CN107896148A - A kind of method and system of encryption and decryption data - Google Patents
A kind of method and system of encryption and decryption data Download PDFInfo
- Publication number
- CN107896148A CN107896148A CN201711418059.2A CN201711418059A CN107896148A CN 107896148 A CN107896148 A CN 107896148A CN 201711418059 A CN201711418059 A CN 201711418059A CN 107896148 A CN107896148 A CN 107896148A
- Authority
- CN
- China
- Prior art keywords
- quantum
- vpn
- key
- encryption
- equipment
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0485—Networking architectures for enhanced packet encryption processing, e.g. offloading of IPsec packet processing or efficient security association look-up
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
Abstract
The invention discloses a kind of method and system of encryption and decryption data, the present invention synchronously obtains multiple quantum keys by encrypting looking somebody up and down sub-VPN equipment and decryption looking somebody up and down sub-VPN equipment, and buffer area is present into the quantum key of acquisition, subsequently treat encryption and decryption data using each quantum key successively and carry out encryption and decryption, that is, the present invention obtains multiple quantum keys by synchronous, and establish quantum key buffering area, the Fast transforms of the quantum key in ipsec encryption process are realized, the efficiency of encryption and decryption when greatly improving the communication of quantum VPN device.
Description
Technical field
The present invention relates to field of computer technology, more particularly to a kind of method and system of encryption and decryption data.
Background technology
Quantum key is that direct request amount child servers are read at present.First, vpn is sent close to quantum key server
Key negotiation request packet, then quantum key server produce key be sent to vpn equipment.Vpn equipment passes through the key encryption and decryption
Data.
But when data volume is larger, it is necessary to which gateway device improves the renewal frequency of quantum key, and uses existing obtain
The mode of taken amount sub-key, Fast transforms key can not be realized.
The content of the invention
The invention provides a kind of method and system of encryption and decryption data, and Fast transforms can not be realized to solve prior art
The problem of key.
On the one hand, the invention provides a kind of method of encryption and decryption data, this method to include:Based on ipsec synchronous protocols,
Encryption looking somebody up and down sub-VPN equipment and decryption looking somebody up and down sub-VPN equipment obtain multiple quantum keys by quantum key server sync;Institute
State encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN device is cached the quantum key of acquisition respectively, and press institute
The sequence of quantum key is stated, the quantum key is passed sequentially through and treats encryption and decryption data progress encryption and decryption.
Further, the encryption looking somebody up and down sub-VPN equipment and decryption looking somebody up and down sub-VPN equipment are same by quantum key server
Step obtains multiple quantum keys, specifically includes:The encryption looking somebody up and down sub-VPN equipment is close by quantum key server acquisition quantum
After key, send key to the decrypting end quantum VPN device and prefetch request;
The decrypting end quantum VPN device is received after the key prefetches request, is obtained by quantum key server
The quantum key.
Further, the encryption looking somebody up and down sub-VPN equipment and decryption looking somebody up and down sub-VPN equipment are same by quantum key server
After step obtains multiple quantum keys, the encryption looks sub-VPN equipment and the decrypting end quantum VPN device up and down by the amount of acquisition
Before sub-key is cached respectively, in addition to:
Sub-VPN equipment and the decrypting end quantum VPN device quantum key to synchronously obtaining respectively are look in the encryption up and down
Verified.
Further, the quantum key synchronously obtained is verified, specifically included:
Judge whether the time of the decrypting end quantum VPN device acquisition quantum key exceedes default acquisition key
Time threshold;
If it is, the triggering encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN device reacquire quantum
Key;
Otherwise, then the amount that the encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN device obtain is determined whether
Whether the number of keys of sub-key is consistent, if the inconsistent triggering encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum
VPN device reacquires quantum key, and the encryption looking somebody up and down sub-VPN equipment and the decryption are further judged if consistent
Whether consistent each cipher key content that sub-VPN equipment obtains is look up and down, if the encryption looking somebody up and down sub-VPN equipment and the decrypting end
Each cipher key content that quantum VPN device obtains unanimously then judges that quantum key verifies successfully, if the encryption looking somebody up and down sub-VPN
Each cipher key content that equipment and the decrypting end quantum VPN device obtain is inconsistent, then judges verification failure.
Further, judge it is described encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN device obtain it is each close
Whether key content is consistent, specifically includes:Sub-VPN equipment and the decrypting end quantum are look in the encryption for judging to be calculated up and down
Whether the MD5 values for each cipher key digest algorithm that VPN device obtains are consistent.
On the other hand, the present invention also provides a kind of system of encryption and decryption data, and the system includes
Encryption looking somebody up and down sub-VPN equipment, it is close by quantum with decrypting end quantum VPN device for based on ipsec synchronous protocols
Key server sync obtains multiple quantum keys, will be cached the quantum key of acquisition respectively, and press the quantum key
Sequence, pass sequentially through the quantum key and be-encrypted data be encrypted;
The decrypting end quantum VPN device, for based on ipsec synchronous protocols, leading to the encryption looking somebody up and down sub-VPN equipment
Cross quantum key server sync and obtain multiple quantum keys, the quantum key of acquisition will be cached respectively, and by described
The sequence of quantum key, passes sequentially through the quantum key and treats ciphertext data and be decrypted.
Further, the encryption looking somebody up and down sub-VPN equipment is additionally operable to, and quantum key is obtained by quantum key server
Afterwards, send key to the decrypting end quantum VPN device and prefetch request;
The decrypting end quantum VPN device is additionally operable to, and is received after the key prefetches request, is passed through quantum key service
Device obtains the quantum key.
Further, the encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN device are additionally operable to, to synchronously obtaining
The quantum key taken is verified.
Further, the encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN device are additionally operable to, described in judgement
Whether the time that decrypting end quantum VPN device obtains the quantum key exceedes default acquisition key time threshold value;
If it is, the triggering encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN device reacquire quantum
Key;
Otherwise, then the amount that the encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN device obtain is determined whether
Whether the number of keys of sub-key is consistent, if the inconsistent triggering encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum
VPN device reacquires quantum key, and the encryption looking somebody up and down sub-VPN equipment and the decryption are further judged if consistent
Whether consistent each cipher key content that sub-VPN equipment obtains is look up and down, if the encryption looking somebody up and down sub-VPN equipment and the decrypting end
Each cipher key content that quantum VPN device obtains unanimously then judges that quantum key verifies successfully, if the encryption looking somebody up and down sub-VPN
Each cipher key content that equipment and the decrypting end quantum VPN device obtain is inconsistent, then judges verification failure.
Further, the encryption looking somebody up and down sub-VPN equipment is additionally operable to, and judges the encryption looking somebody up and down sub-VPN being calculated
Whether the MD5 values for each cipher key digest algorithm that equipment obtains with the decrypting end quantum VPN device are consistent;
The decrypting end quantum VPN device is additionally operable to, the encryption looking somebody up and down sub-VPN equipment that judges to be calculated and described
Whether the MD5 values for each cipher key digest algorithm that decrypting end quantum VPN device obtains are consistent.
The present invention has the beneficial effect that:
The present invention synchronously obtains multiple quantum keys by encrypting looking somebody up and down sub-VPN equipment and decryption looking somebody up and down sub-VPN equipment, and
Buffer area is present into the quantum key of acquisition, subsequently treating encryption and decryption data using each quantum key successively carries out encryption and decryption,
That is, the present invention obtains multiple quantum keys by synchronous, and quantum key buffering area is established, realize and add in ipsec
The Fast transforms of quantum key in decrypting process, the efficiency of encryption and decryption when greatly improving the communication of quantum VPN device.
Brief description of the drawings
Fig. 1 is a kind of schematic flow sheet of encryption and decryption data method of the embodiment of the present invention;
Fig. 2 is a kind of structural representation of the system of encryption and decryption data of the embodiment of the present invention.
Embodiment
In order to solve the problems, such as that prior art can not realize Fast transforms key, the invention provides a kind of encryption and decryption data
Method and system, the present invention by encrypt looking somebody up and down sub-VPN equipment and decryption looking somebody up and down sub-VPN equipment synchronously to obtain multiple quantum close
Key, and buffer area is present into the quantum key of acquisition, subsequently treating encryption and decryption data using each quantum key successively is added
Decryption, that is to say, that the present invention obtains multiple quantum keys by synchronous, and establishes quantum key buffering area, realizes
The Fast transforms of quantum key in ipsec encryption process, the effect of encryption and decryption when greatly improving the communication of quantum VPN device
Rate.Below in conjunction with accompanying drawing and embodiment, the present invention will be described in further detail.It should be appreciated that tool described herein
Body embodiment does not limit the present invention only to explain the present invention.
The embodiments of the invention provide a kind of method of encryption and decryption data, referring to Fig. 1, this method includes:
S101, based on ipsec synchronous protocols, encryption looking somebody up and down sub-VPN equipment and decryption looking somebody up and down sub-VPN equipment are close by quantum
Key server sync obtains multiple quantum keys;
S101, the encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN device distinguish the quantum key of acquisition
Cached, and by the sequence of the quantum key, pass sequentially through the quantum key and treat encryption and decryption data progress encryption and decryption.
That is, the embodiment of the present invention obtains multiple quantum keys by synchronous, and the quantum key of acquisition is stored
In quantum key buffering area, so as to realize the Fast transforms of the quantum key in ipsec encryption process, and then greatly improve
The efficiency of encryption and decryption during the communication of quantum VPN device.
In simple terms, the embodiment of the present invention be by quantum key synchronously prefetch and caching technology, come improve key association
Business and the efficiency of communication.
When it is implemented, encryption looking somebody up and down sub-VPN equipment described in the embodiment of the present invention and decryption looking somebody up and down sub-VPN equipment throughput
Sub-key server sync obtains multiple quantum keys, specifically includes:
After the encryption looking somebody up and down sub-VPN equipment obtains quantum key by quantum key server, look up and down to the decryption
Sub-VPN equipment sends key and prefetches request;
The decrypting end quantum VPN device is received after the key prefetches request, is obtained by quantum key server
The quantum key.
Specifically, the quantum key service of pairing, quantum are respectively configured for quantum VPN device both ends for the embodiment of the present invention
VPN device can be used as initiator or be used as responder, and initiator's timing goes quantum key server to obtain one
Quantitative cipher key content, and other side is informed by synchronous protocol.Responder receives after key prefetches request and verifies the relevant information amount of going
Sub-key server obtains key.
It should be noted that quantum key of the embodiment of the present invention is mainly used in data communication process carrying out communication data
Encryption and decryption, can be the sequence that quantum key is set in quantum key server side for the multiple quantum keys obtained simultaneously,
And obtaining quantum key simultaneously, the sequence is together issued, naturally it is also possible to be from cipher key cache in, data encryption
The key that encryption uses is obtained in pond, other side's cipher key index is informed by message, decrypting end is obtained by cipher key index and solved
Key, it can so ensure that data communication is more safe and reliable.
When it is implemented, encryption looking somebody up and down sub-VPN equipment described in the embodiment of the present invention and decryption looking somebody up and down sub-VPN equipment throughput
After sub-key server sync obtains multiple quantum keys, the encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN
Before equipment is cached the quantum key of acquisition respectively, in addition to:
Sub-VPN equipment and the decrypting end quantum VPN device quantum key to synchronously obtaining respectively are look in the encryption up and down
Verified.
The quantum key synchronously obtained is verified described in the embodiment of the present invention, specifically included:Judge the decrypting end
Whether the time that quantum VPN device obtains the quantum key exceedes default acquisition key time threshold value;
If it is, the triggering encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN device reacquire quantum
Key;
Otherwise, then the amount that the encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN device obtain is determined whether
Whether the number of keys of sub-key is consistent, if the inconsistent triggering encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum
VPN device reacquires quantum key, and the encryption looking somebody up and down sub-VPN equipment and the decryption are further judged if consistent
Whether consistent each cipher key content that sub-VPN equipment obtains is look up and down, if the encryption looking somebody up and down sub-VPN equipment and the decrypting end
Each cipher key content that quantum VPN device obtains unanimously then judges that quantum key verifies successfully, if the encryption looking somebody up and down sub-VPN
Each cipher key content that equipment and the decrypting end quantum VPN device obtain is inconsistent, then judges verification failure.
When it is implemented, the embodiment of the present invention, judges the encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN
Whether each cipher key content that equipment obtains is consistent, specifically includes:Judge be calculated the encryption looking somebody up and down sub-VPN equipment and
Whether the MD5 values for each cipher key digest algorithm that the decrypting end quantum VPN device obtains are consistent.
Certainly when it is implemented, those skilled in the art can also be carried out using other method to each cipher key content
Verification, the present invention is to this and is not specifically limited.
The embodiment of the present invention is by the verification to quantum key, so as to ensure that encryption looking somebody up and down sub-VPN equipment and decryption are look up and down
The uniformity for the quantum key that sub-VPN equipment uses.
Detailed explanation and illustration will be carried out to method of the present invention by a specific example below:
The quantum key changing method of the embodiment of the present invention mainly include key synchronization and key for the use of two.
1) key synchronization specifically includes:
It is synchronous to obtain:Quantum VPN device both ends (that is, encryption looking somebody up and down sub-VPN equipment and decryption looking somebody up and down sub-VPN equipment) are respectively
The quantum key service of pairing is configured, initiator's timing goes quantum key server to obtain a certain amount of cipher key content, and by same
Step agreement informs other side.Responder receives verification relevant information after key prefetches request and goes quantum key server to obtain key;
Synchronisation key:Two sides are compared verification to the cipher key content synchronously got, and other side is informed by synchronous protocol
Relevant information has checked whether to get identical key.
It is synchronously written:If key by verification, write respective buffering area immediately, now key is state to be enabled, and
Other side's relative index information is informed by synchronous protocol, key, which enters, enables state.
2) use of quantum key:Quantum key is mainly used in data communication process carrying out encryption and decryption to communication data,
The key that encryption uses is obtained during data encryption from cipher key cache pond, other side's cipher key index is informed by message, is decrypted
End obtains decruption key by cipher key index, can so ensure that data communication is more safe and reliable.
The embodiment of the present invention additionally provides a kind of system of encryption and decryption data, and referring to Fig. 2, the system includes:
Encryption looking somebody up and down sub-VPN equipment, it is close by quantum with decrypting end quantum VPN device for based on ipsec synchronous protocols
Key server sync obtains multiple quantum keys, will be cached the quantum key of acquisition respectively, and press the quantum key
Sequence, pass sequentially through the quantum key and be-encrypted data be encrypted;
The decrypting end quantum VPN device, for based on ipsec synchronous protocols, leading to the encryption looking somebody up and down sub-VPN equipment
Cross quantum key server sync and obtain multiple quantum keys, the quantum key of acquisition will be cached respectively, and by described
The sequence of quantum key, passes sequentially through the quantum key and treats ciphertext data and be decrypted.
That is, the embodiment of the present invention is synchronously obtained by encrypting looking somebody up and down sub-VPN equipment and decryption looking somebody up and down sub-VPN equipment
Multiple quantum keys, and buffer area is present into the quantum key of acquisition, subsequently treat encryption and decryption using each quantum key successively
Data carry out encryption and decryption, that is to say, that and the present invention obtains multiple quantum keys by synchronous, and establishes quantum key buffering area,
The Fast transforms of the quantum key in ipsec encryption process are realized, add solution when greatly improving the communication of quantum VPN device
Close efficiency.
In simple terms, the embodiment of the present invention be by quantum key synchronously prefetch and caching technology, come improve key association
Business and the efficiency of communication.
Specifically, encryption looking somebody up and down sub-VPN equipment is additionally operable to described in the embodiment of the present invention, is obtained by quantum key server
After quantum key, send key to the decrypting end quantum VPN device and prefetch request;
The decrypting end quantum VPN device is additionally operable to, and is received after the key prefetches request, is passed through quantum key service
Device obtains the quantum key.
That is, the embodiment of the present invention is the quantum key service that pairing is respectively configured in quantum VPN device both ends, quantum
VPN device can be used as initiator or be used as responder, and initiator's timing goes quantum key server to obtain one
Quantitative cipher key content, and other side is informed by synchronous protocol.Responder receives after key prefetches request and verifies the relevant information amount of going
Sub-key server obtains key.
It should be noted that quantum key of the embodiment of the present invention is mainly used in data communication process carrying out communication data
Encryption and decryption, can be the sequence that quantum key is set in quantum key server side for the multiple quantum keys obtained simultaneously,
And obtaining quantum key simultaneously, the sequence is together issued, naturally it is also possible to be from cipher key cache in, data encryption
The key that encryption uses is obtained in pond, other side's cipher key index is informed by message, decrypting end is obtained by cipher key index and solved
Key, it can so ensure that data communication is more safe and reliable.
Also, encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN device are additionally operable to described in the embodiment of the present invention,
The quantum key synchronously obtained is verified.
Specifically, the encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN device are additionally operable to, and judge the solution
Whether the time that close looking somebody up and down sub-VPN equipment obtains the quantum key exceedes default acquisition key time threshold value;
If it is, the triggering encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN device reacquire quantum
Key;
Otherwise, then the amount that the encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN device obtain is determined whether
Whether the number of keys of sub-key is consistent, if the inconsistent triggering encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum
VPN device reacquires quantum key, and the encryption looking somebody up and down sub-VPN equipment and the decryption are further judged if consistent
Whether consistent each cipher key content that sub-VPN equipment obtains is look up and down, if the encryption looking somebody up and down sub-VPN equipment and the decrypting end
Each cipher key content that quantum VPN device obtains unanimously then judges that quantum key verifies successfully, if the encryption looking somebody up and down sub-VPN
Each cipher key content that equipment and the decrypting end quantum VPN device obtain is inconsistent, then judges verification failure.
When it is implemented, encryption looking somebody up and down sub-VPN equipment is additionally operable to described in the embodiment of the present invention, judge to be calculated described
Encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN device obtain each cipher key digest algorithm MD5 values whether one
Cause;
The decrypting end quantum VPN device is additionally operable to, the encryption looking somebody up and down sub-VPN equipment that judges to be calculated and described
Whether the MD5 values for each cipher key digest algorithm that decrypting end quantum VPN device obtains are consistent.
The embodiment of the present invention is by the verification to quantum key, so as to ensure that encryption looking somebody up and down sub-VPN equipment and decryption are look up and down
The uniformity for the quantum key that sub-VPN equipment uses.
Although being example purpose, the preferred embodiments of the present invention are had been disclosed for, those skilled in the art will recognize
Various improvement, increase and substitution are also possible, and therefore, the scope of the present invention should be not limited to above-described embodiment.
Claims (10)
- A kind of 1. method of encryption and decryption data, it is characterised in that including:Based on ipsec synchronous protocols, encryption looking somebody up and down sub-VPN equipment and decryption looking somebody up and down sub-VPN equipment pass through quantum key server It is synchronous to obtain multiple quantum keys;The encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN device are cached the quantum key of acquisition respectively, And by the sequence of the quantum key, pass sequentially through the quantum key and treat encryption and decryption data progress encryption and decryption.
- 2. according to the method for claim 1, it is characterised in that the encryption looking somebody up and down sub-VPN equipment and decryption looking somebody up and down sub-VPN Equipment obtains multiple quantum keys by quantum key server sync, specifically includes:After the encryption looking somebody up and down sub-VPN equipment obtains quantum key by quantum key server, to the decrypting end quantum VPN Equipment sends key and prefetches request;The decrypting end quantum VPN device is received after the key prefetches request, obtained by quantum key server described in Quantum key.
- 3. according to the method for claim 1, it is characterised in that the encryption looking somebody up and down sub-VPN equipment and decryption looking somebody up and down sub-VPN After equipment obtains multiple quantum keys by quantum key server sync, the encryption looking somebody up and down sub-VPN equipment and the solution Before close looking somebody up and down sub-VPN equipment is cached the quantum key of acquisition respectively, in addition to:The encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN device are carried out to the quantum key synchronously obtained respectively Verification.
- 4. according to the method for claim 3, it is characterised in that the quantum key synchronously obtained is verified, specific bag Include:Judge whether the time of the decrypting end quantum VPN device acquisition quantum key exceedes default acquisition key time Threshold value;If it is, the triggering encryption looking somebody up and down sub-VPN equipment and decrypting end quantum VPN device reacquisition quantum are close Key;Otherwise, then determine whether that the quantum that the encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN device obtain is close Whether the number of keys of key is consistent, if the inconsistent triggering encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN are set It is standby to reacquire quantum key, the encryption looking somebody up and down sub-VPN equipment and the decryption looking somebody up and down are further judged if consistent Whether each cipher key content that sub-VPN equipment obtains is consistent, if the encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum Each cipher key content that VPN device obtains unanimously then judges that quantum key verifies successfully, if the encryption looking somebody up and down sub-VPN equipment The each cipher key content obtained with the decrypting end quantum VPN device is inconsistent, then judges verification failure.
- 5. according to the method for claim 1, it is characterised in that judge the encryption looking somebody up and down sub-VPN equipment and the decryption Whether consistent look each cipher key content that sub-VPN equipment obtains up and down, specifically include:Judge each key for the encryption looking somebody up and down sub-VPN equipment and decrypting end quantum VPN device acquisition being calculated Whether the MD5 values of digest algorithm are consistent.
- A kind of 6. system of encryption and decryption data, it is characterised in that including:Encryption looking somebody up and down sub-VPN equipment, for based on ipsec synchronous protocols, being taken with decrypting end quantum VPN device by quantum key Business device synchronously obtains multiple quantum keys, will be cached the quantum key of acquisition respectively, and by the row of the quantum key Sequence, pass sequentially through the quantum key and be-encrypted data is encrypted;The decrypting end quantum VPN device, for based on ipsec synchronous protocols, sub-VPN equipment throughput to be look up and down with the encryption Sub-key server sync obtains multiple quantum keys, will be cached the quantum key of acquisition respectively, and press the quantum The sequence of key, passes sequentially through the quantum key and treats ciphertext data and be decrypted.
- 7. system according to claim 6, it is characterised in thatThe encryption looking somebody up and down sub-VPN equipment is additionally operable to, after obtaining quantum key by quantum key server, to the decrypting end Quantum VPN device sends key and prefetches request;The decrypting end quantum VPN device is additionally operable to, and is received after the key prefetches request, is obtained by quantum key server Take the quantum key.
- 8. system according to claim 7, it is characterised in thatThe encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN device are additionally operable to, and the quantum key synchronously obtained is entered Row verification.
- 9. system according to claim 8, it is characterised in thatThe encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN device are additionally operable to, and judge the decrypting end quantum VPN Whether the time that equipment obtains the quantum key exceedes default acquisition key time threshold value;If it is, the triggering encryption looking somebody up and down sub-VPN equipment and decrypting end quantum VPN device reacquisition quantum are close Key;Otherwise, then determine whether that the quantum that the encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN device obtain is close Whether the number of keys of key is consistent, if the inconsistent triggering encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum VPN are set It is standby to reacquire quantum key, the encryption looking somebody up and down sub-VPN equipment and the decryption looking somebody up and down are further judged if consistent Whether each cipher key content that sub-VPN equipment obtains is consistent, if the encryption looking somebody up and down sub-VPN equipment and the decrypting end quantum Each cipher key content that VPN device obtains unanimously then judges that quantum key verifies successfully, if the encryption looking somebody up and down sub-VPN equipment The each cipher key content obtained with the decrypting end quantum VPN device is inconsistent, then judges verification failure.
- 10. system according to claim 6, it is characterised in thatThe encryption looking somebody up and down sub-VPN equipment is additionally operable to, and sub-VPN equipment and the decryption are look in the encryption for judging to be calculated up and down Whether the MD5 values for looing each cipher key digest algorithm that sub-VPN equipment obtains up and down are consistent;The decrypting end quantum VPN device is additionally operable to, and sub-VPN equipment and the decryption are look in the encryption for judging to be calculated up and down Whether the MD5 values for looing each cipher key digest algorithm that sub-VPN equipment obtains up and down are consistent.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711418059.2A CN107896148A (en) | 2017-12-25 | 2017-12-25 | A kind of method and system of encryption and decryption data |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711418059.2A CN107896148A (en) | 2017-12-25 | 2017-12-25 | A kind of method and system of encryption and decryption data |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107896148A true CN107896148A (en) | 2018-04-10 |
Family
ID=61808258
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711418059.2A Pending CN107896148A (en) | 2017-12-25 | 2017-12-25 | A kind of method and system of encryption and decryption data |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107896148A (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108900295A (en) * | 2018-07-02 | 2018-11-27 | 国网电力信息通信有限公司 | Data sending, receiving method, apparatus and system based on quantum key encryption |
CN109309570A (en) * | 2018-10-15 | 2019-02-05 | 北京天融信网络安全技术有限公司 | Quantum key method used in SSL VPN and relevant device and storage medium |
WO2022213564A1 (en) * | 2021-04-07 | 2022-10-13 | 东南大学 | Quantum key distribution and negotiation method for internet-of-things wireless terminal |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050063547A1 (en) * | 2003-09-19 | 2005-03-24 | Audrius Berzanskis | Standards-compliant encryption with QKD |
CN103490891A (en) * | 2013-08-23 | 2014-01-01 | 中国科学技术大学 | Method for updating and using secret key in power grid SSL VPN |
CN104158907A (en) * | 2014-08-29 | 2014-11-19 | 腾讯科技(深圳)有限公司 | Method and device of downloading application program file |
CN107347058A (en) * | 2016-05-06 | 2017-11-14 | 阿里巴巴集团控股有限公司 | Data ciphering method, data decryption method, apparatus and system |
CN107453869A (en) * | 2017-09-01 | 2017-12-08 | 中国电子科技集团公司第三十研究所 | A kind of method for the IPSecVPN for realizing quantum safety |
-
2017
- 2017-12-25 CN CN201711418059.2A patent/CN107896148A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20050063547A1 (en) * | 2003-09-19 | 2005-03-24 | Audrius Berzanskis | Standards-compliant encryption with QKD |
CN103490891A (en) * | 2013-08-23 | 2014-01-01 | 中国科学技术大学 | Method for updating and using secret key in power grid SSL VPN |
CN104158907A (en) * | 2014-08-29 | 2014-11-19 | 腾讯科技(深圳)有限公司 | Method and device of downloading application program file |
CN107347058A (en) * | 2016-05-06 | 2017-11-14 | 阿里巴巴集团控股有限公司 | Data ciphering method, data decryption method, apparatus and system |
CN107453869A (en) * | 2017-09-01 | 2017-12-08 | 中国电子科技集团公司第三十研究所 | A kind of method for the IPSecVPN for realizing quantum safety |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108900295A (en) * | 2018-07-02 | 2018-11-27 | 国网电力信息通信有限公司 | Data sending, receiving method, apparatus and system based on quantum key encryption |
CN109309570A (en) * | 2018-10-15 | 2019-02-05 | 北京天融信网络安全技术有限公司 | Quantum key method used in SSL VPN and relevant device and storage medium |
WO2022213564A1 (en) * | 2021-04-07 | 2022-10-13 | 东南大学 | Quantum key distribution and negotiation method for internet-of-things wireless terminal |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106487749B (en) | Key generation method and device | |
EP2840758B1 (en) | Compact and efficient communication security through combining anti-replay with encryption | |
CN105162599B (en) | A kind of data transmission system and its transmission method | |
CN101640682B (en) | Method for improving safety of Web service | |
US20100306540A1 (en) | Encryption processing method and encryption processing device | |
CN108173644A (en) | Data transfer encryption method, device, storage medium, equipment and server | |
WO2009143749A1 (en) | Data encryption and decryption method, device and communications system | |
CN107896148A (en) | A kind of method and system of encryption and decryption data | |
WO2013117087A1 (en) | Method and system for downloading file | |
WO2019100217A1 (en) | Biometric information transmission establishing method , device, system, and storage medium | |
WO2007059558A1 (en) | Wireless protocol for privacy and authentication | |
CN109040132A (en) | One kind being based on the randomly selected encryption communication method of shared key | |
CN105791258A (en) | Data transmission method, terminal and open platform | |
EP2148535A2 (en) | Transmission device and reception device for ciphering process | |
CN112040485A (en) | Local area network key agreement method, system and computer readable storage medium | |
JP2012010254A (en) | Communication device, communication method and communication system | |
WO2005057841A1 (en) | The method for generating the dynamic cryptogram in network transmission and the method for transmitting network data | |
CN108134777B (en) | Communication encryption system based on timestamp | |
CN112738037B (en) | Data encryption communication method | |
CN108880795A (en) | A kind of block chain security mechanism and device | |
EP1569379B1 (en) | Method of generating a cryptosync | |
CN101483867B (en) | User identity verification method, related device and system in WAP service | |
CN108270560B (en) | Key transmission method and device | |
CN102857341A (en) | Communication method for encrypted call | |
JP2010011122A (en) | Encrypted packet processing system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180410 |