CN105554021A - Electric energy data communication encryption method - Google Patents
Electric energy data communication encryption method Download PDFInfo
- Publication number
- CN105554021A CN105554021A CN201610015927.1A CN201610015927A CN105554021A CN 105554021 A CN105554021 A CN 105554021A CN 201610015927 A CN201610015927 A CN 201610015927A CN 105554021 A CN105554021 A CN 105554021A
- Authority
- CN
- China
- Prior art keywords
- key
- algorithm
- transmission
- energy data
- encryption method
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Abstract
The invention discloses an electric energy data communication encryption method, specifically comprising the following steps of S1, establishing a secure channel; S2, generating random keys; 3, distributing the keys; S4, achieving encrypted transmission by using an SSL protocol; and S5, checking a database carrying the keys. The electric energy data communication encryption method is simple that the SSL protocol is used for performing the transmission control protocol encrypted transmission of real-time data, and relatively flexible that a key management mode and an algorithm can be selected according to encryption requirements through adding SSL in a server side and a client source program, and improved in transmission reliability through adding return confirmation and overtime retransmission in the user datagram protocol encrypted transmission of the real-time data, thus the reliability of electric energy data transmission is greatly improved, and lawbreakers are effectively prevented from intruding the database to cause enormous loss.
Description
Technical field
The present invention relates to energy data encryption technology field, particularly relate to a kind of energy data communication encryption method.
Background technology
In electric power system, protecting information safety system begins to take shape, and various information security technology is extensively in being applied to power automatic system.Encryption technology, as simple, the most the most frequently used mode, effectively can reduce the safety problem that System Security Vulnerability brings.In view of the specific demand of electric power system real-time data communication, the safety applications of many computer networks can not be indiscriminately imitated safely on electric power communication network.Electric power system has the real time data of many keys to be plaintext transmission on network, and cryptographic means is subject to the restriction of different network environments.At present, for requirement of real-time high four shake data, there is no employing safety measure, in order to ensure its fail safe, normally adopting the mode of network physical isolation or Virtual Private Network.Along with the construction of optical-fibre communications and the expansion of network traffic data, communication Network Based will become topmost communication of power system mode from now on.And some critical datas will still be transmitted in mode expressly, this is the major safety risks that power system safety and stability runs.Any invasion data communication network person, once intercept real time data, distort, forge, will cause switch malfunction, tripping, and the mistake etc. of the disorderly and setting parameter of uploading data, initiation major accident, brings about great losses.
Summary of the invention
The object of the invention is to solve the shortcoming existed in prior art, and a kind of energy data communication encryption method proposed.
To achieve these goals, present invention employs following technical scheme:
A kind of energy data communication encryption method, concrete steps are as follows:
S1: set up escape way: first by the certificate that certification authority is signed and issued, completes the authentication to communicating pair, utilizes both sides' certificate to carry out endpoint authentication;
S2: the generation of random key: after completing endpoint authentication, obtains random key by random number algorithm;
S3: the distribution of key: communicating pair is after certification the other side identity, a random key is generated for coded communication by main website end request key distribution center, key management program can generate a random key queue in advance, the length n of queue determines according to actual conditions, after receiving application, queue first random key is dealt into server, then generates a random key and be added to tail of the queue;
S4: utilize ssl protocol to realize encrypted transmission: under real time data adopts the background of transmission control protocol transmission in electric power system, secure socket layer protocol is adopted to realize encryption, under windows platform, by the flow process of server and client side's program of kit compiling, by IP address and the port of connection server, client-server completes mass data coded communication, encryption process completes according to parameter configuration in exchanges data, and server end and client-side program realize under LAN environment;
S5: the inspection of carrying the database of key: realize encrypted transmission to the database of remote terminal by ssl protocol and check its integrality through terminal, if go wrong, data are abandoned.
Preferably, the random number algorithm in described step S2 is a kind of algorithm in linear congruent algorithm, the circulation cryptographic algorithm of Meyer or ANSIX9.17 algorithm.
Preferably, the certificate in described step S1 is by certificate management authority--authentication center signs and issues, and the entity having certificate just has the private key of double secret key.
A kind of energy data communication encryption method provided by the invention is simple, this energy data communication encryption method is simple, ssl protocol is utilized to carry out transmission control protocol encrypted transmission to real time data, by adding SSL at server end and client source program, can select key management mode and algorithm according to the demand of encryption, more flexible, determine and time-out repeating transmission by adding to return in the User Datagram Protoco (UDP) encrypted transmission of real time data, ensure that the reliability of transmission, improve the reliability of energy data transmission greatly, effectively prevent lawless person's intrusion base from causing huge loss.
Embodiment
In order to make object of the present invention, technical scheme and advantage clearly understand, below in conjunction with specific embodiment, the present invention is further elaborated.Should be appreciated that specific embodiment described herein only in order to explain the present invention, be not intended to limit the present invention.
Embodiment 1
A kind of energy data communication encryption method, concrete steps are as follows:
S1: set up escape way: first by certificate that certification authority is signed and issued, certificate is by certificate management authority--authentication center signs and issues, the entity having certificate just has the private key of double secret key, completes the authentication to communicating pair, utilizes both sides' certificate to carry out endpoint authentication;
S2: the generation of random key: after completing endpoint authentication, obtains random key by random number algorithm, random number algorithm is a kind of algorithm in linear congruent algorithm, the circulation cryptographic algorithm of Meyer or ANSIX9.17 algorithm;
S3: the distribution of key: communicating pair is after certification the other side identity, a random key is generated for coded communication by main website end request key distribution center, key management program can generate a random key queue in advance, the length n of queue determines according to actual conditions, after receiving application, queue first random key is dealt into server, then generates a random key and be added to tail of the queue;
S4: utilize ssl protocol to realize encrypted transmission: under real time data adopts the background of transmission control protocol transmission in electric power system, secure socket layer protocol is adopted to realize encryption, under windows platform, by the flow process of server and client side's program of kit compiling, by IP address and the port of connection server, client-server completes mass data coded communication, encryption process completes according to parameter configuration in exchanges data, and server end and client-side program realize under LAN environment;
S5: the inspection of carrying the database of key: realize encrypted transmission to the database of remote terminal by ssl protocol and check its integrality through terminal, if go wrong, data are abandoned.
Claims (3)
1. an energy data communication encryption method, is characterized in that: concrete steps are as follows:
S1: set up escape way: first by the certificate that certification authority is signed and issued, completes the authentication to communicating pair, utilizes both sides' certificate to carry out endpoint authentication;
S2: the generation of random key: after completing endpoint authentication, obtains random key by random number algorithm;
S3: the distribution of key: communicating pair is after certification the other side identity, a random key is generated for coded communication by main website end request key distribution center, key management program can generate a random key queue in advance, the length n of queue determines according to actual conditions, after receiving application, queue first random key is dealt into server, then generates a random key and be added to tail of the queue;
S4: utilize ssl protocol to realize encrypted transmission: under real time data adopts the background of transmission control protocol transmission in electric power system, secure socket layer protocol is adopted to realize encryption, under windows platform, by the flow process of server and client side's program of kit compiling, by IP address and the port of connection server, client-server completes mass data coded communication, encryption process completes according to parameter configuration in exchanges data, and server end and client-side program realize under LAN environment;
S5: the inspection of carrying the database of key: realize encrypted transmission to the database of remote terminal by ssl protocol and check its integrality through terminal, if go wrong, data are abandoned.
2. a kind of energy data communication encryption method according to claim 1, is characterized in that: the random number algorithm in described step S2 is a kind of algorithm in linear congruent algorithm, the circulation cryptographic algorithm of Meyer or ANSIX9.17 algorithm.
3. a kind of energy data communication encryption method according to claim 1, is characterized in that: the certificate in described step S1 is by certificate management authority--authentication center signs and issues, and the entity having certificate just has the private key of double secret key.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610015927.1A CN105554021A (en) | 2016-01-12 | 2016-01-12 | Electric energy data communication encryption method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610015927.1A CN105554021A (en) | 2016-01-12 | 2016-01-12 | Electric energy data communication encryption method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN105554021A true CN105554021A (en) | 2016-05-04 |
Family
ID=55832955
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610015927.1A Pending CN105554021A (en) | 2016-01-12 | 2016-01-12 | Electric energy data communication encryption method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105554021A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108600253A (en) * | 2018-05-07 | 2018-09-28 | 厦门泡游网络科技有限公司 | The order opposite sex encryption method and its device of long connection communication |
CN108650095A (en) * | 2018-04-17 | 2018-10-12 | 四川长虹电器股份有限公司 | A kind of file encryption-decryption method based on redis |
CN109756500A (en) * | 2019-01-11 | 2019-05-14 | 如般量子科技有限公司 | Anti- quantum calculation https traffic method and system based on multiple unsymmetrical key ponds |
CN109818736A (en) * | 2018-12-24 | 2019-05-28 | 顺丰科技有限公司 | SSL decrypts device, decryption system, decryption method |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120010760A1 (en) * | 2010-07-07 | 2012-01-12 | Kei Yamashita | Power system, power receiving apparatus, and power transmission control method |
CN103401753A (en) * | 2013-07-31 | 2013-11-20 | 贵州电力试验研究院 | Method and structure for realizing transmission of power purchase settlement data in SSLVPN (Secure Sockets Layer Virtual Private Network) mode |
CN104038481A (en) * | 2014-05-22 | 2014-09-10 | 国家电网公司 | Communication method of power asset management master station system and RFID (radio frequency identification device) terminal |
CN104994061A (en) * | 2015-05-19 | 2015-10-21 | 中国南方电网有限责任公司 | Intelligent transformer station process layer switch MMS safety communication device and method |
-
2016
- 2016-01-12 CN CN201610015927.1A patent/CN105554021A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20120010760A1 (en) * | 2010-07-07 | 2012-01-12 | Kei Yamashita | Power system, power receiving apparatus, and power transmission control method |
CN103401753A (en) * | 2013-07-31 | 2013-11-20 | 贵州电力试验研究院 | Method and structure for realizing transmission of power purchase settlement data in SSLVPN (Secure Sockets Layer Virtual Private Network) mode |
CN104038481A (en) * | 2014-05-22 | 2014-09-10 | 国家电网公司 | Communication method of power asset management master station system and RFID (radio frequency identification device) terminal |
CN104994061A (en) * | 2015-05-19 | 2015-10-21 | 中国南方电网有限责任公司 | Intelligent transformer station process layer switch MMS safety communication device and method |
Non-Patent Citations (1)
Title |
---|
宋磊等: "电力系统实时数据通信加密方案", 《电力系统自动化》 * |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108650095A (en) * | 2018-04-17 | 2018-10-12 | 四川长虹电器股份有限公司 | A kind of file encryption-decryption method based on redis |
CN108600253A (en) * | 2018-05-07 | 2018-09-28 | 厦门泡游网络科技有限公司 | The order opposite sex encryption method and its device of long connection communication |
CN109818736A (en) * | 2018-12-24 | 2019-05-28 | 顺丰科技有限公司 | SSL decrypts device, decryption system, decryption method |
CN109756500A (en) * | 2019-01-11 | 2019-05-14 | 如般量子科技有限公司 | Anti- quantum calculation https traffic method and system based on multiple unsymmetrical key ponds |
CN109756500B (en) * | 2019-01-11 | 2021-02-02 | 如般量子科技有限公司 | Anti-quantum computation HTTPS communication method and system based on multiple asymmetric key pools |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107040513B (en) | Trusted access authentication processing method, user terminal and server | |
CN109981639B (en) | Block chain based distributed trusted network connection method | |
US10742426B2 (en) | Public key infrastructure and method of distribution | |
CN102780698A (en) | User terminal safety communication method in platform of Internet of Things | |
CN106850207B (en) | Identity identifying method and system without CA | |
CN108075890A (en) | Data sending terminal, data receiver, data transmission method and system | |
EP2391083A1 (en) | Method for realizing authentication center and authentication system | |
Sani et al. | Xyreum: A high-performance and scalable blockchain for iiot security and privacy | |
CN104125226A (en) | Locking and unlocking application method, device and system | |
CN105554021A (en) | Electric energy data communication encryption method | |
Dua et al. | Replay attack prevention in Kerberos authentication protocol using triple password | |
KR102228686B1 (en) | Method for providing a communication channel for secure management between a physically separated uniway data transmitting and receiving device in uniway security gateway system and uniway data transmitting and receiving device providing two uniway communication channels therefor | |
CN109922022A (en) | Internet of Things communication means, platform, terminal and system | |
CN106789845A (en) | A kind of method of network data security transmission | |
CZ2013373A3 (en) | Authentication method of safe data channel | |
CN106850584A (en) | A kind of anonymous authentication method of curstomer-oriented/server network | |
CN112242993B (en) | Bidirectional authentication method and system | |
KR102049527B1 (en) | User Authentication Server and System | |
CN102739660B (en) | Key exchange method for single sign on system | |
CN104394532A (en) | Anti-brute force safe log-in method for mobile terminal | |
CN103986716A (en) | Establishing method for SSL connection and communication method and device based on SSL connection | |
CN110445809A (en) | Network attack detecting method, device, system, electronic equipment and storage medium | |
Lu et al. | Robust and flexible tunnel management for secure private cloud | |
CN109561099A (en) | A kind of equipment telecommunication encryption method | |
Dikii | Authentication algorithm for internet of things networks based on MQTT protocol |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160504 |
|
RJ01 | Rejection of invention patent application after publication |