CN108494555B - Information encryption and decryption method and information encryption and decryption equipment - Google Patents
Information encryption and decryption method and information encryption and decryption equipment Download PDFInfo
- Publication number
- CN108494555B CN108494555B CN201810162140.7A CN201810162140A CN108494555B CN 108494555 B CN108494555 B CN 108494555B CN 201810162140 A CN201810162140 A CN 201810162140A CN 108494555 B CN108494555 B CN 108494555B
- Authority
- CN
- China
- Prior art keywords
- information
- node
- hop count
- encryption
- decryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 51
- 238000004891 communication Methods 0.000 claims abstract description 22
- 230000005540 biological transmission Effects 0.000 claims description 8
- 238000012790 confirmation Methods 0.000 claims description 2
- 235000008694 Humulus lupulus Nutrition 0.000 description 8
- 238000010586 diagram Methods 0.000 description 8
- 230000006870 function Effects 0.000 description 6
- 230000003287 optical effect Effects 0.000 description 6
- 238000004590 computer program Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 4
- 239000000284 extract Substances 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 230000000007 visual effect Effects 0.000 description 2
- 230000003321 amplification Effects 0.000 description 1
- 230000008094 contradictory effect Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000003199 nucleic acid amplification method Methods 0.000 description 1
- 239000002245 particle Substances 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses an information encryption method, which comprises the following steps: transmitting the path information to a server to request encryption of the public key; receiving a public key generated by the server according to the hop count in the path information and the target node identification information; and encrypting the information area of the information frame to be transmitted by using the public key. The invention also provides an information decryption method for decrypting the information frame encrypted by the encryption method, and corresponding information encryption equipment and information decryption equipment. The information encryption and decryption method and the information encryption and decryption equipment provided by the invention can solve the encryption and decryption problem of how to achieve information communication between safe users when unsafe users exist in the ultraviolet wireless network.
Description
Technical Field
The present invention relates to the field of wireless communications technologies, and in particular, to an information encryption and decryption method and an information encryption and decryption device.
Background
Ultraviolet communication is a novel communication mode for information transmission by utilizing atmospheric scattering, and is divided into a visual range communication mode and a non-visual range communication mode. The viewing distance requires the transmitting and receiving ends to be aligned, and no obstacle exists between the transmitting and receiving ends. Under the non-line-of-sight mode, ultraviolet light reaches the receiving end through the scattering of atmospheric molecules and particles, and the receiving end receives a certain number of ultraviolet photons, so that the non-line-of-sight communication can be realized.
The non-line-of-sight ultraviolet communication has the advantages of strong anti-interference capability, good confidentiality, omnibearing communication and the like, can be used in the military field, and can be used as a novel military communication system, such as being applied to small-scale teams for jungle combat. However, when the same ultraviolet light communication system is in the range, there is also an enemy who is equipped with the ultraviolet light transceiver as well, direct communication may cause information leakage. The existing encryption technology applied to the wireless communication network is quite many, but most of the encryption technology is static and easy to crack, or the encryption technology is complex in algorithm and long in encryption and decryption time.
Disclosure of Invention
In view of the above, the present invention provides an information encrypting and decrypting method and an information encrypting and decrypting device, which dynamically encrypts by using the hop count in the path information and the public key of the target node; the hop count information is acquired during decryption, and then the private key of the target node is utilized for decryption, so that the problem of encryption and decryption of information communication among safe users when unsafe users exist in the ultraviolet wireless network can be solved.
First, to achieve the above object, the present invention provides an information encryption method, including the steps of:
transmitting the path information to a server to request encryption of the public key; receiving a public key generated by the server according to the hop count in the path information and the target node identification information; and encrypting the information area of the information frame to be transmitted by using the public key.
Optionally, the information frame includes first relay node information, where the first relay node information is identification information of a relay node included in the path information.
Optionally, the information frame includes a hop count counter, and the hop count counter is automatically incremented by 1 after the information frame is forwarded once.
Optionally, the process of generating the public key by the server according to the hop count in the path information and the target node identification information may be generating the public key according to a preset hop count-public key correspondence table, where the hop count-public key correspondence table includes a correspondence between each hop count of each node in the network and a public key.
Optionally, the method further comprises the steps of: sending the encrypted information frame; and retransmitting the information frame when the acknowledgement message corresponding to the information frame is not received within a preset first time threshold.
Optionally, the method further comprises the steps of: and when the acknowledgement message corresponding to the information frame is not received within the preset retransmission time threshold, carrying out the re-planning of the transmission path, and then repeating the steps of sending the request, receiving the public key, encrypting and sending the information frame.
In addition, in order to achieve the above object, the present invention also provides an information encryption method, including a memory, a processor, and an information encryption program stored in the memory and executable on the processor, wherein the information encryption program, when executed by the processor, implements the steps of the information encryption method as described above.
The invention also provides an information decryption method corresponding to the information encryption method, which comprises the following steps:
Receiving an encrypted information frame, and acquiring first relay node information of the information frame; comparing the self node identification with the node identification information in the first relay node information; when the self node identification is contained in the first relay node information, acquiring the hop count of a hop count counter of the information frame; searching a corresponding private key in a preset hop count-private key corresponding table stored in the own node according to the hop count; and decrypting the information area of the information frame by using the private key.
Optionally, the method further comprises the steps of: and forwarding the information frame when the self node identification is not contained in the first relay node information.
Optionally, the decrypting the information area of the information frame by using the private key specifically includes: when the decryption is successful, replying confirmation information to the source node, and not forwarding the information frame; and forwarding the information frame when the decryption is not successful.
In addition, in order to achieve the above object, the present invention also provides an information decryption apparatus including a memory, a processor, and an information decryption program stored on the memory and executable on the processor, the information decryption program implementing the steps of the information decryption method as described above when executed by the processor.
Compared with the prior art, the information encryption and decryption method and the information encryption and decryption equipment provided by the invention dynamically encrypt by utilizing the hop count in the path information and the public key of the target node; the hop count information is acquired during decryption, and then the private key of the target node is utilized for decryption, so that the problem of encryption and decryption of information communication among safe users when unsafe users exist in the ultraviolet wireless network can be solved.
Drawings
FIG. 1 is a schematic illustration of an alternative application environment for various embodiments of the present invention;
FIG. 2 is a schematic diagram of an alternative hardware architecture of the encryption device of the present invention;
FIG. 3 is a schematic diagram of an alternative hardware architecture of the decryption device of the present invention;
FIG. 4 is a schematic diagram illustrating a program module of an embodiment of an information encryption program according to the present invention;
FIG. 5 is a schematic diagram illustrating a program module of an embodiment of the information decryption program of the present invention;
FIG. 6 is a flow chart of an embodiment of an information encryption method of the present invention;
FIG. 7 is a flow chart of an embodiment of the information decryption method of the present invention.
Reference numerals:
The achievement of the objects, functional features and advantages of the present invention will be further described with reference to the accompanying drawings, in conjunction with the embodiments.
Detailed Description
The present invention will be described in further detail with reference to the drawings and examples, in order to make the objects, technical solutions and advantages of the present invention more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
It should be noted that the description of "first", "second", etc. in this disclosure is for descriptive purposes only and is not to be construed as indicating or implying a relative importance or implying an indication of the number of technical features being indicated. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include at least one such feature. In addition, the technical solutions of the embodiments may be combined with each other, but it is necessary to base that the technical solutions can be realized by those skilled in the art, and when the technical solutions are contradictory or cannot be realized, the combination of the technical solutions should be considered to be absent and not within the scope of protection claimed in the present invention.
Referring to fig. 1, an alternative application environment is shown according to various embodiments of the present invention.
The invention is applicable to wireless communication networks including, but not limited to, ultraviolet light. In this embodiment, the application environment is an ultraviolet wireless network, and the ultraviolet wireless network includes a plurality of node devices, where each node device is an encryption device and a decryption device at the same time, and may also be used as a server. The node apparatus may be a mobile apparatus such as a mobile phone, a notebook computer, a digital broadcast receiver, a PDA (personal digital assistant), a PAD (tablet computer), a navigation device, an in-vehicle device, or a mobile base station, and a fixed terminal such as a server and a base station. In the present embodiment, the encryption device 5, the decryption device 6, and the server M will be described as an example. The server M stores a hop count-public key correspondence table corresponding to all nodes in the network.
Referring to fig. 2, a schematic diagram of an alternative hardware architecture of the encryption device 5 shown in fig. 1 is shown. In this embodiment, the encryption device 5 may include, but is not limited to, a first memory 11, a first processor 12, a first transmitting terminal 13, and a first receiving terminal 14 that may be communicatively connected to each other by a wired or wireless method. It is noted that fig. 2 only shows the encryption device 5 with components 11-14, but it is understood that not all of the illustrated components are required to be implemented, and that more or fewer components may alternatively be implemented.
The first memory 11 includes at least one type of readable storage medium, which includes flash memory, a hard disk, a multimedia card, a card memory (e.g., SD or DX memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a read-only memory (ROM), an electrically erasable programmable read-only memory (EEPROM), a programmable read-only memory (PROM), a magnetic memory, a magnetic disk, an optical disk, etc. In some embodiments, the first storage 11 may be an internal storage unit of the encryption device 5, for example, a hard disk or a memory of the encryption device 5. In other embodiments, the first memory 11 may also be an external storage device of the encryption device 5, such as a plug-in hard disk, a smart memory card (SMART MEDIA CARD, SMC), a Secure Digital (SD) card, a flash memory card (FLASH CARD) or the like, which are provided on the encryption device 5. Of course, the first memory 11 may also include both an internal memory unit of the encryption device 5 and an external memory device thereof. In this embodiment, the first memory 11 is generally used to store an operating system and various application software installed in the encryption device 5, such as program codes of the information encryption program 200. Further, the first memory 11 may be used to temporarily store various types of data that have been output or are to be output.
The first processor 12 may be a Central processing unit (Central ProcessingUnit, CPU), a controller, a microcontroller, a microprocessor, or other data processing chip in some embodiments. The first processor 12 is typically used for controlling the overall operation of the encryption device 5, e.g. for performing control and processing related to data interaction or communication with the mobile terminal, etc. In this embodiment, the first processor 12 is configured to execute the program code or process data stored in the first memory 11, for example, execute the information encryption program 200.
The first transmitting end 13 includes, but is not limited to,: a modulation unit for modulating the electrical signal into an optical signal, an encryption unit, a signal gain or an amplification unit. The first transmitting end 13 is generally configured to code-modulate information that needs to be transmitted by the encryption device 5, and transmit the information in the form of an optical signal.
The first receiving end 14 includes, but is not limited to,: a signal gain or amplifying unit, a demodulation unit for modulating the optical signal into an electric signal, and a decryption unit. The first receiving end 14 is generally configured to demodulate and decode optical signals sent by other node devices, so as to obtain original information.
In this embodiment, when the information encryption program 200 is installed and run in the encryption device 5, the encryption device 5 may obtain the number of hops and the public key corresponding to the destination node identification information included in the path information by sending the path information to the server M, and then use the obtained public key to encrypt the information frame when the information encryption program 200 is run. Therefore, the purpose of dynamic encryption is achieved, and the safety of network communication is guaranteed.
Referring to fig. 3, a schematic diagram of an alternative hardware architecture of the decryption device 6 shown in fig. 1 is shown. In this embodiment, the decryption device 6 may include, but is not limited to, a second memory 21, a second processor 22, a second transmitting terminal 23, and a second receiving terminal 24, which may be communicatively connected to each other by a wired or wireless method. It is noted that fig. 3 only shows decryption device 6 with components 21-24, but it is understood that not all shown components are required to be implemented, and that more or fewer components may alternatively be implemented. The decryption device 6 has a similar hardware architecture as the encryption device 5, and therefore, the second memory 21, the second processor 22, the second transmitting end 23, and the second receiving end 24 can implement similar functions with the first memory 11, the first processor 12, the first transmitting end 13, and the first receiving end 14 of the encryption device 5, respectively.
In this embodiment, when the information decryption program 300 is installed and operated in the decryption device 6, when the information decryption program 300 is operated, the decryption device 6 may obtain the hop count in the hop count counter in the information frame after receiving the encrypted information frame, then search the corresponding private key according to the hop count and the hop count-private key table stored in the hop count and then decrypt with the private key. In this way, the encryption device 5 decrypts the information frame dynamically encrypted by the hop count.
Thus, the application environment and the hardware structure and functions of the related devices of the embodiment of the present invention have been described in detail. In the following, various embodiments of the present invention will be presented based on the above-described application environment and related devices.
First, the present invention proposes an information encryption program 200.
Referring to FIG. 4, a block diagram of an embodiment of an information encryption process 200 according to the present invention is shown.
In this embodiment, the information encryption program 200 includes a series of computer program instructions stored in the first memory 11, which when executed by the first processor 12, implement the operations of information encryption according to the embodiments of the present invention. In some embodiments, the information encryption program 200 may be divided into one or more modules based on the particular operations implemented by portions of the computer program instructions. For example, in fig. 4, the information encryption program 200 may be divided into a first transmission module 201, a first reception module 202, and an encryption module 203. Wherein:
the first sending module 201 is configured to send path information to a server to request encryption of a public key.
Specifically, after the encryption device 5 plans the transmission path, the first sending module 201 sends the path information to the server M to request the corresponding encryption public key. In this embodiment, the path information includes identification information of the target node and information of relay nodes through which the target node passes from the source node.
The first receiving module 202 is configured to receive a public key generated by the server according to the hop count in the path information and the destination node identification information.
Specifically, after the first sending module 201 sends the path information to the server M, the server M first extracts the identification information of the target node and the number of all relay nodes (i.e. hops) in the path information, and then searches the public key corresponding to the identification information of the target node and the hops according to a preset hop-public key corresponding table, where the hop-public key corresponding table includes a relationship table of one public key for each hop of each node in the network. In this embodiment, the table of hops versus public keys is directly preset to save the time for the server to generate the public key. In other embodiments, a public key may be generated by a preset public key generating function according to different destination node identification information and hop counts, and of course, a private key may be generated by a private key generating function in the decryption process described below. The server M then replies the public key to the encryption device 5. The first receiving module 202 of the encryption device 5 receives the public key.
The encryption module 203 is configured to encrypt an information area of an information frame to be sent by using the public key.
The first sending module 201 is further configured to send the information frame encrypted by the encrypting module 203. In this embodiment, the information frame includes first relay node information and a hop count counter, where the first relay node information is identification information of a relay node included in the path information, and the hop count counter is automatically incremented by 1 after the information frame is forwarded once. And when the first sending module 201 does not receive the acknowledgement message corresponding to the information frame within a preset first time threshold, retransmitting the information frame. And when the acknowledgement message corresponding to the information frame is not received within the preset threshold of retransmission times, the encryption device 5 further performs the planning of the transmission path again, and then repeats the steps of sending requests, receiving public keys, encrypting and sending the information frame of each module.
Through the above-mentioned program modules 201-203, the information encryption program 200 according to the present invention may obtain the number of hops and the public key corresponding to the destination node identification information contained in the path information by sending the path information to the server M, and then use the obtained public key to encrypt the information frame. Therefore, the purpose of dynamic encryption is achieved, and the safety of network communication is guaranteed.
Referring to FIG. 5, a block diagram of an embodiment of a message decrypting process 300 according to the present invention is shown.
In this embodiment, the information decryption program 300 includes a series of computer program instructions stored in the second memory 21, which when executed by the second processor 22, implement the operations of information encryption according to the embodiments of the present invention. In some embodiments, the information decryption program 300 may be divided into one or more modules based on the particular operations implemented by portions of the computer program instructions. For example, in fig. 5, the information decryption program 300 may be divided into a second receiving module 301, a judging module 302, a decrypting module 303, and a second transmitting module 304. Wherein:
the second receiving module 301 is configured to receive an encrypted information frame, and obtain first relay node information of the information frame.
Specifically, the encryption device 5 wirelessly transmits the encrypted information frame to the space within the coverage area. Then, the second receiving module 301 of the decryption device 6 will receive the encrypted information frame and then acquire the first relay node information in the information frame.
The judging module 302 is configured to compare the self node identifier with node identifier information in the first relay node information, so as to judge whether the self node identifier information is included in the first relay node information of the information frame.
Specifically, the first relay node information of the information frame includes identification information of all nodes through which the path information passes. After the second receiving module 301 receives the information frame and acquires the first relay node information, the judging module 302 compares the node information of the decryption device 6 with all the node identification information in the first relay node information, so as to judge that the own node identification information is included in the first relay node information. When the own node information is included in the first relay node information, the decryption device 6 is a node on the path information, and possibly a target node, so the determination module 302 further continues to acquire the hop count of the hop count counter in the information frame.
The decryption module 303 is configured to search a corresponding private key in a preset hop count-private key correspondence table stored in the own node according to the hop count, and then decrypt an information area of the information frame by using the private key.
Specifically, when the judging module 302 judges that the own node identification information of the information frame is included in the first relay node information, the hop count of the hop count counter in the information frame is continuously acquired. The decryption module 303 searches a corresponding private key in a preset hop-private key corresponding table according to the hop count, where the hop count-private key corresponding table is a corresponding table of a private key corresponding to each hop count of the node specific to the node of the decryption device 6. After the decryption module 303 finds the private key, the information area of the information frame is decrypted by using the private key. Of course, if the decryption device 6 is a relay node on the path information, the private key decryption cannot be successful; when the decryption device 6 is the target node, decryption can be successful.
The second sending module 304 is configured to forward the information frame when the decryption module 303 does not decrypt the information frame successfully.
Specifically, when the decryption device 6 is a relay node on the path information, it is not a target node, and therefore, the decryption module 303 of the decryption device 6 cannot successfully decrypt the information area of the information frame using the hop count and the private key of its own node. At this point, the second transmitting module 304 of the decryption device 6 forwards the information frame.
In addition, when the determining module 302 determines that the own node identifier of the decryption device 6 is not included in the first relay node information of the information frame, the second sending module 304 forwards the information frame.
Through the above program modules 301-304, the information decryption program 300 provided by the present invention may obtain the hop count in the hop count counter in the information frame after receiving the encrypted information frame, and then search the corresponding private key according to the hop count and the hop count-private key table stored in the hop count and the private key table, and then decrypt with the private key. In this way, the encryption device 5 decrypts the information frame dynamically encrypted by the hop count.
In addition, the invention also provides an information encryption method.
Referring to fig. 6, a flowchart of an embodiment of an information encryption method according to the present invention is shown. In this embodiment, the execution sequence of the steps in the flowchart shown in fig. 6 may be changed, and some steps may be omitted according to different requirements.
Step S500, the path information is sent to the server to request encryption of the public key.
After the encryption device 5 has planned the path of the transmission, the path information is then sent to the server M to request the corresponding encryption public key. In this embodiment, the path information includes identification information of the target node and information of relay nodes through which the target node passes from the source node.
Step S502, receiving a public key generated by the server according to the hop count in the path information and the target node identification information.
Specifically, after the path information is sent to the server M, the server M extracts the identification information of the target node and the number of all relay nodes (i.e. hops) in the path information, and then searches the public key corresponding to the identification information of the target node and the hops according to a preset hop-public key corresponding table, where the hop-public key corresponding table includes a relationship table of a public key corresponding to each hop of each node in the network. In this embodiment, the table of hops versus public keys is directly preset to save the time for the server to generate the public key. In other embodiments, a public key may be generated by a preset public key generating function according to different destination node identification information and hop counts, and of course, a private key may be generated by a private key generating function in the decryption process described below. The public key is then returned to the encryption device 5, which encryption device 5 receives.
Step S504, encrypt the information area of the information frame to be sent by using the public key, and then send the encrypted information frame out.
Specifically, the encryption device 5 transmits the encrypted information frame. In this embodiment, the information frame includes first relay node information and a hop count counter, where the relay node information is identification information of a relay node included in the path information, and the hop count counter is automatically incremented by 1 after the information frame is forwarded once. And retransmitting the information frame when the acknowledgement message corresponding to the information frame is not received within a preset first time threshold. And when the acknowledgement message corresponding to the information frame is not received within the preset threshold of retransmission times, the encryption device 5 further performs the planning of the transmission path again, and then repeats the steps of sending the request, receiving the public key, encrypting and sending the information frame.
Through the steps S500-S504, the information encryption method provided by the present invention may obtain the hop count and the public key corresponding to the destination node identification information contained in the path information by sending the path information to the server M, and then use the public key to encrypt the information frame. Therefore, the purpose of dynamic encryption is achieved, and the safety of network communication is guaranteed.
In addition, the invention also provides an information decryption method corresponding to the information encryption method.
Referring to fig. 7, a flowchart of an embodiment of the information decryption method according to the present invention is shown. In this embodiment, the execution sequence of the steps in the flowchart shown in fig. 7 may be changed, and some steps may be omitted according to different requirements. The decryption method is used for decrypting the information frames encrypted by the encryption method.
Step S600, an encrypted information frame is received, and first relay node information of the information frame is obtained.
Specifically, the encryption device 5 wirelessly transmits the encrypted information frame to the space within the coverage area, and then the decryption device 6 receives the encrypted information frame and then acquires the first relay node information in the information frame.
Step S602, comparing the self node identifier with the node identifier information in the first relay node information, and determining whether the self node identifier information is included in the first relay node information of the information frame. When the own node identification information is included in the first relay node information of the information frame, proceeding to step S604; otherwise, step S608 is performed.
Specifically, the first relay node information of the information frame includes identification information of all nodes through which the path information passes. After the information frame is received and the first relay node information is acquired, the node information of the decryption device 6 is compared with all the node identification information in the first relay node information, so that whether the own node identification information is contained in the first relay node information is judged.
Step S604, obtaining the hop count in the hop count counter of the information frame.
Specifically, when the own node information is included in the first relay node information, the decryption device 6 is a node on the path information, and possibly a target node, and thus continues to acquire the hop count of the hop count counter in the information frame.
Step S606, searching a corresponding private key in a preset hop count-private key corresponding table stored in the own node according to the hop count, and then decrypting the information area of the information frame by utilizing the private key. When the decryption is successful, the process is ended; otherwise, step S608 is performed.
Specifically, when the own node identification information of the information frame is judged to be contained in the first relay node information, the hop count of the hop count counter in the information frame is continuously acquired. The corresponding private key is further searched in a preset hop count-private key corresponding table according to the hop count, wherein the hop count-private key corresponding table is a corresponding table of each hop count of the node corresponding to one private key, which is specific to the node of the decryption device 6. And then decrypting the information area of the information frame by using the searched private key. Of course, if the decryption device 6 is a relay node on the path information, the private key decryption cannot be successful; when the decryption device 6 is the target node, decryption can be successful.
Step S608, forwarding the information frame.
Through the steps S600-S608, the information decryption method provided by the present invention may obtain the hop count in the hop count counter in the information frame after receiving the encrypted information frame, and then search the corresponding private key in the hop count-private key table according to the hop count and the hop count-private key table stored in the hop count and decrypt by using the private key. In this way, the encryption device 5 decrypts the information frame dynamically encrypted by the hop count.
The foregoing embodiment numbers of the present invention are merely for the purpose of description, and do not represent the advantages or disadvantages of the embodiments.
From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (e.g. ROM/RAM, magnetic disk, optical disk) comprising instructions for causing a terminal device (which may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) to perform the method according to the embodiments of the present invention.
The foregoing description is only of the preferred embodiments of the present invention, and is not intended to limit the scope of the invention, but rather is intended to cover any equivalents of the structures or equivalent processes disclosed herein or in the alternative, which may be employed directly or indirectly in other related arts.
Claims (6)
1. An information encryption method applied to node equipment of an ultraviolet light communication network, which is characterized by comprising the following steps: transmitting the path information to a server to request encryption of the public key;
receiving a public key generated by the server according to the hop count in the path information and the target node identification information;
encrypting an information area of an information frame to be transmitted by using the public key;
receiving an encrypted information frame, and acquiring first relay node information of the information frame;
comparing the self node identification with the node identification information in the first relay node information;
When the self node identification is contained in the first relay node information, acquiring the hop count of a hop count counter of the information frame;
searching a corresponding private key in a preset hop count-private key corresponding table stored in the own node according to the hop count;
decrypting an information area of the information frame using the private key;
the path information comprises identification information of a target node and a message from a source node to a relay node through which the target node passes;
The information frame comprises first relay node information and a hop count counter, wherein the relay node information is the identification information of the relay node included in the path information, and the hop count counter is automatically added with 1 after the information frame is forwarded once;
the first relay node information of the information frame contains identification information of all nodes through which the path information passes;
The hop count-private key corresponding table is a corresponding table of each hop count of the node, which is specific to the node, corresponding to a private key;
The process of generating the public key by the server according to the hop count in the path information and the target node identification information is to generate the public key according to a preset hop count-public key corresponding table, wherein the hop count-public key corresponding table comprises the corresponding relation between each hop count of each node in the network and one public key.
2. The information encryption method according to claim 1, characterized in that the method further comprises the step of: sending the encrypted information frame;
and retransmitting the information frame when the acknowledgement message corresponding to the information frame is not received within a preset first time threshold.
3. The information encryption method according to claim 1, characterized in that the method further comprises the step of: and when the acknowledgement message corresponding to the information frame is not received within the preset retransmission time threshold, carrying out the rescheduling of the transmission path, and then repeating the steps of requesting the public key, receiving the public key and encrypting by using the public key.
4. An information encryption method according to claim 3, characterized in that the method further comprises the step of: and forwarding the information frame when the self node identification is not contained in the first relay node information.
5. The information encryption method according to claim 3, wherein decrypting the information area of the information frame using the private key specifically comprises: when the decryption is successful, replying confirmation information to the source node, and not forwarding the information frame;
And forwarding the information frame when the decryption is not successful.
6. An information encryption and decryption device for use in an ultraviolet light communication network, characterized in that the information encryption and decryption device comprises a memory, a processor and an information encryption and decryption program stored on the memory and executable on the processor, the information encryption and decryption program when executed by the processor implementing the steps of the information encryption method according to any one of claims 1-5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810162140.7A CN108494555B (en) | 2018-02-27 | 2018-02-27 | Information encryption and decryption method and information encryption and decryption equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810162140.7A CN108494555B (en) | 2018-02-27 | 2018-02-27 | Information encryption and decryption method and information encryption and decryption equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108494555A CN108494555A (en) | 2018-09-04 |
| CN108494555B true CN108494555B (en) | 2024-05-24 |
Family
ID=63340696
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810162140.7A Active CN108494555B (en) | 2018-02-27 | 2018-02-27 | Information encryption and decryption method and information encryption and decryption equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108494555B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113507434B (en) * | 2021-05-28 | 2022-11-29 | 清华大学 | Data security transmission method, node and system in communication network |
Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20070062632A (en) * | 2005-12-13 | 2007-06-18 | (주)스트림온 | Mobile message and file security implementation by cryptography |
| JP2010087610A (en) * | 2008-09-29 | 2010-04-15 | Panasonic Corp | Data transmitting device, data receiving device, data transmitting and receiving system, data transmitting and receiving method, and data transmitting and receiving program |
| CN102098318A (en) * | 2011-03-23 | 2011-06-15 | 电子科技大学 | Method for performing end-to-end anonymity safety communication of hop network |
| WO2011153507A2 (en) * | 2010-06-04 | 2011-12-08 | Board Of Regents | Wireless communication methods, systems, and computer program products |
| CN103001875A (en) * | 2013-01-07 | 2013-03-27 | 山东量子科学技术研究院有限公司 | Quantum cryptography network dynamic routing method |
| CN103987034A (en) * | 2014-04-30 | 2014-08-13 | 南京邮电大学 | Privacy protection method of soldier information in field battle environment |
| CN104579964A (en) * | 2013-01-07 | 2015-04-29 | 山东量子科学技术研究院有限公司 | Dynamic route architecture system for quantum cryptography network |
| CN105245326A (en) * | 2015-09-10 | 2016-01-13 | 电子科技大学 | Intelligent power grid safety communication method based on combination cipher |
| CN105357113A (en) * | 2015-10-26 | 2016-02-24 | 南京邮电大学 | Construction method of anonymous communication path based on rerouting |
| CN105871929A (en) * | 2016-06-21 | 2016-08-17 | 重庆邮电大学 | Wireless sensor network anonymity communication method |
| CN107172056A (en) * | 2017-05-31 | 2017-09-15 | 福建中金在线信息科技有限公司 | A kind of channel safety determines method, device, system, client and server |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP5619283B2 (en) * | 2011-06-29 | 2014-11-05 | インターナショナル・ビジネス・マシーンズ・コーポレーションInternational Business Machines Corporation | Information communication terminal, agent program, position estimation system, and position estimation method |
-
2018
- 2018-02-27 CN CN201810162140.7A patent/CN108494555B/en active Active
Patent Citations (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20070062632A (en) * | 2005-12-13 | 2007-06-18 | (주)스트림온 | Mobile message and file security implementation by cryptography |
| JP2010087610A (en) * | 2008-09-29 | 2010-04-15 | Panasonic Corp | Data transmitting device, data receiving device, data transmitting and receiving system, data transmitting and receiving method, and data transmitting and receiving program |
| WO2011153507A2 (en) * | 2010-06-04 | 2011-12-08 | Board Of Regents | Wireless communication methods, systems, and computer program products |
| CN102098318A (en) * | 2011-03-23 | 2011-06-15 | 电子科技大学 | Method for performing end-to-end anonymity safety communication of hop network |
| CN103001875A (en) * | 2013-01-07 | 2013-03-27 | 山东量子科学技术研究院有限公司 | Quantum cryptography network dynamic routing method |
| CN104579964A (en) * | 2013-01-07 | 2015-04-29 | 山东量子科学技术研究院有限公司 | Dynamic route architecture system for quantum cryptography network |
| CN103987034A (en) * | 2014-04-30 | 2014-08-13 | 南京邮电大学 | Privacy protection method of soldier information in field battle environment |
| CN105245326A (en) * | 2015-09-10 | 2016-01-13 | 电子科技大学 | Intelligent power grid safety communication method based on combination cipher |
| CN105357113A (en) * | 2015-10-26 | 2016-02-24 | 南京邮电大学 | Construction method of anonymous communication path based on rerouting |
| CN105871929A (en) * | 2016-06-21 | 2016-08-17 | 重庆邮电大学 | Wireless sensor network anonymity communication method |
| CN107172056A (en) * | 2017-05-31 | 2017-09-15 | 福建中金在线信息科技有限公司 | A kind of channel safety determines method, device, system, client and server |
Non-Patent Citations (6)
| Title |
|---|
| An Efficient Hop Count Routing Protocol for Wireless Ad Hoc Networks;Xu Zhang, Zhi-Hong Qian;International Journal of Automation and Computing;20150312;全文 * |
| 一种ad hoc多路径安全路由算法;王新生;孙链;王丽芹;杨连敏;;计算机研究与发展;20080115(第S1期);全文 * |
| 一种基于TPM增强的ARAN安全路由协议;王博;黄传河;杨文忠;王桐;;计算机科学;20101115(第11期);全文 * |
| 一种增强AODV路由协议安全性的方案;杜欣军, 葛建华, 王莹;西安电子科技大学学报;20021225(第06期);全文 * |
| 无线传感器网络密钥分配方案改进与仿真研究;李林;刘毅;杨骏;;计算机仿真;20110515(第05期);全文 * |
| 紫外光无线传感器网络节能的研究与仿真;柯熙政;陈锦妮;;激光技术;20130325(第02期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108494555A (en) | 2018-09-04 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110971415B (en) | Space-ground integrated space information network anonymous access authentication method and system | |
| US11122428B2 (en) | Transmission data protection system, method, and apparatus | |
| US6983376B2 (en) | Method and apparatus for providing privacy of user identity and characteristics in a communication system | |
| JP7139420B2 (en) | Method for transmitting an encrypted subscription identifier stored in a security element to a physical or virtual element of a telecommunications network, the corresponding security element, the physical or virtual element and a terminal cooperating with this security element | |
| KR101359853B1 (en) | Method and apparatus of deriving security key(s) | |
| KR102349605B1 (en) | Method and apparatus for providing services based on identifier of user device | |
| US9325507B2 (en) | System and method for managing mobile device using device-to-device communication | |
| KR20080053177A (en) | The generation method and the update method of authorization key for mobile communication | |
| US9143321B2 (en) | Communication protocol for secure communications systems | |
| JP2012227672A (en) | Inter-vehicle/road-to-vehicle communication system | |
| KR20160123558A (en) | Apparatus and method for Mobile Trusted Module based security of Short Message Service | |
| US11962692B2 (en) | Encrypting data in a pre-associated state | |
| KR20180000220A (en) | Method providing secure message service and apparatus therefor | |
| CN108494555B (en) | Information encryption and decryption method and information encryption and decryption equipment | |
| US8855604B2 (en) | Roaming authentication method for a GSM system | |
| EP4362521A1 (en) | Method for establishing secure vehicle communication, and vehicle, terminal and system | |
| US8948389B2 (en) | Wireless network connection method, wireless network apparatus and wireless network access point (AP) applying the method | |
| KR100655579B1 (en) | System and method of location management for providing service based location in mobile | |
| CN108449776B (en) | Network path planning method, node equipment and computer storage medium | |
| US20230023665A1 (en) | Privacy information transmission method, apparatus, computer device and computer-readable medium | |
| CN112839329B (en) | Verification method, device, equipment and computer readable storage medium | |
| CN115769542A (en) | Information processing method, device, equipment and storage medium | |
| KR20150134133A (en) | Apparatus and Method for generating an authentication key of terminal | |
| KR20170050906A (en) | Authentication device, program for controlling authentication between a mobile communication device and recording media for the program | |
| KR20150135715A (en) | Apparatus and method for protecting privacy of user in mobile communication network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20220211 Address after: 518000 room 1616, duhuixuan, shijihui Plaza, 3018 Shennan Middle Road, Futian District, Shenzhen, Guangdong Province Applicant after: Shenzhen Atlian Technology Co.,Ltd. Address before: 518108 17ef, main building of chegongmiao Lvjing square, Shennan Avenue, Shatoujiao street, Futian District, Shenzhen, Guangdong Province Applicant before: SHENZHEN HCEN TECHNOLOGY Co.,Ltd. |
|
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20240422 Address after: 515000 No. 99, Dongfeng 1st Road, Chendian Town, Chaonan District, Shantou City, Guangdong Province Applicant after: Hong Guishun Country or region after: China Address before: 518000 room 1616, duhuixuan, shijihui Plaza, 3018 Shennan Middle Road, Futian District, Shenzhen, Guangdong Province Applicant before: Shenzhen Atlian Technology Co.,Ltd. Country or region before: China |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |