CN107222311A - A kind of processing system of multiple communication verification identity - Google Patents
A kind of processing system of multiple communication verification identity Download PDFInfo
- Publication number
- CN107222311A CN107222311A CN201710537143.XA CN201710537143A CN107222311A CN 107222311 A CN107222311 A CN 107222311A CN 201710537143 A CN201710537143 A CN 201710537143A CN 107222311 A CN107222311 A CN 107222311A
- Authority
- CN
- China
- Prior art keywords
- module
- encrypted
- encryption
- file
- encrypting module
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3006—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
- H04L9/302—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the integer factorization problem, e.g. RSA or quadratic sieve [QS] schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Power Engineering (AREA)
- Computer And Data Communications (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of processing system of multiple communication verification identity, management end includes:For the first communication module communicated with client;For the first encrypting module that file is encrypted and decrypted;For the second encrypting module that file is encrypted and decrypted;The first storage module for save File file;Control module for generating text at random;Control module is additionally operable to two summary codes of contrast;Client includes:For the second communication module communicated with management end;For the 3rd encrypting module that file is encrypted and decrypted;For the 4th encrypting module that file is encrypted and decrypted;For the second storage module of the private key for storing the first AES;A kind of processing system of multiple communication verification identity of the present invention, by setting above-mentioned module so that the species of encrypted combination increases again in geometry, so as to significantly extend the time of cracking, improves the security in verification process.
Description
Technical field
The present invention relates to coded communication field, and in particular to a kind of processing system of multiple communication verification identity.
Background technology
Enciphered method is used using computer in digital communication, changes the digital structure of load information.Computerized information is protected
Shield is then based on software cryptography.Current most popular in the world several encryption systems and AES have:RSA Algorithm and CCEP are calculated
Method etc..To prevent from decoding, floppy disk is also encrypted and encrypted to encryption software frequently with hardware.Some Software Commodities are often with a kind of small
Hard card, here it is hardware encryption measures.Laser beam perforation is used on floppy disk, making the memory block of software has not well known part to deposit
It is bad, it is possible to prevent bootlegging.Such encryption floppy disk can be the librarian use for not grasping encryption technology, soft to protect
Part.Due to the bootlegging of computer software, decryption and problem of piracy are increasingly serious, or even trigger international dispute, therefore to letter
The research and development of encryption for information technology and cryptographic means, are paid attention to by various countries' computer circle, and development is maked rapid progress.
However, due in existing authentication techniques, being only authenticated by digital certificate to data requester, and numeral card
Book is easy to be forged, even if Content of Communication is encrypted using AES, also due to verification process is not perfect enough, leads
The Content of Communication after encryption is caused to be stolen and by cracking for a long time so that Content of Communication is divulged a secret.
The content of the invention
The technical problems to be solved by the invention are that existing authentication techniques are not perfect enough, are easily caused the communication after encryption
Content is stolen and by cracking for a long time so that Content of Communication is divulged a secret, it is therefore intended that provide a kind of repeatedly communication verification identity
Processing system, solve the above problems.
The present invention is achieved through the following technical solutions:
A kind of processing system of multiple communication verification identity, including:Management end and client;The management end includes:With
In the first communication module communicated with client;For the first encrypting module that file is encrypted and decrypted;It is described
Preset first AES in first encrypting module;For the second encrypting module that file is encrypted and decrypted;Described
Preset second AES in two encrypting modules;The first storage module for save File file;For generating text at random
The control module of file;The control module is additionally operable to two summary codes of contrast;The client includes:For entering with management end
The second communication module of row communication;For the 3rd encrypting module that file is encrypted and decrypted;3rd encrypting module
Interior preset first AES;For the 4th encrypting module that file is encrypted and decrypted;In 4th encrypting module
Preset second AES;For the second storage module of the private key for storing the first AES;Client passes through second
Communication module is to management end request data, and then control module generates text and encrypted by the first encrypting module at random will
Text and public-key cryptography after encryption are sent to client by first communication module;After 3rd encrypting module is to encryption
Private key of the text in public-key cryptography and the second storage module is decrypted, and then the 4th encrypting module is to text
File is encrypted, and generate length 32 summary code sent by second communication module to management end;Second encrypting module
Text is encrypted, and generates the summary code of length 32, control module is contrasted to two summary codes, when both
When identical, the first encrypting module is encrypted to files and then passes through the files after encryption and new public-key cryptography
First communication module is sent to client;3rd encrypting module is according to the shelves after new public-key cryptography and private key decryption encryption
Case file acquisition files.
In the prior art, only data requester is authenticated by digital certificate, and digital certificate is easy to be forged,
Even if Content of Communication is encrypted using AES, also due to verification process is not perfect enough, cause the communication after encryption
Content is stolen and by cracking for a long time so that Content of Communication is divulged a secret.When the present invention is applied, client passes through the second communication
Module is to management end request data, and control module generates text and then will encryption by the encryption of the first encrypting module at random
Text and public-key cryptography afterwards is sent to client by first communication module;3rd encrypting module is to the text after encryption
Private key of the file in public-key cryptography and the second storage module is decrypted, and then the 4th encrypting module is to text
It is encrypted, and generates the summary code of length 32 and is sent by second communication module to management end;Second encrypting module is to text
This document is encrypted, and generates the summary code of length 32, and control module is contrasted to two summary codes, when both are identical
When, the first encrypting module files is encrypted and then by the files after encryption and new public-key cryptography by first
Communication module is sent to client;3rd encrypting module is according to the archives text after new public-key cryptography and private key decryption encryption
Part obtains files.The present invention is provided with Tertiary infilling process, and management end is carried out by preceding ciphering process twice to management end
Authentication, because the species of AES is a lot, the species of the preceding combination encrypted twice can again increase in geometry, such as existing
The quantity of AES is N, then the species of the preceding combination encrypted twice is N2, so that cracking the time of encryption in geometry times
Increase, improve the security in verification process, and files are encrypted again so that Tertiary infilling process is likely to occur
Geometry increases species again again, such as the quantity of existing AES is N, then the species that Tertiary infilling process is likely to occur is
N3, significantly increase and crack difficulty, improve the security of the present invention.
Further, the private key uses the prime number of 32.
Further, the public-key cryptography is using private key and the product of another prime number of 32.
When the present invention is applied, using this algorithm, due to being extremely difficult thing by public-key cryptography progress factorization,
The prime number of two 32 is multiplied, and can generate a very big public-key cryptography, further increases the security of the present invention.
Further, the text that control module is generated at random uses 128byte.
When the present invention is applied, 128byte file can also be quickly transmitted very much later even if encryption, and
128byte file also is difficult to crack.
Further, the summary code of the length 32 uses MD5 codes.
The present invention compared with prior art, has the following advantages and advantages:
A kind of processing system of multiple communication verification identity of the present invention, by setting above-mentioned module so that encrypted combination
Species increases again in geometry, so as to significantly extend the time of cracking, improves the security in verification process.
Brief description of the drawings
Accompanying drawing described herein is used for providing further understanding the embodiment of the present invention, constitutes one of the application
Point, do not constitute the restriction to the embodiment of the present invention.In the accompanying drawings:
Fig. 1 is present system structural representation.
Embodiment
For the object, technical solutions and advantages of the present invention are more clearly understood, with reference to embodiment and accompanying drawing, to this
Invention is described in further detail, and exemplary embodiment and its explanation of the invention is only used for explaining the present invention, does not make
For limitation of the invention.
Embodiment
As shown in figure 1, a kind of processing system of multiple communication verification identity of the present invention, including:Management end and client;Institute
Stating management end includes:For the first communication module communicated with client;For file is encrypted and decrypted
One encrypting module;Preset first AES in first encrypting module;For file is encrypted and decrypted second
Encrypting module;Preset second AES in second encrypting module;The first storage module for save File file;With
In the control module of generation text at random;The control module is additionally operable to two summary codes of contrast;The client includes:
For the second communication module communicated with management end;For the 3rd encrypting module that file is encrypted and decrypted;Institute
State preset first AES in the 3rd encrypting module;For the 4th encrypting module that file is encrypted and decrypted;It is described
Preset second AES in 4th encrypting module;For the second storage module of the private key for storing the first AES;
Client is by second communication module to management end request data, and control module generates text and by the first encryption at random
Then module encryption is sent the text and public-key cryptography after encryption to client by first communication module;3rd encryption
Private key of the text after encryption in public-key cryptography and the second storage module is decrypted module, and then the 4th
Text is encrypted encrypting module, and generate length 32 summary code sent by second communication module to management
End;Text is encrypted second encrypting module, and generates the summary code of length 32, and control module is to two summary codes
Contrasted, when both are identical, the first encrypting module files are encrypted then by the files after encryption and
New public-key cryptography is sent to client by first communication module;3rd encrypting module is close according to new public-key cryptography and secret
Files after key decryption encryption obtain files.The private key uses the prime number of 32.The public-key cryptography is adopted
With private key and the product of another prime number of 32.The text that control module is generated at random uses 128byte.It is described
The summary code that length is 32 uses MD5 codes.
When the present embodiment is implemented, client is by second communication module to management end request data, and control module is given birth at random
Encrypted into text and by the first encrypting module and then the text and public-key cryptography after encryption are passed through into the first communication
Module is sent to client;3rd encrypting module is to the text after encryption according in public-key cryptography and the second storage module
Private key is decrypted, and then text is encrypted the 4th encrypting module, and it is logical to generate the summary code of length 32
Second communication module is crossed to send to management end;Text is encrypted second encrypting module, and generates plucking for length 32
Code is wanted, control module is contrasted to two summary codes, and when both are identical, files are encrypted the first encrypting module
Then the files after encryption and new public-key cryptography are sent to client by first communication module;3rd encrypting module
Files are obtained according to the files after new public-key cryptography and private key decryption encryption.The present invention is provided with three times and added
Close process, management end carries out authentication by preceding ciphering process twice to management end, preceding because the species of AES is a lot
The species for the combination encrypted twice can again increase in geometry, such as the quantity of existing AES is N, then the preceding group encrypted twice
The species of conjunction is N2, so that the time for cracking encryption increases again in geometry, the security in verification process is improved, and it is right
Files are encrypted again so that geometry increases the species that Tertiary infilling process is likely to occur again again, such as existing encryption is calculated
The quantity of method is N, then the species that Tertiary infilling process is likely to occur is N3, significantly increase and crack difficulty, improve this hair
Bright security.Using this algorithm, due to being extremely difficult thing by public-key cryptography progress factorization, two 32
Prime number is multiplied, and can generate a very big public-key cryptography, further increases the security of the present invention.128byte file is
Make quickly be transmitted very much after encryption, and 128byte file also is difficult to crack.
Above-described embodiment, has been carried out further to the purpose of the present invention, technical scheme and beneficial effect
Describe in detail, should be understood that the embodiment that the foregoing is only the present invention, be not intended to limit the present invention
Protection domain, within the spirit and principles of the invention, any modification, equivalent substitution and improvements done etc. all should be included
Within protection scope of the present invention.
Claims (5)
1. a kind of processing system of multiple communication verification identity, it is characterised in that including:Management end and client;The management
End includes:
For the first communication module communicated with client;
For the first encrypting module that file is encrypted and decrypted;Preset first encryption is calculated in first encrypting module
Method;
For the second encrypting module that file is encrypted and decrypted;Preset second encryption is calculated in second encrypting module
Method;
The first storage module for save File file;
Control module for generating text at random;The control module is additionally operable to two summary codes of contrast;
The client includes:
For the second communication module communicated with management end;
For the 3rd encrypting module that file is encrypted and decrypted;Preset first encryption is calculated in 3rd encrypting module
Method;
For the 4th encrypting module that file is encrypted and decrypted;Preset second encryption is calculated in 4th encrypting module
Method;
For the second storage module of the private key for storing the first AES;
Client is by second communication module to management end request data, and control module generates text and by first at random
Then encrypting module encryption is sent the text and public-key cryptography after encryption to client by first communication module;3rd
Private key of the text after encryption in public-key cryptography and the second storage module is decrypted encrypting module, then
Text is encrypted 4th encrypting module, and generate length 32 summary code sent by second communication module to pipe
Manage end;Text is encrypted second encrypting module, and generates the summary code of length 32, and control module is made a summary to two
Code is contrasted, when both are identical, and then the first encrypting module files is encrypted the files after encryption
Sent with new public-key cryptography by first communication module to client;3rd encrypting module is according to new public-key cryptography and secret
Files after secret key decryption encryption obtain files.
2. the processing system of a kind of multiple communication verification identity according to claim 1, it is characterised in that the secret is close
Key uses the prime number of 32.
3. it is according to claim 1 it is a kind of it is multiple communication verification identity processing system, it is characterised in that it is described disclose it is close
Key is using private key and the product of another prime number of 32.
4. it is according to claim 1 it is a kind of it is multiple communication verification identity processing system, it is characterised in that control module with
The text of machine generation uses 128byte.
5. a kind of processing system of multiple communication verification identity according to claim 1, it is characterised in that the length 32
The summary code of position uses MD5 codes.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710537143.XA CN107222311A (en) | 2017-07-04 | 2017-07-04 | A kind of processing system of multiple communication verification identity |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201710537143.XA CN107222311A (en) | 2017-07-04 | 2017-07-04 | A kind of processing system of multiple communication verification identity |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107222311A true CN107222311A (en) | 2017-09-29 |
Family
ID=59951690
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201710537143.XA Pending CN107222311A (en) | 2017-07-04 | 2017-07-04 | A kind of processing system of multiple communication verification identity |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107222311A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109559796A (en) * | 2018-11-30 | 2019-04-02 | 苏州东巍网络科技有限公司 | A kind of interval training data acquisition request and Verification System and method |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1695340A (en) * | 2002-09-19 | 2005-11-09 | 索尼株式会社 | Data processing method, its program, and its device |
CN102024002A (en) * | 2009-09-10 | 2011-04-20 | 上海中信信息发展股份有限公司 | Safe storage method and system of filing of electronic documents |
CN103152178A (en) * | 2013-02-04 | 2013-06-12 | 浪潮(北京)电子信息产业有限公司 | Cloud computing verification method and system |
CN103559434A (en) * | 2013-09-22 | 2014-02-05 | 四川大学 | Generation method for electronic attached sheets in circulation domain |
US20140304512A1 (en) * | 2013-03-14 | 2014-10-09 | Sergei Pronin | Method and system for authenticating and preserving data within a secure data repository |
CN105049401A (en) * | 2015-03-19 | 2015-11-11 | 浙江大学 | Secure communication method based on intelligent vehicle |
CN105468935A (en) * | 2015-11-13 | 2016-04-06 | 福州瑞芯微电子股份有限公司 | Method, sending end, tool end and burning end for guaranteeing safe burning of KEY |
-
2017
- 2017-07-04 CN CN201710537143.XA patent/CN107222311A/en active Pending
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1695340A (en) * | 2002-09-19 | 2005-11-09 | 索尼株式会社 | Data processing method, its program, and its device |
CN102024002A (en) * | 2009-09-10 | 2011-04-20 | 上海中信信息发展股份有限公司 | Safe storage method and system of filing of electronic documents |
CN103152178A (en) * | 2013-02-04 | 2013-06-12 | 浪潮(北京)电子信息产业有限公司 | Cloud computing verification method and system |
US20140304512A1 (en) * | 2013-03-14 | 2014-10-09 | Sergei Pronin | Method and system for authenticating and preserving data within a secure data repository |
CN103559434A (en) * | 2013-09-22 | 2014-02-05 | 四川大学 | Generation method for electronic attached sheets in circulation domain |
CN105049401A (en) * | 2015-03-19 | 2015-11-11 | 浙江大学 | Secure communication method based on intelligent vehicle |
CN105468935A (en) * | 2015-11-13 | 2016-04-06 | 福州瑞芯微电子股份有限公司 | Method, sending end, tool end and burning end for guaranteeing safe burning of KEY |
Non-Patent Citations (1)
Title |
---|
国家密码管理局: "SM2椭圆曲线公钥密码算法", 《国密局公告21号》 * |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109559796A (en) * | 2018-11-30 | 2019-04-02 | 苏州东巍网络科技有限公司 | A kind of interval training data acquisition request and Verification System and method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9673975B1 (en) | Cryptographic key splitting for offline and online data protection | |
CN106357401B (en) | A kind of storage of private key and application method | |
CN103179086B (en) | Remote storage processing method and the system of data | |
US9043610B2 (en) | Systems and methods for data security | |
CN201181472Y (en) | Hardware key device and movable memory system | |
CN107070948A (en) | Signature and verification method based on hybrid encryption algorithm in cloud storage | |
CN110710155A (en) | Progressive key encryption algorithm | |
KR20090058496A (en) | A method and apparatus to provide authentication and privacy with low complexity devices | |
CN101582109A (en) | Data encryption method and device, data decryption method and device and solid state disk | |
CN110868291B (en) | Data encryption transmission method, device, system and storage medium | |
CN103560892A (en) | Secret key generation method and secret key generation device | |
CN105117635A (en) | Local data security protection system and method | |
CN103095452A (en) | Random encryption method needing to adopt exhaustion method for deciphering | |
CN101951315A (en) | Key processing method and device | |
CN102710414A (en) | Randomized document block encryption method | |
CN111210287A (en) | Tax UKey-based invoicing method and system | |
CN104396182A (en) | Method of encrypting data | |
CN109347923A (en) | Anti- quantum calculation cloud storage method and system based on unsymmetrical key pond | |
CN110233729B (en) | Encrypted solid-state disk key management method based on PUF | |
CN107332663A (en) | Archive management method based on encryption technology | |
CN107911221A (en) | The key management method of solid-state disk data safety storage | |
KR101967855B1 (en) | Method and system for verifying electronic document security using 2D barcode block division | |
CN106789046B (en) | Method for realizing self-generating key pair | |
CN101795194B (en) | Method for protecting multi-digital certificate of intelligent card | |
CN103593592A (en) | User data encryption and decryption method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170929 |