CN107222311A - A kind of processing system of multiple communication verification identity - Google Patents

A kind of processing system of multiple communication verification identity Download PDF

Info

Publication number
CN107222311A
CN107222311A CN201710537143.XA CN201710537143A CN107222311A CN 107222311 A CN107222311 A CN 107222311A CN 201710537143 A CN201710537143 A CN 201710537143A CN 107222311 A CN107222311 A CN 107222311A
Authority
CN
China
Prior art keywords
module
encrypted
encryption
file
encrypting module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710537143.XA
Other languages
Chinese (zh)
Inventor
田洪川
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan Masukuni Clouds Technology Co Ltd
Original Assignee
Sichuan Masukuni Clouds Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan Masukuni Clouds Technology Co Ltd filed Critical Sichuan Masukuni Clouds Technology Co Ltd
Priority to CN201710537143.XA priority Critical patent/CN107222311A/en
Publication of CN107222311A publication Critical patent/CN107222311A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/302Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the integer factorization problem, e.g. RSA or quadratic sieve [QS] schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Power Engineering (AREA)
  • Computer And Data Communications (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of processing system of multiple communication verification identity, management end includes:For the first communication module communicated with client;For the first encrypting module that file is encrypted and decrypted;For the second encrypting module that file is encrypted and decrypted;The first storage module for save File file;Control module for generating text at random;Control module is additionally operable to two summary codes of contrast;Client includes:For the second communication module communicated with management end;For the 3rd encrypting module that file is encrypted and decrypted;For the 4th encrypting module that file is encrypted and decrypted;For the second storage module of the private key for storing the first AES;A kind of processing system of multiple communication verification identity of the present invention, by setting above-mentioned module so that the species of encrypted combination increases again in geometry, so as to significantly extend the time of cracking, improves the security in verification process.

Description

A kind of processing system of multiple communication verification identity
Technical field
The present invention relates to coded communication field, and in particular to a kind of processing system of multiple communication verification identity.
Background technology
Enciphered method is used using computer in digital communication, changes the digital structure of load information.Computerized information is protected Shield is then based on software cryptography.Current most popular in the world several encryption systems and AES have:RSA Algorithm and CCEP are calculated Method etc..To prevent from decoding, floppy disk is also encrypted and encrypted to encryption software frequently with hardware.Some Software Commodities are often with a kind of small Hard card, here it is hardware encryption measures.Laser beam perforation is used on floppy disk, making the memory block of software has not well known part to deposit It is bad, it is possible to prevent bootlegging.Such encryption floppy disk can be the librarian use for not grasping encryption technology, soft to protect Part.Due to the bootlegging of computer software, decryption and problem of piracy are increasingly serious, or even trigger international dispute, therefore to letter The research and development of encryption for information technology and cryptographic means, are paid attention to by various countries' computer circle, and development is maked rapid progress.
However, due in existing authentication techniques, being only authenticated by digital certificate to data requester, and numeral card Book is easy to be forged, even if Content of Communication is encrypted using AES, also due to verification process is not perfect enough, leads The Content of Communication after encryption is caused to be stolen and by cracking for a long time so that Content of Communication is divulged a secret.
The content of the invention
The technical problems to be solved by the invention are that existing authentication techniques are not perfect enough, are easily caused the communication after encryption Content is stolen and by cracking for a long time so that Content of Communication is divulged a secret, it is therefore intended that provide a kind of repeatedly communication verification identity Processing system, solve the above problems.
The present invention is achieved through the following technical solutions:
A kind of processing system of multiple communication verification identity, including:Management end and client;The management end includes:With In the first communication module communicated with client;For the first encrypting module that file is encrypted and decrypted;It is described Preset first AES in first encrypting module;For the second encrypting module that file is encrypted and decrypted;Described Preset second AES in two encrypting modules;The first storage module for save File file;For generating text at random The control module of file;The control module is additionally operable to two summary codes of contrast;The client includes:For entering with management end The second communication module of row communication;For the 3rd encrypting module that file is encrypted and decrypted;3rd encrypting module Interior preset first AES;For the 4th encrypting module that file is encrypted and decrypted;In 4th encrypting module Preset second AES;For the second storage module of the private key for storing the first AES;Client passes through second Communication module is to management end request data, and then control module generates text and encrypted by the first encrypting module at random will Text and public-key cryptography after encryption are sent to client by first communication module;After 3rd encrypting module is to encryption Private key of the text in public-key cryptography and the second storage module is decrypted, and then the 4th encrypting module is to text File is encrypted, and generate length 32 summary code sent by second communication module to management end;Second encrypting module Text is encrypted, and generates the summary code of length 32, control module is contrasted to two summary codes, when both When identical, the first encrypting module is encrypted to files and then passes through the files after encryption and new public-key cryptography First communication module is sent to client;3rd encrypting module is according to the shelves after new public-key cryptography and private key decryption encryption Case file acquisition files.
In the prior art, only data requester is authenticated by digital certificate, and digital certificate is easy to be forged, Even if Content of Communication is encrypted using AES, also due to verification process is not perfect enough, cause the communication after encryption Content is stolen and by cracking for a long time so that Content of Communication is divulged a secret.When the present invention is applied, client passes through the second communication Module is to management end request data, and control module generates text and then will encryption by the encryption of the first encrypting module at random Text and public-key cryptography afterwards is sent to client by first communication module;3rd encrypting module is to the text after encryption Private key of the file in public-key cryptography and the second storage module is decrypted, and then the 4th encrypting module is to text It is encrypted, and generates the summary code of length 32 and is sent by second communication module to management end;Second encrypting module is to text This document is encrypted, and generates the summary code of length 32, and control module is contrasted to two summary codes, when both are identical When, the first encrypting module files is encrypted and then by the files after encryption and new public-key cryptography by first Communication module is sent to client;3rd encrypting module is according to the archives text after new public-key cryptography and private key decryption encryption Part obtains files.The present invention is provided with Tertiary infilling process, and management end is carried out by preceding ciphering process twice to management end Authentication, because the species of AES is a lot, the species of the preceding combination encrypted twice can again increase in geometry, such as existing The quantity of AES is N, then the species of the preceding combination encrypted twice is N2, so that cracking the time of encryption in geometry times Increase, improve the security in verification process, and files are encrypted again so that Tertiary infilling process is likely to occur Geometry increases species again again, such as the quantity of existing AES is N, then the species that Tertiary infilling process is likely to occur is N3, significantly increase and crack difficulty, improve the security of the present invention.
Further, the private key uses the prime number of 32.
Further, the public-key cryptography is using private key and the product of another prime number of 32.
When the present invention is applied, using this algorithm, due to being extremely difficult thing by public-key cryptography progress factorization, The prime number of two 32 is multiplied, and can generate a very big public-key cryptography, further increases the security of the present invention.
Further, the text that control module is generated at random uses 128byte.
When the present invention is applied, 128byte file can also be quickly transmitted very much later even if encryption, and 128byte file also is difficult to crack.
Further, the summary code of the length 32 uses MD5 codes.
The present invention compared with prior art, has the following advantages and advantages:
A kind of processing system of multiple communication verification identity of the present invention, by setting above-mentioned module so that encrypted combination Species increases again in geometry, so as to significantly extend the time of cracking, improves the security in verification process.
Brief description of the drawings
Accompanying drawing described herein is used for providing further understanding the embodiment of the present invention, constitutes one of the application Point, do not constitute the restriction to the embodiment of the present invention.In the accompanying drawings:
Fig. 1 is present system structural representation.
Embodiment
For the object, technical solutions and advantages of the present invention are more clearly understood, with reference to embodiment and accompanying drawing, to this Invention is described in further detail, and exemplary embodiment and its explanation of the invention is only used for explaining the present invention, does not make For limitation of the invention.
Embodiment
As shown in figure 1, a kind of processing system of multiple communication verification identity of the present invention, including:Management end and client;Institute Stating management end includes:For the first communication module communicated with client;For file is encrypted and decrypted One encrypting module;Preset first AES in first encrypting module;For file is encrypted and decrypted second Encrypting module;Preset second AES in second encrypting module;The first storage module for save File file;With In the control module of generation text at random;The control module is additionally operable to two summary codes of contrast;The client includes: For the second communication module communicated with management end;For the 3rd encrypting module that file is encrypted and decrypted;Institute State preset first AES in the 3rd encrypting module;For the 4th encrypting module that file is encrypted and decrypted;It is described Preset second AES in 4th encrypting module;For the second storage module of the private key for storing the first AES; Client is by second communication module to management end request data, and control module generates text and by the first encryption at random Then module encryption is sent the text and public-key cryptography after encryption to client by first communication module;3rd encryption Private key of the text after encryption in public-key cryptography and the second storage module is decrypted module, and then the 4th Text is encrypted encrypting module, and generate length 32 summary code sent by second communication module to management End;Text is encrypted second encrypting module, and generates the summary code of length 32, and control module is to two summary codes Contrasted, when both are identical, the first encrypting module files are encrypted then by the files after encryption and New public-key cryptography is sent to client by first communication module;3rd encrypting module is close according to new public-key cryptography and secret Files after key decryption encryption obtain files.The private key uses the prime number of 32.The public-key cryptography is adopted With private key and the product of another prime number of 32.The text that control module is generated at random uses 128byte.It is described The summary code that length is 32 uses MD5 codes.
When the present embodiment is implemented, client is by second communication module to management end request data, and control module is given birth at random Encrypted into text and by the first encrypting module and then the text and public-key cryptography after encryption are passed through into the first communication Module is sent to client;3rd encrypting module is to the text after encryption according in public-key cryptography and the second storage module Private key is decrypted, and then text is encrypted the 4th encrypting module, and it is logical to generate the summary code of length 32 Second communication module is crossed to send to management end;Text is encrypted second encrypting module, and generates plucking for length 32 Code is wanted, control module is contrasted to two summary codes, and when both are identical, files are encrypted the first encrypting module Then the files after encryption and new public-key cryptography are sent to client by first communication module;3rd encrypting module Files are obtained according to the files after new public-key cryptography and private key decryption encryption.The present invention is provided with three times and added Close process, management end carries out authentication by preceding ciphering process twice to management end, preceding because the species of AES is a lot The species for the combination encrypted twice can again increase in geometry, such as the quantity of existing AES is N, then the preceding group encrypted twice The species of conjunction is N2, so that the time for cracking encryption increases again in geometry, the security in verification process is improved, and it is right Files are encrypted again so that geometry increases the species that Tertiary infilling process is likely to occur again again, such as existing encryption is calculated The quantity of method is N, then the species that Tertiary infilling process is likely to occur is N3, significantly increase and crack difficulty, improve this hair Bright security.Using this algorithm, due to being extremely difficult thing by public-key cryptography progress factorization, two 32 Prime number is multiplied, and can generate a very big public-key cryptography, further increases the security of the present invention.128byte file is Make quickly be transmitted very much after encryption, and 128byte file also is difficult to crack.
Above-described embodiment, has been carried out further to the purpose of the present invention, technical scheme and beneficial effect Describe in detail, should be understood that the embodiment that the foregoing is only the present invention, be not intended to limit the present invention Protection domain, within the spirit and principles of the invention, any modification, equivalent substitution and improvements done etc. all should be included Within protection scope of the present invention.

Claims (5)

1. a kind of processing system of multiple communication verification identity, it is characterised in that including:Management end and client;The management End includes:
For the first communication module communicated with client;
For the first encrypting module that file is encrypted and decrypted;Preset first encryption is calculated in first encrypting module Method;
For the second encrypting module that file is encrypted and decrypted;Preset second encryption is calculated in second encrypting module Method;
The first storage module for save File file;
Control module for generating text at random;The control module is additionally operable to two summary codes of contrast;
The client includes:
For the second communication module communicated with management end;
For the 3rd encrypting module that file is encrypted and decrypted;Preset first encryption is calculated in 3rd encrypting module Method;
For the 4th encrypting module that file is encrypted and decrypted;Preset second encryption is calculated in 4th encrypting module Method;
For the second storage module of the private key for storing the first AES;
Client is by second communication module to management end request data, and control module generates text and by first at random Then encrypting module encryption is sent the text and public-key cryptography after encryption to client by first communication module;3rd Private key of the text after encryption in public-key cryptography and the second storage module is decrypted encrypting module, then Text is encrypted 4th encrypting module, and generate length 32 summary code sent by second communication module to pipe Manage end;Text is encrypted second encrypting module, and generates the summary code of length 32, and control module is made a summary to two Code is contrasted, when both are identical, and then the first encrypting module files is encrypted the files after encryption Sent with new public-key cryptography by first communication module to client;3rd encrypting module is according to new public-key cryptography and secret Files after secret key decryption encryption obtain files.
2. the processing system of a kind of multiple communication verification identity according to claim 1, it is characterised in that the secret is close Key uses the prime number of 32.
3. it is according to claim 1 it is a kind of it is multiple communication verification identity processing system, it is characterised in that it is described disclose it is close Key is using private key and the product of another prime number of 32.
4. it is according to claim 1 it is a kind of it is multiple communication verification identity processing system, it is characterised in that control module with The text of machine generation uses 128byte.
5. a kind of processing system of multiple communication verification identity according to claim 1, it is characterised in that the length 32 The summary code of position uses MD5 codes.
CN201710537143.XA 2017-07-04 2017-07-04 A kind of processing system of multiple communication verification identity Pending CN107222311A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710537143.XA CN107222311A (en) 2017-07-04 2017-07-04 A kind of processing system of multiple communication verification identity

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710537143.XA CN107222311A (en) 2017-07-04 2017-07-04 A kind of processing system of multiple communication verification identity

Publications (1)

Publication Number Publication Date
CN107222311A true CN107222311A (en) 2017-09-29

Family

ID=59951690

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710537143.XA Pending CN107222311A (en) 2017-07-04 2017-07-04 A kind of processing system of multiple communication verification identity

Country Status (1)

Country Link
CN (1) CN107222311A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109559796A (en) * 2018-11-30 2019-04-02 苏州东巍网络科技有限公司 A kind of interval training data acquisition request and Verification System and method

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1695340A (en) * 2002-09-19 2005-11-09 索尼株式会社 Data processing method, its program, and its device
CN102024002A (en) * 2009-09-10 2011-04-20 上海中信信息发展股份有限公司 Safe storage method and system of filing of electronic documents
CN103152178A (en) * 2013-02-04 2013-06-12 浪潮(北京)电子信息产业有限公司 Cloud computing verification method and system
CN103559434A (en) * 2013-09-22 2014-02-05 四川大学 Generation method for electronic attached sheets in circulation domain
US20140304512A1 (en) * 2013-03-14 2014-10-09 Sergei Pronin Method and system for authenticating and preserving data within a secure data repository
CN105049401A (en) * 2015-03-19 2015-11-11 浙江大学 Secure communication method based on intelligent vehicle
CN105468935A (en) * 2015-11-13 2016-04-06 福州瑞芯微电子股份有限公司 Method, sending end, tool end and burning end for guaranteeing safe burning of KEY

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1695340A (en) * 2002-09-19 2005-11-09 索尼株式会社 Data processing method, its program, and its device
CN102024002A (en) * 2009-09-10 2011-04-20 上海中信信息发展股份有限公司 Safe storage method and system of filing of electronic documents
CN103152178A (en) * 2013-02-04 2013-06-12 浪潮(北京)电子信息产业有限公司 Cloud computing verification method and system
US20140304512A1 (en) * 2013-03-14 2014-10-09 Sergei Pronin Method and system for authenticating and preserving data within a secure data repository
CN103559434A (en) * 2013-09-22 2014-02-05 四川大学 Generation method for electronic attached sheets in circulation domain
CN105049401A (en) * 2015-03-19 2015-11-11 浙江大学 Secure communication method based on intelligent vehicle
CN105468935A (en) * 2015-11-13 2016-04-06 福州瑞芯微电子股份有限公司 Method, sending end, tool end and burning end for guaranteeing safe burning of KEY

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
国家密码管理局: "SM2椭圆曲线公钥密码算法", 《国密局公告21号》 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109559796A (en) * 2018-11-30 2019-04-02 苏州东巍网络科技有限公司 A kind of interval training data acquisition request and Verification System and method

Similar Documents

Publication Publication Date Title
US9673975B1 (en) Cryptographic key splitting for offline and online data protection
CN106357401B (en) A kind of storage of private key and application method
CN103179086B (en) Remote storage processing method and the system of data
US9043610B2 (en) Systems and methods for data security
CN201181472Y (en) Hardware key device and movable memory system
CN107070948A (en) Signature and verification method based on hybrid encryption algorithm in cloud storage
CN110710155A (en) Progressive key encryption algorithm
KR20090058496A (en) A method and apparatus to provide authentication and privacy with low complexity devices
CN101582109A (en) Data encryption method and device, data decryption method and device and solid state disk
CN110868291B (en) Data encryption transmission method, device, system and storage medium
CN103560892A (en) Secret key generation method and secret key generation device
CN105117635A (en) Local data security protection system and method
CN103095452A (en) Random encryption method needing to adopt exhaustion method for deciphering
CN101951315A (en) Key processing method and device
CN102710414A (en) Randomized document block encryption method
CN111210287A (en) Tax UKey-based invoicing method and system
CN104396182A (en) Method of encrypting data
CN109347923A (en) Anti- quantum calculation cloud storage method and system based on unsymmetrical key pond
CN110233729B (en) Encrypted solid-state disk key management method based on PUF
CN107332663A (en) Archive management method based on encryption technology
CN107911221A (en) The key management method of solid-state disk data safety storage
KR101967855B1 (en) Method and system for verifying electronic document security using 2D barcode block division
CN106789046B (en) Method for realizing self-generating key pair
CN101795194B (en) Method for protecting multi-digital certificate of intelligent card
CN103593592A (en) User data encryption and decryption method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20170929