CN106453430A - Method and device for verifying encrypted data transmission paths - Google Patents
Method and device for verifying encrypted data transmission paths Download PDFInfo
- Publication number
- CN106453430A CN106453430A CN201611169296.5A CN201611169296A CN106453430A CN 106453430 A CN106453430 A CN 106453430A CN 201611169296 A CN201611169296 A CN 201611169296A CN 106453430 A CN106453430 A CN 106453430A
- Authority
- CN
- China
- Prior art keywords
- information
- key
- transmitting apparatus
- plain
- field
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention discloses a method and a device for verifying encrypted data transmission paths, and relates to the technical field of data transmission. All transmission paths of encrypted data can be acquired and verified. The method includes the steps: receiving a data package sent by a message sending device; decoding secret key ciphertexts in the data package by the aid of private keys of a message receiving device to obtain secret key plaintexts; decoding message ciphertexts in the data package by the aid of the secret key plaintexts to obtain message plaintexts; verifying various signing messages in signing fields according to public keys of path fields, the message plaintexts and all message sending devices sending the message ciphertexts; reserving the message plaintexts if verification of all signing messages is successful; discarding the message plaintexts if verification of the signing messages is failed. The method and the device are mainly applicable to scenes based on sharing information of encryption technology.
Description
Technical field
The present invention relates to technical field of data transmission, more particularly to a kind of method in checking encrypted data transmission path and
Device.
Background technology
Data transfer is that data is sent to the communication process of another equipment from an equipment.In actual applications, in order to
The protection privacy of data and safety, information transmitting apparatus when sending information to information receiving device, often first with information
The public key of receiving device is encrypted to the information needing to send, and then the ciphertext of acquisition is sent to information receiving device, with
Just ciphertext is untied by information receiving device using the private key of itself.Additionally, so that information receiving device can determine information
The identity of transmission equipment and the correctness of checking received information, can be entered to sent information by signature technology toward contact
Row signature.
However, whether the mode of existing encryption and signature can checking information be only the equipment institute directly transmitting this information
The information sending, and this information cannot be verified up to the present whether there is change from original information transmitting apparatus, from
And the reliability of information is reduced.
Content of the invention
In view of this, the present invention provides a kind of method and device in checking encrypted data transmission path, can obtain and test
All transmission paths that card encryption data is passed through, thus improve the reliability of information transfer.
The purpose of the present invention employs the following technical solutions to realize:
In a first aspect, the invention provides a kind of method in checking encrypted data transmission path, methods described includes:
Receive information sends the packet that equipment sends, and wherein, described packet includes passing for recording each information
The path field in defeated path, for record key ciphertext field, for record information ciphertext field and being used for record each
The field of the signing messages of individual information transmitting apparatus, described key ciphertext is public key according to information receiving device to key plain
It is encrypted and obtains, described key plain is used for encryption information in plain text, and described signing messages is according to information transmitting apparatus
Private key, obtains to carrying out signing by the data that corresponding path field and described information plaintext form;
It is decrypted using the key ciphertext in packet described in the private key pair of described information receiving device, obtain key bright
Literary composition;
Using the key plain that deciphering obtains, the information ciphertext in described packet is decrypted, obtains information in plain text;
In plain text and it is transmitted across described information according to described path field, using the information that the deciphering of described key plain obtains
The public key of all information transmitting apparatus of ciphertext, verifies to each signing messages in described signature field;
If all signing messages are all proved to be successful, retain the information obtaining by key plain deciphering in plain text;
If there is signing messages authentication failed, abandon the information obtaining by key plain deciphering in plain text.
Second aspect, the invention provides a kind of device in checking encrypted data transmission path, described device includes:
Receiving unit, sends, for receive information, the packet that equipment sends, wherein, described packet is included for remembering
Record each information transmission path path field, for record key ciphertext field, for record information ciphertext field with
And for recording the field of the signing messages of each information transmitting apparatus, described key ciphertext is the public affairs according to information receiving device
Key is encrypted to key plain and obtains, and described key plain is used for encryption information in plain text, and described signing messages is according to letter
The private key of breath transmission equipment, obtains to carrying out signing by the data that corresponding path field and described information plaintext form;
Decryption unit, the described packet receiving for receiving unit described in the private key pair using described information receiving device
In key ciphertext be decrypted, obtain key plain;
The key plain that described decryption unit is additionally operable to using deciphering obtains is carried out to the information ciphertext in described packet
Deciphering, obtains information in plain text;
Authentication unit, for utilizing described key plain deciphering to obtain according to described path field, described decryption unit
Information in plain text and be transmitted across described information ciphertext all information transmitting apparatus public key, to each in described signature field
Signing messages is verified;
Stick unit, for when the result of described authentication unit is all proved to be successful for all signing messages, retaining
The information being obtained by key plain deciphering is in plain text;
Discarding unit, for when the result of described authentication unit is to there is signing messages authentication failed, abandoning logical
Cross the information plaintext that key plaintext decryption obtains.
The method and device in the checking encrypted data transmission path providing by technique scheme, the present invention, Neng Gou
When information transmitting apparatus need to information receiving device transmission information, the path for recording each information transmission path will be included
Field, for storing the field of key ciphertext, storing each information and send and set for the field and being used for of storage information ciphertext
The packet of the signature field of standby signing messages is sent to information receiving device, and (wherein, signing messages is with regard to transmission path
And the signature of information plaintext), receive after this packet by this information receiving device, can be first according to itself private key, close
Key ciphertext and information ciphertext obtain information in plain text, are then transmitted across this information in plain text and once according to path field, information
The public key of each information transmitting apparatus of ciphertext, verifies to each signing messages in signature field, respectively thus realizing
Checking to all transmission paths and the checking of each information transmitting apparatus institute photos and sending messages plaintext, and equal in all signing messages
Ability reservation information plaintext when being proved to be successful, and then improve the reliability of information receiving device receive information.
Described above is only the general introduction of technical solution of the present invention, in order to better understand the technological means of the present invention,
And can be practiced according to the content of description, and in order to allow the above and other objects of the present invention, feature and advantage can
Become apparent, below especially exemplified by the specific embodiment of the present invention.
Brief description
By reading the detailed description of hereafter preferred implementation, various other advantages and benefit are common for this area
Technical staff will be clear from understanding.Accompanying drawing is only used for illustrating the purpose of preferred implementation, and is not considered as to the present invention
Restriction.And in whole accompanying drawing, it is denoted by the same reference numerals identical part.In the accompanying drawings:
The flow chart that Fig. 1 shows a kind of method in checking encrypted data transmission path provided in an embodiment of the present invention;
Fig. 2 shows the method exemplary plot generating retrospective encryption data provided in an embodiment of the present invention;
Fig. 3 shows the method exemplary plot in checking encrypted data transmission path provided in an embodiment of the present invention;
The flow chart that Fig. 4 shows the method in another kind of checking encrypted data transmission path provided in an embodiment of the present invention;
Fig. 5 shows a kind of composition frame chart of the device in checking encrypted data transmission path provided in an embodiment of the present invention;
Fig. 6 shows the composition frame of the device in another kind of checking encrypted data transmission path provided in an embodiment of the present invention
Figure;
Fig. 7 shows the composition frame of the device in another kind of checking encrypted data transmission path provided in an embodiment of the present invention
Figure;
Fig. 8 shows the composition frame of the device in another kind of checking encrypted data transmission path provided in an embodiment of the present invention
Figure;
Fig. 9 shows a kind of composition frame chart of the system in checking encrypted data transmission path provided in an embodiment of the present invention.
Specific embodiment
It is more fully described the exemplary embodiment of the disclosure below with reference to accompanying drawings.Although showing the disclosure in accompanying drawing
Exemplary embodiment it being understood, however, that may be realized in various forms the disclosure and should not be by embodiments set forth here
Limited.On the contrary, these embodiments are provided to be able to be best understood from the disclosure, and can be by the scope of the present disclosure
Complete conveys to those skilled in the art.
Embodiments provide a kind of method in checking encrypted data transmission path, methods described is applied to information and sends out
Send equipment, as shown in figure 1, methods described includes:
101st, when needing to send information to information receiving device, key plain for encryption information plaintext, institute are obtained
State information in plain text and using described key plain, described information plaintext is encrypted with the information ciphertext obtaining;
Specifically, when current information transmitting apparatus are the raw information transmission equipment sending described information, Ke Yizhi
Connect and obtain described key plain and described information plaintext from local;And current information transmitting apparatus are not described original letters
During breath transmission equipment, can obtain and parse, from the packet that a upper information transmitting apparatus side joint is received, the described key plain obtaining
And described information is in plain text.
Wherein, the packet that current information transmitting apparatus receive from a upper information transmitting apparatus side joint includes:For
Record the path field of each information transmission path, be used for recording the field of key ciphertext, be used for the field of record information ciphertext
And be used for recording the signing messages of each information transmitting apparatus (sending the supreme information transmitting apparatus of equipment from raw information)
Field.Therefore, from the packet that a upper information transmitting apparatus side joint is received, parsing obtains key plain and information plaintext
Specific implementation can be:Key in the packet that current information receiving device receives first with the private key pair of itself
Ciphertext is decrypted, and obtains described key plain;Then using described key plain to the letter in the described packet receiving
Breath ciphertext is decrypted, and obtains described information in plain text.
Additionally, when current information transmitting apparatus be raw information send equipment when, need obtain key plain and
After information plaintext, using key ciphertext, information plaintext is encrypted, just can obtain information ciphertext;And current information sends
When equipment is not that raw information sends equipment, if desired information ciphertext, then can directly send from a upper information receiving device
Information ciphertext is extracted in the field for record information ciphertext of packet.
102nd, using the public key of information receiving device, described key plain is encrypted, obtains described information receiving device
Public key corresponding key ciphertext;
Wherein, the key ciphertext due to being obtained using the public key encryption of information receiving device only has the private of information receiving device
Key just can be untied, so being encrypted to key plain using the public key of information receiving device, can be effectively prevented key bright
Literary composition leaks.
It should be noted that this step only need to execute before step 106, and it is with respect to step 103- step
105 execution sequence does not limit.
103rd, send being used for characterization information to the transmission path of described information receiving device from described information transmission equipment
Add to the path field for recording each information transmission path, obtain the path field after updating;
Wherein, when information transmitting apparatus record this transmission path, only this transmission path can be added to path field
In, without delete before other information send equipment record transmission path, therefore in path field storage be from original
All transmission paths that information transmitting apparatus are experienced to the current corresponding information receiving device of information transmitting apparatus.
Exemplary, if information sequentially passes through the current information of equipment B, equipment C arrival from raw information transmission device A sending out
Send equipment D, and information transmitting apparatus D will transmit information to information receiving device E, then the content storing in path field
Can be " from D to E from C to D from B to C from A to B ".
104th, described information is utilized to send the private key of equipment, to bright by the path field after described renewal and described information
The data of literary composition composition is signed, and obtains the signing messages that described information sends equipment;
Specifically, described information is sent equipment and is first spliced the content in path field with information plaintext, Ran Hougen
According to preset algorithm, row operation is entered to spliced data, obtain the operation values of spliced data, finally sent out using described information
The operation values sending this spliced data of private key pair of equipment are encrypted, and obtain the signing messages that described information sends equipment.
Wherein, preset algorithm can be hash algorithm or other algorithms.
You need to add is that, when being spliced path field with information plaintext, path field can be made to be located above,
Information plaintext can also be made to be located above, both relative positions do not limit.
105th, the signing messages that described information is sent equipment adds to the signature being used for recording each information transmitting apparatus
In the signature field of information, obtain the signature field after updating;
Wherein, when information transmitting apparatus record this signing messages, only this signing messages can be added to signature field
In, without delete before other information send equipment record signing messages, therefore in signature field storage be from original
Information transmitting apparatus to current information transmitting apparatus all signing messages.
Exemplary, if after information plaintext M is encrypted, from raw information send device A sequentially pass through equipment B, equipment C to
Reach current information transmitting apparatus D, and information transmitting apparatus D will transmit information to information receiving device E, then word of signing
In section, the content of storage can be to " from D to E from C to D from B to C from A to B&mess=
The signature of M ".
106th, by the path field after described for inclusion renewal, the field of the described key ciphertext that is stored with, be stored with described letter
The packet of the signature field after the field of breath ciphertext and described renewal is sent to described information receiving device, so that described letter
Breath receiving device passes through to parse described packet, to obtain and to verify the transmission road of described information plaintext and described information plaintext
Footpath.
Wherein, information receiving device obtains the transmission of simultaneously checking information plaintext and information plaintext by parsing packet
The content that the method Fig. 4 as described below in path is related to.
The scheme of the present embodiment is exemplified below:
If as shown in Fig. 2 information sends device A from raw information sequentially passes through the current information of equipment B, equipment C arrival
Transmission equipment D, and information transmitting apparatus D will transmit information to information receiving device E, then and information transmitting apparatus D generates
The process of packet to be sent is as follows:
(A1) information transmitting apparatus D obtain equipment C send inclusions path field, be used for record key ciphertext field,
The packet 1 of the field for record information ciphertext and signature field;
Wherein, described path field includes " from C to D ", " from B to C " and " from A to B " three
Individual transmission path, the field for recording key ciphertext includes public key corresponding key ciphertext (the i.e. profit of information transmitting apparatus D
The key ciphertext being obtained with the public key encryption key plaintext of D), the field for record information ciphertext includes key plain encryption
The information ciphertext that information plaintext obtains, signature field includes the signing messages of the signing messages of C, the signing messages of B and A.
(A2) information transmitting apparatus D is decrypted acquisition key plain using the private key pair key ciphertext of D;
(A3) information transmitting apparatus D is encrypted to key plain using the public key of E, obtains the corresponding key of public key of E
Ciphertext, and the corresponding key of public key that corresponding for the public key of E key ciphertext is replaced D in the field being used for recording key ciphertext is close
Literary composition;
Wherein, step A3 only need to execute after step A2, before step A7, and it is with respect to the execution of step A4-A6
Order does not limit.
(A4) information transmitting apparatus D is decrypted acquisition information in plain text using key plain to information ciphertext;
Wherein, step A4 only need to execute after step A2, before step A6, and it is with respect to step A3 and step A5
Execution sequence here does not limit.
(A5) information transmitting apparatus D adds transmission path " from D to E " to path field, obtains after updating
Path field;
Wherein, step A5 only need to execute after step A1, before step A6, and it is with respect to the execution of step A2-A4
Order here does not limit.
(A6) path field after updating is spliced so that spliced interior by information transmitting apparatus D with information plaintext
Hold and include " from D to E ", " from C to D ", " fromB to C ", " from A to B " and " information is in plain text ", and
Signed using the spliced content of the private key pair of D, obtained the signing messages of D;
(A7) being used for after the path field after including updating, renewal is recorded the word of key ciphertext by information transmitting apparatus D
The packet 2 of the signature field after section, the field for record information ciphertext and renewal is defined as needing to issue information reception
The packet of equipment E.
Additionally, as shown in Figure 2, the field for record information ciphertext does not change, therefore in transmitting encrypted data
During, only raw information send equipment operation is encrypted to information plaintext, and other information send equipment only need right
The key plain of encryption information plaintext is encrypted, and need not information plaintext be encrypted again, and due to key plain
Size of data is often much smaller than information in plain text, so the amount of calculation of encryption reduces.
Provided in an embodiment of the present invention checking encrypted data transmission path method, can information transmitting apparatus need to
Information receiving device send information when, by include for record each information transmission path path field, be used for storing key
The field of ciphertext, the field for storage information ciphertext and the signature for storing the signing messages of each information transmitting apparatus
The packet of field is sent to information receiving device, and (wherein, signing messages is the label with regard to transmission path and information plaintext
Name), receive after this packet by this information receiving device, can be first close according to itself private key, key ciphertext and information
Civilian acquisition information in plain text, is then sent out according to each information that path field, information are transmitted across this information ciphertext in plain text and once
Send the public key of equipment, each signing messages in signature field is verified respectively, thus realizing to all transmission paths
Checking and the checking of each information transmitting apparatus institute photos and sending messages plaintext, and just retain when all signing messages are all proved to be successful
Information in plain text, and then improves the reliability of information receiving device receive information.
Optionally, when the key plain of current information transmitting apparatus acquisition and information plaintext come from a upper information and send out
When sending the packet that equipment sends, in order to ensure that the information being sent to information receiving device is reliable and correct information, obtaining
Take and parse the described key plain obtaining and described information plaintext from the packet that a upper information transmitting apparatus side joint is received
Before, current information transmitting apparatus can first verify whether the information of parsing from packet is tampered in plain text and this information is bright
Whether literary composition is reliable, when this information plaintext is not tampered with and is reliable, just obtains the information of parsing from packet in plain text, and works as
When being tampered or be unreliable, directly abandon this information in plain text, thus abandoning for this information plaintext being sent to information receiving device.
Wherein, whether reliability is exactly information obtained by checking parsing from packet in plain text:Verify for recording each letter
Whether the transmission path in the path field of breath transmission path is correct.
Because the signing messages in signature field is the label to transmission path and information plaintext for each information transmitting apparatus
By verifying the signing messages in signature field, name information, so can verify that information obtained by parsing from packet is in plain text
No it is tampered and whether this information is reliable in plain text.
Specifically, whether checking information is tampered in plain text and whether reliable implementation can be:Current information
Transmission equipment can decipher the information obtaining in plain text according to the path field in the packet receiving, using described key plain
And send equipment to the public key of each information transmitting apparatus in information transmitting apparatus described from described raw information, to institute
Each signing messages stated in signature field is verified;If each signing messages is all proved to be successful it is determined that information plaintext does not have
It is tampered and be reliable (i.e. transmission path is correct);If there is signing messages authentication failed, descriptive information plaintext quilt
Distort or information plaintext unreliable (i.e. transmission path is incorrect).
Wherein, the upper information that described upper information transmitting apparatus are adjacent with current information transmitting apparatus sends and sets
Standby, the packet that is, current information transmitting apparatus receive is to be sent by described upper information transmitting apparatus.For example, if letter
Breath sends device A from raw information and sequentially passes through equipment B, equipment C arrival equipment D, and equipment D needs to equipment C transmission
Signing messages in packet is verified, then current information transmitting apparatus are equipment D, and upper information transmitting apparatus are equipment
C.
Specifically, current information receiving device can obtain and treat according to default checking order from described path field
Checking information transmitting apparatus corresponding complete transmission path, described complete transmission path include from described originally transmitted equipment to
All transmission paths that the corresponding information receiving device of described information transmitting apparatus to be verified is passed through;Then treated according to described
The public key of information transmitting apparatus of checking and the letter by described complete transmission path and using the deciphering acquisition of described key plain
The data that breath forms in plain text, verifies to the signing messages of described information transmitting apparatus to be verified, until completing to all
The checking of signing messages.
Wherein, information transmitting apparatus to be verified are any in the raw information transmission supreme information transmitting apparatus of equipment
One equipment.Default checking order can be to send the supreme information transmitting apparatus of equipment from raw information to be verified successively,
Can also be to send equipment to be verified successively from upper information transmitting apparatus to raw information.
Additionally, " public key according to described information transmitting apparatus to be verified and by described complete transmission path and utilization
The data that the information that described key plain deciphering obtains forms in plain text, the signing messages to described information transmitting apparatus to be verified
Verified " specific implementation can have multiple.One of which verifies that the mode of signature is:According to preset algorithm, calculate
Operation values by described complete transmission path and the data being formed using the information plaintext that the deciphering of described key plain obtains;According to
Calculated operation values, the public key of described information transmitting apparatus to be verified, to described information transmitting apparatus to be verified
Signing messages is verified.
Wherein, the public key according to calculated operation values, described information transmitting apparatus to be verified, to described to be verified
The specific implementation verified of signing messages of information transmitting apparatus can be:First sent according to information to be verified and set
Standby public key is decrypted to corresponding signing messages, obtains the operation values after deciphering, then by described calculated computing
Value is compared with the operation values after described deciphering;If both are identical, illustrate that obtained by parsing from packet, information is in plain text
Identical with signed information plaintext, and the transmission path in path field is identical with signed transmission path, thus may be used
It is proved to be successful with determining;If both are different, illustrate that information plaintext obtained by parsing from packet is bright with signed information
Literary composition is different, or the transmission path in path field is different from signed transmission path, thus can determine authentication failed.
Exemplary, if as shown in figure 3, information sends device A and sequentially passes through equipment B, equipment C and reach from raw information sets
Standby D, then the process that the data in the packet that equipment D sends to equipment C is verified is as follows:
(B1) equipment D receiving device C send inclusions path field, be used for record the field of key ciphertext, be used for recording
The field of information ciphertext and the packet of signature field;
Wherein, described path field includes " from C to D ", " from B to C " and " from A to B " three
Individual transmission path, the field for recording key ciphertext includes the public key corresponding key ciphertext of information transmitting apparatus D, is used for
The field of record information ciphertext includes the information ciphertext that key plain encryption information plaintext obtains, and signature field includes C's
The signing messages of signing messages, the signing messages of B and A.
(B2) equipment D is decrypted using the private key pair key ciphertext of D, obtains key plain;
(B3) equipment D is decrypted to information ciphertext using key plain, obtains information in plain text;
After the information of acquisition plaintext, the transmission path that equipment D can be according to information in plain text and in path field is right respectively
The signing messages of equipment to be verified (i.e. device A to equipment C) is verified, believes obtained by parsing from packet to determine
Whether breath is true and reliable in plain text.Specifically, the checking of the signing messages to equipment C for the equipment D sees below step B4, and equipment D is to setting
The checking of the signing messages of standby B sees below step B5, and the checking of the signing messages to device A for the equipment D sees below step B6.
(B4) equipment D is spliced corresponding for equipment C fullpath so that spliced content includes with information plaintext
" from C to D ", " from B to C ", " fromA to B " and " information in plain text ", then according to the public key of C, splicing after
Content, the signing messages of C is verified;
(B5) equipment D is spliced corresponding for equipment B fullpath so that spliced content includes with information plaintext
" from B to C ", " from A to B " and " information is in plain text ", then public key, the spliced content according to B, to B's
Signing messages is verified;
(B6) equipment D is spliced corresponding for device A fullpath so that spliced content includes with information plaintext
" from A to B " and " information is in plain text ", then public key, the spliced content according to A, tests to the signing messages of A
Card;
(B7) if being all proved to be successful it is determined that information obtained by parsing from packet is true and reliable in plain text, otherwise
Then untrue reliability.
Further, according to the method shown in Fig. 1, an alternative embodiment of the invention additionally provides a kind of checking encryption number
According to the method for transmission path, methods described is applied to information receiving device, as shown in figure 4, methods described includes:
201st, receive information sends the packet that equipment sends;
Wherein, described packet include for record each information transmission path path field, be used for recording key
The field of ciphertext, the field for record information ciphertext and the word for recording the signing messages of each information transmitting apparatus
Section, described key ciphertext is according to the public key of described information receiving device, key plain to be encrypted to obtain, described key
It is used for encryption information in plain text in plain text, described signing messages is the private key according to information transmitting apparatus, to by corresponding path field
And the data of described information in plain text composition carries out signing and obtains.
Additionally, with regard to path field and signature field be discussed in detail may refer to information transmitting apparatus side method real
Apply example, will not be described here.
202nd, it is decrypted using the key ciphertext in packet described in the private key pair of described information receiving device, obtain close
Key is in plain text;
Because the encryption key that information transmitting apparatus use when being encrypted to key plain is information receiving device
Public key, so information receiving device can carry out successful decryption using the private key pair key ciphertext of itself, obtains key plain.
203rd, using the key plain that deciphering obtains, the information ciphertext in described packet is decrypted, obtains information bright
Literary composition;
204th, according to described path field, the information that obtained using the deciphering of described key plain is in plain text and described in being transmitted across
The public key of all information transmitting apparatus of information ciphertext, verifies to each signing messages in described signature field;
Specifically, information receiving device can obtain to be verified according to default checking order from described path field
Information transmitting apparatus corresponding complete transmission path, described complete transmission path includes treating from described originally transmitted equipment to described
All transmission paths that the corresponding information receiving device of information transmitting apparatus of checking is passed through;According to by described complete transmission road
Footpath and the information data of composition and the described information transmitting apparatus to be verified in plain text being obtained using the deciphering of described key plain
Public key, the signing messages of described information transmitting apparatus to be verified is verified, until complete to all signing messages
Checking.
Wherein, " form with using the information plaintext that the deciphering of described key plain obtains according to by described complete transmission path
Data and described information transmitting apparatus to be verified public key, the signing messages to described information transmitting apparatus to be verified
Verified " specific implementation can be:According to preset algorithm, calculate by described complete transmission path with using described close
The operation values of the data that the information that key plaintext decryption obtains forms in plain text;According to calculated operation values, described to be verified
The public key of information transmitting apparatus, verifies to the signing messages of described information transmitting apparatus to be verified, until completing to institute
There is the checking of signing messages.
Wherein, the specific example of checking signature may refer to embodiment of the method (i.e. the showing of Fig. 3 of information transmitting apparatus side
Example), will not be described here.
If 205 all signing messages are all proved to be successful, retain the information obtaining by key plain deciphering in plain text;
When all of signing messages is proved to be successful, descriptive information sends device transmission to current information from raw information
During receiving device, information clear content itself does not change, and transmission path is also trusted path, not quilt
Insecure equipment is intercepted and captured, and therefore can retain the information obtaining in plain text.
If 206 have signing messages authentication failed, abandon the information obtaining by key plain deciphering in plain text.
When the signing messages authentication failed of certain information transmitting apparatus, illustrate that the information obtaining is unreliable, therefore in plain text
This information can directly be abandoned in plain text, to prevent this insecure information plaintext transmission to other equipment.
Provided in an embodiment of the present invention checking encrypted data transmission path method, can information transmitting apparatus need to
Information receiving device send information when, by include for record each information transmission path path field, be used for storing key
The field of ciphertext, the field for storage information ciphertext and the signature for storing the signing messages of each information transmitting apparatus
The packet of field is sent to information receiving device, and (wherein, signing messages is the label with regard to transmission path and information plaintext
Name), receive after this packet by this information receiving device, can be first close according to itself private key, key ciphertext and information
Civilian acquisition information in plain text, is then sent out according to each information that path field, information are transmitted across this information ciphertext in plain text and once
Send the public key of equipment, each signing messages in signature field is verified respectively, thus realizing to all transmission paths
Checking and the checking of each information transmitting apparatus institute photos and sending messages plaintext, and just retain when all signing messages are all proved to be successful
Information in plain text, and then improves the reliability of information receiving device receive information.
Further, according to the method shown in Fig. 1, an alternative embodiment of the invention additionally provides a kind of checking and adds
The device of ciphertext data transmission path, described device is applied to information transmitting apparatus, as shown in figure 5, described device mainly includes:Obtain
Take unit 31, ciphering unit 32, adding device 33, signature unit 34 and transmitting element 35.Wherein,
Acquiring unit 31, for when needing to send information to information receiving device, obtaining for encryption information plaintext
Key plain, described information are in plain text and to be encrypted, to described information plaintext, the information obtaining using described key plain close
Literary composition;
Ciphering unit 32, the described key for being obtained to described acquiring unit 31 using the public key of information receiving device is bright
Literary composition is encrypted, and obtains the public key corresponding key ciphertext of described information receiving device;
Adding device 33, sends to described information receiving device from described information transmission equipment for being used for characterization information
Transmission path add to the path field for recording each information transmission path, obtain update after path field;
Signature unit 34, for sending the private key of equipment using described information, to the institute being obtained by described adding device 33
The data stating the described information plaintext composition of the path field after renewal and described acquiring unit 31 acquisition is signed, and obtains
Described information sends the signing messages of equipment;
The described information that described adding device 33 is additionally operable to obtain described signature unit 34 sends the signing messages of equipment
Add to the signature field for the signing messages recording each information transmitting apparatus, obtain the signature field after updating;
Transmitting element 35, for including the path field after described renewal, the field of the described key ciphertext that is stored with, depositing
The packet containing the signature field after the field of described information ciphertext and described renewal is sent to described information receiving device,
So that described information receiving device passes through to parse described packet, to obtain and to verify described information in plain text and described information is bright
The transmission path of literary composition.
Optionally, as shown in fig. 6, described acquiring unit 31 includes:
First acquisition module 311, for being that the raw information transmission sending described information sets when described information sends equipment
When standby, directly obtain described key plain and described information plaintext from local;
Second acquisition module 312, for when it is not that described raw information sends equipment that described information sends equipment, obtaining
The described key plain obtaining and described information plaintext is parsed from the packet that a upper information transmitting apparatus side joint is received.
Optionally, as shown in fig. 6, described device also includes:
Resolution unit 36, obtains described key for parsing from the packet that a described upper information transmitting apparatus side joint is received
Plaintext and described information are in plain text;
Described resolution unit 36 is used for close in the packet being received using the private key pair of current information transmitting apparatus
Key ciphertext is decrypted, and obtains described key plain;Using described key plain to the information in the described packet receiving
Ciphertext is decrypted, and obtains described information in plain text.
Optionally, as shown in fig. 6, described device also includes:
Authentication unit 37, for described acquiring unit 31 obtain from one information transmitting apparatus side joint receive packet in
Before parsing the described key plain obtaining and described information plaintext, according to the path word in the described packet receiving
Section, the information being obtained using the deciphering of described key plain send equipment in plain text and from described raw information to an information described
The public key of each information transmitting apparatus in transmission equipment, verifies to each signing messages in described signature field;
Described acquiring unit 31 is used for all being proved to be successful for all signing messages when the result of described authentication unit 37
When, acquisition parses, from the packet that a upper information transmitting apparatus side joint is received, the described key plain obtaining and described information is bright
Literary composition.
Optionally, as shown in fig. 6, described authentication unit 37 includes:
3rd acquisition module 371, for according to default checking order, obtaining information to be verified from described path field
Transmission equipment corresponding complete transmission path, described complete transmission path is included from described originally transmitted equipment to described to be verified
All transmission paths of being passed through of the corresponding information receiving device of information transmitting apparatus;
Authentication module 372, for according to by described complete transmission path and the letter being obtained using the deciphering of described key plain
Data and the public key of described information transmitting apparatus to be verified that breath forms in plain text, to described information transmitting apparatus to be verified
Signing messages verified, until the checking completing to all signing messages.
Optionally, described authentication module 372 is used for according to preset algorithm, calculate by described complete transmission path with utilize institute
State the operation values of the data of information plaintext composition that key plain deciphering obtains;According to calculated operation values, described to be tested
The public key of the information transmitting apparatus of card, verifies to the signing messages of described information transmitting apparatus to be verified.
Optionally, as shown in fig. 6, described device also includes:
Discarding unit 38, for when the result of described authentication unit 37 is to there is signing messages authentication failed, losing
Abandon the information plaintext obtaining using the deciphering of described key plain.
Provided in an embodiment of the present invention checking encrypted data transmission path device, can information transmitting apparatus need to
Information receiving device send information when, by include for record each information transmission path path field, be used for storing key
The field of ciphertext, the field for storage information ciphertext and the signature for storing the signing messages of each information transmitting apparatus
The packet of field is sent to information receiving device, and (wherein, signing messages is the label with regard to transmission path and information plaintext
Name), receive after this packet by this information receiving device, can be first close according to itself private key, key ciphertext and information
Civilian acquisition information in plain text, is then sent out according to each information that path field, information are transmitted across this information ciphertext in plain text and once
Send the public key of equipment, each signing messages in signature field is verified respectively, thus realizing to all transmission paths
Checking and the checking of each information transmitting apparatus institute photos and sending messages plaintext, and just retain when all signing messages are all proved to be successful
Information in plain text, and then improves the reliability of information receiving device receive information.
Further, according to the method shown in Fig. 4, an alternative embodiment of the invention additionally provides a kind of checking encryption number
According to the device of transmission path, described device is applied to information receiving device, as shown in fig. 7, described device mainly includes:Receive single
Unit 41, decryption unit 42, authentication unit 43, stick unit 44 and discarding unit 45.Wherein,
Receiving unit 41, for receive information send equipment send packet, wherein, described packet include for
Record the path field of each information transmission path, be used for recording the field of key ciphertext, be used for the field of record information ciphertext
And for recording the field of the signing messages of each information transmitting apparatus, described key ciphertext is according to information receiving device
Public key is encrypted to key plain and obtains, and described key plain is used for encryption information in plain text, and described signing messages is basis
The private key of information transmitting apparatus, obtains to carrying out signature by the data that corresponding path field and described information plaintext form
's;
Decryption unit 42, the described number receiving for receiving unit 41 described in the private key pair using described information receiving device
It is decrypted according to the key ciphertext in bag, obtain key plain;
The key plain that described decryption unit 42 is additionally operable to using deciphering obtains is entered to the information ciphertext in described packet
Row deciphering, obtains information in plain text;
Authentication unit 43, for being obtained using the deciphering of described key plain according to described path field, described decryption unit 42
The information plaintext obtaining and the public key of all information transmitting apparatus being transmitted across described information ciphertext, in described signature field
Each signing messages is verified;
Stick unit 44, for when the result of described authentication unit 43 is all proved to be successful for all signing messages,
Retain the information obtaining by key plain deciphering in plain text;
Discarding unit 45, for when the result of described authentication unit 43 is to there is signing messages authentication failed, losing
Abandon the information obtaining by key plain deciphering in plain text.
Optionally, as shown in figure 8, described authentication unit 43 includes:
Acquisition module 431, for according to default checking order, obtaining information to be verified and sending from described path field
Equipment corresponding complete transmission path, described complete transmission path is included from described originally transmitted equipment to described letter to be verified
All transmission paths that the breath corresponding information receiving device of transmission equipment is passed through;
Authentication module 432, for according to by described complete transmission path and the letter being obtained using the deciphering of described key plain
Data and the public key of described information transmitting apparatus to be verified that breath forms in plain text, to described information transmitting apparatus to be verified
Signing messages verified, until the checking completing to all signing messages.
Optionally, described authentication module 432 is used for according to preset algorithm, calculate by described complete transmission path with utilize institute
State the operation values of the data of information plaintext composition that key plain deciphering obtains;According to calculated operation values, described to be tested
The public key of the information transmitting apparatus of card, verifies to the signing messages of described information transmitting apparatus to be verified.
Provided in an embodiment of the present invention checking encrypted data transmission path device, can information transmitting apparatus need to
Information receiving device send information when, by include for record each information transmission path path field, be used for storing key
The field of ciphertext, the field for storage information ciphertext and the signature for storing the signing messages of each information transmitting apparatus
The packet of field is sent to information receiving device, and (wherein, signing messages is the label with regard to transmission path and information plaintext
Name), receive after this packet by this information receiving device, can be first close according to itself private key, key ciphertext and information
Civilian acquisition information in plain text, is then sent out according to each information that path field, information are transmitted across this information ciphertext in plain text and once
Send the public key of equipment, each signing messages in signature field is verified respectively, thus realizing to all transmission paths
Checking and the checking of each information transmitting apparatus institute photos and sending messages plaintext, and just retain when all signing messages are all proved to be successful
Information in plain text, and then improves the reliability of information receiving device receive information.
Further, according to said apparatus embodiment, an alternative embodiment of the invention additionally provides a kind of checking encryption
The system of data transfer path, as shown in figure 9, described system includes:Information transmitting apparatus 51 and information receiving device 52;Its
In, described information sends equipment 51 and includes the device as described in Fig. 5 or 6;Described information receiving device 52 is included as Fig. 7 or 8 institute
The device stated.
Provided in an embodiment of the present invention checking encrypted data transmission path system, can information transmitting apparatus need to
Information receiving device send information when, by include for record each information transmission path path field, be used for storing key
The field of ciphertext, the field for storage information ciphertext and the signature for storing the signing messages of each information transmitting apparatus
The packet of field is sent to information receiving device, and (wherein, signing messages is the label with regard to transmission path and information plaintext
Name), receive after this packet by this information receiving device, can be first close according to itself private key, key ciphertext and information
Civilian acquisition information in plain text, is then sent out according to each information that path field, information are transmitted across this information ciphertext in plain text and once
Send the public key of equipment, each signing messages in signature field is verified respectively, thus realizing to all transmission paths
Checking and the checking of each information transmitting apparatus institute photos and sending messages plaintext, and just retain when all signing messages are all proved to be successful
Information in plain text, and then improves the reliability of information receiving device receive information.
In the above-described embodiments, the description to each embodiment all emphasizes particularly on different fields, and does not have the portion described in detail in certain embodiment
Point, may refer to the associated description of other embodiment.
It is understood that the correlated characteristic in said method and device can mutually reference.In addition, in above-described embodiment
" first ", " second " etc. be for distinguishing each embodiment, and do not represent the quality of each embodiment.
Those skilled in the art can be understood that, for convenience and simplicity of description, the system of foregoing description,
Device and the specific work process of unit, may be referred to the corresponding process in preceding method embodiment, will not be described here.
Algorithm and display be not inherently related to any certain computer, virtual system or miscellaneous equipment provided herein.
Various general-purpose systems can also be used together with based on teaching in this.As described above, construct required by this kind of system
Structure be obvious.Additionally, the present invention is also not for any certain programmed language.It is understood that, it is possible to use various
Programming language realizes the content of invention described herein, and the description above language-specific done is to disclose this
Bright preferred forms.
In description mentioned herein, illustrate a large amount of details.It is to be appreciated, however, that the enforcement of the present invention
Example can be put into practice in the case of not having these details.In some instances, known method, structure are not been shown in detail
And technology, so as not to obscure the understanding of this description.
Similarly it will be appreciated that in order to simplify the disclosure and help understand one or more of each inventive aspect,
Above in the description to the exemplary embodiment of the present invention, each feature of the present invention is grouped together into single enforcement sometimes
In example, figure or descriptions thereof.However, the method for the disclosure should be construed to reflect following intention:I.e. required guarantor
The application claims of shield more features than the feature being expressly recited in each claim.More precisely, it is such as following
Claims reflected as, inventive aspect is all features less than single embodiment disclosed above.Therefore,
The claims following specific embodiment are thus expressly incorporated in this specific embodiment, wherein each claim itself
All as the separate embodiments of the present invention.
Those skilled in the art are appreciated that and the module in the equipment in embodiment can be carried out adaptively
Change and they are arranged in one or more equipment different from this embodiment.Can be the module in embodiment or list
Unit or assembly be combined into a module or unit or assembly, and can be divided in addition multiple submodule or subelement or
Sub-component.In addition to such feature and/or at least some of process or unit exclude each other, can adopt any
Combination is to all features disclosed in this specification (including adjoint claim, summary and accompanying drawing) and so disclosed
Where method or all processes of equipment or unit are combined.Unless expressly stated otherwise, this specification (includes adjoint power
Profit requires, summary and accompanying drawing) disclosed in each feature can carry out generation by the alternative features providing identical, equivalent or similar purpose
Replace.
Although additionally, it will be appreciated by those of skill in the art that some embodiments described herein include other embodiments
In included some features rather than further feature, but the combination of the feature of different embodiment means to be in the present invention's
Within the scope of and form different embodiments.For example, in the following claims, embodiment required for protection appoint
One of meaning can in any combination mode using.
The all parts embodiment of the present invention can be realized with hardware, or to run on one or more processor
Software module realize, or with combinations thereof realize.It will be understood by those of skill in the art that can use in practice
Microprocessor or digital signal processor (DSP) are realizing checking encrypted data transmission path according to embodiments of the present invention
The some or all functions of some or all parts in method and device.The present invention is also implemented as executing this
In described some or all equipment of method or program of device (for example, computer program and computer program
Product).Such program realizing the present invention can store on a computer-readable medium, or can have one or many
The form of individual signal.Such signal can be downloaded from internet website and obtain, or provides on carrier signal, or with
Any other form provides.
It should be noted that above-described embodiment the present invention will be described rather than limits the invention, and ability
Field technique personnel can design alternative embodiment without departing from the scope of the appended claims.In the claims,
Any reference markss between bracket should not be configured to limitations on claims.Word "comprising" does not exclude the presence of not
Element listed in the claims or step.Word "a" or "an" before element does not exclude the presence of multiple such
Element.The present invention can come real by means of the hardware including some different elements and by means of properly programmed computer
Existing.If in the unit claim listing equipment for drying, several in these devices can be by same hardware branch
To embody.The use of word first, second, and third does not indicate that any order.These words can be explained and run after fame
Claim.
Claims (6)
1. a kind of method in checking encrypted data transmission path is it is characterised in that methods described includes:
Receive information sends the packet that equipment sends, and wherein, described packet is included for recording each information transfer road
The path field in footpath, for recording the field of key ciphertext, recording each letter for the field and being used for of record information ciphertext
The field of the signing messages of breath transmission equipment, described key ciphertext is that the public key according to information receiving device is carried out to key plain
Encryption obtains, and described key plain is used for encryption information in plain text, and described signing messages is the private key according to information transmitting apparatus,
Obtain to carrying out signing by the data that corresponding path field and described information plaintext form;
It is decrypted using the key ciphertext in packet described in the private key pair of described information receiving device, obtain key plain;
Using the key plain that deciphering obtains, the information ciphertext in described packet is decrypted, obtains information in plain text;
In plain text and it is transmitted across described information ciphertext according to described path field, using the information that the deciphering of described key plain obtains
All information transmitting apparatus public key, each signing messages in described signature field is verified;
If all signing messages are all proved to be successful, retain the information obtaining by key plain deciphering in plain text;
If there is signing messages authentication failed, abandon the information obtaining by key plain deciphering in plain text.
2. method according to claim 1 it is characterised in that described according to described path field, using described key bright
The information plaintext obtaining and the public key of all information transmitting apparatus being transmitted across described information ciphertext deciphered in literary composition, to described signature
Each signing messages in field carries out checking and includes:
According to default checking order, obtain information transmitting apparatus to be verified corresponding complete transmission road from described path field
Footpath, described complete transmission path is included from described originally transmitted equipment to the corresponding information of described information transmitting apparatus to be verified
All transmission paths that receiving device is passed through;
According to by described complete transmission path and the data that forms of information plaintext being obtained using the deciphering of described key plain and
The public key of described information transmitting apparatus to be verified, verifies to the signing messages of described information transmitting apparatus to be verified,
Until completing the checking to all signing messages.
3. method according to claim 2 it is characterised in that described basis by described complete transmission path with using described
Data and the public key of described information transmitting apparatus to be verified that the information that key plain deciphering obtains forms in plain text, to described
The signing messages of information transmitting apparatus to be verified carries out checking and includes:
According to preset algorithm, calculate by described complete transmission path and the information plaintext group being obtained using the deciphering of described key plain
The operation values of the data becoming;
According to the public key of calculated operation values, described information transmitting apparatus to be verified, described information to be verified is sent out
The signing messages sending equipment is verified.
4. a kind of device in checking encrypted data transmission path is it is characterised in that described device includes:
Receiving unit, sends, for receive information, the packet that equipment sends, and wherein, described packet includes every for recording
The path field of secondary information transmission path, field, the field for record information ciphertext and use for recording key ciphertext
In the field of the signing messages recording each information transmitting apparatus, described key ciphertext is the public key pair according to information receiving device
Key plain is encrypted and obtains, and described key plain is used for encryption information in plain text, and described signing messages is to be sent out according to information
Send the private key of equipment, obtain to carrying out signing by the data that corresponding path field and described information plaintext form;
Decryption unit, in the described packet receiving for receiving unit described in the private key pair using described information receiving device
Key ciphertext is decrypted, and obtains key plain;
The key plain that described decryption unit is additionally operable to using deciphering obtains is decrypted to the information ciphertext in described packet,
Acquisition information is in plain text;
Authentication unit, for utilizing described key plain to decipher the information obtaining according to described path field, described decryption unit
In plain text and be transmitted across described information ciphertext all information transmitting apparatus public key, to each signature in described signature field
Information is verified;
Stick unit, for when the result of described authentication unit is all proved to be successful for all signing messages, reservation is passed through
The information that key plain deciphering obtains is in plain text;
Discarding unit, for when the result of described authentication unit is to there is signing messages authentication failed, abandoning by close
The information that key plaintext decryption obtains is in plain text.
5. device according to claim 4 is it is characterised in that described authentication unit includes:
Acquisition module, for according to default checking order, obtaining information transmitting apparatus pair to be verified from described path field
The complete transmission path answered, described complete transmission path includes sending from described originally transmitted equipment to described information to be verified
All transmission paths that the corresponding information receiving device of equipment is passed through;
Authentication module, for according to by described complete transmission path and the information plaintext group being obtained using the deciphering of described key plain
The data becoming and the public key of described information transmitting apparatus to be verified, the A.L.S. to described information transmitting apparatus to be verified
Breath is verified, until completing the checking to all signing messages.
6. device according to claim 5 is it is characterised in that described authentication module is used for according to preset algorithm, calculate by
The operation values of the data that described complete transmission path is formed with the information plaintext being obtained using the deciphering of described key plain;According to meter
The operation values that obtain, the public key of described information transmitting apparatus to be verified, the label to described information transmitting apparatus to be verified
Name information is verified.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611169296.5A CN106453430A (en) | 2016-12-16 | 2016-12-16 | Method and device for verifying encrypted data transmission paths |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611169296.5A CN106453430A (en) | 2016-12-16 | 2016-12-16 | Method and device for verifying encrypted data transmission paths |
Publications (1)
Publication Number | Publication Date |
---|---|
CN106453430A true CN106453430A (en) | 2017-02-22 |
Family
ID=58216629
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611169296.5A Pending CN106453430A (en) | 2016-12-16 | 2016-12-16 | Method and device for verifying encrypted data transmission paths |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106453430A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109347627A (en) * | 2018-09-19 | 2019-02-15 | 平安科技(深圳)有限公司 | Data encryption/decryption method, device, computer equipment and storage medium |
CN109657479A (en) * | 2017-10-11 | 2019-04-19 | 厦门雅迅网络股份有限公司 | Data leakage prevention method and computer readable storage medium |
CN110035036A (en) * | 2018-01-12 | 2019-07-19 | 中国移动通信有限公司研究院 | Data transmission method, device, the network equipment and storage medium |
CN115549993A (en) * | 2022-09-19 | 2022-12-30 | 山东大学 | Multi-task cost evaluation method and system based on graph path secret calculation |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101198971A (en) * | 2005-06-14 | 2008-06-11 | Nxp股份有限公司 | Transponder system for transmitting key-encrypted information and associated keys |
CN101442409A (en) * | 2007-11-23 | 2009-05-27 | 东方钢铁电子商务有限公司 | Encipher method and system for B2B data exchange |
US20150381589A1 (en) * | 2014-06-28 | 2015-12-31 | Vmware, Inc. | Asynchronous encryption and decryption of virtual machine memory for live migration |
CN105376098A (en) * | 2015-11-30 | 2016-03-02 | 中国互联网络信息中心 | Route origin and path two-factor authentication method |
CN105610847A (en) * | 2016-01-08 | 2016-05-25 | 成都卫士通信息产业股份有限公司 | Method for supporting security transmission and exchange of electronic official documents of multiple exchange nodes |
-
2016
- 2016-12-16 CN CN201611169296.5A patent/CN106453430A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101198971A (en) * | 2005-06-14 | 2008-06-11 | Nxp股份有限公司 | Transponder system for transmitting key-encrypted information and associated keys |
CN101442409A (en) * | 2007-11-23 | 2009-05-27 | 东方钢铁电子商务有限公司 | Encipher method and system for B2B data exchange |
US20150381589A1 (en) * | 2014-06-28 | 2015-12-31 | Vmware, Inc. | Asynchronous encryption and decryption of virtual machine memory for live migration |
CN105376098A (en) * | 2015-11-30 | 2016-03-02 | 中国互联网络信息中心 | Route origin and path two-factor authentication method |
CN105610847A (en) * | 2016-01-08 | 2016-05-25 | 成都卫士通信息产业股份有限公司 | Method for supporting security transmission and exchange of electronic official documents of multiple exchange nodes |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109657479A (en) * | 2017-10-11 | 2019-04-19 | 厦门雅迅网络股份有限公司 | Data leakage prevention method and computer readable storage medium |
CN109657479B (en) * | 2017-10-11 | 2023-03-28 | 厦门雅迅网络股份有限公司 | Data leakage prevention method and computer readable storage medium |
CN110035036A (en) * | 2018-01-12 | 2019-07-19 | 中国移动通信有限公司研究院 | Data transmission method, device, the network equipment and storage medium |
CN109347627A (en) * | 2018-09-19 | 2019-02-15 | 平安科技(深圳)有限公司 | Data encryption/decryption method, device, computer equipment and storage medium |
CN109347627B (en) * | 2018-09-19 | 2023-08-29 | 平安科技(深圳)有限公司 | Data encryption and decryption method and device, computer equipment and storage medium |
CN115549993A (en) * | 2022-09-19 | 2022-12-30 | 山东大学 | Multi-task cost evaluation method and system based on graph path secret calculation |
CN115549993B (en) * | 2022-09-19 | 2024-04-26 | 山东大学 | Multitasking cost evaluation method and system based on graph path dense state calculation |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP3025226B1 (en) | Media client device authentication using hardware root of trust | |
KR101010040B1 (en) | File encryption/decryption method, device, program, and computer-readable recording medium containing the program | |
US9053332B2 (en) | Policy for secure packet transmission using required node paths and cryptographic signatures | |
CN108566381A (en) | A kind of security upgrading method, device, server, equipment and medium | |
CN106506146A (en) | Based on the Transaction Information method of calibration of block chain technology, apparatus and system | |
CN106055936B (en) | Executable program data packet encrypting/decrypting method and device | |
CN103546289B (en) | USB (universal serial bus) Key based secure data transmission method and system | |
CN110891061B (en) | Data encryption and decryption method and device, storage medium and encrypted file | |
JP2016515235A5 (en) | ||
CN106612180A (en) | Method and device for realizing session identifier synchronization | |
CN102413132A (en) | Two-way-security-authentication-based data downloading method and system | |
CN109618341A (en) | A kind of digital signature authentication method, system, device and storage medium | |
CN106101150B (en) | The method and system of Encryption Algorithm | |
CN106453430A (en) | Method and device for verifying encrypted data transmission paths | |
CN105490997B (en) | Safe checking method, device, terminal and server | |
CN102970676B (en) | A kind of method handled initial data, Internet of things system and terminal | |
CN109144552A (en) | A kind of boot firmware method for refreshing and device | |
CN107896222A (en) | A kind of data processing method and system | |
CN112217636B (en) | Data processing method and device based on block chain, computer equipment and medium | |
CN106411964A (en) | Traceable and encrypted data transmission method and device | |
CN107026729B (en) | Method and device for transmitting software | |
CN109981667A (en) | A kind of user data transmission method and device | |
CN103179088B (en) | The guard method of CGI(Common gateway interface) business and system | |
CN106603534A (en) | System sharing traceable encrypted data | |
CN108600180A (en) | A kind of image verification method and device based on block chain |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170222 |
|
RJ01 | Rejection of invention patent application after publication |