CN104244237B - Data sending, receiving method and reception send terminal and data transmitter-receiver set - Google Patents
Data sending, receiving method and reception send terminal and data transmitter-receiver set Download PDFInfo
- Publication number
- CN104244237B CN104244237B CN201410466852.XA CN201410466852A CN104244237B CN 104244237 B CN104244237 B CN 104244237B CN 201410466852 A CN201410466852 A CN 201410466852A CN 104244237 B CN104244237 B CN 104244237B
- Authority
- CN
- China
- Prior art keywords
- terminal
- data
- information
- sent
- unique identifier
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Abstract
The invention discloses a kind of data sending, receiving method and reception, send terminal and data transmitter-receiver set.Data transmission method for uplink includes: to send terminal to be encrypted to sent data;The unique identifier for sending terminal is added in flag information, the flag information and encrypted data are sent jointly to receive terminal.Data receiver method includes: the data and flag information for receiving and sending that terminal is sent, and parses the flag information, received data is decrypted according to the flag information, the data after being decrypted.The present invention ensure that the safety of data by encrypting when data are externally transmitted;And receive terminal after receiving the data, if it is possible to obtain decipherment algorithm from flag information, then be decrypted automatically to data, check that data need not then be decrypted every time, reduce operation complexity;Trustless terminal cannot obtain decipherment algorithm, can not ciphertext data, guarantee data transmission safety.
Description
Technical field
The present invention relates to field of data exchange, more particularly to a kind of data sending, receiving method and reception, send terminal
And data transmitter-receiver set.
Background technique
Currently, some data in terminal, such as the user information, the data that are stored on SIM card, SD card and RAM card etc.
Data need to encrypt to prevent stopping leak dew.There are two types of usual cryptographic means: one is user by advance to entire storage equipment into
Row encryption, when to copy, transmit information in the equipment, data, needing first to input correct login password just can enter equipment,
Then copied and transmitted information, data.By system setting come locking terminal, SIM card, this mode needs user each
Input unlocking pin is carried out when into system, so as to enter system or unlock SIM card, but is being exited every time
System is reentered after (including the screen that goes out) requires input unlocking pin, it is complicated for operation, cumbersome.After data cryptogram is unlocked,
The data transmission of these encryptions after copying in other equipment, no longer needs password when other equipment are consulted or transmitted,
It is easy to cause the loss of private information.
The second way is encrypted or is hidden to the data in terminal using specific encryption software to protect
User information.After these data after encryption are transferred to other equipment, when being consulted on the device, equally need
Password is inputted to be decrypted.For known safety equipment (terminal trusty), cannot be solved automatically after receiving data
Close, user checks data on local terminal, consults require to decrypt every time, operates more troublesome, cumbersome and not smart enough.
Therefore, data can not be encrypted when data are transmitted, is transmitted when existing terminal carries out data transmission
Data on to other equipment, which generally require input clear crytpographic key, can just check, and trusted device cannot be certainly after receiving data
Dynamic decryption processing, it is also necessary to increase the tedious steps that input password is checked.
Summary of the invention
The technical problem to be solved in the present invention is to provide a kind of data sending, receiving method and reception, send terminal sum number
According to R-T unit, to solve the prior art prior art, there are dangerous or cumbersome to ask in data transmission procedure
Topic.
In order to solve the above technical problems, on the one hand, the present invention provides a kind of data transmission method for uplink, comprising:
Terminal is sent to be encrypted to sent data;
The unique identifier for sending terminal is added in flag information, by the flag information and encrypted data one
It rises and is sent to reception terminal.
Further, the significance level for sending terminal and obtaining the data to be sent, using corresponding with its significance level
The Encryption Algorithm of level of confidentiality encrypts the data to be sent.
Further, the transmission terminal is before transmitting data, further includes:
The transmission terminal and one or more trusted terminals establish flag bit list, include in the flag bit list
The unique identifier of each trusted terminal and the encryption calculation for sending terminal and trusted terminal transmission data use
Method information, level of confidentiality class information and decryption algorithm information;
Each trusted terminal saves the unique identifier for sending terminal and the transmission terminal and the trusted
Cryptography information, level of confidentiality class information and the decryption algorithm information that terminal transmission data uses.
Further, the transmission terminal is specifically included when being encrypted to sent data:
The terminal that sends obtains the unique identifier for receiving terminal;
Judge in the flag bit list whether to include the unique identifier for receiving terminal, if it is, using institute
The Encryption Algorithm recorded in flag bit list is stated to be encrypted to sent data;If it is not, then arbitrarily choosing a kind of encryption
Algorithm encrypts the data to be sent.
Further, cryptography information, level of confidentiality class information and decryption algorithm information are added to institute by the transmission terminal
It states in flag information, and the flag information is encrypted using the password made an appointment.
On the other hand, the present invention also provides a kind of data receiver methods, comprising:
The data and flag information for sending that terminal is sent are received,
The flag information is parsed, received data are decrypted according to the flag information, the number after being decrypted
According to.
Further, flag information shown in parsing, is decrypted received data according to the flag information, specific to wrap
It includes:
It receives terminal and parses the flag information, obtain the unique identifier for sending terminal;
When receiving in the flag bit list that terminal saves includes the unique identifier for sending terminal, with the mark
Received data are decrypted in the decipherment algorithm for ranking corresponding record in table.
Further, before receiving the data for sending terminal transmission and flag information, further includes:
It receives terminal and one or more trusted terminals establishes flag bit list, include each in the flag bit list
The unique identifier of trusted terminal and the Encryption Algorithm letter for receiving terminal and trusted terminal transmission data use
Breath, level of confidentiality class information and decryption algorithm information;
Each trusted terminal saves the unique identifier for receiving terminal and the reception terminal and the trusted
Cryptography information, level of confidentiality class information and the decryption algorithm information that terminal transmission data uses.
Further, flag information shown in parsing, is decrypted received data according to the flag information, specific to wrap
It includes:
It receives terminal to parse the flag information according to clear crytpographic key determining with terminal is sent in advance, be solved
Close algorithm information;
According to the decipherment algorithm information, received data is decrypted.
Further, the reception terminal determines adding for flag information with terminal is sent before sending terminal and sending data
Password and clear crytpographic key, and the unique identifier, Crypted password and clear crytpographic key that send terminal are recorded in flag bit list
In.
In another aspect, the present invention also provides send terminal, comprising:
Encrypting module, for being encrypted to sent data;
Sending module, for the unique identifier for sending terminal to be added in flag information, by the flag information and
Encrypted data send jointly to receive terminal.
Further, the encrypting module obtains the significance level of the data to be sent, using corresponding with its significance level
The Encryption Algorithm of level of confidentiality encrypts the data to be sent.
Further, the transmission terminal further include:
Module is established in flag bit list, for establishing flag bit list, the mark with one or more trusted terminals
Rank the unique identifier and the transmissions terminal and the trusted terminal transmission data in table including each trusted terminal
Cryptography information, level of confidentiality class information and the decryption algorithm information of use;Wherein, each trusted terminal saves the transmission
The unique identifier of terminal and the cryptography information, close for sending terminal and being used with the trusted terminal transmission data
Grade class information and decryption algorithm information.
Further, the encrypting module is also used to:
Obtain the unique identifier for receiving terminal;
Judge in the flag bit list whether to include the unique identifier for receiving terminal, if it is, using institute
The Encryption Algorithm recorded in flag bit list is stated to be encrypted to sent data;If it is not, then arbitrarily choosing a kind of encryption
Algorithm encrypts the data to be sent.
Further, cryptography information, level of confidentiality class information and decryption algorithm information are added to institute by the encrypting module
It states in flag information, and the flag information is encrypted using the password made an appointment.
In another aspect, also a kind of reception terminal of the present invention, comprising:
Receiving module sends the data and flag information that terminal is sent for receiving,
Deciphering module is decrypted received data according to the flag information, obtains for parsing the flag information
Data after to decryption.
Further, the deciphering module is also used to:
The flag information is parsed, the unique identifier for sending terminal is obtained;
When receiving in the flag bit list that terminal saves includes the unique identifier for sending terminal, with the mark
Received data are decrypted in the decipherment algorithm for ranking corresponding record in table.
Further, the reception terminal further include:
Module is established in flag bit list, for establishing flag bit list, the mark with one or more trusted terminals
Rank the unique identifier and the receptions terminal and the trusted terminal transmission data in table including each trusted terminal
Cryptography information, level of confidentiality class information and the decryption algorithm information of use;
Each trusted terminal saves the unique identifier for receiving terminal and the reception terminal and the trusted
Cryptography information, level of confidentiality class information and the decryption algorithm information that terminal transmission data uses.
Further, the deciphering module carries out the flag information according to clear crytpographic key determining with terminal is sent in advance
Parsing, obtains decipherment algorithm information;According to the decipherment algorithm information, received data is decrypted.
Further, the deciphering module determines adding for flag information with terminal is sent before sending terminal and sending data
Password and clear crytpographic key, and the unique identifier, Crypted password and clear crytpographic key that send terminal are recorded in flag bit list
In.
In another aspect, the present invention provides a kind of data transmitter-receiver set, when the data transmitter-receiver set sends data, in use
The transmission terminal stated sends data;When the data transmitter-receiver set receives data, data are received using above-mentioned reception terminal.
The present invention has the beneficial effect that:
The present invention ensure that the safety of data by being encrypted to data when data are externally transmitted;And it receives eventually
End is after receiving the data, if it is possible to obtain decipherment algorithm from flag information, then be decrypted automatically to data, in the terminal
On check that data need not then be decrypted every time, reduce operation complexity;If decipherment algorithm cannot be obtained, show
The reception terminal is trustless terminal, then it can not be decrypted, and guarantees the safety of data transmission.
Detailed description of the invention
Fig. 1 is the flow chart of data transmission method for uplink in the embodiment of the present invention one;
Fig. 2 is the flow chart of data receiver method in the embodiment of the present invention one;
Fig. 3 is the flow chart of data transmission method for uplink in the embodiment of the present invention two;
Fig. 4 is the flow chart of data receiver method in the embodiment of the present invention two.
Specific embodiment
Below in conjunction with attached drawing and embodiment, the present invention will be described in further detail.It should be appreciated that described herein
Specific embodiment be only used to explain the present invention, limit the present invention.
Core of the invention thought is: sending terminal when sending data, encrypts to the data of transmission, send simultaneously
Flag information.And after receiving device receives data, it is obtained according to flag information and pre-set flag information resolution rules
Confidential information is solved, is decrypted automatically according to the data that decryption information butt joint is received, after decryption, checks information again then receiving terminal
Without being decrypted.Wherein, pre-set flag information resolution rules are to send terminal and receive terminal to be based on trusting
(the two is relatively trusted terminal) negotiates agreement in advance.In this way, only trusted device after receiving the data can be certainly
It is dynamic that data are decrypted, and equipment is appointed for untrusted, since it can not obtain decipherment algorithm, then can not automatically to data into
Row decryption can only first be authenticated with sending to interrupt, after be each after trusted terminal, then receive and send what terminal was sent
Data carry out automatic decryption to obtain the data that can be consulted.
Come the transmission of the present invention is described in detail data, received method below by way of specific embodiment.
Embodiment one:
As shown in Figure 1, the present embodiments relate to a kind of data transmission method for uplink, comprising:
Step S101, sends terminal and one or more trusted terminals are negotiated, and establishes flag bit list.
In this step, transmission terminal and trusted terminal establish a trusted endpoint groups, the end in the group first
End can be transmission terminal, be also possible to receive terminal.In the present embodiment, using a terminal in the trusted endpoint groups as
Terminal is sent to be described.The transmission terminal is needed with each trusted terminal with regard to Encryption Algorithm, encryption level of confidentiality, decryption first
Algorithm is held consultation, Encryption Algorithm, the encryption level of confidentiality and decipherment algorithm etc. used when carrying out data transmission each other to determine.
Terminal in group is identified using identical defined data, data encrypting and deciphering mechanism (Diffie-Hellman, pluck by such as Encryption Algorithm
Want algorithm, data certificate).For example, sending terminal informing reception terminal (any one trusted terminal in group), it symmetrically adds
Close algorithm has DES (Data Encryption Standard, data encryption standard algorithm), RC5 (symmetric encipherment algorithm), key
Exchange algorithm has RSA (RSA Algorithm, public key encryption algorithm) and DH (Diffie-Hellman), and digest algorithm has MD5
(Secure Hash Algorithm, secure hash are calculated by (Message Digest Algorithm, Message Digest 5) and SHA
Method), receive terminal to send terminal negotiate using DES-RSA-SHA this to combined ciphering and decryption.In addition, send terminal with
Multiple Encryption Algorithm, decipherment algorithm can also be negotiated by receiving terminal, the encryption situation of different security level data has been directed to, for example, absolutely
Ciphertext data is encrypted and decrypted using " result one " is negotiated, and the Encryption Algorithm and decipherment algorithm are most safe and most complicated
's;Confidential data is encrypted and decrypted using " result two " is negotiated, the Encryption Algorithm and decipherment algorithm are relatively pacified
Complete and complicated;And for secret data, then it is encrypted and decrypted using negotiation " result three ", the Encryption Algorithm and decryption are calculated
Method is common Encryption Algorithm and secret method.Certainly, it sends terminal and receives terminal and negotiate several enciphering and deciphering algorithms, take
What certainly is divided into the level of confidentiality of negotiation data between the two.
It sends terminal the unique identifier of each trusted terminal is recorded in flag bit list, while will be with each
The result that trusted terminal is negotiated all is recorded in flag bit list corresponding position, in this way, sending terminal passes through inquiry trusted
The unique identifier of terminal, so that it may inquire the Encryption Algorithm negotiated with the trusted terminal, encryption level of confidentiality and decryption and calculate
Method.Equally, each trusted terminal also establishes its flag bit list, and the unique identifier for sending terminal is saved in its local
In flag bit list, and the cryptography information, the level of confidentiality grade that terminal and trusted terminal transmission data use will be sent
Information and decryption algorithm information are also all saved in flag bit list position corresponding with terminal unique identifier is sent.In this way,
Being equivalent to each of trusted endpoint groups trusted terminal and all establishing has the flag bit list for belonging to their own, inquiry
The flag bit list of oneself, so that it may learn cryptography information, level of confidentiality used by the terminal for transmitting data in group therewith
Class information and decryption algorithm information.
The unique identifier of terminal can be MEID (Mobile Equipment Identifier, mobile device identification
Code), IMEI (International Mobile Equipment Identity, mobile device international identification code) or MAC
(Medium/MediaAccess Control, medium access control) address;It is also possible to other identification codes or identifier, as long as
It can unique identification terminal.
Step S102 locally selects data to be sent at it when sending terminal transmission data.
Step S103 obtains the significance level of data to be sent, determines level of confidentiality.
In this step, the data to be sent of user's selection are detected, primarily directed to filename and/or file content
Keyword detection is carried out, judges the significance level of file to be sent, and then determine level of confidentiality.For example, presetting different security level (weight
Want degree) corresponding keyword, for example, level of confidentiality be top-secret keyword be it is top-secret, level of confidentiality is that the keyword of secret is secret, close
Grade is that secret keyword is secret etc.;Alternatively, level of confidentiality is divided into Pyatyi from high to low, corresponding keyword is level of confidentiality
One, level of confidentiality two, level of confidentiality three, level of confidentiality four and level of confidentiality five.Also keyword core, important, common can be set, to indicate different close
Grade.After determining the corresponding relationship of keyword and level of confidentiality, when file or folder name, label and data significance level
Corresponding keyword;Or the corresponding portion in file content, mark keyword corresponding with data significance level.In this way,
After selecting data, the level of confidentiality of the data can be also got.
Step S104, the unique identifier for sending terminal trial acquisition reception terminal are gone to step if got
S105, if it is not, then going to step S107.
In this step, send terminal whether can obtain receive terminal unique identifier, depending on the two connection relationship,
And the mode of transmission data.For example, the two is connected by USB (Universal Serial Bus, universal serial bus) interface
It connects, then the unique identifier for receiving terminal can directly be consulted by sending terminal.If by WIFI (WIreless-Fidelity,
Wireless Fidelity) or Bluetooth (bluetooth) transmission data,
If that receive terminal be it is determining, then can send message or directly consult by way of connect to obtain
The unique identifier of terminal is received, terminal is uncertain if received, and can not obtain the unique identifier for receiving terminal.
Whether step S105, sending in the flag bit list that terminal judges that it is saved includes the unique mark for receiving terminal
Symbol, if including, goes to step S106, if it is not, then going to step S107.
Step S106 shows to connect if sending in the flag bit list of terminal includes the unique identifier for receiving terminal
Receive terminal and send terminal trusted terminal each other, therefore, the two can by it is consulting in advance, be recorded in and send terminal
Encryption Algorithm in flag bit list is encrypted to sent data.When encryption, if necessary to be encrypted according to level of confidentiality,
Then according to the level of confidentiality of data to be sent, in the flag bit list for sending terminal, searches and send terminal and receive what terminal was negotiated
The Encryption Algorithm that corresponding level of confidentiality uses, is encrypted using the Encryption Algorithm.
Step S107 in the case where the unique identifier for receiving terminal can not obtain, or sends the flag bit of terminal
It does not include when receiving the unique identifier of terminal in list, then a kind of Encryption Algorithm can arbitrarily be chosen to be sent by sending terminal
Data encrypted.
In this step, the Encryption Algorithm that a kind of default can be arranged in terminal is usually sent, is appointed as terminal is received for untrusted
It is encrypted when terminal or uncertain reception terminal to sent data.The Encryption Algorithm usually defaulted, which is that secret is best, to be added
Close algorithm, in addition, terminal is sent when establishing flag bit list with the negotiation of trusted terminal, the default encryption that can be also used
The decipherment algorithm of algorithm, encryption level of confidentiality and default informs trusted terminal, and trusted terminal is allowed to be saved.
Step S108 sends terminal and its unique identifier is added in flag information, by flag information and encrypted
Data send jointly to receive terminal.
For above-mentioned data transmission method for uplink, as shown in Fig. 2, the present embodiments relate to a kind of data receiver methods, comprising:
Step S201 receives terminal and receives the data and flag information for sending that terminal is sent.
Step S202, parses flag information, obtains the unique identifier for sending terminal;
Step S203 judges the unique identifier for sending terminal whether is preserved in the flag bit list of reception terminal, such as
Fruit is then to go to step S204, if it is not, then going to step S207.
Step S204 receives the unique identifier preserved in the flag bit list of terminal and send terminal, shows to send eventually
Whether trusted terminal, reception terminal then judge to have recorded in flag bit list and send terminal association each other for end and reception terminal
The decipherment algorithm of quotient, if it is, S205 is gone to step, if it is not, then going to step S206.
S205 is gone to step, is recorded in the flag bit list for sending terminal using terminal is received with what transmission terminal consulted
Decipherment algorithm received data are decrypted, the data after being decrypted.
Step S206, using the decipherment algorithm of the transmission terminal default recorded in the flag bit list for receiving terminal to reception
Data be decrypted, the data after being decrypted.
This step is primarily directed to terminal is sent when sending data, and whether the uncertain terminal that receives is credible, then using silent
Recognize the case where Encryption Algorithm is encrypted.
Step S207 receives the unique identifier that do not preserve in the flag bit list of terminal and send terminal, shows to connect
Receiving terminal is not the trusted terminal for sending terminal, therefore, it is impossible to obtain decipherment algorithm, also so can not to received data into
Row decryption.
The embodiment of the present invention, firstly, negotiating the Encryption Algorithm of transmission data, encryption level of confidentiality and decryption between trusted terminal
Algorithm, when one of trusted terminal is as terminal transmission data are sent, using the Encryption Algorithm or default consulted
Encryption Algorithm encrypts data, then sends together using the unique identifier for sending terminal as flag information.It receives eventually
After termination receives data and the flag information of encryption, when receiving terminal is trusted terminal, according to the unique of transmission terminal
Identifier, available decipherment algorithm, and then the data that automatic butt is received are decrypted.It but is that non-trusted is whole when receiving terminal
When end, since decipherment algorithm can not be obtained, and can not ciphertext data.Therefore, above scheme both ensure that the safety of data transmission
Property, it in turn ensures and sends terminal and receive terminal and can arbitrarily check data in its local terminal, it is not necessary to repeat to decrypt, improve
Efficiency.
Embodiment two:
As shown in figure 3, the present embodiments relate to a kind of data transmission method for uplink, comprising:
Step S301 sends terminal and selects data to be sent in its this ground.
Step S302 obtains the significance level of data to be sent, determines level of confidentiality.
In this step, the data to be sent of user's selection are detected, primarily directed to filename and/or file content
Keyword detection is carried out, judges the significance level of file to be sent, and then determine level of confidentiality.For example, presetting different security level (weight
Want degree) corresponding keyword, for example, level of confidentiality be top-secret keyword be it is top-secret, level of confidentiality is that the keyword of secret is secret, close
Grade is that secret keyword is secret etc.;Alternatively, level of confidentiality is divided into Pyatyi from high to low, corresponding keyword is level of confidentiality
One, level of confidentiality two, level of confidentiality three, level of confidentiality four and level of confidentiality five.Also keyword core, important, common can be set, to indicate different close
Grade.After determining the corresponding relationship of keyword and level of confidentiality, when file or folder name, label and data significance level
Corresponding keyword;Or the corresponding portion in file content, mark keyword corresponding with data significance level.In this way,
After selecting data, the level of confidentiality of the data can be also got.
Step S303 chooses the Encryption Algorithm of level of confidentiality corresponding with the significance level of data to be sent, to sent data
It is encrypted.
For example, then being encrypted using the Encryption Algorithm of confidential for common data;For significant data, then adopt
It is encrypted with confidential Encryption Algorithm;For core data, then encrypted using the Encryption Algorithm of top secret.
Step S304, send terminal by its unique identifier and use cryptography information, level of confidentiality class information and
Decipherment algorithm information is added in flag information, and is encrypted using the password made an appointment to flag information.
In this step, cryptography information in flag information and decryption algorithm information can be detailed Encryption Algorithm and
Decipherment algorithm is also possible to some essential informations of Encryption Algorithm and decipherment algorithm, the case where for being essential information, needs
Send terminal and receive terminal and be all stored with specific encipheror and decryption program in advance, send terminal call encipheror into
Row encryption, and the corresponding essential information of encipheror is added in flag information, and by the basic of corresponding decipherment algorithm
Information is added in flag information.Essential information of the terminal by decipherment algorithm is received, inquires specific decryption program, and call
The program is decrypted.
Due to including solution confidential information in flag information, therefore, it is necessary to encrypt to flag information.It is preparatory to send terminal
Trusted group is established with one or more trusted terminals, the Crypted password reconciliation of promissory marker information in trusted group
Password guarantees the safety of information in this way, terminal device only trusty could decrypt flag information.
In addition, different Crypted password and clear crytpographic key can also be arranged from different trusted terminals by sending terminal, this
Sample further ensures the safety of data transmission.For example, only believing cryptography information, level of confidentiality grade in flag information
Breath and decryption algorithm information are encrypted, and are not encrypted to the unique identifier at end of making arrangements for his funeral.Each trusted terminal establishes mark
Table is ranked, record has the unique identifier of its trusted terminal, and the mark negotiated with the trusted terminal in flag bit list
The clear crytpographic key of will information.In this way, after reception terminal receives flag information, it can be according to the hair for not having encryption in flag information
Make arrangements for his funeral end unique identifier search flag bit list, if can find, the clear crytpographic key of available flag information, in turn
Flag information is decrypted, cryptography information, level of confidentiality class information and decryption algorithm information are obtained.If cannot find, show
Receiving terminal not is the trusted terminal for sending terminal, can not decrypt flag information, also can not finally decrypt received data.
Step S305 sends terminal and sends jointly to flag information and encrypted data to receive terminal.
For above-mentioned data transmission method for uplink, as shown in figure 4, the present embodiments relate to a kind of data receiver methods, comprising:
Step S401 receives terminal and receives the data and flag information for sending that terminal is sent.
Step S402 is decrypted flag information using the password made an appointment, and obtains the solution recorded in flag information
Close algorithm information;
In this step, it is divided into two kinds of situations, a kind of situation, which sends terminal, to be encrypted to entire flag information, this
Kind situation, it is only necessary to which flag information can be decrypted by inputting the password made an appointment, and obtain the decipherment algorithm carried in flag information
Information.
Second situation is close for sending terminal for different trusted terminals different flag information decryption being arranged
Code, in this way, the unique identifier of the transmission terminal in flag information does not encrypt, can directly decrypt to obtain, and receive eventually
The unique identifier that inquiry sends terminal in its local flag bit list is held to utilize flag bit list if found
Flag information is decrypted in the clear crytpographic key of middle record, obtains decipherment algorithm information.If do not found, show to receive
Terminal is not the trusted terminal for sending terminal, can not decrypt flag information.
Step S403 is decrypted received data according to obtained decipherment algorithm information, the number after being decrypted
According to.
In the present embodiment, by including cryptography information, security information in flag information and decrypting algorithm information, and
Flag information is encrypted, in this way, the only automatic ciphertext data of equipment ability trusty, is guaranteeing to receive terminal and transmission
Terminal is all convenient while check data, also ensures the safety of data transmission.
In addition, the embodiment of the present invention further relates to a kind of transmission terminal for realizing above-mentioned two embodiment and receives terminal, wherein
Sending terminal includes:
Encrypting module, for being encrypted to sent data;
Sending module, for the unique identifier for sending terminal to be added in flag information, by the flag information and
Encrypted data send jointly to receive terminal.
Wherein, encrypting module obtains the significance level of the data to be sent, using level of confidentiality corresponding with its significance level
Encryption Algorithm encrypts the data to be sent.
Send terminal further include:
Module is established in flag bit list, for establishing flag bit list, the mark with one or more trusted terminals
Rank the unique identifier and the transmissions terminal and the trusted terminal transmission data in table including each trusted terminal
Cryptography information, level of confidentiality class information and the decryption algorithm information of use;Wherein, each trusted terminal saves the transmission
The unique identifier of terminal and the cryptography information, close for sending terminal and being used with the trusted terminal transmission data
Grade class information and decryption algorithm information.
The encrypting module is also used to:
Obtain the unique identifier for receiving terminal;
Judge in the flag bit list whether to include the unique identifier for receiving terminal, if it is, using institute
The Encryption Algorithm recorded in flag bit list is stated to be encrypted to sent data;If it is not, then arbitrarily choosing a kind of encryption
Algorithm encrypts the data to be sent.
Cryptography information, level of confidentiality class information and decryption algorithm information are added to the mark by the encrypting module to be believed
In breath, and the flag information is encrypted using the password made an appointment.
Receiving terminal includes:
Receiving module sends the data and flag information that terminal is sent for receiving,
Deciphering module is decrypted received data according to the flag information, obtains for parsing the flag information
Data after to decryption.
The deciphering module is also used to:
The flag information is parsed, the unique identifier for sending terminal is obtained;
When receiving in the flag bit list that terminal saves includes the unique identifier for sending terminal, with the mark
Received data are decrypted in the decipherment algorithm for ranking corresponding record in table.
The reception terminal further include:
Module is established in flag bit list, for establishing flag bit list, the mark with one or more trusted terminals
Rank the unique identifier and the receptions terminal and the trusted terminal transmission data in table including each trusted terminal
Cryptography information, level of confidentiality class information and the decryption algorithm information of use;
Each trusted terminal saves the unique identifier for receiving terminal and the reception terminal and the trusted
Cryptography information, level of confidentiality class information and the decryption algorithm information that terminal transmission data uses.
The deciphering module parses the flag information according to clear crytpographic key determining with terminal is sent in advance, obtains
To decipherment algorithm information;According to the decipherment algorithm information, received data is decrypted.
The deciphering module send terminal send data before, with send terminal determine flag information Crypted password and
Clear crytpographic key, and the unique identifier, Crypted password and clear crytpographic key that send terminal are recorded in flag bit list.
It is adopted when the data transmitter-receiver set sends data in addition, the embodiment of the present invention further relates to a kind of data transmitter-receiver set
Data are sent with above-mentioned transmission terminal;When the data transmitter-receiver set receives data, number is received using above-mentioned reception terminal
According to.Data transmitter-receiver set can be the terminal devices such as mobile phone, tablet computer, computer.
The present invention ensure that the safety of data by being encrypted to data when data are externally transmitted;And it receives eventually
End is after receiving the data, if it is possible to obtain decipherment algorithm from flag information, then be decrypted automatically to data, in the terminal
On check that data need not then be decrypted every time, reduce operation complexity;If decipherment algorithm cannot be obtained, show
The reception terminal is trustless terminal, then it can not be decrypted, and guarantees the safety of data transmission.
Although for illustrative purposes, the preferred embodiment of the present invention has been disclosed, those skilled in the art will recognize
It is various improve, increase and replace be also it is possible, therefore, the scope of the present invention should be not limited to the above embodiments.
Claims (7)
1. a kind of data transmission method for uplink characterized by comprising
Terminal is sent to be encrypted to sent data;
The unique identifier for sending terminal is added in flag information, by one starting of the flag information and encrypted data
Give reception terminal;
Wherein, the transmission terminal is encrypted to sent data, comprising:
The significance level for sending terminal and obtaining the data to be sent, is calculated using the encryption of level of confidentiality corresponding with its significance level
Method encrypts the data to be sent;
It is described that the unique identifier for sending terminal is added in flag information, comprising:
It is described send terminal will send terminal unique identifier and use cryptography information, level of confidentiality class information and
Decipherment algorithm information is added in flag information, and is encrypted using the password made an appointment to the flag information.
2. data transmission method for uplink as described in claim 1, which is characterized in that the transmission terminal before transmitting data, is gone back
Include:
The transmission terminal and one or more trusted terminals establish flag bit list, include each in the flag bit list
The unique identifier of trusted terminal and the Encryption Algorithm letter for sending terminal and trusted terminal transmission data use
Breath, level of confidentiality class information and decryption algorithm information;
Each trusted terminal saves the unique identifier for sending terminal and the transmission terminal and the trusted terminal
Transmit cryptography information, level of confidentiality class information and decryption algorithm information that data use.
3. data transmission method for uplink as claimed in claim 2, which is characterized in that the transmission terminal to sent data into
When row encryption, specifically include:
The terminal that sends obtains the unique identifier for receiving terminal;
Judge in the flag bit list whether to include the unique identifier for receiving terminal, if it is, using the mark
Will is ranked the Encryption Algorithm recorded in table and is encrypted to sent data;If it is not, then arbitrarily choosing a kind of Encryption Algorithm
The data to be sent are encrypted.
4. a kind of transmission terminal characterized by comprising
Encrypting module, for being encrypted to sent data;
Sending module, for the unique identifier for sending terminal to be added in flag information, by the flag information and encryption
Data afterwards send jointly to receive terminal;
Wherein, the encrypting module, is specifically used for:
The significance level for obtaining the data to be sent, using the Encryption Algorithm of level of confidentiality corresponding with its significance level to described pending
The data sent are encrypted;
The encrypting module, is also used to:
Cryptography information, level of confidentiality class information and decryption algorithm information are added in flag information, and uses and makes an appointment
Good password encrypts the flag information.
5. sending terminal as claimed in claim 4, which is characterized in that the transmission terminal further include:
Module is established in flag bit list, and for establishing flag bit list with one or more trusted terminals, the mark ranks
Unique identifier and the transmission terminal and the trusted terminal transmission data in table including each trusted terminal use
Cryptography information, level of confidentiality class information and decryption algorithm information;Wherein, each trusted terminal saves the transmission terminal
Unique identifier and described send cryptography information, the level of confidentiality etc. that terminal and the trusted terminal transmission data use
Grade information and decryption algorithm information.
6. sending terminal as claimed in claim 5, which is characterized in that the encrypting module is also used to:
Obtain the unique identifier for receiving terminal;
Judge in the flag bit list whether to include the unique identifier for receiving terminal, if it is, using the mark
Will is ranked the Encryption Algorithm recorded in table and is encrypted to sent data;If it is not, then arbitrarily choosing a kind of Encryption Algorithm
The data to be sent are encrypted.
7. a kind of data transmitter-receiver set, which is characterized in that when the data transmitter-receiver set sends data, using claim 4~6
Described in any item transmission terminals send data;When the data transmitter-receiver set receives data, data are received using terminal is received;
Wherein, the reception terminal includes:
Receiving module sends the data and flag information that terminal is sent for receiving,
Deciphering module is decrypted received data according to the flag information, is solved for parsing the flag information
Data after close;
Wherein, the deciphering module, is specifically used for:
The flag information is parsed according to clear crytpographic key determining with terminal is sent in advance, obtains decipherment algorithm information;
According to the decipherment algorithm information, received data is decrypted.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410466852.XA CN104244237B (en) | 2014-09-12 | 2014-09-12 | Data sending, receiving method and reception send terminal and data transmitter-receiver set |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410466852.XA CN104244237B (en) | 2014-09-12 | 2014-09-12 | Data sending, receiving method and reception send terminal and data transmitter-receiver set |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104244237A CN104244237A (en) | 2014-12-24 |
| CN104244237B true CN104244237B (en) | 2019-03-22 |
Family
ID=52231415
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410466852.XA Active CN104244237B (en) | 2014-09-12 | 2014-09-12 | Data sending, receiving method and reception send terminal and data transmitter-receiver set |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104244237B (en) |
Families Citing this family (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106162621A (en) * | 2015-03-30 | 2016-11-23 | 中兴通讯股份有限公司 | communication encryption, decryption method and mobile terminal |
| CN106162622A (en) * | 2015-04-09 | 2016-11-23 | 中兴通讯股份有限公司 | A kind of method realizing data process and terminal |
| CN105577361A (en) * | 2015-04-20 | 2016-05-11 | 宇龙计算机通信科技(深圳)有限公司 | Information processing method and device thereof |
| CN105577631B (en) * | 2015-05-22 | 2019-12-10 | 宇龙计算机通信科技(深圳)有限公司 | data transmission method and terminal |
| CN106411865A (en) * | 2016-09-14 | 2017-02-15 | 广东欧珀移动通信有限公司 | Data transmission method and device, and terminal |
| CN109905233B (en) * | 2017-12-08 | 2022-07-29 | 阿里巴巴集团控股有限公司 | Equipment data processing method and system |
| CN108183905A (en) * | 2017-12-29 | 2018-06-19 | 中国平安人寿保险股份有限公司 | Method of calibration, user equipment, storage medium and calibration equipment |
| CN107979615B (en) * | 2018-01-05 | 2020-07-03 | 新华三信息安全技术有限公司 | Message encryption sending and authentication method, device, client and firewall |
| CN110263512A (en) * | 2018-08-15 | 2019-09-20 | 北京立思辰计算机技术有限公司 | The self-service introduction method of file and system |
| CN111340429A (en) * | 2020-03-13 | 2020-06-26 | 江西蓝星星火有机硅有限公司 | Material management method, equipment and system based on two-dimensional code |
| CN113079492B (en) * | 2021-03-22 | 2022-04-05 | 广东湾区智能终端工业设计研究院有限公司 | Information sharing method and device |
| CN116502251B (en) * | 2023-06-21 | 2024-04-16 | 东方空间技术(山东)有限公司 | Data encryption storage method, device, equipment and storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101707767A (en) * | 2009-10-26 | 2010-05-12 | 中兴通讯股份有限公司 | Data transmission method and devices |
| CN103886263A (en) * | 2014-03-19 | 2014-06-25 | 宇龙计算机通信科技(深圳)有限公司 | Method and system for protecting data in mobile terminal |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101197674B (en) * | 2007-12-10 | 2010-10-27 | 华为技术有限公司 | Encrypted communication method, server and encrypted communication system |
| CN102006303B (en) * | 2010-12-06 | 2013-06-05 | 河海大学 | Method and terminal for increasing data transmission safety by using multi-encryption method |
| CN102932345B (en) * | 2012-10-26 | 2015-11-18 | 山东中创软件商用中间件股份有限公司 | A kind of information transferring method, Apparatus and system |
| CN103209188A (en) * | 2013-04-16 | 2013-07-17 | 百度在线网络技术(北京)有限公司 | Method, system and server for pushing data |
-
2014
- 2014-09-12 CN CN201410466852.XA patent/CN104244237B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101707767A (en) * | 2009-10-26 | 2010-05-12 | 中兴通讯股份有限公司 | Data transmission method and devices |
| CN103886263A (en) * | 2014-03-19 | 2014-06-25 | 宇龙计算机通信科技(深圳)有限公司 | Method and system for protecting data in mobile terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104244237A (en) | 2014-12-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104244237B (en) | Data sending, receiving method and reception send terminal and data transmitter-receiver set | |
| CN109462850B (en) | Network configuration method of intelligent equipment and intelligent equipment | |
| CN110192381B (en) | Key transmission method and device | |
| CN106603485A (en) | Secret key negotiation method and device | |
| CN105553951A (en) | Data transmission method and data transmission device | |
| CN103166958B (en) | A kind of guard method of file and system | |
| CN103546289B (en) | USB (universal serial bus) Key based secure data transmission method and system | |
| CN104243439B (en) | Document transmission processing method, system and terminal | |
| CN100566337C (en) | Strengthen the method for wireless LAN safety | |
| CN103886263A (en) | Method and system for protecting data in mobile terminal | |
| CN105791258A (en) | Data transmission method, terminal and open platform | |
| CN102264068B (en) | Shared key consultation method, system, network platform and terminal | |
| KR101424972B1 (en) | Method for using contents with a mobile card, host device, and mobile card | |
| CN112187757A (en) | Multilink privacy data circulation system and method | |
| CN110166410B (en) | Method and terminal for safely transmitting data and multimode communication terminal | |
| CN105279447A (en) | Method and device for data encryption, and method and device for data decryption | |
| US20040255121A1 (en) | Method and communication terminal device for secure establishment of a communication connection | |
| KR20200099873A (en) | HMAC-based source authentication and secret key sharing method and system for Unnamed Aerial vehicle systems | |
| CN107508814A (en) | Data ciphering method, decryption method, apparatus and system | |
| CN114826627A (en) | Information transmission method, enterprise security gateway and system | |
| CN104394532A (en) | Anti-brute force safe log-in method for mobile terminal | |
| CN108337233B (en) | Method for encrypting content information, electronic equipment and storage medium | |
| CN105827601A (en) | Data encryption application method and system of mobile device | |
| CN106972928B (en) | Bastion machine private key management method, device and system | |
| US8953804B2 (en) | Method for establishing a secure communication channel |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |