table;
determining a security level corresponding to the data information required by the first client;
acquiring an asymmetric encryption algorithm corresponding to the current moment from the asymmetric encryption algorithm table based on the security level;
encrypting the data information required by the first client based on the public key of the first client and the asymmetric encryption algorithm corresponding to the current moment to generate encrypted data information;
detecting whether data communication among a plurality of internal chips is invaded or not, collecting a current face image for authority authentication when the data communication among the plurality of internal chips is not invaded, and extracting second private key data from a preset key database after the authority authentication is successful;
encrypting the encrypted data information again based on the second private key data and the asymmetric encryption algorithm corresponding to the current moment to generate ciphertext data after secondary encryption;
responding the encrypted ciphertext data subjected to the secondary encryption to a first client through a pre-established data sharing network; wherein the content of the first and second substances,
the data sharing network is in communication connection with the block chain network, and the private key data is stored in the block chain network.
7. A data transmission apparatus, applied to a first client, the apparatus comprising:
the device comprises a to-be-transmitted data detection module, a data transmission module and a data transmission module, wherein the to-be-transmitted data detection module is used for loading a pre-configured asymmetric encryption algorithm table when plaintext data to be transmitted is detected;
the optimal asymmetric encryption algorithm determining module is used for acquiring the priority of each asymmetric encryption algorithm in the asymmetric encryption algorithm table and determining the optimal asymmetric encryption algorithm based on the high-low sequence of the priority;
the private key data extraction module is used for detecting whether data communication among a plurality of chips in the private key data extraction module is invaded, collecting a current face image for authority authentication when the data communication is not invaded, and extracting private key data from a preset key database after the authentication is successful;
the data encryption module is used for encrypting the plaintext data to be transmitted based on the optimal asymmetric encryption algorithm and the private key data to generate ciphertext data;
the ciphertext data sending module is used for sending the ciphertext data to a second client through a pre-established data sharing network; wherein the content of the first and second substances,
the data sharing network is in communication connection with a block chain network, and the private key data is stored in the block chain network;
the apparatus is further specifically configured to:
when a response of the second client to the ciphertext data sent by the first client is received, acquiring the ciphertext data sent by the second client to the first client;
acquiring a public key of the second client, decrypting the ciphertext data sent by the second client aiming at the first client on the basis of the public key of the second client, and obtaining decrypted data after the decryption is successful;
and secondarily decrypting the decrypted data based on the extracted private key data to generate plaintext data.
8. A terminal comprising a memory and a processor, the memory having stored therein computer readable instructions which, when executed by the processor, cause the processor to carry out the steps of the data transmission method according to any one of claims 1 to 6.
9. A storage medium having computer-readable instructions stored thereon which, when executed by one or more processors, cause the one or more processors to perform the steps of data transmission according to any one of claims 1 to 6.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011476863.8A CN112637166B (en) | 2020-12-15 | 2020-12-15 | Data transmission method, device, terminal and storage medium |
| PCT/CN2021/091116 WO2022126980A1 (en) | 2020-12-15 | 2021-04-29 | Data transmission method and apparatus, terminal, and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011476863.8A CN112637166B (en) | 2020-12-15 | 2020-12-15 | Data transmission method, device, terminal and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112637166A CN112637166A (en) | 2021-04-09 |
| CN112637166B true CN112637166B (en) | 2022-07-22 |
Family
ID=75313054
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011476863.8A Active CN112637166B (en) | 2020-12-15 | 2020-12-15 | Data transmission method, device, terminal and storage medium |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN112637166B (en) |
| WO (1) | WO2022126980A1 (en) |
Families Citing this family (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112637166B (en) * | 2020-12-15 | 2022-07-22 | 平安科技(深圳)有限公司 | Data transmission method, device, terminal and storage medium |
| CN113486380B (en) * | 2021-07-23 | 2023-04-11 | 西安万像电子科技有限公司 | Encryption method of text file |
| CN113852604A (en) * | 2021-08-13 | 2021-12-28 | 青岛海尔科技有限公司 | Plaintext data transmission method and apparatus, storage medium, and electronic apparatus |
| CN113688433A (en) * | 2021-09-01 | 2021-11-23 | 广州众诺电子技术有限公司 | Anti-cracking method and device for consumable chip, electronic equipment and computer-readable storage medium |
| CN114584300B (en) * | 2022-03-02 | 2024-02-02 | 中国科学院国家授时中心 | Encryption and decryption method and system for bidirectional time service |
| CN115001864B (en) * | 2022-07-27 | 2023-03-10 | 深圳市西昊智能家具有限公司 | Communication authentication method and device for intelligent furniture, computer equipment and storage medium |
| CN115567506A (en) * | 2022-08-08 | 2023-01-03 | 山东日照发电有限公司 | Data transmission method and system based on FTP (File transfer protocol) |
| CN116226886B (en) * | 2023-03-22 | 2024-02-09 | 中国移动通信集团广东有限公司 | Information security management method and system for software information system |
| CN116150796B (en) * | 2023-04-18 | 2023-12-08 | 安羚科技(杭州)有限公司 | Data protection method and device for data leakage prevention system |
| CN116155634B (en) * | 2023-04-23 | 2023-08-04 | 驿羚江苏大数据有限公司 | Charging process safety protection method and system based on SaaS mode |
| CN116436697B (en) * | 2023-06-07 | 2023-09-12 | 北京华云安信息技术有限公司 | Data transmission encryption and decryption method and device, electronic equipment and storage medium |
| CN116502251B (en) * | 2023-06-21 | 2024-04-16 | 东方空间技术(山东)有限公司 | Data encryption storage method, device, equipment and storage medium |
| CN116528042B (en) * | 2023-06-29 | 2023-10-27 | 深圳市巨龙创视科技有限公司 | Control method and system for remote camera |
| CN117390637B (en) * | 2023-09-28 | 2024-05-07 | 华能浙江能源销售有限责任公司 | Method and system for protecting safety of safety access area system |
| CN117650946A (en) * | 2024-01-29 | 2024-03-05 | 永鼎行远(南京)信息科技有限公司 | Method for trusted data exchange channel |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103001976A (en) * | 2012-12-28 | 2013-03-27 | 中国科学院计算机网络信息中心 | Safe network information transmission method |
| CN111614467A (en) * | 2020-04-29 | 2020-09-01 | 深圳奇迹智慧网络有限公司 | System backdoor defense method and device, computer equipment and storage medium |
Family Cites Families (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100561917C (en) * | 2004-06-04 | 2009-11-18 | 中兴通讯股份有限公司 | Select the method for cryptographic algorithm in a kind of wireless communication system |
| US8953786B2 (en) * | 2012-08-31 | 2015-02-10 | Tata Consultancy Services Limited | User input based data encryption |
| CN105069365A (en) * | 2015-06-30 | 2015-11-18 | 广东欧珀移动通信有限公司 | Data processing method and mobile terminal |
| CN106899562A (en) * | 2016-04-21 | 2017-06-27 | 中国移动通信有限公司研究院 | The secure algorithm negotiation method of Internet of Things, network element and internet-of-things terminal |
| CN107194237B (en) * | 2017-04-05 | 2020-04-03 | 百富计算机技术(深圳)有限公司 | Method and device for application program security authentication, computer equipment and storage medium |
| CN108880791A (en) * | 2018-05-30 | 2018-11-23 | 招商银行股份有限公司 | Cryptographic key protection method, terminal and computer readable storage medium |
| CN110166242B (en) * | 2019-05-22 | 2022-10-21 | 吉林亿联银行股份有限公司 | Message transmission method and device |
| CN111835511A (en) * | 2020-06-30 | 2020-10-27 | 平安国际智慧城市科技股份有限公司 | Data security transmission method and device, computer equipment and storage medium |
| CN112637166B (en) * | 2020-12-15 | 2022-07-22 | 平安科技(深圳)有限公司 | Data transmission method, device, terminal and storage medium |
-
2020
- 2020-12-15 CN CN202011476863.8A patent/CN112637166B/en active Active
-
2021
- 2021-04-29 WO PCT/CN2021/091116 patent/WO2022126980A1/en active Application Filing
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103001976A (en) * | 2012-12-28 | 2013-03-27 | 中国科学院计算机网络信息中心 | Safe network information transmission method |
| CN111614467A (en) * | 2020-04-29 | 2020-09-01 | 深圳奇迹智慧网络有限公司 | System backdoor defense method and device, computer equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2022126980A1 (en) | 2022-06-23 |
| CN112637166A (en) | 2021-04-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112637166B (en) | Data transmission method, device, terminal and storage medium | |
| US10200194B2 (en) | Theft and tamper resistant data protection | |
| US10747721B2 (en) | File management/search system and file management/search method based on block chain | |
| CN111538996B (en) | Trusted starting method and device of block chain all-in-one machine | |
| US10073980B1 (en) | System for assuring security of sensitive data on a host | |
| US20190222414A1 (en) | System and method for controlling usage of cryptographic keys | |
| CN111917540A (en) | Data encryption and decryption method and device, mobile terminal and storage medium | |
| CN111741268B (en) | Video transmission method, device, server, equipment and medium | |
| CN114285551A (en) | Quantum key distribution method and device, readable storage medium and electronic equipment | |
| US10635839B2 (en) | Fixed-location IoT device for protecting secure storage access information and method for protecting secure storage access information of fixed-location IoT device | |
| CN112733180A (en) | Data query method and device and electronic equipment | |
| CN114942729A (en) | Data safety storage and reading method for computer system | |
| CN107133517B (en) | Data recovery method based on data encryption and calculation in memory | |
| CN114745115A (en) | Information transmission method and device, computer equipment and storage medium | |
| CN117499159B (en) | Block chain-based data transaction method and device and electronic equipment | |
| CN115694843B (en) | Camera access management method, system, device and medium for avoiding counterfeiting | |
| US11972002B2 (en) | Method of logging in to operating system, electronic device and readable storage medium | |
| KR102113223B1 (en) | Secure data communication method and system | |
| US10902141B2 (en) | Method, software program product, device, and system for managing data flow from a cloud storage device | |
| CN118051934A (en) | Data management method and device for transformer substation and electronic equipment | |
| CN115883203A (en) | Compression encryption transmission method and device for power data and server | |
| CN117728947A (en) | Digital signature verification method and system based on cryptography | |
| CN112418853A (en) | Transaction data encryption method and device based on block chain | |
| CN112491921A (en) | Block chain-based distributed gateway data protection system and protection method | |
| CN112929342A (en) | Data checking method and device based on privacy protection and server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |