Data ciphering method based on nfc chip anti-fake certificate
Technical field
The present invention relates to a kind of data ciphering method based on nfc chip anti-fake certificate.
Background technology
Traditional encryption is all to be carried out data transmission with after reversible encryption method mostly, and no matter the data of reversible encryption is passing
In defeated mode or how complicated in the method for encryption, but in theory for be reversible encryption mode after all, encipherer
Data and key can be carried out a series of algorithm for encryption, as long as decoding used in this obtains ciphering process in principle
Key just there is a high likelihood that decoding ciphertext data, so the probability in theory of probability decoding exists and very high.But
It is if carrying out Data Encryption Transmission using irreversible encryption algorithm, decode this and cannot decode ciphertext data, but equally
Encrypt this and also ciphertext data convert cannot be become clear data, so being passed using irreversible encryption data during data transfer
Defeated mode is worthless.
Content of the invention
For overcoming the defect of prior art, the present invention provides a kind of data ciphering method based on nfc chip anti-fake certificate.
The technical scheme is that
A kind of data ciphering method based on nfc chip anti-fake certificate, comprises the following steps:
Step 1: user inputs correct user name and password by mobile terminal, checking logs in;
Step 2: after checking User logs in success, user name, password and timestamp are carried out irreversible encryption and generates character string lattice
The key of formula;
Step 3: business datum is spelled upper timestamp and key carries out base64 AES and carries out reversible encryption;
Step 4: and then by the business datum after key, encryption and system data, carry out reversible adding using base64 AES
Close, it is encrypted to reversible ciphertext data a1;
Step 5: again a1 is carried out irreversible encryption using symmetric encipherment algorithm, be encrypted to irreversible ciphertext data b1;
Step 6: reversible ciphertext data a1 and irreversible ciphertext data b1 are sent to service end;
Step 7: after service end receives ciphertext data a1 and ciphertext data b1;
Step 8: first reversible ciphertext data a1 is decrypted according to key with base64 reversible encryption method;
Step 9: the clear data a2 after being deciphered;
Step 10: wherein clear data a2 includes the business datum after mobile terminal is transmitted through next system data and encryption;To again
Business datum to after encryption is decrypted with base64 reversible encryption method, obtains the business ginseng being transmitted through during the request of mobile terminal coming
Number;
Step 11: carry out irreversible encryption method with symmetric encipherment algorithm again and clear data a2 is carried out irreversible encryption, obtain
Irreversible ciphertext data b2 after encryption;
Step 12: and then judge whether ciphertext data b2 is identical with ciphertext data b1;
Step 13: if identical then it represents that data transmission during be not maliciously tampered, data is effective;If not phase
Same then expression data has been kidnapped by third party in transmitting procedure and has been distorted, data invalid
Step 15: flow performing terminates.
Described system data includes timestamp systimetamp, mobile end equipment unique identifier deviceid, is used for
Distinguishing and sending the side of request is the devicetype of app mobile phone or special writer, the identifier of User logs in state
Token and unique mark loginid of login user.
Data when described business datum is asked for mobile terminal or when service end returns, uniquely marks including nfc label
Know symbol uid, commodity unique identifier gsc, enterprise unique identifier entid, batch unique mark batchid, nfc of commodity
Tag state writestatus, production time productiondate, effect duration expirydate.
Described key for carrying out the token generating after irreversible encryption operation according to timestamp after User logs in success.
The invention has the advantage that
Interaction data between app mobile terminal (nfc mobile phone) and service end (cloud server) is prevented to be maliciously tampered, cross-reference
" reversible encryption " and " irreversible encryption " algorithm are it is ensured that being perfectly safe of interaction data between mobile terminal and service end.
Brief description
Fig. 1 is the schematic flow sheet of the present invention.
Specific embodiment
To further describe the present invention with reference to specific embodiment, advantages of the present invention and feature will be with description and
Apparent.But these embodiments are only exemplary, any restriction is not constituted to the scope of the present invention.People in the art
Member should be understood that can be to enter to the details of technical solution of the present invention and form under without departing from the spirit and scope of the present invention
Row modification or replacement, but these modifications and replacement each fall within protection scope of the present invention.
The present invention relates to a kind of data ciphering method based on nfc chip anti-fake certificate, comprise the following steps:
Step 1: user inputs correct user name and password by mobile terminal, checking logs in;
Step 2: after checking User logs in success, user name, password and timestamp are carried out irreversible encryption and generates character string lattice
The key of formula;
Step 3: business datum is spelled upper timestamp and key carries out base64 AES and carries out reversible encryption;
Step 4: and then by the business datum after key, encryption and system data, carry out reversible adding using base64 AES
Close, it is encrypted to reversible ciphertext data a1;
Step 5: again a1 is carried out irreversible encryption using symmetric encipherment algorithm, be encrypted to irreversible ciphertext data b1;
Step 6: reversible ciphertext data a1 and irreversible ciphertext data b1 are sent to service end.
Step 7: after service end receives ciphertext data a1 and ciphertext data b1;
Step 8: first reversible ciphertext data a1 is decrypted according to key with base64 reversible encryption method;
Step 9: the clear data a2 after being deciphered;
Step 10: wherein clear data a2 includes the business datum after mobile terminal is transmitted through next system data and encryption;To again
Business datum to after encryption is decrypted with base64 reversible encryption method, obtains the business ginseng being transmitted through during the request of mobile terminal coming
Number;
Step 11: carry out irreversible encryption method with symmetric encipherment algorithm again and clear data a2 is carried out irreversible encryption, obtain
Irreversible ciphertext data b2 after encryption;
Step 12: and then judge whether ciphertext data b2 is identical with ciphertext data b1;
Step 13: if identical then it represents that data transmission during be not maliciously tampered, data is effective;If not phase
Same then expression data has been kidnapped by third party in transmitting procedure and has been distorted, data invalid.
Step 15: flow performing terminates.
Described system data includes timestamp systimetamp, mobile end equipment unique identifier deviceid, is used for
Distinguishing and sending the side of request is the devicetype of app mobile phone or special writer, the identifier of User logs in state
Token and unique mark loginid of login user.
Data when described business datum is asked for mobile terminal or when service end returns, uniquely marks including nfc label
Know symbol uid, commodity unique identifier gsc, enterprise unique identifier entid, batch unique mark batchid, nfc of commodity
The information such as tag state writestatus, production time productiondate, effect duration expirydate.
Described key for carrying out the token generating after irreversible encryption operation according to timestamp after User logs in success.