CN112839328A - Seal data verification method, client, server and storage medium - Google Patents
Seal data verification method, client, server and storage medium Download PDFInfo
- Publication number
- CN112839328A CN112839328A CN202110171155.1A CN202110171155A CN112839328A CN 112839328 A CN112839328 A CN 112839328A CN 202110171155 A CN202110171155 A CN 202110171155A CN 112839328 A CN112839328 A CN 112839328A
- Authority
- CN
- China
- Prior art keywords
- data
- bluetooth
- server
- seal
- client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W4/00—Services specially adapted for wireless communication networks; Facilities therefor
- H04W4/80—Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The embodiment of the invention discloses a seal contact data verification method, a client, a server and a storage medium. The method comprises the following steps: the client acquires LBS position information and Bluetooth joint sealing data of a user; carrying out AES and RSA mixed algorithm encryption on the LBS position information and the Bluetooth joint sealing data to obtain encrypted data; calculating the MD5 code of the encrypted data to be uploaded to a server when the network strength is lower than the preset strength, and uploading the complete data of the encrypted data to the server when the network strength is higher than the preset strength; the server verifies whether the complete data is complete and legal or not according to the pre-uploaded MD5 codes, and if so, decrypts the encrypted data by using an AES and RSA mixed algorithm to obtain LBS position information and Bluetooth joint seal data of the user; and judging whether the close contact between the users really occurs or not according to the LBS position information and the Bluetooth close contact data. The technical scheme of the embodiment of the invention solves the problems of secret leakage and verification of the authenticity of the secret data in the process of data transmission of the mobile phone secret application.
Description
Technical Field
The embodiment of the invention relates to the technical field of information security, in particular to a seal contact data verification method, a client, a server and a storage medium.
Background
With the continuous epidemic situation, the development of the close contact (hereinafter referred to as close contact) technology is ongoing, and it is a great trend to develop the related applications of the close contact technology and collect the corresponding close contact data. And the mobile phone application is fast and real-time through the network, so that the mobile phone becomes an excellent close contact application platform. In 2007, research based on application analysis disease transmission models exists, so the Bluetooth-based close contact data can also be used for training models and predicting results aiming at future epidemic transmission, and scientific data reference and various decision effect predictions are provided for health and epidemic departments. However, although the existing mobile phone application development technology is increasingly complete, a corresponding secret authentication encryption technology is not available, so that a lot of hidden dangers exist in the aspects of data transmission and data authentication, and the possibility of data counterfeiting and leakage exists. In order to solve the problem of disclosure of the mobile phone seal application in the data transmission process and the problem of verification of the authenticity of the seal data, a system for joint verification of the seal application by a client and a server needs to be developed.
Disclosure of Invention
The embodiment of the invention provides a seal connection data verification method, a client, a server and a storage medium, which are used for solving the problems of secret leakage and verification of the authenticity of seal connection data in the process of data transmission of a mobile phone seal connection application.
In a first aspect, an embodiment of the present invention provides a method for verifying seal contact data, including:
the method comprises the steps that a client side obtains LBS position information and Bluetooth joint sealing data of a user, wherein the Bluetooth joint sealing data comprise a Bluetooth joint sealing object MAC address, time when joint sealing occurs and Bluetooth strength data;
the client encrypts the LBS position information and the Bluetooth joint seal data by using an AES and RSA mixed algorithm to obtain encrypted data;
the client side calculates the MD5 code of the encrypted data to upload to the server when the network strength is lower than the preset strength, and uploads the complete data of the encrypted data to the server when the network strength is higher than the preset strength;
the server verifies whether the complete data is complete and legal or not according to the pre-uploaded MD5 codes, and if so, decrypts the encrypted data by using an AES and RSA mixed algorithm to obtain LBS position information and Bluetooth joint seal data of the user;
and the server judges whether the close contact between the users really occurs or not according to the LBS position information and the Bluetooth close contact data.
Optionally, before the client encrypts the LBS location information and the bluetooth close-contact data by using an AES and RSA mixed algorithm to obtain encrypted data, the method further includes:
the client preliminarily judges whether the close contact between the users occurs or not according to the LBS position information and the Bluetooth joint seal data;
if yes, carrying out AES and RSA mixed algorithm encryption on the LBS position information and the Bluetooth joint seal data to obtain encrypted data;
if not, discarding the LBS position information and the Bluetooth tight-joint data.
Optionally, the verifying, by the server, whether the complete data is complete and legal according to the pre-uploaded MD5 code includes:
and the server calculates whether the MD5 code of the complete data is consistent with the MD5 code which is uploaded in advance and stored in the server, if so, the complete data of the encrypted data uploaded by the client is considered to be complete and legal.
