CN107707577A - Multi-layer data encryption method based on encryption transmission system - Google Patents
Multi-layer data encryption method based on encryption transmission system Download PDFInfo
- Publication number
- CN107707577A CN107707577A CN201711214556.0A CN201711214556A CN107707577A CN 107707577 A CN107707577 A CN 107707577A CN 201711214556 A CN201711214556 A CN 201711214556A CN 107707577 A CN107707577 A CN 107707577A
- Authority
- CN
- China
- Prior art keywords
- data
- encryption
- program module
- signed
- transmission system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/14—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of multi-layer data encryption method based on encryption transmission system, described encryption transmission system includes the first encrypting step and the second encrypting step including the module that downloads, local storage, data cleansing program module, the first cryptographic calculation program module, the second cryptographic calculation program module, ciphertext data distributing program module, certificate authority server unit, signed data passback program module, database and Website server device, described method.The present invention carries out multi-enciphering to data transfer, realizes digital signature and checking computing, significantly improves the security and confidentiality of data transfer.
Description
Technical field
The present invention relates to encryption technology field, more specifically, is related to a kind of multi-layer data based on encryption transmission system
Encryption method.
Background technology
In the transmitting procedure of network data information, the AES that generally use is fixed carries out primary encryption,
Data transmission security is low.For example, Publication No. CN102523087B Chinese patent discloses a kind of be used for performing net certainly
The method and apparatus that network information is encrypted.According to the execution network information certainly to be encrypted obtained, and based on predetermined
Selection rule, selects at least one AES from multiple AESs, for believing from execution network described to be encrypted
Breath is encrypted;And then to it is described it is to be encrypted be encrypted from performing the network information, after being encrypted with generation from
Perform the network information.The technical scheme of the patent is improved from the security for performing network information transfer, and still, existing to solve
Certainly the problem of, such as can not solve the problems, such as to sign to network data, the safety of data transfer can not be ensured in signature process
Property.
The content of the invention
It is an object of the invention to overcome the deficiencies of the prior art and provide a kind of multi-layer data based on encryption transmission system
Encryption method, improve the security and confidentiality of data.
The purpose of the present invention is achieved through the following technical solutions:A kind of multi-layer data based on encryption transmission system
Encryption method, including:
Described encryption system includes download module, local storage, data cleansing program module, the first encryption
Operation program module, the second cryptographic calculation program module, ciphertext data distributing program module, certificate authority server dress
Put, signed data returns program module, database and Website server device;
Described encryption method includes step:
S1:It is clear to local be-encrypted data progress data to storing from the storage of cloud server downloading data to local
Wash operation;
S2:First AES computing, the ciphertext data after being encrypted are carried out to the data after cleaning;
S3:By described ciphertext data transfer to certificate authority server, in certificate authority server to institute
The ciphertext data stated are signed, and obtain signed data;
S4:Described signed data is back to local, the second encryption is carried out to described signed data in local side calculates
Method computing;
S5:By the data transfer for passing through the second cryptographic calculation in step S4 to database, preserved in database by the
Two encrypted datas, Website server call the data after the second described cryptographic calculation from described database.
Further, the first described AES is HASH AESs, using described HASH AESs to clear
Data after washing are encrypted.
Further, the second described AES is to use asymmetric ECC AESs, is encrypted using described ECC
Data after signature are encrypted algorithm.
Further, verification step SS3, described verification step SS3 are also included between step S3 and step S4:To label
Name data are verified, signed data is back into local again after being verified, if checking is not by by signed data
It is re-transmitted to certificate authority server.
Further, when certificate authority server receives the data back request that checking does not pass through, described card
Book rights issuer server is signed to described ciphertext data again.
The beneficial effects of the invention are as follows:
(1) present invention carries out multi-enciphering to data transfer, realizes digital signature and checking computing, improves data
Security and confidentiality.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing
There is the required accompanying drawing used in technology description to be briefly described, it should be apparent that, drawings in the following description are only this
Some embodiments of invention, for those of ordinary skill in the art, without having to pay creative labor, may be used also
To obtain other accompanying drawings according to these accompanying drawings.
The step flow chart of the method for Fig. 1 present invention.
Fig. 2 is the structure chart of the system of the present invention.
Embodiment
Technical scheme is described in further detail below in conjunction with the accompanying drawings, but protection scope of the present invention is not limited to
It is as described below.All features disclosed in this specification, or implicit disclosed all methods or during the step of, except mutual
Beyond the feature and/or step of repulsion, it can combine in any way.
Any feature disclosed in this specification (including any accessory claim, summary and accompanying drawing), except non-specifically chatting
State, can alternative features equivalent by other or with similar purpose replaced.I.e., unless specifically stated otherwise, each feature
It is an example in a series of equivalent or similar characteristics.
The specific embodiment of the present invention is described more fully below, it should be noted that the embodiments described herein is served only for illustrating
Illustrate, be not intended to limit the invention.In the following description, in order to provide thorough understanding of the present invention, a large amount of spies are elaborated
Determine details.It will be apparent, however, to one skilled in the art that:This hair need not be carried out using these specific details
It is bright.In other instances, in order to avoid obscuring the present invention, known circuit, software or method are not specifically described.
Such as Fig. 1, shown in 2, a kind of multi-layer data encryption method based on encryption transmission system, including:
Fig. 2 is that described encryption system includes download module, local storage, data cleansing program module, the
One cryptographic calculation program module, the second cryptographic calculation program module, ciphertext data distributing program module, certificate authority service
Device device, signed data passback program module, database and Website server device;
Described encryption method includes step:
S1:It is clear to local be-encrypted data progress data to storing from the storage of cloud server downloading data to local
Wash operation;
S2:First AES computing, the ciphertext data after being encrypted are carried out to the data after cleaning;
S3:By described ciphertext data transfer to certificate authority server, in certificate authority server to institute
The ciphertext data stated are signed, and obtain signed data;
S4:Described signed data is back to local, the second encryption is carried out to described signed data in local side calculates
Method computing;
S5:By the data transfer for passing through the second cryptographic calculation in step S4 to database, preserved in database by the
Two encrypted datas, Website server call the data after the second described cryptographic calculation from described database.
Further, the first described AES is HASH AESs, using described HASH AESs to clear
Data after washing are encrypted.
Further, the second described AES is to use asymmetric ECC AESs, is encrypted using described ECC
Data after signature are encrypted algorithm.
Further, verification step SS3, described verification step SS3 are also included between step S3 and step S4:To label
Name data are verified, signed data is back into local again after being verified, if checking is not by by signed data
It is re-transmitted to certificate authority server.
Further, when certificate authority server receives the data back request that checking does not pass through, described card
Book rights issuer server is signed to described ciphertext data again.
Embodiment 1
Such as Fig. 1, shown in 2, a kind of multi-layer data encryption method based on encryption transmission system, including:
Described encryption system includes download module, local storage, data cleansing program module, the first encryption
Operation program module, the second cryptographic calculation program module, ciphertext data distributing program module, certificate authority server dress
Put, signed data returns program module, database and Website server device;
Described encryption method includes step:
S1:It is clear to local be-encrypted data progress data to storing from the storage of cloud server downloading data to local
Wash operation;
S2:First AES computing, the ciphertext data after being encrypted are carried out to the data after cleaning;
S3:By described ciphertext data transfer to certificate authority server, in certificate authority server to institute
The ciphertext data stated are signed, and obtain signed data;
S4:Described signed data is back to local, the second encryption is carried out to described signed data in local side calculates
Method computing;
S5:By the data transfer for passing through the second cryptographic calculation in step S4 to database, preserved in database by the
Two encrypted datas, Website server call the data after the second described cryptographic calculation from described database.
Embodiment 2
As Fig. 1,2 shows, a kind of multi-layer data encryption method based on encryption transmission system, including:
Described encryption system includes download module, local storage, data cleansing program module, the first encryption
Operation program module, the second cryptographic calculation program module, ciphertext data distributing program module, certificate authority server dress
Put, signed data returns program module, database and Website server device;
Described encryption method includes step:
S1:It is clear to local be-encrypted data progress data to storing from the storage of cloud server downloading data to local
Wash operation;
S2:HASH AES computings, the ciphertext data after being encrypted are carried out to the data after cleaning;
S3:By described ciphertext data transfer to certificate authority server, in certificate authority server to institute
The ciphertext data stated are signed, and obtain signed data;
S4:Described signed data is back to local, the second encryption is carried out to described signed data in local side calculates
Method computing;
S5:By the data transfer for passing through the second cryptographic calculation in step S4 to database, preserved in database by the
Two encrypted datas, Website server call the data after the second described cryptographic calculation from described database.
Embodiment 3
Such as Fig. 1, shown in 2, a kind of multi-layer data encryption method based on encryption transmission system, including:
Described encryption system includes download module, local storage, data cleansing program module, the first encryption
Operation program module, the second cryptographic calculation program module, ciphertext data distributing program module, certificate authority server dress
Put, signed data returns program module, database and Website server device;
Described encryption method includes step:
S1:It is clear to local be-encrypted data progress data to storing from the storage of cloud server downloading data to local
Wash operation;
S2:First AES computing, the ciphertext data after being encrypted are carried out to the data after cleaning;
S3:By described ciphertext data transfer to certificate authority server, in certificate authority server to institute
The ciphertext data stated are signed, and obtain signed data;
S4:Described signed data is back to local, ECC AESs are carried out to described signed data in local side
Computing;
S5:By the data transfer for passing through the second cryptographic calculation in step S4 to database, preserved in database by the
Two encrypted datas, Website server call the data after the second described cryptographic calculation from described database.
Described above is only the preferred embodiment of the present invention.The invention is not limited in foregoing embodiment,
The present invention expands to any new feature disclosed in this manual or any new combination, and any new method disclosed
Or the step of mistake or any new combination.In other instances, in order to avoid obscuring the present invention, known calculation is not specifically described
Method, method or system etc., within the scope of the claimed technical scheme of claims of the present invention limits technical protection,
Here is omitted.
It should be understood that the present invention is not limited to form disclosed herein, the row to other embodiment is not to be taken as
Remove, and can be used for various other combinations, modification and environment, and can in contemplated scope described herein, by above-mentioned teaching or
The technology or knowledge of association area are modified.And the change and change that those skilled in the art are carried out do not depart from the spirit of the present invention
And scope, then all should be in the protection domain of appended claims of the present invention.
Claims (5)
- A kind of 1. multi-layer data encryption method based on encryption transmission system, it is characterised in that including:Described encryption system includes download module, local storage, data cleansing program module, the first cryptographic calculation Program module, the second cryptographic calculation program module, ciphertext data distributing program module, certificate authority server unit, label Name data back program module, database and Website server device;Described encryption method includes step:S1:From the storage of cloud server downloading data to local, data cleansing behaviour is carried out to storing to local be-encrypted data Make;S2:First AES computing, the ciphertext data after being encrypted are carried out to the data after cleaning;S3:By described ciphertext data transfer to certificate authority server, in certificate authority server to described Ciphertext data are signed, and obtain signed data;S4:Described signed data is back to local, the second AES fortune is carried out to described signed data in local side Calculate;S5:By the data transfer for passing through the second cryptographic calculation in step S4 to database, preserve in database and add by second Data after close, Website server call the data after the second described cryptographic calculation from described database.
- A kind of 2. multi-layer data encryption method based on encryption transmission system according to claim 1, it is characterised in that bag Include:The first described AES is HASH AESs, and the data after cleaning are carried out using described HASH AESs Encryption.
- A kind of 3. multi-layer data encryption method based on encryption transmission system according to claim 1, it is characterised in that bag Include:The second described AES be use asymmetric ECC AESs, using described ECC AESs to signature after Data are encrypted.
- A kind of 4. multi-layer data encryption method based on encryption transmission system according to claim 1, it is characterised in that bag Include:Also include verification step SS3, described verification step SS3 between step S3 and step S4:Signed data is tested Card, local is back to after being verified by signed data again, if checking by signed data by not being re-transmitted to card Book rights issuer server.
- 5. a kind of multi-layer data encryption method based on encryption transmission system according to claim 4 is characterized in that, bag Include:When certificate authority server receives the data back request that checking does not pass through, described certificate authority service Device is signed to described ciphertext data again.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711214556.0A CN107707577A (en) | 2017-11-28 | 2017-11-28 | Multi-layer data encryption method based on encryption transmission system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711214556.0A CN107707577A (en) | 2017-11-28 | 2017-11-28 | Multi-layer data encryption method based on encryption transmission system |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107707577A true CN107707577A (en) | 2018-02-16 |
Family
ID=61185524
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711214556.0A Pending CN107707577A (en) | 2017-11-28 | 2017-11-28 | Multi-layer data encryption method based on encryption transmission system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107707577A (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108737379A (en) * | 2018-04-19 | 2018-11-02 | 河海大学 | A kind of big data transmission process algorithm |
CN108773230A (en) * | 2018-06-06 | 2018-11-09 | 萍乡学院 | A kind of accounting voucher automatic generation method |
CN109167978A (en) * | 2018-10-30 | 2019-01-08 | 衡阳师范学院 | A kind of multi channel networks monitoring device and monitoring method |
CN109302420A (en) * | 2018-11-22 | 2019-02-01 | 杭州安恒信息技术股份有限公司 | Network data security transmission method, system and electronic equipment |
CN110535818A (en) * | 2018-05-24 | 2019-12-03 | 广东技术师范学院 | A kind of information secure transmission method |
-
2017
- 2017-11-28 CN CN201711214556.0A patent/CN107707577A/en active Pending
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108737379A (en) * | 2018-04-19 | 2018-11-02 | 河海大学 | A kind of big data transmission process algorithm |
CN110535818A (en) * | 2018-05-24 | 2019-12-03 | 广东技术师范学院 | A kind of information secure transmission method |
CN108773230A (en) * | 2018-06-06 | 2018-11-09 | 萍乡学院 | A kind of accounting voucher automatic generation method |
CN109167978A (en) * | 2018-10-30 | 2019-01-08 | 衡阳师范学院 | A kind of multi channel networks monitoring device and monitoring method |
CN109302420A (en) * | 2018-11-22 | 2019-02-01 | 杭州安恒信息技术股份有限公司 | Network data security transmission method, system and electronic equipment |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107707579A (en) | Data encryption and transmission method | |
CN107707577A (en) | Multi-layer data encryption method based on encryption transmission system | |
CN111209334B (en) | Power terminal data security management method based on block chain | |
CN106533665B (en) | Mthods, systems and devices for storing website private key plaintext | |
CN104715183B (en) | A kind of trust authentication method and apparatus during virtual machine operation | |
CN105007279B (en) | Authentication method and Verification System | |
CN104980477B (en) | Data access control method and system under cloud storage environment | |
CN103888251B (en) | A kind of method of virtual machine credible security in cloud environment | |
TWI734854B (en) | Information security verification method, device and system | |
CN107979599A (en) | Data Encrypting Transmission System | |
CN108347419A (en) | Data transmission method and device | |
CN110474898A (en) | Data encrypting and deciphering and key location mode, device, equipment and readable storage medium storing program for executing | |
CN107810617A (en) | Secret certification and supply | |
CN104283903B (en) | The method for down loading and device of file | |
CN111160909B (en) | Hidden static supervision system and method for blockchain supply chain transaction | |
CN107918731A (en) | Method and apparatus for controlling the authority to access to open interface | |
CN107370595A (en) | One kind is based on fine-grained ciphertext access control method | |
CN107135077B (en) | Software protecting method and device | |
WO2020253108A1 (en) | Information hiding method, apparatus, device, and storage medium | |
CN107342966B (en) | Authority credentials distribution method and device | |
CN109818741A (en) | A kind of decryption calculation method and device based on elliptic curve | |
CN109634615A (en) | Dissemination method, verification method and the device of application installation package | |
CN107994995A (en) | A kind of method of commerce, system and the terminal device of lower security medium | |
CN109218334A (en) | Data processing method, device, access control equipment, certificate server and system | |
CN105791244B (en) | For the method for routing change, border router and system between control domain |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
WD01 | Invention patent application deemed withdrawn after publication | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20180216 |