CN102739406B - Method for securely transmitting equipment information - Google Patents
Method for securely transmitting equipment information Download PDFInfo
- Publication number
- CN102739406B CN102739406B CN201210248144.XA CN201210248144A CN102739406B CN 102739406 B CN102739406 B CN 102739406B CN 201210248144 A CN201210248144 A CN 201210248144A CN 102739406 B CN102739406 B CN 102739406B
- Authority
- CN
- China
- Prior art keywords
- key
- data
- result
- card
- operating result
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The invention discloses a method for securely transmitting equipment information, relating to the filed of information security. By the method, a data packet is integrally encrypted after a CPU (Central Processing Unit) card receives the data packet and an adopted encryption key is readable outside the CPU card, thereby solving the problem that the information security of the CPU card is low. The method comprises the following steps: receiving the data packet and judging whether the second byte of the data packet is equal to a fixed value by the card; carrying out corresponding operation if the second byte of the data packet is not equal to the fixed value; carrying out the first operation on the data field of the data packet to generate a first key if the second byte of the data packet is equal to the fixed value; then carrying out the second operation to generate a second key; carrying out the third operation on the second key by using the first key to generate a third key; carrying out encryption operation on the key part of the data marked in the card by using the third key; substituting the key part of the data marked in the card by using the encrypted result, wherein other parts are not changed; and then splicing with the second key in sequence to obtain result data, and sending the result data.
Description
Technical field
The present invention relates to information security field, particularly a kind of method of secure transmission device information.
Background technology
Traditional magnetic stripe card technology is simple, and magnetic strip information is easily replicated, and the case of forge magnetic stripe card, usurping magnetic strip information frequently occurs, and this has caused huge loss to holder, card sending mechanism.And CPU card technique content is relatively high, has reduced to a great extent and be forged the probability copying.
Mobile phone uses CPU card can do mobile payment.Mobile payment service is that mobile operator and financial department cooperation are released, and carries out payment behavior, the electronic transaction business of paying the fees or consuming by mobile phone.One of means that mobile payment will be paid by mails as future, especially commercial on a large scale at 3G, after smart mobile phone is universal, will become people's means of payment the most easily, market development has a high potential.
Process at present in the process of security device information, inventor finds at least to exist in prior art following problem: CPU clamping is received after packet, packet is encrypted, conventional cryptography is just encrypted data integral body, the encryption key adopting is readable outside CPU card, thereby has reduced the fail safe of CPU card information.
Summary of the invention
For addressing the deficiencies of the prior art, the invention provides a kind of method of secure transmission device information.
The scheme that the present invention takes is: a kind of method of secure transmission device information, comprise the following steps,
Step S1: equipment receiving data bag;
Step S2: whether the default byte of the described packet that judgement receives equals the first preset value, is to perform step S3-step S8, otherwise execution step S9;
Step S3: equipment is carried out first operation of making an appointment with the key of making an appointment to the data field of the described packet receiving and obtained the first operating result, and generates the first key according to described the first operating result;
Step S4: specific data is carried out to the second operation and obtain the second operating result, and generate the second key according to described the second operating result;
Step S5: carry out according to described the first key and described the second key the 3rd operation make an appointment and obtain the 3rd operating result, and generate the 3rd key according to the 3rd operating result;
Step S6: utilize described the 3rd key to carry out cryptographic operation to the key component of the facility information prestoring and obtain encrypted result;
Step S7: replace the key component of described facility information by described encrypted result, other parts of described facility information are constant, and the described facility information after replacing and described the second cipher key sequence splicing are obtained to result data;
Step S8: equipment outwards sends described result data, then returns to step S1;
Step S9: equipment is carried out corresponding operating and outwards sends the response of corresponding operating result described packet, then returns to step S1.
Before described step S3, comprise:
Steps A 1: whether the specified bytes that judges the data head of described packet meets the first preset requirement, is to perform step A2, otherwise returns to the first error code;
Steps A 2: whether the data field that judges described packet meets the second preset requirement, is to perform step A3, otherwise returns to the second error code;
Steps A 3: whether the nybble that judges the data head of described packet equals the second preset value, is to perform step A4, otherwise execution step A5;
Steps A 4: indicate first byte in file to save as recording mechanism data record, then perform step A6;
Steps A 5: described nybble is saved as to recording mechanism, then perform step A6;
Steps A 6: whether the recording mechanism that judges current preservation in preset range, is to perform step S3, otherwise returns to the 3rd error code.
Described steps A 1 is specially:
Steps A 1-1: whether first byte that judges described data head equals the 3rd preset value, is to carry out next step, otherwise returns to the first error code;
Steps A 1-2: whether the 3rd byte that judges described data head equals the 4th preset value, is to carry out next step, otherwise returns to the first error code;
Steps A 1-3: whether the 5th byte that judges described data head equals the 5th preset value, is to perform step A2, otherwise returns to the first error code.
Described steps A 2 is specially: judge in the data field of described packet, whether last byte is the 6th preset value, is to perform step A3, otherwise returns to the second error code.
Described predetermined the first operation in advance, described the second operation and described in make an appointment the 3rd be operating as symmetric cryptography and/or asymmetric encryption and/or random number encryption and/or data Hash and/or bit arithmetic.
Specific data described in step S4 is the data in the data field of device interior data or random number or described packet.
Described in step S3 according to described the first operating result generate the first key be specially extract described the first operating result part or all as described the first key, described in step S3, according to described the second operating result, generate the second key and be specially and extract a part of data of described the second operating result or total data as described the second key.
Described step S5 is specially: with described the first key, described the second key is carried out to the 3rd operation and obtain the 3rd operating result, and extract a part of data of described the 3rd operating result or total data as the 3rd key.
Described step S5 is specially: with described the second key, described the first key is carried out to the 3rd operation and obtain the 3rd operating result, and extract a part of data of described the 3rd operating result or total data as the 3rd key.
Key component described in step S6 is a wherein part for described facility information or the data of a plurality of parts, and described a plurality of parts are continuous or discrete a plurality of part.
Described step S6 replaces with: utilize described the 3rd key to obtain encrypted result to the whole cryptographic operation of carrying out of the facility information prestoring; Described step S7 replaces with: with described encrypted result and described the second cipher key sequence splicing, obtain result data.
Described in step S6, cryptographic operation adopts symmetric cryptography and/or asymmetric encryption and/or random number encryption and/or data Hash.
The technical scheme beneficial effect that the embodiment of the present invention provides is: by sensitive information in CPU card is encrypted to operation, by the cipher-text information after encrypting, substitute former cleartext information, do not change on this basis the length of original information, then the CPU card information end series connection additional information reading, send to outside card, with this, realize the object of safe transmission CPU card information.
Accompanying drawing explanation
The method flow diagram of a kind of secure transmission device information that Fig. 1 provides for embodiment 1;
The method flow diagram of a kind of concrete processing security device information that Fig. 2 provides for embodiment 2;
A kind of method flow diagram that the security device information of embodiment 2 is decrypted that Fig. 3 provides for embodiment 3.
Embodiment
For making the object, technical solutions and advantages of the present invention clearer, below in conjunction with accompanying drawing, embodiments of the present invention are done further and described in detail.
In the embodiment of the present invention, the equipment of mentioning is CPU card.
Embodiment 1
Referring to Fig. 1, embodiment 1 provides a kind of method of secure transmission device information, specifically comprises:
Step 1-1: card receives packet and judges whether the second byte of packet equals fixed value;
Be execution step 1-2; No, execution step 1-8.
In the present embodiment, second byte fixed value of packet is 0XF8.
Step 1-2: card is carried out the first operation to the data field of packet, and generates the first key according to the first operating result;
In the present embodiment, in the first operation, must there is the key of appointment to participate in.Specifying key is the key of the outer both sides' agreement of Ka Nei and card, and card is outer not readable.The first operation includes, but are not limited to symmetric cryptography, asymmetric encryption, random number encryption, data Hash, bit arithmetic and combination thereof.A part of data of the first operating result or total data are as the first key.
Be preferably: card is with specifying key to carry out Hash operation or bit arithmetic to data field, and using a part of data of operation result or total data as the first key;
Can also be: card is with specifying key to carry out asymmetric encryption to data field, and using a part of data of encrypted result or total data as the first key;
Can also be: card, with specifying key to carry out Hash operation to data field, is got Hash result and carried out asymmetric encryption again, and using a part of data of asymmetric encryption result or total data as the first key;
Can also be: card is with specifying key to carry out symmetric cryptography to data field, result is carried out asymmetric encryption again, and then operation result is carried out to Hash, and using a part of data of Hash result or total data as the first key, can also there be other modes, do not repeat them here.
Step 1-3: card is carried out the second operation to specific data, and generates the second key according to the second operating result;
In the present embodiment, specific data comprises specifies key and/or data field and/or random number.The second operation includes, but are not limited to symmetric cryptography, asymmetric encryption, random number encryption, data Hash, bit arithmetic and combination thereof.The second operation can be identical with the first operation.A part of data of the second operating result or total data are as the second key.
Specifically take that not specify key to participate in be example:
Be preferably: card is carried out symmetric cryptography to packet, and using a part of data of encrypted result or total data as the second key;
Can also be: card is carried out asymmetric encryption to packet, encrypted result be carried out Hash operation, and using a part of data of Hash result or total data as the second key;
Can also be: card is carried out random number encryption to packet, encrypted result is carried out symmetric cryptography, then by symmetric cryptography result executing data Hash again, and using a part of data of Hash result or total data as the second key, can also there be other modes, do not repeat them here.
Step 1-4: card is carried out the 3rd operation with the first key to the second key, and generate the 3rd key according to the 3rd operating result;
This step can be also: card is carried out the 3rd operation with the second key to the first key, and generates the 3rd key according to the 3rd operating result.
The 3rd operation includes but not limited to symmetric cryptography, asymmetric encryption, random number encryption, data Hash, bit arithmetic and combination thereof.A part of data of the 3rd operating result or total data are as the 3rd key.
Step 1-5: card is carried out cryptographic operation with the 3rd key to the key component of the data that are labeled in blocking;
In the present embodiment, the data that are labeled in described card are stored in the memory location of making an appointment in card, or card determines recording mechanism according to the packet that receives, determine the memory location of the data that are labeled in card according to recording mechanism.
Preferably the data that are labeled in card are divided into several parts of default number, with the 3rd key, key component are wherein carried out to cryptographic operation.For example, by being labeled data in card, be divided into three parts, be followed successively by first, second portion, third part from a high position to low level, described key component is the part or all of of first and/or second portion and/or third part.
Encryption operation method includes, but are not limited to symmetric cryptography, asymmetric encryption, random number encryption, data Hash and combination thereof.
Step 1-6: the key component of the data that are labeled in card is replaced by the result after encrypting, and other parts are constant, and then splice in order and obtain result data with the second key;
When described key component is first and second portion and third part whole, step 1-5 replaces with: card is carried out cryptographic operations with the 3rd key to all data that are labeled in blocking; Step 1-6 replaces with: the data that are labeled in card are substituted by the result after encrypting, then obtain result data with the second cipher key sequence splicing.
Step 1-7: send result data, return to step 1-1.
Step 1-8: card is carried out corresponding operating, returns to step 1-1.
Embodiment 2
Referring to Fig. 2, embodiment 2 provides a kind of method of concrete processing security device information, specifically comprises:
Step 201: card receives packet and judges whether the second byte of packet equals fixed value;
Be execution step 202; No, execution step 218.
In the present embodiment, second byte fixed value of packet is 0XF8.
Concrete, if second byte of the packet receiving is 0XF8, this packet is comprised of data head and data field, and wherein the first five byte of high order end is data head, and remaining part is data field.
For example: the packet receiving is: 80F80201082012040917375080, wherein data head is: 80F8020108, data field is: 2012040917375080.
Step 202: whether the default byte that judges the data head of packet meets the first preset requirement, be, execution step 204, no, execution step 203;
Concrete operation step is as follows:
Steps A: whether first byte that judges data head equals 0X80;
Be execution step B; No, execution step 203.
Step B: whether the 3rd byte that judges data head equals 0X02;
Be execution step C; No, execution step 203.
Step C: whether the 5th byte that judges data head equals 0X08;
Be execution step 204; No, execution step 203.
Steps A in the present embodiment, B, tri-steps of C do not have fixing execution sequence;
Step 203: return to the first error code, then perform step 201;
In the present embodiment, if first byte of data head is not equal to 0X80, the first error code returning is 6E00;
If the 3rd byte of data head is not equal to 0X02, the first error code returning is 6B00;
If the 5th byte of data head is not equal to 0X08, the first error code returning is 6700;
Step 204: whether the data field that judges packet meets the second preset requirement;
Be execution step 206; No, execution step 205.
In the present embodiment, if last byte of data field is 0X80, data field meets preset requirement so.
Step 205: return to the second error code, return to step 201;
In the present embodiment, the second error code is specially 6A80.
Step 206: whether the nybble that judges the data head of packet equals preset value;
Be execution step 208; No, execution step 207.
In the present embodiment, whether the nybble of the concrete data head that judges packet equals 0X00.
Step 207: the nybble of the data head of packet is saved as to recording mechanism, then perform step 209;
In the present embodiment, packet is: 80F80201082012040917375080, the recording mechanism of preservation is 01.
Step 208: indicate first byte data in file to save as recording mechanism data record, execution step 209;
In the present embodiment, first byte in concrete data record indication file is 0X03, so recording mechanism is 03.
Step 209: judge that the recording mechanism of current preservation is whether in preset range;
Be, execution step 211, no, execution step 210.
In the present embodiment, if recording mechanism within the scope of 0X01-0X10, declare record is number in preset range.
Step 210: return to the 3rd error code, return to step 201.
In the present embodiment, the 3rd concrete error code is 6A83.
Step 211: card is carried out the first operation to the data field of packet, and generates the first key according to the first operating result;
In the present embodiment, in the first operation, must there is the key of appointment to participate in.
Specifying key is the key of the outer both sides' agreement of Ka Nei and card, and card is outer not readable, is specially: D636CDB97E6796D2A9E934E82D05CD0D.
The first operation includes, but are not limited to symmetric cryptography, asymmetric encryption, random number encryption, data Hash, bit arithmetic and combination thereof.A part of data of the first operating result or total data are as the first key.
Be preferably: card is with specifying key to carry out Hash operation or bit arithmetic to data field, and using a part of data of operation result or total data as the first key;
Can also be: card is with specifying key to carry out asymmetric encryption to data field, and using a part of data of encrypted result or total data as the first key;
Can also be: card, with specifying key to carry out Hash operation to data field, is got Hash result and carried out asymmetric encryption again, and using a part of data of asymmetric encryption result or total data as the first key;
Can also be: card is with specifying key to carry out symmetric cryptography to data field, again encrypted result is carried out to asymmetric encryption, then operation result is carried out to Hash, and using a part of data of Hash result or total data as the first key, can also there be other modes, do not repeat them here.
In the present embodiment, card is with specifying key to adopt 3des-ecb pattern to carry out symmetric cryptography to data field, and the first key of generation is: 68A4565641058AA8.
Step 212: card is carried out the second operation to specific data, and generates the second key according to the second operating result;
In the present embodiment, specific data comprises specifies key and/or data field and/or random number.The second operation includes, but are not limited to symmetric cryptography, asymmetric encryption, random number encryption, data Hash, bit arithmetic and combination thereof.The second operation can be identical with the first operation, also can be different.A part of data of the second operating result or total data are as the second key.
Specifically take that not specify key to participate in be example:
Be preferably: card is carried out symmetric cryptography to packet, and using a part of data of encrypted result or total data as the second key;
Can also be: card is carried out asymmetric encryption to data field, then encrypted result is carried out to Hash, and using a part of data of Hash result or total data as the second key;
Can also be: card is carried out random number encryption to data field, again encrypted result is carried out to symmetric cryptography, then symmetric cryptography result is carried out Hash operation again, and using a part of data of Hash result or total data as the second key, can also there be other modes, do not repeat them here.
In the present embodiment, the process of the second key obtaining is specially:
Card is with specifying key that data field is carried out and disperseed, and the second key of generation is: B0D6D68C11987977.
Step 213: card is carried out the 3rd operation with the first key to the second key, and generate the 3rd key according to the 3rd operating result;
This step can be also: card is carried out the 3rd operation with the second key to the first key, and generates the 3rd key according to the 3rd operating result.
The 3rd operation includes but not limited to symmetric cryptography, asymmetric encryption, random number encryption, data Hash, bit arithmetic and combination thereof.A part of data of the 3rd operating result or total data are as the 3rd key.
In the present embodiment, generate the 3rd cipher key processes and be specially:
Card is carried out the symmetric cryptography of des-ecb pattern to the second key with the first key, the 3rd key of generation is specially: C193FF60389A817B.
Step 214: read the interior data of card of current record labelled notation, and obtain the key component of data in card;
In the present embodiment, current record number is 0X01, reads the interior data of card of current record labelled notation, and in blocking by sensitivity, data are divided quinquepartite, are numbered respectively 1,2,3,4,5, specific as follows:
1:6963626320636172642020202020202020202020900758403049921820FF35
2:FAC90162E1113F78AD705FB995DDFBFC
3:237FFF0075
4:3AFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
5:231234454545454545454545454545454545FFFF1012FFFF
Wherein the 2nd, 4 partial words joint numbers are respectively the integral multiple of 8 bytes, and the key component of obtaining is part 2 and/or the 4th part.
Further, when the discontented foot of part 2 and/or the 4th partial words joint number 8 byte integer times, from the front or rear adjacent part of part 2 and/or the 4th part, start data intercept until it meets 8 byte integer doubly, the key component of obtaining is the data that form after data intercept.
Step 215: card is carried out cryptographic operation with the 3rd key to blocking the key component of interior data;
In the present embodiment, cryptographic operation includes but not limited to symmetric cryptography, asymmetric encryption, random number encryption, data Hash, bit arithmetic and combination thereof.
Concrete cryptographic operation is as follows:
Card, is carried out respectively des-ecb pattern and is encrypted 2 of the data that are labeled in blocking, 4 two parts with the 3rd key, and the corresponding encrypted result that obtains is respectively:
2’:DF1F4AE18C1E5F7EEED7449D59D76618
4’:D5C88B918020303F4FE0DA9380CED691E7405183A10FBD61E7405183A10FBD61
In the present embodiment, preferably 2 of the data that are labeled in blocking, 4 parts are carried out to cryptographic operation, other, also can carry out cryptographic operation to the other parts of the data that are labeled in blocking.
Step 216: the key component of the data that are labeled in card is replaced by the result after encrypting, and other parts are constant, and then splice in order and obtain result data with the second key;
In the present embodiment, concrete use encrypted result 2', 4' substitutes 2,4 parts in original data, obtain new data by 1,2', 3,4', 5, this five part forms.New data and the second key are spliced in order, obtain result data, specific as follows:
6963626320636172642020202020202020202020900758403049921820FF35DF1F4AE18C1E5F7EEED7449D59D76618237FFF0075D5C88B918020303F4FE0DA9380CED691E7405183A10FBD61E7405183A10FBD61231234454545454545454545454545454545FFFF1012FFFFB0D6D68C11987977;
Further, step 214-step 216 can also replace with following operation:
Step 214 ': the interior data of card that read current record labelled notation;
Step 215 ': card is carried out cryptographic operation with the 3rd key to data in the card reading;
Step 216 ': cryptographic operation result and the splicing of the second cipher key sequence are formed to result data;
Step 217: send result data, then perform step 201;
In the present embodiment, the result data that step 216 is obtained sends to outside CPU card.
Step 218: card is carried out corresponding operating, returns to step 201.
In the present embodiment, step 209 can perform step 214 after judging that current record number is in preset range, and then sequentially performs step 211 to step 213, finally performs step 215 to step 217 again.
Embodiment 3
Referring to Fig. 3, embodiment 3 provides a kind of method that the security device information of embodiment 2 is decrypted, and specifically comprises:
Step 301: reception result data, and it is resolved, obtain data and the second key in encrypted card;
In the present embodiment, the concrete result data receiving is:
6963626320636172642020202020202020202020900758403049921820FF35DF1F4AE18C1E5F7EEED7449D59D76618237FFF0075D5C88B918020303F4FE0DA9380CED691E7405183A10FBD61E7405183A10FBD61231234454545454545454545454545454545FFFF1012FFFFB0D6D68C11987977
After parsing, obtain data in encrypted card and be:
6963626320636172642020202020202020202020900758403049921820FF35DF1F4AE18C1E5F7EEED7449D59D76618237FFF0075D5C88B918020303F4FE0DA9380CED691E7405183A10FBD61E7405183A10FBD61231234454545454545454545454545454545FFFF1012FFFF
The second key is: B0D6D68C11987977
Step 302: with specifying key to carry out the first operation to the data field of the packet issuing, and generate the first key according to the first operating result;
In the present embodiment, specifying key is the key of the outer both sides' agreement of Ka Nei and card.Be specially: D636CDB97E6796D2A9E934E82D05CD0D
The data field of the packet issuing is specially: 2012040917375080.
In the present embodiment, with first key of specifying key to adopt 3des-ecb pattern to carry out symmetric cryptography generation to data field, be: 68A4565641058AA8.
Step 303: with the first key, the second key is carried out to the 3rd operation, and generate the 3rd key according to the 3rd operating result;
In the present embodiment, with the first key, the second key is carried out the symmetric cryptography of des-ecb pattern, the 3rd key of generation is specially: C193FF60389A817B.
Step 304: the key component of making an appointment of data in encrypted card is carried out to decryption oprerations with the 3rd key;
In the present embodiment, concrete according to making an appointment, data in encrypted card to be divided into 5 parts as follows:
1:6963626320636172642020202020202020202020900758403049921820FF35
2:DF1F4AE18C1E5F7EEED7449D59D76618
3:237FFF0075
4:D5C88B918020303F4FE0DA9380CED691E7405183A10FBD61E7405183A10FBD61
5:231234454545454545454545454545454545FFFF1012FFFF
Then to make an appointment 2,4 parts, adopting respectively des-ecb pattern to carry out deciphering obtains:
2’:FAC90162E1113F78AD705FB995DDFBFC
4’:3AFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Step 305: the key component of making an appointment of data in encrypted card is substituted by the result after deciphering, and other parts are constant, obtain the interior data of card;
In the present embodiment, in concrete card, data are as follows:
6963626320636172642020202020202020202020900758403049921820FF35FAC90162E1113F78AD705FB995DDFBFC237FFF00753AFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF231234454545454545454545454545454545FFFF1012FFFF。
The above; be only the specific embodiment of the present invention, but protection scope of the present invention is not limited to this, is anyly familiar with those skilled in the art in the technical scope that the present invention discloses; can expect easily changing or replacing, within all should being encompassed in protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion by the described protection range with claim.
Claims (12)
1. a method for secure transmission device information, is characterized in that, comprising:
Step S1: equipment receiving data bag;
Step S2: whether the default byte of the described packet that judgement receives equals the first preset value, is to perform step S3, otherwise execution step S9;
Step S3: equipment is carried out first operation of making an appointment with the key of making an appointment to the data field of the described packet receiving and obtained the first operating result, and generates the first key according to described the first operating result;
Step S4: specific data is carried out to the second operation and obtain the second operating result, and generate the second key according to described the second operating result;
Step S5: carry out according to described the first key and described the second key the 3rd operation make an appointment and obtain the 3rd operating result, and generate the 3rd key according to the 3rd operating result;
Step S6: utilize described the 3rd key to carry out cryptographic operation to the key component of the facility information prestoring and obtain encrypted result;
Step S7: replace the key component of described facility information by described encrypted result, other parts of described facility information are constant, and the described facility information after replacing and described the second cipher key sequence splicing are obtained to result data;
Step S8: equipment outwards sends described result data, then returns to step S1;
Step S9: equipment is carried out corresponding operating and outwards sends the response of corresponding operating result described packet, returns to step S1.
2. the method for a kind of secure transmission device information according to claim 1, is characterized in that, after described step S2, before step S3, comprises:
Steps A 1: whether the specified bytes that judges the data head of described packet meets the first preset requirement, is to perform step A2, otherwise returns to the first error code;
Steps A 2: whether the data field that judges described packet meets the second preset requirement, is to perform step A3, otherwise returns to the second error code;
Steps A 3: whether the nybble that judges the data head of described packet equals the second preset value, is to perform step A4, otherwise execution step A5;
Steps A 4: indicate first byte data in file to save as recording mechanism data record, execution step A6;
Steps A 5: described nybble is saved as to recording mechanism, execution step A6;
Steps A 6: whether the recording mechanism that judgement is preserved in preset range, is to perform step S3, otherwise returns to the 3rd error code.
3. the method for a kind of secure transmission device information according to claim 2, is characterized in that, described steps A 1 is specially:
Steps A 1-1: whether first byte that judges described data head equals the 3rd preset value, is to carry out next step, otherwise returns to the first error code;
Steps A 1-2: whether the 3rd byte that judges described data head equals the 4th preset value, is to carry out next step, otherwise returns to the first error code;
Steps A 1-3: whether the 5th byte that judges described data head equals the 5th preset value, is to carry out next step, otherwise returns to the first error code.
4. the method for a kind of secure transmission device information according to claim 2, it is characterized in that, described steps A 2 is specially: judge in the data field of described packet, whether last byte is the 6th preset value, is to perform step A3, otherwise returns to the second error code.
5. the method for a kind of secure transmission device information according to claim 1, it is characterized in that, described in first operation, described the second operation of making an appointment and described in make an appointment the 3rd be operating as symmetric cryptography and/or asymmetric encryption and/or random number encryption and/or data Hash and/or bit arithmetic.
6. the method for a kind of secure transmission device information according to claim 1, is characterized in that, specific data described in step S4 is the data in the data field of device interior data or random number or described packet.
7. the method for a kind of secure transmission device information according to claim 1, it is characterized in that, described in step S3 according to described the first operating result generate the first key be specially extract described the first operating result part or all as described the first key, described in step S4, according to described the second operating result, generate the second key and be specially and extract a part of data of described the second operating result or total data as described the second key.
8. the method for a kind of secure transmission device information according to claim 1, it is characterized in that, described step S5 is specially: with described the first key, described the second key is carried out to the 3rd operation and obtain the 3rd operating result, and extract a part of data of described the 3rd operating result or total data as the 3rd key.
9. the method for a kind of secure transmission device information according to claim 1, it is characterized in that, described step S5 is specially: with described the second key, described the first key is carried out to the 3rd operation and obtain the 3rd operating result, and extract a part of data of described the 3rd operating result or total data as the 3rd key.
10. the method for a kind of secure transmission device information according to claim 1, is characterized in that, the wherein part that key component described in step S6 is described facility information or the data of a plurality of parts, and described a plurality of parts are continuous or discrete a plurality of part.
The method of 11. a kind of secure transmission device information according to claim 1, is characterized in that, described step S6 replaces with: utilize described the 3rd key to obtain encrypted result to all devices information and executing cryptographic operation prestoring; Described step S7 replaces with: with described encrypted result and described the second cipher key sequence splicing, obtain result data.
12. according to the method for a kind of secure transmission device information described in claim 1 or 11, it is characterized in that, cryptographic operation adopts symmetric cryptography and/or asymmetric encryption and/or random number encryption and/or data Hash described in step S6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210248144.XA CN102739406B (en) | 2012-07-17 | 2012-07-17 | Method for securely transmitting equipment information |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210248144.XA CN102739406B (en) | 2012-07-17 | 2012-07-17 | Method for securely transmitting equipment information |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102739406A CN102739406A (en) | 2012-10-17 |
| CN102739406B true CN102739406B (en) | 2014-12-10 |
Family
ID=46994250
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210248144.XA Active CN102739406B (en) | 2012-07-17 | 2012-07-17 | Method for securely transmitting equipment information |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102739406B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103281299B (en) * | 2013-04-26 | 2016-12-28 | 天地融科技股份有限公司 | A kind of ciphering and deciphering device and information processing method and system |
| CN105611573B (en) * | 2015-12-21 | 2018-11-20 | 飞天诚信科技股份有限公司 | A kind of implementation method and device of bluetooth anti-replay |
| CN105635131B (en) * | 2015-12-25 | 2019-06-25 | 东软集团股份有限公司 | Transmit data method, device and server |
| CN105897748B (en) * | 2016-05-27 | 2019-05-10 | 飞天诚信科技股份有限公司 | A kind of transmission method and equipment of symmetric key |
| CN106790250B (en) * | 2017-01-24 | 2020-03-31 | 郝孟一 | Data processing, encryption, integrity verification method and identity authentication method and system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101577022A (en) * | 2009-03-13 | 2009-11-11 | 深圳德诚信用咭制造有限公司 | Method for encrypting and decrypting CPU card data |
| CN102063598A (en) * | 2009-11-17 | 2011-05-18 | 北大方正集团有限公司 | Data encryption and decryption methods and devices |
| WO2012071725A1 (en) * | 2010-11-29 | 2012-06-07 | 北京卓微天成科技咨询有限公司 | Method and apparatus for data selective encryption and decryption |
-
2012
- 2012-07-17 CN CN201210248144.XA patent/CN102739406B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101577022A (en) * | 2009-03-13 | 2009-11-11 | 深圳德诚信用咭制造有限公司 | Method for encrypting and decrypting CPU card data |
| CN102063598A (en) * | 2009-11-17 | 2011-05-18 | 北大方正集团有限公司 | Data encryption and decryption methods and devices |
| WO2012071725A1 (en) * | 2010-11-29 | 2012-06-07 | 北京卓微天成科技咨询有限公司 | Method and apparatus for data selective encryption and decryption |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102739406A (en) | 2012-10-17 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20200372503A1 (en) | Transaction messaging | |
| US8789210B2 (en) | Key usage policies for cryptographic keys | |
| EP2165452B1 (en) | System and method for account identifier obfuscation | |
| CN102739406B (en) | Method for securely transmitting equipment information | |
| CN103563290B (en) | The method and system of combination key control information in the service of public encryption architecture | |
| CN104765999A (en) | User resource information processing method, terminal and server | |
| EP3029880A1 (en) | Method and system for safely transmitting transaction sensitive data based on cloud pos | |
| US9288051B2 (en) | Secure key management | |
| EP3185466B1 (en) | Encrypted communications method and communications terminal, and computer storage medium | |
| CN104732159B (en) | A kind of document handling method and device | |
| CA2550698A1 (en) | Method and apparatus for encryption and pass-through handling of confidential information in software applications | |
| CN104506504B (en) | A kind of storage method and safety device of card-free terminal classified information | |
| CN104008351A (en) | System, method and device for Windows application program integrity checking | |
| CN102970676B (en) | A kind of method handled initial data, Internet of things system and terminal | |
| CN106557707A (en) | A kind of method and system for processing document data | |
| CN108566368B (en) | Data processing method, server and diagnosis connector | |
| CN102624711A (en) | Sensitive information transmission method and sensitive information transmission system | |
| CN110166489A (en) | Data transmission method, system, equipment and computer media in a kind of Internet of Things | |
| CN110581838B (en) | Method for continuously requesting data stream, electronic device and computer equipment | |
| CN112073418B (en) | Encrypted flow detection method and device and computer readable storage medium | |
| US8713709B2 (en) | Key management policies for cryptographic keys | |
| CN104796249B (en) | The encryption method of serial communication data for micro computer | |
| US9705853B2 (en) | Method to detect an OTA (over the air) standard message affected by an error | |
| CN108566362B (en) | Method and device for establishing security channel between terminal and server | |
| CN106961324A (en) | A kind of message encryption method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |