CN116633677B - Associated encryption method and system for batch transaction data - Google Patents
Associated encryption method and system for batch transaction data Download PDFInfo
- Publication number
- CN116633677B CN116633677B CN202310819436.2A CN202310819436A CN116633677B CN 116633677 B CN116633677 B CN 116633677B CN 202310819436 A CN202310819436 A CN 202310819436A CN 116633677 B CN116633677 B CN 116633677B
- Authority
- CN
- China
- Prior art keywords
- data
- initial key
- transaction data
- sequence
- current data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 40
- 239000011159 matrix material Substances 0.000 claims description 25
- 238000004590 computer program Methods 0.000 claims description 16
- 230000005540 biological transmission Effects 0.000 claims description 6
- 230000008569 process Effects 0.000 abstract description 10
- 230000000694 effects Effects 0.000 abstract description 6
- 230000001351 cycling effect Effects 0.000 abstract description 4
- 238000010586 diagram Methods 0.000 description 8
- 230000006870 function Effects 0.000 description 5
- 238000004891 communication Methods 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 4
- 230000001010 compromised effect Effects 0.000 description 3
- 238000006467 substitution reaction Methods 0.000 description 3
- 238000006073 displacement reaction Methods 0.000 description 2
- 239000004973 liquid crystal related substance Substances 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000002708 enhancing effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/068—Network architectures or network communication protocols for network security for supporting key management in a packet data network using time-dependent keys, e.g. periodically changing keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
- H04L9/16—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms the keys or algorithms being changed during operation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The application relates to a method and a system for associated encryption of batch transaction data, which are characterized in that a plurality of groups of transaction data established in an initial key and a target time period are obtained; sorting the plurality of groups of transaction data based on the initial key to obtain a first data sequence; then encrypting a first set of transaction data in the first data sequence based on the initial key, then generating a new initial key based on the first set of transaction data, then encrypting a second set of transaction data with the new initial key, then generating a new initial key based on the second set of transaction data, and cycling through the process such that all transaction data is encrypted. The application completes the encryption of batch transaction data based on an initial key, and the keys of each group of transaction data are different, so that the encryption effect is good. The sender and the receiver only need to determine one secret key, so that the secret key is easy to keep secret, and the risk of secret key leakage is reduced.
Description
Technical Field
The application relates to the technical field of encryption, in particular to a method and a system for associated encryption of batch transaction data.
Background
During a financial transaction, a large amount of transaction data may be generated. The transaction data contains a large amount of privacy information such as identity information, account information, transaction amount information and the like, so that the transaction data needs to be encrypted to protect the security of the transaction data when the transaction data is transmitted.
In the prior art, for a batch of transaction data, it is common practice to encrypt and then transmit each individual set of transaction data. However, in this encryption method, the sender and the receiver need to agree on a large number of keys in advance, and the risk of disclosure is easily generated by the large number of keys. However, if the same key is used to encrypt each set of transaction data, once the key is compromised, all transaction data can be decrypted by the compromised key, again risking compromise.
Disclosure of Invention
In view of the above, the present application is to provide a method and a system for encrypting batch transaction data, so as to solve the technical problems in the prior art.
In order to achieve the above purpose, the present application adopts the following technical scheme:
the application relates to a related encryption method for batch transaction data, which comprises the following steps:
acquiring an initial key and a plurality of groups of transaction data established in a target time period, wherein each group of transaction data is generated when a corresponding transaction task is executed;
sorting the plurality of groups of transaction data based on the initial key to obtain a first data sequence;
taking a first group of transaction data of the first data sequence as current data, and encrypting the current data based on the initial key to obtain ciphertext of the current data; generating a new initial key based on the current data, taking the next transaction data of the current data as new current data, and encrypting the new current data based on the new initial key to obtain a ciphertext of the new current data; updating the current data based on the new current data, updating the initial key based on the new initial key, and returning to generating the new initial key based on the current data until the encryption of the plurality of groups of transaction data is completed.
In an embodiment of the present application, further includes:
marking the establishment time of each group of transaction data on a corresponding ciphertext to obtain a marked ciphertext;
and disturbing the sequence of the plurality of marked ciphertexts, and transmitting the plurality of marked ciphertexts after the disorder to the target object.
In an embodiment of the present application, the length of the initial key is n, and each digit of the initial key is different, where the sorting the multiple sets of transaction data based on the initial key, to obtain a first data sequence includes:
sorting the multiple groups of transaction data based on the establishment time to obtain a second data sequence;
dividing the second data sequence based on the length n of the initial key to obtain a plurality of data blocks, wherein each data block comprises n data blocks;
determining the corresponding relation between the size ranking of each element in the initial key and the actual position, and determining the time ranking of each transaction data in each database;
and determining the actual position of the transaction data in each data block based on the corresponding relation and the establishment time ranking, and obtaining a first data sequence.
In one embodiment of the present application, generating a new initial key based on the current data includes:
converting the current data into a digital sequence based on an ASCII code comparison table, wherein the digital sequence adopts hexadecimal;
when the number of bits of the digital sequence is n, the digital sequence is used as a new initial password; when the number of bits of the digital sequence is smaller than n, zero padding is performed after the digital sequence, so that the number of bits of the digital sequence is n, and a new initial key is obtained; and when the number of the digits of the digit sequence is greater than n, the first n digits are taken to obtain a new initial key.
In an embodiment of the present application, the current data is encrypted based on the initial key to obtain a ciphertext of the current data:
converting the current data into digital plaintext based on an ASCII code comparison table, converting the digital plaintext into a plaintext matrix, and converting the initial key into a key matrix;
and executing an AES encryption algorithm based on the plaintext matrix and the password matrix to obtain ciphertext of the current data.
In an embodiment of the present application, sending the multiple scrambled mark ciphertexts to the target object includes:
acquiring a current available channel;
and when the number of the current available channels is multiple, distributing the multiple mark ciphertexts subjected to the scrambling to multiple available signals for transmission, so as to transmit the multiple mark ciphertexts subjected to the scrambling to a target object.
In an embodiment of the present application, the digital plaintext and the initial key are each 128 bits in length, and the plaintext matrix and the key matrix are each 4*4 matrices.
The application also provides a related encryption system of batch transaction data, which comprises the following steps:
the system comprises an acquisition module, a storage module and a processing module, wherein the acquisition module is used for acquiring an initial key and a plurality of groups of transaction data established in a target time period, each group of transaction data is generated when a corresponding transaction task is executed, and the initial key is randomly generated;
the ordering module is used for ordering the plurality of groups of transaction data based on the initial key to obtain a first data sequence;
the encryption module is used for encrypting the current data based on the initial key by taking the first group of transaction data of the first data sequence as the current data to obtain ciphertext of the current data; generating a new initial key based on the current data, taking the next transaction data of the current data as new current data, and encrypting the new current data based on the new initial key to obtain a ciphertext of the new current data; updating the current data based on the new current data, updating the initial key based on the new initial key, and returning to generating the new initial key based on the current data until the encryption of the plurality of groups of transaction data is completed.
The present application also provides a storage medium in which a computer program is stored which, when loaded and executed by a processor, implements an associated encryption method for batch transaction data as described above.
The present application also provides an electronic device including: a processor and a memory; wherein the memory is used for storing a computer program; the processor is configured to load and execute the computer program to cause the electronic device to perform an associated encryption method for batch transaction data as described above.
The beneficial effects of the application are as follows: according to the related encryption method and system for batch transaction data, a plurality of groups of transaction data established in an initial key and a target time period are obtained; sorting the plurality of groups of transaction data based on the initial key to obtain a first data sequence; then encrypting a first set of transaction data in the first data sequence based on the initial key, then generating a new initial key based on the first set of transaction data, then encrypting a second set of transaction data with the new initial key, then generating a new initial key based on the second set of transaction data, and cycling through the process such that all transaction data is encrypted. The application completes the encryption of batch transaction data based on an initial key, and the keys of each group of transaction data are different, so that the encryption effect is good. The sender and the receiver only need to determine one secret key, so that the secret key is easy to keep secret, and the risk of secret key leakage is reduced.
Drawings
The application is further described below with reference to the accompanying drawings and examples:
FIG. 1 is a flow chart of a method of associated encryption of bulk transaction data in accordance with one embodiment of the present application;
FIG. 2 is a schematic diagram illustrating a process of encrypting a first data sequence according to an embodiment of the present application;
FIG. 3 is a block diagram of an associated encryption system for bulk transaction data, in accordance with one embodiment of the present application;
fig. 4 shows a schematic diagram of a computer system suitable for use in implementing an embodiment of the application.
Detailed Description
Other advantages and effects of the present application will become apparent to those skilled in the art from the following disclosure, which describes the embodiments of the present application with reference to specific examples. The application may be practiced or carried out in other embodiments that depart from the specific details, and the details of the present description may be modified or varied from the spirit and scope of the present application. It should be noted that the following embodiments and features in the embodiments may be combined with each other without conflict.
It should be noted that the illustrations provided in the following embodiments merely illustrate the basic concept of the present application by way of illustration, and only the layers related to the present application are shown in the drawings and are not drawn according to the number, shape and size of the layers in actual implementation, and the form, number and proportion of the layers in actual implementation may be arbitrarily changed, and the layer layout may be more complex.
In the following description, numerous details are discussed to provide a more thorough explanation of embodiments of the present application, however, it will be apparent to one skilled in the art that embodiments of the present application may be practiced without these specific details.
FIG. 1 is a flow chart of a method of associated encryption of bulk transaction data, as shown in FIG. 1, in accordance with one embodiment of the present application: the related encryption method for batch transaction data of the present embodiment may include steps S110 to S130:
s110, acquiring an initial key and a plurality of groups of transaction data established in a target time period, wherein each group of transaction data is generated when a corresponding transaction task is executed;
the transaction data refers to data generated when a transaction is performed, and may include transaction person identification information, transaction article information, transaction amount information, payment account information, collection account information, transaction quantity information, receipt information, and the like. This information contains a lot of private information, so that encryption is required during transmission.
S120, sorting the multiple groups of transaction data based on the initial key to obtain a first data sequence;
s130, taking a first group of transaction data of the first data sequence as current data, and encrypting the current data based on the initial key to obtain ciphertext of the current data; generating a new initial key based on the current data, taking the next transaction data of the current data as new current data, and encrypting the new current data based on the new initial key to obtain a ciphertext of the new current data; updating the current data based on the new current data, updating the initial key based on the new initial key, and returning to generating the new initial key based on the current data until the encryption of the plurality of groups of transaction data is completed.
In step S120, a plurality of sets of transaction data are ordered by using a numerical distribution rule inside the initial key generated randomly, so as to obtain a first data sequence containing sequence information.
Fig. 2 is a schematic flow chart of encrypting a first data sequence according to an embodiment of the present application, as shown in fig. 2, in step S130, the first data sequence is encrypted with an initial key, that is:
(1) Encrypting a first group of transaction data in a first data sequence by using an initial key to obtain a ciphertext corresponding to the first group of transaction data;
(2) Then generating a new initial key by using the first group of transaction data, and encrypting the second group of transaction data by using the new initial key to obtain ciphertext corresponding to the second group of transaction data:
(3) Generating a new initial key by using the second group of transaction data, and encrypting the third group of transaction data by using the new initial key to obtain a ciphertext corresponding to the second group of transaction data;
the above process is repeated until all transaction data is encrypted.
In this embodiment, through the above encryption process, except for the first set of transaction data, the secret key of the ciphertext is hidden in the plaintext of the previous transaction data, after the receiving party receives the ciphertext, the receiving party sorts the secret keys according to the rules on the secret key, then decrypts the first ciphertext by using the secret key agreed in advance, and then obtains the secret key of the next ciphertext, and sequentially decrypts the secret keys according to the sequence.
In an embodiment of the present application, further includes:
marking the establishment time of each group of transaction data on a corresponding ciphertext to obtain a marked ciphertext;
and disturbing the sequence of the plurality of marked ciphertexts, and transmitting the plurality of marked ciphertexts after the disorder to the target object.
Since the ciphertext in the application requires the initial key and the sequence information, the ciphertext in the application needs to be sent after a plurality of ciphertexts are disordered when being sent. In addition, since the order of the plaintext cannot be represented in the ciphertext, information that can identify the order is marked in the ciphertext so that the receiving side can successfully decrypt the ciphertext. In this embodiment, the order is represented by the setup time.
In order to further enhance the confidentiality of the present application, the method for transmitting the multiple marked ciphertexts after the scrambling to the target object includes:
acquiring a current available channel;
and when the number of the current available channels is multiple, distributing the multiple mark ciphertexts subjected to the scrambling to multiple available signals for transmission, so as to transmit the multiple mark ciphertexts subjected to the scrambling to a target object.
The application adopts a plurality of channels to send the ciphertext, if part of the channels leak, part of the ciphertext is marked to leak, and the initial key leaks carelessly at the same time, under the condition. As long as the marked ciphertext is not all compromised, the keys cannot be used to sort, nor can the original key be used to decrypt the ciphertext. Thereby further ensuring the safety of the data and enhancing the confidentiality of the data in the transmission process.
In an embodiment of the present application, the length of the initial key is n, and each digit of the initial key is different, where the sorting the multiple sets of transaction data based on the initial key, to obtain a first data sequence includes:
sorting the multiple groups of transaction data based on the establishment time to obtain a second data sequence;
dividing the second data sequence based on the length n of the initial key to obtain a plurality of data blocks, wherein each data block comprises n data blocks;
determining the corresponding relation between the size ranking of each element in the initial key and the actual position, and determining the time ranking of each transaction data in each database;
and determining the actual position of the transaction data in each data block based on the corresponding relation and the establishment time ranking, and obtaining a first data sequence.
In this embodiment, firstly, multiple sets of transaction data are ordered by establishing time to obtain a second data sequence, then the second data sequence is divided into multiple data blocks, and finally the transaction data in each data block are ordered according to the digital distribution rule in the initial key;
for example, the batch transaction data contains 1000 transaction data, the initial key is 8 bits, and then the batch transaction data is firstly ordered according to the establishment time (the establishment time is the same and the batch transaction data is arranged according to the initial sequence), so as to obtain 63 data blocks, and the last data block contains 8 transaction data;
for example, the initial key takes 16 digits of 16 digits, including: 123456789abcdef0, then the least valued digit is ordered in the last digit and the other digits are ordered in the order of 1-15 digits in this initial key. Therefore, transaction data with earliest establishment time in the corresponding data block is arranged in the last bit, and the rest transaction data is arranged in 1-15 bits according to the order from early to late in the establishment time.
In one embodiment of the present application, generating a new initial key based on the current data includes:
converting the current data into a digital sequence based on an ASCII code comparison table, wherein the digital sequence adopts hexadecimal;
when the number of bits of the digital sequence is n, the digital sequence is used as a new initial password; when the number of bits of the digital sequence is smaller than n, zero padding is performed after the digital sequence, so that the number of bits of the digital sequence is n, and a new initial key is obtained; and when the number of the digits of the digit sequence is greater than n, the first n digits are taken to obtain a new initial key.
In this embodiment, the current data is converted into a digital sequence by querying the ASCII code comparison, and a new initial password with a specific length is obtained by intercepting or zero filling the digital sequence. Taking AES encryption as an example, if a 128bit length cipher is used, 16-bit digits need to be intercepted as the cipher.
In an embodiment of the present application, the current data is encrypted based on the initial key to obtain a ciphertext of the current data:
converting the current data into digital plaintext based on an ASCII code comparison table, converting the digital plaintext into a plaintext matrix, and converting the initial key into a key matrix;
and executing an AES encryption algorithm based on the plaintext matrix and the password matrix to obtain ciphertext of the current data.
In an embodiment of the present application, the digital plaintext and the initial key are each 128 bits in length, and the plaintext matrix and the key matrix are each 4*4 matrices.
In the present application, the AES encryption algorithm encrypts the current data and selects a 128-bit length (16-character) cipher, so that when the matrix is converted, the matrix is 4*4. Specifically, an AES encryption algorithm firstly carries out exclusive OR operation on a plaintext matrix and a key matrix to obtain a first matrix; then, the key matrix is subjected to key expansion to obtain 10 rounds of round keys, 9 rounds of first encryption (comprising byte substitution, row displacement, column confusion and round key addition which are sequentially executed) are performed on the first matrix based on the corresponding sub keys, and the 10 th round of second encryption (comprising byte substitution, row displacement and round key addition which are sequentially executed) is performed to obtain ciphertext. And (3) performing inverse operation during decryption.
The encryption process has the following advantages:
(1) The sender and the receiver only need to agree on a key in advance, so that the management cost of the key is reduced, and the leakage risk of the key is also reduced.
(2) The encryption key of each group of transaction data in the batch of transaction data is different, and the encryption effect is good.
(3) By adopting a plurality of channels for transmission, even if part of ciphertext and an initial key are leaked, the ciphertext cannot be correctly ordered under the condition that all the ciphertext cannot be acquired, and the leaked ciphertext is difficult to decrypt through the initial key, so that the data safety is further ensured.
According to the related encryption method for batch transaction data, a plurality of groups of transaction data established in an initial key and a target time period are obtained; sorting the plurality of groups of transaction data based on the initial key to obtain a first data sequence; then encrypting a first set of transaction data in the first data sequence based on the initial key, then generating a new initial key based on the first set of transaction data, then encrypting a second set of transaction data with the new initial key, then generating a new initial key based on the second set of transaction data, and cycling through the process such that all transaction data is encrypted. The application completes the encryption of batch transaction data based on an initial key, and the keys of each group of transaction data are different, so that the encryption effect is good. The sender and the receiver only need to determine one secret key, so that the secret key is easy to keep secret, and the risk of secret key leakage is reduced.
As shown in fig. 3, the present application further provides an associated encryption system for batch transaction data, including:
the system comprises an acquisition module, a storage module and a processing module, wherein the acquisition module is used for acquiring an initial key and a plurality of groups of transaction data established in a target time period, each group of transaction data is generated when a corresponding transaction task is executed, and the initial key is randomly generated;
the ordering module is used for ordering the plurality of groups of transaction data based on the initial key to obtain a first data sequence;
the encryption module is used for encrypting the current data based on the initial key by taking the first group of transaction data of the first data sequence as the current data to obtain ciphertext of the current data; generating a new initial key based on the current data, taking the next transaction data of the current data as new current data, and encrypting the new current data based on the new initial key to obtain a ciphertext of the new current data; updating the current data based on the new current data, updating the initial key based on the new initial key, and returning to generating the new initial key based on the current data until the encryption of the plurality of groups of transaction data is completed.
According to the related encryption system for batch transaction data, a plurality of groups of transaction data established in an initial key and a target time period are obtained; sorting the plurality of groups of transaction data based on the initial key to obtain a first data sequence; then encrypting a first set of transaction data in the first data sequence based on the initial key, then generating a new initial key based on the first set of transaction data, then encrypting a second set of transaction data with the new initial key, then generating a new initial key based on the second set of transaction data, and cycling through the process such that all transaction data is encrypted. The application completes the encryption of batch transaction data based on an initial key, and the keys of each group of transaction data are different, so that the encryption effect is good. The sender and the receiver only need to determine one secret key, so that the secret key is easy to keep secret, and the risk of secret key leakage is reduced.
Fig. 4 shows a schematic diagram of a computer system suitable for use in implementing an embodiment of the application. It should be noted that, the computer system 400 of the electronic device shown in fig. 4 is only an example, and should not impose any limitation on the functions and the application scope of the embodiments of the present application.
As shown in fig. 4, the computer system 400 includes a central processing unit (Central Processing Unit, CPU) 401 that can perform various appropriate actions and processes, such as performing the methods in the above-described embodiments, according to a program stored in a Read-Only Memory (ROM) 402 or a program loaded from a storage section 408 into a random access Memory (Random Access Memory, RAM) 404. In the RAM 403, various programs and data required for the system operation are also stored. The CPU 401, ROM 402, and RAM 403 are connected to each other by a bus 404. An Input/Output (I/O) interface 405 is also connected to bus 404.
The following components are connected to the I/O interface 405: an input section 406 including a keyboard, a mouse, and the like; an output portion 407 including a Cathode Ray Tube (CRT), a liquid crystal display (Liquid Crystal Display, LCD), and the like, a speaker, and the like; a storage section 408 including a hard disk or the like; and a communication section 409 including a network interface card such as a LAN (Local Area Network ) card, a modem, or the like. The communication section 409 performs communication processing via a network such as the internet. The drive 410 is also connected to the I/O interface 405 as needed. A removable medium 411 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is installed on the drive 410 as needed, so that a computer program read therefrom is installed into the storage section 408 as needed.
In particular, according to embodiments of the present application, the processes described above with reference to flowcharts may be implemented as computer software programs. For example, embodiments of the present application include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising a computer program for performing the method shown in the flowchart. In such an embodiment, the computer program may be downloaded and installed from a network via the communication portion 409 and/or installed from the removable medium 411. When executed by a Central Processing Unit (CPU) 401, performs the various functions defined in the system of the present application.
It should be noted that, the computer readable medium shown in the embodiments of the present application may be a computer readable signal medium or a computer readable storage medium, or any combination of the two. The computer readable storage medium may be, for example, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination thereof. More specific examples of the computer-readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-Only Memory (ROM), an erasable programmable read-Only Memory (Erasable Programmable Read Only Memory, EPROM), flash Memory, an optical fiber, a portable compact disc read-Only Memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present application, a computer-readable signal medium may comprise a data signal propagated in baseband or as part of a carrier wave, with a computer-readable computer program embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. A computer program embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wired, etc., or any suitable combination of the foregoing.
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. Where each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units involved in the embodiments of the present application may be implemented by software, or may be implemented by hardware, and the described units may also be provided in a processor. Wherein the names of the units do not constitute a limitation of the units themselves in some cases.
Another aspect of the application also provides a computer readable storage medium having stored thereon a computer program which, when executed by a processor of a computer, causes the computer to perform a method as before. The computer-readable storage medium may be included in the electronic device described in the above embodiment or may exist alone without being incorporated in the electronic device.
Another aspect of the application also provides a computer program product or computer program comprising computer instructions stored in a computer readable storage medium. The processor of the computer device reads the computer instructions from the computer-readable storage medium, and the processor executes the computer instructions, so that the computer device performs the methods provided in the above-described respective embodiments.
The above embodiments are merely preferred embodiments for fully explaining the present application, and the scope of the present application is not limited thereto. Equivalent substitutions and modifications will occur to those skilled in the art based on the present application, and are intended to be within the scope of the present application.
Claims (9)
1. An associated encryption method for batch transaction data, which is characterized by comprising the following steps:
acquiring an initial key and a plurality of groups of transaction data established in a target time period, wherein each group of transaction data is generated when a corresponding transaction task is executed;
sorting the plurality of groups of transaction data based on the initial key to obtain a first data sequence; the length of the initial key is n, each digit of the initial key is different, wherein the plurality of groups of transaction data are ordered based on the initial key to obtain a first data sequence, and the method comprises the following steps: sorting the multiple groups of transaction data based on the establishment time to obtain a second data sequence; dividing the second data sequence based on the length n of the initial key to obtain a plurality of data blocks; determining the corresponding relation between the size ranking of each element in the initial key and the actual position, and determining the time ranking of establishment of each transaction data in each data block; determining the actual position of transaction data in each data block based on the corresponding relation and the establishment time ranking to obtain a first data sequence;
taking a first group of transaction data of the first data sequence as current data, and encrypting the current data based on the initial key to obtain ciphertext of the current data; generating a new initial key based on the current data, taking the next transaction data of the current data as new current data, and encrypting the new current data based on the new initial key to obtain a ciphertext of the new current data; updating the current data based on the new current data, updating the initial key based on the new initial key, and returning to generating the new initial key based on the current data until the encryption of the plurality of groups of transaction data is completed.
2. The method of claim 1, further comprising:
marking the establishment time of each group of transaction data on a corresponding ciphertext to obtain a marked ciphertext;
and disturbing the sequence of the plurality of marked ciphertexts, and transmitting the plurality of marked ciphertexts after the disorder to the target object.
3. The method of claim 1, wherein generating a new initial key based on the current data comprises:
converting the current data into a digital sequence based on an ASCII code comparison table, wherein the digital sequence adopts hexadecimal;
when the number of bits of the digital sequence is n, the digital sequence is used as a new initial password; when the number of bits of the digital sequence is smaller than n, zero padding is performed after the digital sequence, so that the number of bits of the digital sequence is n, and a new initial key is obtained; and when the number of the digits of the digit sequence is greater than n, the first n digits are taken to obtain a new initial key.
4. The method for encrypting the association of batch transaction data according to claim 1, wherein the current data is encrypted based on the initial key to obtain ciphertext of the current data:
converting the current data into digital plaintext based on an ASCII code comparison table, converting the digital plaintext into a plaintext matrix, and converting the initial key into a key matrix;
and executing an AES encryption algorithm based on the plaintext matrix and the key matrix to obtain ciphertext of the current data.
5. The method of claim 2, wherein the step of transmitting the scrambled plurality of mark ciphertexts to the target object comprises:
acquiring a current available channel;
and when the number of the current available channels is multiple, distributing the multiple mark ciphertexts subjected to the scrambling to multiple available signals for transmission, so as to transmit the multiple mark ciphertexts subjected to the scrambling to a target object.
6. The method of claim 4, wherein the digital plaintext and the initial key are each 128 bits in length, and the plaintext matrix and the key matrix are each 4*4.
7. An associated encryption system for batch transaction data, comprising:
the system comprises an acquisition module, a storage module and a processing module, wherein the acquisition module is used for acquiring an initial key and a plurality of groups of transaction data established in a target time period, each group of transaction data is generated when a corresponding transaction task is executed, and the initial key is randomly generated;
the ordering module is used for ordering the plurality of groups of transaction data based on the initial key to obtain a first data sequence; the length of the initial key is n, each digit of the initial key is different, wherein the plurality of groups of transaction data are ordered based on the initial key to obtain a first data sequence, and the method comprises the following steps: sorting the multiple groups of transaction data based on the establishment time to obtain a second data sequence; dividing the second data sequence based on the length n of the initial key to obtain a plurality of data blocks; determining the corresponding relation between the size ranking of each element in the initial key and the actual position, and determining the time ranking of establishment of each transaction data in each data block; determining the actual position of transaction data in each data block based on the corresponding relation and the establishment time ranking to obtain a first data sequence;
the encryption module is used for encrypting the current data based on the initial key by taking the first group of transaction data of the first data sequence as the current data to obtain ciphertext of the current data; generating a new initial key based on the current data, taking the next transaction data of the current data as new current data, and encrypting the new current data based on the new initial key to obtain a ciphertext of the new current data; updating the current data based on the new current data, updating the initial key based on the new initial key, and returning to generating the new initial key based on the current data until the encryption of the plurality of groups of transaction data is completed.
8. An electronic device, the electronic device comprising:
one or more processors;
storage means for storing one or more programs which when executed by the one or more processors cause the electronic device to implement a method of associated encryption of bulk transaction data as claimed in any one of claims 1 to 6.
9. A computer-readable storage medium, having stored thereon a computer program which, when executed by a processor of a computer, causes the computer to perform a method of associated encryption of bulk transaction data according to any one of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310819436.2A CN116633677B (en) | 2023-07-06 | 2023-07-06 | Associated encryption method and system for batch transaction data |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310819436.2A CN116633677B (en) | 2023-07-06 | 2023-07-06 | Associated encryption method and system for batch transaction data |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116633677A CN116633677A (en) | 2023-08-22 |
| CN116633677B true CN116633677B (en) | 2023-09-19 |
Family
ID=87621456
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310819436.2A Active CN116633677B (en) | 2023-07-06 | 2023-07-06 | Associated encryption method and system for batch transaction data |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116633677B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105490802A (en) * | 2015-11-27 | 2016-04-13 | 桂林电子科技大学 | Improved SM4 parallel encryption and decryption communication method based on GPU (Graphics Processing Unit) |
| CN108933652A (en) * | 2018-06-11 | 2018-12-04 | 安徽工程大学 | A kind of ordinary wheel transform operation unit, ordinary wheel translation circuit and AES decrypt circuit |
| CA3006132A1 (en) * | 2017-09-25 | 2019-03-25 | The Boeing Company | Systems and methods for facilitating iterative key generation and data encryption and decryption |
| CN111555872A (en) * | 2020-04-30 | 2020-08-18 | 平安科技(深圳)有限公司 | Communication data processing method, device, computer system and storage medium |
| CN115277064A (en) * | 2022-06-14 | 2022-11-01 | 中国电信股份有限公司 | Data encryption method, data decryption method, data encryption device, data decryption device, electronic equipment and medium |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8769279B2 (en) * | 2006-10-17 | 2014-07-01 | Verifone, Inc. | System and method for variable length encryption |
-
2023
- 2023-07-06 CN CN202310819436.2A patent/CN116633677B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105490802A (en) * | 2015-11-27 | 2016-04-13 | 桂林电子科技大学 | Improved SM4 parallel encryption and decryption communication method based on GPU (Graphics Processing Unit) |
| CA3006132A1 (en) * | 2017-09-25 | 2019-03-25 | The Boeing Company | Systems and methods for facilitating iterative key generation and data encryption and decryption |
| CN108933652A (en) * | 2018-06-11 | 2018-12-04 | 安徽工程大学 | A kind of ordinary wheel transform operation unit, ordinary wheel translation circuit and AES decrypt circuit |
| CN111555872A (en) * | 2020-04-30 | 2020-08-18 | 平安科技(深圳)有限公司 | Communication data processing method, device, computer system and storage medium |
| CN115277064A (en) * | 2022-06-14 | 2022-11-01 | 中国电信股份有限公司 | Data encryption method, data decryption method, data encryption device, data decryption device, electronic equipment and medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116633677A (en) | 2023-08-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP0002578B1 (en) | Data communication method | |
| US5142578A (en) | Hybrid public key algorithm/data encryption algorithm key distribution method based on control vectors | |
| US5073934A (en) | Method and apparatus for controlling the use of a public key, based on the level of import integrity for the key | |
| US7254232B2 (en) | Method and system for selecting encryption keys from a plurality of encryption keys | |
| WO2001039429A1 (en) | Integrity check values (icv) based on pseudorandom binary matrices | |
| US7783045B2 (en) | Secure approach to send data from one system to another | |
| KR20150142623A (en) | Cryptographic method for securely exchanging messages and device and system for implementing this method | |
| CN105306194A (en) | Multiple encryption method and multiple encryption system for encrypting file and/or communication protocol | |
| CN109274644A (en) | A kind of data processing method, terminal and watermark server | |
| US20080192924A1 (en) | Data encryption without padding | |
| RU2077113C1 (en) | Method for cryptoprotection of telecommunication know-how systems | |
| US11128455B2 (en) | Data encryption method and system using device authentication key | |
| CN111555880A (en) | Data collision method and device, storage medium and electronic equipment | |
| CN108965279A (en) | Data processing method, device, terminal device and computer readable storage medium | |
| US20060129812A1 (en) | Authentication for admitting parties into a network | |
| CN114499857A (en) | Method for realizing data correctness and consistency in big data quantum encryption and decryption | |
| CN116633677B (en) | Associated encryption method and system for batch transaction data | |
| CN107493281A (en) | encryption communication method and device | |
| CN115277064B (en) | Data encryption and data decryption methods and devices, electronic equipment and medium | |
| US7415110B1 (en) | Method and apparatus for the generation of cryptographic keys | |
| CN110932843B (en) | Data communication encryption method for embedded system | |
| CN114282254A (en) | Encryption and decryption method and device, and electronic equipment | |
| CN113408013A (en) | Encryption and decryption chip framework with multiple algorithm rules mixed | |
| CN107241185A (en) | Data transmitting and receiving method and transmission and reception device | |
| JPH07336328A (en) | Cipher device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: 518000, C6 Floor, Building 1, Shenzhen Software Industry Base, No. 81, 83, and 85 Gaoxin South Tenth Road, Binhai Community, Yuehai Street, Nanshan District, Shenzhen, Guangdong Province Patentee after: Shenzhen Xunce Technology Co.,Ltd. Country or region after: China Address before: Room 118a, industry university research building, Hong Kong University of science and technology, 9 Yuexing 1st Road, Gaoxin Park, Yuehai street, Nanshan District, Shenzhen, Guangdong 518000 Patentee before: SHENZHEN XUNCE TECHNOLOGY Co.,Ltd. Country or region before: China |