CN110324143A

CN110324143A - Data transmission method, electronic equipment and storage medium

Info

Publication number: CN110324143A
Application number: CN201910442274.9A
Authority: CN
Inventors: 赵勇; 庄光雄; 及晨光; 李耀星; 邹宗慧; 李恒
Original assignee: Ping An Technology Shenzhen Co Ltd
Current assignee: Ping An Technology Shenzhen Co Ltd
Priority date: 2019-05-24
Filing date: 2019-05-24
Publication date: 2019-10-11
Anticipated expiration: 2039-05-24
Also published as: WO2020237868A1; CN110324143B

Abstract

The present invention provides a kind of data transmission method, electronic equipment and storage medium.The data transmission method can data transfer instruction be determining based on the received and whether the server has communications records, when there is no communications records with the server, obtain the device-fingerprint of the electronic equipment, and at least character in the device-fingerprint is extracted at random, to generate first key, the first data to be transmitted is obtained according to the data transfer instruction, using Advanced Encryption Standard, first data to be transmitted is encrypted with the first key, obtain the first ciphertext, first ciphertext is sent to the server, when receiving the second ciphertext of the server feedback, second ciphertext is decrypted with the first key, obtain the second data to be transmitted, to realize data processing, reach encrypted transmission of the data between electronic equipment and server, and due to the complexity of cipher mode, further Improve the safety of data transmission.

Description

Data transmission method, electronic equipment and storage medium

Technical field

The present invention relates to technical field of data processing more particularly to a kind of data transmission method, electronic equipment and storage to be situated between Matter.

Background technique

Currently, in network communication, generally use hypertext transfer protocol (HyperText Transfer Protocol, HTTP), Hyper text transfer security protocol (Hyper Text Transfer Protocol over Secure Socket Layer, HTTPS) etc. the data of transmission are protected, or simply to data carry out signature verification, the above method all without The safety of data transmission is effectively ensured in method, or even in some network communications, directly to carry out data transmission in plain text, without adopting Related safeguard measure is taken, data is caused to be easy to be revealed by hacker attack in transmission process.

Summary of the invention

In view of the foregoing, it is necessary to a kind of data transmission method, electronic equipment and storage medium are provided, can be realized number According to the encrypted transmission between electronic equipment and server, and due to the complexity of cipher mode, data is effectively avoided to be transmitted across It is tampered in journey, further improves the safety of data transmission.

A kind of data transmission method is applied to electronic equipment, and the electronic equipment is communicated with server, the method packet It includes:

When receiving data transfer instruction, whether there is communication with the server according to the data transfer instruction is determining Record；

When there is no communications records with the server, the device-fingerprint of the electronic equipment is obtained；

At least character in the device-fingerprint is extracted, at random to generate first key；

The first data to be transmitted is obtained according to the data transfer instruction；

Using Advanced Encryption Standard, first data to be transmitted is encrypted with the first key, obtains first Ciphertext；

First ciphertext is sent to the server；

When receiving the second ciphertext of the server feedback, second ciphertext is decrypted with the first key, is obtained To the second data to be transmitted.

Preferred embodiment according to the present invention, at least character extracted in the device-fingerprint at random, to generate First key includes:

Complementation is carried out to an at least character, obtains the first numerical value；

First numerical value relative configuration numerical value is subjected to logical operation, generates the first character string；

Everybody of first character string is added up, second value is obtained；

Complementation is carried out to the second value, obtains third value；

System conversion is carried out to the third value, generates the second character string；

Splice first character string and second character string, obtains the first key.

Preferred embodiment according to the present invention, the method also includes:

After decrypting second ciphertext with the first key, the first temporary key is obtained；

Encrypt first temporary key；

Determine application program corresponding with the data transfer instruction；

Encrypted first temporary key is stored in the storage catalogue of the application program.

Preferred embodiment according to the present invention, when having communications records with the server, the method also includes:

Obtain the device-fingerprint；

Extract an at least character at random from the device-fingerprint and first temporary key, it is close to generate second Key；

First data to be transmitted is obtained according to the data transfer instruction；

Using Advanced Encryption Standard, is encrypted with the first data to be transmitted described in second key pair, obtain third Ciphertext；

The third ciphertext is sent to the server.

A kind of data transmission method is applied to server, and the server is communicated with electronic equipment, the method packet It includes:

When receiving the first ciphertext that the electronic equipment is sent, from the request header of first ciphertext described in acquisition The device-fingerprint of electronic equipment；

It is determining whether to have communications records with the electronic equipment according to the device-fingerprint；

When not having communications records with the electronic equipment, at least character in the device-fingerprint is extracted at random, To generate first key；

First ciphertext is decrypted with the first key, obtains the first data to be transmitted；

It is retrieved according to first data to be transmitted, obtains the second data to be transmitted；

It is random to determine arbitrary string, generate the first temporary key；

Using Advanced Encryption Standard, with the first key to first temporary key and second data to be transmitted It is encrypted, obtains the second ciphertext；

By second Cipher Feedback to the electronic equipment.

Preferred embodiment according to the present invention determines arbitrary string random, after generating the first temporary key, the method Further include:

Record the corresponding relationship of first temporary key and the device-fingerprint；

The corresponding relationship is saved into preconfigured list of devices；

Wherein, the list of devices is used to store all terminal devices for having communications records with the server.

Preferred embodiment according to the present invention, described according to the device-fingerprint, it is logical whether determination has with the electronic equipment Letter records

The device-fingerprint is matched with the list of devices；

When, there are when the device-fingerprint, the determining and electronic equipment has communications records in the list of devices；Or

It is determining not have communications records with the electronic equipment when the device-fingerprint is not present in the list of devices.

When there are communications records with the electronic equipment, obtained from the list of devices corresponding with the device-fingerprint First temporary key；

When detecting can not be decrypted with second key, the number of decryption failure in preset time is obtained；

When the number is more than or equal to preset value, the electronic equipment is locked.

A kind of data transmission device runs on electronic equipment, and the electronic equipment is communicated with server, described device packet It includes:

Determination unit, for being determined and the clothes according to the data transfer instruction when receiving data transfer instruction Whether business device has communications records；

Acquiring unit, for obtaining the device-fingerprint of the electronic equipment when not having communications records with the server；

Generation unit, for extracting at least character in the device-fingerprint at random, to generate first key；

The acquiring unit is also used to obtain the first data to be transmitted according to the data transfer instruction；

Encryption unit carries out first data to be transmitted with the first key for using Advanced Encryption Standard Encryption, obtains the first ciphertext；

Transmission unit, for first ciphertext to be sent to the server；

Decryption unit, for decrypting institute with the first key when receiving the second ciphertext of the server feedback The second ciphertext is stated, the second data to be transmitted is obtained.

Preferred embodiment according to the present invention, the generation unit extract at least word in the device-fingerprint at random It accords with, includes: to generate first key

Everybody of first character string is added up, second value is obtained；

Complementation is carried out to the second value, obtains third value；

Preferred embodiment according to the present invention, the decryption unit are also used to first key decryption described second After ciphertext, the first temporary key is obtained；

The encryption unit is also used to encrypt first temporary key；

The determination unit is also used to determine application program corresponding with the data transfer instruction；

Described device further include:

Storage unit, for encrypted first temporary key to be stored in the storage catalogue of the application program.

Preferred embodiment according to the present invention, the acquiring unit are also used to obtain when having communications records with the server Take the device-fingerprint；

The generation unit is also used to extract at least one at random from the device-fingerprint and first temporary key Character, to generate the second key；

The acquiring unit is also used to obtain first data to be transmitted according to the data transfer instruction；

The encryption unit is also used to using Advanced Encryption Standard, with the first number to be transmitted described in second key pair According to being encrypted, third ciphertext is obtained；

The transmission unit is also used to the third ciphertext being sent to the server.

A kind of data transmission system runs on server, and the server is communicated with electronic equipment, the system packet It includes:

Module is obtained, for when receiving the first ciphertext that the electronic equipment is sent, from asking for first ciphertext Seek the device-fingerprint that the electronic equipment is obtained in head；

Determining module, for according to the device-fingerprint, whether the determining and electronic equipment to have communications records；

Generation module, for being extracted in the device-fingerprint at random when not having communications records with the electronic equipment An at least character, to generate first key；

Deciphering module obtains the first data to be transmitted for decrypting first ciphertext with the first key；

The acquisition module is also used to be retrieved according to first data to be transmitted, obtains the second data to be transmitted；

The generation module is also used to determine arbitrary string at random, generates the first temporary key；

Encrypting module, for using Advanced Encryption Standard, with the first key to first temporary key and described Second data to be transmitted is encrypted, and the second ciphertext is obtained；

Feedback module is used for second Cipher Feedback to the electronic equipment.

Preferred embodiment according to the present invention, the system also includes:

After generating the first temporary key, it is interim to record described first for determining arbitrary string random for logging modle The corresponding relationship of key and the device-fingerprint；

Preserving module, for saving the corresponding relationship into preconfigured list of devices；

Preferred embodiment according to the present invention, the determining module are specifically used for:

The device-fingerprint is matched with the list of devices；

Preferred embodiment according to the present invention, the acquisition module are also used to when having communications records with the electronic equipment, First temporary key corresponding with the device-fingerprint is obtained from the list of devices；

The generation module is also used to extract at least one at random from the device-fingerprint and first temporary key Character, to generate the second key；

The acquisition module is also used to when detecting can not be decrypted with second key, obtains solution in preset time The number of close failure；

The system also includes:

Locking module, for locking the electronic equipment when the number is more than or equal to preset value.

A kind of electronic equipment, the electronic equipment include:

Memory stores at least one instruction；And

Processor executes the instruction stored in the memory to realize the data transmission method.

A kind of server, the server include:

Equipment is stored, at least one instruction is stored；And

Processing equipment executes the instruction stored in the storage equipment to realize the data transmission method.

A kind of computer readable storage medium is stored at least one instruction, institute in the computer readable storage medium At least one instruction is stated to be executed by the processor in electronic equipment to realize the data transmission method.

A kind of computer readable storage medium is stored at least one instruction, institute in the computer readable storage medium At least one instruction is stated to be executed by the processing equipment in server to realize the data transmission method.

As can be seen from the above technical solutions, the present invention data transfer instruction can determine based on the received and with server be It is no to have communications records, when not having communications records with the server, the device-fingerprint of electronic equipment is obtained, and extract institute at random At least character in device-fingerprint is stated, to generate first key, further obtains first according to the data transfer instruction Data to be transmitted encrypts first data to be transmitted with the first key using Advanced Encryption Standard, obtains First ciphertext is sent to the server to increase the complexity of data encryption by one ciphertext, described when receiving When the second ciphertext of server feedback, second ciphertext is decrypted with the first key, obtains the second data to be transmitted, thus It realizes encrypted transmission of the data between electronic equipment and server, and due to the complexity of cipher mode, effectively data is avoided to exist It is tampered in transmission process, further improves the safety of data transmission.

Detailed description of the invention

Fig. 1 is the applied environment figure for the preferred embodiment that the present invention realizes data transmission method.

Fig. 2 is the flow chart for the preferred embodiment that data transmission method of the present invention is applied to electronic equipment.

Fig. 3 is the flow chart for the preferred embodiment that data transmission method of the present invention is applied to server.

Fig. 4 is the functional block diagram of the electronic equipment of the preferred embodiment of data transmission device of the present invention.

Fig. 5 is the functional block diagram of the server of the preferred embodiment of data transmission system of the present invention.

Fig. 6 is the structural schematic diagram of the electronic equipment for the preferred embodiment that the present invention realizes data transmission method.

Fig. 7 is the structural schematic diagram of the server for the preferred embodiment that the present invention realizes data transmission method.

Main element symbol description

Electronic equipment	1
		Memory	12
Processor	13
		Server	2
Store equipment	22
		Processing equipment	23
Data transmission device	11
		Determination unit	100
Acquiring unit	101
		Generation unit	102
Encryption unit	103
		Transmission unit	104
Decryption unit	105
		Storage unit	106
Data transmission system	21
		Obtain module	200
Determining module	201
		Generation module	202
Deciphering module	203
		Encrypting module	204
Feedback module	205
		Logging modle	206
Preserving module	207
		Locking module	208

Specific embodiment

To make the objectives, technical solutions, and advantages of the present invention clearer, right in the following with reference to the drawings and specific embodiments The present invention is described in detail.

It as described in Figure 1, is the applied environment figure for the preferred embodiment that the present invention realizes data transmission method.It is described to apply ring Border figure includes electronic equipment 1 and server 2.The electronic equipment 1 is communicated with the server 2.

Wherein, the electronic equipment 1 is for generating the first ciphertext.

The server 2 is used to obtain the second data to be transmitted according to first ciphertext, to be transmitted according to described second Data generate the second ciphertext, and by second Cipher Feedback to the electronic equipment 1.

Preferably, data transmission method of the present invention is applied to one or more electronic equipment 1 and one or more clothes It is engaged in device 2, the electronic equipment 1 and the server 2 are that one kind can be automatic to carry out according to the instruction for being previously set or storing Numerical value calculates and/or the equipment of information processing, and hardware includes but is not limited to microprocessor, specific integrated circuit (Application Specific Integrated Circuit, ASIC), programmable gate array (Field- Programmable Gate Array, FPGA), it is digital processing unit (Digital Signal Processor, DSP), embedded Equipment etc..

The electronic equipment 1 and the server 2 can be any electronics that can carry out human-computer interaction with user and produce Product, for example, personal computer, tablet computer, smart phone, personal digital assistant (Personal Digital Assistant, PDA), game machine, Interactive Internet TV (Internet Protocol Television, IPTV), intellectual wearable set It is standby etc..

The electronic equipment 1 and the server 2 can also include the network equipment and/or user equipment.Wherein, the net Network equipment includes, but are not limited to single network server, the server group of multiple network servers composition or based on cloud computing The cloud being made of a large amount of hosts or network server of (Cloud Computing).

Network locating for the electronic equipment 1 and the server 2 include but is not limited to internet, wide area network, Metropolitan Area Network (MAN), Local area network, Virtual Private Network (Virtual Private Network, VPN) etc..

As shown in Fig. 2, being the flow chart for the preferred embodiment that data transmission method of the present invention is applied to electronic equipment.According to Different demands, the sequence of step can change in the flow chart, and certain steps can be omitted.

S10 is determined according to the data transfer instruction when receiving data transfer instruction and whether the server 2 There are communications records.

In at least one embodiment of the present invention, when detecting that user triggers the signal of preset service, the electronics The determination of equipment 1 receives the data transfer instruction.

Specifically, the preset service refers to the service for needing that data are obtained to the server 2, such as: search service, Login service etc..

In at least one embodiment of the present invention, the electronic equipment 1 is according to the data transfer instruction determination and institute Whether state server 2 has the communications records to include:

The electronic equipment 1 obtains application program corresponding with the data transfer instruction, further determines that the application The storage catalogue of program detects the temporary key generated in the storage catalogue with the presence or absence of the server 2.

Further, when, there are when the temporary key of the server 2 generation, the electronics is set in the storage catalogue Standby 1 determination has communications records with the server 2, or when there is no what the server 2 generated to face in the storage catalogue When key when, the electronic equipment 1 is determining not to have communications records with the server.

It is understood that whether having communications records with the server 2 for the electronic equipment 1, the electronics is set Standby 1 will carry out different responses, will specifically elaborate later.

S11 obtains the device-fingerprint of the electronic equipment 1 when not having communications records with the server.

In at least one embodiment of the present invention, the device-fingerprint refers to that can be used for unique identification goes out the electronics The equipment feature or unique device identification of equipment 1.The device-fingerprint includes some intrinsic, more difficult distorts and uniquely Device identification.

Specifically, the electronic equipment 1 generates the device-fingerprint and includes:

The electronic equipment 1 obtains the facility information of the electronic equipment 1, and sets according to facility information generation Standby fingerprint.

Wherein, the facility information includes, but are not limited to the combination of following one or more:

SIM (the Subscriber Identification of the sequence number of the electronic equipment 1, the electronic equipment 1 Module, user identification module) it is card number, the vendor code of the electronic equipment 1, the model of the electronic equipment 1, described Hardware identifier code of electronic equipment 1 etc..

By above embodiment, the electronic equipment 1, which generates, is capable of the equipment of electronic equipment 1 described in unique identification and refers to Line, and the device-fingerprint can be made of a string of characters.

Such as: the device-fingerprint can be made of 32-bit number/letter.

S12 extracts at least character in the device-fingerprint, at random to generate first key.

In at least one embodiment of the present invention, the first key is used for the number to be transmitted of electronic equipment 1 According to being encrypted.

Specifically, at least character extracted in the device-fingerprint at random includes: to generate first key

The electronic equipment 1 carries out complementation to an at least character, obtains the first numerical value, by first number Value relative configuration numerical value carries out logical operation, generates the first character string, everybody of first character string is added up, obtains second Numerical value carries out complementation to the second value, obtains third value, and carry out system conversion to the third value, raw At the second character string, splices first character string and second character string, obtain the first key.

Such as: the electronic equipment 1 carries out the operation based on ASCII character to an at least character, obtains 30 digits Word/letter, and operation is carried out according to 30 obtained bit digitals/letter, two bit check positions are generated, and then obtain one 32 words Symbol string, and 32 to obtain character strings are as the first key.

By above embodiment, it is raw that the electronic equipment 1 extracts at least character in the device-fingerprint at random At the first key, the case where can be avoided the certainty due to the device-fingerprint, the first key caused to be cracked, It may include a variety of possibilities that the electronic equipment 1 extracts at least character in the device-fingerprint at random, therefore mention The high difficulty cracked.

S13 obtains the first data to be transmitted according to the data transfer instruction.

In at least one embodiment of the present invention, according to the data transfer instruction, the electronic equipment 1 can be obtained To the user's user information for triggering the data transfer instruction.

Meanwhile the electronic equipment 1 can also be got from the data transfer instruction it is corresponding with the preset service Related data, including first data to be transmitted.

Such as: when detecting the search service of user A triggering, the electronic equipment 1 determines that getting the data passes Defeated instruction, further, the electronic equipment 1 obtain the user A text B to be searched for, and the text B is determined as institute State the first data to be transmitted.

S14 encrypts first data to be transmitted with the first key, is obtained using Advanced Encryption Standard First ciphertext.

In at least one embodiment of the present invention, Advanced Encryption Standard (the Advanced Encryption Standard, AES) it is a kind of symmetry encryption algorithm, under the premise of ensure that data safety, since algorithm discloses, calculates Measure small, therefore enciphering rate is fast, and encryption efficiency is higher.

In at least one embodiment of the present invention, first ciphertext refers to that the electronic equipment 1 is transmitted to the clothes The data of business device, to obtain data from the server 2 according to first ciphertext.

Such as: when first data to be transmitted is the text B, then the electronic equipment 1 will include the text B The first ciphertext be transmitted to the server 2 after, the search result of the text B will be obtained.

First ciphertext is sent to the server 2 by S15.

In at least one embodiment of the present invention, the server 2 is for receiving first ciphertext, and from described the First data to be transmitted is obtained in one ciphertext, and the electronic equipment 1 is further determined according to first data to be transmitted Request the data of passback.

In at least one embodiment of the present invention, first ciphertext is sent to the service by the electronic equipment 1 Device 2 avoids causing data to be intercepted due to plaintext transmission, influences the safety of data in network transmission process.

S16, it is close with first key decryption described second when receiving the second ciphertext of the server feedback Text obtains the second data to be transmitted.

In at least one embodiment of the present invention, second ciphertext is the server 2 according to first ciphertext The data of feedback.

In at least one embodiment of the present invention, second data to be transmitted is described in the electronic equipment 1 is decrypted The data obtained after second ciphertext, after getting second data to be transmitted, the electronic equipment 1 be can be completed to the clothes The task for 2 request data of device of being engaged in.

Such as: when the first data to be transmitted in first ciphertext is the text B, then second ciphertext includes The search result of the text B.

In at least one embodiment of the present invention, the method also includes:

The electronic equipment 1 obtains the first temporary key after decrypting second ciphertext with the first key, encrypts First temporary key, further, the electronic equipment 1 determine application program corresponding with the data transfer instruction, Encrypted first temporary key is stored in the storage catalogue of the application program.

Specifically, first temporary key is a string of random data.

Such as: first temporary key can be a string of 16 random digit/letters.

Further, first temporary key is encrypted using any Encryption Algorithm, is can be realized to described The encrypting storing of one temporary key, it is ensured that the safety of first temporary key.

By above embodiment, the first temporary key encrypting storing is applied journey to described by the electronic equipment 1 In the storage catalogue of sequence, when facilitating subsequent carry out data transmission, can directly it be adjusted from the storage catalogue of the application program It takes, while keeping first temporary key synchronous with the application program, when the application program is unloaded, described first faces When key will also be deleted, further improve safety.

In at least one embodiment of the present invention, when having communications records with the server 2, the method is also wrapped It includes:

The electronic equipment 1 obtains the device-fingerprint, random from the device-fingerprint and first temporary key An at least character is extracted, to generate the second key, first data to be transmitted is obtained according to the data transfer instruction, into One step, the electronic equipment 1 uses Advanced Encryption Standard, is added with the first data to be transmitted described in second key pair It is close, third ciphertext is obtained, and the third ciphertext is sent to the server 2.

By above embodiment, when the electronic equipment 1 has communications records with the server 2, the electronics is set Standby 1 is simultaneously to further improve number according to second key is generated with the device-fingerprint and first temporary key According to the safety of transmission.

As shown in figure 3, being the flow chart for the preferred embodiment that data transmission method of the present invention is applied to server 2.According to Different demands, the sequence of step can change in the flow chart, and certain steps can be omitted.

S20 obtains institute from the request header of first ciphertext when receiving the first ciphertext of the transmission of electronic equipment 1 State the device-fingerprint of electronic equipment 1.

In at least one embodiment of the present invention, the electronic equipment 1 is sending first ciphertext to server 2 When, using the device-fingerprint as request header, and first ciphertext is carried, Xiang Suoshu server 2 sends request of data.

S21, it is determining whether to have communications records with the electronic equipment 1 according to the device-fingerprint.

In at least one embodiment of the present invention, after the server 2 had communications records with the electronic equipment 1, Using recording-related information as the voucher communicated, will specifically illustrate later.

S22 extracts at least one in the device-fingerprint when not having communications records with the electronic equipment 1 at random Character, to generate first key.

In at least one embodiment of the present invention, the mode of the first key is generated according to the device-fingerprint with before The mode that electronic equipment 1 described in text generates the first key is consistent, and this will not be repeated here by the present invention.

S23 decrypts first ciphertext with the first key, obtains the first data to be transmitted.

In at least one embodiment of the present invention, when the first key is consistent with the cipher mode of first ciphertext When, the server 2 then can obtain first data to be transmitted with the first ciphertext described in successful decryption.

And when the cipher mode of the first key and first ciphertext is inconsistent, the server 2 will be unable to solve Close first ciphertext also can not just get first data to be transmitted from first ciphertext.

By above embodiment, the safety of data in network transmission can effectively ensure that.

S24 is retrieved according to first data to be transmitted, obtains the second data to be transmitted.

In at least one embodiment of the present invention, according to first data to be transmitted, the server 2 be can determine The electronic equipment 1 wants the data obtained.

Such as: when first data to be transmitted is the text B, the server determines that the electronic equipment 1 needs The search result of the text B is obtained, further, the search result of the text B is determined as described by the server 2 Second data to be transmitted.

S25 determines arbitrary string at random, generates the first temporary key.

In at least one embodiment of the present invention, first temporary key is a string of random data.

Such as: first temporary key can be a string of 16 random digit/letters.

In at least one embodiment of the present invention, arbitrary string is determined random, after generating the first temporary key, institute State method further include:

The server 2 records the corresponding relationship of first temporary key and the device-fingerprint, further, described Server 2 saves the corresponding relationship into preconfigured list of devices, wherein the list of devices is for storage and institute State all terminal devices that server 2 there are communications records.

By above embodiment, the corresponding relationship can be recorded in the list of devices for the server 2, just Determine whether the electronic equipment 1 communicated with the server 2 according to the list of devices in subsequent.

In at least one embodiment of the present invention, described according to the device-fingerprint, determining with the electronic equipment 1 is No have the communications records to include:

The server 2 matches the device-fingerprint with the list of devices, exists when in the list of devices It is determining to have communications records with the electronic equipment when device-fingerprint；Or when being set in the list of devices there is no described It is determining there is no communications records with the electronic equipment when standby fingerprint.

It by above embodiment, can determine whether the electronic equipment 1 communicated with the server 2, go forward side by side One step takes different counter-measures.

S26, using Advanced Encryption Standard, with the first key to first temporary key and described second to be transmitted Data are encrypted, and the second ciphertext is obtained.

In at least one embodiment of the present invention, it is interim close to have also combined described first for the generation of second ciphertext Key improves the complexity of data encryption, due to the randomness of first temporary key, makes cracking more for second ciphertext Add difficulty, the safety to ensure second ciphertext is higher.

S27, by second Cipher Feedback to the electronic equipment.

It at least one embodiment of the present invention, include in the electronic equipment 1 is requested in second ciphertext Hold.

In at least one embodiment of the present invention, when having communications records with the electronic equipment 1, the method is also wrapped It includes:

The server 2 obtains first temporary key corresponding with the device-fingerprint from the list of devices, Extract an at least character at random from the device-fingerprint and first temporary key, to generate the second key, further Ground, the server 2 are used Advanced Encryption Standard, are encrypted, obtained with the second data to be transmitted described in second key pair To the 4th ciphertext, by the 4th Cipher Feedback to the electronic equipment 1.

By above embodiment, the server 2 directly generates described the using first temporary key of storage Two keys.

Next, the communication between the server 2 and the electronic equipment 1 will all rely on second key, until There are special circumstances.

Specifically, the method also includes:

When detecting that either side in the electronic equipment 1 and the server 2 loses first temporary key, And/or it when configuration service starting, regenerates and saves first temporary key.

Specifically, the configuration service may include, but be not limited to: user's Sign-On services etc..

Such as: when the application program of first temporary key storage is unloaded, first temporary key is caused to be lost When, it regenerates and saves first temporary key.

Through above embodiment, before guaranteeing that the server 2 carries out normal data communication with the electronic equipment 1 It puts, moreover it is possible to further ensure that the safety of data transmission.

In at least one embodiment of the present invention, the method also includes:

When detecting can not be decrypted with second key, the server 2 obtains decryption failure in preset time Number locks the electronic equipment 1 when the number is more than or equal to preset value.

Specifically, the preset value can be custom-configured, and the present invention does not limit.

It is understood that it is described to illustrate that the electronic equipment 1 does not store if can not decrypt with second key First temporary key, therefore, the data transmission in view of the server 2 and the electronic equipment 1 depend on described first Temporary key illustrates that the electronic equipment 1 is most likely in the abnormal condition that malice steals information.

After the electronic equipment 1 is lockable, the server 2 will no longer receive the request data of the electronic equipment 1.

Certainly, in other embodiments, the server can also be configured and refuses the electronic equipment within setup time All requests, the present invention do not limit.

By above embodiment, it is possible to prevente effectively from occurring the case where data theft, make the protection of data transmission procedure It is stronger, avoid information leakage.

As shown in figure 4, being the functional block diagram of the electronic equipment of the preferred embodiment of data transmission device of the present invention.It is described Data transmission device 11 includes determination unit 100, acquiring unit 101, generation unit 102, encryption unit 103, transmission unit 104, decryption unit 105 and storage unit 106.The so-called unit of the present invention refer to one kind can performed by processor 13, And the series of computation machine program segment of fixed function can be completed, storage is in memory 12.In the present embodiment, about The function of each unit will be described in detail in subsequent embodiment.

When receiving data transfer instruction, determination unit 100 is according to data transfer instruction determination and the service Whether device 2 has communications records.

In at least one embodiment of the present invention, when detecting that user triggers the signal of preset service, the determination The determination of unit 100 receives the data transfer instruction.

In at least one embodiment of the present invention, the determination unit 100 according to the data transfer instruction determine with Whether the server 2 has the communications records to include:

The determination unit 100 obtains application program corresponding with the data transfer instruction, further determines that described answer With the storage catalogue of program, the temporary key generated in the storage catalogue with the presence or absence of the server is detected.

Further, when, there are when the temporary key of the server 2 generation, the determination is single in the storage catalogue Member 100 is determining to have communications records with the server 2, or when there is no the server 2 generations in the storage catalogue When temporary key, the determination unit 100 is determining not to have communications records with the server.

It is understood that whether having communications records for data transmission device 11 and the server 2, the data are passed Defeated device 11 will carry out different responses, will specifically elaborate later.

When not having communications records with the server, acquiring unit 101 obtains the device-fingerprint of the electronic equipment 1.

Specifically, the acquiring unit 101 generates the device-fingerprint and includes:

The acquiring unit 101 obtains the facility information of the electronic equipment 1, and according to facility information generation Device-fingerprint.

By above embodiment, the acquiring unit 101, which generates, is capable of the equipment of electronic equipment 1 described in unique identification and refers to Line, and the device-fingerprint can be made of a string of characters.

Such as: the device-fingerprint can be made of 32-bit number/letter.

Generation unit 102 extracts at least character in the device-fingerprint at random, to generate first key.

Specifically, the generation unit 102 extracts at least character in the device-fingerprint at random, to generate first Key includes:

The generation unit 102 carries out complementation to an at least character, the first numerical value is obtained, by described first Numerical value is oppositely disposed numerical value and carries out logical operation, generates the first character string, and everybody of first character string is added up, and obtains the Two numerical value carry out complementation to the second value, obtain third value, and carry out system conversion to the third value, The second character string is generated, splices first character string and second character string, obtains the first key.

Such as: the generation unit 102 carries out the operation based on ASCII character to an at least character, obtains 30 Number/letter, and operation is carried out according to 30 obtained bit digitals/letter, two bit check positions are generated, and then obtain one 32 Character string, and 32 to obtain character strings are as the first key.

By above embodiment, at least character generation described first extracted in the device-fingerprint at random is close The case where key can be avoided the certainty due to the device-fingerprint, the first key caused to be cracked, at random described in extraction An at least character in device-fingerprint may include a variety of possibilities, therefore improve the difficulty cracked.

The acquiring unit 101 obtains the first data to be transmitted according to the data transfer instruction.

In at least one embodiment of the present invention, according to the data transfer instruction, the acquiring unit 101 can be obtained Get the user's user information for triggering the data transfer instruction.

Meanwhile the acquiring unit 101 can also be got from the data transfer instruction it is corresponding with the preset service Related data, including first data to be transmitted.

Such as: when detecting the search service of user A triggering, the determination of acquiring unit 101 gets the data Transmission instruction, further, the acquiring unit 101 obtain the user A text B to be searched for, and the text B is determined For first data to be transmitted.

Encryption unit 103 uses Advanced Encryption Standard, is added with the first key to first data to be transmitted It is close, obtain the first ciphertext.

In at least one embodiment of the present invention, it is described to refer to that the encryption unit 103 is transmitted to for first ciphertext The data of server, to obtain data from the server 2 according to first ciphertext.

Such as: when first data to be transmitted is the text B, then the encryption unit 103 will include the text After the first ciphertext of word B is transmitted to the server 2, the search result of the text B will be obtained.

First ciphertext is sent to the server 2 by transmission unit 104.

In at least one embodiment of the present invention, first ciphertext is sent to the clothes by the transmission unit 104 Business device 2, avoids causing data to be intercepted due to plaintext transmission, influences the safety of data in network transmission process.

When receiving the second ciphertext of the server feedback, decryption unit 105 is described in first key decryption Second ciphertext obtains the second data to be transmitted.

In at least one embodiment of the present invention, second data to be transmitted is that the decryption unit 105 decrypts institute The data obtained after the second ciphertext are stated, after getting second data to be transmitted, the decryption unit 105 be can be completed to institute State the task of 2 request data of server.

In at least one embodiment of the present invention, the method also includes:

The decryption unit 105 obtains the first temporary key, institute after decrypting second ciphertext with the first key It states encryption unit 103 and encrypts first temporary key, further, the determination unit 100 is determining to be transmitted with the data Corresponding application program is instructed, encrypted first temporary key is stored in the storage of the application program by storage unit 106 In catalogue.

Specifically, first temporary key is a string of random data.

Such as: first temporary key can be a string of 16 random digit/letters.

By above embodiment, by the storage catalogue of the first temporary key encrypting storing to the application program In, it when facilitating subsequent carry out data transmission, can directly be transferred from the storage catalogue of the application program, while making described First temporary key is synchronous with the application program, and when the application program is unloaded, first temporary key also will be by It deletes, further improves safety.

The acquiring unit 101 obtains the device-fingerprint, and the generation unit 102 is from the device-fingerprint and described An at least character is extracted in one temporary key at random, to generate the second key, the acquiring unit 101 is passed according to the data Defeated instruction obtains first data to be transmitted, and further, the encryption unit 103 uses Advanced Encryption Standard, with described First data to be transmitted described in second key pair is encrypted, and third ciphertext is obtained, and the transmission unit 104 is close by the third Text is sent to the server 2.

By above embodiment, when having communications records with the server 2, the generation unit 102 is simultaneously with institute Device-fingerprint and first temporary key are stated to further improve the safety of data transmission according to second key is generated Property.

As shown in figure 5, being the functional block diagram of the preferred embodiment server of data transmission system of the present invention.The data Transmission system 21 includes obtaining module 200, determining module 201, generation module 202, deciphering module 203, encrypting module 204, anti- Present module 205, logging modle 206, preserving module 207 and locking module 208.The so-called module of the present invention refers to a kind of energy Performed by enough equipment 23 processed, and the series of computation machine program segment of fixed function can be completed, be stored in storage and set In standby 22.In the present embodiment, it will be described in detail in subsequent embodiment about the function of each module.

When receiving the first ciphertext of the transmission of electronic equipment 1, module 200 is obtained from the request header of first ciphertext Obtain the device-fingerprint of the electronic equipment 1.

In at least one embodiment of the present invention, the electronic equipment 1 is sending described to the acquisition module 200 When one ciphertext, using the device-fingerprint as request header, and first ciphertext is carried, sends number to the acquisition module 200 According to request.

According to the device-fingerprint, whether determining module 201 is determining has communications records with the electronic equipment 1.

In at least one embodiment of the present invention, after server 2 and the electronic equipment 1 there are communications records, will remember Relevant information is recorded as the voucher communicated, will specifically be illustrated later.

When not having communications records with the electronic equipment 1, generation module 202 extracts in the device-fingerprint extremely at random A few character, to generate first key.

Deciphering module 203 decrypts first ciphertext with the first key, obtains the first data to be transmitted.

In at least one embodiment of the present invention, when the first key is consistent with the cipher mode of first ciphertext When, the deciphering module 203 then can obtain first data to be transmitted with the first ciphertext described in successful decryption.

And when the cipher mode of the first key and first ciphertext is inconsistent, the deciphering module 203 is by nothing Method decrypts first ciphertext, and first data to be transmitted also can not be just got from first ciphertext.

The acquisition module 200 is retrieved according to first data to be transmitted, obtains the second data to be transmitted.

In at least one embodiment of the present invention, according to first data to be transmitted, the acquisition module 200 can Determine that the electronic equipment 1 wants the data obtained.

Such as: when first data to be transmitted is the text B, the acquisition module 200 determines that the electronics is set Standby 1 needs to obtain the search result of the text B, and further, the acquisition module 200 is by the search result of the text B It is determined as second data to be transmitted.

The generation module 202 determines arbitrary string at random, generates the first temporary key.

Such as: first temporary key can be a string of 16 random digit/letters.

Logging modle 206 records the corresponding relationship of first temporary key and the device-fingerprint, further, saves Module 207 saves the corresponding relationship into preconfigured list of devices, wherein the list of devices is for storage and institute State all terminal devices that server 2 there are communications records.

By above embodiment, the corresponding relationship can be recorded in the list of devices, be convenient for subsequent basis The list of devices determines whether the electronic equipment 1 communicated with the server 2.

In at least one embodiment of the present invention, the determining module 201 is according to the device-fingerprint, it is determining with it is described Whether electronic equipment 1 has the communications records to include:

The determining module 201 matches the device-fingerprint with the list of devices, when in the list of devices There are when the device-fingerprint, the determining and electronic equipment has communications records；Or when there is no institutes in the list of devices It is determining there is no communications records with the electronic equipment when stating device-fingerprint.

Encrypting module 204 uses Advanced Encryption Standard, with the first key to first temporary key and described the Two data to be transmitted are encrypted, and the second ciphertext is obtained.

Feedback module 205 is by second Cipher Feedback to the electronic equipment.

It is interim close that the acquisition module 200 obtains corresponding with the device-fingerprint described first from the list of devices Key, the generation module 202 extracts an at least character at random from the device-fingerprint and first temporary key, with life At the second key, further, encrypting module 204 uses Advanced Encryption Standard, to be passed with described in second key pair second Transmission of data is encrypted, and obtains the 4th ciphertext, and the feedback module 205 is by the 4th Cipher Feedback to the electronic equipment 1.

By above embodiment, second key directly is generated using first temporary key of storage.

Specifically, the method also includes:

When detecting that either side in the electronic equipment 1 and the server 2 loses first temporary key, And/or when configuration service starting, the preserving module 207 regenerates and saves first temporary key.

In at least one embodiment of the present invention, the method also includes:

When detecting can not be decrypted with second key, the acquisition module 200 obtains decryption in preset time and loses The number lost, when the number is more than or equal to preset value, locking module 208 locks the electronic equipment 1.

As shown in fig. 6, being the structural schematic diagram of the electronic equipment for the preferred embodiment that the present invention realizes data transmission method.

The electronic equipment 1 be it is a kind of can according to the instruction for being previously set or store, automatic progress numerical value calculating and/or The equipment of information processing, hardware include but is not limited to microprocessor, specific integrated circuit (Application Specific Integrated Circuit, ASIC), programmable gate array (Field-Programmable Gate Array, FPGA), number Word processing device (Digital Signal Processor, DSP), embedded device etc..

The electronic equipment 1, which can also be but not limited to any one, to pass through keyboard, mouse, remote controler, touching with user The modes such as template or voice-operated device carry out the electronic product of human-computer interaction, for example, personal computer, tablet computer, smart phone, Personal digital assistant (Personal Digital Assistant, PDA), game machine, Interactive Internet TV (Internet Protocol Television, IPTV), intellectual wearable device etc..

The electronic equipment 1 can also be that the calculating such as desktop PC, notebook, palm PC and cloud server are set It is standby.

Network locating for the electronic equipment 1 include but is not limited to internet, wide area network, Metropolitan Area Network (MAN), local area network, it is virtual specially With network (Virtual Private Network, VPN) etc..

In one embodiment of the invention, the electronic equipment 1 includes, but are not limited to memory 12, processor 13, And it is stored in the computer program that can be run in the memory 12 and on the processor 13, such as data transmit journey Sequence.

It will be understood by those skilled in the art that the schematic diagram is only the example of electronic equipment 1, not structure paired electrons The restriction of equipment 1 may include perhaps combining certain components or different components, example than illustrating more or fewer components Such as described electronic equipment 1 can also include input-output equipment, network access equipment, bus.

The processor 13 can be central processing unit (Central Processing Unit, CPU), can also be Other general processors, digital signal processor (Digital Signal Processor, DSP), specific integrated circuit (Application Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field- Programmable Gate Array, FPGA) either other programmable logic device, discrete gate or transistor logic, Discrete hardware components etc..General processor can be microprocessor or the processor is also possible to any conventional processor Deng the processor 13 is arithmetic core and the control centre of the electronic equipment 1, entire using various interfaces and connection The various pieces of electronic equipment 1, and execute the operating system of the electronic equipment 1 and types of applications program, the program of installation Code etc..

The processor 13 executes the operating system of the electronic equipment 1 and the types of applications program of installation.The place Reason device 13 executes the application program to realize the step in above-mentioned each data transmission method embodiment, such as shown in FIG. 1 Step S10, S11, S12, S13, S14, S15, S16.

Alternatively, the processor 13 realizes each module in above-mentioned each Installation practice/mono- when executing the computer program The function of member, such as: when receiving data transfer instruction, is determined according to the data transfer instruction and whether the server There are communications records；When there is no communications records with the server, the device-fingerprint of the electronic equipment is obtained；It is random to extract institute At least character in device-fingerprint is stated, to generate first key；It is to be transmitted that first is obtained according to the data transfer instruction Data；Using Advanced Encryption Standard, first data to be transmitted is encrypted with the first key, it is close to obtain first Text；First ciphertext is sent to the server；When receiving the second ciphertext of the server feedback, with described One key decrypts second ciphertext, obtains the second data to be transmitted.

Illustratively, the computer program can be divided into one or more module/units, one or more A module/unit is stored in the memory 12, and is executed by the processor 13, to complete the present invention.It is one Or multiple module/units can be the series of computation machine program instruction section that can complete specific function, the instruction segment is for retouching State implementation procedure of the computer program in the electronic equipment 1.For example, the computer program can be divided into really Order member 100, acquiring unit 101, generation unit 102, encryption unit 103, transmission unit 104, decryption unit 105 and preservation Unit 106.

The memory 12 can be used for storing the computer program and/or module, the processor 13 by operation or The computer program and/or module being stored in the memory 12 are executed, and calls the data being stored in memory 12, Realize the various functions of the electronic equipment 1.The memory 12 can mainly include storing program area and storage data area, In, storing program area can application program needed for storage program area, at least one function (such as sound-playing function, image Playing function etc.) etc.；Storage data area, which can be stored, uses created data (such as audio data, phone directory according to mobile phone Deng) etc..In addition, memory 12 may include high-speed random access memory, it can also include nonvolatile memory, such as firmly Disk, memory, plug-in type hard disk, intelligent memory card (Smart Media Card, SMC), secure digital (Secure Digital, SD) block, flash card (Flash Card), at least one disk memory, flush memory device or other volatile solid-states Part.

The memory 12 can be the external memory and/or internal storage of electronic equipment 1.Further, described Memory 12 can be the circuit with store function for not having physical form in integrated circuit, such as RAM (Random-Access Memory, random access memory), FIFO (First In First Out) etc..Alternatively, the memory 12 is also possible to Memory with physical form, such as memory bar, TF card (Trans-flash Card).

If the integrated module/unit of the electronic equipment 1 is realized in the form of SFU software functional unit and as independent Product when selling or using, can store in a computer readable storage medium.Based on this understanding, the present invention is real All or part of the process in existing above-described embodiment method, can also instruct relevant hardware come complete by computer program At the computer program can be stored in a computer readable storage medium, which is being executed by processor When, it can be achieved that the step of above-mentioned each embodiment of the method.

Wherein, the computer program includes computer program code, and the computer program code can be source code Form, object identification code form, executable file or certain intermediate forms etc..The computer-readable medium may include: can Carry any entity or device, recording medium, USB flash disk, mobile hard disk, magnetic disk, CD, computer of the computer program code Memory, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), electric carrier signal, telecommunication signal and software distribution medium etc..It should be noted that the computer-readable medium The content for including can carry out increase and decrease appropriate according to the requirement made laws in jurisdiction with patent practice, such as in certain departments Method administrative area does not include electric carrier signal and telecommunication signal according to legislation and patent practice, computer-readable medium.

In conjunction with Fig. 2, the memory 12 in the electronic equipment 1 stores multiple instruction to realize a kind of transmission side data The multiple instruction can be performed to realize in method, the processor 13: when receiving data transfer instruction, according to the data Whether transmission instruction is determining has communications records with the server；When there is no communications records with the server, described in acquisition The device-fingerprint of electronic equipment；At least character in the device-fingerprint is extracted, at random to generate first key；According to institute It states data transfer instruction and obtains the first data to be transmitted；Using Advanced Encryption Standard, with the first key to described first to Transmission data are encrypted, and the first ciphertext is obtained；First ciphertext is sent to the server；When receiving the service When the second ciphertext of device feedback, second ciphertext is decrypted with the first key, obtains the second data to be transmitted.

Preferred embodiment according to the present invention, the processor 13 also execute multiple instruction and include:

Everybody of first character string is added up, second value is obtained；

Complementation is carried out to the second value, obtains third value；

Encrypt first temporary key；

Obtain the device-fingerprint；

The third ciphertext is sent to the server.

Specifically, the processor 13 can refer to the concrete methods of realizing of above-metioned instruction related in Fig. 2 corresponding embodiment The description of step, this will not be repeated here.

As shown in fig. 7, being the structural schematic diagram of the server for the preferred embodiment that the present invention realizes data transmission method.

The server 2 is that one kind can be automatic to carry out numerical value calculating and/or letter according to the instruction for being previously set or storing The equipment of processing is ceased, hardware includes but is not limited to microprocessor, specific integrated circuit (Application Specific Integrated Circuit, ASIC), programmable gate array (Field-Programmable Gate Array, FPGA), number Word processing device (Digital Signal Processor, DSP), embedded device etc..

The server 2, which can also be but not limited to any one, to pass through keyboard, mouse, remote controler, touch with user The modes such as plate or voice-operated device carry out the electronic product of human-computer interaction, for example, personal computer, tablet computer, smart phone, a Personal digital assistant (Personal Digital Assistant, PDA), game machine, Interactive Internet TV (Internet Protocol Television, IPTV), intellectual wearable device etc..

The server 2 can also be that the calculating such as desktop PC, notebook, palm PC and cloud server are set It is standby.

Network locating for the server 2 includes but is not limited to internet, wide area network, Metropolitan Area Network (MAN), local area network, virtual private Network (Virtual Private Network, VPN) etc..

In one embodiment of the invention, the server 2 includes, but are not limited to store equipment 22, processing equipment 23, and it is stored in the computer program that can be run in the storage equipment 22 and in the processing equipment 23, such as data Transfer program.

It will be understood by those skilled in the art that the schematic diagram is only the example of server 2, do not constitute to server 2 restriction may include perhaps combining certain components or different components, such as institute than illustrating more or fewer components Stating server 2 can also include input-output equipment, network access equipment, bus etc..

The processing equipment 23 can be central processing unit (Central Processing Unit, CPU), can be with It is other general processors, digital signal processor (Digital Signal Processor, DSP), specific integrated circuit (Application Specific Integrated Circuit, ASIC), ready-made programmable gate array (Field- Programmable Gate Array, FPGA) either other programmable logic device, discrete gate or transistor logic, Discrete hardware components etc..General processor can be microprocessor or the processor is also possible to any conventional processor Deng the processing equipment 23 is arithmetic core and the control centre of the server 2, entire using various interfaces and connection The various pieces of server 2, and execute the operating system and the types of applications program of installation, program code of the server 2 Deng.

The processing equipment 23 executes the operating system of the server 2 and the types of applications program of installation.The place Reason equipment 23 executes the application program to realize the step in above-mentioned each data transmission method embodiment, such as shown in Fig. 3 Step S20, S21, S22, S23, S24, S25, S26, S27.

Alternatively, the processing equipment 23 realized when executing the computer program each module in above-mentioned each Installation practice/ The function of unit, such as: when receiving the first ciphertext that the electronic equipment is sent, from the request header of first ciphertext Obtain the device-fingerprint of the electronic equipment；It is determining whether to have communications records with the electronic equipment according to the device-fingerprint； When not having communications records with the electronic equipment, at least character in the device-fingerprint is extracted at random, to generate One key；First ciphertext is decrypted with the first key, obtains the first data to be transmitted；According to the described first number to be transmitted According to being retrieved, the second data to be transmitted is obtained；It is random to determine arbitrary string, generate the first temporary key；Added using advanced Data Encryption Standard encrypts first temporary key and second data to be transmitted with the first key, obtains second Ciphertext；By second Cipher Feedback to the electronic equipment.

Illustratively, the computer program can be divided into one or more modules, one or more of moulds Block is stored in the storage equipment 22, and is executed by the processing equipment 23, to complete the present invention.It is one or more of Module can be the series of computation machine program instruction section that can complete specific function, and the instruction segment is for describing the computer Implementation procedure of the program in the server 2.It obtains module 200 for example, the computer program can be divided into, determine Module 201, generation module 202, deciphering module 203, encrypting module 204, feedback module 205, logging modle 206, preserving module 207 and locking module 208.

The storage equipment 22 can be used for storing the computer program and/or module, and the processing equipment 23 passes through fortune Row executes the computer program being stored in the storage equipment 22 and/or module, and calls and be stored in storage equipment 22 Interior data realize the various functions of the server 2.The storage equipment 22 can mainly include storing program area and storage number According to area, wherein storing program area can application program needed for storage program area, at least one function (for example sound plays function Energy, image player function etc.) etc.；Storage data area can store according to mobile phone use created data (such as audio data, Phone directory etc.) etc..In addition, storage equipment 22 may include high-speed random access memory, it can also include non-volatile memories Device, such as hard disk, memory, plug-in type hard disk, intelligent memory card (Smart Media Card, SMC), secure digital (Secure Digital, SD) card, flash card (Flash Card), at least one disk memory, flush memory device or other volatibility are solid State memory device.

The storage equipment 22 can be the external memory and/or internal storage of server 2.Further, described Storage equipment 22 can be the circuit with store function for not having physical form in integrated circuit, such as RAM (Random- Access Memory, random access memory), FIFO (First In First Out) etc..Alternatively, the storage equipment 22 It is also possible to the memory with physical form, such as memory bar, TF card (Trans-flash Card).

If the integrated module/unit of the server 2 is realized in the form of SFU software functional unit and as independent production Product when selling or using, can store in a computer readable storage medium.Based on this understanding, the present invention realizes All or part of the process in above-described embodiment method can also instruct relevant hardware to complete by computer program, The computer program can be stored in a computer readable storage medium, which executes in equipment processed When, it can be achieved that the step of above-mentioned each embodiment of the method.

In conjunction with Fig. 3, the storage equipment 22 storage multiple instruction in the server 2 is to realize a kind of transmission side data The multiple instruction can be performed to realize in method, the processing equipment 23: when receive the electronic equipment transmission first is close Wen Shi obtains the device-fingerprint of the electronic equipment from the request header of first ciphertext；According to the device-fingerprint, determine Whether there are communications records with the electronic equipment；When not having communications records with the electronic equipment, the equipment is extracted at random An at least character in fingerprint, to generate first key；Decrypt first ciphertext with the first key, obtain first to Transmit data；It is retrieved according to first data to be transmitted, obtains the second data to be transmitted；It is random to determine any character String generates the first temporary key；Using Advanced Encryption Standard, with the first key to first temporary key and described Two data to be transmitted are encrypted, and the second ciphertext is obtained；By second Cipher Feedback to the electronic equipment.

Preferred embodiment according to the present invention, the processing equipment 23 also execute multiple instruction and include:

The corresponding relationship is saved into preconfigured list of devices；

The device-fingerprint is matched with the list of devices；

Specifically, the processing equipment 23 can refer to phase in Fig. 3 corresponding embodiment to the concrete methods of realizing of above-metioned instruction The description of step is closed, this will not be repeated here.

In several embodiments provided by the present invention, it should be understood that disclosed system, device and method can be with It realizes by another way.For example, the apparatus embodiments described above are merely exemplary, for example, the module It divides, only a kind of logical function partition, there may be another division manner in actual implementation.

The module as illustrated by the separation member may or may not be physically separated, aobvious as module The component shown may or may not be physical unit, it can and it is in one place, or may be distributed over multiple In network unit.Some or all of the modules therein can be selected to realize the mesh of this embodiment scheme according to the actual needs 's.

It, can also be in addition, each functional module in each embodiment of the present invention can integrate in one processing unit It is that each unit physically exists alone, can also be integrated in one unit with two or more units.Above-mentioned integrated list Member both can take the form of hardware realization, can also realize in the form of hardware adds software function module.

It is obvious to a person skilled in the art that invention is not limited to the details of the above exemplary embodiments, Er Qie In the case where without departing substantially from spirit or essential attributes of the invention, the present invention can be realized in other specific forms.

Therefore, in all respects, the present embodiments are to be considered as illustrative and not restrictive, this The range of invention is indicated by the appended claims rather than the foregoing description, it is intended that the equivalent requirements of the claims will be fallen in All changes in meaning and scope are included in the present invention.Any attached associated diagram label in claim should not be considered as limit Claim involved in making.

Furthermore, it is to be understood that one word of " comprising " does not exclude other units or steps, odd number is not excluded for plural number.In system claims The multiple units or device of statement can also be implemented through software or hardware by a unit or device.Second equal words are used It indicates title, and does not indicate any particular order.

Finally it should be noted that the above examples are only used to illustrate the technical scheme of the present invention and are not limiting, although reference Preferred embodiment describes the invention in detail, those skilled in the art should understand that, it can be to of the invention Technical solution is modified or equivalent replacement, without departing from the spirit and scope of the technical solution of the present invention.

Claims

1. a kind of data transmission method, is applied to electronic equipment, the electronic equipment is communicated with server, which is characterized in that The described method includes:

When receiving data transfer instruction, determine whether communicate note with the server according to the data transfer instruction Record；

Using Advanced Encryption Standard, first data to be transmitted is encrypted with the first key, obtains the first ciphertext；

First ciphertext is sent to the server；

When receiving the second ciphertext of the server feedback, second ciphertext is decrypted with the first key, obtains the Two data to be transmitted.

2. data transmission method as described in claim 1, which is characterized in that described to be extracted in the device-fingerprint at random extremely Lack a character, includes: to generate first key

Everybody of first character string is added up, second value is obtained；

Complementation is carried out to the second value, obtains third value；

3. data transmission method as described in claim 1, which is characterized in that the method also includes:

Encrypt first temporary key；

4. data transmission method as claimed in claim 3, which is characterized in that when having communications records with the server, institute State method further include:

Obtain the device-fingerprint；

An at least character is extracted, at random from the device-fingerprint and first temporary key to generate the second key；

The third ciphertext is sent to the server.

5. a kind of data transmission method, is applied to server, the server is communicated with electronic equipment, which is characterized in that institute The method of stating includes:

When receiving the first ciphertext that the electronic equipment is sent, the electronics is obtained from the request header of first ciphertext The device-fingerprint of equipment；

When there is no communications records with the electronic equipment, at least character in the device-fingerprint is extracted, at random with life At first key；

It is random to determine arbitrary string, generate the first temporary key；

Using Advanced Encryption Standard, first temporary key and second data to be transmitted are carried out with the first key Encryption, obtains the second ciphertext；

By second Cipher Feedback to the electronic equipment.

6. data transmission method as claimed in claim 5, which is characterized in that determine arbitrary string random, generate first After temporary key, the method also includes:

The corresponding relationship is saved into preconfigured list of devices；

7. data transmission method as claimed in claim 6, which is characterized in that described according to the device-fingerprint, determining and institute Whether state electronic equipment has the communications records to include:

The device-fingerprint is matched with the list of devices；

8. data transmission method as claimed in claim 5, which is characterized in that the method also includes:

When there are communications records with the electronic equipment, obtained from the list of devices corresponding with the device-fingerprint described First temporary key；

9. a kind of electronic equipment, which is characterized in that the electronic equipment includes:

Memory stores at least one instruction；And

Processor executes the instruction stored in the memory to realize the data as described in any one of Claims 1-4 Transmission method.

10. a kind of computer readable storage medium, it is characterised in that: be stored at least one in the computer readable storage medium A instruction, at least one described instruction are executed by the processor in electronic equipment to realize such as any one of Claims 1-4 The data transmission method.