CN106411926A - Data encryption communication method and system - Google Patents
Data encryption communication method and system Download PDFInfo
- Publication number
- CN106411926A CN106411926A CN201610957375.6A CN201610957375A CN106411926A CN 106411926 A CN106411926 A CN 106411926A CN 201610957375 A CN201610957375 A CN 201610957375A CN 106411926 A CN106411926 A CN 106411926A
- Authority
- CN
- China
- Prior art keywords
- information
- data
- authentication
- query
- client
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/045—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
Abstract
The invention provides a data encryption communication method and system. The method includes the steps of data authentication and data query. According to the data authentication step, a client encrypts authentication request information by using an asymmetric encryption mode and sends the encrypted authentication request information to an authentication center for authentication, if authentication succeeds, authentication success information and a symmetric key are returned, if the authentication fails, authentication failure information is returned. According to the data query step, the client encrypts a query request information by using an asymmetric encryption and symmetric encryption-combined mode and sends the encrypted query request information; the authentication center receives the query request information; the authentication center decrypts the query request information and carries out data query; the authentication center encrypts query result information by using an asymmetric encryption mode and symmetric encryption-combined mode; and the client receives the query result information and decrypts the query result information to obtain a data query result. According to the data encryption communication method and system of the invention, the symmetric encryption technology and the asymmetric encryption technology are used in combination to perform multi-encryption on authentication information and query information, and therefore, the security of data communication can be improved.
Description
Technical field
The present invention relates to communication technical field is and in particular to a kind of data encryption communication means and system.
Background technology
Symmetric cryptography is a kind of the quickest, simplest cipher mode, encryption(encryption)With deciphering
(decryption)It is same key(secret key).What symmetric cryptography was usually used is relatively small key,
It is generally less than 256 bit.Because key is bigger, encryption is stronger, but encryption is slower with the process of deciphering.If it is desired to the mistake in transmission
Do not cause the leakage of information in journey, key is bigger, but the speed so causing normal data deciphering is greatly lowered.
Asymmetric encryption be data encryption with deciphering provide a very safe method, it employ a pair close
Key, public key(public key)And private key(private key).Private key can only be by side's safekeeping it is impossible to leak, and public key
Any its people of request then can be issued.Asymmetric encryption is encrypted to one of key using this, and deciphers and then need
Another key.
Symmetric cryptography and asymmetric encryption techniques when carrying out Data Encryption Transmission, data receiver or data cutout side
Just can by the data deciphering of transmission out as long as acquiring correct key.
Internet environment has come into ripe, stable, the efficient stage, by reasonably using this resource of internet
Existing enterprise or tissue can be helped more effectively to integrate existing information resources so that prouctiveness greatly carries
Height, information can be shared away faster, and collaborative work efficiency between team is greatly improved very much.But internet after all
It is the environment of an opening, so open environment will bring the danger of various potential safety hazards and information leakage.Enterprise
If it is intended to being reduced to the danger of information leakage minimum using this large resource of internet well, can take into account first makes
With the dedicated network of enterprise, the network of enterprise and internet are kept apart, it is done so that cost will increase substantially.
Content of the invention
In order to reduce enterprise cost while also can have the mechanism that the information of a safety is quickly shared, by this
Bright data encryption communication means, enterprise can according to the concrete scene of business by important data information sharing to internet,
It is dissolved into and carries out comprehensive data analysis and excavation in this large resource pond of internet, also can use up the guarantee of amplitude peak simultaneously
These significant datas be not by lawless person obtain caused by enterprise economic loss.
The concrete scheme of the present invention is as follows:
A kind of data encryption communication means, including data authentication and data query step,
Data authentication step:Client is entered to authentication center using the mode encrypting and transmitting certification request information of asymmetric encryption
Row certification, if certification success, the successful information of return authentication and symmetric key, if authentification failure, return authentication failure
Information,
Data query step:
Client combines asymmetric encryption and symmetric cryptography mode encrypting and transmitting inquiry request information;
Authentication center receives inquiry request information;
Authentication center's deciphering inquiry request information simultaneously calls data-query interfaces to carry out data query;
Authentication center combines asymmetric encryption and symmetric cryptography mode encrypted query object information;
Client receives Query Result information and deciphers Query Result acquisition of information data query result.
Further, also include initialized step:
Client generates a pair of public key and private key, and client public key is sent to authentication center;
Authentication center generates a pair of public key and private key, and authentication center's public key is sent to client;
By client device registration to authentication center, log-on message is terminal device hardware characteristic information, and private by client
Key encrypting registration information.
Further, described data authentication step is specifically:
Step 101, client pass through client private key ciphering terminal device hardware characteristic information;
Step 102, client send certification request information, and this certification request information includes the end after facility registration ID and encryption
End equipment hardware characteristics information;
Step 103, authentication center receive certification request information, read facility registration ID identification terminal equipment information, then root
Obtain corresponding client public key, decryption terminal device hardware characteristic information according to the terminal device information identifying, be decrypted into
Work(enters step 104, deciphers unsuccessfully entrance step 106;
Step 104:By step 103 the terminal device hardware characteristic information decrypting and the device hardware characteristic information pair registered
Ratio carries out re-authentication, and certification is successfully entered step 105, and authentification failure enters step 106;
Step 105:Generate one and be cased with necessarily ageing symmetric cryptographic key based on device hardware characteristic information, and carry out
Caching, enters step 106;
Step 106:Splicing response results packet, this response results packet includes authentication state and symmetric cryptography key,
Authentication state be successfully when, symmetric cryptography key is the symmetric cryptography key that step 105 generates, and is added using authentication center's private key
Close symmetric cryptography key, authentication state be unsuccessfully when, symmetric cryptography key be sky;
Step 107:Client receives response results packet, obtains authentication state information, if authentication state is certification success, leads to
Cross authentication center's public key decryptions to obtain symmetric cryptographic key and be cached to local.
Further, described data query step is specifically:
Step 201:Client assembles inquiry request information, and inquiry request information includes facility registration ID, terminal device hardware spy
Reference breath, querying condition information;
Step 202:The symmetric cryptographic key of obtaining step 107 caching, using symmetric cryptographic key encrypted query conditional information;
Step 203:Using the terminal device hardware characteristic information in client private key encrypted query solicited message, and use client
End private key encrypted query conditional information again;
Step 204:Call the data query service interface of authentication center, send inquiry request information;
Step 205:Authentication center receives inquiry request information, reads facility registration ID identification terminal equipment information, then root
Obtain corresponding client public key, decryption terminal device hardware characteristic information and inquiry according to the terminal device information identifying
Conditional information, successful decryption enters step 206, deciphers unsuccessfully entrance step 210;
Step 206:The symmetrical of this terminal device caching is obtained in authentication center according to reading terminal equipment hardware characteristics information
Encryption key, obtains and is successfully entered step 207, does not get then entrance step 210;
Step 207:Obtain the data-query interfaces of data sharing center, get available data-query interfaces, enter step
208, otherwise enter step 210;
Step 208:Data-query interfaces call in authentication center, synchronize data query, enter step after obtaining Query Result
209, there is abnormal then entrance step 210 during the data-query interfaces calling data sharing center;
Step 209:Obtain authentication center's private key, the corresponding symmetric cryptographic key of terminal device, Query Result is added using symmetrical
Key carries out symmetric cryptography, then carries out asymmetric encryption using the private key of authentication center;
Step 210:Assembling Query Result information, Query Result information includes facility registration ID, inquiry state and Query Result,
Inquiry state be successfully when, Query Result is the Query Result after step 209 encryption, when inquiry state is abnormal, inquiry knot
Fruit is abnormal information;
Step 211:Client receives Query Result information, inquiry state be successfully when inquired about using authentication center public key decryptions and tie
Really, then using the symmetric cryptographic key of step 107 caching, decipher Query Result again to obtain final Query Result, inquiry
Abnormal information is obtained when state is abnormal.
A kind of data encryption communication system, including:
Client, for certification request information being carried out with asymmetric encryption and sending certification request information, receives response results number
According to bag and asymmetric deciphering is carried out to response results packet, inquiry request information is carried out with symmetric cryptography and asymmetric encryption simultaneously
Send inquiry request information, receive Query Result information and carry out the close and asymmetric deciphering of symmetric solution;
Authentication center, for receiving certification request information and carrying out asymmetric deciphering, is authenticated judging, to response results data
Bag carries out asymmetric encryption and returns response results packet, receives inquiry request information and carries out the close and asymmetric solution of symmetric solution
Close, carry out inquiry judging and data query, Query Result information is carried out with symmetric cryptography and asymmetric encryption and returns inquiry knot
Fruit information.
The invention has the beneficial effects as follows:
The present invention passes through with reference to symmetric cryptosystem and asymmetric encryption techniques, authentication information and Query Information is carried out many
Re-encryption, improves the security of data communication.
Brief description
Fig. 1 is the flow chart of data authentication of the present invention;
Fig. 2 is the flow chart of data query of the present invention.
Specific embodiment
For further illustrating each embodiment, the present invention is provided with accompanying drawing.These accompanying drawings are the invention discloses one of content
Point, it is mainly in order to illustrate embodiment, and can coordinate the associated description of the specification operation principles to explain embodiment.Cooperation ginseng
Examine these contents, those of ordinary skill in the art will be understood that other possible embodiments and advantages of the present invention.Now tie
The present invention is further described to close the drawings and specific embodiments.
The system of the present invention includes client, data authentication center, and the function of wherein client mainly has:
1st, local RSA public, private key generates
2nd, terminal device registration
3rd, terminal device authentication
4th, data exhibiting
Authentication center plays the effect formed a connecting link in this programme, and any terminal device desires access to the number of data center's data
According to the certification being required for through authentication center and authorize, authentication center adopts SSL Socket technology externally to issue following number
According to service interface:
1st, terminal device registration
2nd, terminal device authentication
3rd, data ciphering and deciphering
4th, terminal unit status inquiry.
In the present system, client, for certification request information being carried out with asymmetric encryption and sending certification request information,
Receive response results packet and asymmetric deciphering is carried out to response results packet, symmetric cryptography is carried out to inquiry request information
With asymmetric encryption and send inquiry request information, receive Query Result information and simultaneously carry out the close and asymmetric deciphering of symmetric solution.
In the present system, authentication center, for receiving certification request information and carrying out asymmetric deciphering, is authenticated sentencing
Disconnected, response results packet is carried out with asymmetric encryption and returns response results packet, receive inquiry request information and carry out
Symmetrical deciphering and asymmetric deciphering, carry out inquiry judging and data query, and Query Result information is carried out with symmetric cryptography and non-right
Claim to encrypt and return Query Result information.
The data encryption communication means of one embodiment of the invention, including data authentication and data query step,
Wherein data authentication step is:Client uses the mode encrypting and transmitting certification request information of asymmetric encryption to certification
Center is authenticated, if certification success, the successful information of return authentication and symmetric key, if authentification failure, return authentication
The information of failure,
Data query step includes:
Client combines asymmetric encryption and symmetric cryptography mode encrypting and transmitting inquiry request information;
Authentication center receives inquiry request information;
Authentication center's deciphering inquiry request information simultaneously calls data-query interfaces to carry out data query;
Authentication center combines asymmetric encryption and symmetric cryptography mode encrypted query object information;
Client receives Query Result information and deciphers Query Result acquisition of information data query result.
In the present embodiment, also include initialized step:
Client generates a pair of public key and private key, and client public key is sent to authentication center;
Authentication center generates a pair of public key and private key, and authentication center's public key is sent to client;
By client device registration to authentication center, log-on message is terminal device hardware characteristic information, and private by client
Key encrypting registration information.
In the present embodiment, described data authentication step is specifically:
Step 101, client pass through client private key ciphering terminal device hardware characteristic information;
Step 102, client send certification request information, and this certification request information includes the end after facility registration ID and encryption
End equipment hardware characteristics information;
Step 103, authentication center receive certification request information, read facility registration ID identification terminal equipment information, then root
Obtain corresponding client public key, decryption terminal device hardware characteristic information according to the terminal device information identifying, be decrypted into
Work(enters step 104, deciphers unsuccessfully entrance step 106;
Step 104:By step 103 the terminal device hardware characteristic information decrypting and the device hardware characteristic information pair registered
Ratio carries out re-authentication, and certification is successfully entered step 105, and authentification failure enters step 106;
Step 105:Generate one and be cased with necessarily ageing symmetric cryptographic key based on device hardware characteristic information, and carry out
Caching, enters step 106;
Step 106:Splicing response results packet, this response results packet includes authentication state and symmetric cryptography key,
Authentication state be successfully when, symmetric cryptography key is the symmetric cryptography key that step 105 generates, and is added using authentication center's private key
Close symmetric cryptography key, authentication state be unsuccessfully when, symmetric cryptography key be sky;
Step 107:Client receives response results packet, obtains authentication state information, if authentication state is certification success, leads to
Cross authentication center's public key decryptions to obtain symmetric cryptographic key and be cached to local.
In the present embodiment, described data query step is specifically:
Step 201:Client assembles inquiry request information, and inquiry request information includes facility registration ID, terminal device hardware spy
Reference breath, querying condition information;
Step 202:The symmetric cryptographic key of obtaining step 107 caching, using symmetric cryptographic key encrypted query conditional information;
Step 203:Using the terminal device hardware characteristic information in client private key encrypted query solicited message, and use client
End private key encrypted query conditional information again;
Step 204:Call the data query service interface of authentication center, send inquiry request information;
Step 205:Authentication center receives inquiry request information, reads facility registration ID identification terminal equipment information, then root
Obtain corresponding client public key, decryption terminal device hardware characteristic information and inquiry according to the terminal device information identifying
Conditional information, successful decryption enters step 206, deciphers unsuccessfully entrance step 210;
Step 206:The symmetrical of this terminal device caching is obtained in authentication center according to reading terminal equipment hardware characteristics information
Encryption key, obtains and is successfully entered step 207, does not get then entrance step 210;
Step 207:Obtain the data-query interfaces of data sharing center, get available data-query interfaces, enter step
208, otherwise enter step 210;
Step 208:Data-query interfaces call in authentication center, synchronize data query, enter step after obtaining Query Result
209, there is abnormal then entrance step 210 during the data-query interfaces calling data sharing center;
Step 209:Obtain authentication center's private key, the corresponding symmetric cryptographic key of terminal device, Query Result is added using symmetrical
Key carries out symmetric cryptography, then carries out asymmetric encryption using the private key of authentication center;
Step 210:Assembling Query Result information, Query Result information includes facility registration ID, inquiry state and Query Result,
Inquiry state be successfully when, Query Result is the Query Result after step 209 encryption, when inquiry state is abnormal, inquiry knot
Fruit is abnormal information;
Step 211:Client receives Query Result information, inquiry state be successfully when inquired about using authentication center public key decryptions and tie
Really, then using the symmetric cryptographic key of step 107 caching, decipher Query Result again to obtain final Query Result, inquiry
Abnormal information is obtained when state is abnormal.
System initialization process:
1st, authentication center's initialization:Generate the RSA public-key cryptographic keys at authentication center end;
2nd, obtain the RSA public key at authentication center end from authentication center, be then configured in the client-side program of terminal device;
3rd, terminal device initialization:Start client program calls RSA KeyGen(Key schedule)Generate a set of local
Public key and private key;
4th, client public key is configured in authentication center;
5th, on client-side program authentication initialization center link information;
6th, terminal device is registered in authentication center, log-on message is hardware characteristics information:As cpu condition code, hard disk feature
Code, MAC condition code etc. are combined by certain algorithm, are then encrypted using client private key.
In conjunction with shown in Fig. 1, the identifying procedure in system handling process is as follows:
Step 101:The hardware string of terminal device is used client private key ciphering terminal device hardware feature string by client-side program,
Then it is spliced into following structure with facility registration ID;
| Facility registration ID | Terminal device hardware feature string |
Step 102:Client program calls authentication center authentication service interface, sends certification request data;
Step 103:Authentication center receives certification request information, reads facility registration ID identification terminal equipment information, then root
Obtain corresponding client public key, decryption terminal device hardware feature string according to the terminal device information identifying;Successful decryption
Enter step 104, decipher unsuccessfully entrance step 106;
Step 104:The terminal device hardware feature string that step 103 is decrypted carries out re-authentication (prevents facility registration ID
It is stolen and usurp), certification is successfully entered step 105, and authentification failure enters step 106;
Step 105:According to the built-in Symmetric key generation algorithm of authentication center, generated a set of based on device hardware feature string
There is necessarily ageing symmetric cryptographic key, row cache of going forward side by side, enter step 106;
Step 106:Splicing response results packet, structure is as follows;Using authentication center's end private key encryption symmetric cryptography key;
| Authentication state 1:Success -1:Failure | Symmetric cryptographic key (authentication state is for sky when -1) |
Step 107:Client-side program receives the successful status information of certification, judges certification success, simultaneously symmetrical by return
Encryption key is cached to locally;
Step 108:Verification process terminates;
In conjunction with shown in Fig. 2, the data query flow process in system handling process is as follows:
Step 201:Terminal device client-side program assembles data inquiry request information, and solicited message structure is as follows:
| Facility registration ID | Terminal device hardware feature string | Querying condition character string |
Step 202:The symmetric cryptographic key of obtaining step 107 caching, encrypts " querying condition character string "
Step 203:Obtain " the terminal device hardware feature string " in client private key encryption data inquiry request information and " inquiry
Criteria character string ";
Step 204:Call the data query service interface of authentication center, send data inquiry request information;
Step 205:Authentication center receives inquiry request, reads facility registration ID identification terminal equipment information, then according to knowledge
Terminal device information not out obtains corresponding client public key, deciphers " terminal device hardware feature string ", " querying condition word
Symbol string ", successful decryption enters step 206, deciphers unsuccessfully entrance step 210;
Step 206:According to reading terminal equipment hardware characteristics string, the symmetrical of this terminal device caching is obtained on authentication center to add
Key, obtains and is successfully entered step 207, does not get then entrance step 210(Because symmetric cryptographic key has certain timeliness
Property, whether the symmetric cryptographic key during authentication center needs timing to judge to cache is expired, if expired will remove automatically);
Step 207:Obtain the data-query interfaces of data sharing center, get available data-query interfaces, enter step
208, otherwise enter step 210;
Step 208:Data Data query interface calls in authentication center, synchronizes data query, waits pending data to enter after returning
Step 209;There is abnormal then entrance step 210 during the data-query interfaces calling data sharing center;
Step 209:Obtain authentication center's end private key, the corresponding symmetric cryptographic key of terminal device.Query Result is carried out first
Symmetric cryptography, then carries out asymmetric encryption using the private key at authentication center end;
Step 210:Assembling data query result information, structure is as follows,
| State 1:Success -1:Abnormal | Facility registration ID | Result data character string (such as json, xml but do not limit both), if state inserts abnormal information for -1 |
Step 211:Terminal device client-side program receives Query Result, obtains authentication center's end public key decryptions " result data word
Symbol string ", then the symmetric cryptographic key of obtaining step 107 caching, deciphers " result data character string " again.
The present invention passes through with reference to symmetric cryptosystem and asymmetric encryption techniques, and authentication information and Query Information are entered
Row multi-enciphering, improves the security of data communication.
Although specifically show and describe the present invention in conjunction with preferred embodiment, those skilled in the art should be bright
In vain, in the spirit and scope of the present invention being limited without departing from appended claims, in the form and details can be right
The present invention makes a variety of changes, and is protection scope of the present invention.
Claims (5)
1. a kind of data encryption communication means is it is characterised in that include data authentication and data query step,
Data authentication step:Client is entered to authentication center using the mode encrypting and transmitting certification request information of asymmetric encryption
Row certification, if certification success, the successful information of return authentication and symmetric key, if authentification failure, return authentication failure
Information,
Data query step:
Client combines asymmetric encryption and symmetric cryptography mode encrypting and transmitting inquiry request information;
Authentication center receives inquiry request information;
Authentication center's deciphering inquiry request information simultaneously calls data-query interfaces to carry out data query;
Authentication center combines asymmetric encryption and symmetric cryptography mode encrypted query object information;
Client receives Query Result information and deciphers Query Result acquisition of information data query result.
2. data encryption communication means according to claim 1 is it is characterised in that also include initialized step:
Client generates a pair of public key and private key, and client public key is sent to authentication center;
Authentication center generates a pair of public key and private key, and authentication center's public key is sent to client;
By client device registration to authentication center, log-on message is terminal device hardware characteristic information, and private by client
Key encrypting registration information.
3. data encryption communication means according to claim 2 is it is characterised in that described data authentication step is concrete
It is:
Step 101, client pass through client private key ciphering terminal device hardware characteristic information;
Step 102, client send certification request information, and this certification request information includes the end after facility registration ID and encryption
End equipment hardware characteristics information;
Step 103, authentication center receive certification request information, read facility registration ID identification terminal equipment information, then root
Obtain corresponding client public key, decryption terminal device hardware characteristic information according to the terminal device information identifying, be decrypted into
Work(enters step 104, deciphers unsuccessfully entrance step 106;
Step 104:By step 103 the terminal device hardware characteristic information decrypting and the device hardware characteristic information pair registered
Ratio carries out re-authentication, and certification is successfully entered step 105, and authentification failure enters step 106;
Step 105:Generate one and be cased with necessarily ageing symmetric cryptographic key based on device hardware characteristic information, and carry out
Caching, enters step 106;
Step 106:Splicing response results packet, this response results packet includes authentication state and symmetric cryptography key,
Authentication state be successfully when, symmetric cryptography key is the symmetric cryptography key that step 105 generates, and is added using authentication center's private key
Close symmetric cryptography key, authentication state be unsuccessfully when, symmetric cryptography key be sky;
Step 107:Client receives response results packet, obtains authentication state information, if authentication state is certification success, leads to
Cross authentication center's public key decryptions to obtain symmetric cryptographic key and be cached to local.
4. data encryption communication means according to claim 3 is it is characterised in that described data query step is concrete
It is:
Step 201:Client assembles inquiry request information, and inquiry request information includes facility registration ID, terminal device hardware spy
Reference breath, querying condition information;
Step 202:The symmetric cryptographic key of obtaining step 107 caching, using symmetric cryptographic key encrypted query conditional information;
Step 203:Using the terminal device hardware characteristic information in client private key encrypted query solicited message, and use client
End private key encrypted query conditional information again;
Step 204:Call the data query service interface of authentication center, send inquiry request information;
Step 205:Authentication center receives inquiry request information, reads facility registration ID identification terminal equipment information, then root
Obtain corresponding client public key, decryption terminal device hardware characteristic information and inquiry according to the terminal device information identifying
Conditional information, successful decryption enters step 206, deciphers unsuccessfully entrance step 210;
Step 206:The symmetrical of this terminal device caching is obtained in authentication center according to reading terminal equipment hardware characteristics information
Encryption key, obtains and is successfully entered step 207, does not get then entrance step 210;
Step 207:Obtain the data-query interfaces of data sharing center, get available data-query interfaces, enter step
208, otherwise enter step 210;
Step 208:Data-query interfaces call in authentication center, synchronize data query, enter step after obtaining Query Result
209, there is abnormal then entrance step 210 during the data-query interfaces calling data sharing center;
Step 209:Obtain authentication center's private key, the corresponding symmetric cryptographic key of terminal device, Query Result is added using symmetrical
Key carries out symmetric cryptography, then carries out asymmetric encryption using the private key of authentication center;
Step 210:Assembling Query Result information, Query Result information includes facility registration ID, inquiry state and Query Result,
Inquiry state be successfully when, Query Result is the Query Result after step 209 encryption, when inquiry state is abnormal, inquiry knot
Fruit is abnormal information;
Step 211:Client receives Query Result information, inquiry state be successfully when inquired about using authentication center public key decryptions and tie
Really, then using the symmetric cryptographic key of step 107 caching, decipher Query Result again to obtain final Query Result, inquiry
Abnormal information is obtained when state is abnormal.
5. a kind of data encryption communication system is it is characterised in that include:
Client, for certification request information being carried out with asymmetric encryption and sending certification request information, receives response results number
According to bag and asymmetric deciphering is carried out to response results packet, inquiry request information is carried out with symmetric cryptography and asymmetric encryption simultaneously
Send inquiry request information, receive Query Result information and carry out the close and asymmetric deciphering of symmetric solution;
Authentication center, for receiving certification request information and carrying out asymmetric deciphering, is authenticated judging, to response results data
Bag carries out asymmetric encryption and returns response results packet, receives inquiry request information and carries out the close and asymmetric solution of symmetric solution
Close, carry out inquiry judging and data query, Query Result information is carried out with symmetric cryptography and asymmetric encryption and returns inquiry knot
Fruit information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610957375.6A CN106411926B (en) | 2016-11-03 | 2016-11-03 | Data encryption communication method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610957375.6A CN106411926B (en) | 2016-11-03 | 2016-11-03 | Data encryption communication method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106411926A true CN106411926A (en) | 2017-02-15 |
| CN106411926B CN106411926B (en) | 2020-07-31 |
Family
ID=58014058
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610957375.6A Active CN106411926B (en) | 2016-11-03 | 2016-11-03 | Data encryption communication method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106411926B (en) |
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109583215A (en) * | 2018-09-28 | 2019-04-05 | 阿里巴巴集团控股有限公司 | It is a kind of to handle the method and device of collage-credit data, block chain data-sharing systems |
| CN109600397A (en) * | 2019-01-26 | 2019-04-09 | 温州大学 | A kind of network security monitoring and managing method |
| CN111090870A (en) * | 2019-12-17 | 2020-05-01 | 支付宝(杭州)信息技术有限公司 | Privacy-protecting user information query method and device |
| WO2020200306A1 (en) * | 2019-04-04 | 2020-10-08 | 华控清交信息科技(北京)有限公司 | Data query and calculation method and system, and storage medium |
| CN112995146A (en) * | 2021-02-05 | 2021-06-18 | 杭州诺为医疗技术有限公司 | Communication verification method and device for implantable electrical stimulation device and external equipment |
| CN113330712A (en) * | 2018-11-13 | 2021-08-31 | 蓝捕快股份公司 | Encryption system and method using permutation group-based encryption technology |
| WO2021168652A1 (en) * | 2020-02-25 | 2021-09-02 | 深圳市欢太科技有限公司 | Terminal device information transmission method, device fingerprint generation method, and related product |
| CN113536376A (en) * | 2021-07-19 | 2021-10-22 | 中创智联科技(江苏)有限公司 | Enterprise financial data security management system and method thereof |
| CN115065530A (en) * | 2022-06-13 | 2022-09-16 | 北京华信傲天网络技术有限公司 | Trusted data interaction method and system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101404576A (en) * | 2008-09-27 | 2009-04-08 | 深圳市迅雷网络技术有限公司 | Network resource query method and system |
| CN102065016A (en) * | 2010-12-30 | 2011-05-18 | 中兴通讯股份有限公司 | Message sending and receiving method and device, message processing method and system |
| CN105791282A (en) * | 2016-02-29 | 2016-07-20 | 宇龙计算机通信科技(深圳)有限公司 | Private information protection method, mobile terminal and wearable device |
| US20160255061A1 (en) * | 2015-02-27 | 2016-09-01 | Samsung Electronics Co., Ltd. | Adaptive and efficient database protection and migration with device state changes |
-
2016
- 2016-11-03 CN CN201610957375.6A patent/CN106411926B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101404576A (en) * | 2008-09-27 | 2009-04-08 | 深圳市迅雷网络技术有限公司 | Network resource query method and system |
| CN102065016A (en) * | 2010-12-30 | 2011-05-18 | 中兴通讯股份有限公司 | Message sending and receiving method and device, message processing method and system |
| US20160255061A1 (en) * | 2015-02-27 | 2016-09-01 | Samsung Electronics Co., Ltd. | Adaptive and efficient database protection and migration with device state changes |
| CN105791282A (en) * | 2016-02-29 | 2016-07-20 | 宇龙计算机通信科技(深圳)有限公司 | Private information protection method, mobile terminal and wearable device |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109583215A (en) * | 2018-09-28 | 2019-04-05 | 阿里巴巴集团控股有限公司 | It is a kind of to handle the method and device of collage-credit data, block chain data-sharing systems |
| CN109583215B (en) * | 2018-09-28 | 2022-11-15 | 创新先进技术有限公司 | Method and device for processing credit investigation data and block chain data sharing system |
| CN113330712A (en) * | 2018-11-13 | 2021-08-31 | 蓝捕快股份公司 | Encryption system and method using permutation group-based encryption technology |
| CN109600397A (en) * | 2019-01-26 | 2019-04-09 | 温州大学 | A kind of network security monitoring and managing method |
| WO2020200306A1 (en) * | 2019-04-04 | 2020-10-08 | 华控清交信息科技(北京)有限公司 | Data query and calculation method and system, and storage medium |
| CN111090870A (en) * | 2019-12-17 | 2020-05-01 | 支付宝(杭州)信息技术有限公司 | Privacy-protecting user information query method and device |
| WO2021168652A1 (en) * | 2020-02-25 | 2021-09-02 | 深圳市欢太科技有限公司 | Terminal device information transmission method, device fingerprint generation method, and related product |
| CN112995146A (en) * | 2021-02-05 | 2021-06-18 | 杭州诺为医疗技术有限公司 | Communication verification method and device for implantable electrical stimulation device and external equipment |
| CN113536376A (en) * | 2021-07-19 | 2021-10-22 | 中创智联科技(江苏)有限公司 | Enterprise financial data security management system and method thereof |
| CN115065530A (en) * | 2022-06-13 | 2022-09-16 | 北京华信傲天网络技术有限公司 | Trusted data interaction method and system |
| CN115065530B (en) * | 2022-06-13 | 2024-01-23 | 北京华信傲天网络技术有限公司 | Trusted data interaction method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106411926B (en) | 2020-07-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106411926A (en) | Data encryption communication method and system | |
| CN109962784B (en) | Data encryption, decryption and recovery method based on multiple digital envelope certificates | |
| US7409552B2 (en) | Method for securing communications between a terminal and an additional user equipment | |
| CN111314056B (en) | Heaven and earth integrated network anonymous access authentication method based on identity encryption system | |
| CN104219228B (en) | A kind of user's registration, user identification method and system | |
| CN109218825B (en) | Video encryption system | |
| CN103546289B (en) | USB (universal serial bus) Key based secure data transmission method and system | |
| CN111615105B (en) | Information providing and acquiring method, device and terminal | |
| CN109728909A (en) | Identity identifying method and system based on USBKey | |
| CN109151508B (en) | Video encryption method | |
| CN105553951A (en) | Data transmission method and data transmission device | |
| CN103763631A (en) | Authentication method, server and television | |
| CN103338215A (en) | Method for establishing TLS (Transport Layer Security) channel based on state secret algorithm | |
| KR20150079489A (en) | Instant messaging method and system | |
| CN101631305B (en) | Encryption method and system | |
| CN108599925A (en) | A kind of modified AKA identity authorization systems and method based on quantum communication network | |
| CN108809633B (en) | Identity authentication method, device and system | |
| CN104468126B (en) | A kind of safe communication system and method | |
| CN104243494B (en) | A kind of data processing method | |
| CN105049877A (en) | Encryption method and device for live and recorded broadcast interaction system | |
| CN105516157A (en) | Independent encryption based network information safe input system and method | |
| CN107465665A (en) | A kind of file encryption-decryption method based on fingerprint identification technology | |
| CN105553654A (en) | Key information query processing method and device and key information management system | |
| JPH07325785A (en) | Network user identifying method, ciphering communication method, application client and server | |
| CN103118363A (en) | Method, system, terminal device and platform device of secret information transmission |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |