A kind of encryption system based on RSA and AES encryption algorithm and encryption method
Technical field
The present invention relates to technical field of network communication, particularly relate to a kind of encryption system based on RSA and AES encryption algorithm and encryption method.
Background technology
At present, along with Internet of Things is fast-developing, the network security of Intelligent hardware aspect induces one to show great attention to gradually.In prior art, exist and intercepted and captured by hacker the risk that the packet after encryption carries out Replay Attack, thus make encryption system suffer active attack and passive attack.
Summary of the invention
The present invention is directed to the above technical problem existed in prior art, a kind of encryption system based on RSA and AES encryption algorithm and encryption method are provided, effectively solve key keeping problem and Replay Attack problem between communication entity.
The technical solution adopted for the present invention to solve the technical problems is: a kind of encryption system based on RSA and AES encryption algorithm, and it comprises:
Two communication entities: transmit leg and recipient;
RSA key and AES key;
Communication count system;
Described transmit leg and described recipient are assigned described RSA key, utilize described RSA cryptographic algorithms to build safe network channel in a network during communication and transmit described AES key, for described recipient distributes described AES key, described AES key is used for encryption and decryption during data interaction, prevents Replay Attack when described communication count system is used for data interaction to the sign of packet.
Improve as to the one of technical scheme of the present invention, will be expressly encrypted by described AES key, described transmit leg sends ciphertext, and to be connected laggard row data communication by internet, described recipient receives ciphertext, is decrypted by AES key.
In addition, the present invention also provides a kind of encryption method of the encryption system based on RSA and AES encryption algorithm, and it is as follows that it comprises step:
A. RSA key is distributed to two communication entity transmit legs and recipient;
B. RSA cryptographic algorithms is utilized to build safe network channel in a network, for recipient distributes AES key during communication;
C. set up after shaking hands, the AES key according to distributing carries out data interaction, introduces the mechanism of communication count during data interaction simultaneously in ciphertext, judgement checking to be carried out to this counting after each deciphering, after being proved to be successful, carry out data processing, otherwise require that data receiver is retransmitted.
Improve as to the one of technical scheme of the present invention, before described step b, also comprise the step of when connecting for the first time, described transmit leg and described recipient being carried out to authentication.
Improve as to the one of technical scheme of the present invention, the step of described authentication is: AES key dynamically generates AES key, and the RSA PKI of transmit leg is encrypted, and recipient exposes transmit leg RSA PKI, obtains the AES key after exposing.
Improve as to the one of technical scheme of the present invention, described step c comprises: will be expressly encrypted by described AES key, ciphertext is sent afterwards by described transmit leg, to be connected laggard row data communication by internet, described recipient receives ciphertext, be decrypted by AES key, expressly represent.
Improving as to the one of technical scheme of the present invention, in described transmission ciphertext process, sending flag each time from adding 1 anti-replay-attack.
Encryption system based on RSA and AES encryption algorithm provided by the invention and encryption method, effectively to solve between communication entity key keeping problem, quick encryption and decryption when there is the authentication between communication entity, transfer of data and prevent the advantage of Replay Attack.
Accompanying drawing explanation
Below in conjunction with drawings and Examples, the invention will be further described, in accompanying drawing:
Fig. 1 is the encryption method workflow schematic diagram of the encryption system based on RSA and AES encryption algorithm of the specific embodiment of the invention.
Embodiment
In order to make object of the present invention, technical scheme and advantage clearly understand, below in conjunction with drawings and Examples, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, be not intended to limit the present invention.
The encryption system based on RSA and AES encryption algorithm of the specific embodiment of the invention, it comprises:
Two communication entities: transmit leg and recipient;
RSA key and AES key;
Communication count system;
Transmit leg and recipient are assigned RSA key, RSA cryptographic algorithms is utilized to build safe network channel transmission AES key in a network during communication, for recipient distributes AES key, AES key is used for encryption and decryption during data interaction, prevents Replay Attack when communication count system is used for data interaction to the sign of packet.
In the specific embodiment of the invention, will be expressly encrypted by AES key, transmit leg sends ciphertext, and to be connected laggard row data communication by internet, recipient receives ciphertext, is decrypted by AES key.
Fig. 1 is the encryption method workflow schematic diagram of the encryption system based on RSA and AES encryption algorithm of the specific embodiment of the invention, as shown in Figure 1, the encryption method of the encryption system based on RSA and AES encryption algorithm of the specific embodiment of the invention, it is as follows that it comprises step:
A. RSA key is distributed to two communication entity transmit legs and recipient;
B. RSA cryptographic algorithms is utilized to build safe network channel in a network, for recipient distributes AES key during communication;
C. set up after shaking hands, the AES key according to distributing carries out data interaction, introduces the mechanism of communication count during data interaction simultaneously in ciphertext, judgement checking to be carried out to this counting after each deciphering, after being proved to be successful, carry out data processing, otherwise require that data receiver is retransmitted.
Particularly, the step of when connecting for the first time, transmit leg and recipient being carried out to authentication is also comprised before step b.The step of authentication is: AES key dynamically generates AES key, and the RSA PKI of transmit leg is encrypted, and recipient exposes transmit leg RSA PKI, obtains the AES key after exposing.
Step c comprises: by being expressly encrypted by AES key, send ciphertext afterwards by transmit leg, and to be connected laggard row data communication by internet, recipient receives ciphertext, is decrypted by AES key, expressly represents.
Particularly, sending in ciphertext process, sending flag each time from adding 1 anti-replay-attack.
Encryption system based on RSA and AES encryption algorithm provided by the invention and encryption method, effectively to solve between communication entity key keeping problem, quick encryption and decryption when there is the authentication between communication entity, transfer of data and prevent the advantage of Replay Attack.
The RSA Algorithm that native system make use of asymmetric encryption mechanism is convenient to the advantage of key keeping and signature authentication and the fast advantage of symmetric encipherment algorithm AES encryption/decryption speed, the strong encryption system two kinds of cryptographic algorithm being combined into mixing, the advantage having played both avoids the deficiency of the two.Meanwhile, in ciphertext, introduce communication count mechanism carry out Replay Attack to prevent being intercepted and captured the packet after encryption by hacker, thus make this encryption system can prevent known active attack and passive attack.This technology the following aspects can also do better: exist by the threat of attacking when 1, shaking hands for the first time, should to improve when shaking hands for the first time fixing RSA key, be each product Random assignment RSA key when changing production into; 2, the encryption figure place of RSA cryptographic algorithms is improved.
The key between communication entity that solves of this technology effective takes care of problem, quick encryption and decryption when simultaneously also solving the authentication between communication entity, transfer of data and prevent the advantage of Replay Attack, in ciphertext, introduce communication count mechanism carry out Replay Attack to prevent being intercepted and captured the packet after encryption by hacker, thus make this encryption system can prevent known active attack and passive attack.
Should be understood that, for those of ordinary skills, can be improved according to the above description or convert, and all these improve and convert the protection range that all should belong to claims of the present invention.