CN107994987A - A kind of industry transmission information security algorithm based on AES - Google Patents
A kind of industry transmission information security algorithm based on AES Download PDFInfo
- Publication number
- CN107994987A CN107994987A CN201711477208.2A CN201711477208A CN107994987A CN 107994987 A CN107994987 A CN 107994987A CN 201711477208 A CN201711477208 A CN 201711477208A CN 107994987 A CN107994987 A CN 107994987A
- Authority
- CN
- China
- Prior art keywords
- key
- offset vector
- aes
- succeeds
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
A kind of industry transmission information security algorithm based on AES, on the basis of being encrypted in the form of single key, is generated corresponding offset vector and participates in encrypted calculating, and be the matching key and offset vector according to programming automatic generation.Present invention employs key and the algorithm of the dual participation cryptogram computation of offset vector, correct plaintext cannot be parsed by individually getting key and offset vector.And key and offset vector are corresponded to according to some cleartext information and generated, unmatched key and offset vector are decrypted what can not possibly substantially be accomplished.
Description
Technical field
The present invention relates to internet communication technical field, and then the industrial information transmission field using internet is extended to,
Specifically one kind increases secret key and offset vector on the basis of AES encryption algorithm, ensures photos and sending messages end and receive information end
The information viewed is normal, and is encrypted among transmitting procedure and be difficult to crack.
Background technology
Growing with internet, network application has penetrated into all trades and professions.When we enjoy interconnection Netcom
While news offer convenience, a problem is also come into being, i.e. internet information safety.The internet of early stage is special due to its
Property, the security of not excessive consideration transmission packet.Cause the personnel for somewhat understanding communications protocol, it is possible to logical
Cross a small loophole of network communication protocol and can obtain, distort and using transmitting data, and virus, wooden horse and hacker it is ferocious
It is rampant also constantly to threaten us.As today of digital information, often the core data of these enterprises is hold company
Lifeblood, once these data are stolen and utilize, being lost caused by company to estimate.Such as the director of company wishes
Hope that passing through cell phone network remotely checks the situation data that either product item is offered that intra-company's equipment uses, if passed through
It is stolen during the Internet transmission, enterprise can be made to be hit by calamity.So reformed into have to for the security of information transmission
The problem of solution.
Current network transmission cryptographic means have following several:
(1) md5 encryption:The full name of MD5 is Message-Digest Algorithm 5(Md5-challenge), it is to allow great Rong
Measure information before private secret key is signed with digital signature software by " compression " into a kind of form of secrecy(It is exactly arbitrarily long one
The byte serial of degree is transformed into the big integer of a fixed length).
Due to its hash property and exclusive digest algorithm, the shortcomings that md5 encryption algorithm, that is, information is irreversible, in communication
It can not accomplish the reduction completely afterwards of encryption in plain text among process.
(2) SHA is encrypted:Secure Hash Algorithm(Secure Hash Algorithm)It is primarily adapted for use in digital signature standard
(Digital Signature Standard DSS)The Digital Signature Algorithm that the inside defines(Digital Signature
Algorithm DSA).The thought of the algorithm is to receive one section of plaintext, is then irreversibly converted into one with one kind
Section(Usual smaller)Ciphertext, can also simply be interpreted as taking a string of input codes(Referred to as preliminary mapping or information), and they are turned
Turn to the output sequence i.e. hashed value that length is shorter, digit is fixed(Also referred to as informative abstract or message authentication codes)Process.
SHA is encrypted:Breviary partial content is also needed to after being completed due to its encryption, SHA encryptions are also irreversible, and are calculating
To be less than other Encryption Algorithm in method efficiency.
(3) Base64 is encrypted:One of coding mode of 8Bit bytecodes is used for transmission, Base64 is exactly a kind of based on 64
Printable character represents the method for binary data.Base64 codings are processes from binary system to character, available for
Longer identification information is transmitted under HTTP environment.
Although Base64 encryptions are reversible, the place to conflict with UrlEncode is often had using end in interface, because
"/" in standard Base64 and "+" character can be changed into the form shaped like " %XX " by URL encoders, and these " % " number are being stored in
Also need to be changed again during database, because " % " number is used as asterisk wildcard in ANSI SQL.So Base64 encryptions are usual
The problem of causing decoding mess code.
The content of the invention
Insufficient according to prior art, the present invention provides a kind of industry transmission information security algorithm based on AES, the safety
Algorithm has the advantages that being difficult to exterior cracking, information integrity.
The present invention is realized by following technical scheme:
A kind of industry transmission information security algorithm based on AES, is encrypted in the form of single key, generated corresponding inclined
The amount of shifting to participates in encrypted calculating, and is the matching key and offset vector according to programming automatic generation.
It is as follows in AES encryption flow:
Step 1:Obtain message in plain text;
Step 2:Verify whether message is correct;
If incorrect, system quotes miscue information, this encryption flow terminates;
If correct, next step is carried out;
Step 3:Whether key generates success;
If it fails, system quotes miscue information, this encryption flow terminates;
If it succeeds, carry out next step;
Step 4:Whether offset vector generates success;
If it fails, system quotes miscue information, this encryption flow terminates;
If it succeeds, carry out next step;
Step 5:Plaintext is combined into key and offset vector generation ciphertext;
Step 6:Whether information deposit database succeeds:
If it fails, system quotes miscue information, this encryption flow terminates;
If it succeeds, carry out next step;
Step 7:Ciphertext is sent by interface, this encryption flow terminates.
It is as follows in AES decryption flow:
Step 1:Obtain interface ciphertext;
Step 2:Database obtains key and whether offset vector succeeds:
If it fails, system quotes miscue information, this encryption flow terminates;
If it succeeds, carry out next step;
Step 3:By ciphertext key and offset vector parsing in plain text;
Step 4:Plaintext display foreground is parsed, this encryption flow terminates.
Beneficial effect of the present invention:
Compared with traditional network information transfer encryption, the present invention has following advantage:
1. present invention employs key and the algorithm of the dual participation cryptogram computation of offset vector, individually get key and cheaply to
Amount cannot parse correct plaintext.It is unmatched and key and offset vector are corresponded to according to some cleartext information and generated
Key and offset vector are decrypted what can not possibly substantially be accomplished.
2. the present invention and the form that interacting between database and communication interface is ciphertext.So even if database quilt
Injection or data-interface are cut bag, and what is taken can only be the ciphertext after encryption, and can't see the cleartext information before encryption.
3. the present invention can be with the encrypted content of full backup, attempting can be into using picture, link, spcial character
The complete reduction of row recovers.Allow information transmission expression it is more accurate, there is no occur when decoding mess code, error code feelings
Condition.
Brief description of the drawings
Fig. 1 is AES encryption algorithmic tool ciphering process schematic diagram;
Fig. 2 is AES encryption algorithmic tool decrypting process schematic diagram;
Fig. 3 is AES encryption flow chart;
Fig. 4 decrypts flow chart for AES.
Embodiment
Below in conjunction with attached drawing, by specific embodiment, the present invention is further illustrated.
As shown in Figure 1, Figure 3, it is as follows in AES encryption flow:
Step 1:Obtain message in plain text;
Step 2:Verify whether message is correct;
If incorrect, system quotes miscue information, this encryption flow terminates;
If correct, next step is carried out;
Step 3:Whether key generates success;
If it fails, system quotes miscue information, this encryption flow terminates;
If it succeeds, carry out next step;
Step 4:Whether offset vector generates success;
If it fails, system quotes miscue information, this encryption flow terminates;
If it succeeds, carry out next step;
Step 5:Plaintext is combined into key and offset vector generation ciphertext;
Step 6:Whether information deposit database succeeds:
If it fails, system quotes miscue information, this encryption flow terminates;
If it succeeds, carry out next step;
Step 7:Ciphertext is sent by interface, this encryption flow terminates.
This programme takes the form of ciphertext in interface transmission and database purchase.Number has been intercepted on network
The database according to bag or by hacker attacks, it is seen that information there was only ciphertext after encrypting, it is and bright before can't see encryption
Literary information, ensures information security.
As shown in Figure 2, Figure 4 shows, it is as follows in AES decryption flow:
Step 1:Obtain interface ciphertext;
Step 2:Database obtains key and whether offset vector succeeds:
If it fails, system quotes miscue information, this encryption flow terminates;
If it succeeds, carry out next step;
Step 3:By ciphertext key and offset vector parsing in plain text;
Step 4:Plaintext display foreground is parsed, this encryption flow terminates.
The key and offset vector of corresponding ciphertext have only been got, could really parse the corresponding plaintext letter of ciphertext
Breath.And the situation of mess code does not occur in the cleartext information being resolved to from ciphertext, the information of plaintext originally is completely reduced, and
And have no problem for the encrypting and decrypting of Chinese, English, numeral and spcial character.
Compared with traditional network information transfer encryption, the present invention has following advantage:
1. present invention employs key and the algorithm of the dual participation cryptogram computation of offset vector, individually get key and cheaply to
Amount cannot parse correct plaintext.It is unmatched and key and offset vector are corresponded to according to some cleartext information and generated
Key and offset vector are decrypted what can not possibly substantially be accomplished.
2. the present invention and the form that interacting between database and communication interface is ciphertext.So even if database quilt
Injection or data-interface are cut bag, and what is taken can only be the ciphertext after encryption, and can't see the cleartext information before encryption.
3. the present invention can be with the encrypted content of full backup, attempting can be into using picture, link, spcial character
The complete reduction of row recovers.Allow information transmission expression it is more accurate, there is no occur when decoding mess code, error code feelings
Condition.
The above, is only the designing scheme of the present invention, not makees limitation in any form to the present invention, although this hair
It is bright disclosed above with preferred embodiment, but the present invention is not limited to, any person skilled in the art, not
Depart from the range of technical solution of the present invention, when the technology contents using the disclosure above make a little change or are modified to equivalent change
The equivalent embodiment of change, as long as being the content without departing from technical solution of the present invention, the technical spirit according to the present invention is real to more than
Any simple modification, equivalent change and modification that example is made is applied, in the range of still falling within technical solution of the present invention.
Claims (3)
- A kind of 1. industry transmission information security algorithm based on AES, it is characterised in that:Added in the form of single key It is close, generate corresponding offset vector and participate in encrypted calculating, and be according to the matching key of programming automatic generation and offset Vector.
- A kind of 2. industry transmission information security algorithm based on AES according to claim 1, it is characterised in that in AES plus Close flow is as follows:Step 1:Obtain message in plain text;Step 2:Verify whether message is correct;If incorrect, system quotes miscue information, this encryption flow terminates;If correct, next step is carried out;Step 3:Whether key generates success;If it fails, system quotes miscue information, this encryption flow terminates;If it succeeds, carry out next step;Step 4:Whether offset vector generates success;If it fails, system quotes miscue information, this encryption flow terminates;If it succeeds, carry out next step;Step 5:Plaintext is combined into key and offset vector generation ciphertext;Step 6:Whether information deposit database succeeds:If it fails, system quotes miscue information, this encryption flow terminates;If it succeeds, carry out next step;Step 7:Ciphertext is sent by interface, this encryption flow terminates.
- 3. a kind of industry transmission information security algorithm based on AES according to claim 1, it is characterised in that solved in AES Close flow is as follows:Step 1:Obtain interface ciphertext;Step 2:Database obtains key and whether offset vector succeeds:If it fails, system quotes miscue information, this encryption flow terminates;If it succeeds, carry out next step;Step 3:By ciphertext key and offset vector parsing in plain text;Step 4:Plaintext display foreground is parsed, this encryption flow terminates.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711477208.2A CN107994987A (en) | 2017-12-29 | 2017-12-29 | A kind of industry transmission information security algorithm based on AES |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201711477208.2A CN107994987A (en) | 2017-12-29 | 2017-12-29 | A kind of industry transmission information security algorithm based on AES |
Publications (1)
Publication Number | Publication Date |
---|---|
CN107994987A true CN107994987A (en) | 2018-05-04 |
Family
ID=62043290
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201711477208.2A Pending CN107994987A (en) | 2017-12-29 | 2017-12-29 | A kind of industry transmission information security algorithm based on AES |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN107994987A (en) |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101039185A (en) * | 2007-04-29 | 2007-09-19 | 清华大学 | Method for resolving expandable label language in safety application of expandable label language |
CN101094056A (en) * | 2007-05-30 | 2007-12-26 | 重庆邮电大学 | Security system of wireless industrial control network, and method for implementing security policy |
CN105993018A (en) * | 2014-02-09 | 2016-10-05 | 微软技术许可有限责任公司 | Content item encryption on mobile devices |
CN106603226A (en) * | 2015-10-14 | 2017-04-26 | 索尼互动娱乐美国有限责任公司 | Fast multicast messaging encryption and authentication |
CN106656475A (en) * | 2017-01-09 | 2017-05-10 | 李朋林 | Novel symmetric key algorithm for high speed encryption |
CN107086915A (en) * | 2017-05-25 | 2017-08-22 | 山东浪潮商用系统有限公司 | A kind of data transmission method, data sending terminal and data receiver |
-
2017
- 2017-12-29 CN CN201711477208.2A patent/CN107994987A/en active Pending
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101039185A (en) * | 2007-04-29 | 2007-09-19 | 清华大学 | Method for resolving expandable label language in safety application of expandable label language |
CN101094056A (en) * | 2007-05-30 | 2007-12-26 | 重庆邮电大学 | Security system of wireless industrial control network, and method for implementing security policy |
CN105993018A (en) * | 2014-02-09 | 2016-10-05 | 微软技术许可有限责任公司 | Content item encryption on mobile devices |
CN106603226A (en) * | 2015-10-14 | 2017-04-26 | 索尼互动娱乐美国有限责任公司 | Fast multicast messaging encryption and authentication |
CN106656475A (en) * | 2017-01-09 | 2017-05-10 | 李朋林 | Novel symmetric key algorithm for high speed encryption |
CN107086915A (en) * | 2017-05-25 | 2017-08-22 | 山东浪潮商用系统有限公司 | A kind of data transmission method, data sending terminal and data receiver |
Non-Patent Citations (3)
Title |
---|
吉杰等: ""用三重DES加密.NET数据库连接字符串"", 《计算机工程与设计》 * |
焦中铎: ""用Rijndael加密.NET数据库连接字符串"", 《电脑知识与技术》 * |
雷尊国: ""软件版权保护技术的研究及应用实践"", 《中国优秀硕士学位论文全文数据库信息科技辑》 * |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US7305548B2 (en) | Using atomic messaging to increase the security of transferring data across a network | |
EP3476078B1 (en) | Systems and methods for authenticating communications using a single message exchange and symmetric key | |
CN107294937B (en) | Data transmission method based on network communication, client and server | |
Schaad et al. | Secure/multipurpose internet mail extensions (s/mime) version 4.0 message specification | |
CN109218825B (en) | Video encryption system | |
US10412063B1 (en) | End-to-end double-ratchet encryption with epoch key exchange | |
CN110138739B (en) | Data information encryption method and device, computer equipment and storage medium | |
WO2009115017A1 (en) | Network certifying service system and method | |
TW201537937A (en) | Unified identity authentication platform and authentication method thereof | |
CN114338648A (en) | SFTP multi-terminal file secure transmission method and system based on state cryptographic algorithm | |
CN111988301A (en) | Secure communication method for preventing client from hacker violence attack | |
CN107276996A (en) | The transmission method and system of a kind of journal file | |
CN112800462A (en) | Method for storing confidential information in cloud computing environment | |
CN111800784A (en) | Block chain cloud service system based on cloud computing | |
CN111683061A (en) | Block chain-based Internet of things equipment access control method and device | |
CN108599922B (en) | Novel method for generating integrity authentication code of message containing secret key | |
CN104243291A (en) | Instant messaging method and system thereof capable of guaranteeing safety of user communication content | |
CN115001871A (en) | File encryption sharing method and system based on block chain technology | |
Ramsdell | RFC 3851: Secure/multipurpose internet mail extensions (S/MIME) version 3.1 message specification | |
CN111641494A (en) | Method and device for realizing global block chain | |
CN107994987A (en) | A kind of industry transmission information security algorithm based on AES | |
CN111800384A (en) | Financial service application management method and device based on block chain | |
CN111654854A (en) | Remote data optimized transmission method and system based on cloud computing system | |
CN112822015A (en) | Information transmission method and related device | |
CN111967955A (en) | Electronic financial wind-controlled payment system based on block chain and 5G network technology |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information | ||
CB02 | Change of applicant information |
Address after: 221000 east side of Keji Road, Xuzhou Economic and Technological Development Zone, Jiangsu Province Applicant after: JIANGSU XUGONG INFORMATION TECHNOLOGY Co.,Ltd. Address before: No. 6, Drum Tower District, Jiangsu Province, Xuzhou City, Jiangsu Applicant before: JIANGSU XUGONG INFORMATION TECHNOLOGY Co.,Ltd. |
|
RJ01 | Rejection of invention patent application after publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20180504 |