CN102006303B - Method and terminal for increasing data transmission safety by using multi-encryption method - Google Patents
Method and terminal for increasing data transmission safety by using multi-encryption method Download PDFInfo
- Publication number
- CN102006303B CN102006303B CN 201010575036 CN201010575036A CN102006303B CN 102006303 B CN102006303 B CN 102006303B CN 201010575036 CN201010575036 CN 201010575036 CN 201010575036 A CN201010575036 A CN 201010575036A CN 102006303 B CN102006303 B CN 102006303B
- Authority
- CN
- China
- Prior art keywords
- rsa
- information
- key
- recipient
- vector
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The invention relates to a method and a terminal for increasing data transmission safety by using a multi-encryption method. The data to be transmitted is encrypted; the identity authentication is carried out and the data transmission error is checked; the data is processed by using the terminal before being sent; when the data is received, the data is analyzed by using the terminal and then sent to a receiver. The method provides a multidimensional key concept, a key structure needed by encryption is more complicated, and the breaking difficulty is higher. The data processing method and the terminal not only further strengthen data safety, but also use an XML (Extensible Markup Language) organization to transmit data, have distinct levels and are convenient to analyze. A terminal module provides a user interface, is convenient for a user to use an autocode function module and has the advantages of secondary development performance, expansibility and high practicability.
Description
Technical field
The present invention relates to information security field, specifically relate to the method that the multiple encryption method of a kind of use improves data transmission security, and with terminal be encrypted, send, reception and data decryption.
Background technology
Steal further savagely due to present network, information security is on the hazard, and network security becomes the network problem that people pay close attention to.The present timely communication software of domestic popular Tencent QQ, its message encryption mode but relatively easily cracks, and QQ does not support fairly large rich text information (text that contains the information such as picture, form) point-to-point transmission.So, need other data packet transmission agreement of a kind of higher security level of exploitation, namely support multiple cipher mode, support again fairly large rich text communication, simultaneously also need to add the proof of identity function, even make transmission information be stolen, also substantially can't decode out original text within the lifetime of raw information.Most important, be to guarantee to detect issuable mistake in data transmission procedure.Above these are problems that this patent can solve.
In addition, in existing similar technology, normally adopt highly integrated bitcom, and probably built-in back door script, thereby important information etc. stolen.
Summary of the invention
The objective of the invention is for deficiency of the prior art, a kind of multiple encryption method supported is provided, subsidiary secure identity verifying function, but the detected transmission mistake, support the data processing method of fairly large rich text transmission, and with multiple encryption method be encrypted, send, the terminal of reception and data decryption.
Technical scheme of the present invention is:
A kind of use is added the method that decryption method improves data transmission security, comprises the following steps:
(a), at first, add the recipient information at transmitting terminal; The recipient information of this transmitting terminal comprises: recipient's name Name, sender's name Signature, RSA sign test information RSA-Info, selected encryption method En-algorithm, key obtain vectorial Vector, can obtain the function pointer Delegate that encrypts required key and encrypt original text by Vector;
(b), the recipient information of this transmitting terminal is encrypted: the sender will ownly carry out the RSA digital signature with the signing messages of recipient's agreement and the RSA private key of oneself, then select an encryption method, and use key to obtain vector sum and can obtain the function pointer of encrypting required key by Vector and obtain the needed key of encryption method, be encrypted encrypting original text at last, after encryption was completed, this recipient information generated the XML packet;
(c), the XML packet that generates converted to generate the character visible coding, and transfer to receiving terminal by network;
(d), deciphering: receiving terminal goes back to the XML packet with the data that receive, the input recipient information, the recipient information of this receiving terminal comprises: the signing messages of recipient's name, sender and oneself agreement, RSA PKI group Public Key and can obtain the function pointer Delegate that encrypts required key by Vector, verify this information;
If recipient's name exists, illustrate that having comprised a certain sender in this group packet issues the information of oneself, further carry out authentication, otherwise prompting is without accessible information;
The recipient uses some PKIs and the signing messages corresponding and sender's agreement in RSA PKI group to carry out the RSA digital signature, when the information after signing and the sign test information matches that sends over, illustrate that this sender is legal, ciphertext is carried out the MD5 verification, otherwise, prompting RSA authentication failed;
If the MD5 verification succeeds decrypts sender's raw information, otherwise can point out error of transmission.
Character visible in step of the present invention (c) is encoded to the BASE64 coding.
RSA private key of the present invention is five, and RSA PKI group is one, five RSA private keys wherein all with RSA PKI assembly pair, be used for the RSA authentication.
It is three-dimensional key vector Vector that key of the present invention obtains vectorial Vector, by input three-dimensional point coordinate, can obtain to encrypt and decipher required key by it.
A kind of use is added the terminal that decryption method improves data transmission security, and it comprises Key Acquisition Module, encrypting module, authentication module, data check module, data transmission module and processor, and described each module all is connected with the respective signal end of processor;
Key Acquisition Module is used for obtaining the key vector;
Encrypting module is used for the recipient information of transmitting terminal input is encrypted;
Authentication module is used for the RSA digital signature:
For the sender, be to carry out the RSA digital signature with own with the signing messages of recipient's agreement and the RSA private key of oneself, generate sign test information;
For the recipient, be that the PKI in signing messages that own and sender are arranged and corresponding PKI group carries out the RSA digital signature, and verify with the sign test information that sends over;
The data check module is used for carrying out the MD5 verification:
For the sender, be that the ciphertext that generates after the source language message is encrypted is carried out verification, generate check code, be convenient to error detection;
For the recipient, be that the ciphertext that will send over is carried out verification, and compare with check code.
Key Acquisition Module of the present invention, encrypting module and authentication module are used for providing the user autonomous Design all with user interface.
Beneficial effect of the present invention:
The present invention effectively utilizes the advantage of XML, generate the ciphertext of tree structure, digital signature is combined with encryption, and integrated multiple existing encryption method, make the robustness of system's data flow when process information stronger, ciphertext obviously increases for the resistivity of heavy attack; On the other hand, the use of novelty of the present invention multidimensional key obtain vector, not only improved the flexibility of key, also make the difficulty that cracks of key greatly increase.
If the present invention has also realized the function that application value is stronger accordingly in the fail safe that guarantees data---the user distrusts the functional module (as encryption method) that carries, the present invention also provides user interface in these functional modules, be user-friendly to the encryption method of oneself etc., needn't worry that the back door script that may exist steals information.
The present invention is encrypted the data of transmission, and adds authentication and data transfer error checking; Before data send, send again after with terminal, it being processed.When receive data, with terminal, it is resolved, then be sent to the recipient.The method has proposed the multidimensional key concept simultaneously, makes the required key structure of encryption more complicated, cracks difficulty larger.This data processing method and terminal, not only greatly degree has been strengthened the fail safe of data, and organizes the transmission of data with XML, and the level distinctness is convenient to resolve; Terminal module provides user interface, and user-friendly self-editing functional module has advantages of secondary development, autgmentability and practical.
Description of drawings
Fig. 1 is the theory diagram of terminal of the present invention.
Fig. 2 is the flow chart of the inventive method.
Fig. 3 is the structural representation of the XML file that generates of the present invention.
Fig. 4 is encrypting step flow chart of the present invention.
Fig. 5 is decryption step flow chart of the present invention.
Embodiment
The present invention is further illustrated below in conjunction with drawings and Examples.
As shown in Fig. 1-5, a kind of use is added the method that decryption method improves data transmission security, comprises the following steps:
(a), at first, add the recipient information at transmitting terminal; The recipient information of this transmitting terminal comprises: recipient's name Name, sender's name Signature, RSA sign test information RSA-Info, selected encryption method En-algorithm, key obtain vectorial Vector, can obtain the function pointer Delegate that encrypts required key and encrypt original text by Vector;
(b), the recipient information of this transmitting terminal is encrypted: the sender will ownly carry out the RSA digital signature with the signing messages of recipient's agreement and the RSA private key of oneself, then select an encryption method, and use key to obtain vector sum and can obtain the function pointer of encrypting required key by Vector and obtain the needed key of encryption method, be encrypted encrypting original text at last, after encryption was completed, this recipient information generated the XML packet;
(c), the XML packet that generates converted to generate the character visible coding, and transfer to receiving terminal by network;
(d), deciphering: receiving terminal goes back to the XML packet with the data that receive, the input recipient information, the recipient information of this receiving terminal comprises: the signing messages of recipient's name, sender and oneself agreement, RSA PKI group Public Key and can obtain the function pointer Delegate that encrypts required key by Vector, verify this information;
If recipient's name exists, illustrate that having comprised a certain sender in this group packet issues the information of oneself, further carry out authentication, otherwise prompting is without accessible information;
The recipient uses some PKIs and the signing messages corresponding and sender's agreement in RSA PKI group to carry out the RSA digital signature, when the information after signing and the sign test information matches that sends over, illustrate that this sender is legal, ciphertext is carried out the MD5 verification, otherwise, prompting RSA authentication failed;
If the MD5 verification succeeds decrypts sender's raw information, otherwise can point out error of transmission.
Character visible in step of the present invention (c) is encoded to the BASE64 coding.
RSA private key of the present invention is five, and RSA PKI group is one, five RSA private keys wherein all with RSA PKI assembly pair, be used for the RSA authentication.
It is three-dimensional key vector Vector that key of the present invention obtains vectorial Vector, by input three-dimensional point coordinate, can obtain to encrypt and decipher required key by it.
A kind of use is added the terminal that decryption method improves data transmission security, and it comprises Key Acquisition Module, encrypting module, authentication module, data check module, data transmission module and processor, and described each module all is connected with the respective signal end of processor;
Key Acquisition Module is used for obtaining the key vector;
Encrypting module is used for the recipient information of transmitting terminal input is encrypted;
Authentication module is used for the RSA digital signature:
For the sender, be to carry out the RSA digital signature with own with the signing messages of recipient's agreement and the RSA private key of oneself, generate sign test information;
For the recipient, be that the PKI in signing messages that own and sender are arranged and corresponding PKI group carries out the RSA digital signature, and verify with the sign test information that sends over;
The data check module is used for carrying out the MD5 verification:
For the sender, be that the ciphertext that generates after the source language message is encrypted is carried out verification, generate check code, be convenient to error detection;
For the recipient, be that the ciphertext that will send over is carried out verification, and compare with check code.
Key Acquisition Module of the present invention, encrypting module and authentication module are used for providing the user autonomous Design all with user interface.
During concrete enforcement:
As shown in Figure 1, improve the terminal of data transmission security by Key Acquisition Module with adding decryption method, encrypting module, authentication module, data check module and five module compositions of data transmission module, Key Acquisition Module wherein, encrypting module, three modules of authentication module are except carrying algorithm, all provide interface to the user, distrusted to prevent the user fail safe that carries algorithm, thereby facilitated the user to provide the algorithm of autonomous Design to satisfy the demands.
Shown in Figure 2, when program begins, do circularly and add recipient information, enciphered message, until adding, completes 4-, then be packaged into the XML packet, transfer the BASE64 coding to, the data mode that generating network can transmit, and transmit by network.Receive the BASE64 coding by receiving terminal again, and convert the XML packet to, the data that receive are gone back to the data mode of being convenient to analyze, then input the recipient information.
When recipient's name has respective items in the XML packet, illustrate to have the information that this recipient need to receive in packet.At this moment, sender and recipient's sign test information are separately carried out the RSA sign test, check sender's identity and legitimacy thereof.After identity is upchecked, recycling cipher-text information and check code, whether detect data has error of transmission.When detection is errorless, can decrypts raw information, otherwise can point out corresponding mistake.
As shown in Figure 4, be encrypting module flow chart of the present invention.
When adding the recipient information, need 7 contents: the signing messages Signature of recipient's name Name, sender and recipient's agreement, sender's RSA private key Private Key, selected encryption method En-algorithm, key obtain vectorial Vector, can obtain the function pointer Delegate that encrypts required key and encrypt original text by Vector.Our hypothesis only has can mutual transmission information between 5 people (A, B, C, D, E).This 5 people so, everyone can hold an only one's own private key file, and the PKI group file that the private key with these 5 people all matches.When A will pass to the B data, in order not allow other people crack these information, A can be with the name of B as recipient's name Name, and use the RSA private key Private Key of oneself and carry out the RSA digital signature with signing messages that B appoints, generate sign test information, then select an encryption method as selected encryption method En-algorithm, and utilize key to obtain vectorial Vector and can obtain the function pointer Delegate that encrypts required key by Vector to obtain the needed key of encryption method, will encrypt at last original text and be encrypted.Data processing algorithm can be integrated into XML with these information.Afterwards, A just can send to B with XML.
As shown in Figure 5, be deciphering module flow chart of the present invention
Input needs 4 contents during the recipient information: signing messages Signature, the RSA PKI group Public Key of recipient's name, sender and recipient's agreement and can obtain by Vector the function pointer Delegate of the required key of encryption.After B receives XML, just carry out Data Analysis.At first, search the name of oneself in XML.If have, illustrate and contain the information that oneself should receive in XML.At this moment, B can use public-key group in file some PKIs and the signing messages of corresponding agreement carry out the RSA digital signature, for example, determine whether the information that A sends, the PKI of A in the group that uses public-key, with with the signing messages of A agreement, carry out the RSA digital signature, generate sign test information, when the sign test information conforms in sign test information and XML, determine that A issues the information of B, the sender is legal, just can be decrypted.Comprised in XML and encrypted algorithm used, and key obtains vectorial VECTOR.By VECTOR, B just can decipher information that A sends.
The part that the present invention does not relate to all prior art that maybe can adopt same as the prior art is realized.
Claims (2)
1. one kind with the method for adding decryption method and improve data transmission security, it is characterized in that it comprises the following steps:
(a), at first, add the recipient information at transmitting terminal; The recipient information of this transmitting terminal comprises: recipient's name Name, sender's name Signature, RSA sign test information RSA-Info, selected encryption method En-algorithm, key obtain vectorial Vector, can obtain the function pointer Delegate that encrypts required key and encrypt original text by Vector;
(b), the recipient information of this transmitting terminal is encrypted: the sender will ownly carry out the RSA digital signature with the signing messages of recipient's agreement and the RSA private key of oneself, then select an encryption method, and use key to obtain vector sum and can obtain the function pointer of encrypting required key by Vector and obtain the needed key of encryption method, be encrypted encrypting original text at last, after encryption was completed, this recipient information generated the XML packet;
(c), the XML packet that generates converted to generate the character visible coding, and transfer to receiving terminal by network;
(d), deciphering: receiving terminal goes back to the XML packet with the data that receive, the input recipient information, the recipient information of this receiving terminal comprises: the signing messages of recipient's name, sender and oneself agreement, RSA PKI group Public Key and can obtain the function pointer Delegate that encrypts required key by Vector, verify this information;
If recipient's name exists, illustrate that having comprised a certain sender in this group packet issues the information of oneself, further carry out authentication, otherwise prompting is without accessible information;
The recipient uses some PKIs and the signing messages corresponding and sender's agreement in RSA PKI group to carry out the RSA digital signature, when the information after signature is mated with the RSA sign test information RSA-Info that sends over, illustrate that this sender is legal, ciphertext is carried out the MD5 verification, otherwise, prompting RSA authentication failed;
If the MD5 verification succeeds decrypts sender's raw information, otherwise can point out error of transmission;
Described RSA private key is five, and RSA PKI group is one, five RSA private keys wherein all with RSA PKI assembly pair, be used for the RSA authentication;
It is three-dimensional key vector Vector that described key obtains vectorial Vector, by input three-dimensional point coordinate, can obtain to encrypt and decipher required key by it.
2. use according to claim 1 is added the method that decryption method improves data transmission security, it is characterized in that the character visible in step (c) is encoded to the BASE64 coding.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 201010575036 CN102006303B (en) | 2010-12-06 | 2010-12-06 | Method and terminal for increasing data transmission safety by using multi-encryption method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 201010575036 CN102006303B (en) | 2010-12-06 | 2010-12-06 | Method and terminal for increasing data transmission safety by using multi-encryption method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102006303A CN102006303A (en) | 2011-04-06 |
| CN102006303B true CN102006303B (en) | 2013-06-05 |
Family
ID=43813374
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 201010575036 Expired - Fee Related CN102006303B (en) | 2010-12-06 | 2010-12-06 | Method and terminal for increasing data transmission safety by using multi-encryption method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102006303B (en) |
Families Citing this family (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105306233B (en) | 2014-06-19 | 2021-01-22 | 中兴通讯股份有限公司 | Terminal management method and system, server and terminal |
| CN104244237B (en) * | 2014-09-12 | 2019-03-22 | 宇龙计算机通信科技(深圳)有限公司 | Data sending, receiving method and reception send terminal and data transmitter-receiver set |
| CN104486756B (en) * | 2014-12-05 | 2018-11-16 | 深圳职业技术学院 | A kind of encryption and decryption method and system of close writing paper short message |
| CN104394530A (en) * | 2014-12-09 | 2015-03-04 | 天津光电安辰信息技术有限公司 | Wechat content encryption system based on smartphone and implementation method of wechat content encryption system |
| CN105162253A (en) * | 2015-09-02 | 2015-12-16 | 许继集团有限公司 | Wireless communication system for intellectualization of primary equipment |
| CN106021202A (en) * | 2016-05-24 | 2016-10-12 | 珠海市魅族科技有限公司 | Data transmission method and receiving device |
| CN106911704B (en) * | 2017-03-13 | 2020-10-09 | 北京轻信科技有限公司 | Encryption and decryption method based on block chain |
| CN108848094B (en) * | 2018-06-22 | 2021-04-16 | 平安科技(深圳)有限公司 | Data security verification method, device, system, computer equipment and storage medium |
| CN109981667B (en) * | 2019-04-01 | 2020-07-03 | 北京纬百科技有限公司 | User data transmission method and device |
| CN110266733A (en) * | 2019-07-25 | 2019-09-20 | 群淂数码科技(上海)有限公司 | Data ciphering method and its system |
| CN111935175B (en) * | 2020-09-14 | 2020-12-29 | 华芯生物科技(武汉)有限公司 | Data encryption transmission method of detection equipment |
| CN114120498B (en) * | 2022-01-27 | 2022-05-10 | 云丁网络技术(北京)有限公司 | Method and related device for migrating data |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101436141A (en) * | 2008-11-21 | 2009-05-20 | 深圳创维数字技术股份有限公司 | Firmware upgrading and encapsulating method and device based on digital signing |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP4151432B2 (en) * | 2003-02-25 | 2008-09-17 | 株式会社日立製作所 | XML signature / encryption procedure generation system |
-
2010
- 2010-12-06 CN CN 201010575036 patent/CN102006303B/en not_active Expired - Fee Related
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101436141A (en) * | 2008-11-21 | 2009-05-20 | 深圳创维数字技术股份有限公司 | Firmware upgrading and encapsulating method and device based on digital signing |
Non-Patent Citations (6)
| Title |
|---|
| XML安全技术分析与应用;顾韵华等;《计算机科学 2009年》;20090515(第5期);全文 * |
| 信息交换中的信息安全问题研究;许国庆;《中国优秀硕士学位论文全文数据库 信息科技辑 2010年》;20100415(第4期);第31页第2段、第32页第18行、第33页倒数第2段-第35页倒数第4段、第40页倒数第1-6行、第47页第11-13行,图4.1-4.3、4.5 * |
| 基于.Net的XML安全性的研究与实现;田挺;《中国优秀硕士学位论文全文数据库 信息科技辑 2009年》;20091115(第11期);第67页第10-19行、第69页第13、24行,图4.1 * |
| 田挺.基于.Net的XML安全性的研究与实现.《中国优秀硕士学位论文全文数据库 信息科技辑 2009年》.2009,(第11期), |
| 许国庆.信息交换中的信息安全问题研究.《中国优秀硕士学位论文全文数据库 信息科技辑 2010年》.2010,(第4期), |
| 顾韵华等.XML安全技术分析与应用.《计算机科学 2009年》.2009,(第5期),全文. |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102006303A (en) | 2011-04-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102006303B (en) | Method and terminal for increasing data transmission safety by using multi-encryption method | |
| CN110493197B (en) | Login processing method and related equipment | |
| CN101005361B (en) | Server and software protection method and system | |
| US20070189517A1 (en) | Pseudo public key encryption | |
| CN102664898A (en) | Fingerprint identification-based encrypted transmission method, fingerprint identification-based encrypted transmission device and fingerprint identification-based encrypted transmission system | |
| CN101931536B (en) | Method for encrypting and authenticating efficient data without authentication center | |
| CN101247605A (en) | Short information enciphering and endorsement method, mobile terminal and short information ciphering system | |
| CN104660605A (en) | Multi-factor identity authentication method and system | |
| CN113346995B (en) | Method and system for preventing falsification in mail transmission process based on quantum security key | |
| CN110597836B (en) | Information inquiry request response method and device based on block chain network | |
| CN105162599A (en) | Data transmission system and data transmission method | |
| CN103888938A (en) | PKI private key protection method of dynamically generated key based on parameters | |
| CN110611670A (en) | API request encryption method and device | |
| CN104009842A (en) | Communication data encryption and decryption method based on DES encryption algorithm, RSA encryption algorithm and fragile digital watermarking | |
| CN101924635B (en) | Method and device for user identity authentication | |
| CN109104271A (en) | A kind of methods, devices and systems of digital signature | |
| CN115396121A (en) | Security authentication method for security chip OTA data packet and security chip device | |
| CN101895847A (en) | Short message service authenticated encryption system and method based on digital certificate | |
| CN104200154A (en) | Identity based installation package signing method and identity based installation package signing device | |
| CN102970676A (en) | Method for processing original data, internet of thing system and terminal | |
| CN103078743A (en) | E-mail IBE (Internet Booking Engine) encryption realizing method | |
| CN101931535A (en) | Method for adaptively performing data encryption and authentication without authentication center | |
| CN102571338A (en) | PKI (Public Key Infrastructure)-based method and system for certifying internet of things | |
| CN107249002B (en) | Method, system and device for improving safety of intelligent electric energy meter | |
| CN113468582A (en) | Anti-quantum computing encryption communication method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20130605 Termination date: 20131206 |