Optionally, when the network strength of the client is higher than the preset strength, the client uploads the complete data of the encrypted data to the server, further including:
and the client judges whether the connection with the server is overtime or not, if so, the connection with the server is interrupted, and the client tries again after the network condition is good.
Optionally, the server determines whether the close contact between the users really occurs according to the LBS location information and the bluetooth close contact data, including:
the server judges whether the time information of the two users for carrying out Bluetooth joint sealing is consistent; if yes, judging whether the LBS position information of the two users is consistent; if so, it is confirmed that intimate contact between the two users actually occurs.
Optionally, the determining whether the LBS location information of the two users is consistent includes:
confirming the physical distance between two users and the Bluetooth signal intensity; when the physical distance between the two users exceeds a preset distance and the Bluetooth communication intensity is higher than a preset intensity, determining that the data uploaded by the client side is wrong; and when the physical distance between the two users is matched with the Bluetooth communication intensity, the data uploaded by the client is determined to be correct.
Optionally, the LBS location information includes whether the location is successful, the longitude and latitude where the location module is located, and speed information.
In a second aspect, an embodiment of the present invention further provides a seal contact data verification client, including:
the data acquisition unit is used for acquiring LBS position information and Bluetooth joint sealing data of a user, wherein the Bluetooth joint sealing data comprises a Bluetooth joint sealing object MAC address, time when joint sealing occurs and Bluetooth strength data;
the data encryption unit is used for carrying out AES and RSA mixed algorithm encryption on the LBS position information and the Bluetooth close-contact data to obtain encrypted data;
and the data uploading unit is used for calculating the MD5 code of the encrypted data to be uploaded to the server when the network intensity is lower than the preset intensity, and uploading the complete data of the encrypted data to the server when the network intensity is higher than the preset intensity.
In a third aspect, an embodiment of the present invention further provides a seal contact data verification server, including:
the data verification unit is used for verifying whether the complete data is complete and legal or not according to the pre-uploaded MD5 code, and if so, decrypting the encrypted data by using an AES and RSA mixed algorithm to obtain LBS position information and Bluetooth joint seal data of the user;
and the close contact judging unit is used for judging whether the close contact between the users really occurs or not according to the LBS position information and the Bluetooth close contact data.
In a fourth aspect, an embodiment of the present invention further provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the seal data verification method described in any of the above embodiments.
According to the technical scheme of the embodiment of the invention, the Bluetooth-based seal technology is used, the AES and RSA mixed algorithm is used for encrypting the client data, the MD5 code is used for quickly uploading and performing consistency authentication on the data, and the LBS system and time information are combined for data verification, so that the problems of leakage of the mobile phone seal application in the data transmission process and verification of the authenticity of the seal data are solved.
Drawings
Fig. 1 is a schematic flow chart of a seal data verification method according to a first embodiment of the present invention;
fig. 2 is a schematic block diagram of a seal data verification client according to a second embodiment of the present invention;
fig. 3 is a block diagram of a seal data verification server according to a third embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention. It should be further noted that, for the convenience of description, only some of the structures related to the present invention are shown in the drawings, not all of the structures.
Before discussing exemplary embodiments in more detail, it should be noted that some exemplary embodiments are described as processes or methods depicted as flowcharts. Although a flowchart may describe the steps as a sequential process, many of the steps can be performed in parallel, concurrently or simultaneously. In addition, the order of the steps may be rearranged. The process may be terminated when its operations are completed, but may have additional steps not included in the figure. The processes may correspond to methods, functions, procedures, subroutines, and the like.
Furthermore, the terms "first," "second," and the like may be used herein to describe various orientations, actions, steps, elements, or the like, but the orientations, actions, steps, or elements are not limited by these terms. These terms are only used to distinguish one direction, action, step or element from another direction, action, step or element. For example, a first speed difference may be referred to as a second speed difference, and similarly, a second speed difference may be referred to as a first speed difference, without departing from the scope of the present application. The first speed difference and the second speed difference are both speed differences, but they are not the same speed difference. The terms "first", "second", etc. are not to be construed as indicating or implying a relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defined as "first" or "second" may explicitly or implicitly include one or more of that feature. In the description of the present invention, "a plurality" means at least two, e.g., two, three, etc., unless specifically limited otherwise.
Example one
Fig. 1 is a schematic flow chart of a seal contact data verification method according to an embodiment of the present invention, which is applicable to an epidemic seal contact data acquisition situation. The method of the embodiment of the invention can be executed by a seal data verification device, which can be realized by software and/or hardware, and can be generally integrated in a client or a server. Referring to fig. 1, a method for verifying seal data according to an embodiment of the present invention specifically includes the following steps:
step S110, the client acquires LBS position information and Bluetooth joint sealing data of the user, wherein the Bluetooth joint sealing data comprises a Bluetooth joint sealing object MAC address, time when joint sealing occurs and Bluetooth strength data.
Specifically, among the communication technologies for such short distances as close contact, the bluetooth wireless communication technology is a short-distance wireless communication technology which is very popular in the current mobile phone devices, and the MAC address of the device can be obtained through information transmitted through bluetooth connection, so that the bluetooth wireless communication technology is very suitable for a client communication mode which is closely applied. In order to verify the seal data, the data acquired by the client includes LBS location information of the user and bluetooth seal data. The client side scans the MAC addresses of other surrounding users through Bluetooth in a sealing way, packages and uploads the MAC addresses to the server, the server receives the data and compares the data with the MAC addresses of other users in the database, and if the data are other users, the sealing data are stored in the database. For LBS position information, the client collects the user position information through a GPS, and the LBS system is compared with a server map database to confirm that resources can be obtained in the resource area. Reading $ GPRMC field information in the GPS positioning information, wherein the field information comprises whether the positioning is successful, the longitude and latitude of the positioning module and speed information. And reading module LBS positioning information which only comprises the longitude and the latitude of the module positioning, and sending the collected information to a server. The location information of the user or the mobile object can be acquired in real time through an advanced location technology and transmitted to the LBS system. The LBS system saves these location information in the mobile object database and constructs a specific index to improve access efficiency. In addition, the LBS system also needs to retain some static GIS information. The user sends a service request to the LBS system and obtains the service. The LBS middleware is used as a software carrier between the service processing engine and the terminal user by the LBS system, specific technical details are hidden, and the functional module is encapsulated, so that the service is conveniently provided for the client.
And S120, the client encrypts the LBS position information and the Bluetooth seal joint data by using an AES and RSA mixed algorithm to obtain encrypted data.
Specifically, after acquiring LBS location information and bluetooth close contact data of the user, the client needs to upload the LBS location information and bluetooth close contact data to the server. In order to match data interaction between a client and a server, the encryption of LBS position information and Bluetooth seal data of a user by an AES and RSA mixed algorithm is a good choice, and the client data can be quickly, efficiently and safely encrypted by using an improved AES and RSA mixed encryption technology.
AES is currently the mainstream symmetric encryption algorithm, which is a new generation of data encryption standard following DES. The National Institute of Standards and Technology (NIST) issued in 1997 a new encryption standard for public announcements, and the Rijndael algorithm, filed by Daemen et al, belgium, was declared unmodified as the AES algorithm, which was verified to be the most secure and fast-running iterative block cipher algorithm of all candidate algorithms, in 2000. RSA is the most widely used asymmetric encryption algorithm, and it is characterized by high security, easy to implement, and can be used for both encrypting data and identity authentication.
A key expansion algorithm improved by the AES algorithm is briefly described below. The initial key is not changed, the first round of expanded keys are filled with a set of new keys irrelevant to the initial key, and key expansion is carried out by using the inherent algorithm of AES on the basis of the new keys until all sub-keys are generated. After such a change, an attacker cannot deduce all keys through a certain round of keys, since there is no relationship between the initial key and the extended key. If an exhaustive key attack is adopted, the seed key length is set to be k bits, the best case of the exhaustive key attack is 1, the worst case is 2k, and as the probability of each case is equal, the average complexity is as follows:
this key expansion algorithm makes it possible for an attacker to try 2255 possible keys on average. With current computing power, it takes at least hundreds of millions of years to complete such an exhaustive search. Therefore, the improved key expansion method is only a small part of changes on the original method, which not only overcomes the original potential safety hazard, but also ensures the program operation efficiency.
An improvement of the RSA algorithm is briefly described below. On the basis of the traditional double-prime RSA cryptographic algorithm, the prime number is taken as 4, which is described as follows:
a) randomly selecting four different large prime numbers p, q, r and s, and calculating:
n=pqrs,φ(n)=(p-1)(q-1)(r-1)(s-1)
b) and taking an encryption key, calculating a private key d meeting de ≡ 1mod phi (n) by e meeting a certain condition.
c) The encryption and decryption process is the same as that of the traditional algorithm, and still comprises the following steps:
and (3) encryption algorithm: c ═ e (m) memod n
And (3) decryption algorithm: m ═ d (c) ≡ cdmod n
By applying the Chinese remainder theorem, the digital signature of the message digest D can be converted into the following operation process:
a) calculate mp=D mod p,mq=D mod q,mr=D mod r,ms=D mod s;
b) Calculating dp=d mod(p-1),dq=d mod(q-1),dr=d mod(r-1),ds=d mod(s-1);
c) Calculating M1=mp d p mod p,M2=mq d q mod q,M3=mr d r mod r,M4=ms d s mod s;
d) Calculating S ═ M1(qrs)p-1+M2(prs)q-1+M3(pqs)r-1+M4(pqr)s-1) mod n, i.e.A signature S is derived.
In the calculation process, the traditional signature algorithm S is firstly changed into Ddmod n is converted to solve four congruence equations:
S≡Ddmod p,S≡Ddmod q,S≡Ddmod r and S ≡ Ddmod s
And solving by using the Chinese remainder theorem. When the multiplication inverse element is calculated, the Fermat theorem is applied: for any integer A not divisible by the prime number p, there is always Ap-11mod p, available Ap-1≡Ap-2mod p skillfully replaces the solution of one inverse element by a polynomial operation, and further improves the operation efficiency.
As an optional embodiment, before the client encrypts the LBS location information and the bluetooth close-contact data by using an AES and RSA hybrid algorithm to obtain encrypted data, the method further includes: the client preliminarily judges whether the close contact between the users occurs or not according to the LBS position information and the Bluetooth joint seal data; if yes, carrying out AES and RSA mixed algorithm encryption on the LBS position information and the Bluetooth joint seal data to obtain encrypted data; if not, discarding the LBS position information and the Bluetooth tight-joint data.
And step S130, the client calculates the MD5 code of the encrypted data to upload to the server when the network strength is lower than the preset strength, and uploads the complete data of the encrypted data to the server when the network strength is higher than the preset strength.
Specifically, when the client uploads data to the server, the situation that the network condition is not good may occur, which results in low uploading efficiency, and therefore, the use of the mature MD5 technology for consistency authentication in the present embodiment can effectively ensure that the timeliness of data is ensured under the condition of low information transmission amount, and consistency authentication can be performed after complete data is obtained. When the network intensity is lower than the preset intensity, only the MD5 code calculated by the client seal connection data is uploaded, so that the system can still be used under the condition of low network speed, the complete data of the encrypted data is tried to be uploaded again after the network transmission quality is recovered, and the consistency authentication is performed after the complete data is obtained, so that the application can normally operate without being kept in a high network environment all the time.
The principle of the MD5 code of the present embodiment is described below. The principle of the MD5 algorithm is to convert an arbitrary number finally into a 128-bit binary number. Data is padded to make the whole byte length after padding be n multiplied by 512, wherein n is a positive integer. The filling method is to fill the data first, and after the filling is finished, the data length before the filling is carried out on the back of the data. Thus, the padded data is exactly a multiple of 512 bits. After the data filling is finished, each 512-bit data packet is processed respectively, each data packet is divided into 16 32-bit byte blocks, then 4 32-bit link variables a, b, c and d are set, and the initial values are respectively:
a=0x67452301
b=0xefcdab89
c=0x98badcfe
d=0x10325476
and (3) performing cyclic operation by using a function G (a, b, c, d, m [ i ], k [ i ], s [ i ]), wherein the operation function comprises 4 rounds and 64 steps, and each round needs to perform step processing on 16 32-bit byte blocks divided by data groups. Wherein:
g (a, b, c, d, m [ i ], k [ i ], s [ i ]) represents:
a=b+((a+f(b,c,d)+m[i]+s[i])<<<k[i])
+ is modulo 32-bit addition;
k [ i ] and s [ i ] are defined constants;
m [ i ] are 16 32-bit message sub-packets divided by 512-bit message packets;
f (b, c, d) is a Boolean function, and the Boolean functions of 4 cycles are different.
And G (a, b, c, d) updates the chaining variable in a sequential loop of G (a, b, c, d), G (d, a, b, c), G (c, d, a, b) and G (b, c, d, a) in each round, namely each chaining variable is updated 4 times, and k [ i ], s [ i ] constants and Boolean formulas in the algorithm are obtained by Rivest through long-term experiments and researches, and the aim is to increase algorithm complexity and reduce collision.
After 64 steps of operation are completed, a, b, c, d are added modulo 32 bits to the original values, and then the next 512-bit packet is operated on. The final result is a 128-bit value concatenated with 4-bit 32-bit values, i.e., 32-bit 16-ary MD5 code.
As an optional embodiment, when the client uploads the complete data of the encrypted data to the server when the network strength is higher than the preset strength, the method further includes: and the client judges whether the connection with the server is overtime or not, if so, the connection with the server is interrupted, and the client tries again after the network condition is good.
And S140, the server verifies whether the complete data is complete and legal according to the pre-uploaded MD5 codes, and if so, decrypts the encrypted data by using an AES and RSA mixed algorithm to obtain LBS position information and Bluetooth joint seal data of the user.
Specifically, the server calculates whether the MD5 code of the complete data is consistent with the MD5 code uploaded in advance and stored in the server, and if so, the complete data of the encrypted data uploaded by the client is considered to be complete and legal. After the server confirms the authenticity of the encrypted data, the server decrypts the encrypted data by using an AES and RSA mixed algorithm to obtain LBS position information and Bluetooth seal data of the user.
And S150, the server judges whether the close contact between the users really occurs or not according to the LBS position information and the Bluetooth close contact data.
Specifically, the server obtains LBS position information and Bluetooth joint sealing data of a user, wherein the LBS position information comprises whether positioning is successful, longitude and latitude of a positioning module and speed information, and the Bluetooth joint sealing data comprises a Bluetooth joint sealing object MAC address, time when joint sealing occurs and Bluetooth strength data; the server judges whether the time information of the two users for carrying out Bluetooth joint sealing is consistent; if yes, judging whether the LBS position information of the two users is consistent; if so, it is confirmed that intimate contact between the two users actually occurs.
Wherein, the judging whether the LBS location information of the two users is consistent comprises: confirming the physical distance between two users and the Bluetooth signal intensity; when the physical distance between the two users exceeds a preset distance and the Bluetooth communication intensity is higher than a preset intensity, determining that the data uploaded by the client side is wrong; and when the physical distance between the two users is matched with the Bluetooth communication intensity, the data uploaded by the client is determined to be correct.
The technical scheme of the embodiment of the invention has obvious effects in the following aspects:
1. and (4) accuracy. Whether the close contact between users really occurs can be judged through LBS information and Bluetooth close contact data, and whether the close contact is in a close contact range can be judged through combining LBS information with time and combining Bluetooth strength data. Thereby improving the accuracy of the seal data.
2. And (4) safety. The encryption is carried out by using the AES and RSA mixed algorithm, decryption cannot be finished even if a public key is obtained, the confidentiality, integrity and non-repudiation of information in the transmission process are guaranteed, meanwhile, the safe transmission of a symmetric key is guaranteed, and the safety of information transmission of a client and a server is greatly improved.
3. And (6) reliability. After the integration of the data is completed locally, the client generates an MD5 code to be uploaded in advance, and the MD5 code is compared with the application data transmitted by the client after the server receives the application data, so that the reliability of data transmission is ensured.
4. And (4) stability. Under the environment of low network quality, the client side judges whether the time is out after the MD5 codes are transmitted, if the time is out, the transmission is stopped, and the uploading is tried again after the network transmission quality is recovered. So that the application does not need to be kept in a high network environment all the time to operate normally.
Example two
The seal connection data verification client provided by the embodiment of the invention can execute the seal connection data verification method provided by any embodiment of the invention, has corresponding functional modules and beneficial effects of the execution method, can be realized in a software and/or hardware (integrated circuit) mode, and can be generally integrated in terminal equipment. Fig. 2 is a schematic structural diagram of a seal data verification client 200 according to a second embodiment of the present invention. Referring to fig. 2, the seal data verification client 200 according to the embodiment of the present invention may specifically include:
a data acquiring unit 210, configured to acquire LBS location information and bluetooth close-contact data of a user, where the bluetooth close-contact data includes a bluetooth close-contact target MAC address, time when close contact occurs, and bluetooth intensity data;
the data encryption unit 220 is configured to encrypt the LBS location information and the bluetooth close-contact data by using an AES and RSA mixed algorithm to obtain encrypted data;
and the data uploading unit 230 is used for calculating the MD5 code of the encrypted data to be uploaded to the server when the network intensity is lower than the preset intensity, and uploading the complete data of the encrypted data to the server when the network intensity is higher than the preset intensity.
The technical scheme of the embodiment of the invention solves the problems of secret leakage and verification of the authenticity of the secret data in the process of data transmission of the mobile phone secret application.
EXAMPLE III
The contact seal data verification server provided by the embodiment of the invention can execute the contact seal data verification method provided by any embodiment of the invention, has corresponding functional modules and beneficial effects of the execution method, can be realized in a software and/or hardware (integrated circuit) mode, and can be generally integrated in terminal equipment. Fig. 3 is a schematic structural diagram of a seal data verification server 300 according to a third embodiment of the present invention. Referring to fig. 3, the seal contact data verification server 300 according to the embodiment of the present invention may specifically include:
the data verification unit 310 is configured to verify whether the complete data is complete and legal according to the MD5 code uploaded in advance, and if so, perform decryption of an AES and RSA hybrid algorithm on the encrypted data to obtain LBS location information and bluetooth close-contact data of the user;
and a close contact judging unit 320 for judging whether the close contact between the users really occurs according to the LBS location information and the bluetooth close contact data.
The technical scheme of the embodiment of the invention solves the problems of secret leakage and verification of the authenticity of the secret data in the process of data transmission of the mobile phone secret application.
Example four
An embodiment of the present invention further provides a storage medium containing computer-executable instructions, which when executed by a computer processor, are configured to perform a seal data verification method, where the method includes:
the method comprises the steps that a client side obtains LBS position information and Bluetooth joint sealing data of a user, wherein the Bluetooth joint sealing data comprise a Bluetooth joint sealing object MAC address, time when joint sealing occurs and Bluetooth strength data;
the client encrypts the LBS position information and the Bluetooth joint seal data by using an AES and RSA mixed algorithm to obtain encrypted data;
the client side calculates the MD5 code of the encrypted data to upload to the server when the network strength is lower than the preset strength, and uploads the complete data of the encrypted data to the server when the network strength is higher than the preset strength;
the server verifies whether the complete data is complete and legal or not according to the pre-uploaded MD5 codes, and if so, decrypts the encrypted data by using an AES and RSA mixed algorithm to obtain LBS position information and Bluetooth joint seal data of the user;
and the server judges whether the close contact between the users really occurs or not according to the LBS position information and the Bluetooth close contact data.
Of course, the storage medium provided by the embodiments of the present invention contains computer-executable instructions, and the computer-executable instructions are not limited to the operations of the method described above, and may also perform related operations in the seal contact data verification method provided by any embodiments of the present invention.
The computer-readable storage media of embodiments of the invention may take any combination of one or more computer-readable media. The computer readable medium may be a computer readable signal medium or a computer readable storage medium. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
A computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a storage medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or terminal. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
According to the technical scheme of the embodiment of the invention, the Bluetooth-based seal technology is used, the AES and RSA mixed algorithm is used for encrypting the client data, the MD5 code is used for quickly uploading and performing consistency authentication on the data, and the LBS system and time information are combined for data verification, so that the problems of leakage of the mobile phone seal application in the data transmission process and verification of the authenticity of the seal data are solved.
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present invention and the technical principles employed. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.
Claims (10)
1. A seal data verification method is characterized by comprising:
the method comprises the steps that a client side obtains LBS position information and Bluetooth joint sealing data of a user, wherein the Bluetooth joint sealing data comprise a Bluetooth joint sealing object MAC address, time when joint sealing occurs and Bluetooth strength data;
the client encrypts the LBS position information and the Bluetooth joint seal data by using an AES and RSA mixed algorithm to obtain encrypted data;
the client side calculates the MD5 code of the encrypted data to upload to the server when the network strength is lower than the preset strength, and uploads the complete data of the encrypted data to the server when the network strength is higher than the preset strength;
the server verifies whether the complete data is complete and legal or not according to the pre-uploaded MD5 codes, and if so, decrypts the encrypted data by using an AES and RSA mixed algorithm to obtain LBS position information and Bluetooth joint seal data of the user;
and the server judges whether the close contact between the users really occurs or not according to the LBS position information and the Bluetooth close contact data.
2. The seal contact data verification method according to claim 1, wherein before the client encrypts the LBS location information and the bluetooth seal contact data by using an AES and RSA hybrid algorithm to obtain encrypted data, the method further comprises:
the client preliminarily judges whether the close contact between the users occurs or not according to the LBS position information and the Bluetooth joint seal data;
if yes, carrying out AES and RSA mixed algorithm encryption on the LBS position information and the Bluetooth joint seal data to obtain encrypted data;
if not, discarding the LBS position information and the Bluetooth tight-joint data.
3. The seal contact data verification method according to claim 1, wherein the server verifies whether the integrity of the integrity data is legal according to the pre-uploaded MD5 code, and the verification method comprises the following steps:
and the server calculates whether the MD5 code of the complete data is consistent with the MD5 code which is uploaded in advance and stored in the server, if so, the complete data of the encrypted data uploaded by the client is considered to be complete and legal.
4. The seal contact data verification method according to claim 1, wherein when the client uploads the complete data of the encrypted data to the server when the network strength is higher than a preset strength, the method further comprises:
and the client judges whether the connection with the server is overtime or not, if so, the connection with the server is interrupted, and the client tries again after the network condition is good.
5. The seal contact data verification method according to claim 1, wherein the server determines whether the close contact between the users really occurs according to the LBS location information and the bluetooth seal contact data, comprising:
the server judges whether the time information of the two users for carrying out Bluetooth joint sealing is consistent; if yes, judging whether the LBS position information of the two users is consistent; if so, it is confirmed that intimate contact between the two users actually occurs.
6. The seal contact data verification method according to claim 5, wherein the determining whether the LBS location information of the two users is consistent comprises:
confirming the physical distance between two users and the Bluetooth signal intensity; when the physical distance between the two users exceeds a preset distance and the Bluetooth communication intensity is higher than a preset intensity, determining that the data uploaded by the client side is wrong; and when the physical distance between the two users is matched with the Bluetooth communication intensity, the data uploaded by the client is determined to be correct.
7. The seal data verification method according to claim 1, wherein the LBS location information includes whether the location was successful, the latitude and longitude of the location module, and speed information.
8. A seal data validation client, comprising:
the data acquisition unit is used for acquiring LBS position information and Bluetooth joint sealing data of a user, wherein the Bluetooth joint sealing data comprises a Bluetooth joint sealing object MAC address, time when joint sealing occurs and Bluetooth strength data;
the data encryption unit is used for carrying out AES and RSA mixed algorithm encryption on the LBS position information and the Bluetooth close-contact data to obtain encrypted data;
and the data uploading unit is used for calculating the MD5 code of the encrypted data to be uploaded to the server when the network intensity is lower than the preset intensity, and uploading the complete data of the encrypted data to the server when the network intensity is higher than the preset intensity.
9. A seal contact data verification server, comprising:
the data verification unit is used for verifying whether the complete data is complete and legal or not according to the pre-uploaded MD5 code, and if so, decrypting the encrypted data by using an AES and RSA mixed algorithm to obtain LBS position information and Bluetooth joint seal data of the user;
and the close contact judging unit is used for judging whether the close contact between the users really occurs or not according to the LBS position information and the Bluetooth close contact data.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the seal data verification method according to any one of claims 1 to 7.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110171155.1A CN112839328B (en) | 2021-02-08 | 2021-02-08 | Close-contact data verification method, client, server and storage medium |
| PCT/CN2021/119618 WO2022166214A1 (en) | 2021-02-08 | 2021-09-22 | Close contact data verification method, client, server, and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110171155.1A CN112839328B (en) | 2021-02-08 | 2021-02-08 | Close-contact data verification method, client, server and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112839328A true CN112839328A (en) | 2021-05-25 |
| CN112839328B CN112839328B (en) | 2023-07-14 |
Family
ID=75930933
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110171155.1A Active CN112839328B (en) | 2021-02-08 | 2021-02-08 | Close-contact data verification method, client, server and storage medium |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN112839328B (en) |
| WO (1) | WO2022166214A1 (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113795023A (en) * | 2021-09-26 | 2021-12-14 | 深圳市芯中芯科技有限公司 | Bluetooth data transmission encryption method based on chaotic sequence and block encryption |
| WO2022166214A1 (en) * | 2021-02-08 | 2022-08-11 | 南方科技大学 | Close contact data verification method, client, server, and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20180239313A1 (en) * | 2017-02-22 | 2018-08-23 | Stellar Vdc Residential, Llc | Building model with virtual capture of as built features and objective performance tracking |
| US20200029215A1 (en) * | 2008-06-06 | 2020-01-23 | Paypal, Inc. | Secure short message service (sms) communications |
| CN111601242A (en) * | 2020-05-20 | 2020-08-28 | 深圳市本示科技有限公司 | Epidemic prevention system for efficiently tracing close splicer by using Bluetooth technology |
| CN111627549A (en) * | 2020-05-26 | 2020-09-04 | 遵义医科大学 | Auxiliary system for infectious disease investigation |
| CN111711925A (en) * | 2020-06-04 | 2020-09-25 | 中国联合网络通信集团有限公司 | Method and device for judging close contact person |
| CN112203229A (en) * | 2020-09-25 | 2021-01-08 | 中国科学院计算技术研究所苏州智能计算产业技术研究院 | Short-distance epidemic propagation network construction method based on Bluetooth scanning |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102299747A (en) * | 2010-06-22 | 2011-12-28 | 上海云途信息技术有限公司 | Device, system and method for performing safe data communication based on sound waves |
| CN111918215A (en) * | 2020-06-30 | 2020-11-10 | 王云峰 | Method and system for tracking closely infected persons through Bluetooth |
| CN111984992B (en) * | 2020-07-31 | 2024-02-06 | 鹏城实验室 | Infectious disease tracking method, system and terminal equipment for preventing user leakage |
| CN112233808B (en) * | 2020-10-16 | 2023-01-20 | 深圳前海微众银行股份有限公司 | Method, device and storage medium for predicting infection risk |
| CN112839328B (en) * | 2021-02-08 | 2023-07-14 | 南方科技大学 | Close-contact data verification method, client, server and storage medium |
-
2021
- 2021-02-08 CN CN202110171155.1A patent/CN112839328B/en active Active
- 2021-09-22 WO PCT/CN2021/119618 patent/WO2022166214A1/en active Application Filing
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20200029215A1 (en) * | 2008-06-06 | 2020-01-23 | Paypal, Inc. | Secure short message service (sms) communications |
| US20180239313A1 (en) * | 2017-02-22 | 2018-08-23 | Stellar Vdc Residential, Llc | Building model with virtual capture of as built features and objective performance tracking |
| CN111601242A (en) * | 2020-05-20 | 2020-08-28 | 深圳市本示科技有限公司 | Epidemic prevention system for efficiently tracing close splicer by using Bluetooth technology |
| CN111627549A (en) * | 2020-05-26 | 2020-09-04 | 遵义医科大学 | Auxiliary system for infectious disease investigation |
| CN111711925A (en) * | 2020-06-04 | 2020-09-25 | 中国联合网络通信集团有限公司 | Method and device for judging close contact person |
| CN112203229A (en) * | 2020-09-25 | 2021-01-08 | 中国科学院计算技术研究所苏州智能计算产业技术研究院 | Short-distance epidemic propagation network construction method based on Bluetooth scanning |
Non-Patent Citations (1)
| Title |
|---|
| 徐睿: ""基于防篡改技术的电子签约服务平台"", 《计算机系统应用》 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2022166214A1 (en) * | 2021-02-08 | 2022-08-11 | 南方科技大学 | Close contact data verification method, client, server, and storage medium |
| CN113795023A (en) * | 2021-09-26 | 2021-12-14 | 深圳市芯中芯科技有限公司 | Bluetooth data transmission encryption method based on chaotic sequence and block encryption |
| CN113795023B (en) * | 2021-09-26 | 2024-03-19 | 深圳市芯中芯科技有限公司 | Bluetooth data transmission encryption method based on chaotic sequence and packet encryption |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2022166214A1 (en) | 2022-08-11 |
| CN112839328B (en) | 2023-07-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111639361B (en) | Block chain key management method, multi-person common signature method and electronic device | |
| CN108111301B (en) | Method and system for realizing SSH protocol based on post-quantum key exchange | |
| CN103763315B (en) | A kind of trust data access control method being applied to mobile device cloud storage | |
| KR101095239B1 (en) | Secure communications | |
| JP4981072B2 (en) | Method and system for decryptable and searchable encryption | |
| CN113691502B (en) | Communication method, device, gateway server, client and storage medium | |
| US20130159713A1 (en) | Authentication method | |
| Chikouche et al. | A privacy-preserving code-based authentication protocol for Internet of Things | |
| CN109347832A (en) | A kind of dynamic data sharing method, terminal device and proxy server | |
| CN112839328B (en) | Close-contact data verification method, client, server and storage medium | |
| CN111654481B (en) | Identity authentication method, identity authentication device and storage medium | |
| CN111079178B (en) | Method for desensitizing and backtracking trusted electronic medical record | |
| WO2014030706A1 (en) | Encrypted database system, client device and server, method and program for adding encrypted data | |
| US8954728B1 (en) | Generation of exfiltration-resilient cryptographic keys | |
| CN106549754A (en) | The method and apparatus of management key | |
| CN114079921B (en) | Session key generation method, anchor point function network element and system | |
| CN111669275A (en) | Master-slave cooperative signature method capable of selecting slave nodes in wireless network environment | |
| Oudah et al. | Lightweight Authentication Model for IoT Environments Based on Enhanced Elliptic Curve Digital Signature and Shamir Secret Share. | |
| CN115766119A (en) | Communication method, communication apparatus, communication system, and storage medium | |
| CN115001744A (en) | Cloud platform data integrity verification method and system | |
| KR101388452B1 (en) | Method of migrating certificate to mobile terminal using certificate transmission server based on one-time public information and apparatus using the same | |
| CN114760029A (en) | Identity authentication method and device | |
| Jun et al. | A novel mutual authentication and key agreement protocol based on NTRU cryptography for wireless communications | |
| CN113923029B (en) | Internet of things information encryption method based on ECC (error correction code) hybrid algorithm | |
| JP6404958B2 (en) | Authentication system, method, program, and server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |