CN107707577A - Multi-layer data encryption method based on encryption transmission system - Google Patents

Multi-layer data encryption method based on encryption transmission system Download PDF

Info

Publication number
CN107707577A
CN107707577A CN201711214556.0A CN201711214556A CN107707577A CN 107707577 A CN107707577 A CN 107707577A CN 201711214556 A CN201711214556 A CN 201711214556A CN 107707577 A CN107707577 A CN 107707577A
Authority
CN
China
Prior art keywords
data
encryption
program module
signed
transmission system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201711214556.0A
Other languages
Chinese (zh)
Inventor
冯先勇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan Zhengda New Mstar Technology Ltd
Original Assignee
Sichuan Zhengda New Mstar Technology Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan Zhengda New Mstar Technology Ltd filed Critical Sichuan Zhengda New Mstar Technology Ltd
Priority to CN201711214556.0A priority Critical patent/CN107707577A/en
Publication of CN107707577A publication Critical patent/CN107707577A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of multi-layer data encryption method based on encryption transmission system, described encryption transmission system includes the first encrypting step and the second encrypting step including the module that downloads, local storage, data cleansing program module, the first cryptographic calculation program module, the second cryptographic calculation program module, ciphertext data distributing program module, certificate authority server unit, signed data passback program module, database and Website server device, described method.The present invention carries out multi-enciphering to data transfer, realizes digital signature and checking computing, significantly improves the security and confidentiality of data transfer.

Description

Multi-layer data encryption method based on encryption transmission system
Technical field
The present invention relates to encryption technology field, more specifically, is related to a kind of multi-layer data based on encryption transmission system Encryption method.
Background technology
In the transmitting procedure of network data information, the AES that generally use is fixed carries out primary encryption, Data transmission security is low.For example, Publication No. CN102523087B Chinese patent discloses a kind of be used for performing net certainly The method and apparatus that network information is encrypted.According to the execution network information certainly to be encrypted obtained, and based on predetermined Selection rule, selects at least one AES from multiple AESs, for believing from execution network described to be encrypted Breath is encrypted;And then to it is described it is to be encrypted be encrypted from performing the network information, after being encrypted with generation from Perform the network information.The technical scheme of the patent is improved from the security for performing network information transfer, and still, existing to solve Certainly the problem of, such as can not solve the problems, such as to sign to network data, the safety of data transfer can not be ensured in signature process Property.
The content of the invention
It is an object of the invention to overcome the deficiencies of the prior art and provide a kind of multi-layer data based on encryption transmission system Encryption method, improve the security and confidentiality of data.
The purpose of the present invention is achieved through the following technical solutions:A kind of multi-layer data based on encryption transmission system Encryption method, including:
Described encryption system includes download module, local storage, data cleansing program module, the first encryption Operation program module, the second cryptographic calculation program module, ciphertext data distributing program module, certificate authority server dress Put, signed data returns program module, database and Website server device;
Described encryption method includes step:
S1:It is clear to local be-encrypted data progress data to storing from the storage of cloud server downloading data to local Wash operation;
S2:First AES computing, the ciphertext data after being encrypted are carried out to the data after cleaning;
S3:By described ciphertext data transfer to certificate authority server, in certificate authority server to institute The ciphertext data stated are signed, and obtain signed data;
S4:Described signed data is back to local, the second encryption is carried out to described signed data in local side calculates Method computing;
S5:By the data transfer for passing through the second cryptographic calculation in step S4 to database, preserved in database by the Two encrypted datas, Website server call the data after the second described cryptographic calculation from described database.
Further, the first described AES is HASH AESs, using described HASH AESs to clear Data after washing are encrypted.
Further, the second described AES is to use asymmetric ECC AESs, is encrypted using described ECC Data after signature are encrypted algorithm.
Further, verification step SS3, described verification step SS3 are also included between step S3 and step S4:To label Name data are verified, signed data is back into local again after being verified, if checking is not by by signed data It is re-transmitted to certificate authority server.
Further, when certificate authority server receives the data back request that checking does not pass through, described card Book rights issuer server is signed to described ciphertext data again.
The beneficial effects of the invention are as follows:
(1) present invention carries out multi-enciphering to data transfer, realizes digital signature and checking computing, improves data Security and confidentiality.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing There is the required accompanying drawing used in technology description to be briefly described, it should be apparent that, drawings in the following description are only this Some embodiments of invention, for those of ordinary skill in the art, without having to pay creative labor, may be used also To obtain other accompanying drawings according to these accompanying drawings.
The step flow chart of the method for Fig. 1 present invention.
Fig. 2 is the structure chart of the system of the present invention.
Embodiment
Technical scheme is described in further detail below in conjunction with the accompanying drawings, but protection scope of the present invention is not limited to It is as described below.All features disclosed in this specification, or implicit disclosed all methods or during the step of, except mutual Beyond the feature and/or step of repulsion, it can combine in any way.
Any feature disclosed in this specification (including any accessory claim, summary and accompanying drawing), except non-specifically chatting State, can alternative features equivalent by other or with similar purpose replaced.I.e., unless specifically stated otherwise, each feature It is an example in a series of equivalent or similar characteristics.
The specific embodiment of the present invention is described more fully below, it should be noted that the embodiments described herein is served only for illustrating Illustrate, be not intended to limit the invention.In the following description, in order to provide thorough understanding of the present invention, a large amount of spies are elaborated Determine details.It will be apparent, however, to one skilled in the art that:This hair need not be carried out using these specific details It is bright.In other instances, in order to avoid obscuring the present invention, known circuit, software or method are not specifically described.
Such as Fig. 1, shown in 2, a kind of multi-layer data encryption method based on encryption transmission system, including:
Fig. 2 is that described encryption system includes download module, local storage, data cleansing program module, the One cryptographic calculation program module, the second cryptographic calculation program module, ciphertext data distributing program module, certificate authority service Device device, signed data passback program module, database and Website server device;
Described encryption method includes step:
S1:It is clear to local be-encrypted data progress data to storing from the storage of cloud server downloading data to local Wash operation;
S2:First AES computing, the ciphertext data after being encrypted are carried out to the data after cleaning;
S3:By described ciphertext data transfer to certificate authority server, in certificate authority server to institute The ciphertext data stated are signed, and obtain signed data;
S4:Described signed data is back to local, the second encryption is carried out to described signed data in local side calculates Method computing;
S5:By the data transfer for passing through the second cryptographic calculation in step S4 to database, preserved in database by the Two encrypted datas, Website server call the data after the second described cryptographic calculation from described database.
Further, the first described AES is HASH AESs, using described HASH AESs to clear Data after washing are encrypted.
Further, the second described AES is to use asymmetric ECC AESs, is encrypted using described ECC Data after signature are encrypted algorithm.
Further, verification step SS3, described verification step SS3 are also included between step S3 and step S4:To label Name data are verified, signed data is back into local again after being verified, if checking is not by by signed data It is re-transmitted to certificate authority server.
Further, when certificate authority server receives the data back request that checking does not pass through, described card Book rights issuer server is signed to described ciphertext data again.
Embodiment 1
Such as Fig. 1, shown in 2, a kind of multi-layer data encryption method based on encryption transmission system, including:
Described encryption system includes download module, local storage, data cleansing program module, the first encryption Operation program module, the second cryptographic calculation program module, ciphertext data distributing program module, certificate authority server dress Put, signed data returns program module, database and Website server device;
Described encryption method includes step:
S1:It is clear to local be-encrypted data progress data to storing from the storage of cloud server downloading data to local Wash operation;
S2:First AES computing, the ciphertext data after being encrypted are carried out to the data after cleaning;
S3:By described ciphertext data transfer to certificate authority server, in certificate authority server to institute The ciphertext data stated are signed, and obtain signed data;
S4:Described signed data is back to local, the second encryption is carried out to described signed data in local side calculates Method computing;
S5:By the data transfer for passing through the second cryptographic calculation in step S4 to database, preserved in database by the Two encrypted datas, Website server call the data after the second described cryptographic calculation from described database.
Embodiment 2
As Fig. 1,2 shows, a kind of multi-layer data encryption method based on encryption transmission system, including:
Described encryption system includes download module, local storage, data cleansing program module, the first encryption Operation program module, the second cryptographic calculation program module, ciphertext data distributing program module, certificate authority server dress Put, signed data returns program module, database and Website server device;
Described encryption method includes step:
S1:It is clear to local be-encrypted data progress data to storing from the storage of cloud server downloading data to local Wash operation;
S2:HASH AES computings, the ciphertext data after being encrypted are carried out to the data after cleaning;
S3:By described ciphertext data transfer to certificate authority server, in certificate authority server to institute The ciphertext data stated are signed, and obtain signed data;
S4:Described signed data is back to local, the second encryption is carried out to described signed data in local side calculates Method computing;
S5:By the data transfer for passing through the second cryptographic calculation in step S4 to database, preserved in database by the Two encrypted datas, Website server call the data after the second described cryptographic calculation from described database.
Embodiment 3
Such as Fig. 1, shown in 2, a kind of multi-layer data encryption method based on encryption transmission system, including:
Described encryption system includes download module, local storage, data cleansing program module, the first encryption Operation program module, the second cryptographic calculation program module, ciphertext data distributing program module, certificate authority server dress Put, signed data returns program module, database and Website server device;
Described encryption method includes step:
S1:It is clear to local be-encrypted data progress data to storing from the storage of cloud server downloading data to local Wash operation;
S2:First AES computing, the ciphertext data after being encrypted are carried out to the data after cleaning;
S3:By described ciphertext data transfer to certificate authority server, in certificate authority server to institute The ciphertext data stated are signed, and obtain signed data;
S4:Described signed data is back to local, ECC AESs are carried out to described signed data in local side Computing;
S5:By the data transfer for passing through the second cryptographic calculation in step S4 to database, preserved in database by the Two encrypted datas, Website server call the data after the second described cryptographic calculation from described database.
Described above is only the preferred embodiment of the present invention.The invention is not limited in foregoing embodiment, The present invention expands to any new feature disclosed in this manual or any new combination, and any new method disclosed Or the step of mistake or any new combination.In other instances, in order to avoid obscuring the present invention, known calculation is not specifically described Method, method or system etc., within the scope of the claimed technical scheme of claims of the present invention limits technical protection, Here is omitted.
It should be understood that the present invention is not limited to form disclosed herein, the row to other embodiment is not to be taken as Remove, and can be used for various other combinations, modification and environment, and can in contemplated scope described herein, by above-mentioned teaching or The technology or knowledge of association area are modified.And the change and change that those skilled in the art are carried out do not depart from the spirit of the present invention And scope, then all should be in the protection domain of appended claims of the present invention.

Claims (5)

  1. A kind of 1. multi-layer data encryption method based on encryption transmission system, it is characterised in that including:
    Described encryption system includes download module, local storage, data cleansing program module, the first cryptographic calculation Program module, the second cryptographic calculation program module, ciphertext data distributing program module, certificate authority server unit, label Name data back program module, database and Website server device;
    Described encryption method includes step:
    S1:From the storage of cloud server downloading data to local, data cleansing behaviour is carried out to storing to local be-encrypted data Make;
    S2:First AES computing, the ciphertext data after being encrypted are carried out to the data after cleaning;
    S3:By described ciphertext data transfer to certificate authority server, in certificate authority server to described Ciphertext data are signed, and obtain signed data;
    S4:Described signed data is back to local, the second AES fortune is carried out to described signed data in local side Calculate;
    S5:By the data transfer for passing through the second cryptographic calculation in step S4 to database, preserve in database and add by second Data after close, Website server call the data after the second described cryptographic calculation from described database.
  2. A kind of 2. multi-layer data encryption method based on encryption transmission system according to claim 1, it is characterised in that bag Include:
    The first described AES is HASH AESs, and the data after cleaning are carried out using described HASH AESs Encryption.
  3. A kind of 3. multi-layer data encryption method based on encryption transmission system according to claim 1, it is characterised in that bag Include:
    The second described AES be use asymmetric ECC AESs, using described ECC AESs to signature after Data are encrypted.
  4. A kind of 4. multi-layer data encryption method based on encryption transmission system according to claim 1, it is characterised in that bag Include:
    Also include verification step SS3, described verification step SS3 between step S3 and step S4:Signed data is tested Card, local is back to after being verified by signed data again, if checking by signed data by not being re-transmitted to card Book rights issuer server.
  5. 5. a kind of multi-layer data encryption method based on encryption transmission system according to claim 4 is characterized in that, bag Include:
    When certificate authority server receives the data back request that checking does not pass through, described certificate authority service Device is signed to described ciphertext data again.
CN201711214556.0A 2017-11-28 2017-11-28 Multi-layer data encryption method based on encryption transmission system Pending CN107707577A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711214556.0A CN107707577A (en) 2017-11-28 2017-11-28 Multi-layer data encryption method based on encryption transmission system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711214556.0A CN107707577A (en) 2017-11-28 2017-11-28 Multi-layer data encryption method based on encryption transmission system

Publications (1)

Publication Number Publication Date
CN107707577A true CN107707577A (en) 2018-02-16

Family

ID=61185524

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711214556.0A Pending CN107707577A (en) 2017-11-28 2017-11-28 Multi-layer data encryption method based on encryption transmission system

Country Status (1)

Country Link
CN (1) CN107707577A (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108737379A (en) * 2018-04-19 2018-11-02 河海大学 A kind of big data transmission process algorithm
CN108773230A (en) * 2018-06-06 2018-11-09 萍乡学院 A kind of accounting voucher automatic generation method
CN109167978A (en) * 2018-10-30 2019-01-08 衡阳师范学院 A kind of multi channel networks monitoring device and monitoring method
CN109302420A (en) * 2018-11-22 2019-02-01 杭州安恒信息技术股份有限公司 Network data security transmission method, system and electronic equipment
CN110535818A (en) * 2018-05-24 2019-12-03 广东技术师范学院 A kind of information secure transmission method

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108737379A (en) * 2018-04-19 2018-11-02 河海大学 A kind of big data transmission process algorithm
CN110535818A (en) * 2018-05-24 2019-12-03 广东技术师范学院 A kind of information secure transmission method
CN108773230A (en) * 2018-06-06 2018-11-09 萍乡学院 A kind of accounting voucher automatic generation method
CN109167978A (en) * 2018-10-30 2019-01-08 衡阳师范学院 A kind of multi channel networks monitoring device and monitoring method
CN109302420A (en) * 2018-11-22 2019-02-01 杭州安恒信息技术股份有限公司 Network data security transmission method, system and electronic equipment

Similar Documents

Publication Publication Date Title
CN107707579A (en) Data encryption and transmission method
CN107707577A (en) Multi-layer data encryption method based on encryption transmission system
CN111209334B (en) Power terminal data security management method based on block chain
CN106533665B (en) Mthods, systems and devices for storing website private key plaintext
CN104715183B (en) A kind of trust authentication method and apparatus during virtual machine operation
CN105007279B (en) Authentication method and Verification System
CN104980477B (en) Data access control method and system under cloud storage environment
CN103888251B (en) A kind of method of virtual machine credible security in cloud environment
TWI734854B (en) Information security verification method, device and system
CN107979599A (en) Data Encrypting Transmission System
CN108347419A (en) Data transmission method and device
CN110474898A (en) Data encrypting and deciphering and key location mode, device, equipment and readable storage medium storing program for executing
CN107810617A (en) Secret certification and supply
CN104283903B (en) The method for down loading and device of file
CN111160909B (en) Hidden static supervision system and method for blockchain supply chain transaction
CN107918731A (en) Method and apparatus for controlling the authority to access to open interface
CN107370595A (en) One kind is based on fine-grained ciphertext access control method
CN107135077B (en) Software protecting method and device
WO2020253108A1 (en) Information hiding method, apparatus, device, and storage medium
CN107342966B (en) Authority credentials distribution method and device
CN109818741A (en) A kind of decryption calculation method and device based on elliptic curve
CN109634615A (en) Dissemination method, verification method and the device of application installation package
CN107994995A (en) A kind of method of commerce, system and the terminal device of lower security medium
CN109218334A (en) Data processing method, device, access control equipment, certificate server and system
CN105791244B (en) For the method for routing change, border router and system between control domain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20180216