CN110266477A - A kind of UDP communication realization dynamic encrypting method - Google Patents

A kind of UDP communication realization dynamic encrypting method Download PDF

Info

Publication number
CN110266477A
CN110266477A CN201910433826.XA CN201910433826A CN110266477A CN 110266477 A CN110266477 A CN 110266477A CN 201910433826 A CN201910433826 A CN 201910433826A CN 110266477 A CN110266477 A CN 110266477A
Authority
CN
China
Prior art keywords
udp
client
server
data
port
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201910433826.XA
Other languages
Chinese (zh)
Other versions
CN110266477B (en
Inventor
薛柯利
曾义
杜其昌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Hedong Technology Co Ltd
Original Assignee
Guangzhou Hedong Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou Hedong Technology Co Ltd filed Critical Guangzhou Hedong Technology Co Ltd
Priority to CN201910433826.XA priority Critical patent/CN110266477B/en
Publication of CN110266477A publication Critical patent/CN110266477A/en
Application granted granted Critical
Publication of CN110266477B publication Critical patent/CN110266477B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/16Implementation or adaptation of Internet protocol [IP], of transmission control protocol [TCP] or of user datagram protocol [UDP]
    • H04L69/164Adaptation or special uses of UDP protocol
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)
  • Small-Scale Networks (AREA)

Abstract

It is communicated the invention discloses a kind of UDP and realizes dynamic encrypting method, including UDP server-side design cycle and UDP Client Design process;The UDP server-side design cycle includes command port threaded design process and data port lines journey design cycle;Start a UDP server-side first, while and create a command port thread and a data port lines journey, command port thread is mainly and UDP client exchange dynamic password, data port thread are mainly responsible for the data communication with UDP client.The thread of a command port is first created when UDP client terminal start-up, and a password request message is sent to server-side, when server-side receives the password request message of client, and password is returned to client, client receives the dynamic password of server-side, and creates a data port and the normal interaction data information of server-side.The present invention reinforces whole system safety, effectively prevent illegally controlling, greatly increases the reliability and stability of whole system.

Description

A kind of UDP communication realization dynamic encrypting method
Technical field
The present invention relates to Smart Home technical fields, and in particular to a kind of UDP communication realization dynamic encrypting method.
Background technique
In Industry Control Application, security control is very important, and many field controls all do not encrypt at present, very It is more easily damaged, such as MODBUS, bacnet etc.The present invention proposes that dynamic encrypting method improves the safety of whole system Property.
Summary of the invention
In view of this, in order to solve the above problem in the prior art, the present invention proposes that a kind of UDP communication realizes that dynamic adds Decryption method.
The present invention is solved the above problems by following technological means:
A kind of UDP communication realization dynamic encrypting method, including UDP server-side design cycle and UDP Client Design stream Journey;
The UDP server-side design cycle includes command port threaded design process and data port lines journey design cycle;
The command port threaded design process the following steps are included:
Step S101: the thread of creation UDP command port;
Step S102: command port monitors client request, if there is request message gos to step S103 immediately;
Step S103: it is decrypted using public code KP;
Step S104: judge to request client's request whether correct, go to step S105 if it is password request, otherwise jump Go to step S102;
Step S105: dynamic generation password K1 and return to client, then go to step S102;
The data port threaded design process the following steps are included:
Step S201: the thread of creation UDP message port;
Step S202: monitoring the data of client, if there is data jump to S203;
Step S203: it is decrypted using password K1, then jumps to S204;
Step S204: whether verify data is correct, if correctly going to step S205, otherwise go to step S202;
Step S205: processing data, then go to step S202;
The UDP Client Design process the following steps are included:
Step S301: the thread of creation UDP command port;
Step S302: production random number SN;
Step S303: the dynamic password of public code KP CIPHERING REQUEST server is used;
Step S304: waiting for server request returns, and gos to step S305 if there is returning to and decrypting returned data, surpasses When go to step S302;
Step S305: whether verifying dynamic password is correct, if correct jump to S306, otherwise jumps to S302;
Step S306: the thread of creation UDP message port;
Step S307: dynamic password encryption data is used, server data port is sent to by data port;
Step S308: connection is exited.
Compared with prior art, beneficial effects of the present invention include at least:
The present invention reinforces whole system safety, effectively prevent illegally controlling, greatly increases the reliable of whole system Property and stability.
Detailed description of the invention
To describe the technical solutions in the embodiments of the present invention more clearly, make required in being described below to embodiment Attached drawing is briefly described, it should be apparent that, drawings in the following description are only some embodiments of the invention, for For those of ordinary skill in the art, without creative efforts, it can also be obtained according to these attached drawings other Attached drawing.
Fig. 1 is command port threaded design flow chart in UDP server-side design cycle of the present invention;
Fig. 2 is data port threaded design flow chart in UDP server-side design cycle of the present invention;
Fig. 3 is UDP Client Design flow chart of the present invention.
Specific embodiment
In order to make the foregoing objectives, features and advantages of the present invention clearer and more comprehensible, below in conjunction with attached drawing and specifically Embodiment technical solution of the present invention is described in detail.It should be pointed out that described embodiment is only this hair Bright a part of the embodiment, instead of all the embodiments, based on the embodiments of the present invention, those of ordinary skill in the art are not having Every other embodiment obtained under the premise of creative work is made, shall fall within the protection scope of the present invention.
Embodiment
It is communicated the invention discloses a kind of UDP and realizes dynamic encrypting method, including UDP server-side design cycle and UDP Client Design process;
The UDP server-side design cycle includes command port threaded design process and data port lines journey design cycle;
As shown in Figure 1, the command port threaded design process the following steps are included:
Step S101: the thread of creation UDP command port;
Step S102: command port monitors client request, if there is request message gos to step S103 immediately;
Step S103: it is decrypted using public code KP;
Step S104: judge to request client's request whether correct, go to step S105 if it is password request, otherwise jump Go to step S102;
Step S105: dynamic generation password K1 and return to client, then go to step S102;
As shown in Fig. 2, the data port threaded design process the following steps are included:
Step S201: the thread of creation UDP message port;
Step S202: monitoring the data of client, if there is data jump to S203;
Step S203: it is decrypted using password K1, then jumps to S204;
Step S204: whether verify data is correct, if correctly going to step S205, otherwise go to step S202;
Step S205: processing data, then go to step S202;
As shown in figure 3, the UDP Client Design process the following steps are included:
Step S301: the thread of creation UDP command port;
Step S302: production random number SN;
Step S303: the dynamic password of public code KP CIPHERING REQUEST server is used;
Step S304: waiting for server request returns, and gos to step S305 if there is returning to and decrypting returned data, surpasses When go to step S302;
Step S305: whether verifying dynamic password is correct, if correct jump to S306, otherwise jumps to S302;
Step S306: the thread of creation UDP message port;
Step S307: dynamic password encryption data is used, server data port is sent to by data port;
Step S308: connection is exited.
Intelligent domestic gateway after the power-up, starts a UDP server-side, while and creating a command port thread first With a data port lines journey, command port thread is main and UDP client exchanges dynamic password, and data port thread is mainly born The data communication of duty and UDP client.The thread of a command port is first created when UDP client terminal start-up, and transmission one is close Code request message when server-side receives the password request message of client, and returns to password to client, client to server-side The dynamic password of server-side is received, and creates a data port and the normal interaction data information of server-side.
The present invention reinforces whole system safety, effectively prevent illegally controlling, greatly increases the reliable of whole system Property and stability.
The embodiments described above only express several embodiments of the present invention, and the description thereof is more specific and detailed, but simultaneously Limitations on the scope of the patent of the present invention therefore cannot be interpreted as.It should be pointed out that for those of ordinary skill in the art For, without departing from the inventive concept of the premise, various modifications and improvements can be made, these belong to guarantor of the invention Protect range.Therefore, the scope of protection of the patent of the invention shall be subject to the appended claims.

Claims (1)

1. dynamic encrypting method is realized in a kind of UDP communication, which is characterized in that including UDP server-side design cycle and UDP client Hold design cycle;
The UDP server-side design cycle includes command port threaded design process and data port lines journey design cycle;
The command port threaded design process the following steps are included:
Step S101: the thread of creation UDP command port;
Step S102: command port monitors client request, if there is request message gos to step S103 immediately;
Step S103: it is decrypted using public code KP;
Step S104: judge to request client's request whether correct, go to step S105 if it is password request, otherwise jump to Step S102;
Step S105: dynamic generation password K1 and return to client, then go to step S102;
The data port threaded design process the following steps are included:
Step S201: the thread of creation UDP message port;
Step S202: monitoring the data of client, if there is data jump to S203;
Step S203: it is decrypted using password K1, then jumps to S204;
Step S204: whether verify data is correct, if correctly going to step S205, otherwise go to step S202;
Step S205: processing data, then go to step S202;
The UDP Client Design process the following steps are included:
Step S301: the thread of creation UDP command port;
Step S302: production random number SN;
Step S303: the dynamic password of public code KP CIPHERING REQUEST server is used;
Step S304: waiting for server request returns, and gos to step S305 if there is returning to and decrypting returned data, and time-out is jumped Go to step S302;
Step S305: whether verifying dynamic password is correct, if correct jump to S306, otherwise jumps to S302;
Step S306: the thread of creation UDP message port;
Step S307: dynamic password encryption data is used, server data port is sent to by data port;
Step S308: connection is exited.
CN201910433826.XA 2019-05-23 2019-05-23 Dynamic encryption method for UDP communication Active CN110266477B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910433826.XA CN110266477B (en) 2019-05-23 2019-05-23 Dynamic encryption method for UDP communication

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910433826.XA CN110266477B (en) 2019-05-23 2019-05-23 Dynamic encryption method for UDP communication

Publications (2)

Publication Number Publication Date
CN110266477A true CN110266477A (en) 2019-09-20
CN110266477B CN110266477B (en) 2023-03-24

Family

ID=67915125

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910433826.XA Active CN110266477B (en) 2019-05-23 2019-05-23 Dynamic encryption method for UDP communication

Country Status (1)

Country Link
CN (1) CN110266477B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114157707A (en) * 2021-11-25 2022-03-08 北京煜邦电力技术股份有限公司 Communication connection method, device and system

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020166048A1 (en) * 2001-05-01 2002-11-07 Frank Coulier Use and generation of a session key in a secure socket layer connection
CN102035904A (en) * 2010-12-10 2011-04-27 北京中科大洋科技发展股份有限公司 Method for converting TCP network communication server into client
CN102333093A (en) * 2011-09-28 2012-01-25 深圳市赛格导航科技股份有限公司 Data encryption transmission method and system
CN106027487A (en) * 2016-04-28 2016-10-12 广州广电运通金融电子股份有限公司 Hardware equipment access management method and system
CN107171799A (en) * 2016-11-29 2017-09-15 黄宗美 A kind of method of data transfer encryption
CN108243176A (en) * 2016-12-27 2018-07-03 腾讯科技(深圳)有限公司 Data transmission method and device
CN109286688A (en) * 2018-11-28 2019-01-29 深圳市元征科技股份有限公司 A kind of data download method and device

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020166048A1 (en) * 2001-05-01 2002-11-07 Frank Coulier Use and generation of a session key in a secure socket layer connection
CN102035904A (en) * 2010-12-10 2011-04-27 北京中科大洋科技发展股份有限公司 Method for converting TCP network communication server into client
CN102333093A (en) * 2011-09-28 2012-01-25 深圳市赛格导航科技股份有限公司 Data encryption transmission method and system
CN106027487A (en) * 2016-04-28 2016-10-12 广州广电运通金融电子股份有限公司 Hardware equipment access management method and system
CN107171799A (en) * 2016-11-29 2017-09-15 黄宗美 A kind of method of data transfer encryption
CN108243176A (en) * 2016-12-27 2018-07-03 腾讯科技(深圳)有限公司 Data transmission method and device
CN109286688A (en) * 2018-11-28 2019-01-29 深圳市元征科技股份有限公司 A kind of data download method and device

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114157707A (en) * 2021-11-25 2022-03-08 北京煜邦电力技术股份有限公司 Communication connection method, device and system
CN114157707B (en) * 2021-11-25 2023-07-25 北京煜邦电力技术股份有限公司 Communication connection method, device and system

Also Published As

Publication number Publication date
CN110266477B (en) 2023-03-24

Similar Documents

Publication Publication Date Title
US11722495B2 (en) Operator action authentication in an industrial control system
CN101252439B (en) System and method for increasing information safety equipment security
JP2022003543A (en) Input/output module with multi-channel switching capability
US10271207B2 (en) Wireless dongle and method for wirelessly transmitting data from a computer to at least one field device
CN111131301A (en) Unified authentication and authorization scheme
JP2019146257A (en) Secure industrial control system
CN111770092B (en) Numerical control system network security architecture and secure communication method and system
EP2966520B1 (en) Operator action authentication in an industrial control system
CN101351027A (en) Method and system for processing service authentication
CN101894235B (en) Smart card security session system
CN110213247A (en) A kind of method and system improving pushed information safety
CN112818332A (en) Password management service platform for intelligent manufacturing
CN109587142A (en) A kind of the data safety AM access module and equipment of service-oriented stream
CN102662776A (en) Inter-application communication method, client side and application process manager of online application platform
CN111541776A (en) Safe communication device and system based on Internet of things equipment
CN110266477A (en) A kind of UDP communication realization dynamic encrypting method
CN113868713B (en) Data verification method and device, electronic equipment and storage medium
CN107872794A (en) Channel connection control method and device
EP3937450A1 (en) A login and consent methodology that follows rest principles and uses the oauth protocol with attested clients
CN1738241A (en) Identity attestation safety control method based on remote distributed assembly
CN101198014A (en) Method for preventing smart card sharing CA
CN107172078B (en) Security management and control method and system of core framework platform based on application service
WO2007111470A2 (en) Method and system for managing transmission of internet contents
CN114859810A (en) System and method for safely downloading configuration engineering
CN112463357B (en) Method and equipment for safe interaction of server in-band data

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant