CN108023724A - Data transmission method and device - Google Patents
Data transmission method and device Download PDFInfo
- Publication number
- CN108023724A CN108023724A CN201610974638.4A CN201610974638A CN108023724A CN 108023724 A CN108023724 A CN 108023724A CN 201610974638 A CN201610974638 A CN 201610974638A CN 108023724 A CN108023724 A CN 108023724A
- Authority
- CN
- China
- Prior art keywords
- data
- exclusive
- transmitted
- result
- random number
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0478—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Abstract
A kind of data transmission method and device.The described method includes:When receiving data to be transmitted, the data to be transmitted is performed into line disturbance by exclusive or, displacement and replacement operator, the data after being upset;Calculate the message authentication code of the data after the upset;According to the message authentication code, encryption key is calculated, and the data after the upset are encrypted, obtains encrypted data;The header information of the encrypted data is obtained according to default form;Transmit the header information of the encrypted data and the encrypted data.Using such scheme, the security of data transfer can be improved.
Description
Technical field
The present invention relates to field of communication technology, and in particular to a kind of data transmission method and device.
Background technology
The development of Internet technology, earth-shaking change is brought for the life of people, shortened from space-time people and
The distance between people.But it is unsafe to transmit data in a network, may be trapped, distort at any time, especially sensitive number
According to or finance data.
At present, in order to improve the security of data transfer, usually before by transmitted data on network, data are added
It is close.
Nevertheless, data are trapped, distort that possibility is still larger, the security of data is difficult to meet that user requires.
The content of the invention
The problem to be solved in the present invention is how to improve the security of data transfer.
To solve the above problems, an embodiment of the present invention provides a kind of data transmission method, the described method includes:Work as reception
During to data to be transmitted, the data to be transmitted is performed into line disturbance by exclusive or, displacement and replacement operator, after obtaining upset
Data;Calculate the message authentication code of the data after the upset;According to the message authentication code, encryption key is calculated,
And the data after the upset are encrypted, obtain encrypted data;Obtained according to default form described encrypted
The header information of data, the header information of the encrypted data include:To the data to be transmitted into line disturbance and encryption
During the configured information of each algorithm that is utilized, the message authentication code and random number information;Transmit described encrypted
The header information of data and the encrypted data.
Alternatively, it is described that the data to be transmitted is performed into line disturbance by exclusive or, displacement and replacement operator, including:
Obtain the first random number;Using first random number, exclusive or behaviour is performed respectively to each data block of the data to be transmitted
Make, obtain and each one-to-one exclusive or result data of data block;Utilize the first random number first character section
Data, displacement and replacement operator are performed to each exclusive or result data, and using the result after replacement operator as corresponding data
Data after block scrambling.
Alternatively, it is described to utilize first random number, each data block of the data to be transmitted is performed respectively different
Or operation, including:Using default key decentralized algorithm, byte is carried out to first random number and is disperseed, and obtains byte point
Preceding 16 bytes of dissipating bind fruit are as the first data;When the data length of the data to be transmitted is less than or equal to 16 byte,
The data to be transmitted is integrally performed into xor operation as a data block and first data;When the data to be transmitted
When data length is more than 16 byte, the exclusive or result based on first data block in first data and the data to be transmitted
Data, calculate the corresponding exclusive or result data of each data block of the data to be transmitted.
Alternatively, the exclusive or number of results based on first data Yu described first data block of data to be transmitted
According to, the corresponding exclusive or result data of each data block of the data to be transmitted is calculated, including:Calculated using default first Hash
Method, carries out Hash operation to first random number and first data, obtains the second data;By first data and institute
The exclusive or result data of first data block of data to be transmitted is stated as initial exclusive or result data, it is corresponding to last data block
Exclusive or result data performs xor operation with second data, obtains the corresponding exclusive or result data of current data block.
Alternatively, the data using the first random number first character section, hold each exclusive or result data
Row displacement and replacement operator, including:When the data of the first random number first character section are even number, using the 3rd data as
Mark, the data after determining the 2i data block scrambling in default displacement array;And using the 4th data as mark,
The data after the 2i+1 data block scrambling are determined in the displacement array;Wherein, the 3rd data, are described first random
The sum of the data of number first character sections and exclusive or result data of the 2i+1 data block again take the length for replacing array
The result of mould;4th data, are the exclusive or knot of the data and the 2i data block of the first random number first character section
The sum of fruit data are again to the length modulus as a result, i is natural number of the displacement array;When the first random number first character
When the data of section are odd number, using the 4th data as mark, determine that the 2i-1 data block adds in the displacement array
Data after disturbing;And using the 5th data as mark, the number after determining the 2i data block scrambling in the displacement array
According to;Wherein, the 5th data, are the exclusive or knot of the data and the 2i-1 data block of the first random number first character section
The sum of fruit data are again to the result of the length modulus for replacing array.
Alternatively, the message authentication code of the data after the calculating upset, including:To the data after the upset into
Row filling;Using default second hash algorithm, Hash operation is carried out to the data after filling, is determined according to Hash operation result
6th data;Using default 3rd hash algorithm, to the 1st data block of the 6th data and the data to be transmitted into
Row Hash operation, obtains the message authentication code of the data after the upset.
Alternatively, it is described according to the message authentication code, encryption key is calculated, including:Breathed out using the default 4th
Uncommon algorithm, the message authentication code of the data after data and the upset to the first random-number portion byte carry out Hash fortune
Calculate, obtain the 7th data;According to default Encryption Algorithm, the 7th data and default root key are transported accordingly
Calculate, obtain the encryption key.
The embodiment of the present invention additionally provides a kind of data transmission method, the described method includes:When receiving encrypted number
According to header information and during the encrypted data, decruption key is determined according to the header information of the encrypted data,
The encrypted data are decrypted, the data after being decrypted, wherein, the header information bag of the encrypted data
Include:Configured information and random number information to data to be transmitted into each algorithm utilized in line disturbance and ciphering process, institute
State the corresponding message authentication code of encrypted data;It is corresponding that the data after the decryption are obtained according to the data after the decryption
Message authentication code;The corresponding message authentication code of data after the decryption, message corresponding with the encrypted data are recognized
When card code is identical, the data after the decryption are descrambled, obtain the data to be transmitted.
An embodiment of the present invention provides a kind of data transmission device, described device includes:Unit is upset, is received suitable for working as
During data to be transmitted, the data to be transmitted is performed into line disturbance by exclusive or, displacement and replacement operator, after being upset
Data;First computing unit, suitable for calculating the message authentication code of the data after the upset;Encryption unit, suitable for according to
Message authentication code, is calculated encryption key, and the data after the upset are encrypted, and obtains encrypted data;Head
Portion's information generating unit, it is described encrypted suitable for obtaining the header information of the encrypted data according to default form
The header information of data includes:Instruction to the data to be transmitted into each algorithm utilized in line disturbance and ciphering process
Information, the message authentication code and random number information;Transmission unit, suitable for transmit the header information of the encrypted data and
The encrypted data.
Alternatively, the upset unit includes:Subelement is obtained, suitable for obtaining the first random number;First computing subelement,
Suitable for utilizing first random number, xor operation is performed respectively to each data block of the data to be transmitted, is obtained and institute
State the one-to-one exclusive or result data of each data block;Second computing subelement, suitable for utilizing first random number first
The data of a byte, perform each exclusive or result data displacement and replacement operator, and using the result after replacement operator as
Data after respective data blocks scrambling.
Alternatively, the first computing subelement includes:Byte dispersed modules, suitable for disperseing to calculate using default key
Method, carries out byte to first random number and disperses, and obtains preceding 16 bytes of byte dispersion results as the first data;The
One exclusive or module, suitable for when the data length of the data to be transmitted is less than or equal to 16 byte, by the data to be transmitted
It is overall to be used as a data block to perform xor operation with first data;Second exclusive or module, suitable for when the data to be transmitted
Data length when being more than 16 byte, the exclusive or knot based on first data block in first data and the data to be transmitted
Fruit data, calculate the corresponding exclusive or result data of each data block of the data to be transmitted.
Alternatively, the second exclusive or module be suitable for utilize default first hash algorithm, to first random number with
First data carry out Hash operation, obtain the second data;By first data and described first number of data to be transmitted
According to the exclusive or result data of block as initial exclusive or result data, to the corresponding exclusive or result data of last data block and described the
Two data perform xor operation, obtain the corresponding exclusive or result data of current data block.
Alternatively, the second computing subelement includes:First computing module, suitable for when first random number first
When the data of byte are even number, using the 3rd data as mark, the 2i data block scrambling is determined in default displacement array
Data afterwards;And using the 4th data as mark, the number after determining the 2i+1 data block scrambling in the displacement array
According to;Wherein, the 3rd data, are the exclusive or knot of the data and the 2i+1 data block of the first random number first character section
The sum of fruit data are again to the result of the length modulus for replacing array;4th data, are first random number first
The sum of the data of a byte and exclusive or result data of the 2i data block replace the length modulus of array to described again as a result,
I is natural number;Second computing module, suitable for when the data of the first random number first character section are odd number, by described
Four data are as mark, the data after determining the 2i-1 data block scrambling in the displacement array;And by the 5th data
As mark, the data after determining the 2i data block scrambling in the displacement array;Wherein, the 5th data, for institute
The sum of the data of the first random number first character section and the exclusive or result data of the 2i-1 data block are stated again to the displacement number
The result of the length modulus of group.
Alternatively, first computing unit includes:Subelement is filled, suitable for being filled out to the data after the upset
Fill;Data after filling suitable for utilizing default second hash algorithm, are carried out Hash operation by the first computation subunit, according to
Hash operation result determines the 6th data;Second computation subunit, suitable for utilizing default 3rd hash algorithm, to the described 6th
1st data block of data and the data to be transmitted carries out Hash operation, obtains the message authentication of the data after the upset
Code.
Alternatively, the encryption unit, suitable for utilizing default 4th hash algorithm, to the first random-number portion word
The message authentication code of data after the data of section and the upset carries out Hash operation, obtains the 7th data;And according to default
Encryption Algorithm, corresponding computing is carried out to the 7th data and default root key, obtains the encryption key.
The embodiment of the present invention additionally provides another data transmission device, and described device includes:Decryption unit, connects suitable for working as
When receiving the header information of encrypted data and the encrypted data, according to the header information of the encrypted data
Determine decruption key, the encrypted data are decrypted, the data after being decrypted, wherein, the encrypted number
According to header information include:To data to be transmitted into the configured information of each algorithm utilized in line disturbance and ciphering process and
Random number information, the corresponding message authentication code of the encrypted data;Second computing unit, after according to the decryption
Data obtain the corresponding message authentication code of data after the decryption;Descrambling unit, corresponds to suitable for the data after decryption
Message authentication code, when corresponding with encrypted data message authentication code is identical, the data after the decryption are carried out
Descrambling, obtains the data to be transmitted.
Compared with prior art, the technical solution of the embodiment of the present invention has the following advantages:
Using the above scheme, when receiving data to be transmitted, by exclusive or, displacement and replacement operator to described to be transmitted
Data are performed into line disturbance, and are transmitted again after the data after upset are encrypted, rather than only to data to be transmitted into
Transmitted after row encryption, therefore the security of data transfer can be improved.
Brief description of the drawings
Fig. 1 is a kind of transmission method flow chart of data in the embodiment of the present invention;
Fig. 2 is a kind of upset method flow diagram of data in the embodiment of the present invention;
Fig. 3 is a kind of calculating message authentication code method flow diagram in the embodiment of the present invention;
Fig. 4 is the transmission method flow chart of another data in the embodiment of the present invention;
Fig. 5 is the transmission method flow chart of another data in the embodiment of the present invention;
Fig. 6 is the transmission method flow chart of another data in the embodiment of the present invention;
Fig. 7 is a kind of structure diagram of data transmission device in the embodiment of the present invention;
Fig. 8 is the structure diagram of another data transmission device in the embodiment of the present invention.
Embodiment
At present, before by transmitted data on network, although being encrypted to data to be transmitted, Information Security is still
It is poor, easily it is trapped or even distorts.
In view of the above-mentioned problems, an embodiment of the present invention provides a kind of data transmission method, received using the method
During data to be transmitted, the data to be transmitted is performed into line disturbance by exclusive or, displacement and replacement operator, and to upset after
Data are transmitted again after being encrypted, rather than are transmitted after only data to be transmitted is encrypted, therefore can improve number
According to the security of transmission.
It is understandable to enable the above objects, features and advantages of the present invention to become apparent, below in conjunction with the accompanying drawings to the present invention
Specific embodiment explain.
With reference to Fig. 1, an embodiment of the present invention provides a kind of data transmission method, the method may include following steps:
Step 11, when receiving data to be transmitted, the data to be transmitted is held by exclusive or, displacement and replacement operator
Traveling line disturbance, the data after being upset.
In specific implementation, transmitting terminal carries out data to be transmitted scrambling and retransmits to receiving terminal, and receiving terminal needs to dock
Received data could obtain the data to be transmitted after being descrambled, it is possible thereby to further improve Information Security.
In an embodiment of the present invention, data to be transmitted is scrambled, is mainly total to by exclusive or, displacement and replacement operator
With completion, other operations are also possible that certainly, in scrambling processes, it is specific unrestricted.And the exclusive or, displacement and displacement
The execution sequence of operation there may be it is a variety of, such as, exclusive or, displacement and replacement operator can be performed successively, can also be first carried out
Displacement and replacement operator, are performing xor operation etc..
In one embodiment of this invention, the method shown in Fig. 2 can be used to be performed to data to be transmitted into line disturbance.Tool
Body, the upset method may include steps of:
Step 21, the first random number is obtained.
In specific implementation, in order to strengthen disruptive, it is 4 bytes that a length can be first generated by randomizer
Random number rnd [Isosorbide-5-Nitrae], then using the first character section rnd [1] in random number rnd [Isosorbide-5-Nitrae] as mark, from default displacement
Corresponding data rnd [0] is chosen in array.Wherein, the displacement array can be S box SboxTable, at this time data rnd [0]
=SboxTable [rnd [1]].Data rnd [0] can finally be merged with random number rnd [Isosorbide-5-Nitrae], it is 5 bytes to obtain length
The first random number rnd [0,4], data rnd [0] be first random number rnd [0,4] first character section data.
Step 22, using first random number, exclusive or behaviour is performed respectively to each data block of the data to be transmitted
Make, obtain and each one-to-one exclusive or result data of data block.
In one embodiment of this invention, default key decentralized algorithm can be utilized, to the first random number rnd
[0,4] carry out byte to disperse, and obtain preceding 16 bytes of byte dispersion results as the first data v1.Wherein, the key
Decentralized algorithm can make choice according to actual needs, such as, can be the close Secure Hash Algorithm of state (SM3), or peace
Full hash algorithm (Secure Hash Algorithm, SHA1), can also be Message Digest 5 (Message Digest
Algorithm, MD5).
After obtaining the first data v1, xor operation can be performed to data to be transmitted according to the length of data to be transmitted.Than
Such as, when the data length of the data to be transmitted is less than or equal to 16 byte, using the data to be transmitted integrally as a number
Xor operation is performed according to block and the first data v1, obtains exclusive or result data e0.Wherein, the length of exclusive or result data e0
The as length of data to be transmitted.
When the data length of the data to be transmitted is more than 16 byte, based on the first data v1 with it is described to be transmitted
The exclusive or result data of first data block in data, calculates the corresponding exclusive or number of results of each data block of the data to be transmitted
According to.
Specifically, can be first with default first hash algorithm, to the first random number rnd [0,4] and described the
One data v1 carries out Hash operation, obtains the second data v2.
Then, using 16 bytes as data block length by the data to be transmitted be divided into N number of data block (d0, d1 ... ...,
Dn ... ..., dN), xor operation is carried out to first data block d0 in the first data v1 and the data to be transmitted, obtains exclusive or
Result data e0, i.e. e0=v1^d0.
Then, using exclusive or result data e0 as initial exclusive or result data, exclusive or result corresponding to last data block
Data perform xor operation with second data, obtain the corresponding exclusive or result data of current data block, i.e., based on exclusive or knot
Fruit data e0 calculates the corresponding exclusive or result data en of each data block dn of data to be transmitted using equation below, until obtaining most
The exclusive or result data eN of latter data block dN:
En=dn^e (n-1) 0^v2 (1)
Wherein, first hash algorithm can be with SM3 algorithms, or SHA1 algorithms, can also be other calculations certainly
Method, it is specific unrestricted.
Step 23, using the data of the first random number first character section, shifting is performed to each exclusive or result data
Position and replacement operator, and using the result after replacement operator as the data after respective data blocks scrambling.
In specific implementation, using the data rnd [0] of the first random number rnd [0,4] first character section, can adopt
Displacement and replacement operator are performed to each exclusive or result data e0~eN with various ways, are not restricted specifically.Pass through rnd
[0] displacement and replacement operator are performed to each exclusive or result data e0~eN, the disruptive of data can be increased.
In one embodiment of this invention, when the data rnd [0] of the first random number rnd [0,4] first character section is
During even number, using the 3rd data v3 as mark, the data f after determining the 2i data block scrambling in default displacement array
[2*i], i.e.,:
By taking the replacement data is S boxes SboxTable as an example, wherein, the 3rd data v3, is first random number
The data rnd [0] and the sum of the exclusive or result data e [2*i+k] of the 2i+k data block of rnd [0,4] first character section are right again
The displacement array SboxTable's is length Sbox_len modulus as a result, i.e. v3=(e [2*i+k]+rnd [0]) %Sbox_
len.The 4th data v4, is the data rnd [0] and the 2i+m number of the first random number rnd [0,4] first character section
The sum of exclusive or result data e [2*i+m] according to block is again to the knot of the length Sbox_len modulus for replacing array SboxTable
Fruit, i.e. v4=(e [2*i+m]+rnd [0]) %Sbox_len.I ∈ (0,1 ..., length/2 of data to be transmitted), m and k are whole
Number.
It is hereby achieved that:
F [2*i]=SboxTable [(e [2*i+k]+rnd [0]) %Sbox_len];
F [2*i+1]=SboxTable [(e [2*i+m]+rnd [0]) %Sbox_len].
For example work as m=0, and during k=1, v3=(e [2*i+1]+rnd [0]) %Sbox_len, f [2*i]=SboxTable
[(e [2*i+1]+rnd [0]) %Sbox_len], that is, pass through the exclusive or result data e [2* based on the 2*i+1 data block
I+1] determine the data after upset to the 2i data block.Work as m=0, during k=1, v4=(e [2*i]+rnd [0]) %Sbox_
Len, f [2*i+1]=SboxTable [(e [2*i]+rnd [0]) %Sbox_len], that is, by based on the 2*i data
The exclusive or result data e [2*i] of block determines the data after the upset to the 2i+1 data block.
When the data rnd [0] of the first random number rnd [0,4] first character section is odd number, by the 4th data
V4 is as mark, the data f [2*i-1] after determining the 2i-1 data block scrambling in the displacement array SboxTable;With
And using the 5th data v5 as mark, the data after determining the 2i data block scrambling in the displacement array SboxTable;
Wherein, the 5th data v5, is that the data rnd [0] and 2i-p of the first random number rnd [0,4] first character section are a
The sum of exclusive or result data e [2*i-p] of data block is again to the length Sbox_len modulus for replacing array SboxTable
As a result, i.e. v5=(e [2*i-p]+rnd [0]) %Sbox_len, wherein, p and q are integer.
It is hereby achieved that:
F [2*i-1]=SboxTable [(e [2*i+m]+rnd [0]) %Sbox_len];
F [2*i]=SboxTable [(e [2*i-p]+rnd [0]) %Sbox_len].
For example work as m=0, and during p=1, v4=(e [2*i]+rnd [0]) %Sbox_len, f [2*i-1]=SboxTable
[(e [2*i]+rnd [0]) %Sbox_len], that is, pass through the exclusive or result data e [2*i+1] based on the 2*i data block
Determine the data after the upset to the 2i-1 data block.Work as m=0, during p=1, v5=(e [2*i-1]+rnd [0]) %Sbox_
Len, f [2*i]=SboxTable [(e [2*i-1]+rnd [0]) %Sbox_len], that is, by based on the 2*i-1 number
The data after the upset to the 2i data block are determined according to the exclusive or result data e [2*i-1] of block.
Step 12, the message authentication code of the data after the upset is calculated.
In one embodiment of this invention, the method shown in Fig. 3 can be used to calculate the message authentication of the data after upsetting
Code.The computational methods specifically may include steps of:
Step 31, the data after the upset are filled.
In specific implementation, the data after the upset can include:F0, f1 ... ..., f (N-1), fN.The present invention's
, can be with when the length of last data block fN of the data after the upset is the integral multiple of 16 bytes in one embodiment
By last data block f (N+1) of " * " and 15 "-" as the data after the upset.The data after upset are most
When the length of the latter data block fN is the integral multiple of non-16 byte, 1 " * " and multiple "-" can be supplemented to fN, until fN's
Length is the integral multiple of 16 bytes.
Step 32, using default second hash algorithm, Hash operation is carried out to the data after filling, according to Hash operation
As a result the 6th data are determined.
In specific implementation, second hash algorithm can make choice according to actual conditions, not be restricted specifically, than
Such as, second hash algorithm can be SHA1 algorithms, or MD5 algorithms etc..Hash fortune is carried out to the data after filling
Calculate, and using 4 bytes before Hash operation result as the 6th data v6.
Step 33, using default 3rd hash algorithm, to the 1st number of the 6th data and the data to be transmitted
Hash operation is carried out according to block, obtains the message authentication code of the data after the upset.
In specific implementation, the 3rd hash algorithm can make choice according to actual conditions, not be restricted specifically, than
Such as, the 3rd hash algorithm can be SHA1 algorithms, or MD5 algorithms etc..Also, first hash algorithm,
Two hash algorithms and the 3rd hash algorithm may be the same or different.
Carry out Hash operation to the 1st data block d0 of the 6th data v6 and the data to be transmitted, and by Hash operation
As a result message authentication code MAC of preceding 4 byte as the data after the upset.
Formed since the message authentication code MAC of the data after upset is calculated by two parts, it is necessary first to calculate the 6th number
According to v6, the 1st data block of the 6th data v6 and data to be transmitted composition message authentication code MAC is recycled, thus can not only
Pass through the integrality of message authentication code mac authentication data, additionally it is possible to prevent the attack of cracker.
Step 13, according to the message authentication code, encryption key is calculated, and the data after the upset are added
It is close, obtain encrypted data.
In one embodiment of this invention, can be first with default 4th hash algorithm, to the first random number rnd
The message authentication code MAC of data after the data of [0,4] partial bytes and the upset carries out Hash operation, obtains the 7th data
v7;Further according to default Encryption Algorithm, corresponding computing is carried out to the 7th data v7 and default root key rootkey,
Obtain the encryption key key.
Wherein, the data of the first random number rnd [0,4] partial bytes can be arbitrary portion byte, such as, it is described
The data of first random number rnd [0,4] partial bytes can be rnd [Isosorbide-5-Nitrae], i.e., rear the 4 of described first random number rnd [0,4]
Byte data.Computing is carried out to rnd [Isosorbide-5-Nitrae] and message authentication code MAC, obtains encryption key key.Such as encryption key key=
v7⊕rootkey.Data (f0, f1 ... ..., f (N-1), fN) after the upset are encrypted, obtain encrypted data
(h0, h1 ... ..., h (N+1)).
In specific implementation, root key rootkey is secret, even if Encryption Algorithm is cracked, it is also difficult to is obtained to be passed
Defeated data.Also, it is randomly generated due to the rnd [Isosorbide-5-Nitrae], further increase encryption key key cracks difficulty
Degree.
It should be noted that in specific implementation, used Encryption Algorithm is encrypted to the data after the upset
Can be symmetric encipherment algorithm, such as the close piecemeal symmetric encipherment algorithm SM4 of state or the symmetrical aes algorithm of international standard, specifically not
It is restricted.
Step 14, the header information of the encrypted data is obtained according to default form.
Wherein, the header information of the encrypted data includes:To the data to be transmitted into line disturbance and encrypted
The configured information of each algorithm utilized in journey, the message authentication code and random number information.To the data to be transmitted into
The each algorithm utilized in line disturbance and ciphering process can include:First hash algorithm, the second hash algorithm, the 3rd
Hash algorithm and the 4th hash algorithm, the algorithm of hash computing and Encryption Algorithm, key decentralized algorithm etc..The random number letter
Breath can include random number rnd [Isosorbide-5-Nitrae] that randomizer is generated etc..
In specific implementation, it can use various ways that the form of the header information is set.For example it can set described
The high nibble instruction Encryption Algorithm of the first byte of header information, the low nibble instruction key decentralized algorithm of the first byte.If
The 3rd byte for putting the header information indicates the first hash algorithm, the second hash algorithm, the 3rd hash algorithm and successively
Four hash algorithms.Other bytes of the header information are set to indicate random number rnd [Isosorbide-5-Nitrae] and message authentication code MAC etc..
It should be noted that, although random number rnd [Isosorbide-5-Nitrae] can be referred to by the header information of encrypted data
Show, but since rnd [0] is unknown, to obtain the second data v2, it is necessary to first be computed correctly first number of data to be transmitted
According to the value of storehouse d0, it is possible thereby to which increase data cracks difficulty.
Step 15, the header information of the encrypted data and the encrypted data are transmitted.
In specific implementation, can use wirelessly transmit the encrypted data header information and it is described plus
Data after close, can also transmit the header information of the encrypted data and the encrypted number by the way of wired
According to not being restricted specifically.
Fig. 4 is a kind of specific data transmission method flow chart provided in an embodiment of the present invention.With reference to Fig. 4, the method can
To include the following steps:
Step 401, the random number rnd [Isosorbide-5-Nitrae] that length is 4 bytes is generated.
Step 402, rnd [0] is calculated.
Step 403, the first data v1 is calculated.
Step 404, judge whether the length of the data to be transmitted is more than 16 bytes.
When the length of data to be transmitted is more than 16 byte, step 405 is performed, otherwise performs step 408.
Step 405, the second data v2 is calculated.
Step 406, exclusive or is carried out to first data block d0 of the first data v1 and the data to be transmitted, is counted
According to the corresponding exclusive or result data e0 of block d0.
Step 407, according to exclusive or result data e0, the corresponding exclusive or result data e1~eN of other data blocks is calculated.
Step 408, the data to be transmitted is integrally subjected to exclusive or as a data block and the first data v1, obtains e0.
Step 409, the data after upset are filled.
Step 410, the 7th data v7 is calculated.
Step 411, the message authentication code MAC of the data after the upset is calculated.
Step 412, encryption key key is calculated.
Step 413, the data after upset are encrypted using encryption key key, obtain encrypted data D1.
Step 414, the header information D2 of the encrypted data is set.
Step 415, the encrypted data D1 and header information D2 of the encrypted data is sent.
In specific implementation, on step 401~415, it is referred to the above-mentioned description as described in step 11 and 15 and carries out in fact
Apply, details are not described herein again.
As shown in the above, using the transmission method of data in the embodiment of the present invention, when receiving data to be transmitted,
The data to be transmitted is performed into line disturbance by exclusive or, displacement and replacement operator, and the data after upset are encrypted
It is transmitted, rather than is transmitted after only data to be transmitted is encrypted again afterwards, therefore the safety of data transfer can be improved
Property.Also, the integrality of the data received can be verified by the message authentication code of the data after upset, so as to improve reception
Efficiency.
With reference to Fig. 5, the embodiment of the present invention additionally provides another data transmission method, the method may include:
Step 51, when the header information and the encrypted data for receiving encrypted data, added according to described
The header information of data after close determines decruption key, the encrypted data is decrypted, the data after being decrypted.
Wherein, the header information of the encrypted data includes:To data to be transmitted into line disturbance and ciphering process
The configured information and random number information of each algorithm utilized, the corresponding message authentication code of the encrypted data.
In specific implementation, can be to data to be transmitted into line disturbance according to the header information of the encrypted data
And each algorithm information, random number information and the message authentication code utilized in ciphering process.
Step 52, the corresponding message authentication code of data after the decryption is obtained according to the data after the decryption.
Step 53, the corresponding message authentication code of data after the decryption, it is corresponding with the encrypted data to disappear
When breath authentication code is identical, the data after the decryption are descrambled, obtain the data to be transmitted.
Fig. 6 is the detail flowchart of the data transmission method shown in Fig. 5.With reference to Fig. 6, the method may include as follows
Step:
Step 601, obtained according to the header information D2 of encrypted data to data to be transmitted into line disturbance and encrypted
The configured information and random number rnd ' [Isosorbide-5-Nitrae] of each algorithm utilized in journey, the corresponding message of the encrypted data are recognized
Demonstrate,prove code MAC.
Wherein, in the case of decryption oprerations are correct, random number rnd ' [Isosorbide-5-Nitrae] and the random number rnd [Isosorbide-5-Nitrae] in scrambling processes
It is identical.
Step 602, using the first character section rnd [1] in random number rnd ' [Isosorbide-5-Nitrae] as mark, from displacement array
Corresponding data rnd ' [0] is chosen in SboxTable.
Wherein, in the case of selection operation is correct, rnd ' [0] is identical with data rnd [0] in scrambling processes.
Step 603, rnd ' [0] and rnd ' [Isosorbide-5-Nitrae] are carried out byte to merge, obtains rnd ' [0,4].
Wherein, in the case of union operation is correct, rnd ' [0,4] and first random number rnd [0,4] phase in scrambling processes
Together.
Step 604, according to the 4th hash algorithm, Hash operation is carried out to rnd ' [Isosorbide-5-Nitrae] and message authentication code MAC, is obtained
v7’。
Wherein, in the case of Hash operation operation correctly, v7 ' is identical with the 7th data v7 in scrambling processes.
Step 605, corresponding computing is carried out to v7 ' and root key rootkey, obtains decruption key key '.
Wherein, in the case of correct to the corresponding arithmetic operation of v7 ' and root key rootkey progress, decruption key key '
It is identical with the encryption key key in scrambling processes.
Step 606, the encrypted data are decrypted using decruption key key ', obtains f0 ' ... ..., fn+1 '.
Wherein, in the case of decryption oprerations are correct, f0 ' ... ..., fn+1 ' respectively with after the upset in scrambling processes
Data f0 ... ..., fn+1 it is identical.
Step 607, using the second hash algorithm to f0 ' ... ..., fn+1 ' carries out Hash operation, obtains v6 '.
Wherein, in the case of Hash operation is correct, v6 ' is identical with the 6th data v6 in scrambling processes.
Step 608, byte is carried out to rnd ' [0,4] to disperse, obtain v1 ' using key decentralized algorithm.
Wherein, in the case of byte scatter operation is correct, v1 ' is identical with the first data v1 in scrambling processes.
Step 609, to f0 ' shift replacements, e0 ' is obtained.
Wherein, in the case of shift replacement is correct, e0 ' and first data block d0 of data to be transmitted described in scrambling processes
Exclusive or result data e0 it is identical.
Step 610, XOR operation is performed to e0 ' and v1 ', obtains d0 '.
Wherein, in the case of XOR operation is correct, d0 ' and first data block d0 of data to be transmitted described in scrambling processes
It is identical.Step 611, Hash operation is carried out to v6 ' and d0 ' using the 3rd hash algorithm, obtains MAC '.
Wherein, in the case of Hash operation is correct, MAC ' is identical with message authentication code MAC in scrambling processes.
Step 612, judge whether MAC ' is equal with MAC.
When MAC ' is equal with MAC, the encrypted data are complete, then continue to execute step 613, otherwise terminate
Whole data transmission procedure.
Step 613, the data after filling are removed, and calculate the length of the data to be transmitted.
Step 614, judge whether the length of the data to be transmitted is more than 16 bytes.
When the length of the data to be transmitted is more than 16 byte, step 615 is performed, otherwise performs step 618.
Step 615, to f0 ' ... ..., fn+1 ' shift replacements, and the data after filling are removed, obtain e0 ' ... ..., eN '.
Wherein, shift replacement and go padding correctly in the case of, e0 ' ... ..., eN ' respectively with scrambling processes
Described in data to be transmitted respective data blocks corresponding exclusive or result data e0 ... ..., eN it is identical.
Step 616, using the first hash algorithm, Hash operation is performed to d0 ' and rnd ' [0,4], obtains v2 '.
Wherein, in the case of Hash operation is correct, v2 ' is identical with the second data v2 in scrambling processes.
Step 617, according to e0 ' ... ..., eN ' and v2 ', calculate d0 ', d1 ' ... ..., dN '.
Wherein, in the case of calculating operation correctly, d0 ', d1 ' ... ..., dN ' and data to be transmitted shown in scrambling processes
Respective data blocks d0, d1 ... ..., dN it is identical.
Step 618, export (d0 ', d1 ' ... ..., dN ') and data length.
It should be noted that step 601~step 618 receives the process of data for receiving terminal, that is, dock received
The process that data are decrypted and descramble, is specifically referred to step 401~step 415 and is implemented.
In order to more fully understand those skilled in the art and realize the present invention, below to the transmission methods of above-mentioned data into
The corresponding device of row is described in detail.
With reference to Fig. 7, an embodiment of the present invention provides a kind of data transmission device 70, described device 70 can include:Upset
Unit 71, the first computing unit 72, encryption unit 73, header information generation unit 74 and transmission unit 75.Wherein:
The upset unit 71, suitable for when receiving data to be transmitted, by exclusive or, displacement and replacement operator to described
Data to be transmitted is performed into line disturbance, the data after being upset;
First computing unit 72, suitable for calculating the message authentication code of the data after the upset;
The encryption unit 73, suitable for according to the message authentication code, being calculated encryption key, and to the upset after
Data be encrypted, obtain encrypted data;
The header information generation unit 74, suitable for obtaining the head of encrypted data letter according to default form
Breath, the header information of the encrypted data include:To the data to be transmitted into being utilized in line disturbance and ciphering process
Each algorithm configured information, the message authentication code and random number information;
The transmission unit 75, suitable for transmitting the header information of the encrypted data and the encrypted data.
In specific implementation, the upset unit 71 can include:Obtain subelement 711, the first computing subelement 712 with
And the second computing subelement 713.Wherein:
The acquisition subelement 711, suitable for obtaining the first random number;
The first computing subelement 712, suitable for utilizing first random number, to each number of the data to be transmitted
Xor operation is performed respectively according to block, is obtained and each one-to-one exclusive or result data of data block;
The second computing subelement 713, suitable for utilizing the data of the first random number first character section, to each described
Exclusive or result data performs displacement and replacement operator, and using the result after replacement operator as the number after respective data blocks scrambling
According to.
In specific implementation, the first computing subelement 712 includes:Byte dispersed modules 7121, the first exclusive or module
7122 and the second exclusive or module 7123.Wherein:
The byte dispersed modules 7121, suitable for utilizing default key decentralized algorithm, carry out first random number
Byte is disperseed, and obtains preceding 16 bytes of byte dispersion results as the first data;
The first exclusive or module 7122, suitable for being less than or equal to 16 bytes when the data length of the data to be transmitted
When, the data to be transmitted is integrally performed into xor operation as a data block and first data;
The second exclusive or module 7123, suitable for when the data length of the data to be transmitted is more than 16 byte, being based on
The exclusive or result data of first data and first data block in the data to be transmitted, it is each to calculate the data to be transmitted
The corresponding exclusive or result data of a data block.
In one embodiment of this invention, the second exclusive or module 7123 is suitable for utilizing default first hash algorithm,
Hash operation is carried out to first random number and first data, obtains the second data;By first data with it is described
The exclusive or result data of first data block of data to be transmitted is corresponding to last data block different as initial exclusive or result data
Or result data performs xor operation with second data, obtains the corresponding exclusive or result data of current data block.
In specific implementation, the second computing subelement 713 can include:First computing module 7131 and the second fortune
Calculate module 7132.Wherein:
First computing module 7131, suitable for when the data of the first random number first character section are even number, inciting somebody to action
3rd data are as mark, the data after determining the 2i data block scrambling in default displacement array;And the 4th is counted
According to as mark, determined in the displacement array the 2i+1 data block scramble after data;Wherein, the 3rd data,
The sum of data and exclusive or result data of the 2i+1 data block for the first random number first character section are put to described again
Change the result of the length modulus of array;4th data, are that data and the 2i of the first random number first character section are a
The sum of exclusive or result data of data block is again to the length modulus as a result, i is natural number of the displacement array;
Second computing module 7132, suitable for when the data of the first random number first character section are odd number, inciting somebody to action
4th data are as mark, the data after determining the 2i-1 data block scrambling in the displacement array;And by
Five data are as mark, the data after determining the 2i data block scrambling in the displacement array;Wherein, the 5th number
According to being the sum of data and exclusive or result data of the 2i-1 data block of the first random number first character section again to described
Replace the result of the length modulus of array.
In specific implementation, first computing unit 72 can include:Fill subelement 721, the first computation subunit
722 and second computation subunit 723.Wherein:
The filling subelement 721, suitable for being filled to the data after the upset;
First computation subunit 722, suitable for utilizing default second hash algorithm, breathes out the data after filling
Uncommon computing, the 6th data are determined according to Hash operation result;
Second computation subunit 723, suitable for utilizing default 3rd hash algorithm, to the 6th data and described
1st data block of data to be transmitted carries out Hash operation, obtains the message authentication code of the data after the upset.
The encryption unit 73, suitable for utilizing default 4th hash algorithm, to the first random-number portion byte
The message authentication code of data after data and the upset carries out Hash operation, obtains the 7th data;And added according to default
7th data and default root key are carried out corresponding computing, obtain the encryption key by close algorithm.
With reference to Fig. 8, the embodiment of the present invention additionally provides a kind of data transmission device 80, and described device 80 can include:Solution
Close unit 81, the second computing unit 82 and Descrambling unit 83.Wherein:
The decryption unit 81, the header information of encrypted data and the encrypted data are received suitable for working as
When, decruption key is determined according to the header information of the encrypted data, the encrypted data are decrypted, are obtained
Data after decryption, wherein, the header information of the encrypted data includes:To data to be transmitted into line disturbance and encrypted
The configured information and random number information of each algorithm utilized in journey, the corresponding message authentication code of the encrypted data;
Second computing unit 82, it is corresponding suitable for obtaining the data after the decryption according to the data after the decryption
Message authentication code;
The Descrambling unit 83, it is and described encrypted suitable for the corresponding message authentication code of data after the decryption
When the corresponding message authentication code of data is identical, the data after the decryption are descrambled, obtain the data to be transmitted.
One of ordinary skill in the art will appreciate that all or part of step in the various methods of above-described embodiment is can
To instruct relevant hardware to complete by program, which can be stored in a computer-readable recording medium, storage
Medium can include:ROM, RAM, disk or CD etc..
Although present disclosure is as above, the present invention is not limited to this.Any those skilled in the art, are not departing from this
In the spirit and scope of invention, it can make various changes or modifications, therefore protection scope of the present invention should be with claim institute
Subject to the scope of restriction.
Claims (16)
- A kind of 1. data transmission method, it is characterised in that including:When receiving data to be transmitted, the data to be transmitted is performed into line disturbance by exclusive or, displacement and replacement operator, Data after being upset;Calculate the message authentication code of the data after the upset;According to the message authentication code, encryption key is calculated, and the data after the upset are encrypted, is encrypted Data afterwards;The header information of the encrypted data, the header information bag of the encrypted data are obtained according to default form Include:Configured information to the data to be transmitted into each algorithm utilized in line disturbance and ciphering process, the message are recognized Demonstrate,prove code and random number information;Transmit the header information of the encrypted data and the encrypted data.
- 2. data transmission method as claimed in claim 1, it is characterised in that described to pass through exclusive or, displacement and replacement operator pair The data to be transmitted is performed into line disturbance, including:Obtain the first random number;Using first random number, xor operation is performed respectively to each data block of the data to be transmitted, is obtained and institute State the one-to-one exclusive or result data of each data block;Using the data of the first random number first character section, displacement is performed to each exclusive or result data and displacement is grasped Make, and using the result after replacement operator as the data after respective data blocks scrambling.
- 3. data transmission method as claimed in claim 2, it is characterised in that it is described to utilize first random number, to described Each data block of data to be transmitted performs xor operation respectively, including:Using default key decentralized algorithm, byte is carried out to first random number and is disperseed, and obtains byte dispersion results Preceding 16 bytes are as the first data;When the data length of the data to be transmitted is less than or equal to 16 byte, using the data to be transmitted integrally as a number Xor operation is performed according to block and first data;When the data length of the data to be transmitted is more than 16 byte, based in first data and the data to be transmitted The exclusive or result data of first data block, calculates the corresponding exclusive or result data of each data block of the data to be transmitted.
- 4. data transmission method as claimed in claim 3, it is characterised in that it is described based on first data with it is described to be passed The exclusive or result data of first data block of transmission of data, calculates the corresponding exclusive or number of results of each data block of the data to be transmitted According to, including:Using default first hash algorithm, Hash operation is carried out to first random number and first data, obtains the Two data;Using the exclusive or result data of first data and described first data block of data to be transmitted as initial exclusive or result Data, perform xor operation to the corresponding exclusive or result data of last data block and second data, obtain current data block Corresponding exclusive or result data.
- 5. data transmission method as claimed in claim 4, it is characterised in that described to utilize the first random number first character The data of section, displacement and replacement operator are performed to each exclusive or result data, including:When the data of the first random number first character section are even number, using the 3rd data as mark, in default displacement The data after the 2i data block scrambling are determined in array;And using the 4th data as mark, it is true in the displacement array Data after fixed the 2i+1 data block scrambling;Wherein, the 3rd data, are the number of the first random number first character section According to the sum of exclusive or result data with the 2i+1 data block again to the result of the length modulus for replacing array;Described 4th Data are the sum of data and exclusive or result data of the 2i data block of the first random number first character section again to described Replace the length modulus as a result, i is natural number of array;When the data of the first random number first character section are odd number, using the 4th data as mark, put described Data after determining the 2i-1 data block scrambling are changed in array;And using the 5th data as mark, in the displacement array In determine the 2i data block scramble after data;Wherein, the 5th data, are the first random number first character section The sum of exclusive or result data of data and the 2i-1 data block is again to the result of the length modulus for replacing array.
- 6. data transmission method as claimed in claim 2, it is characterised in that the message of the data after the calculating upset Authentication code, including:Data after the upset are filled;Using default second hash algorithm, Hash operation is carried out to the data after filling, the is determined according to Hash operation result Six data;Using default 3rd hash algorithm, the 1st data block of the 6th data and the data to be transmitted is breathed out Uncommon computing, obtains the message authentication code of the data after the upset.
- 7. data transmission method as claimed in claim 6, it is characterised in that it is described according to the message authentication code, calculate To encryption key, including:Using default 4th hash algorithm, data after data and the upset to the first random-number portion byte Message authentication code carries out Hash operation, obtains the 7th data;According to default Encryption Algorithm, corresponding computing is carried out to the 7th data and default root key, obtains described add Key.
- A kind of 8. data transmission method, it is characterised in that including:When the header information and the encrypted data for receiving encrypted data, according to the encrypted data Header information determines decruption key, the encrypted data is decrypted, the data after being decrypted, wherein, it is described to add The header information of data after close includes:Finger to data to be transmitted into each algorithm utilized in line disturbance and ciphering process Show information and random number information, the corresponding message authentication code of the encrypted data;The corresponding message authentication code of data after the decryption is obtained according to the data after the decryption;The corresponding message authentication code of data after the decryption, message authentication code corresponding with the encrypted data are identical When, the data after the decryption are descrambled, obtain the data to be transmitted.
- A kind of 9. data transmission device, it is characterised in that including:Unit is upset, suitable for when receiving data to be transmitted, by exclusive or, displacement and replacement operator to the data to be transmitted Perform into line disturbance, the data after being upset;First computing unit, suitable for calculating the message authentication code of the data after the upset;Encryption unit, suitable for according to the message authentication code, encryption key being calculated, and carry out to the data after the upset Encryption, obtains encrypted data;Header information generation unit, it is described to add suitable for obtaining the header information of the encrypted data according to default form The header information of data after close includes:To the data to be transmitted into each algorithm utilized in line disturbance and ciphering process Configured information, the message authentication code and random number information;Transmission unit, suitable for transmitting the header information of the encrypted data and the encrypted data.
- 10. data transmission device as claimed in claim 9, it is characterised in that the upset unit includes:Subelement is obtained, suitable for obtaining the first random number;First computing subelement, suitable for utilizing first random number, holds each data block of the data to be transmitted respectively Row xor operation, obtains and each one-to-one exclusive or result data of data block;Second computing subelement, suitable for utilizing the data of the first random number first character section, to each exclusive or number of results According to execution displacement and replacement operator, and using the result after replacement operator as the data after respective data blocks scrambling.
- 11. data transmission device as claimed in claim 10, it is characterised in that the first computing subelement includes:Byte dispersed modules, suitable for utilizing default key decentralized algorithm, carry out byte to first random number and disperse, and obtain Preceding 16 bytes of byte dispersion results are taken as the first data;First exclusive or module, will be described to be passed suitable for when the data length of the data to be transmitted is less than or equal to 16 byte Transmission of data integrally performs xor operation as a data block and first data;Second exclusive or module, suitable for when the data length of the data to be transmitted is more than 16 byte, based on first data With the exclusive or result data of first data block in the data to be transmitted, calculate each data block of the data to be transmitted and correspond to Exclusive or result data.
- 12. data transmission device as claimed in claim 11, it is characterised in that the second exclusive or module is suitable for using default The first hash algorithm, Hash operation is carried out to first random number and first data, obtains the second data;By described in The exclusive or result data of the first data and described first data block of data to be transmitted is as initial exclusive or result data, to previous The corresponding exclusive or result data of data block performs xor operation with second data, obtains the corresponding exclusive or knot of current data block Fruit data.
- 13. data transmission device as claimed in claim 12, it is characterised in that the second computing subelement includes:First computing module, suitable for when the data of the first random number first character section are even number, using the 3rd data as Mark, the data after determining the 2i data block scrambling in default displacement array;And using the 4th data as mark, The data after the 2i+1 data block scrambling are determined in the displacement array;Wherein, the 3rd data, are described first random The sum of the data of number first character sections and exclusive or result data of the 2i+1 data block again take the length for replacing array The result of mould;4th data, are the exclusive or knot of the data and the 2i data block of the first random number first character section The sum of fruit data are again to the length modulus as a result, i is natural number of the displacement array;Second computing module, suitable for when the data of the first random number first character section are odd number, by the 4th data As mark, the data after determining the 2i-1 data block scrambling in the displacement array;And using the 5th data as mark Know, the data after determining the 2i data block scrambling in the displacement array;Wherein, the 5th data, are described first The sum of exclusive or result data of the data of random number first character section and the 2i-1 data block is again to the length of the displacement array Spend the result of modulus.
- 14. data transmission device as claimed in claim 10, it is characterised in that first computing unit includes:Subelement is filled, suitable for being filled to the data after the upset;Data after filling suitable for utilizing default second hash algorithm, are carried out Hash operation by the first computation subunit, according to Hash operation result determines the 6th data;Second computation subunit, suitable for utilizing default 3rd hash algorithm, to the 6th data and the data to be transmitted The 1st data block carry out Hash operation, obtain the message authentication code of the data after the upset.
- 15. data transmission device as claimed in claim 14, it is characterised in that the encryption unit, it is default suitable for utilizing 4th hash algorithm, the message authentication code of the data after data and the upset to the first random-number portion byte carry out Hash operation, obtains the 7th data;And according to default Encryption Algorithm, the 7th data and default root key are carried out Corresponding computing, obtains the encryption key.
- A kind of 16. data transmission device, it is characterised in that including:Decryption unit, suitable for when the header information and the encrypted data for receiving encrypted data, according to described The header information of encrypted data determines decruption key, the encrypted data is decrypted, the number after being decrypted According to, wherein, the header information of the encrypted data includes:To data to be transmitted into being utilized in line disturbance and ciphering process Each algorithm configured information and random number information, the corresponding message authentication code of the encrypted data;Second computing unit, suitable for obtaining the corresponding message authentication of the data after the decryption according to the data after the decryption Code;Descrambling unit, it is corresponding with the encrypted data suitable for the corresponding message authentication code of data after the decryption When message authentication code is identical, the data after the decryption are descrambled, obtain the data to be transmitted.
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610974638.4A CN108023724B (en) | 2016-11-04 | 2016-11-04 | Data transmission method and device |
CN202010644032.0A CN111756523B (en) | 2016-11-04 | 2016-11-04 | Data transmission method and device |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610974638.4A CN108023724B (en) | 2016-11-04 | 2016-11-04 | Data transmission method and device |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010644032.0A Division CN111756523B (en) | 2016-11-04 | 2016-11-04 | Data transmission method and device |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108023724A true CN108023724A (en) | 2018-05-11 |
CN108023724B CN108023724B (en) | 2020-10-20 |
Family
ID=62084678
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610974638.4A Active CN108023724B (en) | 2016-11-04 | 2016-11-04 | Data transmission method and device |
CN202010644032.0A Active CN111756523B (en) | 2016-11-04 | 2016-11-04 | Data transmission method and device |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202010644032.0A Active CN111756523B (en) | 2016-11-04 | 2016-11-04 | Data transmission method and device |
Country Status (1)
Country | Link |
---|---|
CN (2) | CN108023724B (en) |
Cited By (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109787764A (en) * | 2019-03-25 | 2019-05-21 | 四川九洲空管科技有限责任公司 | A kind of encryption method based on cipher key delivery equipment |
CN110378083A (en) * | 2019-06-12 | 2019-10-25 | 北京奇艺世纪科技有限公司 | A kind of Boolean obscures method and apparatus and computer readable storage medium |
CN110535816A (en) * | 2018-05-24 | 2019-12-03 | 广东技术师范学院 | A kind of safe data information transmission method |
CN111756767A (en) * | 2020-07-06 | 2020-10-09 | 成都卫士通信息产业股份有限公司 | Streaming media data transmission method and device, electronic equipment and computer storage medium |
CN112180826A (en) * | 2020-09-30 | 2021-01-05 | 苏州艾隆科技股份有限公司 | Operation and maintenance monitoring method and device and storage medium |
CN112260840A (en) * | 2020-10-21 | 2021-01-22 | 上海创能国瑞数据系统有限公司 | Disturbance encryption method based on sm4 encryption algorithm |
CN113204774A (en) * | 2021-04-29 | 2021-08-03 | 北京连山科技股份有限公司 | Rapid data security protection algorithm based on multi-cloud environment |
CN113645183A (en) * | 2021-06-21 | 2021-11-12 | 苏州工业园区服务外包职业学院 | Data encryption transmission method, system, computer equipment and storage medium |
CN113872753A (en) * | 2021-12-01 | 2021-12-31 | 北京华云安信息技术有限公司 | Encryption transmission method and device based on SHA256 sequence form data |
JP2022506633A (en) * | 2018-11-09 | 2022-01-17 | ホアウェイ・テクノロジーズ・カンパニー・リミテッド | Wireless upgrade method and related equipment |
CN114124443A (en) * | 2021-09-30 | 2022-03-01 | 郑州师范学院 | Credible system suitable for industry internet of things perception computing layer |
CN116455560A (en) * | 2023-06-16 | 2023-07-18 | 北京智芯微电子科技有限公司 | Data encryption method, data decryption method, device, equipment and medium |
CN117098120A (en) * | 2023-10-19 | 2023-11-21 | 国网山西省电力公司晋城供电公司 | Beidou short message data encryption and decryption method, equipment and storage medium |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN114268449B (en) * | 2021-11-02 | 2023-08-29 | 浙江零跑科技股份有限公司 | Important CAN encryption method |
Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040215955A1 (en) * | 2003-04-24 | 2004-10-28 | Masaaki Tamai | Encrypted packet, processing device, method, program, and program recording medium |
CN101471769A (en) * | 2007-12-28 | 2009-07-01 | 北京大唐高鸿数据网络技术有限公司 | Enciphering/deciphering method for VoIP medium transmission |
CN101931955A (en) * | 2010-09-03 | 2010-12-29 | 中兴通讯股份有限公司 | Authentication method, device and system |
CN102437910A (en) * | 2011-10-18 | 2012-05-02 | 国家超级计算深圳中心(深圳云计算中心) | Data encryption/decryption checking method and system |
CN103096302A (en) * | 2011-10-27 | 2013-05-08 | 华为技术有限公司 | Encryption method, deciphering method and related device |
CN103178965A (en) * | 2008-01-07 | 2013-06-26 | 安全第一公司 | Systems and methods for securing data using multi-factor or keyed dispersal |
CN103532706A (en) * | 2012-07-03 | 2014-01-22 | 展讯通信(上海)有限公司 | Data encryption and decryption method and device, and mobile terminal |
CN104639312A (en) * | 2013-11-08 | 2015-05-20 | 国家电网公司 | Anti-power-attack method and device for DES (Data Encrypt Standard) algorithm |
CN105871549A (en) * | 2016-06-13 | 2016-08-17 | 四川特伦特科技股份有限公司 | Digital signal encryption processing method |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP4810289B2 (en) * | 2006-04-17 | 2011-11-09 | ルネサスエレクトロニクス株式会社 | Message authenticator generation device, message authenticator verification device, and message authentication system |
US8577024B2 (en) * | 2009-07-28 | 2013-11-05 | Vixs Systems, Inc | Concealing plain text in scrambled blocks |
KR101440328B1 (en) * | 2013-05-20 | 2014-09-17 | 주식회사 실리콘웍스 | Method for producing a message authenticating code and authenticating device using the message authenticating code |
-
2016
- 2016-11-04 CN CN201610974638.4A patent/CN108023724B/en active Active
- 2016-11-04 CN CN202010644032.0A patent/CN111756523B/en active Active
Patent Citations (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20040215955A1 (en) * | 2003-04-24 | 2004-10-28 | Masaaki Tamai | Encrypted packet, processing device, method, program, and program recording medium |
CN101471769A (en) * | 2007-12-28 | 2009-07-01 | 北京大唐高鸿数据网络技术有限公司 | Enciphering/deciphering method for VoIP medium transmission |
CN103178965A (en) * | 2008-01-07 | 2013-06-26 | 安全第一公司 | Systems and methods for securing data using multi-factor or keyed dispersal |
CN101931955A (en) * | 2010-09-03 | 2010-12-29 | 中兴通讯股份有限公司 | Authentication method, device and system |
CN102437910A (en) * | 2011-10-18 | 2012-05-02 | 国家超级计算深圳中心(深圳云计算中心) | Data encryption/decryption checking method and system |
CN103096302A (en) * | 2011-10-27 | 2013-05-08 | 华为技术有限公司 | Encryption method, deciphering method and related device |
CN103532706A (en) * | 2012-07-03 | 2014-01-22 | 展讯通信(上海)有限公司 | Data encryption and decryption method and device, and mobile terminal |
CN104639312A (en) * | 2013-11-08 | 2015-05-20 | 国家电网公司 | Anti-power-attack method and device for DES (Data Encrypt Standard) algorithm |
CN105871549A (en) * | 2016-06-13 | 2016-08-17 | 四川特伦特科技股份有限公司 | Digital signal encryption processing method |
Cited By (20)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110535816A (en) * | 2018-05-24 | 2019-12-03 | 广东技术师范学院 | A kind of safe data information transmission method |
JP2022506633A (en) * | 2018-11-09 | 2022-01-17 | ホアウェイ・テクノロジーズ・カンパニー・リミテッド | Wireless upgrade method and related equipment |
US11947673B2 (en) | 2018-11-09 | 2024-04-02 | Huawei Technologies Co., Ltd. | Over-the-air upgrade method and related apparatus |
CN109787764A (en) * | 2019-03-25 | 2019-05-21 | 四川九洲空管科技有限责任公司 | A kind of encryption method based on cipher key delivery equipment |
CN110378083A (en) * | 2019-06-12 | 2019-10-25 | 北京奇艺世纪科技有限公司 | A kind of Boolean obscures method and apparatus and computer readable storage medium |
CN110378083B (en) * | 2019-06-12 | 2021-03-12 | 北京奇艺世纪科技有限公司 | Boolean value confusion method and device and computer readable storage medium |
CN111756767A (en) * | 2020-07-06 | 2020-10-09 | 成都卫士通信息产业股份有限公司 | Streaming media data transmission method and device, electronic equipment and computer storage medium |
CN112180826A (en) * | 2020-09-30 | 2021-01-05 | 苏州艾隆科技股份有限公司 | Operation and maintenance monitoring method and device and storage medium |
CN112260840A (en) * | 2020-10-21 | 2021-01-22 | 上海创能国瑞数据系统有限公司 | Disturbance encryption method based on sm4 encryption algorithm |
CN113204774A (en) * | 2021-04-29 | 2021-08-03 | 北京连山科技股份有限公司 | Rapid data security protection algorithm based on multi-cloud environment |
CN113204774B (en) * | 2021-04-29 | 2021-11-26 | 北京连山科技股份有限公司 | Rapid data security protection method based on multi-cloud environment |
CN113645183B (en) * | 2021-06-21 | 2023-08-15 | 苏州工业园区服务外包职业学院 | Data encryption transmission method, system, computer equipment and storage medium |
CN113645183A (en) * | 2021-06-21 | 2021-11-12 | 苏州工业园区服务外包职业学院 | Data encryption transmission method, system, computer equipment and storage medium |
CN114124443A (en) * | 2021-09-30 | 2022-03-01 | 郑州师范学院 | Credible system suitable for industry internet of things perception computing layer |
CN113872753B (en) * | 2021-12-01 | 2022-05-06 | 北京华云安信息技术有限公司 | Encryption transmission method and device based on SHA256 sequence form data |
CN113872753A (en) * | 2021-12-01 | 2021-12-31 | 北京华云安信息技术有限公司 | Encryption transmission method and device based on SHA256 sequence form data |
CN116455560A (en) * | 2023-06-16 | 2023-07-18 | 北京智芯微电子科技有限公司 | Data encryption method, data decryption method, device, equipment and medium |
CN116455560B (en) * | 2023-06-16 | 2023-08-29 | 北京智芯微电子科技有限公司 | Data encryption method, data decryption method, device, equipment and medium |
CN117098120A (en) * | 2023-10-19 | 2023-11-21 | 国网山西省电力公司晋城供电公司 | Beidou short message data encryption and decryption method, equipment and storage medium |
CN117098120B (en) * | 2023-10-19 | 2024-01-02 | 国网山西省电力公司晋城供电公司 | Beidou short message data encryption and decryption method, equipment and storage medium |
Also Published As
Publication number | Publication date |
---|---|
CN108023724B (en) | 2020-10-20 |
CN111756523B (en) | 2022-08-12 |
CN111756523A (en) | 2020-10-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN108023724A (en) | Data transmission method and device | |
KR101809386B1 (en) | Authenticated encryption device, authenticated encryption method, and computer-readable recording medium | |
CN106656475B (en) | Novel symmetric key encryption method for high-speed encryption | |
US7110545B2 (en) | Method and apparatus for symmetric-key encryption | |
US8204215B2 (en) | Method and apparatus for encrypting data | |
US7570759B2 (en) | System and method for secure encryption | |
WO2016027454A1 (en) | Authentication encryption method, authentication decryption method, and information-processing device | |
CN105897748B (en) | A kind of transmission method and equipment of symmetric key | |
CN107592968A (en) | Generate cryptographic check and | |
JPWO2011105367A1 (en) | Block encryption device, block decryption device, block encryption method, block decryption method, and program | |
CN106301759A (en) | A kind of method of data encryption, the method and device of deciphering | |
US20140317407A1 (en) | Incremental mac tag generation device, method, and program, and message authentication device | |
KR20150142623A (en) | Cryptographic method for securely exchanging messages and device and system for implementing this method | |
TW202002564A (en) | Data encryption and decryption method and device | |
CN109274485A (en) | A kind of data ciphering method, data authentication method and relevant device and system | |
CN101826961A (en) | Method, device and system for data transmission encryption and decryption | |
CN109787764B (en) | Encryption method of secret key | |
JPH09312643A (en) | Key sharing method and ciphering communication method | |
CN114826590A (en) | Packet mode encryption method, packet mode decryption method, packet mode encryption device, packet mode decryption device and packet mode decryption equipment | |
CN108199836B (en) | Method and device for binding and unbinding key and equipment | |
CN112866288B (en) | Data symmetric encryption method for double-plaintext transmission | |
CN106878004B (en) | Verification method and device for preventing video inter-cut tampering | |
CN111314053B (en) | Data encryption and decryption method | |
CN103634113B (en) | Encryption and decryption method and device with user/equipment identity authentication | |
CN111314052B (en) | Data encryption and decryption method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
CB02 | Change of applicant information | ||
CB02 | Change of applicant information |
Address after: 100089 18 / F, block B, Zhizhen building, No.7, Zhichun Road, Haidian District, Beijing Applicant after: Beijing Ziguang zhanrui Communication Technology Co.,Ltd. Address before: 100084, Room 516, building A, Tsinghua Science Park, Beijing, Haidian District Applicant before: BEIJING SPREADTRUM HI-TECH COMMUNICATIONS TECHNOLOGY Co.,Ltd. |
|
GR01 | Patent grant | ||
GR01 | Patent grant |