CN104244237A - Data transmitting and receiving method, receiving and transmitting terminal and data transmitter-receiver set - Google Patents
Data transmitting and receiving method, receiving and transmitting terminal and data transmitter-receiver set Download PDFInfo
- Publication number
- CN104244237A CN104244237A CN201410466852.XA CN201410466852A CN104244237A CN 104244237 A CN104244237 A CN 104244237A CN 201410466852 A CN201410466852 A CN 201410466852A CN 104244237 A CN104244237 A CN 104244237A
- Authority
- CN
- China
- Prior art keywords
- data
- information
- terminal
- transmitting terminal
- unique identifier
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The invention discloses a data transmitting and receiving method, a receiving and transmitting terminal and a data transmitter-receiver set. The data transmitting method includes the steps that a transmitting terminal encrypts data to be sent; a unique identifier of the transmitting terminal is added into mark information, and the mark information and the encrypted data are sent to a receiving terminal together. The data receiving method includes the steps that the data and the mark information sent by the transmitting terminal are received, the mark information is analyzed, the received data are decoded according to the mark information, and the decoded data are acquired. According to the data transmitting and receiving method, the receiving and transmitting terminal and the data transmitter-receiver set, the data are encrypted in an outward transmitting process, and the safety of the data is guaranteed; after the receiving terminal receives the data, if a decryption algorithm can be obtained from the mark information, automatic decryption can be conducted on the data, there is no need to conduct decryption every time by checking data, and accordingly the operation complexity is lowered; the decryption algorithm cannot be obtained by an untrustworthy terminal, the data cannot be decoded, and thus the data transmission safety can be guaranteed.
Description
Technical field
The present invention relates to field of data exchange, particularly relate to a kind of data sending, receiving method and reception, transmitting terminal and data source and sink.
Background technology
At present, some data in terminal, such as, be stored in the data such as user profile, data in SIM card, SD card and RAM (random access memory) card, needs encryption in case stopping leak dew.Usual cryptographic means has two kinds: one is that user is by being encrypted whole memory device in advance, when copying, transmit the information in this equipment, data, need first to input correct login password ability access arrangement, then carry out copy and transmission information, data.Locking terminal, SIM card is come by Operation system setting, input unlocking pin is carried out time this mode needs user to enter system at every turn, thus system can be entered or unlock SIM card, but the system that reenters after exiting (comprising the screen that goes out) all needs to input unlocking pin, complicated operation, loaded down with trivial details at every turn.After data cryptogram is unlocked, these encryption transfer of data, copy to after on miscellaneous equipment, carry out no longer needing password when consulting or transmit at miscellaneous equipment, easily cause the loss of private information.
The second way uses specific encryption software to be encrypted the data in terminal or to hide to carry out protection user profile.These transfer of data after encryption, after miscellaneous equipment, when consulting on the device, need input password to be decrypted equally.For known safety means (terminal trusty), can not automatically decipher after receiving data, user checks data on local terminal, consults at every turn and all needs deciphering, operate cumbersome, loaded down with trivial details, and intelligent not.
Therefore, existing terminal can not be encrypted data when transfer of data when carrying out transfer of data, the data be transferred on miscellaneous equipment often need input clear crytpographic key just can check, and trusted device receive after data can not decryption processing automatically, also need to increase the tedious steps that input password is checked.
Summary of the invention
The technical problem to be solved in the present invention is to provide a kind of data sending, receiving method and reception, transmitting terminal and data source and sink, there is problem that is dangerous or complex operation in order to solve prior art prior art in data transmission procedure.
For solving the problems of the technologies described above, on the one hand, the invention provides a kind of data transmission method for uplink, comprising:
Transmitting terminal is encrypted to sent data;
The unique identifier of transmitting terminal is joined in flag information, described flag information is sent to receiving terminal together with the data after encryption.
Further, described transmitting terminal obtains the significance level of described data to be sent, adopts the cryptographic algorithm of level of confidentiality corresponding to its significance level to be encrypted described data to be sent.
Further, described transmitting terminal before transmitting data, also comprises:
Described transmitting terminal and one or more trusted terminal set up flag bit list, described flag bit list comprises the unique identifier of each trusted terminal, and described transmitting terminal and this trusted terminal transmission data cryptography information, the level of confidentiality class information that adopt and decipher algorithm information;
Each trusted terminal preserves the unique identifier of described transmitting terminal, and described transmitting terminal and this trusted terminal transmission data cryptography information, the level of confidentiality class information that adopt and decipher algorithm information.
Further, described transmitting terminal, when being encrypted to sent data, specifically comprises:
Described transmitting terminal obtains the unique identifier of receiving terminal;
Judge the unique identifier whether comprising described receiving terminal in described flag bit list, if so, then adopt the cryptographic algorithm recorded in described flag bit list to be encrypted to sent data; If not, then choose arbitrarily a kind of cryptographic algorithm to be encrypted described data to be sent.
Further, cryptography information, level of confidentiality class information and deciphering algorithm information add in described flag information by described transmitting terminal, and adopt flag information described in the codon pair of making an appointment to be encrypted.
On the other hand, the present invention also provides a kind of data receive method, comprising:
Receive data and the flag information of transmitting terminal transmission,
Resolve described flag information, according to described flag information to the decrypt data received, obtain the data after deciphering.
Further, flag information shown in resolving, according to described flag information to received decrypt data, specifically comprises:
Described flag information resolved by receiving terminal, obtains the unique identifier of transmitting terminal;
When the flag bit list that receiving terminal is preserved comprises the unique identifier of described transmitting terminal, with the decipherment algorithm of corresponding record in described flag bit list to the decrypt data received.
Further, before the data receiving transmitting terminal transmission and flag information, also comprise:
Receiving terminal and one or more trusted terminal set up flag bit list, described flag bit list comprises the unique identifier of each trusted terminal, and described receiving terminal and this trusted terminal transmission data cryptography information, the level of confidentiality class information that adopt and decipher algorithm information;
Each trusted terminal preserves the unique identifier of described receiving terminal, and described receiving terminal and this trusted terminal transmission data cryptography information, the level of confidentiality class information that adopt and decipher algorithm information.
Further, flag information shown in resolving, according to described flag information to received decrypt data, specifically comprises:
Receiving terminal is resolved described flag information according to the clear crytpographic key determined with transmitting terminal in advance, obtains decipherment algorithm information;
According to described decipherment algorithm information, to received decrypt data.
Further, the unique identifier of transmitting terminal, Crypted password and clear crytpographic key, before transmitting terminal sends data, with Crypted password and the clear crytpographic key of transmitting terminal determination flag information, and are recorded in flag bit list by described receiving terminal.
Again on the one hand, the present invention also provides transmitting terminal, comprising:
Encrypting module, for being encrypted to sent data;
Sending module, for joining in flag information by the unique identifier of transmitting terminal, sends to receiving terminal by described flag information together with the data after encryption.
Further, described encrypting module obtains the significance level of described data to be sent, adopts the cryptographic algorithm of level of confidentiality corresponding to its significance level to be encrypted described data to be sent.
Further, described transmitting terminal also comprises:
Module is set up in flag bit list, for setting up flag bit list with one or more trusted terminal, described flag bit list comprises the unique identifier of each trusted terminal, and described transmitting terminal and this trusted terminal transmission data cryptography information, the level of confidentiality class information that adopt and decipher algorithm information; Wherein, each trusted terminal preserves the unique identifier of described transmitting terminal, and described transmitting terminal and this trusted terminal transmission data cryptography information, the level of confidentiality class information that adopt and decipher algorithm information.
Further, described encrypting module also for:
Obtain the unique identifier of receiving terminal;
Judge the unique identifier whether comprising described receiving terminal in described flag bit list, if so, then adopt the cryptographic algorithm recorded in described flag bit list to be encrypted to sent data; If not, then choose arbitrarily a kind of cryptographic algorithm to be encrypted described data to be sent.
Further, cryptography information, level of confidentiality class information and deciphering algorithm information add in described flag information by described encrypting module, and adopt flag information described in the codon pair of making an appointment to be encrypted.
Again on the one hand, the present invention is a kind of receiving terminal also, comprising:
Receiver module, for receiving data and the flag information of transmitting terminal transmission,
Deciphering module, for resolving described flag information, according to described flag information to the decrypt data received, obtains the data after deciphering.
Further, described deciphering module also for:
Resolve described flag information, obtain the unique identifier of transmitting terminal;
When the flag bit list that receiving terminal is preserved comprises the unique identifier of described transmitting terminal, with the decipherment algorithm of corresponding record in described flag bit list to the decrypt data received.
Further, described receiving terminal also comprises:
Module is set up in flag bit list, for setting up flag bit list with one or more trusted terminal, described flag bit list comprises the unique identifier of each trusted terminal, and described receiving terminal and this trusted terminal transmission data cryptography information, the level of confidentiality class information that adopt and decipher algorithm information;
Each trusted terminal preserves the unique identifier of described receiving terminal, and described receiving terminal and this trusted terminal transmission data cryptography information, the level of confidentiality class information that adopt and decipher algorithm information.
Further, described deciphering module is resolved described flag information according to the clear crytpographic key determined with transmitting terminal in advance, obtains decipherment algorithm information; According to described decipherment algorithm information, to received decrypt data.
Further, the unique identifier of transmitting terminal, Crypted password and clear crytpographic key, before transmitting terminal sends data, with Crypted password and the clear crytpographic key of transmitting terminal determination flag information, and are recorded in flag bit list by described deciphering module.
Again on the one hand, the invention provides a kind of data source and sink, when described data source and sink sends data, adopt above-mentioned transmitting terminal to send data; When described data source and sink receives data, above-mentioned receiving terminal is adopted to receive data.
Beneficial effect of the present invention is as follows:
The present invention, by when data are externally transmitted, is encrypted data, ensure that the fail safe of data; And receiving terminal after receiving the data, if decipherment algorithm can be obtained from flag information, then data are deciphered automatically, check that data then all need not be decrypted process on the terminal at every turn, reduce operation complexity; If can not obtain decipherment algorithm, then show that this receiving terminal is trustless terminal, then it cannot be decrypted, and ensures the fail safe of transfer of data.
Accompanying drawing explanation
Fig. 1 is the flow chart of data transmission method for uplink in the embodiment of the present invention one;
Fig. 2 is the flow chart of data receive method in the embodiment of the present invention one;
Fig. 3 is the flow chart of data transmission method for uplink in the embodiment of the present invention two;
Fig. 4 is the flow chart of data receive method in the embodiment of the present invention two.
Embodiment
Below in conjunction with accompanying drawing and embodiment, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, do not limit the present invention.
Core concept of the present invention is: transmitting terminal, when sending data, is encrypted the data sent, sends flag information simultaneously.And after receiving equipment reception data, decryption information is obtained according to flag information and the flag information resolution rules pre-set, according to decryption information, the data received being deciphered automatically, after deciphering, checking information more then without the need to being decrypted process at receiving terminal.Wherein, to be transmitting terminal and receiving terminal consult agreement based on trust (both each other each other trusted terminal) to the flag information resolution rules pre-set in advance.Like this, only have trusted device after receiving the data can automatically to decrypt data, and equipment is appointed for untrusted, because it cannot obtain decipherment algorithm, then cannot automatically to decrypt data, it can only interrupt first carrying out authentication with transmission, is each after after trusted terminal, receive the data that transmitting terminal sends again, carry out the data that deciphering automatically obtains consulting.
The method describe data of the present invention transmission in detail below by way of specific embodiment, receiving.
Embodiment one:
As shown in Figure 1, the embodiment of the present invention relates to a kind of data transmission method for uplink, comprising:
Step S101, transmitting terminal and one or more trusted terminal are consulted, and set up flag bit list.
In this step, first transmitting terminal and trusted terminal set up a trusted endpoint groups, and the terminal in this group can be transmitting terminal, also can be receiving terminals.In the present embodiment, a terminal in this trusted endpoint groups is described as transmitting terminal.First this transmitting terminal to need with each trusted terminal with regard to cryptographic algorithm, encrypt level of confidentiality, decipherment algorithm holds consultation, and the cryptographic algorithm of employing when determining to carry out transfer of data each other, encrypts level of confidentiality and decipherment algorithm etc.Terminal in group uses data identification, the data encrypting and deciphering mechanism (as cryptographic algorithm, Diffie-Hellman, digest algorithm, data certificate) of identical regulation.Such as, transmitting terminal informs that receiving terminal (any one the trusted terminal in group) its symmetric encipherment algorithm has DES (Data Encryption Standard, data encryption standard algorithm), RC5 (symmetric encipherment algorithm), Diffie-Hellman has RSA (RSA Algorithm, public key encryption algorithm) and DH (Diffie-Hellman), digest algorithm has MD5 (Message Digest Algorithm, Message Digest 5) and SHA (Secure Hash Algorithm, SHA), receiving terminal to transmitting terminal consult use DES-RSA-SHA this to combined ciphering and deciphering.In addition, transmitting terminal and receiving terminal also can consult multiple cryptographic algorithm, decipherment algorithm, for the encryption situation of different security level data, such as, top-secret data acquisition is consulted " result one " and is encrypted and decrypted, and this cryptographic algorithm and decipherment algorithm are the safest is also the most complicated; Confidential data is adopted and consults " result two " and encrypt and decrypt, this cryptographic algorithm and decipherment algorithm relatively safety and complicated; And for secret data, then adopting negotiation " result three " to encrypt and decrypt, this cryptographic algorithm and decipherment algorithm are common cryptographic algorithm and secret method.Certainly, several enciphering and deciphering algorithm consulted by transmitting terminal and receiving terminal, depends on what the level of confidentiality of negotiation data is therebetween divided into.
The unique identifier of each trusted terminal is recorded in flag bit list by transmitting terminal, the result of consulting with each trusted terminal is recorded in flag bit list correspondence position simultaneously, like this, transmitting terminal by the unique identifier of inquiry trusted terminal, just can inquire consult with this trusted terminal cryptographic algorithm, encrypt level of confidentiality and decipherment algorithm.Equally, each trusted terminal also sets up its flag bit list, the unique identifier of transmitting terminal is saved in the flag bit list of its this locality, and cryptography information, level of confidentiality class information that transmitting terminal is adopted with this trusted terminal transmission data and decipher algorithm information and be also all saved in position corresponding with transmitting terminal unique identifier in flag bit list.Like this, each the trusted terminal be equivalent in trusted endpoint groups is set up and is belonged to its oneself flag bit list, it inquires about the flag bit list of oneself, just can learn cryptography information, level of confidentiality class information and deciphering algorithm information that the terminal transmitting with it data in group adopts.
The unique identifier of terminal can be MEID (Mobile Equipment Identifier, mobile device identification code), IMEI (International Mobile Equipment Identity, the international identification code of mobile device) or MAC (Medium/MediaAccess Control, medium access control) address; Also can be other identification code or indications, as long as can unique identification terminal.
Step S102, when transmitting terminal sends data, in the data that its local selection is to be sent.
Step S103, obtains the significance level of data to be sent, determines level of confidentiality.
In this step, the data to be sent that user selects are detected, mainly carries out keyword spotting for filename and/or file content, judge the significance level of file to be sent, and then determine level of confidentiality.Such as, preset the keyword that different security level (significance level) is corresponding, such as, level of confidentiality is top-secret keyword is top secret, and level of confidentiality is secret keyword is secret, and level of confidentiality is secret keyword is secret etc.; Or level of confidentiality is divided into Pyatyi from high to low, and keyword corresponding is respectively level of confidentiality one, level of confidentiality two, level of confidentiality three, level of confidentiality four and level of confidentiality five.Keyword core, important, common also can be set, represent different levels of confidentiality.After the corresponding relation determining keyword and level of confidentiality, when file or folder name, mark the keyword corresponding with data significance level; Or in the appropriate section of file content, mark the keyword corresponding with data significance level.Like this, after selection data, the level of confidentiality of these data can also just be got.
Step S104, transmitting terminal attempts the unique identifier obtaining receiving terminal, if got, then goes to step S105, if not, then goes to step S107.
In this step, whether transmitting terminal can obtain the unique identifier of receiving terminal, depends on the annexation of the two and the mode of transmission data.Such as, the two is connected by USB (Universal Serial Bus, USB) interface, then transmitting terminal directly can consult the unique identifier of receiving terminal.If transmit data by WIFI (WIreless-Fidelity, Wireless Fidelity) or Bluetooth (bluetooth),
If so receiving terminal is determined, then can be obtained the unique identifier of receiving terminal by transmission message or the mode of directly consulting, if receiving terminal is uncertain, then cannot obtain the unique identifier of receiving terminal.
Step S105, transmitting terminal judges the unique identifier whether comprising receiving terminal in its flag bit list of preserving, if comprised, then goes to step S106, if not, then goes to step S107.
Step S106, if the flag bit list of transmitting terminal comprises the unique identifier of receiving terminal, then show receiving terminal and transmitting terminal trusted terminal each other, therefore, the two cryptographic algorithm can passed through in flag bit list that consult in advance, that be recorded in transmitting terminal is encrypted to sent data.During encryption, if need to be encrypted according to level of confidentiality, then according to the level of confidentiality of data to be sent, in the flag bit list of transmitting terminal, search the cryptographic algorithm that transmitting terminal adopts to the corresponding level of confidentiality that receiving terminal is consulted, adopt this cryptographic algorithm to be encrypted.
Step S107, when the unique identifier of receiving terminal cannot obtain, or when not comprising the unique identifier of receiving terminal in the flag bit list of transmitting terminal, then transmitting terminal can be chosen arbitrarily a kind of cryptographic algorithm and is encrypted to sent data.
In this step, usual transmitting terminal can arrange a kind of cryptographic algorithm of acquiescence, is that untrusted is appointed when terminal or uncertain receiving terminal and is encrypted to sent data as receiving terminal.The cryptographic algorithm of usual acquiescence is secret best cryptographic algorithm, in addition, transmitting terminal is when consulting to set up flag bit list with trusted terminal, and the decipherment algorithm of the default encryption algorithm that also can be adopted, encryption level of confidentiality and acquiescence informs trusted terminal, allows trusted terminal preserve.
Step S108, its unique identifier joins in flag information by transmitting terminal, and flag information is sent to receiving terminal together with the data after encryption.
For above-mentioned data transmission method for uplink, as shown in Figure 2, the embodiment of the present invention relates to a kind of data receive method, comprising:
Step S201, receiving terminal receives data and the flag information of transmitting terminal transmission.
Step S202, resolves flag information, obtains the unique identifier of transmitting terminal;
Step S203, judges the unique identifier whether preserving transmitting terminal in the flag bit list of receiving terminal, if so, then goes to step S204, if not, then go to step S207.
Step S204, the unique identifier of transmitting terminal is preserved in the flag bit list of receiving terminal, show transmitting terminal and receiving terminal trusted terminal each other, receiving terminal then judges in flag bit list, whether record the decipherment algorithm consulted with transmitting terminal, if, then go to step S205, if not, then go to step S206.
Go to step S205, what adopt receiving terminal and transmitting terminal to consult is recorded in decipherment algorithm in the flag bit list of transmitting terminal to the decrypt data received, and obtains the data after deciphering.
Step S206, adopts the decipherment algorithm of the transmitting terminal acquiescence recorded in the flag bit list of receiving terminal to the decrypt data received, obtains the data after deciphering.
This step mainly for transmitting terminal when sending data, whether uncertain receiving terminal credible, then adopt default encryption algorithm situation about being encrypted.
Step S207, does not preserve the unique identifier of transmitting terminal in the flag bit list of receiving terminal, show that receiving terminal is not the trusted terminal of transmitting terminal, therefore, cannot obtain decipherment algorithm, also so that cannot to receive decrypt data.
The embodiment of the present invention, first, the cryptographic algorithm of transmission data, encryption level of confidentiality and decipherment algorithm is consulted between trusted terminal, when one of them trusted terminal sends data as transmitting terminal, adopt the cryptographic algorithm of cryptographic algorithm or the acquiescence consulted to be encrypted data, then the unique identifier of transmitting terminal is together sent as flag information.After the data that receiving terminal receives encryption and flag information, when receiving terminal is trusted terminal, it can obtain decipherment algorithm according to the unique identifier of transmitting terminal, and then the decrypt data that automatic butt is subject to.But when receiving terminal is non-trusted terminal, due to cannot decipherment algorithm be obtained, and cannot data decryption.Therefore, such scheme both ensure that the fail safe of transfer of data, in turn ensure that transmitting terminal and receiving terminal arbitrarily can check data in its local terminal, need not repeat deciphering, improve efficiency.
Embodiment two:
As shown in Figure 3, the embodiment of the present invention relates to a kind of data transmission method for uplink, comprising:
Step S301, transmitting terminal selects data to be sent in its this ground.
Step S302, obtains the significance level of data to be sent, determines level of confidentiality.
In this step, the data to be sent that user selects are detected, mainly carries out keyword spotting for filename and/or file content, judge the significance level of file to be sent, and then determine level of confidentiality.Such as, preset the keyword that different security level (significance level) is corresponding, such as, level of confidentiality is top-secret keyword is top secret, and level of confidentiality is secret keyword is secret, and level of confidentiality is secret keyword is secret etc.; Or level of confidentiality is divided into Pyatyi from high to low, and keyword corresponding is respectively level of confidentiality one, level of confidentiality two, level of confidentiality three, level of confidentiality four and level of confidentiality five.Keyword core, important, common also can be set, represent different levels of confidentiality.After the corresponding relation determining keyword and level of confidentiality, when file or folder name, mark the keyword corresponding with data significance level; Or in the appropriate section of file content, mark the keyword corresponding with data significance level.Like this, after selection data, the level of confidentiality of these data can also just be got.
Step S303, chooses the cryptographic algorithm of level of confidentiality corresponding to the significance level of data to be sent, is encrypted to sent data.
Such as, for common data, then the cryptographic algorithm of confidential is adopted to be encrypted; For significant data, then confidential cryptographic algorithm is adopted to be encrypted; For core data, then the cryptographic algorithm of top secret is adopted to be encrypted.
Step S304, its unique identifier and the cryptography information adopted, level of confidentiality class information and deciphering algorithm information add in flag information by transmitting terminal, and adopt the codon pair flag information of making an appointment to be encrypted.
In this step, cryptography information in flag information and deciphering algorithm information can be detailed cryptographic algorithm and decipherment algorithm, also can be some essential informations of cryptographic algorithm and decipherment algorithm, for the situation being essential information, transmitting terminal and receiving terminal is needed all to store concrete encipheror and decrypted program in advance, transmitting terminal is called encipheror and is encrypted, and essential information corresponding for encipheror is added in flag information, and the essential information of the decipherment algorithm of correspondence is added in flag information.Receiving terminal, by the essential information of decipherment algorithm, inquires about concrete decrypted program, and calls this program and be decrypted.
Owing to including decryption information in flag information, therefore, need to be encrypted flag information.Transmitting terminal sets up trusted group with one or more trusted terminal in advance, and in trusted group, the Crypted password of promissory marker information and clear crytpographic key, like this, only have terminal equipment trusty to decipher flag information, the fail safe of guarantee information.
In addition, transmitting terminal also can arrange different Crypted passwords and clear crytpographic key from different trusted terminals, like this, further ensures the fail safe of transfer of data.Such as, in flag information, only cryptography information, level of confidentiality class information and deciphering algorithm information are encrypted, and the unique identifier of end of making arrangements for his funeral is not encrypted.Each trusted terminal sets up flag bit list, records the unique identifier of its trusted terminal in flag bit list, and the clear crytpographic key of the flag information consulted with this trusted terminal.Like this, after receiving terminal receives flag information, flag bit list can be searched according to not having in flag information the unique identifier of the transmitting terminal of encrypting, if can find, then can obtain the clear crytpographic key of flag information, and then deciphering flag information, obtain cryptography information, level of confidentiality class information and deciphering algorithm information.If can not find, then show that receiving terminal is not the trusted terminal of transmitting terminal, it cannot decipher flag information, also finally cannot decipher the data of reception.
Step S305, flag information is sent to receiving terminal by transmitting terminal together with the data after encryption.
For above-mentioned data transmission method for uplink, as shown in Figure 4, the embodiment of the present invention relates to a kind of data receive method, comprising:
Step S401, receiving terminal receives data and the flag information of transmitting terminal transmission.
Step S402, utilizes the codon pair flag information of making an appointment to be decrypted, obtains the decipherment algorithm information recorded in flag information;
In this step, be divided into two kinds of situations, a kind of situation is transmitting terminal is be encrypted whole flag information, this situation, and only needing to input the password of making an appointment can decipher flag information, obtains the decipherment algorithm information of carrying in flag information.
The second situation,, for transmitting terminal, different flag information clear crytpographic keys is set for different trusted terminals, like this, the unique identifier of the transmitting terminal in flag information is less than encryption, directly can decipher and obtain, the unique identifier of transmitting terminal inquired about by receiving terminal in the flag bit list of its this locality, if found, then utilize the clear crytpographic key recorded in flag bit list to be decrypted flag information, obtain decipherment algorithm information.If do not found, then show that receiving terminal is not the trusted terminal of transmitting terminal, it cannot decipher flag information.
Step S403, according to the decipherment algorithm information obtained, to the decrypt data received, obtains the data after deciphering.
In the present embodiment, by comprising cryptography information, security information and deciphering algorithm information in flag information, and flag information is encrypted, like this, only has equipment trusty ability data decryption automatically, guarantee receiving terminal and transmitting terminal is all convenient check data while, also ensure that the fail safe of transfer of data.
In addition, the embodiment of the present invention also relates to a kind of transmitting terminal and the receiving terminal that realize above-mentioned two embodiments, and wherein, transmitting terminal comprises:
Encrypting module, for being encrypted to sent data;
Sending module, for joining in flag information by the unique identifier of transmitting terminal, sends to receiving terminal by described flag information together with the data after encryption.
Wherein, encrypting module obtains the significance level of described data to be sent, adopts the cryptographic algorithm of level of confidentiality corresponding to its significance level to be encrypted described data to be sent.
Transmitting terminal also comprises:
Module is set up in flag bit list, for setting up flag bit list with one or more trusted terminal, described flag bit list comprises the unique identifier of each trusted terminal, and described transmitting terminal and this trusted terminal transmission data cryptography information, the level of confidentiality class information that adopt and decipher algorithm information; Wherein, each trusted terminal preserves the unique identifier of described transmitting terminal, and described transmitting terminal and this trusted terminal transmission data cryptography information, the level of confidentiality class information that adopt and decipher algorithm information.
Described encrypting module also for:
Obtain the unique identifier of receiving terminal;
Judge the unique identifier whether comprising described receiving terminal in described flag bit list, if so, then adopt the cryptographic algorithm recorded in described flag bit list to be encrypted to sent data; If not, then choose arbitrarily a kind of cryptographic algorithm to be encrypted described data to be sent.
Cryptography information, level of confidentiality class information and deciphering algorithm information add in described flag information by described encrypting module, and adopt flag information described in the codon pair of making an appointment to be encrypted.
Receiving terminal comprises:
Receiver module, for receiving data and the flag information of transmitting terminal transmission,
Deciphering module, for resolving described flag information, according to described flag information to the decrypt data received, obtains the data after deciphering.
Described deciphering module also for:
Resolve described flag information, obtain the unique identifier of transmitting terminal;
When the flag bit list that receiving terminal is preserved comprises the unique identifier of described transmitting terminal, with the decipherment algorithm of corresponding record in described flag bit list to the decrypt data received.
Described receiving terminal also comprises:
Module is set up in flag bit list, for setting up flag bit list with one or more trusted terminal, described flag bit list comprises the unique identifier of each trusted terminal, and described receiving terminal and this trusted terminal transmission data cryptography information, the level of confidentiality class information that adopt and decipher algorithm information;
Each trusted terminal preserves the unique identifier of described receiving terminal, and described receiving terminal and this trusted terminal transmission data cryptography information, the level of confidentiality class information that adopt and decipher algorithm information.
Described deciphering module is resolved described flag information according to the clear crytpographic key determined with transmitting terminal in advance, obtains decipherment algorithm information; According to described decipherment algorithm information, to received decrypt data.
The unique identifier of transmitting terminal, Crypted password and clear crytpographic key, before transmitting terminal sends data, with Crypted password and the clear crytpographic key of transmitting terminal determination flag information, and are recorded in flag bit list by described deciphering module.
In addition, the embodiment of the present invention also relates to a kind of data source and sink, when described data source and sink sends data, adopts above-mentioned transmitting terminal to send data; When described data source and sink receives data, above-mentioned receiving terminal is adopted to receive data.Data source and sink can be the terminal equipments such as mobile phone, panel computer, computer.
The present invention, by when data are externally transmitted, is encrypted data, ensure that the fail safe of data; And receiving terminal after receiving the data, if decipherment algorithm can be obtained from flag information, then data are deciphered automatically, check that data then all need not be decrypted process on the terminal at every turn, reduce operation complexity; If can not obtain decipherment algorithm, then show that this receiving terminal is trustless terminal, then it cannot be decrypted, and ensures the fail safe of transfer of data.
Although be example object, disclose the preferred embodiments of the present invention, it is also possible for those skilled in the art will recognize various improvement, increase and replacement, and therefore, scope of the present invention should be not limited to above-described embodiment.
Claims (21)
1. a data transmission method for uplink, is characterized in that, comprising:
Transmitting terminal is encrypted to sent data;
The unique identifier of transmitting terminal is joined in flag information, described flag information is sent to receiving terminal together with the data after encryption.
2. data transmission method for uplink as claimed in claim 1, is characterized in that, described transmitting terminal obtains the significance level of described data to be sent, adopts the cryptographic algorithm of level of confidentiality corresponding to its significance level to be encrypted described data to be sent.
3. data transmission method for uplink as claimed in claim 1 or 2, it is characterized in that, described transmitting terminal before transmitting data, also comprises:
Described transmitting terminal and one or more trusted terminal set up flag bit list, described flag bit list comprises the unique identifier of each trusted terminal, and described transmitting terminal and this trusted terminal transmission data cryptography information, the level of confidentiality class information that adopt and decipher algorithm information;
Each trusted terminal preserves the unique identifier of described transmitting terminal, and described transmitting terminal and this trusted terminal transmission data cryptography information, the level of confidentiality class information that adopt and decipher algorithm information.
4. data transmission method for uplink as claimed in claim 3, it is characterized in that, described transmitting terminal, when being encrypted to sent data, specifically comprises:
Described transmitting terminal obtains the unique identifier of receiving terminal;
Judge the unique identifier whether comprising described receiving terminal in described flag bit list, if so, then adopt the cryptographic algorithm recorded in described flag bit list to be encrypted to sent data; If not, then choose arbitrarily a kind of cryptographic algorithm to be encrypted described data to be sent.
5. data transmission method for uplink as claimed in claim 2, it is characterized in that, cryptography information, level of confidentiality class information and deciphering algorithm information add in described flag information by described transmitting terminal, and adopt flag information described in the codon pair of making an appointment to be encrypted.
6. a data receive method, is characterized in that, comprising:
Receive data and the flag information of transmitting terminal transmission,
Resolve described flag information, according to described flag information to the decrypt data received, obtain the data after deciphering.
7. data receive method as claimed in claim 6, is characterized in that, flag information shown in resolving, according to described flag information to received decrypt data, specifically comprises:
Described flag information resolved by receiving terminal, obtains the unique identifier of transmitting terminal;
When the flag bit list that receiving terminal is preserved comprises the unique identifier of described transmitting terminal, with the decipherment algorithm of corresponding record in described flag bit list to the decrypt data received.
8. data receive method as claimed in claim 7, is characterized in that, before the data receiving transmitting terminal transmission and flag information, also comprises:
Receiving terminal and one or more trusted terminal set up flag bit list, described flag bit list comprises the unique identifier of each trusted terminal, and described receiving terminal and this trusted terminal transmission data cryptography information, the level of confidentiality class information that adopt and decipher algorithm information;
Each trusted terminal preserves the unique identifier of described receiving terminal, and described receiving terminal and this trusted terminal transmission data cryptography information, the level of confidentiality class information that adopt and decipher algorithm information.
9. data receive method as claimed in claim 6, is characterized in that, flag information shown in resolving, according to described flag information to received decrypt data, specifically comprises:
Receiving terminal is resolved described flag information according to the clear crytpographic key determined with transmitting terminal in advance, obtains decipherment algorithm information;
According to described decipherment algorithm information, to received decrypt data.
10. data receive method as claimed in claim 9, it is characterized in that, described receiving terminal is before transmitting terminal sends data, with Crypted password and the clear crytpographic key of transmitting terminal determination flag information, and the unique identifier of transmitting terminal, Crypted password and clear crytpographic key are recorded in flag bit list.
11. 1 kinds of transmitting terminals, is characterized in that, comprising:
Encrypting module, for being encrypted to sent data;
Sending module, for joining in flag information by the unique identifier of transmitting terminal, sends to receiving terminal by described flag information together with the data after encryption.
12. transmitting terminals as claimed in claim 11, is characterized in that, described encrypting module obtains the significance level of described data to be sent, adopts the cryptographic algorithm of level of confidentiality corresponding to its significance level to be encrypted described data to be sent.
13. transmitting terminals as described in claim 11 or 12, it is characterized in that, described transmitting terminal also comprises:
Module is set up in flag bit list, for setting up flag bit list with one or more trusted terminal, described flag bit list comprises the unique identifier of each trusted terminal, and described transmitting terminal and this trusted terminal transmission data cryptography information, the level of confidentiality class information that adopt and decipher algorithm information; Wherein, each trusted terminal preserves the unique identifier of described transmitting terminal, and described transmitting terminal and this trusted terminal transmission data cryptography information, the level of confidentiality class information that adopt and decipher algorithm information.
14. transmitting terminals as claimed in claim 13, is characterized in that, described encrypting module also for:
Obtain the unique identifier of receiving terminal;
Judge the unique identifier whether comprising described receiving terminal in described flag bit list, if so, then adopt the cryptographic algorithm recorded in described flag bit list to be encrypted to sent data; If not, then choose arbitrarily a kind of cryptographic algorithm to be encrypted described data to be sent.
15. transmitting terminals as claimed in claim 12, it is characterized in that, cryptography information, level of confidentiality class information and deciphering algorithm information add in described flag information by described encrypting module, and adopt flag information described in the codon pair of making an appointment to be encrypted.
16. 1 kinds of receiving terminals, is characterized in that, comprising:
Receiver module, for receiving data and the flag information of transmitting terminal transmission,
Deciphering module, for resolving described flag information, according to described flag information to the decrypt data received, obtains the data after deciphering.
17. receiving terminals as claimed in claim 16, is characterized in that, described deciphering module also for:
Resolve described flag information, obtain the unique identifier of transmitting terminal;
When the flag bit list that receiving terminal is preserved comprises the unique identifier of described transmitting terminal, with the decipherment algorithm of corresponding record in described flag bit list to the decrypt data received.
18. receiving terminals as claimed in claim 17, it is characterized in that, described receiving terminal also comprises:
Module is set up in flag bit list, for setting up flag bit list with one or more trusted terminal, described flag bit list comprises the unique identifier of each trusted terminal, and described receiving terminal and this trusted terminal transmission data cryptography information, the level of confidentiality class information that adopt and decipher algorithm information;
Each trusted terminal preserves the unique identifier of described receiving terminal, and described receiving terminal and this trusted terminal transmission data cryptography information, the level of confidentiality class information that adopt and decipher algorithm information.
19. receiving terminals as claimed in claim 16, it is characterized in that, described deciphering module is resolved described flag information according to the clear crytpographic key determined with transmitting terminal in advance, obtains decipherment algorithm information; According to described decipherment algorithm information, to received decrypt data.
20. receiving terminals as claimed in claim 19, it is characterized in that, described deciphering module is before transmitting terminal sends data, with Crypted password and the clear crytpographic key of transmitting terminal determination flag information, and the unique identifier of transmitting terminal, Crypted password and clear crytpographic key are recorded in flag bit list.
21. 1 kinds of data source and sinks, is characterized in that, when described data source and sink sends data, adopt the transmitting terminal described in any one of claim 11 ~ 15 to send data; When described data source and sink receives data, the receiving terminal described in any one of claim 16 ~ 20 is adopted to receive data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410466852.XA CN104244237B (en) | 2014-09-12 | 2014-09-12 | Data sending, receiving method and reception send terminal and data transmitter-receiver set |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410466852.XA CN104244237B (en) | 2014-09-12 | 2014-09-12 | Data sending, receiving method and reception send terminal and data transmitter-receiver set |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104244237A true CN104244237A (en) | 2014-12-24 |
| CN104244237B CN104244237B (en) | 2019-03-22 |
Family
ID=52231415
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410466852.XA Active CN104244237B (en) | 2014-09-12 | 2014-09-12 | Data sending, receiving method and reception send terminal and data transmitter-receiver set |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104244237B (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105577631A (en) * | 2015-05-22 | 2016-05-11 | 宇龙计算机通信科技(深圳)有限公司 | Data transmission method and terminal |
| CN105577361A (en) * | 2015-04-20 | 2016-05-11 | 宇龙计算机通信科技(深圳)有限公司 | Information processing method and device thereof |
| CN106162622A (en) * | 2015-04-09 | 2016-11-23 | 中兴通讯股份有限公司 | A kind of method realizing data process and terminal |
| CN106162621A (en) * | 2015-03-30 | 2016-11-23 | 中兴通讯股份有限公司 | communication encryption, decryption method and mobile terminal |
| CN106411865A (en) * | 2016-09-14 | 2017-02-15 | 广东欧珀移动通信有限公司 | Data transmission method and device, and terminal |
| CN107979615A (en) * | 2018-01-05 | 2018-05-01 | 新华三信息安全技术有限公司 | Message encryption transmission, authentication method, device, client and fire wall |
| CN108183905A (en) * | 2017-12-29 | 2018-06-19 | 中国平安人寿保险股份有限公司 | Method of calibration, user equipment, storage medium and calibration equipment |
| CN109905233A (en) * | 2017-12-08 | 2019-06-18 | 阿里巴巴集团控股有限公司 | A kind of device data processing method and system |
| CN110263512A (en) * | 2018-08-15 | 2019-09-20 | 北京立思辰计算机技术有限公司 | The self-service introduction method of file and system |
| CN111340429A (en) * | 2020-03-13 | 2020-06-26 | 江西蓝星星火有机硅有限公司 | Material management method, equipment and system based on two-dimensional code |
| CN113079492A (en) * | 2021-03-22 | 2021-07-06 | 广东湾区智能终端工业设计研究院有限公司 | Information sharing method and device |
| CN116502251A (en) * | 2023-06-21 | 2023-07-28 | 东方空间技术(山东)有限公司 | Data encryption storage method, device, equipment and storage medium |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101197674A (en) * | 2007-12-10 | 2008-06-11 | 华为技术有限公司 | Encrypted communication method, server and encrypted communication system |
| CN101707767A (en) * | 2009-10-26 | 2010-05-12 | 中兴通讯股份有限公司 | Data transmission method and devices |
| CN102006303A (en) * | 2010-12-06 | 2011-04-06 | 河海大学 | Method and terminal for increasing data transmission safety by using multi-encryption method |
| CN102932345A (en) * | 2012-10-26 | 2013-02-13 | 山东中创软件商用中间件股份有限公司 | Method, device and system for information transmission |
| CN103209188A (en) * | 2013-04-16 | 2013-07-17 | 百度在线网络技术(北京)有限公司 | Method, system and server for pushing data |
| CN103886263A (en) * | 2014-03-19 | 2014-06-25 | 宇龙计算机通信科技(深圳)有限公司 | Method and system for protecting data in mobile terminal |
-
2014
- 2014-09-12 CN CN201410466852.XA patent/CN104244237B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101197674A (en) * | 2007-12-10 | 2008-06-11 | 华为技术有限公司 | Encrypted communication method, server and encrypted communication system |
| CN101707767A (en) * | 2009-10-26 | 2010-05-12 | 中兴通讯股份有限公司 | Data transmission method and devices |
| CN102006303A (en) * | 2010-12-06 | 2011-04-06 | 河海大学 | Method and terminal for increasing data transmission safety by using multi-encryption method |
| CN102932345A (en) * | 2012-10-26 | 2013-02-13 | 山东中创软件商用中间件股份有限公司 | Method, device and system for information transmission |
| CN103209188A (en) * | 2013-04-16 | 2013-07-17 | 百度在线网络技术(北京)有限公司 | Method, system and server for pushing data |
| CN103886263A (en) * | 2014-03-19 | 2014-06-25 | 宇龙计算机通信科技(深圳)有限公司 | Method and system for protecting data in mobile terminal |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106162621A (en) * | 2015-03-30 | 2016-11-23 | 中兴通讯股份有限公司 | communication encryption, decryption method and mobile terminal |
| CN106162622A (en) * | 2015-04-09 | 2016-11-23 | 中兴通讯股份有限公司 | A kind of method realizing data process and terminal |
| CN105577361A (en) * | 2015-04-20 | 2016-05-11 | 宇龙计算机通信科技(深圳)有限公司 | Information processing method and device thereof |
| CN105577631A (en) * | 2015-05-22 | 2016-05-11 | 宇龙计算机通信科技(深圳)有限公司 | Data transmission method and terminal |
| CN105577631B (en) * | 2015-05-22 | 2019-12-10 | 宇龙计算机通信科技(深圳)有限公司 | data transmission method and terminal |
| CN106411865A (en) * | 2016-09-14 | 2017-02-15 | 广东欧珀移动通信有限公司 | Data transmission method and device, and terminal |
| WO2018049892A1 (en) * | 2016-09-14 | 2018-03-22 | 广东欧珀移动通信有限公司 | Data transmission method and apparatus, and terminal |
| CN109905233A (en) * | 2017-12-08 | 2019-06-18 | 阿里巴巴集团控股有限公司 | A kind of device data processing method and system |
| CN108183905A (en) * | 2017-12-29 | 2018-06-19 | 中国平安人寿保险股份有限公司 | Method of calibration, user equipment, storage medium and calibration equipment |
| CN107979615A (en) * | 2018-01-05 | 2018-05-01 | 新华三信息安全技术有限公司 | Message encryption transmission, authentication method, device, client and fire wall |
| CN107979615B (en) * | 2018-01-05 | 2020-07-03 | 新华三信息安全技术有限公司 | Message encryption sending and authentication method, device, client and firewall |
| CN110263512A (en) * | 2018-08-15 | 2019-09-20 | 北京立思辰计算机技术有限公司 | The self-service introduction method of file and system |
| CN111340429A (en) * | 2020-03-13 | 2020-06-26 | 江西蓝星星火有机硅有限公司 | Material management method, equipment and system based on two-dimensional code |
| CN113079492A (en) * | 2021-03-22 | 2021-07-06 | 广东湾区智能终端工业设计研究院有限公司 | Information sharing method and device |
| CN113079492B (en) * | 2021-03-22 | 2022-04-05 | 广东湾区智能终端工业设计研究院有限公司 | Information sharing method and device |
| CN116502251A (en) * | 2023-06-21 | 2023-07-28 | 东方空间技术(山东)有限公司 | Data encryption storage method, device, equipment and storage medium |
| CN116502251B (en) * | 2023-06-21 | 2024-04-16 | 东方空间技术(山东)有限公司 | Data encryption storage method, device, equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104244237B (en) | 2019-03-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104244237A (en) | Data transmitting and receiving method, receiving and transmitting terminal and data transmitter-receiver set | |
| CN110192381B (en) | Key transmission method and device | |
| US10757571B2 (en) | Internet of things device | |
| US7689211B2 (en) | Secure login method for establishing a wireless local area network connection, and wireless local area network system | |
| CN107317677B (en) | Secret key storage and equipment identity authentication method and device | |
| JP2017514421A (en) | Authentication apparatus and method | |
| EP2879421B1 (en) | Terminal identity verification and service authentication method, system, and terminal | |
| CN105553951A (en) | Data transmission method and data transmission device | |
| KR102510785B1 (en) | Methods and systems for safely transmitting data | |
| CN100566337C (en) | Strengthen the method for wireless LAN safety | |
| KR101835640B1 (en) | Method for authentication of communication connecting, gateway apparatus thereof, and communication system thereof | |
| US7099476B2 (en) | Method for updating a network ciphering key | |
| CN115118419A (en) | Data transmission method of security chip, security chip device, equipment and medium | |
| CN111901303A (en) | Device authentication method and apparatus, storage medium, and electronic apparatus | |
| JP2018148463A (en) | Authentication system, authentication information generator, apparatus to be authenticated, and authentication apparatus | |
| CN110166410B (en) | Method and terminal for safely transmitting data and multimode communication terminal | |
| US11178137B2 (en) | System for IoT devices communicating with server using a tentative common key | |
| KR101979157B1 (en) | Non-address network equipment and communication security system using it | |
| KR101745482B1 (en) | Communication method and apparatus in smart-home system | |
| CN106972928B (en) | Bastion machine private key management method, device and system | |
| KR101172876B1 (en) | System and method for performing mutual authentication between user terminal and server | |
| CN105635096A (en) | Data module access method, system and terminal | |
| JP2007525123A (en) | Apparatus and method for authenticating a user accessing content stored in encrypted form on a storage medium | |
| CN105430022A (en) | Data input control method and terminal equipment | |
| KR101829423B1 (en) | Apparatus for encrypting or decrypting and method for encrypting or decrypting using the same |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |