CN107104987A - A kind of data safe transmission method - Google Patents

A kind of data safe transmission method Download PDF

Info

Publication number
CN107104987A
CN107104987A CN201710521312.0A CN201710521312A CN107104987A CN 107104987 A CN107104987 A CN 107104987A CN 201710521312 A CN201710521312 A CN 201710521312A CN 107104987 A CN107104987 A CN 107104987A
Authority
CN
China
Prior art keywords
data
server
key
mobile device
required parameter
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710521312.0A
Other languages
Chinese (zh)
Inventor
娄志泽
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong Pioneer Cloud Software Co Ltd
Original Assignee
Shandong Pioneer Cloud Software Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong Pioneer Cloud Software Co Ltd filed Critical Shandong Pioneer Cloud Software Co Ltd
Priority to CN201710521312.0A priority Critical patent/CN107104987A/en
Publication of CN107104987A publication Critical patent/CN107104987A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity

Abstract

A kind of data safe transmission method, step includes:Configure several AESs in the server, each algorithm correspondence production is some to key, each pair key includes public key and private key, server is preserved key is corresponding with AES in the server;Mobile device proposes extraction key request by network to server, and server is received after key request, randomly chooses a kind of AES, and the public key of the key corresponding to the AES is sent to mobile device;Mobile device is obtained after public key, and required parameter is encrypted by public key, the encryption data of required parameter value is obtained, the data are used as safety detection data.The present invention uses the above method, when mobile device and server carry out data transmission, server can clearly identify whether the request data received is tampered, so as to ensure the security of data transfer, avoid the leakage of user profile, it is ensured that the security of transmission.

Description

A kind of data safe transmission method
Technical field:
The present invention relates to a kind of data safe transmission method.
Background technology:
At present, mobile device is typically directly transmitted when carrying out data transmission with server by the way of key-value pair, and one One value of individual key correspondences, although value content passes through encryption, but during transmission, the usual dangerous sign or phenomenon of network environment Ring is given birth to, and especially in common network environment, all data interacted are likely to be smelt by instrument by attacker Visit, intercept after corresponding solicited message, you can simulant-client is asked to server, so as to obtain data, cause user to believe The leakage of breath, in this case, server have no way of learning whether the request data received is safe, brings tired to transmission work Disturb.
The content of the invention:
The invention provides a kind of data safe transmission method, it is reasonable in design, and line number is entered in mobile device and server During according to transmission, server can clearly identify whether the request data received is tampered, so as to ensure data transfer Security, it is to avoid the leakage of user profile, it is ensured that the security of transmission, solves problems of the prior art.
The present invention is for the technical scheme that is used of solution above-mentioned technical problem:
A kind of data safe transmission method, step includes:
(1) several AESs are configured in the server, and each algorithm correspondence production is some to key, and each pair key is equal Including public key and private key, server by key preservation corresponding with AES in the server;
(2) mobile device is proposed to extract key request by network to server, and server is received after key request, at random A kind of AES is selected, and the public key of the key corresponding to the AES is sent to mobile device;
(3) mobile device is obtained after public key, and required parameter is encrypted by public key, the encryption of required parameter value is obtained Data, the data are used as safety detection data;
(4) mobile device sends required parameter and safety detection data to server together, and server receives request After parameter and safety detection data, safety detection data are decrypted by the private key of key, safety detection reduction number is obtained According to;
(5) the safety detection restoring data for obtaining step (4) is contrasted with required parameter, if safety detection is reduced Data are identical with required parameter, then illustrate that data safety is not tampered, and server is that the request to mobile device is responded, and is returned Return response data;
(6) mobile device is handled the response data of return, and communication process terminates;
(7) then illustrate that data are dangerous if safety detection restoring data is different from required parameter in step (5), pass through Cross and distorted, server is not responded to the request of mobile device.
In step (3)-(7), (3) mobile device is obtained after public key, and the preceding n-bit character of required parameter is entered by public key Row encryption, n value is less than the character digit of required parameter, obtains the encryption data of the preceding n-bit character of required parameter, and the data are made For safety detection data;
(4) mobile device sends required parameter and safety detection data to server together, and server receives request After parameter and safety detection data, safety detection data are decrypted by the private key of key, safety detection reduction number is obtained According to;
(5) the safety detection restoring data and the preceding n-bit character of required parameter obtained step (4) is contrasted, if Safety detection restoring data is identical with the preceding n-bit character of required parameter, then illustrates that data safety is not tampered, and server is i.e. to moving The request of dynamic equipment is responded, and returns to response data;
(6) mobile device is handled the response data of return, and communication process terminates;
(7) number is then illustrated if safety detection restoring data is different from the preceding n-bit character of required parameter in step (5) According to dangerous, it have passed through and distort, server is not responded to the request of mobile device.
The present invention uses the above method, and when mobile device and server carry out data transmission, server can be clearly Identify whether the request data received is tampered, so as to ensure the security of data transfer, it is to avoid letting out for user profile Dew, it is ensured that the security of transmission.
Embodiment:
For the technical characterstic for illustrating this programme can be understood, below by embodiment, the present invention is explained in detail State.
A kind of data safe transmission method, step includes:
(1) several AESs are configured in the server, and each algorithm correspondence production is some to key, and each pair key is equal Including public key and private key, server by key preservation corresponding with AES in the server;
(2) mobile device is proposed to extract key request by network to server, and server is received after key request, at random A kind of AES is selected, and the public key of the key corresponding to the AES is sent to mobile device;
(3) mobile device is obtained after public key, and required parameter is encrypted by public key, the encryption of required parameter value is obtained Data, the data are used as safety detection data;
(4) mobile device sends required parameter and safety detection data to server together, and server receives request After parameter and safety detection data, safety detection data are decrypted by the private key of key, safety detection reduction number is obtained According to;
(5) the safety detection restoring data for obtaining step (4) is contrasted with required parameter, if safety detection is reduced Data are identical with required parameter, then illustrate that data safety is not tampered, and server is that the request to mobile device is responded, and is returned Return response data;
(6) mobile device is handled the response data of return, and communication process terminates;
(7) then illustrate that data are dangerous if safety detection restoring data is different from required parameter in step (5), pass through Cross and distorted, server is not responded to the request of mobile device.
In step (3)-(7), (3) mobile device is obtained after public key, and the preceding n-bit character of required parameter is entered by public key Row encryption, n value is less than the character digit of required parameter, obtains the encryption data of the preceding n-bit character of required parameter, and the data are made For safety detection data;
(4) mobile device sends required parameter and safety detection data to server together, and server receives request After parameter and safety detection data, safety detection data are decrypted by the private key of key, safety detection reduction number is obtained According to;
(5) the safety detection restoring data and the preceding n-bit character of required parameter obtained step (4) is contrasted, if Safety detection restoring data is identical with the preceding n-bit character of required parameter, then illustrates that data safety is not tampered, and server is i.e. to moving The request of dynamic equipment is responded, and returns to response data;
(6) mobile device is handled the response data of return, and communication process terminates;
(7) number is then illustrated if safety detection restoring data is different from the preceding n-bit character of required parameter in step (5) According to dangerous, it have passed through and distort, server is not responded to the request of mobile device.
Such as mobile device is to server request data username, password and respective value, and mobile device passes through network Propose to extract key request to server, server is received after key request, randomly chooses a kind of AES, and this is encrypted The public key of key corresponding to algorithm is sent to mobile device, and mobile device is obtained after public key, by public key to username, Password and respective value are encrypted, and obtain Hash (username, Value1, password, Value2) and are examined as safety Survey data;Mobile device by username, password and respective value and Hash (username, Value1, password, Value2) send to server, after server is received, safety detection data be decrypted by the private key of key together, Obtain safety detection restoring data.If safety detection restoring data is username, Value1, password, Value2, then say Bright data safety is not tampered, and server is that the request to mobile device is responded, and returns to response data;If safety detection Restoring data is not username, Value1, password, Value2, then illustrates that data are dangerous, have passed through and distort, and is serviced Device is not responded to the request of mobile device.
When required parameter character digit is more, more difficulty is encrypted, the preceding n words to required parameter are now taken The mode being encrypted is accorded with, such as n values can be 5, obtain the encryption data of preceding 5 characters of required parameter, the data are used as peace Full inspection surveys data.
Using the data safe transmission method of the present invention, when mobile device and server carry out data transmission, server It can clearly identify whether the request data received is tampered, so as to ensure the security of data transfer, it is to avoid use The leakage of family information, it is ensured that the security of transmission.
Above-mentioned embodiment cannot function as limiting the scope of the invention, for the technology people of the art For member, any alternate modification or conversion made to embodiment of the present invention are all fallen within protection scope of the present invention.
Part is not described in detail by the present invention, is the known technology of those skilled in the art of the present technique.

Claims (2)

1. a kind of data safe transmission method, it is characterised in that:Step includes:
(1) several AESs are configured in the server, and each algorithm correspondence production is some to key, and each pair key includes Public key and private key, server by key it is corresponding with AES preservation in the server;
(2) mobile device is proposed to extract key request by network to server, and server is received after key request, is randomly choosed A kind of AES, and the public key of the key corresponding to the AES is sent to mobile device;
(3) mobile device is obtained after public key, and required parameter is encrypted by public key, the encryption number of required parameter value is obtained According to the data are used as safety detection data;
(4) mobile device sends required parameter and safety detection data to server together, and server receives required parameter After safety detection data, safety detection data are decrypted by the private key of key, safety detection restoring data is obtained;
(5) the safety detection restoring data for obtaining step (4) is contrasted with required parameter, if safety detection restoring data It is identical with required parameter, then illustrate that data safety is not tampered, server is that the request to mobile device is responded, and returns and rings Answer data;
(6) mobile device is handled the response data of return, and communication process terminates;
(7) then illustrate that data are dangerous if safety detection restoring data is different from required parameter in step (5), have passed through Distort, server is not responded to the request of mobile device.
2. a kind of data safe transmission method according to claim 1, it is characterised in that:In step (3)-(7), (3) Mobile device is obtained after public key, and the preceding n-bit character of required parameter is encrypted by public key, and n value is less than required parameter Character digit, obtains the encryption data of the preceding n-bit character of required parameter, and the data are used as safety detection data;
(4) mobile device sends required parameter and safety detection data to server together, and server receives required parameter After safety detection data, safety detection data are decrypted by the private key of key, safety detection restoring data is obtained;
(5) the safety detection restoring data and the preceding n-bit character of required parameter obtained step (4) is contrasted, if safety Detect that restoring data is identical with the preceding n-bit character of required parameter, then illustrate that data safety is not tampered, server is set to movement Standby request is responded, and returns to response data;
(6) mobile device is handled the response data of return, and communication process terminates;
(7) data are then illustrated not if safety detection restoring data is different from the preceding n-bit character of required parameter in step (5) Safety, have passed through and distort, server is not responded to the request of mobile device.
CN201710521312.0A 2017-06-30 2017-06-30 A kind of data safe transmission method Pending CN107104987A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710521312.0A CN107104987A (en) 2017-06-30 2017-06-30 A kind of data safe transmission method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710521312.0A CN107104987A (en) 2017-06-30 2017-06-30 A kind of data safe transmission method

Publications (1)

Publication Number Publication Date
CN107104987A true CN107104987A (en) 2017-08-29

Family

ID=59663632

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710521312.0A Pending CN107104987A (en) 2017-06-30 2017-06-30 A kind of data safe transmission method

Country Status (1)

Country Link
CN (1) CN107104987A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108322462A (en) * 2018-01-31 2018-07-24 北京车和家信息技术有限公司 A kind of method of safety verification, the method and relevant device for asking safety verification
CN108471423A (en) * 2018-04-02 2018-08-31 北京奇艺世纪科技有限公司 A kind of acquisition methods and system of private key
CN110113203A (en) * 2019-04-30 2019-08-09 阿里巴巴集团控股有限公司 A kind of method and apparatus of the safety evaluation for Encryption Model
US11228423B2 (en) 2020-01-12 2022-01-18 Advanced New Technologies Co., Ltd. Method and device for security assessment of encryption models

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102271330A (en) * 2010-06-04 2011-12-07 希姆通信息技术(上海)有限公司 Terminal, network server and method for communication between terminal and network server
CN102523087A (en) * 2011-12-14 2012-06-27 百度在线网络技术(北京)有限公司 Method and equipment for carrying out encrypting treatment on self-execution network information
CN104852961A (en) * 2015-04-09 2015-08-19 黎建军 Internet of Things data transmission method
CN106210775A (en) * 2016-08-26 2016-12-07 浙江大华技术股份有限公司 A kind of method of video-encryption, camera head and video processing platform

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102271330A (en) * 2010-06-04 2011-12-07 希姆通信息技术(上海)有限公司 Terminal, network server and method for communication between terminal and network server
CN102523087A (en) * 2011-12-14 2012-06-27 百度在线网络技术(北京)有限公司 Method and equipment for carrying out encrypting treatment on self-execution network information
CN104852961A (en) * 2015-04-09 2015-08-19 黎建军 Internet of Things data transmission method
CN106210775A (en) * 2016-08-26 2016-12-07 浙江大华技术股份有限公司 A kind of method of video-encryption, camera head and video processing platform

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108322462A (en) * 2018-01-31 2018-07-24 北京车和家信息技术有限公司 A kind of method of safety verification, the method and relevant device for asking safety verification
CN108471423A (en) * 2018-04-02 2018-08-31 北京奇艺世纪科技有限公司 A kind of acquisition methods and system of private key
CN110113203A (en) * 2019-04-30 2019-08-09 阿里巴巴集团控股有限公司 A kind of method and apparatus of the safety evaluation for Encryption Model
CN110113203B (en) * 2019-04-30 2021-10-22 创新先进技术有限公司 Method and equipment for security assessment of encryption model
US11228423B2 (en) 2020-01-12 2022-01-18 Advanced New Technologies Co., Ltd. Method and device for security assessment of encryption models

Similar Documents

Publication Publication Date Title
US10341093B2 (en) Method, apparatus and system for device identification
CN107104987A (en) A kind of data safe transmission method
CN103905202B (en) A kind of RFID lightweight mutual authentication methods based on PUF
CN101601222B (en) Online data encryption and decryption
Wang et al. Cryptanalysis of an image encryption algorithm using Chebyshev generator
CN107864115A (en) A kind of method that user account login authentication is carried out using portable terminal
Li et al. Multitentacle federated learning over software-defined industrial internet of things against adaptive poisoning attacks
US20190312725A1 (en) System and method for generating and depositing keys for multi-point authentication
CN104184733B (en) A kind of RFID lightweight mutual authentication methods encoded based on CRC
Laiphrakpam et al. Cryptanalysis of symmetric key image encryption using chaotic Rossler system
CN104378379B (en) A kind of digital content encrypted transmission method, equipment and system
CN106104562A (en) Safety of secret data stores and recovery system and method
CN106656510A (en) Encryption key acquisition method and system
CN100557556C (en) The online data encrypt and decrypt
US20240098493A1 (en) Identifying trusted service set identifiers for wireless networks
CN104463766A (en) QR code encrypting and decrypting method based on ECA state ring
US20180077135A1 (en) Eliminating abuse caused by password reuse in different systems
Cao et al. Secure QR code scheme based on visual cryptography
CN106161463A (en) A kind of online game account login method
CN112948883B (en) Method, device and system for multiparty joint modeling of privacy data protection
CN107040923A (en) The authentication method and device of a kind of wearable device
CN104463767A (en) Visible encryption and decryption method with image disguising function and tampering identification function
Maeng et al. Transaction authentication using complementary colors
Fadhil et al. Improved Security of a Deep Learning-Based Steganography System with Imperceptibility Preservation
CN109803255B (en) Mobile data information safety communication system and method for digital workshop

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20170829