CN107994987A - A kind of industry transmission information security algorithm based on AES - Google Patents

A kind of industry transmission information security algorithm based on AES Download PDF

Info

Publication number
CN107994987A
CN107994987A CN201711477208.2A CN201711477208A CN107994987A CN 107994987 A CN107994987 A CN 107994987A CN 201711477208 A CN201711477208 A CN 201711477208A CN 107994987 A CN107994987 A CN 107994987A
Authority
CN
China
Prior art keywords
key
offset vector
aes
succeeds
information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201711477208.2A
Other languages
Chinese (zh)
Inventor
张启亮
李帅
周林林
胡银光
程煜雯
胡中亚
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu Xugong Information Technology Ltd By Share Ltd
Original Assignee
Jiangsu Xugong Information Technology Ltd By Share Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu Xugong Information Technology Ltd By Share Ltd filed Critical Jiangsu Xugong Information Technology Ltd By Share Ltd
Priority to CN201711477208.2A priority Critical patent/CN107994987A/en
Publication of CN107994987A publication Critical patent/CN107994987A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

A kind of industry transmission information security algorithm based on AES, on the basis of being encrypted in the form of single key, is generated corresponding offset vector and participates in encrypted calculating, and be the matching key and offset vector according to programming automatic generation.Present invention employs key and the algorithm of the dual participation cryptogram computation of offset vector, correct plaintext cannot be parsed by individually getting key and offset vector.And key and offset vector are corresponded to according to some cleartext information and generated, unmatched key and offset vector are decrypted what can not possibly substantially be accomplished.

Description

A kind of industry transmission information security algorithm based on AES
Technical field
The present invention relates to internet communication technical field, and then the industrial information transmission field using internet is extended to, Specifically one kind increases secret key and offset vector on the basis of AES encryption algorithm, ensures photos and sending messages end and receive information end The information viewed is normal, and is encrypted among transmitting procedure and be difficult to crack.
Background technology
Growing with internet, network application has penetrated into all trades and professions.When we enjoy interconnection Netcom While news offer convenience, a problem is also come into being, i.e. internet information safety.The internet of early stage is special due to its Property, the security of not excessive consideration transmission packet.Cause the personnel for somewhat understanding communications protocol, it is possible to logical Cross a small loophole of network communication protocol and can obtain, distort and using transmitting data, and virus, wooden horse and hacker it is ferocious It is rampant also constantly to threaten us.As today of digital information, often the core data of these enterprises is hold company Lifeblood, once these data are stolen and utilize, being lost caused by company to estimate.Such as the director of company wishes Hope that passing through cell phone network remotely checks the situation data that either product item is offered that intra-company's equipment uses, if passed through It is stolen during the Internet transmission, enterprise can be made to be hit by calamity.So reformed into have to for the security of information transmission The problem of solution.
Current network transmission cryptographic means have following several:
(1) md5 encryption:The full name of MD5 is Message-Digest Algorithm 5(Md5-challenge), it is to allow great Rong Measure information before private secret key is signed with digital signature software by " compression " into a kind of form of secrecy(It is exactly arbitrarily long one The byte serial of degree is transformed into the big integer of a fixed length).
Due to its hash property and exclusive digest algorithm, the shortcomings that md5 encryption algorithm, that is, information is irreversible, in communication It can not accomplish the reduction completely afterwards of encryption in plain text among process.
(2) SHA is encrypted:Secure Hash Algorithm(Secure Hash Algorithm)It is primarily adapted for use in digital signature standard (Digital Signature Standard DSS)The Digital Signature Algorithm that the inside defines(Digital Signature Algorithm DSA).The thought of the algorithm is to receive one section of plaintext, is then irreversibly converted into one with one kind Section(Usual smaller)Ciphertext, can also simply be interpreted as taking a string of input codes(Referred to as preliminary mapping or information), and they are turned Turn to the output sequence i.e. hashed value that length is shorter, digit is fixed(Also referred to as informative abstract or message authentication codes)Process.
SHA is encrypted:Breviary partial content is also needed to after being completed due to its encryption, SHA encryptions are also irreversible, and are calculating To be less than other Encryption Algorithm in method efficiency.
(3) Base64 is encrypted:One of coding mode of 8Bit bytecodes is used for transmission, Base64 is exactly a kind of based on 64 Printable character represents the method for binary data.Base64 codings are processes from binary system to character, available for Longer identification information is transmitted under HTTP environment.
Although Base64 encryptions are reversible, the place to conflict with UrlEncode is often had using end in interface, because "/" in standard Base64 and "+" character can be changed into the form shaped like " %XX " by URL encoders, and these " % " number are being stored in Also need to be changed again during database, because " % " number is used as asterisk wildcard in ANSI SQL.So Base64 encryptions are usual The problem of causing decoding mess code.
The content of the invention
Insufficient according to prior art, the present invention provides a kind of industry transmission information security algorithm based on AES, the safety Algorithm has the advantages that being difficult to exterior cracking, information integrity.
The present invention is realized by following technical scheme:
A kind of industry transmission information security algorithm based on AES, is encrypted in the form of single key, generated corresponding inclined The amount of shifting to participates in encrypted calculating, and is the matching key and offset vector according to programming automatic generation.
It is as follows in AES encryption flow:
Step 1:Obtain message in plain text;
Step 2:Verify whether message is correct;
If incorrect, system quotes miscue information, this encryption flow terminates;
If correct, next step is carried out;
Step 3:Whether key generates success;
If it fails, system quotes miscue information, this encryption flow terminates;
If it succeeds, carry out next step;
Step 4:Whether offset vector generates success;
If it fails, system quotes miscue information, this encryption flow terminates;
If it succeeds, carry out next step;
Step 5:Plaintext is combined into key and offset vector generation ciphertext;
Step 6:Whether information deposit database succeeds:
If it fails, system quotes miscue information, this encryption flow terminates;
If it succeeds, carry out next step;
Step 7:Ciphertext is sent by interface, this encryption flow terminates.
It is as follows in AES decryption flow:
Step 1:Obtain interface ciphertext;
Step 2:Database obtains key and whether offset vector succeeds:
If it fails, system quotes miscue information, this encryption flow terminates;
If it succeeds, carry out next step;
Step 3:By ciphertext key and offset vector parsing in plain text;
Step 4:Plaintext display foreground is parsed, this encryption flow terminates.
Beneficial effect of the present invention:
Compared with traditional network information transfer encryption, the present invention has following advantage:
1. present invention employs key and the algorithm of the dual participation cryptogram computation of offset vector, individually get key and cheaply to Amount cannot parse correct plaintext.It is unmatched and key and offset vector are corresponded to according to some cleartext information and generated Key and offset vector are decrypted what can not possibly substantially be accomplished.
2. the present invention and the form that interacting between database and communication interface is ciphertext.So even if database quilt Injection or data-interface are cut bag, and what is taken can only be the ciphertext after encryption, and can't see the cleartext information before encryption.
3. the present invention can be with the encrypted content of full backup, attempting can be into using picture, link, spcial character The complete reduction of row recovers.Allow information transmission expression it is more accurate, there is no occur when decoding mess code, error code feelings Condition.
Brief description of the drawings
Fig. 1 is AES encryption algorithmic tool ciphering process schematic diagram;
Fig. 2 is AES encryption algorithmic tool decrypting process schematic diagram;
Fig. 3 is AES encryption flow chart;
Fig. 4 decrypts flow chart for AES.
Embodiment
Below in conjunction with attached drawing, by specific embodiment, the present invention is further illustrated.
As shown in Figure 1, Figure 3, it is as follows in AES encryption flow:
Step 1:Obtain message in plain text;
Step 2:Verify whether message is correct;
If incorrect, system quotes miscue information, this encryption flow terminates;
If correct, next step is carried out;
Step 3:Whether key generates success;
If it fails, system quotes miscue information, this encryption flow terminates;
If it succeeds, carry out next step;
Step 4:Whether offset vector generates success;
If it fails, system quotes miscue information, this encryption flow terminates;
If it succeeds, carry out next step;
Step 5:Plaintext is combined into key and offset vector generation ciphertext;
Step 6:Whether information deposit database succeeds:
If it fails, system quotes miscue information, this encryption flow terminates;
If it succeeds, carry out next step;
Step 7:Ciphertext is sent by interface, this encryption flow terminates.
This programme takes the form of ciphertext in interface transmission and database purchase.Number has been intercepted on network The database according to bag or by hacker attacks, it is seen that information there was only ciphertext after encrypting, it is and bright before can't see encryption Literary information, ensures information security.
As shown in Figure 2, Figure 4 shows, it is as follows in AES decryption flow:
Step 1:Obtain interface ciphertext;
Step 2:Database obtains key and whether offset vector succeeds:
If it fails, system quotes miscue information, this encryption flow terminates;
If it succeeds, carry out next step;
Step 3:By ciphertext key and offset vector parsing in plain text;
Step 4:Plaintext display foreground is parsed, this encryption flow terminates.
The key and offset vector of corresponding ciphertext have only been got, could really parse the corresponding plaintext letter of ciphertext Breath.And the situation of mess code does not occur in the cleartext information being resolved to from ciphertext, the information of plaintext originally is completely reduced, and And have no problem for the encrypting and decrypting of Chinese, English, numeral and spcial character.
Compared with traditional network information transfer encryption, the present invention has following advantage:
1. present invention employs key and the algorithm of the dual participation cryptogram computation of offset vector, individually get key and cheaply to Amount cannot parse correct plaintext.It is unmatched and key and offset vector are corresponded to according to some cleartext information and generated Key and offset vector are decrypted what can not possibly substantially be accomplished.
2. the present invention and the form that interacting between database and communication interface is ciphertext.So even if database quilt Injection or data-interface are cut bag, and what is taken can only be the ciphertext after encryption, and can't see the cleartext information before encryption.
3. the present invention can be with the encrypted content of full backup, attempting can be into using picture, link, spcial character The complete reduction of row recovers.Allow information transmission expression it is more accurate, there is no occur when decoding mess code, error code feelings Condition.
The above, is only the designing scheme of the present invention, not makees limitation in any form to the present invention, although this hair It is bright disclosed above with preferred embodiment, but the present invention is not limited to, any person skilled in the art, not Depart from the range of technical solution of the present invention, when the technology contents using the disclosure above make a little change or are modified to equivalent change The equivalent embodiment of change, as long as being the content without departing from technical solution of the present invention, the technical spirit according to the present invention is real to more than Any simple modification, equivalent change and modification that example is made is applied, in the range of still falling within technical solution of the present invention.

Claims (3)

  1. A kind of 1. industry transmission information security algorithm based on AES, it is characterised in that:Added in the form of single key It is close, generate corresponding offset vector and participate in encrypted calculating, and be according to the matching key of programming automatic generation and offset Vector.
  2. A kind of 2. industry transmission information security algorithm based on AES according to claim 1, it is characterised in that in AES plus Close flow is as follows:
    Step 1:Obtain message in plain text;
    Step 2:Verify whether message is correct;
    If incorrect, system quotes miscue information, this encryption flow terminates;
    If correct, next step is carried out;
    Step 3:Whether key generates success;
    If it fails, system quotes miscue information, this encryption flow terminates;
    If it succeeds, carry out next step;
    Step 4:Whether offset vector generates success;
    If it fails, system quotes miscue information, this encryption flow terminates;
    If it succeeds, carry out next step;
    Step 5:Plaintext is combined into key and offset vector generation ciphertext;
    Step 6:Whether information deposit database succeeds:
    If it fails, system quotes miscue information, this encryption flow terminates;
    If it succeeds, carry out next step;
    Step 7:Ciphertext is sent by interface, this encryption flow terminates.
  3. 3. a kind of industry transmission information security algorithm based on AES according to claim 1, it is characterised in that solved in AES Close flow is as follows:
    Step 1:Obtain interface ciphertext;
    Step 2:Database obtains key and whether offset vector succeeds:
    If it fails, system quotes miscue information, this encryption flow terminates;
    If it succeeds, carry out next step;
    Step 3:By ciphertext key and offset vector parsing in plain text;
    Step 4:Plaintext display foreground is parsed, this encryption flow terminates.
CN201711477208.2A 2017-12-29 2017-12-29 A kind of industry transmission information security algorithm based on AES Pending CN107994987A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711477208.2A CN107994987A (en) 2017-12-29 2017-12-29 A kind of industry transmission information security algorithm based on AES

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711477208.2A CN107994987A (en) 2017-12-29 2017-12-29 A kind of industry transmission information security algorithm based on AES

Publications (1)

Publication Number Publication Date
CN107994987A true CN107994987A (en) 2018-05-04

Family

ID=62043290

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711477208.2A Pending CN107994987A (en) 2017-12-29 2017-12-29 A kind of industry transmission information security algorithm based on AES

Country Status (1)

Country Link
CN (1) CN107994987A (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101039185A (en) * 2007-04-29 2007-09-19 清华大学 Method for resolving expandable label language in safety application of expandable label language
CN101094056A (en) * 2007-05-30 2007-12-26 重庆邮电大学 Security system of wireless industrial control network, and method for implementing security policy
CN105993018A (en) * 2014-02-09 2016-10-05 微软技术许可有限责任公司 Content item encryption on mobile devices
CN106603226A (en) * 2015-10-14 2017-04-26 索尼互动娱乐美国有限责任公司 Fast multicast messaging encryption and authentication
CN106656475A (en) * 2017-01-09 2017-05-10 李朋林 Novel symmetric key algorithm for high speed encryption
CN107086915A (en) * 2017-05-25 2017-08-22 山东浪潮商用系统有限公司 A kind of data transmission method, data sending terminal and data receiver

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101039185A (en) * 2007-04-29 2007-09-19 清华大学 Method for resolving expandable label language in safety application of expandable label language
CN101094056A (en) * 2007-05-30 2007-12-26 重庆邮电大学 Security system of wireless industrial control network, and method for implementing security policy
CN105993018A (en) * 2014-02-09 2016-10-05 微软技术许可有限责任公司 Content item encryption on mobile devices
CN106603226A (en) * 2015-10-14 2017-04-26 索尼互动娱乐美国有限责任公司 Fast multicast messaging encryption and authentication
CN106656475A (en) * 2017-01-09 2017-05-10 李朋林 Novel symmetric key algorithm for high speed encryption
CN107086915A (en) * 2017-05-25 2017-08-22 山东浪潮商用系统有限公司 A kind of data transmission method, data sending terminal and data receiver

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
吉杰等: ""用三重DES加密.NET数据库连接字符串"", 《计算机工程与设计》 *
焦中铎: ""用Rijndael加密.NET数据库连接字符串"", 《电脑知识与技术》 *
雷尊国: ""软件版权保护技术的研究及应用实践"", 《中国优秀硕士学位论文全文数据库信息科技辑》 *

Similar Documents

Publication Publication Date Title
US7305548B2 (en) Using atomic messaging to increase the security of transferring data across a network
EP3476078B1 (en) Systems and methods for authenticating communications using a single message exchange and symmetric key
CN107294937B (en) Data transmission method based on network communication, client and server
Schaad et al. Secure/multipurpose internet mail extensions (s/mime) version 4.0 message specification
CN109218825B (en) Video encryption system
US10412063B1 (en) End-to-end double-ratchet encryption with epoch key exchange
CN110138739B (en) Data information encryption method and device, computer equipment and storage medium
WO2009115017A1 (en) Network certifying service system and method
TW201537937A (en) Unified identity authentication platform and authentication method thereof
CN114338648A (en) SFTP multi-terminal file secure transmission method and system based on state cryptographic algorithm
CN111988301A (en) Secure communication method for preventing client from hacker violence attack
CN107276996A (en) The transmission method and system of a kind of journal file
CN112800462A (en) Method for storing confidential information in cloud computing environment
CN111800784A (en) Block chain cloud service system based on cloud computing
CN111683061A (en) Block chain-based Internet of things equipment access control method and device
CN108599922B (en) Novel method for generating integrity authentication code of message containing secret key
CN104243291A (en) Instant messaging method and system thereof capable of guaranteeing safety of user communication content
CN115001871A (en) File encryption sharing method and system based on block chain technology
Ramsdell RFC 3851: Secure/multipurpose internet mail extensions (S/MIME) version 3.1 message specification
CN111641494A (en) Method and device for realizing global block chain
CN107994987A (en) A kind of industry transmission information security algorithm based on AES
CN111800384A (en) Financial service application management method and device based on block chain
CN111654854A (en) Remote data optimized transmission method and system based on cloud computing system
CN112822015A (en) Information transmission method and related device
CN111967955A (en) Electronic financial wind-controlled payment system based on block chain and 5G network technology

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information
CB02 Change of applicant information

Address after: 221000 east side of Keji Road, Xuzhou Economic and Technological Development Zone, Jiangsu Province

Applicant after: JIANGSU XUGONG INFORMATION TECHNOLOGY Co.,Ltd.

Address before: No. 6, Drum Tower District, Jiangsu Province, Xuzhou City, Jiangsu

Applicant before: JIANGSU XUGONG INFORMATION TECHNOLOGY Co.,Ltd.

RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20180504