CN109981648A - A kind of encrypted transmission method, decryption method, device, terminal and storage medium - Google Patents
A kind of encrypted transmission method, decryption method, device, terminal and storage medium Download PDFInfo
- Publication number
- CN109981648A CN109981648A CN201910238023.9A CN201910238023A CN109981648A CN 109981648 A CN109981648 A CN 109981648A CN 201910238023 A CN201910238023 A CN 201910238023A CN 109981648 A CN109981648 A CN 109981648A
- Authority
- CN
- China
- Prior art keywords
- key
- data
- terminal
- encrypted
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 71
- 230000005540 biological transmission Effects 0.000 title claims abstract description 61
- 238000003860 storage Methods 0.000 title claims abstract description 15
- 238000013475 authorization Methods 0.000 claims abstract description 45
- 230000015654 memory Effects 0.000 claims description 18
- 238000004590 computer program Methods 0.000 claims description 2
- 230000009286 beneficial effect Effects 0.000 description 6
- 238000010586 diagram Methods 0.000 description 6
- 238000013478 data encryption standard Methods 0.000 description 4
- 238000013461 design Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 235000013399 edible fruits Nutrition 0.000 description 1
- 230000014759 maintenance of location Effects 0.000 description 1
- 238000005457 optimization Methods 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/60—Network streaming of media packets
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Multimedia (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the invention discloses a kind of encrypted transmission method, decryption method, device, terminal and storage mediums, and wherein encrypted transmission method includes: the clear data and user password for receiving upper transmission terminal and uploading;The user password is compiled as cryptographic key according to default compiling rule, the clear data is encrypted according to the cryptographic key, obtains ciphertext data;The ciphertext data are sent to playback terminal, the default compiling rule is sent to the authorization terminal in the playback terminal, so that the authorization terminal in the playback terminal presets compiling rule based on the received and the ciphertext data are decrypted in the user password of user's input.Encrypted transmission method, decryption method, device, terminal and storage medium provided in an embodiment of the present invention can effectively overcome the problems, such as security breaches caused by the existing unification because of key.
Description
Technical field
The present embodiments relate to CATV Technology more particularly to a kind of encrypted transmission method, decryption method, device,
Terminal and storage medium.
Background technique
Currently, cable television system is cooperated the broadcasting to realize program by server end, playback terminal and smart card.Service
Device end scrambles programme signal by control word (Control Word, CW), and is added by business cipher key (Service Key, SK)
CW after close is transmitted in Entitlement Control Message (Entitle Control Message, ECM) data flow, close by personal distribution
Key (Personal Distribute Key, PDK) encrypted SK is in Entitlement Management Message (Entitle Manage
Message, EMM) it transmits in data flow;Playback terminal (such as set-top box) reads authorization intelligence after being inserted into authorized smartcards
The SK in EMM data flow is decrypted by PDK by cured PDK in card, by decrypting obtained SK in ECM data flow
CW decryption, programme signal is descrambled by decrypting obtained CW, to play programme signal.
In the prior art, the CW that server end is sent to playback terminal is unified key.The shortcomings that prior art, is at least
It include: unauthorized terminal after CW is resolved, in playback terminal by forwarding CW that can also descramble to programme signal.To not
Authorization terminal can watch the program that authorization terminal can watch, and make cable television system there are certain security breaches, cause
The huge economic losses of related operators.
Summary of the invention
In view of this, the embodiment of the invention provides a kind of encrypted transmission method, decryption method, device, terminal and storages
Medium can effectively overcome the problems, such as security breaches caused by the existing unification because of key.
In a first aspect, the embodiment of the invention provides a kind of encrypted transmission methods, comprising:
The clear data and user password that transmission terminal uploads in reception;
The user password is compiled as cryptographic key according to default compiling rule, according to the cryptographic key to being stated clearly
Literary data are encrypted, and ciphertext data are obtained;
The ciphertext data are sent to each playback terminal, the default compiling rule is sent to each playback terminal
In authorization terminal so that authorization terminal in each playback terminal presets compiling rule and user's input based on the received
User password the ciphertext data are decrypted.
Second aspect, the embodiment of the invention provides a kind of decryption methods, comprising:
Receive the ciphertext data and default compiling rule that server end is sent;
The user password for receiving user's input, according to the default compiling, regular that the user password is compiled as password is close
Key;
The ciphertext data are decrypted according to the cryptographic key, obtain clear data.
The third aspect, the embodiment of the invention provides a kind of encrypted transmission devices, comprising:
Plaintext receiving module, the clear data and user password uploaded for receiving upper transmission terminal;
Encrypting module, for the user password to be compiled as cryptographic key according to default compiling rule, according to described close
Clear data described in code key pair is encrypted, and ciphertext data are obtained;
Ciphertext sending module, for the ciphertext data to be sent to each playback terminal, by the default compiling rule hair
The authorization terminal into each playback terminal is sent, is compiled so that the authorization terminal in each playback terminal is preset based on the received
The ciphertext data are decrypted in the user password for translating rule and user's input.
Fourth aspect, the embodiment of the invention provides a kind of decryption devices, comprising:
Ciphertext receiving module, for receiving the ciphertext data and default compiling rule of server end transmission;
Key collector, it is regular by the use according to the default compiling for receiving the user password of user's input
Family Cryptographic is cryptographic key;
Deciphering module obtains clear data for the ciphertext data to be decrypted according to the cryptographic key.
5th aspect, the embodiment of the invention provides a kind of terminals, comprising:
One or more processors;
Memory, for storing one or more programs;
When one or more of programs are executed by one or more of processors, so that one or more of processing
Device realizes the encrypted transmission method or decryption method as described in any embodiment of the present invention.
6th aspect, the embodiment of the invention provides a kind of computer readable storage mediums, are stored thereon with computer journey
Sequence realizes encrypted transmission method or decryption method as described in any embodiment of the present invention when the program is executed by processor.
Encrypted transmission method, decryption method, device, terminal and storage medium provided in an embodiment of the present invention, user is logical
When crossing upload terminal to server end upload clear data (such as multimedia file), it can be arranged for the clear data uploaded and use
Family password, and user password is uploaded to server end with clear data.Server end is receiving clear data and bright
After the corresponding user password of literary data, user password can be compiled as by cryptographic key according to default compiling rule, and according to
Cryptographic key encrypts clear data, obtains ciphertext data.All playback terminals can receive server end transmission
Ciphertext data, and the authorization terminal only in playback terminal can receive server end transmission default compiling rule, because
This unauthorized terminal can not receive default compiling rule, then ciphertext data cannot be decrypted;Further, authorization terminal
It also needs user to input user password, is just able to achieve and ciphertext data are decrypted according to user password and default compiling rule.It is comprehensive
It is upper described, each clear data all exist it is corresponding have user password, conciliate according to the encryption that different user password carries out data
It is close, it can effectively overcome the problems, such as security breaches caused by the existing unification because of key.
Detailed description of the invention
In order to more clearly explain the embodiment of the invention or the technical proposal in the existing technology, to embodiment or will show below
There is attached drawing needed in technical description to do one simply to introduce, it should be apparent that, the accompanying drawings in the following description is this hair
Bright some embodiments for those of ordinary skill in the art without creative efforts, can be with root
Other attached drawings are obtained according to these attached drawings.
Fig. 1 is the encrypted transmission method flow chart that the embodiment of the present invention one provides;
Fig. 2 is encrypted transmission method flow chart provided by Embodiment 2 of the present invention;
Fig. 3 is the decryption method flow chart that the embodiment of the present invention three provides;
Fig. 4 is the encrypted transmission apparatus structure schematic diagram that the embodiment of the present invention four provides;
Fig. 5 is the decryption apparatus structure schematic diagram that the embodiment of the present invention five provides;
Fig. 6 is a kind of structural schematic diagram for terminal that the embodiment of the present invention six provides.
Specific embodiment
To make the object, technical solutions and advantages of the present invention clearer, hereinafter with reference to attached in the embodiment of the present invention
Figure, clearly and completely describes technical solution of the present invention by embodiment, it is clear that described embodiment is the present invention one
Section Example, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art are not doing
Every other embodiment obtained under the premise of creative work out, shall fall within the protection scope of the present invention.Following each embodiments
In, optional feature and example are provided simultaneously in each embodiment, each feature recorded in embodiment can be combined, and be formed
The embodiment of each number should not be considered merely as a technical solution by multiple optinal plans.
Embodiment one
Fig. 1 is the encrypted transmission method flow chart that the embodiment of the present invention one provides, and the present embodiment can be applied to cable television
The case where server end carries out encrypted transmission to the clear data of upload in system, this method can be realized by server end, tool
Body can be implemented by the software and/or hardware in server end.
Referring to Fig. 1, which includes the following steps:
The clear data and user password that transmission terminal uploads on S110, reception.
Wherein, upper transmission terminal include but is not limited to smart phone, smartwatch, PAD (tablet computer), laptop,
Desktop computer or car-mounted terminal etc. can link to the electronic equipment of server end.Wherein, clear data includes but is not limited to document
Data, image data, audio data, video data and audio, video data etc..Wherein, user password for example can be number, tool
Body can be ten's digit, and the password digit of user password can be 6,8 or 10, be not specifically limited herein.
Wherein, upper transmission terminal can correspond to application software, the corresponding access of input server end by login service device end
The modes such as the corresponding two-dimensional barcode information in location or scanning server end are linked to server end.Wherein, it uploads terminal and is linked to service
Behind device end, clear data server end can be uploaded to, the user password being arranged for clear data server can also be uploaded to
End, so that user password encrypts clear data to server end based on the received.
In addition, upper transmission terminal can also upload the title being arranged for clear data, introduction, play time and broadcast mode
To server;Wherein, title can be by the combination of at least one of Chinese character, letter, number and additional character element;Wherein,
Introduce the summary description that can be to the clear data of upload;Wherein, play time for example can be play start time, can also
To be play time section;Wherein, broadcast mode for example can be single play or loop play etc..
Wherein, server end can match after user password encrypts clear data based on the received for ciphertext data
Corresponding broadcasting frequency point is set, when so that playback terminal indexing the broadcasting frequency point, can receive the ciphertext data.In addition, service
Device also for the title of clear data setting and can introduce configuration frequency point recommended information based on the received, can based on the received be also bright
The play time of literary data setting and the play time and broadcast mode of broadcast mode configuration ciphertext data.
S120, user password is compiled as by cryptographic key according to default compiling rule, according to cryptographic key to clear data
It is encrypted, obtains ciphertext data.
Wherein, preset compiling rule can refer to the rule that user password is compiled as to cryptographic key, specifically can be plus,
Subtract, multiplication and division, logarithm or idempotent calculation rule, be also possible to the encryption rule symmetrically or non-symmetrically encrypted, can also be one
The rule of correspondence of the corresponding long number of number.Wherein, encryption standard clear data encrypted according to cryptographic key, such as
It can be Advanced Encryption Standard (Advanced Encryption Standard, AES), be also possible to data encryption standards
(Data Encryption Standard, DES) can also be 3DES (Triple DES).
Optionally, user password is compiled as by cryptographic key according to default compiling rule, comprising: advise according to default compiling
Then, the encoded number of the corresponding presetting digit capacity of each bit digital in user password is determined;By the corresponding default position of each bit digital
Several encoded numbers are spliced, and cryptographic key is obtained.
Wherein, the rule for the encoded number that compiling rule is the corresponding presetting digit capacity of each bit digital is preset;Wherein, it compiles
Number can be binary digit.For example, 0-9 points can be preset in ten's digit when user password is ten's digit
Not Dui Ying 4 bit binary numbers, which is default compiling rule.Wherein, the digit and presetting digit capacity of user password
It can match with encryption rule.Illustratively, it when using AES encryption, then can be encrypted using 128 keys,
If user password is 8 decimal system passwords at this time, presetting digit capacity can be 16, i.e., each corresponding 16 compilings of bit digital
8 16 bit digitals are spliced, can be obtained 128 cryptographic keys, using the cryptographic key to clear data by number
Carry out AES encryption.Wherein, the encoded number of the corresponding presetting digit capacity of each bit digital is spliced, is specifically can be by original
The sequence of coden of user password splices the encoded number of presetting digit capacity, can also be by default out-of-order regular by original subscriber
Password is out-of-order, and splices by encoded number of the sequence of coden of the user password after random ordering to presetting digit capacity.
Optionally, clear data is encrypted according to cryptographic key, comprising: initial key is carried out according to cryptographic key
Encryption generates encryption key, is encrypted according to encryption key to clear data;Wherein, initial key is sent out with ciphertext data
It send to each playback terminal.
Wherein, initial key also can be generated in server end, and using each password being compiled into according to each user password
Key pair initial key is encrypted, and different cryptographic keys is generated.Wherein, initial key is added according to cryptographic key
It is close, comprising: initial key is symmetrically or non-symmetrically encrypted according to cryptographic key;Alternatively, by cryptographic key and initial key
Add, subtract, multiplication and division, logarithm or power operation;Alternatively, cryptographic key and initial key are carried out XOR operation.
Wherein, encrypt to clear data according to encryption key specifically can be, and clear data is grouped, according to
Encryption key encrypts each group clear data respectively, obtains each group ciphertext data.Illustratively, when encryption key is 256
Clear data every 256 can be grouped by the key of position when encryption standard is AES, and bright to each group using encryption key
Literary data are encrypted.
S130, ciphertext data are sent to each playback terminal, default compiling rule is sent to awarding in each playback terminal
Terminal is weighed, so that the authorization terminal in each playback terminal presets the user password of compiling rule and user's input based on the received
Ciphertext data are decrypted.
Wherein, server end can be in play time, push ciphertext number to playback terminal by playing frequency point in real time
According to;Illustratively, if ciphertext data are arranged on every Fridays start to play for 8 points at night, broadcasting frequency point is the corresponding frequency of 890MHz
Point, then server end on every Fridays at night 8 points begin through the corresponding frequency point of 890MHz and push ciphertext number in real time to each playback terminal
According to, and each playback terminal can receive the ciphertext data when searching 890MHz corresponding frequency point.
Wherein, pre-arranged code rule can update primary every some cycles, and issue updated preset to authorization terminal
Coding rule, such as primary updated pre-arranged code rule monthly is issued to authorization terminal, so that pre-arranged code rule is more
Safety, is not easy to be trapped, improves security of system.
Wherein, in playback terminal although unauthorized terminal can receive cryptograph files, but be difficult to intercept every time more
Default compiling rule after new, therefore the difficulty for cracking ciphertext data is larger.In addition, if server also issues initially to each terminal
Password, then unauthorized terminal can not then be compiled user password, and can not be right due to that cannot receive default compiling rule
Initial password is encrypted, to further improve the difficulty that unauthorized terminal cracks ciphertext data.
Encrypted transmission method provided in this embodiment, the plaintext number that server end is uploaded in reception user by upper transmission terminal
According to while, also can receive user be upload clear data be arranged user password;Server end can be advised according to default compiling
User password is then compiled as cryptographic key, and clear data is encrypted according to cryptographic key, obtains ciphertext data;Service
Ciphertext data can be sent to all playback terminals by device end, default compiling rule can be only sent to awarding in each playback terminal
Weigh terminal.To sum up, unauthorized terminal can not receive default compiling rule, therefore ciphertext data cannot be decrypted;Into one
Step, authorization terminal also needs user to input user password, is just able to achieve according to user password and default compiling rule to ciphertext number
According to being decrypted.Server end encrypts each clear data according to the corresponding user password of each clear data, can be effective gram
Take it is existing because key it is unified caused by security breaches the problem of.
Embodiment two
The present embodiment on the basis of the above embodiments, is optimized the ciphering process of clear data.Wherein, optimize
Mode includes: that the numerical value of the encryption round number encrypted to clear data is preset value, and preset value is just whole more than or equal to 2
Number;Correspondingly, encrypting according to cryptographic key to initial key, encryption key is generated, according to encryption key to clear data
It is encrypted, comprising: initial key is encrypted according to cryptographic key, generates the first encryption key, it is close according to the first encryption
Key carries out first round encryption to clear data;Goal time order key, root are obtained from least two timing keys by preset order
It is encrypted according to Goal time order key pair N encryption key, N+1 encryption key is generated, according to N+1 encryption key to N
It takes turns encrypted data and carries out N+1 wheel encryption, and when N+1 is preset value, N+1 is taken turns into encrypted data as ciphertext
Data;Wherein, N is positive integer;Wherein, preset order and at least two timing keys are sent to respectively with default compiling rule
Authorization terminal in playback terminal.The present embodiment and above-described embodiment inventive concept having the same, it is same as the previously described embodiments
Or corresponding term explains that this embodiment is not repeated.
Fig. 2 is encrypted transmission method flow chart provided by Embodiment 2 of the present invention.Referring to fig. 2, the encrypted transmission method packet
Include following steps:
The clear data and user password that transmission terminal uploads on S210, reception;
S220, user password is compiled as by cryptographic key according to default compiling rule;
S230, initial key is encrypted according to cryptographic key, the first encryption key is generated, according to the first encryption key
First round encryption is carried out to clear data;
S240, Goal time order key is obtained from least two timing keys by preset order, according to Goal time order key
N encryption key is encrypted, N+1 encryption key is generated, encrypted data are taken turns to N according to N+1 encryption key
N+1 wheel encryption is carried out, and when N+1 is preset value, N+1 is taken turns into encrypted data as ciphertext data;Wherein, N is
Positive integer.
S250, ciphertext data are sent to each playback terminal, by default compiling rule, preset order, at least two timing
Key is sent to the authorization terminal in each playback terminal.
Wherein, to improve the secret grade encrypted according to cryptographic key to clear data, preset value wheel can be carried out
Encryption, and secret grade is higher, and preset value can be bigger.
Where it is assumed that preset value be M, when M be 2 when, a timing key can be generated, according to the timing key pair according to
The encryption key that cryptographic key and initial key generate is encrypted, and carries out the 2nd according to the key after encryption keys
Wheel encryption;Also at least two timing keys can be generated, Goal time order key is chosen from least two timing keys, according to this
Timing key pair is encrypted according to the encryption key that cryptographic key and initial key generate, and according to after to encryption keys
Key carry out the 2nd wheel encryption.When M is greater than 2, and the number of timing key be [2, M) when, preset order can be it is positive or
The sequence of reverse circulation;When the number of timing key is M, preset order can be traversal order;When the number of timing key
When for (M ,+∞), preset order can be the sequence for choosing the timing key of M default serial numbers.
Wherein, the first encryption key is to encrypt to generate to initial key by cryptographic key, and the second encryption key is logical
First aim timing the first encryption keys of the key pair generation chosen according to preset order is crossed, third encryption key is
It is generated by second target timing the second encryption keys of key pair chosen according to preset order, and so on, when
When encryption round number is preset value M, M encryption key is the M-1 Goal time order key by being chosen according to preset order
M-1 encryption keys are generated.And first round encryption is carried out to clear data according to the first encryption key, add to second
The close key pair first round encrypted data carry out the second wheel encryption, and so on, M-1 wheel is added according to M encryption key
The close data having carry out M wheel encryption, and M is taken turns encrypted data as ciphertext data.
Wherein, preset order and at least two timing keys can be issued to authorization terminal with default compiling rule, tool
Body, which can be, to be updated once every some cycles, and issue updated pre-arranged code rule, preset order to authorization terminal
And at least two timing keys, such as monthly primary updated pre-arranged code rule, preset order are issued to authorization terminal
And at least two timing keys, so that pre-arranged code is regular, preset order and at least two timing keys are safer, no
It is easily trapped, improves security of system.
Encrypted transmission method provided in this embodiment on that basi of the above embodiments carries out the ciphering process of clear data
Optimization, specifically in every wheel data encryption process, when choosing target from least two timing keys according to preset order
Sequence key, according to Goal time order key pair, last round of encryption key is encrypted, and obtains the encryption key of epicycle, and utilize this
The encryption key of wheel encrypts last round of encrypted data again, to improve the difficulty of ciphertext data, that is, improves number
According to safety.In addition, the present embodiment and above-described embodiment inventive concept having the same, not detailed description in the present embodiment
Technical detail can be found in above-described embodiment, and the present embodiment can reach beneficial effect same as the previously described embodiments.
Embodiment three
Fig. 3 is the decryption method flow chart that the embodiment of the present invention three provides, and the present embodiment can be applied to cable television system
The case where received ciphertext data are decrypted in middle authorization terminal, this method can be by authorization terminal (such as the machine tops of authorization
Box terminal) it realizes, it can specifically be implemented by the software and/or hardware in authorization terminal.The present embodiment and above-described embodiment have
There is identical inventive concept, same as the previously described embodiments or corresponding term explains that this embodiment is not repeated.
Referring to Fig. 3, which includes the following steps:
S310, ciphertext data and default compiling rule that server end is sent are received;
User password is compiled as cryptographic key according to default compiling rule by S320, the user password for receiving user's input;
S330, ciphertext data are decrypted according to cryptographic key, obtain clear data.
Wherein, each playback terminal all can receive the ciphertext data of server end transmission, but only awarding in playback terminal
Power terminal can receive the default compiling rule of server transmission.Wherein, authorization terminal can receive once more every some cycles
Pre-arranged code rule after new, such as primary updated pre-arranged code rule is monthly received, so that pre-arranged code rule is more
Safety, is not easy to be trapped, improves security of system.
Wherein, authorization terminal also needs to receive the user password of user's input, according to the user password of user's input to reception
Ciphertext data be decrypted.It is to be understood that even if terminal is authorization terminal, if can not to input correct user close by user
Code, then can not equally be decrypted ciphertext data, can effectively overcome existing because security breaches caused by key is unified are asked
Topic.
Optionally, user password is compiled as by cryptographic key according to default compiling rule, comprising:
According to default compiling rule, the encoded number of the corresponding presetting digit capacity of each bit digital in user password is determined;It will
The encoded number of the corresponding presetting digit capacity of each bit digital is spliced, and cryptographic key is obtained.
Optionally, ciphertext data are decrypted according to cryptographic key, comprising:
Initial key is encrypted according to cryptographic key, generate encryption key, according to encryption key to ciphertext data into
Row decryption;Wherein, initial key receives simultaneously with ciphertext data.
Further, initial key is encrypted according to cryptographic key, comprising: carry out cryptographic key and initial key
XOR operation.
Optionally, the numerical value for decryption round number ciphertext data being decrypted is preset value, and preset value is more than or equal to 2
Positive integer;Correspondingly, encrypting according to cryptographic key to initial key, encryption key is generated, according to encryption key to close
Literary data are decrypted, comprising:
Initial key is encrypted according to cryptographic key, generates the first decruption key;By preset order from least two
Goal time order key is obtained in timing key, is encrypted according to Goal time order key pair N decruption key, and N+1 solution is generated
Key, until N+1 ends when being equal to preset value;First round decryption is carried out to ciphertext data according to N+1 decruption key;According to
N-m decruption key carries out m+2 wheel decryption to the data after m+1 wheel decryption, wherein for m integer, and m ∈ [0, N-1], it will
Data after N+1 wheel decryption are as clear data;Wherein, preset order and at least two timing keys are advised with default compiling
Then receive simultaneously.
Wherein, the first decruption key is to encrypt generation, and generating mode and first to initial key by cryptographic key
The generating mode of encryption key is identical, it is believed that the first decruption key is equal to the first encryption key, claims herein for convenience of description
Be the first decruption key, similarly N+1 decruption key be equal to N+1 encryption key;Second decruption key is by according to pre-
If what first aim timing the first encryption keys of key pair that sequence is chosen generated, third decruption key is to pass through basis
What second target timing the second encryption keys of key pair that preset order is chosen generated, and so on, when encryption round number
When being preset value M, decryption round number is also preset value M, and M decruption key is a by the M-1 chosen according to preset order
What Goal time order key pair M-1 encryption keys generated.
Since decrypting process of the authorization terminal to ciphertext data is inverse mistake of the server end to the ciphering process of clear data
Journey needs to carry out first round decryption to ciphertext data according to M decruption key, after decrypting the first round according to the second decruption key
Data carry out second wheel decryption, and so on, according to the first decruption key to M-1 wheel decryption after data carry out M wheel
Decryption, using the data after M wheel decryption as clear data.
Decryption method provided in this embodiment, all playback terminals can receive the ciphertext data of server end transmission, but
Only authorization terminal can receive the default compiling rule that server end is sent;Further, authorization terminal also needs to receive user
User password is inputted, is just able to achieve and ciphertext data is decrypted according to user password and default compiling rule.Unauthorized terminal
Default compiling rule can not be received, therefore ciphertext data cannot be decrypted.Also, authorization terminal decrypts each ciphertext data
It needs to input corresponding user password, each ciphertext data is decrypted with realizing, can effectively be overcome existing because key is uniformly led
The problem of security breaches of cause.In addition, the present embodiment and above-described embodiment inventive concept having the same, not in the present embodiment
The technical detail of detailed description can be found in above-described embodiment, and the present embodiment can reach beneficial effect same as the previously described embodiments
Fruit.
Example IV
Fig. 4 is the encrypted transmission apparatus structure schematic diagram that the embodiment of the present invention four provides, and the present embodiment can be applied to wired
The case where the case where server end carries out encrypted transmission to the clear data of upload in television system.It is mentioned using the embodiment of the present invention
Encrypted transmission method disclosed in above-described embodiment may be implemented in the encrypted transmission device of confession.
Referring to fig. 4, encrypted transmission device in the present embodiment, comprising:
Plaintext receiving module 410, the clear data and user password uploaded for receiving upper transmission terminal;
Encrypting module 420, for user password to be compiled as cryptographic key according to default compiling rule, according to cryptographic key
Clear data is encrypted, ciphertext data are obtained;
Default compiling rule is sent to respectively by ciphertext sending module 430 for ciphertext data to be sent to each playback terminal
Authorization terminal in playback terminal, so that the authorization terminal in each playback terminal presets compiling rule and user based on the received
Ciphertext data are decrypted in the user password of input.
Optionally, encrypting module 420, comprising:
Cryptographic key compiles submodule, for determining that each bit digital is corresponding in user password according to default compiling rule
Presetting digit capacity encoded number;The encoded number of the corresponding presetting digit capacity of each bit digital is spliced, it is close to obtain password
Key.
Optionally, encrypting module 420, further includes:
Submodule is encrypted, for encrypting according to cryptographic key to initial key, generation encryption key is close according to encrypting
Key encrypts clear data;Wherein, initial key is sent to each playback terminal with ciphertext data.
Optionally, submodule is encrypted, is specifically used for: cryptographic key and initial key being subjected to XOR operation, generate encryption
Key.
Optionally, the numerical value of the encryption round number encrypted to clear data is preset value, and preset value is more than or equal to 2
Positive integer;Correspondingly, encryption submodule, is specifically used for: being encrypted according to cryptographic key to initial key, generates first and add
Key carries out first round encryption to clear data according to the first encryption key;By preset order from least two timing keys
Middle acquisition Goal time order key, is encrypted according to Goal time order key pair N encryption key, generates N+1 encryption key, root
Encrypted data are taken turns to N according to N+1 encryption key and carry out N+1 wheel encryption, and when N+1 is preset value, N+1 is taken turns
Encrypted data are as ciphertext data;Wherein, N is positive integer;Wherein, by preset order and at least two timing keys with
Default compiling rule is sent to the authorization terminal in each playback terminal.
Software starter provided in this embodiment, the encrypted transmission method proposed with above-described embodiment belong to same invention
Design, the technical detail of detailed description not can be found in above-described embodiment, and the present embodiment and above-mentioned implementation in the present embodiment
Example beneficial effect having the same.
Embodiment five
Fig. 5 is the decryption apparatus structure schematic diagram that the embodiment of the present invention five provides, and the present embodiment can be applied to cable television
The case where received ciphertext data are decrypted in authorization terminal in system.It can using decryption device provided in an embodiment of the present invention
To realize decryption method disclosed in above-described embodiment.
Referring to Fig. 5, device is decrypted in the present embodiment, comprising:
Ciphertext receiving module 510, for receiving the ciphertext data and default compiling rule of server end transmission;
Key collector 520, it is regular by user password according to default compiling for receiving the user password of user's input
It is compiled as cryptographic key;
Deciphering module 530 obtains clear data for ciphertext data to be decrypted according to cryptographic key.
Optionally, key collector 520, is specifically used for:
According to default compiling rule, the encoded number of the corresponding presetting digit capacity of each bit digital in user password is determined;It will
The encoded number of the corresponding presetting digit capacity of each bit digital is spliced, and cryptographic key is obtained.
Further, initial key is encrypted according to cryptographic key, comprising: carry out cryptographic key and initial key
XOR operation.
Optionally, deciphering module 530 are specifically used for:
Initial key is encrypted according to cryptographic key, generate encryption key, according to encryption key to ciphertext data into
Row decryption;Wherein, initial key receives simultaneously with ciphertext data.
Optionally, the numerical value for decryption round number ciphertext data being decrypted is preset value, and preset value is more than or equal to 2
Positive integer;Correspondingly, deciphering module 530, is specifically used for:
Initial key is encrypted according to cryptographic key, generates the first decruption key;By preset order from least two
Goal time order key is obtained in timing key, is encrypted according to Goal time order key pair N decruption key, and N+1 solution is generated
Key, until N+1 ends when being equal to preset value;First round decryption is carried out to ciphertext data according to N+1 decruption key;According to
N-m decruption key carries out m+2 wheel decryption to the data after m+1 wheel decryption, wherein for m integer, and m ∈ [0, N-1], it will
Data after N+1 wheel decryption are as clear data;Wherein, preset order and at least two timing keys are advised with default compiling
Then receive simultaneously.
Decryption device provided in this embodiment, the decryption method proposed with above-described embodiment belong to same inventive concept, not
The technical detail of detailed description can be found in above-described embodiment in the present embodiment, and the present embodiment has phase with above-described embodiment
Same beneficial effect.
Embodiment six
A kind of terminal is present embodiments provided, can be applied in cable television system server end to the clear data of upload
The case where received ciphertext data are decrypted in progress encrypted transmission or authorization terminal.Fig. 6 is that the embodiment of the present invention six mentions
A kind of structural schematic diagram of the terminal supplied.Referring to Fig. 6, which includes:
One or more processors 610;
Memory 620, for storing one or more programs;
When one or more programs are executed by one or more processors 610, so that one or more processors 610 are realized
The encrypted transmission method or decryption method proposed such as above-described embodiment.
In Fig. 6 by taking a processor 610 as an example;Processor 610 and memory 620 can be connected by bus or other modes
It connects, in Fig. 6 for being connected by bus.
Memory 620 is used as a kind of computer readable storage medium, can be used for storing software program, journey can be performed in computer
Sequence and module, such as the corresponding program instruction/module of the software start-up method in the embodiment of the present invention.Processor 610 passes through fortune
Software program, instruction and the module that row is stored in memory 620, thereby executing the various function application and data of terminal
Processing, that is, realize above-mentioned encrypted transmission method or decryption method.
Wherein, the encrypted transmission method that mainly may be implemented is as follows: the clear data and user that transmission terminal uploads in reception
Password;User password is compiled as cryptographic key according to default compiling rule, clear data is encrypted according to cryptographic key,
Obtain ciphertext data;Ciphertext data are sent to each playback terminal, default compiling rule is sent to awarding in each playback terminal
Terminal is weighed, so that the authorization terminal in each playback terminal presets the user password of compiling rule and user's input based on the received
Ciphertext data are decrypted.
Wherein, the decryption method that mainly may be implemented is as follows: receiving the ciphertext data and default volume that server end is sent
Translate rule;User password is compiled as cryptographic key according to default compiling rule by the user password for receiving user's input;According to close
Code key pair ciphertext data are decrypted, and obtain clear data.
Memory 620 can mainly include storing program area and storage data area, wherein storing program area can store operation system
Application program needed for system, at least one function;Storage data area, which can be stored, uses created data etc. according to terminal.This
Outside, memory 620 may include high-speed random access memory, can also include nonvolatile memory, for example, at least one
Disk memory, flush memory device or other non-volatile solid state memory parts.In some instances, memory 620 can be into one
Step includes the memory remotely located relative to processor 610, these remote memories can pass through network connection to terminal.On
The example for stating network includes but is not limited to internet, intranet, local area network, mobile radio communication and combinations thereof.
The encrypted transmission method or decryption method that the terminal and above-described embodiment that the present embodiment proposes propose belong to same hair
Bright design, the technical detail of detailed description not can be found in above-described embodiment, and the present embodiment and above-mentioned reality in the present embodiment
Apply example beneficial effect having the same.
Embodiment seven
The present embodiment provides a kind of computer readable storage mediums, are stored thereon with computer program, and the program is processed
It is realized when device executes and such as realizes above-mentioned encrypted transmission method or decryption method.Wherein, the encrypted transmission that mainly may be implemented
Method is as follows: the clear data and user password that transmission terminal uploads in reception;User password is compiled according to default compiling rule
For cryptographic key, clear data is encrypted according to cryptographic key, obtains ciphertext data;Ciphertext data are sent to each broadcasting
Default compiling rule is sent to the authorization terminal in each playback terminal, so that the authorization terminal root in each playback terminal by terminal
Ciphertext data are decrypted according to the user password of received default compiling rule and user's input.
Wherein, the decryption method that mainly may be implemented is as follows: receiving the ciphertext data and default volume that server end is sent
Translate rule;User password is compiled as cryptographic key according to default compiling rule by the user password for receiving user's input;According to close
Code key pair ciphertext data are decrypted, and obtain clear data.
The storage medium and above-mentioned encrypted transmission method or decryption method that the present embodiment proposes belong to same invention structure
Think, the technical detail of detailed description not can be found in above-described embodiment, and the present embodiment and above-described embodiment in the present embodiment
Beneficial effect having the same.
By the description above with respect to embodiment, it is apparent to those skilled in the art that, the present invention
It can be realized by software and required common hardware, naturally it is also possible to which by hardware realization, but in many cases, the former is more
Good embodiment.Based on this understanding, technical solution of the present invention substantially in other words contributes to the prior art
Part can be embodied in the form of software products, which can store in computer readable storage medium
In, floppy disk, read-only memory (Read-Only Memory, ROM), random access memory (Random such as computer
Access Memory, RAM), flash memory (FLASH), hard disk or CD etc., including some instructions are with so that a computer is set
The method that standby (can be personal computer, server or the network equipment etc.) executes each embodiment of the present invention.
Note that the above is only a better embodiment of the present invention and the applied technical principle.It will be appreciated by those skilled in the art that
The present invention is not limited to specific embodiments here, be able to carry out for a person skilled in the art it is various it is apparent variation, again
Adjustment and substitution are without departing from protection scope of the present invention.Therefore, although by above embodiments to the present invention carried out compared with
For detailed description, but the present invention is not limited to the above embodiments only, without departing from the inventive concept, can be with
Including more other equivalent embodiments, and the scope of the invention is determined by the scope of the appended claims.
Claims (10)
1. a kind of encrypted transmission method characterized by comprising
The clear data and user password that transmission terminal uploads in reception;
The user password is compiled as cryptographic key according to default compiling rule, according to the cryptographic key to the plaintext number
According to being encrypted, ciphertext data are obtained;
The ciphertext data are sent to each playback terminal, the default compiling rule is sent in each playback terminal
Authorization terminal, so that the authorization terminal in each playback terminal presets the use of compiling rule and user's input based on the received
The ciphertext data are decrypted in family password.
2. the method according to claim 1, wherein the default compiling rule of the basis compiles the user password
It is translated into cryptographic key, comprising:
According to the default compiling rule, the compiling number of the corresponding presetting digit capacity of each bit digital in the user password is determined
Word;
The encoded number of the corresponding presetting digit capacity of each bit digital is spliced, cryptographic key is obtained.
3. the method according to claim 1, wherein it is described according to the cryptographic key to the clear data into
Row encryption, comprising:
Initial key is encrypted according to the cryptographic key, generates encryption key, according to the encryption key to being stated clearly
Literary data are encrypted;
Wherein, the initial key is sent to each playback terminal with the ciphertext data.
4. according to the method described in claim 3, it is characterized in that, described add initial key according to the cryptographic key
It is close, comprising: the cryptographic key and the initial key are subjected to XOR operation.
5. according to the method described in claim 3, it is characterized in that, the number of the encryption round number encrypted to the clear data
Value is preset value, and the preset value is the positive integer more than or equal to 2;Correspondingly,
Initial key is encrypted according to the cryptographic key, generates encryption key, according to the encryption key to being stated clearly
Literary data are encrypted, comprising:
Initial key is encrypted according to the cryptographic key, the first encryption key is generated, according to first encryption key
First round encryption is carried out to the clear data;
Goal time order key is obtained from least two timing keys by preset order, according to the Goal time order key pair N
Encryption key is encrypted, and N+1 encryption key is generated, according to the N+1 encryption key to N take turns encrypted data into
Row N+1 wheel encryption, and when N+1 is preset value, N+1 is taken turns into encrypted data as ciphertext data;
Wherein, N is positive integer;Wherein, by the preset order and at least two timing key with the default compiling
Rule is sent to the authorization terminal in each playback terminal.
6. a kind of decryption method, which is characterized in that be applied to authorization terminal, comprising:
Receive the ciphertext data and default compiling rule that server end is sent;
The user password is compiled as cryptographic key according to the default compiling rule by the user password for receiving user's input;
The ciphertext data are decrypted according to the cryptographic key, obtain clear data.
7. a kind of encrypted transmission device characterized by comprising
Plaintext receiving module, the clear data and user password uploaded for receiving upper transmission terminal;
Encrypting module, it is close according to the password for the user password to be compiled as cryptographic key according to default compiling rule
Key encrypts the clear data, obtains ciphertext data;
The default compiling rule is sent to by ciphertext sending module for the ciphertext data to be sent to each playback terminal
Authorization terminal in each playback terminal, so that the authorization terminal in each playback terminal presets compiling rule based on the received
Then and the ciphertext data are decrypted in the user password of user's input.
8. a kind of decryption device characterized by comprising
Ciphertext receiving module, for receiving the ciphertext data and default compiling rule of server end transmission;
Key collector, it is according to the default compiling rule that the user is close for receiving the user password of user's input
Code is compiled as cryptographic key;
Deciphering module obtains clear data for the ciphertext data to be decrypted according to the cryptographic key.
9. a kind of terminal, which is characterized in that the terminal includes:
One or more processors;
Memory, for storing one or more programs;
When one or more of programs are executed by one or more of processors, so that one or more of processors are real
Existing encrypted transmission method a method as claimed in any one of claims 1 to 5 or decryption method as claimed in claim 6.
10. a kind of computer readable storage medium, is stored thereon with computer program, which is characterized in that the program is by processor
Encrypted transmission method a method as claimed in any one of claims 1 to 5 or decryption method as claimed in claim 6 are realized when execution.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910238023.9A CN109981648B (en) | 2019-03-27 | 2019-03-27 | Encryption transmission method, decryption method, device, terminal and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910238023.9A CN109981648B (en) | 2019-03-27 | 2019-03-27 | Encryption transmission method, decryption method, device, terminal and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109981648A true CN109981648A (en) | 2019-07-05 |
| CN109981648B CN109981648B (en) | 2021-07-06 |
Family
ID=67080940
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910238023.9A Expired - Fee Related CN109981648B (en) | 2019-03-27 | 2019-03-27 | Encryption transmission method, decryption method, device, terminal and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109981648B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110611668A (en) * | 2019-09-09 | 2019-12-24 | 江西航天鄱湖云科技有限公司 | Freely-configurable Internet of things monitoring method and device, storage medium and equipment |
| CN111884802A (en) * | 2020-08-25 | 2020-11-03 | 中移(杭州)信息技术有限公司 | Media stream encryption transmission method, system, terminal and electronic equipment |
| CN111932752A (en) * | 2020-07-09 | 2020-11-13 | 腾讯科技(深圳)有限公司 | Remote control method and system of access control equipment and storage medium |
| CN112699393A (en) * | 2020-12-31 | 2021-04-23 | 南方电网科学研究院有限责任公司 | Parallel bus data transmission method and device |
| CN114329510A (en) * | 2021-11-16 | 2022-04-12 | 深圳市江波龙电子股份有限公司 | Digital authorization method, device, terminal equipment and storage medium |
| CN114866292A (en) * | 2022-04-18 | 2022-08-05 | 中国航空工业集团公司沈阳飞机设计研究所 | Encryption and decryption method for information security interaction |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070234062A1 (en) * | 2006-04-04 | 2007-10-04 | Grant Friedline | System, computer program and method for a cryptographic system using volatile allocation of a superkey |
| CN105897412A (en) * | 2015-12-15 | 2016-08-24 | 乐视网信息技术(北京)股份有限公司 | Website password generation method and device |
| CN108768633A (en) * | 2018-05-30 | 2018-11-06 | 腾讯科技(深圳)有限公司 | Realize the method and device of information sharing in block chain |
| CN108989287A (en) * | 2018-06-13 | 2018-12-11 | 平安科技(深圳)有限公司 | encryption method, device, terminal device and storage medium |
-
2019
- 2019-03-27 CN CN201910238023.9A patent/CN109981648B/en not_active Expired - Fee Related
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20070234062A1 (en) * | 2006-04-04 | 2007-10-04 | Grant Friedline | System, computer program and method for a cryptographic system using volatile allocation of a superkey |
| CN105897412A (en) * | 2015-12-15 | 2016-08-24 | 乐视网信息技术(北京)股份有限公司 | Website password generation method and device |
| CN108768633A (en) * | 2018-05-30 | 2018-11-06 | 腾讯科技(深圳)有限公司 | Realize the method and device of information sharing in block chain |
| CN108989287A (en) * | 2018-06-13 | 2018-12-11 | 平安科技(深圳)有限公司 | encryption method, device, terminal device and storage medium |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110611668A (en) * | 2019-09-09 | 2019-12-24 | 江西航天鄱湖云科技有限公司 | Freely-configurable Internet of things monitoring method and device, storage medium and equipment |
| CN111932752A (en) * | 2020-07-09 | 2020-11-13 | 腾讯科技(深圳)有限公司 | Remote control method and system of access control equipment and storage medium |
| CN111932752B (en) * | 2020-07-09 | 2023-11-14 | 腾讯科技(深圳)有限公司 | Remote control method, system and storage medium of access control equipment |
| CN111884802A (en) * | 2020-08-25 | 2020-11-03 | 中移(杭州)信息技术有限公司 | Media stream encryption transmission method, system, terminal and electronic equipment |
| CN112699393A (en) * | 2020-12-31 | 2021-04-23 | 南方电网科学研究院有限责任公司 | Parallel bus data transmission method and device |
| CN114329510A (en) * | 2021-11-16 | 2022-04-12 | 深圳市江波龙电子股份有限公司 | Digital authorization method, device, terminal equipment and storage medium |
| CN114866292A (en) * | 2022-04-18 | 2022-08-05 | 中国航空工业集团公司沈阳飞机设计研究所 | Encryption and decryption method for information security interaction |
| CN114866292B (en) * | 2022-04-18 | 2024-03-22 | 中国航空工业集团公司沈阳飞机设计研究所 | Encryption and decryption method for information security interaction |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109981648B (en) | 2021-07-06 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109981648A (en) | A kind of encrypted transmission method, decryption method, device, terminal and storage medium | |
| KR100957121B1 (en) | Key distribution method and authentication server | |
| CN100576904C (en) | The method and apparatus that is used for the subsidiary conditions access server | |
| CN1146185C (en) | Protecting information in system | |
| KR101172093B1 (en) | Digital audio/video data processing unit and method for controlling access to said data | |
| CN101129068B (en) | Method for an iterative cryptographic block | |
| CN101719910B (en) | Terminal equipment for realizing content protection and transmission method thereof | |
| JP2010193449A (en) | Method of securely providing control word from smart card to conditional access module | |
| CN102164034A (en) | Device and method for establishing secure trust key | |
| RU2001124593A (en) | Encrypted transmission method and device for encrypted transmission | |
| CN103716330A (en) | Method and device for encryption and decryption of digital content | |
| US8533493B1 (en) | Method of securing transmission data | |
| US9191621B2 (en) | System and method to record encrypted content with access conditions | |
| JP2012510743A (en) | Content decryption apparatus and encryption system using additional key layer | |
| US11308242B2 (en) | Method for protecting encrypted control word, hardware security module, main chip and terminal | |
| JP2005244534A (en) | Device and method for cipher communication | |
| CN100521771C (en) | A conditional reception system merging Internet and cable television network environments | |
| CN109600631B (en) | Video file encryption and publishing method and device | |
| CN101720013A (en) | Anti-decryption set-top box conditional receiving method | |
| RU2534925C2 (en) | Security method, decoding method, data medium and terminal for security method | |
| TWI514859B (en) | Cascading dynamic crypto periods | |
| CN105306975B (en) | The method and system of control word safe transmission without binding machine and card | |
| CN100358361C (en) | Encipher and decipher method of electronic program guide | |
| CN103988513A (en) | Method, cryptographic system and security module for descrambling content packets of a digital transport stream | |
| CN102857821A (en) | IPTV (internet protocol television) security terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20210706 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |