CN105656624A - Client side, server and data transmission method and system - Google Patents
Client side, server and data transmission method and system Download PDFInfo
- Publication number
- CN105656624A CN105656624A CN201610112427.XA CN201610112427A CN105656624A CN 105656624 A CN105656624 A CN 105656624A CN 201610112427 A CN201610112427 A CN 201610112427A CN 105656624 A CN105656624 A CN 105656624A
- Authority
- CN
- China
- Prior art keywords
- pki
- data
- server
- client terminal
- private key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/062—Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer And Data Communications (AREA)
- Storage Device Security (AREA)
- Information Transfer Between Computers (AREA)
Abstract
The invention discloses a client side, a server and a data transmission method and system. The client side requests to be connected with the server, the server calculates a first public key and a matched first private key and sends the first public key to the client side, and the client side calculates a second public key and a second private key matched with the second public key and sends the second public key to the server. When the client side requests data from the server, the server encrypts the data through the second public key, the encrypted data is sent to the client side, the client side decrypts the data through the second private key matched with the second public key, and therefore the data is obtained. When the data is sent to the server through the client side, the client side encrypts the data to be sent through the first public key, the encrypted data is sent to the server, the server decrypts the data through the first private key matched with the first public key, and therefore the data is obtained. The public keys of the server and the client side are shared to encrypt information, only the respective private keys can be used for decryption, and therefore the safety of data transmission can be effectively improved.
Description
Technical field
The present invention relates to file transfer field, particularly relate to a kind of client terminal, server, data transmission method and system.
Background technology
Along with the development of science and technology, the safety problem of information transmission becomes the focal issue that everybody pays close attention to gradually. The methods such as ftp, pop and the telnet generally used now, with expressly transmitting password and data on network, and may be intercepted these passwords and data by other people, and security is lower.
Further, the safety verification mode of these service routines is easy to be subject to the attack of " middleman " (man-in-the-middle) this kind of mode. So-called " middleman " attacks mode, " middleman " pretends to be real server reception user to pass to the data of server exactly, then pretending to be user that data are passed to real server, thus steal important data, there is bigger potential safety hazard in current type of transmission.
Summary of the invention
In view of this, the main purpose of the present invention is to provide a kind of client terminal, server, data transmission method and system, it is possible to carry out data transmission safely and efficiently.
For achieving the above object, the present invention provides a kind of data transmission method, comprising:
The the first private key obtaining the first PKI and mate mutually with described first PKI;
Receive the connection request of client terminal, described first PKI is sent to described client terminal, receive the 2nd PKI that described client terminal sends, described 2nd PKI is stored;
Responding the data sink request of described client terminal, the first target data after the first raw data utilizes described 2nd PKI be encrypted are sent to described client terminal; Respond the data sending request of described client terminal, receive described client terminal the 2nd raw data is utilized described first PKI encrypt after the 2nd target data, use the described first private key to described target decrypt data, obtain the 2nd raw data that described client terminal sends.
Preferably, described acquisition first PKI and the first private key of mating mutually with described first PKI comprise:
Judge whether to store the first PKI file, if it does, then the first private key obtaining the first PKI and mating mutually with described first PKI, otherwise the first private key calculating the first PKI and mating mutually with described first PKI.
Present invention also offers a kind of server, comprising:
First key acquisition module, for the first private key obtaining the first PKI and mate mutually with described first PKI;
First key exchange module, for receiving the connection request of client terminal, is sent to described client terminal by described first PKI, receives the 2nd PKI that described client terminal sends, is stored by described 2nd PKI;
First data transmission module, for responding the data sink request of described client terminal, the first target data after the first raw data utilizes described 2nd PKI be encrypted are sent to described client terminal; Respond the data sending request of described client terminal, receive described client terminal the 2nd raw data is utilized described first PKI encrypt after the 2nd target data, use the described first private key to described target decrypt data, obtain the 2nd raw data that described client terminal sends.
Preferably, described first key acquisition module specifically for:
Judge whether to store the first PKI file, if it does, then the first private key obtaining the first PKI and mating mutually with described first PKI, otherwise the first private key calculating the first PKI and mating mutually with described first PKI.
Present invention also offers a kind of data transmission method, comprising:
Send connection request to server, obtain the first PKI of described server and store;
For the 2nd private key calculating the 2nd PKI and mate mutually with described 2nd PKI, described 2nd PKI is sent to described server;
The data sink request of response user, receive described server the first raw data is utilized described 2nd PKI encrypt after the first target data, use the described 2nd private key to described target decrypt data, obtain the first raw data that described server sends; The data sending request of response user, the 2nd target data after utilizing described first PKI to be encrypted the 2nd raw data are sent to described server.
Preferably, the first PKI of the described server of described acquisition also stores and comprises:
Receive the first PKI that described server sends, judge whether to be previously stored with the PKI of described server, if it does, then whether the PKI determining the described server of described first PKI with storage is consistent, if it does, stored by described first PKI.
Present invention also offers a kind of client terminal, comprising:
2nd key acquisition module, for sending connection request to server, obtains the first PKI of described server and stores;
2nd key exchange module, the 2nd private key calculating the 2nd PKI and mating mutually with described 2nd PKI, is sent to described server by described 2nd PKI;
2nd transfer module, for responding the data sink request of user, receive described server the first raw data is utilized described 2nd PKI encrypt after the first target data, use the described 2nd private key to described target decrypt data, obtain the first raw data that described server sends; The data sending request of response user, the 2nd target data after utilizing described first PKI to be encrypted the 2nd raw data are sent to described server.
Preferably, described 2nd key acquisition module specifically for:
Send connection request to server, receive the first PKI that described server sends, judge whether to be previously stored with the PKI of described server, if, then determine that whether the PKI of the described server of described first PKI with storage is consistent, if it does, stored by described first PKI.
Present invention also offers a kind of data transmission system, comprise client terminal and server:
Described client terminal is used for:
Send connection request to server, obtain the first PKI of described server and store;
The 2nd private key calculating the 2nd PKI and mate mutually with described 2nd PKI, is sent to described server by described 2nd PKI;
The data sink request of response user, receive described server the first raw data is utilized described 2nd PKI encrypt after the first target data, use the described 2nd private key to described target decrypt data, obtain the first raw data that described server sends;
The data sending request of response user, the 2nd target data after utilizing described first PKI to be encrypted the 2nd raw data are sent to described server;
Described server is used for:
The the first private key obtaining the first PKI and mate mutually with described first PKI;
Receive the connection request of client terminal, described first PKI is sent to described client terminal;
Receive the 2nd PKI that described client terminal sends, described 2nd PKI is stored;
Responding the data sink request of described client terminal, the first target data after the first raw data utilizes described 2nd PKI be encrypted are sent to described client terminal;
Respond the data sending request of described client terminal, receive described client terminal the 2nd raw data is utilized described first PKI encrypt after the 2nd target data, use the described first private key to described target decrypt data, obtain the 2nd raw data that described client terminal sends.
Apply a kind of client terminal provided by the invention, server, data transmission method and system, client-requested connection server, server calculates the first PKI key private in mate first and the first PKI is sent to client terminal, the 2nd private key that client terminal calculates the 2nd PKI and matches, described 2nd PKI is sent to server, when client terminal is from server requested data, data are used the 2nd PKI encryption by server, client terminal it is sent to after encryption, client terminal with the 2nd of the 2nd public key match private key to data deciphering, thus obtain data, when user end to server sends data, the data to be sent are used the first PKI encryption by client terminal, server it is sent to after encryption, server with the first of the first public key match the private key to data deciphering, thus obtain data, the PKI of server and client terminal is shared mutually and is used for adding confidential information, but only the private key of oneself just can be deciphered, so can effectively improve the security of transfer like this.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, it is briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only embodiments of the invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, it is also possible to obtain other accompanying drawing according to the accompanying drawing provided.
Fig. 1 is the schema of a kind of data transmission method embodiment one of the present invention;
Fig. 2 is the structural representation of a kind of server example two of the present invention;
Fig. 3 is the schema of a kind of data transmission method embodiment three of the present invention;
Fig. 4 is the structural representation of a kind of client terminal embodiment four of the present invention;
Fig. 5 is the structural representation of a kind of data transmission system embodiment five of the present invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is only the present invention's part embodiment, instead of whole embodiments. Based on the embodiment in the present invention, those of ordinary skill in the art, not making other embodiments all obtained under creative work prerequisite, belong to the scope of protection of the invention.
Embodiment one:
The present invention provides a kind of data transmission method, and Fig. 1 shows the schema of data transmission method embodiment one of the present invention, comprising:
Step S101: the first private key obtaining the first PKI and mating mutually with described first PKI;
Judge whether to store the first PKI file, if, the the first private key then obtaining the first PKI and mate mutually with described first PKI, otherwise the first private key calculating the first PKI and mate mutually with described first PKI, when starting safe surgery agreement SSHD service, will search and whether have PKI file, namely/etc/ssh/ssh_host* file, if not storing, then SSHD can initiatively calculate the PKI file of needs, and the private key file of coupling.
Step S102: the connection request receiving client terminal, is sent to described client terminal by described first PKI, receives the 2nd PKI that described client terminal sends, is stored by described 2nd PKI;
Client terminal initiates connection request, the first PKI obtained is sent to client terminal and preserves.
Step S103: the data sink request responding described client terminal, the first target data after the first raw data utilizes described 2nd PKI be encrypted are sent to described client terminal; Respond the data sending request of described client terminal, receive described client terminal the 2nd raw data is utilized described first PKI encrypt after the 2nd target data, use the described first private key to described target decrypt data, obtain the 2nd raw data that described client terminal sends.
When carrying out data transmission, it is divided into the situation of client-requested data and the situation of client terminal transmission data, when client-requested data, it will be sent to client terminal after will being sent to the first raw data use the 2nd PKI encryption of client terminal, owing to client terminal has the 2nd private key that the 2nd PKI mates, it is possible to be decrypted acquisition data; When client terminal needs to send data, the 2nd raw data that send is used the first PKI encryption, owing to there being the first private key of the first public key match, utilize the first private key enciphered data to be decrypted, obtain the 2nd raw data that client terminal sends.
A kind of data transmission method that application the present embodiment provides, client-requested connects, calculate the first PKI key private in mate first and the first PKI is sent to client terminal, the 2nd private key that client terminal calculates the 2nd PKI and matches, receive described 2nd PKI, during client-requested data, data are used the 2nd PKI encryption, client terminal it is sent to after encryption, client terminal with the 2nd of the 2nd public key match private key to data deciphering, thus obtain data, when client terminal sends data, client terminal sends after the data to be sent use the first PKI encrypt, with the first private key with the first public key match to data deciphering after reception, thus obtain data, PKI is shared mutually and is used for adding confidential information, but only the private key of oneself just can be deciphered, so can effectively improve the security of transfer like this.
Embodiment two:
Present invention also offers a kind of server, Fig. 2 shows the structural representation of server example two of the present invention, comprising:
First key acquisition module 101, for the first private key obtaining the first PKI and mate mutually with described first PKI;
First key exchange module 102, for receiving the connection request of client terminal, is sent to described client terminal by described first PKI, receives the 2nd PKI that described client terminal sends, is stored by described 2nd PKI;
First data transmission module 103, for responding the data sink request of described client terminal, the first target data after the first raw data utilizes described 2nd PKI be encrypted are sent to described client terminal; Respond the data sending request of described client terminal, receive described client terminal the 2nd raw data is utilized described first PKI encrypt after the 2nd target data, use the described first private key to described target decrypt data, obtain the 2nd raw data that described client terminal sends.
Described first key acquisition module 101 in the present embodiment can be specifically for:
Judge whether to store the first PKI file, if it does, then the first private key obtaining the first PKI and mating mutually with described first PKI, otherwise the first private key calculating the first PKI and mating mutually with described first PKI.
A kind of server that application the present embodiment provides, client-requested connects, calculate the first PKI key private in mate first and the first PKI is sent to client terminal, the 2nd private key that client terminal calculates the 2nd PKI and matches, receive described 2nd PKI, during client-requested data, data are used the 2nd PKI encryption, client terminal it is sent to after encryption, client terminal with the 2nd of the 2nd public key match private key to data deciphering, thus obtain data, when client terminal sends data, client terminal sends after the data to be sent use the first PKI encrypt, with the first private key with the first public key match to data deciphering after reception, thus obtain data, PKI is shared mutually and is used for adding confidential information, but only the private key of oneself just can be deciphered, so can effectively improve the security of transfer like this.
Embodiment three:
Present invention also offers a kind of data transmission method, Fig. 3 shows the schema of data transmission method embodiment three of the present invention, comprising:
Step S202: send connection request to server, obtain the first PKI of described server and store;
Carry out data transmission, first connection request is sent to server, obtain the first PKI of server and store, specifically can be: receive the first PKI that described server sends, judge whether to be previously stored with the PKI of described server, if it does, then whether the PKI determining the described server of described first PKI with storage is consistent, if it does, described first PKI is stored.
Step S202: for the 2nd private key calculating the 2nd PKI and mate mutually with described 2nd PKI, described 2nd PKI is sent to described server;
Calculate the 2nd PKI key private in the mate the 2nd, the 2nd PKI is sent to server and stores.
Step S202: the data sink request of response user, receive described server the first raw data is utilized described 2nd PKI encrypt after the first target data, use the described 2nd private key to described target decrypt data, obtain the first raw data that described server sends; The data sending request of response user, the 2nd target data after utilizing described first PKI to be encrypted the 2nd raw data are sent to described server.
When carrying out data transmission, it is divided into the situation of server requested data and the situation sending data to server, when to server requested data, the first raw data to be sent is used the data after the 2nd PKI encryption by reception server, owing to there is the 2nd private key that the 2nd PKI mates this locality, it is possible to be decrypted acquisition data; When sending data to server, the 2nd raw data that send is used the first PKI encryption, owing to server has the first private key of the first public key match, utilize the first private key enciphered data to be decrypted, obtain the 2nd raw data.
A kind of data transmission method that application the present embodiment provides, request connection server, server calculates the first PKI key private in mate first, receive the first PKI and store, the 2nd private key calculating the 2nd PKI and match, described 2nd PKI is sent to server, during from server requested data, server sends after using the 2nd PKI to encrypt data, with the 2nd private key with the 2nd public key match to data deciphering after reception, thus obtain data, when sending data to server, the data to be sent are used the first PKI encryption, server it is sent to after encryption, server with the first of the first public key match the private key to data deciphering, thus obtain data, PKI is shared mutually and is used for adding confidential information, but only the private key of oneself just can be deciphered, so can effectively improve the security of transfer like this.
Embodiment four:
Present invention also offers a kind of client terminal, Fig. 4 shows the structural representation of client terminal embodiment four of the present invention, comprising:
2nd key acquisition module 201, for sending connection request to server, obtains the first PKI of described server and stores;
2nd key exchange module 202, the 2nd private key calculating the 2nd PKI and mating mutually with described 2nd PKI, is sent to described server by described 2nd PKI;
2nd transfer module 203, for responding the data sink request of user, receive described server the first raw data is utilized described 2nd PKI encrypt after the first target data, use the described 2nd private key to described target decrypt data, obtain the first raw data that described server sends; The data sending request of response user, the 2nd target data after utilizing described first PKI to be encrypted the 2nd raw data are sent to described server.
In the present embodiment, described 2nd key acquisition module 201 can be specifically for:
Send connection request to server, receive the first PKI that described server sends, judge whether to be previously stored with the PKI of described server, if, then determine that whether the PKI of the described server of described first PKI with storage is consistent, if it does, stored by described first PKI.
A kind of client terminal that application the present embodiment provides, request connection server, server calculates the first PKI key private in mate first, receive the first PKI and store, the 2nd private key calculating the 2nd PKI and match, described 2nd PKI is sent to server, during from server requested data, server sends after using the 2nd PKI to encrypt data, with the 2nd private key with the 2nd public key match to data deciphering after reception, thus obtain data, when sending data to server, the data to be sent are used the first PKI encryption, server it is sent to after encryption, server with the first of the first public key match the private key to data deciphering, thus obtain data, PKI is shared mutually and is used for adding confidential information, but only the private key of oneself just can be deciphered, so can effectively improve the security of transfer like this.
Embodiment five:
Present invention also offers a kind of data transmission system, Fig. 5 shows the structural representation of data transmission system embodiment five of the present invention, comprises client terminal 301 and server 302:
Described client terminal 301 for:
Send connection request to server, obtain the first PKI of described server and store;
The 2nd private key calculating the 2nd PKI and mate mutually with described 2nd PKI, is sent to described server by described 2nd PKI;
The data sink request of response user, receive described server the first raw data is utilized described 2nd PKI encrypt after the first target data, use the described 2nd private key to described target decrypt data, obtain the first raw data that described server sends;
The data sending request of response user, the 2nd target data after utilizing described first PKI to be encrypted the 2nd raw data are sent to described server;
Described server 302 for:
The the first private key obtaining the first PKI and mate mutually with described first PKI;
Receive the connection request of client terminal, described first PKI is sent to described client terminal;
Receive the 2nd PKI that described client terminal sends, described 2nd PKI is stored;
Responding the data sink request of described client terminal, the first target data after the first raw data utilizes described 2nd PKI be encrypted are sent to described client terminal;
Respond the data sending request of described client terminal, receive described client terminal the 2nd raw data is utilized described first PKI encrypt after the 2nd target data, use the described first private key to described target decrypt data, obtain the 2nd raw data that described client terminal sends.
A kind of data transmission system that application the present embodiment provides, client-requested connection server, server calculates the first PKI key private in mate first and the first PKI is sent to client terminal, the 2nd private key that client terminal calculates the 2nd PKI and matches, described 2nd PKI is sent to server, when client terminal is from server requested data, data are used the 2nd PKI encryption by server, client terminal it is sent to after encryption, client terminal with the 2nd of the 2nd public key match private key to data deciphering, thus obtain data, when user end to server sends data, the data to be sent are used the first PKI encryption by client terminal, server it is sent to after encryption, server with the first of the first public key match the private key to data deciphering, thus obtain data, the PKI of server and client terminal is shared mutually and is used for adding confidential information, but only the private key of oneself just can be deciphered, so can effectively improve the security of transfer like this.
It should be noted that, each embodiment in this specification sheets all adopts the mode gone forward one by one to describe, each embodiment emphasis illustrate be the difference with other embodiments, between each embodiment identical similar part mutually see.
Finally, also it should be noted that, herein, the such as relational terms of first and second grades and so on is only used for separating an entity or operation with another entity or operational zone, and not necessarily requires or imply to there is any this kind of actual relation or sequentially between these entities or operation. And, term " comprises ", " comprising " or its any other variant are intended to contain comprising of nonexcludability, so that comprise the process of a series of key element, method, article or equipment not only comprise those key elements, but also comprise other key elements clearly do not listed, or also comprise the key element intrinsic for this kind of process, method, article or equipment. When not more restrictions, the key element limited by statement " comprising ... ", and be not precluded within process, method, article or the equipment comprising described key element and also there is other identical element.
Above a kind of client terminal provided by the present invention, server, data transmission method and system are described in detail, apply specific case herein the principle of the present invention and enforcement mode to have been set forth, illustrating just for helping the method understanding the present invention and core concept thereof of above embodiment; Meanwhile, for one of ordinary skill in the art, according to the thought of the present invention, all will change in specific embodiments and applications, in sum, this description should not be construed as limitation of the present invention.
Claims (9)
1. a data transmission method, it is characterised in that, comprising:
The the first private key obtaining the first PKI and mate mutually with described first PKI;
Receive the connection request of client terminal, described first PKI is sent to described client terminal, receive the 2nd PKI that described client terminal sends, described 2nd PKI is stored;
Responding the data sink request of described client terminal, the first target data after the first raw data utilizes described 2nd PKI be encrypted are sent to described client terminal; Respond the data sending request of described client terminal, receive described client terminal the 2nd raw data is utilized described first PKI encrypt after the 2nd target data, use the described first private key to described target decrypt data, obtain the 2nd raw data that described client terminal sends.
2. data transmission method according to claim 1, it is characterised in that, described acquisition first PKI and the first private key mated mutually with described first PKI comprise:
Judge whether to store the first PKI file, if it does, then the first private key obtaining the first PKI and mating mutually with described first PKI, otherwise the first private key calculating the first PKI and mating mutually with described first PKI.
3. a server, it is characterised in that, comprising:
First key acquisition module, for the first private key obtaining the first PKI and mate mutually with described first PKI;
First key exchange module, for receiving the connection request of client terminal, is sent to described client terminal by described first PKI, receives the 2nd PKI that described client terminal sends, is stored by described 2nd PKI;
First data transmission module, for responding the data sink request of described client terminal, the first target data after the first raw data utilizes described 2nd PKI be encrypted are sent to described client terminal; Respond the data sending request of described client terminal, receive described client terminal the 2nd raw data is utilized described first PKI encrypt after the 2nd target data, use the described first private key to described target decrypt data, obtain the 2nd raw data that described client terminal sends.
4. server according to claim 3, it is characterised in that, described first key acquisition module specifically for:
Judge whether to store the first PKI file, if it does, then the first private key obtaining the first PKI and mating mutually with described first PKI, otherwise the first private key calculating the first PKI and mating mutually with described first PKI.
5. a data transmission method, it is characterised in that, comprising:
Send connection request to server, obtain the first PKI of described server and store;
For the 2nd private key calculating the 2nd PKI and mate mutually with described 2nd PKI, described 2nd PKI is sent to described server;
The data sink request of response user, receive described server the first raw data is utilized described 2nd PKI encrypt after the first target data, use the described 2nd private key to described target decrypt data, obtain the first raw data that described server sends; The data sending request of response user, the 2nd target data after utilizing described first PKI to be encrypted the 2nd raw data are sent to described server.
6. data transmission method according to claim 5, it is characterised in that, the first PKI of the described server of described acquisition also stores and comprises:
Receive the first PKI that described server sends, judge whether to be previously stored with the PKI of described server, if it does, then whether the PKI determining the described server of described first PKI with storage is consistent, if it does, stored by described first PKI.
7. a client terminal, it is characterised in that, comprising:
2nd key acquisition module, for sending connection request to server, obtains the first PKI of described server and stores;
2nd key exchange module, the 2nd private key calculating the 2nd PKI and mating mutually with described 2nd PKI, is sent to described server by described 2nd PKI;
2nd transfer module, for responding the data sink request of user, receive described server the first raw data is utilized described 2nd PKI encrypt after the first target data, use the described 2nd private key to described target decrypt data, obtain the first raw data that described server sends; The data sending request of response user, the 2nd target data after utilizing described first PKI to be encrypted the 2nd raw data are sent to described server.
8. client terminal according to claim 7, it is characterised in that, described 2nd key acquisition module specifically for:
Send connection request to server, receive the first PKI that described server sends, judge whether to be previously stored with the PKI of described server, if, then determine that whether the PKI of the described server of described first PKI with storage is consistent, if it does, stored by described first PKI.
9. a data transmission system, it is characterised in that, comprise client terminal and server:
Described client terminal is used for:
Send connection request to server, obtain the first PKI of described server and store;
The 2nd private key calculating the 2nd PKI and mate mutually with described 2nd PKI, is sent to described server by described 2nd PKI;
The data sink request of response user, receive described server the first raw data is utilized described 2nd PKI encrypt after the first target data, use the described 2nd private key to described target decrypt data, obtain the first raw data that described server sends;
The data sending request of response user, the 2nd target data after utilizing described first PKI to be encrypted the 2nd raw data are sent to described server;
Described server is used for:
The the first private key obtaining the first PKI and mate mutually with described first PKI;
Receive the connection request of client terminal, described first PKI is sent to described client terminal;
Receive the 2nd PKI that described client terminal sends, described 2nd PKI is stored;
Responding the data sink request of described client terminal, the first target data after the first raw data utilizes described 2nd PKI be encrypted are sent to described client terminal;
Respond the data sending request of described client terminal, receive described client terminal the 2nd raw data is utilized described first PKI encrypt after the 2nd target data, use the described first private key to described target decrypt data, obtain the 2nd raw data that described client terminal sends.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610112427.XA CN105656624A (en) | 2016-02-29 | 2016-02-29 | Client side, server and data transmission method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610112427.XA CN105656624A (en) | 2016-02-29 | 2016-02-29 | Client side, server and data transmission method and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105656624A true CN105656624A (en) | 2016-06-08 |
Family
ID=56492844
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610112427.XA Pending CN105656624A (en) | 2016-02-29 | 2016-02-29 | Client side, server and data transmission method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105656624A (en) |
Cited By (20)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106209835A (en) * | 2016-07-08 | 2016-12-07 | 北京众享比特科技有限公司 | Peer-to-peer network communication system and method |
| CN106789026A (en) * | 2016-12-30 | 2017-05-31 | 上海帝联信息科技股份有限公司 | CDN server and its with client connection method, private key server and system |
| CN106982208A (en) * | 2017-03-21 | 2017-07-25 | 苏州光之翼智能科技有限公司 | A kind of method of Unmanned Aerial Vehicle Data transmission protection |
| CN107172056A (en) * | 2017-05-31 | 2017-09-15 | 福建中金在线信息科技有限公司 | A kind of channel safety determines method, device, system, client and server |
| CN107171804A (en) * | 2017-05-16 | 2017-09-15 | 歌尔科技有限公司 | A kind of data transmission method |
| CN109347826A (en) * | 2018-10-22 | 2019-02-15 | 上海七牛信息技术有限公司 | A kind of verification method and system |
| CN109409885A (en) * | 2018-10-29 | 2019-03-01 | 深圳声笑科技有限公司 | Across chain method of commerce, device and storage medium on block chain |
| CN109409109A (en) * | 2018-10-17 | 2019-03-01 | 网易(杭州)网络有限公司 | Data processing method, device, processor and server in network service |
| CN109788002A (en) * | 2019-03-12 | 2019-05-21 | 北京首汽智行科技有限公司 | A kind of Http request encryption and decryption method and system |
| CN111092887A (en) * | 2019-12-17 | 2020-05-01 | 北京华力创通科技股份有限公司 | Secure transmission method, device and system of network RTK data |
| CN112202792A (en) * | 2020-09-30 | 2021-01-08 | 京东数字科技控股股份有限公司 | Communication method and device for establishing long connection between client and server |
| CN112351023A (en) * | 2020-10-30 | 2021-02-09 | 杭州安恒信息技术股份有限公司 | Data sharing and transmission method and system |
| WO2022028391A1 (en) * | 2020-08-03 | 2022-02-10 | 华为技术有限公司 | Data cloud service method and communication apparatus |
| CN114039734A (en) * | 2018-03-16 | 2022-02-11 | 腾讯科技(深圳)有限公司 | Device resetting method and device |
| CN114440918A (en) * | 2022-04-07 | 2022-05-06 | 北京百度网讯科技有限公司 | Charging pile navigation method and device, electronic equipment and automatic driving vehicle |
| CN114978564A (en) * | 2021-04-20 | 2022-08-30 | 中移互联网有限公司 | Data transmission method and device based on multiple encryption |
| CN115567195A (en) * | 2021-07-01 | 2023-01-03 | 中移物联网有限公司 | Secure communication method, client, server, terminal and network side equipment |
| CN115987564A (en) * | 2022-12-01 | 2023-04-18 | 上海倍通医药科技咨询有限公司 | Encryption method in data interaction process |
| CN116010529A (en) * | 2023-03-08 | 2023-04-25 | 阿里云计算有限公司 | Data processing method and system |
| CN117574408A (en) * | 2024-01-15 | 2024-02-20 | 杭州字节方舟科技有限公司 | Production data management method and device based on block chain and electronic equipment |
Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1079565A2 (en) * | 1999-08-25 | 2001-02-28 | Dew Engineering and Development Limited | Method of securely establishing a secure communication link via an unsecured communication network |
| CN101426190A (en) * | 2007-11-01 | 2009-05-06 | 华为技术有限公司 | Service access authentication method and system |
| CN101651684A (en) * | 2008-08-12 | 2010-02-17 | 丛林网络公司 | Systems and methods for providing network devices |
| CN102257788A (en) * | 2008-12-24 | 2011-11-23 | 高通股份有限公司 | Method and apparatus for providing network communication association information to applications and services |
| CN102577230A (en) * | 2009-10-21 | 2012-07-11 | 微软公司 | Low-latency peer session establishment |
| CN102724205A (en) * | 2012-06-27 | 2012-10-10 | 浙江中控软件技术有限公司 | Method for encrypting communication process in industrial field and data collection device |
| CN102724321A (en) * | 2012-06-21 | 2012-10-10 | 中国科学院高能物理研究所 | System and method for transmission of mass high-energy physical experimental data |
| CN103036867A (en) * | 2011-09-28 | 2013-04-10 | 三星Sds株式会社 | Apparatus and method for providing virtual private network service based on mutual authentication |
| CN103647648A (en) * | 2013-12-10 | 2014-03-19 | 飞天诚信科技股份有限公司 | Safety communication method |
| WO2014138430A2 (en) * | 2013-03-06 | 2014-09-12 | Marvell World Trade Ltd. | Secure simple enrollment |
| CN104519013A (en) * | 2013-09-27 | 2015-04-15 | 华为技术有限公司 | Method and system for ensuring security of media stream, and device |
| CN104883677A (en) * | 2014-02-28 | 2015-09-02 | 阿里巴巴集团控股有限公司 | Equipment communication connection method, apparatus and system |
-
2016
- 2016-02-29 CN CN201610112427.XA patent/CN105656624A/en active Pending
Patent Citations (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP1079565A2 (en) * | 1999-08-25 | 2001-02-28 | Dew Engineering and Development Limited | Method of securely establishing a secure communication link via an unsecured communication network |
| CN101426190A (en) * | 2007-11-01 | 2009-05-06 | 华为技术有限公司 | Service access authentication method and system |
| CN101651684A (en) * | 2008-08-12 | 2010-02-17 | 丛林网络公司 | Systems and methods for providing network devices |
| CN102257788A (en) * | 2008-12-24 | 2011-11-23 | 高通股份有限公司 | Method and apparatus for providing network communication association information to applications and services |
| CN102577230A (en) * | 2009-10-21 | 2012-07-11 | 微软公司 | Low-latency peer session establishment |
| CN103036867A (en) * | 2011-09-28 | 2013-04-10 | 三星Sds株式会社 | Apparatus and method for providing virtual private network service based on mutual authentication |
| CN102724321A (en) * | 2012-06-21 | 2012-10-10 | 中国科学院高能物理研究所 | System and method for transmission of mass high-energy physical experimental data |
| CN102724205A (en) * | 2012-06-27 | 2012-10-10 | 浙江中控软件技术有限公司 | Method for encrypting communication process in industrial field and data collection device |
| WO2014138430A2 (en) * | 2013-03-06 | 2014-09-12 | Marvell World Trade Ltd. | Secure simple enrollment |
| CN104519013A (en) * | 2013-09-27 | 2015-04-15 | 华为技术有限公司 | Method and system for ensuring security of media stream, and device |
| CN103647648A (en) * | 2013-12-10 | 2014-03-19 | 飞天诚信科技股份有限公司 | Safety communication method |
| CN104883677A (en) * | 2014-02-28 | 2015-09-02 | 阿里巴巴集团控股有限公司 | Equipment communication connection method, apparatus and system |
Cited By (26)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106209835B (en) * | 2016-07-08 | 2019-11-22 | 北京众享比特科技有限公司 | Peer-to-peer network communication system and method |
| CN106209835A (en) * | 2016-07-08 | 2016-12-07 | 北京众享比特科技有限公司 | Peer-to-peer network communication system and method |
| CN106789026A (en) * | 2016-12-30 | 2017-05-31 | 上海帝联信息科技股份有限公司 | CDN server and its with client connection method, private key server and system |
| CN106982208A (en) * | 2017-03-21 | 2017-07-25 | 苏州光之翼智能科技有限公司 | A kind of method of Unmanned Aerial Vehicle Data transmission protection |
| CN107171804A (en) * | 2017-05-16 | 2017-09-15 | 歌尔科技有限公司 | A kind of data transmission method |
| CN107171804B (en) * | 2017-05-16 | 2019-12-03 | 歌尔科技有限公司 | A kind of data transmission method |
| CN107172056A (en) * | 2017-05-31 | 2017-09-15 | 福建中金在线信息科技有限公司 | A kind of channel safety determines method, device, system, client and server |
| CN114039734A (en) * | 2018-03-16 | 2022-02-11 | 腾讯科技(深圳)有限公司 | Device resetting method and device |
| CN109409109A (en) * | 2018-10-17 | 2019-03-01 | 网易(杭州)网络有限公司 | Data processing method, device, processor and server in network service |
| CN109347826A (en) * | 2018-10-22 | 2019-02-15 | 上海七牛信息技术有限公司 | A kind of verification method and system |
| CN109347826B (en) * | 2018-10-22 | 2021-06-22 | 上海七牛信息技术有限公司 | Verification method and system |
| CN109409885A (en) * | 2018-10-29 | 2019-03-01 | 深圳声笑科技有限公司 | Across chain method of commerce, device and storage medium on block chain |
| CN109788002A (en) * | 2019-03-12 | 2019-05-21 | 北京首汽智行科技有限公司 | A kind of Http request encryption and decryption method and system |
| CN111092887A (en) * | 2019-12-17 | 2020-05-01 | 北京华力创通科技股份有限公司 | Secure transmission method, device and system of network RTK data |
| WO2022028391A1 (en) * | 2020-08-03 | 2022-02-10 | 华为技术有限公司 | Data cloud service method and communication apparatus |
| CN112202792A (en) * | 2020-09-30 | 2021-01-08 | 京东数字科技控股股份有限公司 | Communication method and device for establishing long connection between client and server |
| CN112351023A (en) * | 2020-10-30 | 2021-02-09 | 杭州安恒信息技术股份有限公司 | Data sharing and transmission method and system |
| CN114978564A (en) * | 2021-04-20 | 2022-08-30 | 中移互联网有限公司 | Data transmission method and device based on multiple encryption |
| CN114978564B (en) * | 2021-04-20 | 2023-07-14 | 中移互联网有限公司 | Data transmission method and device based on multiple encryption |
| CN115567195A (en) * | 2021-07-01 | 2023-01-03 | 中移物联网有限公司 | Secure communication method, client, server, terminal and network side equipment |
| CN114440918A (en) * | 2022-04-07 | 2022-05-06 | 北京百度网讯科技有限公司 | Charging pile navigation method and device, electronic equipment and automatic driving vehicle |
| CN115987564A (en) * | 2022-12-01 | 2023-04-18 | 上海倍通医药科技咨询有限公司 | Encryption method in data interaction process |
| CN115987564B (en) * | 2022-12-01 | 2023-09-22 | 上海倍通医药科技咨询有限公司 | Encryption method in data interaction process |
| CN116010529A (en) * | 2023-03-08 | 2023-04-25 | 阿里云计算有限公司 | Data processing method and system |
| CN116010529B (en) * | 2023-03-08 | 2023-08-29 | 阿里云计算有限公司 | Data processing method and system |
| CN117574408A (en) * | 2024-01-15 | 2024-02-20 | 杭州字节方舟科技有限公司 | Production data management method and device based on block chain and electronic equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105656624A (en) | Client side, server and data transmission method and system | |
| RU2715163C1 (en) | Method, apparatus and system for transmitting data | |
| CN102176709B (en) | Method and device with privacy protection function for data sharing and publishing | |
| CN106295393B (en) | Electronic prescription operation method, device and system | |
| CN108347404B (en) | Identity authentication method and device | |
| CN110932851B (en) | PKI-based multi-party cooperative operation key protection method | |
| WO2015072203A1 (en) | Information delivery system | |
| CN109891423B (en) | Data encryption control using multiple control mechanisms | |
| CN104244237B (en) | Data sending, receiving method and reception send terminal and data transmitter-receiver set | |
| CN103973736A (en) | Data sharing method and device | |
| US11316671B2 (en) | Accelerated encryption and decryption of files with shared secret and method therefor | |
| CN108809633B (en) | Identity authentication method, device and system | |
| CN103427998A (en) | Internet data distribution oriented identity authentication and data encryption method | |
| CN105162599A (en) | Data transmission system and data transmission method | |
| US10063655B2 (en) | Information processing method, trusted server, and cloud server | |
| CN104993931A (en) | Multi-user encrypted search method in cloud storage | |
| CN105208005A (en) | Fingerprint authentication method, connection equipment and terminal equipment | |
| CN105577377A (en) | Identity-based authentication method and identity-based authentication system with secret key negotiation | |
| CN110505053B (en) | Quantum key filling method, device and system | |
| CN104243493A (en) | Network identity authentication method and system | |
| CN103051459B (en) | The management method of the transaction key of safety card and device | |
| CN105142134A (en) | Parameter obtaining and transmission methods/devices | |
| CN105554008A (en) | User terminal, authentication server, middle server, system and transmission method | |
| CN102118311B (en) | Data transmission method | |
| CN102036194B (en) | Method and system for encrypting MMS |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160608 |