CN113347144A - Method, system, equipment and storage medium for reciprocal data encryption - Google Patents
Method, system, equipment and storage medium for reciprocal data encryption Download PDFInfo
- Publication number
- CN113347144A CN113347144A CN202110398141.3A CN202110398141A CN113347144A CN 113347144 A CN113347144 A CN 113347144A CN 202110398141 A CN202110398141 A CN 202110398141A CN 113347144 A CN113347144 A CN 113347144A
- Authority
- CN
- China
- Prior art keywords
- key
- private key
- public key
- ciphertext
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 22
- 230000005055 memory storage Effects 0.000 claims 1
- 230000005540 biological transmission Effects 0.000 abstract description 6
- 238000010586 diagram Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 230000008569 process Effects 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/02—Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/141—Setup of application sessions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L69/00—Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
- H04L69/16—Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
- H04L69/161—Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields
- H04L69/162—Implementation details of TCP/IP or UDP/IP stack architecture; Specification of modified or new header fields involving adaptations of sockets based mechanisms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention belongs to the technical field of data encryption, and particularly discloses a method, a system, equipment and a storage medium for encrypting data in a reciprocal way. The method comprises the following steps: the cipher machine randomly forms two groups of key pairs through an encryption algorithm: the server receives the ciphertext, and decrypts the ciphertext through the private key A; the server encrypts the file through the public key B, and when the client receives the ciphertext, the client decrypts the file through the private key B. The invention provides a mode for storing index query data in a reciprocal way, which effectively prevents the data from being falsified and decoded in the data transmission process. The data security transmission and storage are effectively improved.
Description
Technical Field
The present application relates to the field of data encryption technologies, and in particular, to a method, a system, a device, and a storage medium for reciprocally encrypting data.
Background
With the popularization of computer technology application, computers play a significant role in production and life of people. Computers often suffer from various challenges during use, wherein security of various files on the computer is a very big challenge.
In order to ensure the security of the document, various effective encryption and decryption technologies have been developed. In the prior art, various encryption algorithms are often used to encrypt files in order to ensure the security of the files, so that the files are prevented from being illegally tampered to ensure the security of the files. But in the process of interaction between the user and the system, the user is inconvenienced, most obviously, the file data is prevented from being intercepted, the encryption system is enhanced, the user is complicated in decryption, and the working efficiency is reduced.
Therefore, providing a new data encryption method is a technical problem that needs to be solved urgently by those skilled in the art.
Disclosure of Invention
The invention aims to overcome the defect of complicated decryption in the prior art and provides a method, a system, equipment and a storage medium for encrypting data in a reciprocal way.
In a first aspect of the present invention, a method for reciprocally encrypting data is provided, including: the cipher machine randomly forms two groups of key pairs through an encryption algorithm: the server receives the ciphertext, and decrypts the ciphertext through the private key A; the server encrypts the file through the public key B, and when the client receives the ciphertext, the client decrypts the file through the private key B.
Further, the encryption algorithm is an SM2 asymmetric algorithm.
The further scheme is that the private key A, the public key A, the private key B and the public key B are sent to the server at the same time, the user side sends an http request to connect the server by using a socket protocol, receives the public key A and the private key B returned by the server, and stores the public key A and the private key B.
The invention provides a device for reciprocally encrypting data, which comprises a storage module, an encryption module, a cloud database, a receiving module and a sending module, wherein the storage module is used for storing a key pair and a ciphertext, the encryption module is used for generating a key pair private key A, a key pair public key A, a key pair private key B and a key pair public key B and encrypting a file by using an encryption algorithm, the sending module and the receiving module are respectively used for sending the ciphertext and receiving the ciphertext, and the cloud database is used for storing the key pair and the ciphertext.
Further, the encryption algorithm is an SM2 asymmetric algorithm.
The further scheme is that the sending module sends the private key A, the public key A, the private key B and the public key B to the cloud database at the same time, the storage module sends an http request to be connected with the cloud database by using a socket protocol, receives the public key A and the private key B returned by the cloud database, and stores the public key A and the private key B.
In a further scheme, the secret key pair stored in the cloud database is a private key A and a public key
The present invention provides a terminal device, including: a memory and a processor;
the memory is used for storing computer instructions; causing a processor to execute a method of reciprocally encrypting data as described in the first aspect or in a further aspect of the first aspect.
In a fourth aspect of the present invention, the present application provides a storage medium comprising: readable storage media and computer instructions, the computer instructions stored in the readable storage media; computer instructions for implementing a method of reciprocal encryption of data as described in the first aspect or in further aspects of the first aspect.
Compared with the prior art, the invention has the beneficial effects that:
(1) the invention provides a mode for storing index query data in a reciprocal way, which effectively prevents the data from being falsified and decoded in the data transmission process. The data security transmission and storage are effectively improved.
(2) The invention stores the key pair in the memory and the server database respectively, thereby avoiding the fussy decryption process and improving the working efficiency.
Drawings
The invention is illustrated and described only by way of example and not by way of limitation in the scope of the invention as set forth in the following drawings, in which:
FIG. 1: a method flow diagram of the invention;
FIG. 2: a key pair generation and storage logic block diagram;
FIG. 3: a data uploading logic block diagram;
FIG. 4: a data index query logic block diagram;
Detailed Description
In order to make the objects, technical solutions, design methods, and advantages of the present invention more apparent, the present invention will be further described in detail by specific embodiments with reference to the accompanying drawings. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
As shown in fig. 1, in a first aspect of the present invention, there is provided a method for reciprocally encrypting data, including the following steps:
s1: the cipher machine forms two pairs of key pairs, namely a public key A, a private key A, a public key B and a private key B through an encryption algorithm;
s2: sending the two groups of key pairs to a server simultaneously;
s3: the memory receives a public key A and a private key B returned by the server;
s4: the server stores the public key B and the private key A into a database;
s5: when the file needs to be transmitted to the server, the memory sends the ciphertext to the servers through the public key A, and the servers decrypt the ciphertext through the private key A to obtain the plaintext; when the file needs to be transmitted to the memory, the server encrypts the file through the public key B, the ciphertext is sent to the memory, and the memory decrypts the file through the private key B to obtain the plaintext.
Optionally, the encryption algorithm is an SM2 asymmetric algorithm.
Optionally, the private key a, the public key a, the private key B, and the public key B are sent to the server at the same time, the user sends an http request to connect to the server using a socket protocol, receives the public key a and the private key B returned by the server, and stores the public key a and the private key B.
The invention provides a device for reciprocally encrypting data, which comprises a storage module, an encryption module, a cloud database, a receiving module and a sending module, wherein the storage module is used for storing a key pair and a ciphertext, the encryption module is used for generating a key pair private key A, a key pair public key A, a key pair private key B and a key pair public key B and encrypting a file by using an encryption algorithm, the sending module and the receiving module are respectively used for sending the ciphertext and receiving the ciphertext, and the cloud database is used for storing the key pair and the ciphertext.
As shown in fig. 2-4, when the memory is manufactured, the cipher machine generates 2 sets of key pairs, a (public key a, private key a) and B (public key B, private key B), through sm2 asymmetric algorithm, two sets of key pairs are simultaneously sent to the server, the memory sends http request to connect the server by socket protocol, receives the (public key a, private key B) returned by the server and writes the http request into the memory of the memory, the server (public key B, private key a) is sent to the server by the cipher machine and stored into the database by the server, and the corresponding relation of the unique identification code of the memory is stored into the database. (https or built-in general public and private key can be used for encryption and decryption in the first transmission to obtain a one-to-one key pair, and the built-in general public and private key is abolished)
When the data index is queried, the storage Indexes1 to the original data.
The public key A is used for carrying out asymmetric encryption to become Indexes1A, and the Indexes1A is intercepted and cannot be decoded in the transmission process. And the server receives the Indexes1A, sends the private key A in the database and the Indexes1A to the cipher machine to carry out an asymmetric decryption analysis process, namely Indexes1 plaintext index, and returns the index to the server. Knowing the user behavior, finding the corresponding Data1 by indexing in the cloud database
The server sends Data1 and public key B to the cipher machine to be encrypted into Data1B, the memory uses private key B to be decrypted into Data1, and the memory obtains Data 1. Storage or other operations are performed.
The memory and the server store encrypted ciphertexts, any one end needs to be decrypted by the other end, and the server side needs to perform operation inside the cipher machine for encryption and decryption. The data can be identified. And when needed, the other end is decrypted to obtain the original data.
The terminal device of the embodiment of the present invention may be configured to execute the technical solution in the foregoing call processing method embodiment of the present application, and the implementation principle and the technical effect are similar, which are not described herein again.
An embodiment of the present invention further provides a computer-readable storage medium, where a computer executable instruction is stored in the computer-readable storage medium, and when the computer executable instruction is executed by a processor, the computer executable instruction is used to implement any one of the above methods for reciprocally encrypting data.
Having described embodiments of the present invention, the foregoing description is intended to be exemplary, not exhaustive, and not limited to the embodiments disclosed. Many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the described embodiments. The terminology used herein is chosen in order to best explain the principles of the embodiments, the practical application, or improvements made to the technology in the marketplace, or to enable others of ordinary skill in the art to understand the embodiments disclosed herein.
Claims (9)
1. A method for reciprocally encrypting data, comprising: the cipher machine randomly forms two groups of key pairs through an encryption algorithm: the server receives the ciphertext, and decrypts the ciphertext through the private key A; the server encrypts the file through the public key B, and when the client receives the ciphertext, the client decrypts the file through the private key B.
2. The method of claim 1, wherein the encryption algorithm is an SM2 asymmetric algorithm.
3. The method of claim 2, wherein the private key a, the public key a, the private key B, and the public key B are sent to the server at the same time, the client sends an http request to connect to the server using a socket protocol, receives the public key a and the private key B returned from the server, and stores the public key a and the private key B.
4. The utility model provides a device of reciprocal encrypted data, its characterized in that includes storage module, encryption module, high in the clouds database, receiving module, sending module, storage module is used for storing the secret key to and the ciphertext, encryption module is used for generating the secret key to private key A, public key A, private key B, public key B to and utilize the encryption algorithm to encrypt the file, sending module and receiving module are used for sending the ciphertext respectively and receive the ciphertext, the high in the clouds database is used for keeping the secret key to and the ciphertext.
5. The apparatus of claim 4, wherein the encryption algorithm is SM2 asymmetric algorithm.
6. The device for mutually inversely encrypting data according to claim 5, wherein the sending module sends the private key A, the public key A, the private key B and the public key B to the cloud database at the same time, the storage module sends an http request to connect the cloud database by using a socket protocol, receives the public key A and the private key B returned by the cloud database, and stores the public key A and the private key B.
7. The apparatus according to claim 6, wherein the key pair stored in the cloud database is a private key a and a public key.
8. An apparatus comprising a memory, a processor; wherein the memory storage is to store computer instructions; wherein the processor is configured to execute the computer instructions stored by the memory to implement the method of reciprocally encrypting data of any one of claims 1 to 3.
9. A storage medium, comprising: a readable storage medium and computer instructions stored in the readable storage medium; the computer instructions are for implementing the method of reciprocal encryption of data of any of claims 1 to 3.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110398141.3A CN113347144A (en) | 2021-04-14 | 2021-04-14 | Method, system, equipment and storage medium for reciprocal data encryption |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110398141.3A CN113347144A (en) | 2021-04-14 | 2021-04-14 | Method, system, equipment and storage medium for reciprocal data encryption |
Publications (1)
Publication Number | Publication Date |
---|---|
CN113347144A true CN113347144A (en) | 2021-09-03 |
Family
ID=77468054
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202110398141.3A Pending CN113347144A (en) | 2021-04-14 | 2021-04-14 | Method, system, equipment and storage medium for reciprocal data encryption |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN113347144A (en) |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1819590A (en) * | 2006-03-15 | 2006-08-16 | 万向钱潮股份有限公司 | Enciphering method of computer electronic documents |
JP2008236341A (en) * | 2007-03-20 | 2008-10-02 | Global Sign Kk | Server certificate issue system |
CN102917259A (en) * | 2012-10-31 | 2013-02-06 | 深圳市多尼卡电子技术有限公司 | Method, system and server for playing programs in encryption manner |
CN102948114A (en) * | 2010-06-21 | 2013-02-27 | 微软公司 | Single-use authentication methods for accessing encrypted data |
CN105141612A (en) * | 2015-09-01 | 2015-12-09 | 中国互联网络信息中心 | DNS (Domain Name System) data packet privacy protection method |
CN108848108A (en) * | 2018-07-25 | 2018-11-20 | 贵州电网有限责任公司 | Based on mobile Internet+innovation item PDCA process management platform |
CN111565107A (en) * | 2020-07-14 | 2020-08-21 | 腾讯科技(深圳)有限公司 | Key processing method and device based on cloud service platform and computer equipment |
-
2021
- 2021-04-14 CN CN202110398141.3A patent/CN113347144A/en active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1819590A (en) * | 2006-03-15 | 2006-08-16 | 万向钱潮股份有限公司 | Enciphering method of computer electronic documents |
JP2008236341A (en) * | 2007-03-20 | 2008-10-02 | Global Sign Kk | Server certificate issue system |
CN102948114A (en) * | 2010-06-21 | 2013-02-27 | 微软公司 | Single-use authentication methods for accessing encrypted data |
CN102917259A (en) * | 2012-10-31 | 2013-02-06 | 深圳市多尼卡电子技术有限公司 | Method, system and server for playing programs in encryption manner |
CN105141612A (en) * | 2015-09-01 | 2015-12-09 | 中国互联网络信息中心 | DNS (Domain Name System) data packet privacy protection method |
CN108848108A (en) * | 2018-07-25 | 2018-11-20 | 贵州电网有限责任公司 | Based on mobile Internet+innovation item PDCA process management platform |
CN111565107A (en) * | 2020-07-14 | 2020-08-21 | 腾讯科技(深圳)有限公司 | Key processing method and device based on cloud service platform and computer equipment |
Non-Patent Citations (1)
Title |
---|
FACOME: "客户端和服务端通信加解密", 《百度网页,HTTPS://BLOG.CSDN.NET/FACOME/ARTICLE/DETAILS/53400951》 * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10785019B2 (en) | Data transmission method and apparatus | |
US11706026B2 (en) | Location aware cryptography | |
WO2019174187A1 (en) | Blockchain-based method for message communication between multiple terminals, terminal and storage medium | |
US8239679B2 (en) | Authentication method, client, server and system | |
US6125185A (en) | System and method for encryption key generation | |
CN114329599B (en) | Data query method and device and storage medium | |
CN112311865B (en) | File encryption transmission method and device | |
CN111565107B (en) | Key processing method and device based on cloud service platform and computer equipment | |
WO2014130038A1 (en) | Security systems and methods | |
CN113347143B (en) | Identity verification method, device, equipment and storage medium | |
CN107465665A (en) | A kind of file encryption-decryption method based on fingerprint identification technology | |
CN109684129B (en) | Data backup recovery method, storage medium, encryption machine, client and server | |
CN107315967B (en) | Data matching method and device and computer readable storage medium | |
CN104967693A (en) | Document similarity calculation method facing cloud storage based on fully homomorphic password technology | |
CN104158880A (en) | User-end cloud data sharing solution | |
CN115580402B (en) | Data hiding query method for secure multi-party computation | |
CN204180095U (en) | A kind of ciphering and deciphering device for network data encryption transmission | |
CN109005184A (en) | File encrypting method and device, storage medium, terminal | |
CN114584278A (en) | Data homomorphic encryption method and device and data transmission method and device | |
Olumide et al. | A hybrid encryption model for secure cloud computing | |
WO2020042023A1 (en) | Instant messaging data encryption method and apparatus | |
CN209881821U (en) | Intelligent identity recognition system based on 5G network | |
CN109726584B (en) | Cloud database key management system | |
WO2016078382A1 (en) | Hsm enciphered message synchronization implementation method, apparatus and system | |
WO2018054144A1 (en) | Method, apparatus, device and system for dynamically generating symmetric key |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20210903 |