CN107104987A - A kind of data safe transmission method - Google Patents
A kind of data safe transmission method Download PDFInfo
- Publication number
- CN107104987A CN107104987A CN201710521312.0A CN201710521312A CN107104987A CN 107104987 A CN107104987 A CN 107104987A CN 201710521312 A CN201710521312 A CN 201710521312A CN 107104987 A CN107104987 A CN 107104987A
- Authority
- CN
- China
- Prior art keywords
- data
- server
- key
- mobile device
- required parameter
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/123—Applying verification of the received information received data contents, e.g. message integrity
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/10—Integrity
Abstract
A kind of data safe transmission method, step includes:Configure several AESs in the server, each algorithm correspondence production is some to key, each pair key includes public key and private key, server is preserved key is corresponding with AES in the server;Mobile device proposes extraction key request by network to server, and server is received after key request, randomly chooses a kind of AES, and the public key of the key corresponding to the AES is sent to mobile device;Mobile device is obtained after public key, and required parameter is encrypted by public key, the encryption data of required parameter value is obtained, the data are used as safety detection data.The present invention uses the above method, when mobile device and server carry out data transmission, server can clearly identify whether the request data received is tampered, so as to ensure the security of data transfer, avoid the leakage of user profile, it is ensured that the security of transmission.
Description
Technical field:
The present invention relates to a kind of data safe transmission method.
Background technology:
At present, mobile device is typically directly transmitted when carrying out data transmission with server by the way of key-value pair, and one
One value of individual key correspondences, although value content passes through encryption, but during transmission, the usual dangerous sign or phenomenon of network environment
Ring is given birth to, and especially in common network environment, all data interacted are likely to be smelt by instrument by attacker
Visit, intercept after corresponding solicited message, you can simulant-client is asked to server, so as to obtain data, cause user to believe
The leakage of breath, in this case, server have no way of learning whether the request data received is safe, brings tired to transmission work
Disturb.
The content of the invention:
The invention provides a kind of data safe transmission method, it is reasonable in design, and line number is entered in mobile device and server
During according to transmission, server can clearly identify whether the request data received is tampered, so as to ensure data transfer
Security, it is to avoid the leakage of user profile, it is ensured that the security of transmission, solves problems of the prior art.
The present invention is for the technical scheme that is used of solution above-mentioned technical problem:
A kind of data safe transmission method, step includes:
(1) several AESs are configured in the server, and each algorithm correspondence production is some to key, and each pair key is equal
Including public key and private key, server by key preservation corresponding with AES in the server;
(2) mobile device is proposed to extract key request by network to server, and server is received after key request, at random
A kind of AES is selected, and the public key of the key corresponding to the AES is sent to mobile device;
(3) mobile device is obtained after public key, and required parameter is encrypted by public key, the encryption of required parameter value is obtained
Data, the data are used as safety detection data;
(4) mobile device sends required parameter and safety detection data to server together, and server receives request
After parameter and safety detection data, safety detection data are decrypted by the private key of key, safety detection reduction number is obtained
According to;
(5) the safety detection restoring data for obtaining step (4) is contrasted with required parameter, if safety detection is reduced
Data are identical with required parameter, then illustrate that data safety is not tampered, and server is that the request to mobile device is responded, and is returned
Return response data;
(6) mobile device is handled the response data of return, and communication process terminates;
(7) then illustrate that data are dangerous if safety detection restoring data is different from required parameter in step (5), pass through
Cross and distorted, server is not responded to the request of mobile device.
In step (3)-(7), (3) mobile device is obtained after public key, and the preceding n-bit character of required parameter is entered by public key
Row encryption, n value is less than the character digit of required parameter, obtains the encryption data of the preceding n-bit character of required parameter, and the data are made
For safety detection data;
(4) mobile device sends required parameter and safety detection data to server together, and server receives request
After parameter and safety detection data, safety detection data are decrypted by the private key of key, safety detection reduction number is obtained
According to;
(5) the safety detection restoring data and the preceding n-bit character of required parameter obtained step (4) is contrasted, if
Safety detection restoring data is identical with the preceding n-bit character of required parameter, then illustrates that data safety is not tampered, and server is i.e. to moving
The request of dynamic equipment is responded, and returns to response data;
(6) mobile device is handled the response data of return, and communication process terminates;
(7) number is then illustrated if safety detection restoring data is different from the preceding n-bit character of required parameter in step (5)
According to dangerous, it have passed through and distort, server is not responded to the request of mobile device.
The present invention uses the above method, and when mobile device and server carry out data transmission, server can be clearly
Identify whether the request data received is tampered, so as to ensure the security of data transfer, it is to avoid letting out for user profile
Dew, it is ensured that the security of transmission.
Embodiment:
For the technical characterstic for illustrating this programme can be understood, below by embodiment, the present invention is explained in detail
State.
A kind of data safe transmission method, step includes:
(1) several AESs are configured in the server, and each algorithm correspondence production is some to key, and each pair key is equal
Including public key and private key, server by key preservation corresponding with AES in the server;
(2) mobile device is proposed to extract key request by network to server, and server is received after key request, at random
A kind of AES is selected, and the public key of the key corresponding to the AES is sent to mobile device;
(3) mobile device is obtained after public key, and required parameter is encrypted by public key, the encryption of required parameter value is obtained
Data, the data are used as safety detection data;
(4) mobile device sends required parameter and safety detection data to server together, and server receives request
After parameter and safety detection data, safety detection data are decrypted by the private key of key, safety detection reduction number is obtained
According to;
(5) the safety detection restoring data for obtaining step (4) is contrasted with required parameter, if safety detection is reduced
Data are identical with required parameter, then illustrate that data safety is not tampered, and server is that the request to mobile device is responded, and is returned
Return response data;
(6) mobile device is handled the response data of return, and communication process terminates;
(7) then illustrate that data are dangerous if safety detection restoring data is different from required parameter in step (5), pass through
Cross and distorted, server is not responded to the request of mobile device.
In step (3)-(7), (3) mobile device is obtained after public key, and the preceding n-bit character of required parameter is entered by public key
Row encryption, n value is less than the character digit of required parameter, obtains the encryption data of the preceding n-bit character of required parameter, and the data are made
For safety detection data;
(4) mobile device sends required parameter and safety detection data to server together, and server receives request
After parameter and safety detection data, safety detection data are decrypted by the private key of key, safety detection reduction number is obtained
According to;
(5) the safety detection restoring data and the preceding n-bit character of required parameter obtained step (4) is contrasted, if
Safety detection restoring data is identical with the preceding n-bit character of required parameter, then illustrates that data safety is not tampered, and server is i.e. to moving
The request of dynamic equipment is responded, and returns to response data;
(6) mobile device is handled the response data of return, and communication process terminates;
(7) number is then illustrated if safety detection restoring data is different from the preceding n-bit character of required parameter in step (5)
According to dangerous, it have passed through and distort, server is not responded to the request of mobile device.
Such as mobile device is to server request data username, password and respective value, and mobile device passes through network
Propose to extract key request to server, server is received after key request, randomly chooses a kind of AES, and this is encrypted
The public key of key corresponding to algorithm is sent to mobile device, and mobile device is obtained after public key, by public key to username,
Password and respective value are encrypted, and obtain Hash (username, Value1, password, Value2) and are examined as safety
Survey data;Mobile device by username, password and respective value and Hash (username, Value1, password,
Value2) send to server, after server is received, safety detection data be decrypted by the private key of key together,
Obtain safety detection restoring data.If safety detection restoring data is username, Value1, password, Value2, then say
Bright data safety is not tampered, and server is that the request to mobile device is responded, and returns to response data;If safety detection
Restoring data is not username, Value1, password, Value2, then illustrates that data are dangerous, have passed through and distort, and is serviced
Device is not responded to the request of mobile device.
When required parameter character digit is more, more difficulty is encrypted, the preceding n words to required parameter are now taken
The mode being encrypted is accorded with, such as n values can be 5, obtain the encryption data of preceding 5 characters of required parameter, the data are used as peace
Full inspection surveys data.
Using the data safe transmission method of the present invention, when mobile device and server carry out data transmission, server
It can clearly identify whether the request data received is tampered, so as to ensure the security of data transfer, it is to avoid use
The leakage of family information, it is ensured that the security of transmission.
Above-mentioned embodiment cannot function as limiting the scope of the invention, for the technology people of the art
For member, any alternate modification or conversion made to embodiment of the present invention are all fallen within protection scope of the present invention.
Part is not described in detail by the present invention, is the known technology of those skilled in the art of the present technique.
Claims (2)
1. a kind of data safe transmission method, it is characterised in that:Step includes:
(1) several AESs are configured in the server, and each algorithm correspondence production is some to key, and each pair key includes
Public key and private key, server by key it is corresponding with AES preservation in the server;
(2) mobile device is proposed to extract key request by network to server, and server is received after key request, is randomly choosed
A kind of AES, and the public key of the key corresponding to the AES is sent to mobile device;
(3) mobile device is obtained after public key, and required parameter is encrypted by public key, the encryption number of required parameter value is obtained
According to the data are used as safety detection data;
(4) mobile device sends required parameter and safety detection data to server together, and server receives required parameter
After safety detection data, safety detection data are decrypted by the private key of key, safety detection restoring data is obtained;
(5) the safety detection restoring data for obtaining step (4) is contrasted with required parameter, if safety detection restoring data
It is identical with required parameter, then illustrate that data safety is not tampered, server is that the request to mobile device is responded, and returns and rings
Answer data;
(6) mobile device is handled the response data of return, and communication process terminates;
(7) then illustrate that data are dangerous if safety detection restoring data is different from required parameter in step (5), have passed through
Distort, server is not responded to the request of mobile device.
2. a kind of data safe transmission method according to claim 1, it is characterised in that:In step (3)-(7), (3)
Mobile device is obtained after public key, and the preceding n-bit character of required parameter is encrypted by public key, and n value is less than required parameter
Character digit, obtains the encryption data of the preceding n-bit character of required parameter, and the data are used as safety detection data;
(4) mobile device sends required parameter and safety detection data to server together, and server receives required parameter
After safety detection data, safety detection data are decrypted by the private key of key, safety detection restoring data is obtained;
(5) the safety detection restoring data and the preceding n-bit character of required parameter obtained step (4) is contrasted, if safety
Detect that restoring data is identical with the preceding n-bit character of required parameter, then illustrate that data safety is not tampered, server is set to movement
Standby request is responded, and returns to response data;
(6) mobile device is handled the response data of return, and communication process terminates;
(7) data are then illustrated not if safety detection restoring data is different from the preceding n-bit character of required parameter in step (5)
Safety, have passed through and distort, server is not responded to the request of mobile device.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710521312.0A CN107104987A (en) | 2017-06-30 | 2017-06-30 | A kind of data safe transmission method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710521312.0A CN107104987A (en) | 2017-06-30 | 2017-06-30 | A kind of data safe transmission method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107104987A true CN107104987A (en) | 2017-08-29 |
Family
ID=59663632
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710521312.0A Pending CN107104987A (en) | 2017-06-30 | 2017-06-30 | A kind of data safe transmission method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107104987A (en) |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108322462A (en) * | 2018-01-31 | 2018-07-24 | 北京车和家信息技术有限公司 | A kind of method of safety verification, the method and relevant device for asking safety verification |
CN108471423A (en) * | 2018-04-02 | 2018-08-31 | 北京奇艺世纪科技有限公司 | A kind of acquisition methods and system of private key |
CN110113203A (en) * | 2019-04-30 | 2019-08-09 | 阿里巴巴集团控股有限公司 | A kind of method and apparatus of the safety evaluation for Encryption Model |
US11228423B2 (en) | 2020-01-12 | 2022-01-18 | Advanced New Technologies Co., Ltd. | Method and device for security assessment of encryption models |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102271330A (en) * | 2010-06-04 | 2011-12-07 | 希姆通信息技术(上海)有限公司 | Terminal, network server and method for communication between terminal and network server |
CN102523087A (en) * | 2011-12-14 | 2012-06-27 | 百度在线网络技术(北京)有限公司 | Method and equipment for carrying out encrypting treatment on self-execution network information |
CN104852961A (en) * | 2015-04-09 | 2015-08-19 | 黎建军 | Internet of Things data transmission method |
CN106210775A (en) * | 2016-08-26 | 2016-12-07 | 浙江大华技术股份有限公司 | A kind of method of video-encryption, camera head and video processing platform |
-
2017
- 2017-06-30 CN CN201710521312.0A patent/CN107104987A/en active Pending
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102271330A (en) * | 2010-06-04 | 2011-12-07 | 希姆通信息技术(上海)有限公司 | Terminal, network server and method for communication between terminal and network server |
CN102523087A (en) * | 2011-12-14 | 2012-06-27 | 百度在线网络技术(北京)有限公司 | Method and equipment for carrying out encrypting treatment on self-execution network information |
CN104852961A (en) * | 2015-04-09 | 2015-08-19 | 黎建军 | Internet of Things data transmission method |
CN106210775A (en) * | 2016-08-26 | 2016-12-07 | 浙江大华技术股份有限公司 | A kind of method of video-encryption, camera head and video processing platform |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108322462A (en) * | 2018-01-31 | 2018-07-24 | 北京车和家信息技术有限公司 | A kind of method of safety verification, the method and relevant device for asking safety verification |
CN108471423A (en) * | 2018-04-02 | 2018-08-31 | 北京奇艺世纪科技有限公司 | A kind of acquisition methods and system of private key |
CN110113203A (en) * | 2019-04-30 | 2019-08-09 | 阿里巴巴集团控股有限公司 | A kind of method and apparatus of the safety evaluation for Encryption Model |
CN110113203B (en) * | 2019-04-30 | 2021-10-22 | 创新先进技术有限公司 | Method and equipment for security assessment of encryption model |
US11228423B2 (en) | 2020-01-12 | 2022-01-18 | Advanced New Technologies Co., Ltd. | Method and device for security assessment of encryption models |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10341093B2 (en) | Method, apparatus and system for device identification | |
CN107104987A (en) | A kind of data safe transmission method | |
CN103905202B (en) | A kind of RFID lightweight mutual authentication methods based on PUF | |
CN101601222B (en) | Online data encryption and decryption | |
Wang et al. | Cryptanalysis of an image encryption algorithm using Chebyshev generator | |
CN107864115A (en) | A kind of method that user account login authentication is carried out using portable terminal | |
Li et al. | Multitentacle federated learning over software-defined industrial internet of things against adaptive poisoning attacks | |
US20190312725A1 (en) | System and method for generating and depositing keys for multi-point authentication | |
CN104184733B (en) | A kind of RFID lightweight mutual authentication methods encoded based on CRC | |
Laiphrakpam et al. | Cryptanalysis of symmetric key image encryption using chaotic Rossler system | |
CN104378379B (en) | A kind of digital content encrypted transmission method, equipment and system | |
CN106104562A (en) | Safety of secret data stores and recovery system and method | |
CN106656510A (en) | Encryption key acquisition method and system | |
CN100557556C (en) | The online data encrypt and decrypt | |
US20240098493A1 (en) | Identifying trusted service set identifiers for wireless networks | |
CN104463766A (en) | QR code encrypting and decrypting method based on ECA state ring | |
US20180077135A1 (en) | Eliminating abuse caused by password reuse in different systems | |
Cao et al. | Secure QR code scheme based on visual cryptography | |
CN106161463A (en) | A kind of online game account login method | |
CN112948883B (en) | Method, device and system for multiparty joint modeling of privacy data protection | |
CN107040923A (en) | The authentication method and device of a kind of wearable device | |
CN104463767A (en) | Visible encryption and decryption method with image disguising function and tampering identification function | |
Maeng et al. | Transaction authentication using complementary colors | |
Fadhil et al. | Improved Security of a Deep Learning-Based Steganography System with Imperceptibility Preservation | |
CN109803255B (en) | Mobile data information safety communication system and method for digital workshop |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170829 |