CN109245891A - A kind of random key generation method based on RSA Algorithm - Google Patents

A kind of random key generation method based on RSA Algorithm Download PDF

Info

Publication number
CN109245891A
CN109245891A CN201811068073.9A CN201811068073A CN109245891A CN 109245891 A CN109245891 A CN 109245891A CN 201811068073 A CN201811068073 A CN 201811068073A CN 109245891 A CN109245891 A CN 109245891A
Authority
CN
China
Prior art keywords
key
proximal end
unique identification
request
public key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811068073.9A
Other languages
Chinese (zh)
Inventor
郑锐韬
李勇波
涂旭平
季统凯
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
G Cloud Technology Co Ltd
Original Assignee
G Cloud Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by G Cloud Technology Co Ltd filed Critical G Cloud Technology Co Ltd
Priority to CN201811068073.9A priority Critical patent/CN109245891A/en
Publication of CN109245891A publication Critical patent/CN109245891A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/302Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the integer factorization problem, e.g. RSA or quadratic sieve [QS] schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms

Landscapes

  • Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention relates to the encryption technology field of data transmission, especially a kind of random key generation methods based on RSA Algorithm.The present invention is based on the public keys of RSA Algorithm and private key encryption and decryption, it is remotely generated public, private key, public key is passed back proximal end, and public key and private key are generated in proximal end, the public key encryption proximal end public key of distal end is used in proximal end, pass distal end back, to form two complete RSA public keys, the encryption and decryption channel of private key, generate AES key at random in service request, and AES key is transmitted on the encryption and decryption channel of safety herein, to realize that each service request generates the safe transmission of the AES key of data transmission at random, each service request generates different AES keys, guarantee the safe and reliable of the transmission of each data.Present method solves using RSA Algorithm to carry out data encrypting and deciphering low efficiency, fixed to be easy the problem of being stolen using AES key, each service request realizes different AES keys, realizes the safe transmission of data.

Description

A kind of random key generation method based on RSA Algorithm
Technical field
The present invention relates to the encryption technology field of data transmission, especially a kind of random key based on RSA Algorithm is generated Method.
Background technique
The enciphering and deciphering algorithm of data transmission, is commonly used RSA Algorithm or aes algorithm;The advantages of RSA Algorithm is to pass through public affairs Key encryption, public key can disclose, and then private key is decrypted;Guarantee to send and receive the safely controllable of both ends in this way, but disadvantage It is that encryption and decryption is inefficient.Aes algorithm encryption and decryption is high-efficient, but its encryption and decryption key is unique, only sends and receives two sides Decryption it is identical, just can guarantee the correct encryption and decryption of data;For both sides, if key from stealing, it will lead to data The possibility being stolen;If, with the raising of frequency of use, key is also possible to be stolen simultaneously always using fixed key Possibility random generated and safe transmission realize encryption and decryption secret keys so need to have a kind of safely controllable method.
Summary of the invention
Present invention solves the technical problem that being to provide a kind of random key generation method based on RSA Algorithm, solve to make Data encrypting and deciphering low efficiency is carried out with RSA Algorithm, it is fixed to be easy the problem of being stolen using AES key.
The technical solution that the present invention solves above-mentioned technical problem is:
The method the following steps are included:
Step 1: proximal end request distal end, it is desirable that establish secure transmission tunnel;
Step 2: after distal end receives request, the confidence level of checking request;After being verified, this service request is created only One mark and the private key R and public key R that distal end is generated by RSA Algorithm;The corresponding relationship of the corresponding private key R of unique identification is saved, And public key R and unique identification are passed back proximal end;
Step 3: after proximal end obtains the public key R that distal end return comes and unique identification, generating proximal end proximally by RSA Algorithm Private key N and public key N;Using the public key N of the public key R encryption proximal end of distal end, and even unique identification passes distal end back;
Step 4: distally receiving unique identification and the password by the public key R proximal end public key N encrypted, pass through mapping relations The private key R for obtaining the distal end of this service request is decrypted, and saves the public key N of proximal end and the mapping relations of unique identification, Establish the cipher key delivery channel of safety;
Step 5: after the foundation of security key transmission channel, the random AES that distal end creates when follow-up business data are transmitted is close Key, and the mapping relations with unique identification are saved, the random AES key to be transmitted is encrypted by the public key N of proximal end, proximal end is connecing It is decrypted, and is saved by the private key N of proximal end after receipts;
Step 6: proximal end carries out subsequent service data request, is encrypted by the AES key of preservation to request data, In addition unique identification makes requests;Distal end identifies AES key by unique identification, request data is decrypted, to realize The complete transmission of data request process.
The unique identification is for identifying proximal end request, by distally creating after request starts, other subsequent requests, It all needs to take this unique identification, if unique identification is distally being not present, entire operation flow stops.
In the step 1, the confidence level of checking request can by require input user password or identifying code input, Or the mode of user information verifying is controlled.
Each proximal end public key N, this request private key R, the AES key of data interaction encryption and decryption and the reflecting for unique identification The relationship of penetrating is stored in each unique identification.
The beneficial effects of the present invention are:
Generation public, private key that this method is provided based on RSA Algorithm, the ostensible feature of public key, by distal end and proximal end The public key of generation respectively and private key, then the separation public key distinguished realizes the foundation of a secure transmission tunnel, then by only One mark generates different AES keys for service request each time at random;It solves and adds solution using RSA Algorithm progress data Close low efficiency, fixed to be easy the problem of being stolen using AES key, each service request realizes different AES keys, realizes number According to safe transmission;Enhance the safety of data transmission.
Detailed description of the invention
The following further describes the present invention with reference to the drawings:
The random key generation method flow chart of attached drawing 1:RSA algorithm.
Specific embodiment
As shown in Figure 1, process of the invention is as follows:
Step 1: proximally by secure and trusted checking request distal end, it is desirable that establish secure transmission tunnel;
Step 2: after distal end receives request, verifying confidence level, the unique identification and RSA Algorithm for creating service request generate remote The private key R and public key R at end save the corresponding relationship of the corresponding private key R of unique identification, public key R and unique identification are passed back proximal end;
Step 3: after proximal end obtains the public key R that distal end return comes and unique identification, generating proximal end by RSA Algorithm in proximal end Private key N and public key N;Using the public key N of the public key R encryption proximal end of distal end, distal end is passed back with unique identification;
Step 4: distally receiving the password of the proximal end public key N of unique identification and public key R encryption, obtained by mapping relations It takes the private key R of the distal end of this service request to be decrypted, and saves the public key N of proximal end and the mapping relations of unique identification, build Erect the cipher key delivery channel an of safety.
Step 5: after security key is transmitted through foundation, the random AES that distal end creates when follow-up business data are transmitted is close Key, and the mapping relations with unique identification are saved, the random AES key to be transmitted is encrypted by the public key N of proximal end, proximal end is connecing It is decrypted, and is saved by the private key N of proximal end after receipts.
Step 6: proximal end carries out subsequent service data request, is encrypted by the AES key of preservation to request data, In addition unique identification makes requests;Distal end identifies AES key by unique identification, is decrypted to data are stressed, to realize The complete transmission of data request process.
The technical solution that the present invention solves above-mentioned technical problem is:
The following steps are included:
Step 1: proximally by request distal end, it is desirable that establish secure transmission tunnel;
Step 2: after distal end receives request, the confidence level of checking request after being verified, creates this service request only One mark and the private key R and public key R that distal end is generated by RSA Algorithm, save the corresponding relationship of the corresponding private key R of unique identification, And public key R and unique identification are passed back proximal end;
Step 3: after proximal end obtains the public key R that distal end return comes and unique identification, generating proximal end proximally by RSA Algorithm Private key N and public key N;Using the public key N of the public key R encryption proximal end of distal end, and even unique identification passes distal end back;
Step 4: distally receiving unique identification and the password by the public key R proximal end public key N encrypted, pass through mapping relations The private key R for obtaining the distal end of this service request is decrypted, and saves the public key N of proximal end and the mapping relations of unique identification, Set up the cipher key delivery channel an of safety.
Step 5: after security key is transmitted through foundation, the random AES that distal end creates when follow-up business data are transmitted is close Key, and the mapping relations with unique identification are saved, the random AES key to be transmitted is encrypted by the public key N of proximal end, proximal end is connecing It is decrypted, and is saved by the private key N of proximal end after receipts.
Step 6: proximal end carries out subsequent service data request, is encrypted by the AES key of preservation to request data, In addition unique identification makes requests;Distal end identifies AES key by unique identification, is decrypted to data are stressed, to realize The complete transmission of data request process.
The unique identification that there need to be a mark proximal end request from the beginning is being requested, this mark is used for this service request Unique identification, by distally creating after request starts, it is subsequent other request, all need to take this unique identification, if uniquely Mark is distally being not present, then entire operation flow stops;
Distal end is requested in proximal end, there need to be the control of a confidence level for guaranteeing request, before establishing request, requirement can be passed through Input user password or the mode of identifying code input or user information verifying are controlled, and guarantee that the proximal end made requests is logical Cross authorization or it is safely controllable;
It is described respectively in proximal end and distal end by generating the public key and key of RSA Algorithm in the step, then pass through The method for mutually passing public key, realizes the foundation of exit passageway, the transmission of important AES key is carried out on this exit passageway;
In the step, AES key is the important information for AES encryption and decryption, this information is directly to a fixation Value can be cracked, all service requests using the same key it is also dangerous, so need to by press service request randomness, The random key for establishing safety carries out the encryption and decryption of service request.
In the step, distally after setting up the connection of service request, the unique identification of creation respectively requested is The identifier of each service request, and in each unique identification, store the AES key of each proximal end public key N, data interaction encryption and decryption With the mapping relations of unique identification;Proximal end carries out the request of data, need to distally be obtained by unique identification plus unique mark The AES key of each request decryption, is decrypted data.
In the step, exit passageway is set up by RSA Algorithm, and transmit encryption and decryption efficiency using exit passageway More AES key carries out subsequent service request using the AES key that generates at random the encryption and decryption of data, thus realize with Business generates AES key at random, not only guarantee service request data encryption and decryption efficiency, but also ensure that AES key with Machine, the safety of enhancing data transmission.
The present invention is based on the public keys of RSA Algorithm and private key encryption and decryption, are remotely generated public, private key, and public key is passed back proximal end, And public key and private key are generated in proximal end, the public key encryption proximal end public key of distal end is used in proximal end, passes distal end back, to form two The encryption and decryption channel of complete RSA public key, private key, generates AES key, and encryption and decryption safe herein at random in service request AES key is transmitted on channel, to realize that each service request generates the safe transmission of the AES key of data transmission at random, often Secondary service request generates different AES keys, ensure that the safe and reliable of the transmission of each data.

Claims (5)

1. a kind of random key generation method based on RSA Algorithm, it is characterised in that: the method the following steps are included:
Step 1: proximal end request distal end, it is desirable that establish secure transmission tunnel;
Step 2: after distal end receives request, the confidence level of checking request;After being verified, unique mark of this service request is created Know and generate by RSA Algorithm the private key R and public key R of distal end;Save the corresponding relationship of the corresponding private key R of unique identification, and handle Public key R and unique identification pass proximal end back;
Step 3: after proximal end obtains the public key R that distal end return comes and unique identification, in the private for generating proximal end proximally by RSA Algorithm Key N and public key N;Using the public key N of the public key R encryption proximal end of distal end, and even unique identification passes distal end back;
Step 4: distally receiving unique identification and the password by the public key R proximal end public key N encrypted, obtained by mapping relations This time the private key R of the distal end of service request is decrypted, and saves the public key N of proximal end and the mapping relations of unique identification, establishes The cipher key delivery channel of safety;
Step 5: after the foundation of security key transmission channel, distal end creates the random AES key when transmission of follow-up business data, and The mapping relations with unique identification are saved, the random AES key to be transmitted are encrypted by the public key N of proximal end, proximal end is after the receipt It is decrypted, and is saved by the private key N of proximal end;
Step 6: proximal end carries out subsequent service data request, is encrypted by the AES key of preservation to request data, in addition Unique identification makes requests;Distal end identifies AES key by unique identification, request data is decrypted, to realize data The complete transmission of request process.
2. according to the method described in claim 1, it is characterized by: the unique identification is being asked for identifying proximal end request It asks after starting by distally creating, other subsequent requests all need to take this unique identification, if unique identification is not being deposited distally In then entire operation flow suspension.
3. according to the method described in claim 1, it is characterized by:
In the step 1, the confidence level of checking request can be by requiring input user password or identifying code to input or use The mode of family Information Authentication is controlled.
4. according to the method described in claim 2, it is characterized by:
In the step 1, the confidence level of checking request can be by requiring input user password or identifying code to input or use The mode of family Information Authentication is controlled.
5. method according to any one of claims 1 to 4, it is characterised in that: each proximal end public key N, this time request The mapping relations of private key R, the AES key of data interaction encryption and decryption and unique identification are stored in each unique identification.
CN201811068073.9A 2018-09-13 2018-09-13 A kind of random key generation method based on RSA Algorithm Pending CN109245891A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811068073.9A CN109245891A (en) 2018-09-13 2018-09-13 A kind of random key generation method based on RSA Algorithm

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811068073.9A CN109245891A (en) 2018-09-13 2018-09-13 A kind of random key generation method based on RSA Algorithm

Publications (1)

Publication Number Publication Date
CN109245891A true CN109245891A (en) 2019-01-18

Family

ID=65058090

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811068073.9A Pending CN109245891A (en) 2018-09-13 2018-09-13 A kind of random key generation method based on RSA Algorithm

Country Status (1)

Country Link
CN (1) CN109245891A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113420304A (en) * 2021-05-21 2021-09-21 巨霖(上海)微电子有限公司 Encryption and decryption method, device and computer readable medium for SPICE netlist and model
CN114124440A (en) * 2021-09-29 2022-03-01 平安养老保险股份有限公司 Secure transmission method, device, computer equipment and storage medium
CN114208109A (en) * 2019-06-14 2022-03-18 西门子股份公司 Method for establishing secure data communication for a processing device, trust module for generating a cryptographic key, and field device

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7548621B1 (en) * 2002-09-26 2009-06-16 Ncr Corporation System and method for securing a base derivation key for use in injection of derived unique key per transaction devices
CN101964793A (en) * 2010-10-08 2011-02-02 上海银联电子支付服务有限公司 Method and system for transmitting data between terminal and server and sign-in and payment method
CN102833253A (en) * 2012-08-29 2012-12-19 五八同城信息技术有限公司 Method and server for establishing safe connection between client and server
CN105515762A (en) * 2016-01-28 2016-04-20 中山市倍能照明科技有限公司 Encryption system based on Rivet, Shamir and Adleman (RSA) and advanced encryption standard (AES) encryption algorithms and encryption method
CN108092761A (en) * 2016-11-22 2018-05-29 广东亿迅科技有限公司 A kind of key management method and system based on RSA and 3DES

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7548621B1 (en) * 2002-09-26 2009-06-16 Ncr Corporation System and method for securing a base derivation key for use in injection of derived unique key per transaction devices
CN101964793A (en) * 2010-10-08 2011-02-02 上海银联电子支付服务有限公司 Method and system for transmitting data between terminal and server and sign-in and payment method
CN102833253A (en) * 2012-08-29 2012-12-19 五八同城信息技术有限公司 Method and server for establishing safe connection between client and server
CN105515762A (en) * 2016-01-28 2016-04-20 中山市倍能照明科技有限公司 Encryption system based on Rivet, Shamir and Adleman (RSA) and advanced encryption standard (AES) encryption algorithms and encryption method
CN108092761A (en) * 2016-11-22 2018-05-29 广东亿迅科技有限公司 A kind of key management method and system based on RSA and 3DES

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114208109A (en) * 2019-06-14 2022-03-18 西门子股份公司 Method for establishing secure data communication for a processing device, trust module for generating a cryptographic key, and field device
CN113420304A (en) * 2021-05-21 2021-09-21 巨霖(上海)微电子有限公司 Encryption and decryption method, device and computer readable medium for SPICE netlist and model
CN114124440A (en) * 2021-09-29 2022-03-01 平安养老保险股份有限公司 Secure transmission method, device, computer equipment and storage medium
CN114124440B (en) * 2021-09-29 2023-09-26 平安养老保险股份有限公司 Secure transmission method, apparatus, computer device and storage medium

Similar Documents

Publication Publication Date Title
CN106789047B (en) A kind of block chain identification system
WO2020087805A1 (en) Trusted authentication method employing two cryptographic values and chaotic encryption in measurement and control network
CN109728909B (en) Identity authentication method and system based on USBKey
CN109962784B (en) Data encryption, decryption and recovery method based on multiple digital envelope certificates
CN109040067B (en) Physical unclonable technology PUF-based user authentication device and authentication method
WO2018046009A1 (en) Block chain identity system
US7734045B2 (en) Multifactor split asymmetric crypto-key with persistent key security
JP5845393B2 (en) Cryptographic communication apparatus and cryptographic communication system
CN106713279B (en) video terminal identity authentication system
CN104796265A (en) Internet-of-things identity authentication method based on Bluetooth communication access
CN101631305B (en) Encryption method and system
JP6751545B1 (en) Electronic signature system and anti-tamper device
CN109245891A (en) A kind of random key generation method based on RSA Algorithm
CN111526007B (en) Random number generation method and system
CN107306181A (en) Encryption, verification method and the device of right discriminating system and its authentication information
US11743053B2 (en) Electronic signature system and tamper-resistant device
CN114567431A (en) Security authentication method for unidirectional transmission
CN113676448A (en) Off-line equipment bidirectional authentication method and system based on symmetric key
CN104394532A (en) Anti-brute force safe log-in method for mobile terminal
JP5295999B2 (en) Terminal initial setting method and initial setting device
CN111263360A (en) Wireless encryption device and method for protecting variable mechanical authentication password by adopting public key
CN104579692A (en) Information processing method on basis of intelligent card
JPH11231776A (en) Method and device for issuing certificate
CN108768958B (en) Verification method for data integrity and source based on no leakage of verified information by third party
JP2002051036A (en) Key escrow system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WD01 Invention patent application deemed withdrawn after publication
WD01 Invention patent application deemed withdrawn after publication

Application publication date: 20190118