CN114866242A - Dynamic encryption method, device and medium based on random key and symmetric encryption - Google Patents
Dynamic encryption method, device and medium based on random key and symmetric encryption Download PDFInfo
- Publication number
- CN114866242A CN114866242A CN202210786715.9A CN202210786715A CN114866242A CN 114866242 A CN114866242 A CN 114866242A CN 202210786715 A CN202210786715 A CN 202210786715A CN 114866242 A CN114866242 A CN 114866242A
- Authority
- CN
- China
- Prior art keywords
- encryption algorithm
- symmetric encryption
- random
- random key
- symmetric
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0866—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3297—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2463/00—Additional details relating to network architectures or network communication protocols for network security covered by H04L63/00
- H04L2463/121—Timestamp
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a dynamic encryption method, equipment and medium based on random key and symmetric encryption, wherein the method comprises the following steps: responding to the detection that the terminal equipment establishes connection with a server, sending a random encryption algorithm sequence and a random key to the terminal equipment, and establishing a corresponding relation between a unique identification code of the terminal equipment and the random encryption algorithm sequence and the random key; receiving first information uploaded by the terminal equipment; determining the random encryption algorithm sequence and the random key according to the unique identification code of the terminal equipment; determining a symmetric encryption algorithm for encrypting the ciphertext according to the timestamp and the encryption algorithm sequence; and decrypting the ciphertext according to the determined random key and a symmetric encryption algorithm for encrypting the ciphertext. The method does not limit the operation of the terminal equipment client side to depend on the environment and the system type, and has universality; and the data communication security is high.
Description
Technical Field
The invention belongs to the technical field of encrypted communication, and particularly relates to a dynamic encryption method, equipment and medium based on a random key and symmetric encryption.
Background
With the increase of unsafe factors on the internet, the password security and the file security of various applications become important components of system security. Especially for large corporations and confidential document transfers over networks, there is a need for more efficient encryption schemes. The consequences are extremely serious if confidential information is intercepted or stolen. Therefore, various encryption methods are provided, and the difficulty of interception and decryption is greatly increased. The partial encryption method enables the information to be still unable to be cracked if the information is partially leaked, for example, the encrypted ciphertext is unreadable even if the encrypted ciphertext is obtained by a hacker, the encrypted ciphertext cannot be cracked without a key of a receiver, and the bidding document becomes a large pile of messy codes without any practical significance, so that the loss is avoided even if the bidding document is stolen.
The existing encryption scheme is mainly based on a certain symmetric encryption algorithm and a secret key agreed by both communication parties for communication, and the dynamic encryption usually adopts single issuing of the dynamic secret key for communication. Common basic symmetric encryption algorithms are: DES algorithm, 3DES algorithm, AES algorithm, etc.
For example:
in the patent with publication number CN1909447A, it is mentioned that a dynamic encryption algorithm is issued to a client, and after receiving a dynamic encryption algorithm execution module, the client checks the validity of a client program and the dynamic encryption algorithm, executes the dynamic encryption algorithm execution module, extracts an encryption and decryption function hidden therein, and encrypts and decrypts a data packet according to an actual rule in the dynamic encryption algorithm. The method has the following defects: the method requires the terminal device to load the algorithm module program, limits the operating environment of the client to support the algorithm module program to operate, and has no universality. And no limitation is made on the client, and once the content of the algorithm module is illegally stolen by the network, a larger security problem is easily caused.
A dynamic confidentiality method based on UDP is mentioned in patent publication No. CN 110266477A: when the UDP client is started, a thread of a command port is firstly established, a password request message is sent to the server, when the server receives the password request message of the client, a password is returned to the client, the client receives a dynamic password of the server, and a data port and normal interactive data information of the server are established. The method has the following defects: the security of the subsequent data after the information is stolen under the condition that the communication is established cannot be ensured. I.e. once the communication is established, all other contents of the communication in the current connection may already be deciphered after the key has been deciphered by others.
Disclosure of Invention
The invention provides a dynamic encryption method, equipment and medium based on a random key and symmetric encryption, aiming at solving the problems that the existing communication method has requirements on the operating environment of terminal equipment and the security is not high after the key is cracked.
The invention is realized by the following technical scheme:
the invention provides an encryption method based on a random key and a symmetric encryption algorithm, which is suitable for a server side to use, and the method comprises the following steps:
responding to the detection that the terminal equipment is connected with a server, sending a random encryption algorithm sequence and a random key to the terminal equipment, and establishing a corresponding relation between a unique identification code of the terminal equipment, the random encryption algorithm sequence and the random key, wherein the random encryption algorithm sequence comprises at least two symmetric encryption algorithms which are set in a system and the sequence of all symmetric encryption algorithms in the at least two symmetric encryption algorithms;
receiving first information uploaded by the terminal equipment, wherein the first information comprises a ciphertext and a timestamp, the ciphertext is generated by encrypting according to a symmetric encryption algorithm and the random secret key, and the symmetric encryption algorithm is a symmetric encryption algorithm determined from the at least two symmetric encryption algorithms according to the timestamp and the random encryption algorithm sequence;
determining the random encryption algorithm sequence and the random key according to the unique identification code of the terminal equipment;
determining a symmetric encryption algorithm for encrypting the ciphertext according to the timestamp and the encryption algorithm sequence;
and decrypting the ciphertext according to the determined random key and a symmetric encryption algorithm for encrypting the ciphertext. .
In one possible design, the determining a symmetric encryption algorithm to encrypt the ciphertext according to the sequence of encryption algorithms based on the timestamp includes:
dividing the timestamp by the number of the set symmetric encryption algorithms in the system and then taking the remainder to obtain a remainder;
and determining the symmetric encryption algorithm for encrypting the ciphertext according to the remainder and the sequencing of all symmetric encryption algorithms.
In one possible design, before the responding to the detection that the terminal device establishes the connection with the server, the method further includes:
receiving registration information of the terminal equipment, wherein the registration information comprises a unique identification code of the terminal equipment;
and storing the unique identification code of the terminal equipment after the registration information is approved.
In one possible design, the receiving first information uploaded by the terminal device then further includes:
and judging the validity of the first information according to the timestamp.
In one possible design, the decrypting the ciphertext according to the determined random key and a symmetric encryption algorithm that encrypts the ciphertext further includes:
and encrypting the information to be issued by adopting the determined random key and a symmetric encryption algorithm for encrypting the ciphertext and then sending the encrypted information to the terminal.
The second aspect of the present invention provides an encryption method based on a random key and a symmetric encryption algorithm, the method is suitable for a terminal device, and the method comprises the following steps:
acquiring a random encryption algorithm sequence and a random key sent by a server, wherein the random encryption algorithm sequence comprises at least two symmetric encryption algorithms which are set in the server and the sequence of all symmetric encryption algorithms in the at least two symmetric encryption algorithms;
determining a symmetric encryption algorithm according to a timestamp and an encryption algorithm sequence;
encrypting the information to be transmitted by adopting the determined symmetric encryption algorithm and the random key to generate a ciphertext;
and sending the ciphertext and the time stamp to a server.
In one possible design, the determining a symmetric encryption algorithm according to a time stamp, a sequence of encryption algorithms, includes:
dividing a timestamp by the number of symmetric encryption algorithms in the random encryption algorithm sequence, and then taking the remainder to obtain a remainder;
and determining the symmetric encryption algorithm according to the remainder and the sequence of all the symmetric encryption algorithms.
In one possible design, the sending the ciphertext and the timestamp to a server further includes:
acquiring second information issued by a server;
and decrypting the second information by adopting the determined symmetric encryption algorithm and the random key.
A third aspect of the present invention provides a dynamic encryption device based on a random key and a symmetric encryption algorithm, including a memory and a controller, which are sequentially connected in a communication manner, where the memory stores a computer program thereon, and the controller is configured to read the computer program and execute an encryption method based on the random key and the symmetric encryption algorithm as described in the first aspect, the second aspect, and any one of the possibilities.
A fourth aspect of the present invention provides a computer-readable storage medium having stored thereon instructions which, when run on a computer, perform an encryption method based on a random key and a symmetric encryption algorithm as described in the first aspect, the second aspect, and any one of their possibilities.
Compared with the prior art, the invention at least has the following advantages and beneficial effects:
1. according to the dynamic encryption method, the terminal equipment does not need to load an algorithm module, the operation dependence environment and the system type of the client side of the terminal equipment are not limited, and the method has universality.
2. The dynamic encryption method ensures that the same terminal equipment is in different points due to the fact that the encryption algorithm sequence and the random key are periodically updated, the adopted symmetric encryption algorithm and the random key are different, and data communication safety is high.
3. The dynamic encryption method ensures that different symmetric encryption algorithms and random keys exist under the condition of the same timestamp by different terminal equipment due to the randomness of the keys and the sequencing and number randomness of the encryption algorithm sequences; the timestamp is added in the whole method to determine the symmetric encryption algorithm, so that the possibility of obtaining server data by a replay request is extremely low even if the encryption algorithm and the random key are decoded or obtained by other means, and the data communication safety is high.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the drawings without creative efforts.
FIG. 1 is a flow chart of the present invention.
Detailed Description
The invention is further described with reference to the following figures and specific embodiments. It should be noted that the description of the embodiments is provided to help understanding of the present invention, but the present invention is not limited thereto. Specific structural and functional details disclosed herein are merely illustrative of example embodiments of the invention. This invention may, however, be embodied in many alternate forms and should not be construed as limited to the embodiments set forth herein.
It should be understood that, for the term "and/or" as may appear herein, it is merely an associative relationship that describes an associated object, meaning that three relationships may exist, e.g., a and/or B may mean: a exists alone, B exists alone, and A and B exist at the same time; for the term "/and" as may appear herein, which describes another associative object relationship, it means that two relationships may exist, e.g., a/and B, may mean: a exists independently, and A and B exist independently; in addition, for the character "/" that may appear herein, it generally means that the former and latter associated objects are in an "or" relationship.
It should be understood that specific details are provided in the following description to facilitate a thorough understanding of example embodiments. However, it will be understood by those of ordinary skill in the art that the example embodiments may be practiced without these specific details. For example, systems may be shown in block diagrams in order not to obscure the examples in unnecessary detail. In other instances, well-known processes, structures and techniques may not be shown in unnecessary detail to avoid obscuring the examples.
The invention discloses an encryption method based on a random key and a symmetric encryption algorithm in a first aspect, and relates to a method of a server side and a method used by a terminal equipment side for data communication with the server. The server can be intelligent equipment such as intelligent mobile terminal, panel, computer, intelligent remote controller, and terminal equipment can be intelligent equipment such as cell-phone, computer, intelligent wearing equipment, unmanned aerial vehicle. Specifically, as shown in fig. 1, the dynamic encryption method includes the following steps S101 to S105.
And S101, storing the unique identification code of the terminal equipment in a server side. The unique identification code is an identification of the terminal equipment reporting identification and represents the uniqueness of the terminal equipment reporting identification. The unique identification code can be a UUID of the terminal device client, a hardware ID of the terminal device, a unique identification number in client software or a unique identification number in hardware.
The server stores the unique identification code of the terminal device in a variety of forms.
Firstly, the unique identification code is extracted and stored in the server when the terminal device leaves the factory, and only qualified terminal devices and the server are allowed to exchange information by adopting the mode.
Secondly, the terminal device retains the unique identification code at the server end by adopting a registration mode, and when the mode is adopted, all terminal devices needing to communicate with the server need to register own information at the server. The terminal equipment sends registration information to the server, the registration information comprises the unique identification code of the terminal equipment, and after the server receives the information and the manual examination is passed, the unique identification code of the terminal equipment is stored.
And S102, sending the random encryption algorithm sequence and the random key of the server side to the terminal equipment.
After the unique identification code of the terminal equipment is stored in the server, once the terminal equipment is connected with the server through the unique identification code, the server detects that the terminal equipment is connected with the server and the unique identification code is locally existed, a random encryption algorithm sequence and a random key are sent to the terminal equipment, and the corresponding relation between the unique identification code of the terminal equipment and the random encryption algorithm sequence and the random key is established. The random encryption algorithm sequence comprises at least two symmetric encryption algorithms which are set in the server and the terminal equipment system and the sequence of all the symmetric encryption algorithms in the at least two symmetric encryption algorithms; for example, the system is set to 3 basic symmetric encryption algorithms, including DES algorithm, 3DES algorithm, AES algorithm, in this case, the encryption algorithm sequence may be two or 3 selected from the 3 symmetric encryption algorithms and sorted. The example is given by taking the terminal device a and the server to communicate, selecting 3 symmetric encryption algorithms, and taking the random sequence of the algorithms as DES algorithm, 3DES algorithm and AES algorithm as an example.
The random key here may be generated randomly by the UUID. In order to improve the security of data communication, after the terminal device is connected with the server, the server may send a random encryption algorithm sequence and a random key to the terminal device in a periodic updating manner. In an updating period, the corresponding relation between the unique identification code of the terminal equipment accessed to the server, the random encryption algorithm sequence and the random secret key is kept unchanged.
The server randomly issues encryption algorithm sequences and keys with indefinite quantity and order to the terminal equipment, so that the encryption algorithms and keys of different terminal equipment at the same time are different, and the communication safety degree is ensured to a greater extent.
And S103, determining a terminal equipment end symmetric encryption algorithm and encrypting information.
The symmetric encryption algorithm determines: and after the terminal equipment acquires a random encryption algorithm sequence and a random key sent by the server, determining a symmetric encryption algorithm according to a timestamp and the encryption algorithm sequence. The timestamp here may be a corresponding timestamp of the encryption algorithm sequence and the random key sent by the server and received by the terminal device, or may be any variation on the timestamp, for example, a time length is added or subtracted to the timestamp. Specifically, the timestamp can be a 13-bit long timestamp, which is a storage manner called epoch time in a computer, that is, the number of milliseconds of the current time from Unix epoch (1970-01-0100: 00:00) is stored, and the current time needs to be converted into UTC.
Dividing the timestamp determined by the random mode by the number of the symmetric encryption algorithms in the random encryption algorithm sequence to obtain a remainder; and determining the symmetric encryption algorithm according to the remainder and the sequence of all the symmetric encryption algorithms. For example, taking the above example of selecting 3 symmetric encryption algorithms and their ordering, the number of symmetric encryption algorithms in the encryption algorithm sequence is 3, if the remainder is 0 at this time, the determined symmetric encryption algorithm is a DES algorithm according to the positive order, if the remainder is 1, the determined symmetric encryption algorithm is a 3DES algorithm, and so on, if the remainder is 2, the determined symmetric encryption algorithm is an AES algorithm; if the remainder is 0 at the moment according to the reverse order, determining that the symmetric encryption algorithm is an AES algorithm, if the remainder is 1, determining that the symmetric encryption algorithm is a 3DES algorithm, and repeating the above steps, and if the remainder is 2, determining that the symmetric encryption algorithm is a DES algorithm. The steps involved later in this scheme are all described in positive order with the remainder being 0. At this time, the determined symmetric encryption algorithm is a DES algorithm. The symmetric encryption algorithm is determined based on the timestamp, and different algorithms are guaranteed to exist at different times even if the same terminal equipment is used. Due to the fact that the number and the sequence of the encryption algorithm sequences are different, different terminal devices are guaranteed, and even if the same time stamp is used, different algorithms can be achieved.
Information encryption: and after encrypting the information to be transmitted by adopting the determined symmetric encryption algorithm and the random key to generate a ciphertext, sending the ciphertext and the timestamp to a server.
And step S104, the server determines a symmetric encryption algorithm corresponding to the ciphertext uploaded by the terminal equipment. Specifically, the step includes steps S1041 to S1044.
Step S1041, the server receives the ciphertext and the timestamp uploaded by the terminal device, and because there are many terminal devices connected to the server, although the server sends the encryption algorithm sequence and the random key to the terminal device, the symmetric encryption algorithm adopted by each terminal device may be different, and at this time, after receiving the ciphertext, to implement decryption, it is necessary to determine the type of the symmetric encryption algorithm corresponding to the ciphertext first. Specifically, the server receives first information uploaded by the terminal device, where the first information includes the ciphertext generated in step S103 and the corresponding timestamp, and in this step, the terminal device still maintains connection with the server through the unique identifier. In the step, the validity of the first information can be verified according to the timestamp, if the timestamp exceeds the time threshold of the server, the message is judged to be illegal, and the subsequent steps are finished; if the first information is legal, the subsequent steps are continued. The information validity is verified through the timestamp, so that the divulgence caused by network request truncation analysis can be prevented.
Step S1042, determining the random encryption algorithm sequence and the random key according to the unique identification code of the terminal equipment. The server stores the corresponding relation between the unique identification code of the terminal equipment and the random encryption algorithm sequence and the random secret key, and the terminal equipment is still connected with the server through the unique identification code, so that the encryption algorithm sequence and the random secret key corresponding to the terminal equipment A can be identified through the unique identification code.
And S1043, determining a symmetric encryption algorithm for encrypting the ciphertext according to the time stamp and the encryption algorithm sequence. The step is the same as the method for determining the symmetric encryption algorithm at the terminal equipment end, and the received timestamp is divided by the number of the symmetric encryption algorithms in the random encryption algorithm sequence to obtain a remainder; and determining the symmetric encryption algorithm according to the remainder and the sequence of all the symmetric encryption algorithms. After the remainder is obtained, whether the symmetric encryption algorithm is determined according to a positive sequence or a reverse sequence is adopted, and the server side and the terminal equipment side need to be unified. Similarly, the symmetric encryption algorithm determined by the server side is also the DES algorithm.
And S1044, decrypting the ciphertext according to the determined random key and the symmetric encryption algorithm for encrypting the ciphertext.
And S105, communication between the server and the terminal equipment. This step is performed during an update period after the symmetric encryption algorithm is determined.
The server can encrypt the second information to be issued by adopting the determined random key and the symmetric encryption algorithm for encrypting the ciphertext and then send the encrypted second information to the terminal. Namely, in an updating period, the server and the terminal device A adopt a DES algorithm and a corresponding random key to carry out encryption and decryption communication.
And after receiving the second information, the terminal equipment decrypts the second information by adopting the determined symmetric encryption algorithm and the random key. That is, at this time, the terminal device a decrypts the second information by using the DES algorithm and the corresponding random key.
By adopting the dynamic encryption method, in the communication process, the keys and encryption algorithms of different equipment terminals are random and not fixed and unchangeable; in addition, in a complete communication process of the same terminal equipment, the key and the encryption algorithm are random; the data security is high in the communication process. The encryption algorithm is determined by combining the encryption algorithm sequence sent by the server with the timestamp factor, and dynamic keys and algorithms also appear during the communication process after the link is established, so that the safety of data communication is further improved.
In the whole method, the encryption algorithm is different along with the change of system time in a complete communication process, and meanwhile, the terminal equipment is pre-registered, but the operation of a client of the terminal equipment is not limited to depend on the environment and the system type, so that the method has universality and sufficient safety.
The method is adopted to realize data communication, and the encryption algorithm sequence and the random key are periodically updated, so that the same terminal equipment is ensured to be different in point, and the adopted symmetric encryption algorithm is different from the random key; due to the randomness of the secret key and the sequencing of the encryption algorithm sequences and the randomness of the number, different symmetric encryption algorithms and random secret keys can be ensured to exist in different terminal equipment under the condition of the same timestamp. The timestamp is added in the whole method for determining the symmetric encryption algorithm, so that the possibility that the replay request obtains the server data is extremely low even if the encryption algorithm and the random key are decoded or obtained by other means.
The second aspect of the invention discloses a dynamic encryption device based on a random key and a symmetric encryption algorithm, which comprises a memory and a controller which are sequentially connected in a communication manner, wherein the memory is stored with a computer program, and the controller is used for reading the computer program and executing the encryption method based on the random key and the symmetric encryption algorithm related to a server side or a terminal device side in the first aspect. For example, the Memory may include, but is not limited to, a Random-Access Memory (RAM), a Read-Only Memory (ROM), a Flash Memory (Flash Memory), a First-in First-out (FIFO), a First-in Last-out (FILO), and/or the like; the processor may not be limited to the use of a microprocessor of the model number STM32F105 family. Furthermore, the computer device may also include, but is not limited to, a power supply unit, a display screen, and other necessary components.
A third aspect of the present invention provides a computer-readable storage medium, which stores instructions that, when executed on a computer, perform the encryption method based on a random key and a symmetric encryption algorithm, referred to in the first aspect as the server side or the terminal device side.
The above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: modifications may be made to the embodiments described above, or equivalents may be substituted for some of the features described. And such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (10)
1. An encryption method based on a random key and a symmetric encryption algorithm, which is suitable for a server side, and comprises the following steps:
responding to the detection that the terminal equipment is connected with a server, sending a random encryption algorithm sequence and a random key to the terminal equipment, and establishing a corresponding relation between a unique identification code of the terminal equipment, the random encryption algorithm sequence and the random key, wherein the random encryption algorithm sequence comprises at least two symmetric encryption algorithms which are set in a system and the sequence of all symmetric encryption algorithms in the at least two symmetric encryption algorithms;
receiving first information uploaded by the terminal equipment, wherein the first information comprises a ciphertext and a timestamp, the ciphertext is generated by encrypting according to a symmetric encryption algorithm and the random key, and the symmetric encryption algorithm is a symmetric encryption algorithm determined from the at least two symmetric encryption algorithms according to the timestamp and the random encryption algorithm sequence;
determining the random encryption algorithm sequence and the random key according to the unique identification code of the terminal equipment;
determining a symmetric encryption algorithm for encrypting the ciphertext according to the timestamp and the encryption algorithm sequence;
and decrypting the ciphertext according to the determined random key and a symmetric encryption algorithm for encrypting the ciphertext.
2. The encryption method according to claim 1, wherein the determining a symmetric encryption algorithm for encrypting the ciphertext according to the time stamp and the encryption algorithm sequence comprises:
dividing the timestamp by the number of the set symmetric encryption algorithms in the system and then taking the remainder to obtain a remainder;
and determining the symmetric encryption algorithm for encrypting the ciphertext according to the remainder and the sequencing of all symmetric encryption algorithms.
3. The encryption method based on random key and symmetric encryption algorithm according to claim 1, wherein before responding to the detection that the terminal device establishes the connection with the server, the method further comprises:
receiving registration information of the terminal equipment, wherein the registration information comprises a unique identification code of the terminal equipment;
and storing the unique identification code of the terminal equipment after the registration information is approved.
4. The encryption method based on random key and symmetric encryption algorithm according to claim 1, wherein said receiving the first information uploaded by the terminal device further comprises:
and judging the validity of the first information according to the timestamp.
5. The encryption method according to claim 1, wherein the decrypting the ciphertext according to the determined random key and the symmetric encryption algorithm for encrypting the ciphertext further comprises:
and encrypting the information to be issued by adopting the determined random key and a symmetric encryption algorithm for encrypting the ciphertext and then sending the encrypted information to the terminal.
6. An encryption method based on a random key and a symmetric encryption algorithm is characterized in that the method is suitable for a terminal device side, and the method comprises the following steps:
acquiring a random encryption algorithm sequence and a random key sent by a server, wherein the random encryption algorithm sequence comprises at least two symmetric encryption algorithms which are set in the server and the sequence of all symmetric encryption algorithms in the at least two symmetric encryption algorithms;
determining a symmetric encryption algorithm according to a timestamp and an encryption algorithm sequence;
encrypting the information to be transmitted by adopting the determined symmetric encryption algorithm and the random key to generate a ciphertext;
and sending the ciphertext and the time stamp to a server.
7. The encryption method based on random key and symmetric encryption algorithm according to claim 6, wherein said determining the symmetric encryption algorithm according to the time stamp and the encryption algorithm sequence comprises:
dividing a timestamp by the number of symmetric encryption algorithms in the random encryption algorithm sequence, and then taking the remainder to obtain a remainder;
and determining the symmetric encryption algorithm according to the remainder and the sequence of all the symmetric encryption algorithms.
8. The encryption method according to claim 6, wherein the sending the ciphertext and the timestamp to a server further comprises:
acquiring second information issued by a server;
and decrypting the second information by adopting the determined symmetric encryption algorithm and the random key.
9. A dynamic encryption device based on a random key and a symmetric encryption algorithm comprises a memory and a controller which are sequentially connected in a communication manner, wherein a computer program is stored on the memory, and the dynamic encryption device is characterized in that: the controller is adapted to read the computer program and execute an encryption method based on a random key and a symmetric encryption algorithm according to any one of claims 1 to 8.
10. A computer-readable storage medium having instructions stored thereon, characterized in that: when the instructions are run on a computer, an encryption method based on a random key and a symmetric encryption algorithm according to any one of claims 1 to 8 is performed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210786715.9A CN114866242A (en) | 2022-07-06 | 2022-07-06 | Dynamic encryption method, device and medium based on random key and symmetric encryption |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210786715.9A CN114866242A (en) | 2022-07-06 | 2022-07-06 | Dynamic encryption method, device and medium based on random key and symmetric encryption |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114866242A true CN114866242A (en) | 2022-08-05 |
Family
ID=82626128
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210786715.9A Withdrawn CN114866242A (en) | 2022-07-06 | 2022-07-06 | Dynamic encryption method, device and medium based on random key and symmetric encryption |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114866242A (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100423507C (en) * | 2006-12-06 | 2008-10-01 | 胡祥义 | VPN system based on dynamic encryption algorithm |
| CN108737326A (en) * | 2017-04-14 | 2018-11-02 | 北京京东尚科信息技术有限公司 | Method, system, device and electronic equipment for carrying out token authentication |
| CN108809940A (en) * | 2018-05-04 | 2018-11-13 | 四川理工学院 | Network system server interacts encryption method with client |
-
2022
- 2022-07-06 CN CN202210786715.9A patent/CN114866242A/en not_active Withdrawn
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100423507C (en) * | 2006-12-06 | 2008-10-01 | 胡祥义 | VPN system based on dynamic encryption algorithm |
| CN108737326A (en) * | 2017-04-14 | 2018-11-02 | 北京京东尚科信息技术有限公司 | Method, system, device and electronic equipment for carrying out token authentication |
| CN108809940A (en) * | 2018-05-04 | 2018-11-13 | 四川理工学院 | Network system server interacts encryption method with client |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109347835B (en) | Information transmission method, client, server, and computer-readable storage medium | |
| AU707639B2 (en) | Root key compromise recovery | |
| CN101404576B (en) | Network resource query method and system | |
| CN114024710B (en) | Data transmission method, device, system and equipment | |
| CN105656859B (en) | Tax control equipment software safety online upgrading method and system | |
| US8527762B2 (en) | Method for realizing an authentication center and an authentication system thereof | |
| CN112019541B (en) | Data transmission method and device, computer equipment and storage medium | |
| CN101772024B (en) | User identification method, device and system | |
| CN109800588B (en) | Dynamic bar code encryption method and device and dynamic bar code decryption method and device | |
| CN110933484A (en) | Management method and device of wireless screen projection equipment | |
| CN111080299B (en) | Anti-repudiation method for transaction information, client and server | |
| CN113225352A (en) | Data transmission method and device, electronic equipment and storage medium | |
| CN113542428B (en) | Vehicle data uploading method and device, vehicle, system and storage medium | |
| CN109729000B (en) | Instant messaging method and device | |
| RU2454708C2 (en) | Method of realising status monitoring mechanism in communication session between server and client system | |
| CN113347143A (en) | Identity authentication method, device, equipment and storage medium | |
| US10999073B2 (en) | Secure network communication method | |
| JPH06318939A (en) | Cipher communication system | |
| CN115473655B (en) | Terminal authentication method, device and storage medium for access network | |
| CN114386049A (en) | Encryption method, decryption method, device and equipment | |
| CN106972928B (en) | Bastion machine private key management method, device and system | |
| CN112995140B (en) | Safety management system and method | |
| CN114866242A (en) | Dynamic encryption method, device and medium based on random key and symmetric encryption | |
| CN114417309A (en) | Bidirectional identity authentication method, device, equipment and storage medium | |
| KR101256114B1 (en) | Message authentication code test method and system of many mac testserver |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20220805 |
|
| WW01 | Invention patent application withdrawn after publication |