CN111698208A - Method, apparatus and storage medium for encoding multi-tunnel adaptive data stream - Google Patents
Method, apparatus and storage medium for encoding multi-tunnel adaptive data stream Download PDFInfo
- Publication number
- CN111698208A CN111698208A CN202010375742.8A CN202010375742A CN111698208A CN 111698208 A CN111698208 A CN 111698208A CN 202010375742 A CN202010375742 A CN 202010375742A CN 111698208 A CN111698208 A CN 111698208A
- Authority
- CN
- China
- Prior art keywords
- data stream
- encrypted data
- encrypted
- node
- communication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L45/00—Routing or path finding of packets in data switching networks
- H04L45/24—Multipath
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/18—Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0457—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply dynamic encryption, e.g. stream encryption
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Embodiments of the present disclosure provide a method, apparatus, and computer-readable storage medium for encoding a multi-tunnel adaptive data stream. The method comprises the following steps: acquiring a data stream to be encoded, wherein the data stream to be encoded comprises a plurality of character strings for bearing data information; encrypting the data stream to be encoded to generate an encrypted data stream, wherein the encrypted data stream contains an encrypted character string corresponding to a character string in the data stream to be encoded; partitioning the encrypted data stream into a plurality of data stream blocks, wherein the partitioned data stream blocks can be jointly spliced into the encrypted data stream; and matching the corresponding communication tunnel for the data stream block according to a preset condition, and sending the data stream block through the communication tunnel. In this way, network communication can be hardly oriented and intercepted by-pass, and the requirement of preventing communication data leakage is fully met.
Description
Technical Field
Embodiments of the present disclosure relate generally to the field of communications, and more particularly, to a method, apparatus, and storage medium for encoding a multi-tunnel adaptive data stream.
Background
The network uses physical link to connect each isolated workstation or host to form data link, so as to achieve the purpose of resource sharing and communication. Communication is the communication and transfer of information from person to person through some medium. Network communication is realized by connecting each isolated device through a network and realizing communication between people, between people and computers and between computers through information exchange.
In the existing technical scheme, a TCP/IP protocol is basically used in the network data communication process, and data communication is carried out between a data communication initiator and a target through a fixed link or a route which is negotiated in advance. Once a certain node in the link is invaded by hackers or other organizations through illegal means, the data communication is easily divulged, and the data communication safety is difficult to ensure. In the prior art, the data coding format is single, the multi-tunnel transmission cannot be matched, and meanwhile, the communication process has the possibility of disclosure and is easy to be stolen and restored by a third party.
Therefore, the prior art still cannot meet the requirement of preventing the communication data from being divulged.
Disclosure of Invention
According to the embodiment of the disclosure, a scheme for meeting the requirement of preventing communication data from being divulged is provided.
In a first aspect of the disclosure, a method of encoding a multi-tunnel adaptive data stream is provided. The method comprises the following steps:
acquiring a data stream to be encoded, wherein the data stream to be encoded comprises a plurality of character strings for bearing data information;
encrypting the data stream to be encoded to generate an encrypted data stream, wherein the encrypted data stream contains an encrypted character string corresponding to a character string in the data stream to be encoded;
partitioning the encrypted data stream into a plurality of data stream blocks, wherein the partitioned data stream blocks can be jointly spliced into the encrypted data stream;
and matching the corresponding communication tunnel for the data stream block according to a preset condition, and sending the data stream block through the communication tunnel.
The above aspect and any possible implementation manner further provide an implementation manner, where encrypting the data stream to be encoded to generate an encrypted data stream includes:
and encrypting the data stream to be encoded by using a secret key by using an asymmetric encryption algorithm to generate an encrypted data stream.
The foregoing aspect and any possible implementation manner further provide an implementation manner, where the data chunking the encrypted data stream and splitting the encrypted data stream into a plurality of data stream chunks includes:
determining a length of the encrypted data stream and a length of the key;
performing modular calculation on the length of the encrypted data stream and the length of the secret key, and determining a target value of the data stream block after segmentation according to a calculation result;
and partitioning the encrypted data stream according to the target value, and segmenting the encrypted data stream into a plurality of data stream blocks.
As to the above-mentioned aspect and any possible implementation manner, there is further provided an implementation manner, where the data blocking the encrypted data stream according to the target value, and splitting the encrypted data stream into a plurality of data stream blocks, the method includes:
and splitting the target value into a sum of continuous integer tens, and splitting the encrypted data stream into data streams with corresponding widths along the longitudinal direction according to the obtained integer tens, so that the encrypted data stream is split into a plurality of data stream blocks.
As to the above-mentioned aspect and any possible implementation manner, there is further provided an implementation manner, after performing data blocking on the encrypted data stream according to the target value, and splitting the encrypted data stream into a plurality of data stream blocks, the implementation manner further includes:
and sequentially numbering the segmented data stream blocks.
The foregoing aspect and any possible implementation manner further provide an implementation manner, where the matching, according to a preset condition, a corresponding communication tunnel for the data stream block includes:
and performing modular calculation on the number of the data stream block and the number of the originating node of the communication tunnel, and taking the communication tunnel corresponding to the originating node with the same number and the same calculation result as the communication tunnel corresponding to the data stream block.
The above-described aspects and any possible implementation further provide an implementation in which the communication tunnel is created by:
randomly dividing nodes in a heterogeneous network into a plurality of node pools;
selecting a node pool as an originating node pool according to a preset condition, and numbering nodes in the originating node pool in sequence;
for other node pools, the nodes in each node pool are further divided into a plurality of node sets according to the performance, one node is randomly selected from the node set with the optimal performance in each node pool to serve as a forwarding node, and a communication link formed by a plurality of forwarding nodes is matched for each originating node, so that a plurality of communication tunnels are created.
The above aspect and any possible implementation manner further provide an implementation manner, where after the data partitioning is performed on the encrypted data stream, and the encrypted data stream is split into a plurality of data stream blocks, the method further includes:
redundancy and error correction coding are added to the data stream block.
In a second aspect of the disclosure, an electronic device is provided, comprising a memory having stored thereon a computer program and a processor implementing the method as described above when executing the program.
In a third aspect of the disclosure, a computer-readable storage medium is provided, on which a computer program is stored, which program, when being executed by a processor, is adapted to carry out the method as set forth above.
It should be understood that the statements herein reciting aspects are not intended to limit the critical or essential features of the embodiments of the present disclosure, nor are they intended to limit the scope of the present disclosure. Other features of the present disclosure will become apparent from the following description.
The embodiment of the disclosure can realize that network communication is difficult to be oriented and intercepted by a bypass, and fully meets the requirement of preventing communication data leakage.
Drawings
The above and other features, advantages and aspects of various embodiments of the present disclosure will become more apparent by referring to the following detailed description when taken in conjunction with the accompanying drawings. In the drawings, like or similar reference characters designate like or similar elements, and wherein:
fig. 1 is a flowchart illustrating a method for encoding a multi-tunnel adaptive data stream according to a first embodiment of the present disclosure;
fig. 2 shows a flowchart of a data stream block segmentation method in the encoding method of a multi-tunnel adaptive data stream according to the second embodiment of the present disclosure;
fig. 3 is a diagram illustrating a specific example of a data stream block segmentation method in the encoding method of a multi-tunnel adaptive data stream according to a third embodiment of the present disclosure;
fig. 4 shows a schematic structural diagram of an encoding apparatus for a multi-tunnel adaptive data stream according to a fourth embodiment of the present disclosure.
Detailed Description
To make the objects, technical solutions and advantages of the embodiments of the present disclosure more clear, the technical solutions of the embodiments of the present disclosure will be described clearly and completely with reference to the drawings in the embodiments of the present disclosure, and it is obvious that the described embodiments are some, but not all embodiments of the present disclosure. All other embodiments, which can be derived by a person skilled in the art from the embodiments disclosed herein without making any creative effort, shall fall within the protection scope of the present disclosure.
In addition, the term "and/or" herein is only one kind of association relationship describing an associated object, and means that there may be three kinds of relationships, for example, a and/or B, which may mean: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" herein generally indicates that the former and latter related objects are in an "or" relationship.
In the embodiment of the disclosure, the data stream between the network data communication initiator and the target is encrypted, randomly jumped, blocked and encoded, and is matched with multi-tunnel transmission to reach the target recombination, so that the network data communication is safe and reliable, all information cannot be acquired at a single node by related communication data packets, and further, the information acquired at the single node cannot be restored and decrypted.
Specifically, as shown in fig. 1, it is a flowchart of a method for encoding a multi-tunnel adaptive data stream according to a first embodiment of the present disclosure. As shown in fig. 1, the method for encoding a multi-tunnel adaptive data stream according to this embodiment may include the following steps:
s101: acquiring a data stream to be encoded, wherein the data stream to be encoded comprises a plurality of character strings for bearing data information.
The method of the embodiment is used for encrypting the network data communication data stream, the network data communication data stream is encrypted, the encrypted data stream is divided into a plurality of data stream blocks, the data stream blocks are sent through different communication tunnels, and the data stream blocks are recombined after reaching a target, so that the network data communication is safe and reliable. In the process of implementing the method, a data stream to be encoded, that is, a data stream transmitted through network communication sent by a network data communication initiator, needs to be acquired first. Typically, the data stream to be encoded is embodied in the form of character strings, which carry data information. The character string may be a combination of numbers, a combination of pairs of numbers, a combination of numbers and letters, or the like, and may include other existing cases, and is not described one by one here.
S102: and encrypting the data stream to be encoded to generate an encrypted data stream, wherein the encrypted data stream contains an encrypted character string corresponding to the character string in the data stream to be encoded.
After receiving the data stream to be encoded, the data stream to be encoded needs to be encrypted. In this embodiment, an asymmetric encryption algorithm, such as RSA128, RSA256, national encryption algorithm, etc., may be used. RSA is an asymmetric encryption algorithm, where an important feature is that the key used to encrypt data does not need to be transmitted with the data as well, when the data is transmitted over the network. This therefore reduces the possibility of key leakage. RSA is also useful when it does not allow an encrypting party to decrypt data, one party using a key, called the public key, and a decrypting party using another key, called the private key, which needs to remain private.
After the encryption of the data stream to be encoded is completed and the encrypted data stream is generated, the character string in the generated encrypted data stream has a corresponding relationship with the character string of the data stream to be encoded according to a corresponding encryption algorithm, and the corresponding relationship is reversible, that is, the data stream to be encoded can be restored through a reverse rule of the encryption algorithm.
S103: and partitioning the encrypted data stream into a plurality of data stream blocks, wherein the partitioned data stream blocks can be jointly spliced into the encrypted data stream.
After the data stream to be encoded is encrypted to generate an encrypted data stream, the encrypted data stream needs to be further segmented, and the encrypted data stream is segmented into a plurality of data stream blocks. The technical scheme of the disclosure aims to ensure the safety and reliability of network data communication, so that after an encrypted data stream is generated, the generated encrypted data stream is segmented, and the encrypted data stream is divided into a plurality of data stream segments (namely data stream blocks) through segmentation. The sliced data stream chunks may be combined together to form the encrypted data stream. After the target receives all the data stream blocks, the encrypted data stream can be spliced out, and the encrypted data stream can be restored to the original data stream through decryption, namely the data stream to be encoded.
S104: and matching the corresponding communication tunnel for the data stream block according to a preset condition, and sending the data stream block through the communication tunnel.
In order to ensure the safety and reliability of network data communication, after the encrypted data stream is divided into a plurality of data stream blocks, different communication tunnels need to be selected to send different data stream blocks, so as to avoid the risk that the encryption data stream is sent through the same communication tunnel to cause that the encryption data stream is encrypted to obtain all information. And the data stream block is sent through a plurality of communication tunnels, even if one node in a certain communication tunnel is attacked, an attacker can only obtain the data stream block transmitted through the communication tunnel where the node is located, but cannot obtain all encrypted data streams, and naturally cannot restore the original data stream.
According to the coding method of the multi-tunnel self-adaptive data stream, the data stream between the network data communication initiator and the target is encrypted and blocked, the data stream is matched with multi-tunnel transmission and arrives at the target for recombination, so that the network data communication is safe and reliable, all information cannot be acquired at a single node by related communication data packets, and further the information acquired at the single node cannot be restored and decrypted.
Fig. 2 is a flowchart of a data stream block segmentation method in a multi-tunnel adaptive data stream coding method according to a second embodiment of the present disclosure. The embodiment exemplarily illustrates a method for segmenting a data stream block, which may specifically include the following steps:
s1031: a length of the encrypted data stream and a length of the key are determined.
The present embodiment is still described by taking an asymmetric encryption algorithm as an example. Firstly, the length of the encrypted data stream and the length of the key are obtained, where the key generally refers to a public key in an asymmetric encryption algorithm.
S1032: and performing modular calculation on the length of the encrypted data stream and the length of the secret key, and determining a target value of the data stream block after segmentation according to a calculation result.
After determining the length of the encrypted data stream and the length of the key, performing a modulo calculation on the length of the encrypted data stream and the length of the key, where x is a length value of the encrypted data stream, n is a length value of the key, mod is a modulo calculation, and the result of x mod n is a remainder of x/n. For example, 40mod 13 equals 1, since 40/13 equals 3, the remainder is 1.
S1033: and partitioning the encrypted data stream according to the target value, and segmenting the encrypted data stream into a plurality of data stream blocks.
And performing modular calculation on the length of the encrypted data stream and the length of the secret key, and determining a target value of the data stream block after segmentation according to a calculation result, namely determining how many data stream blocks the encrypted data stream is segmented into. For example, if the result of the modulo calculation is m, the encrypted data stream is divided into m data stream blocks or other expressions related to m.
According to the coding method of the multi-tunnel self-adaptive data stream, the data stream between the network data communication initiator and the target is encrypted and blocked, the data stream is matched with multi-tunnel transmission and arrives at the target for recombination, so that the network data communication is safe and reliable, all information cannot be acquired at a single node by related communication data packets, and further the information acquired at the single node cannot be restored and decrypted.
Furthermore, as an optional embodiment of the present disclosure, in the above embodiment, the data blocking the encrypted data stream according to the target value, and splitting the encrypted data stream into a plurality of data stream blocks, includes:
and splitting the target value into a sum of continuous integer tens, and splitting the encrypted data stream into data streams with corresponding widths along the longitudinal direction according to the obtained integer tens, so that the encrypted data stream is split into a plurality of data stream blocks. Fig. 3 is a diagram illustrating a specific example of a data stream block segmentation method in the encoding method of a multi-tunnel adaptive data stream according to a third embodiment of the present disclosure. The present embodiment takes the target value of 60 as an example, the encrypted data stream is split into data stream blocks with widths of 10, 20 and 30, respectively, and each data stream block with the width can be further split into two data stream blocks along the transverse direction. In other embodiments of the present disclosure, for a target value whose target value is not an integer ten, the target value may be divided by 10, and then rounded up, and the obtained integer is multiplied by 10 to be used as the target value of the sliced data stream block.
Furthermore, as an optional embodiment of the present disclosure, in the above embodiment, after performing data blocking on the encrypted data stream according to the target value and splitting the encrypted data stream into a plurality of data stream blocks, the method further includes: and sequentially numbering the segmented data stream blocks. Because the segmented data stream blocks are sent to the target through different communication tunnels, the data stream blocks generally do not arrive at the target synchronously due to factors such as network delay, and the like, so that after the data stream blocks are received by the target and are restored into an encrypted data stream, the relative positions of the data stream blocks need to be determined, and therefore the segmented data stream blocks need to be numbered sequentially. Meanwhile, in order to prevent missing of data stream blocks, the data stream blocks after being cut may be numbered sequentially, for example, sequentially numbered by a natural number, or sequentially numbered by an odd number, or by a fibonacci number sequence. In addition, the method can also be a numbering rule agreed between the initiator and the target, which is not listed here.
As an optional embodiment of the present disclosure, the matching, according to a preset condition, of the communication tunnel for the data stream block mentioned in the above embodiment includes:
and performing modular calculation on the number of the data stream block and the number of the originating node of the communication tunnel, and taking the communication tunnel corresponding to the originating node with the same number and the same calculation result as the communication tunnel corresponding to the data stream block.
As an optional embodiment of the present disclosure, the communication tunnel in the above embodiment may be created by the following method:
firstly, nodes in a heterogeneous network are randomly divided into a plurality of node pools. And then selecting a node pool as an initial node pool according to a preset condition, and numbering the nodes in the initial node pool in sequence. For other node pools, the nodes in each node pool are further divided into a plurality of node sets according to the performance, one node is randomly selected from the node set with the optimal performance in each node pool to serve as a forwarding node, and a communication link formed by a plurality of forwarding nodes is matched for each originating node, so that a plurality of communication tunnels are created.
In addition, as an optional embodiment of the present application, after the data of the encrypted data stream is partitioned into multiple data stream blocks, redundancy and error correction coding may be added to the data stream blocks to improve the anti-interference performance of the data stream blocks during transmission.
It is noted that while for simplicity of explanation, the foregoing method embodiments have been described as a series of acts or combination of acts, it will be appreciated by those skilled in the art that the present disclosure is not limited by the order of acts, as some steps may, in accordance with the present disclosure, occur in other orders and concurrently. Further, those skilled in the art should also appreciate that the embodiments described in the specification are exemplary embodiments and that acts and modules referred to are not necessarily required by the disclosure.
It can be clearly understood by those skilled in the art that, for convenience and brevity of description, the specific working process of the described module may refer to the corresponding process in the foregoing method embodiment, and is not described herein again.
Fig. 4 shows a schematic structural diagram of an encoding apparatus for a multi-tunnel adaptive data stream according to a fourth embodiment of the present disclosure. The terminal device shown in fig. 4 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present application.
As shown in fig. 4, the computer system includes a Central Processing Unit (CPU)401 that can perform various appropriate actions and processes based on a program stored in a Read Only Memory (ROM)402 or a program loaded from a storage section 408 into a Random Access Memory (RAM) 403. In the RAM403, various programs and data necessary for system operation are also stored. The CPU 401, ROM 402, and RAM403 are connected to each other via a bus 404. An input/output (I/O) interface 405 is also connected to bus 404.
The following components are connected to the I/O interface 405: an input section 406 including a keyboard, a mouse, and the like; an output section 407 including a display device such as a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, and a speaker; a storage section 408 including a hard disk and the like; and a communication section 409 including a network interface card such as a LAN card, a modem, or the like. The communication section 409 performs communication processing via a network such as the internet. Drivers 410 are also connected to the I/O interface 405 on an as needed basis. A removable medium 411 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is mounted on the drive 410 on an as-needed basis, so that a computer program read out therefrom is mounted on the storage section 408 on an as-needed basis.
In particular, based on the embodiments of the present disclosure, the processes described above with reference to the flowcharts may be implemented as computer software programs. For example, embodiments of the present disclosure include a computer program product comprising a computer program embodied on a computer readable medium, the computer program comprising program code for performing the method illustrated in the flow chart. In such an embodiment, the computer program may be downloaded and installed from a network through the communication section 409, and/or installed from the removable medium 411. The computer program performs the above-described functions defined in the method of the present application when executed by a Central Processing Unit (CPU) 401.
The functions described herein above may be performed, at least in part, by one or more hardware logic components. For example, without limitation, exemplary types of hardware logic components that may be used include: a Field Programmable Gate Array (FPGA), an Application Specific Integrated Circuit (ASIC), an Application Specific Standard Product (ASSP), a system on a chip (SOC), a load programmable logic device (CPLD), and the like.
Program code for implementing the methods of the present disclosure may be written in any combination of one or more programming languages. These program codes may be provided to a processor or controller of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the program codes, when executed by the processor or controller, cause the functions/operations specified in the flowchart and/or block diagram to be performed. The program code may execute entirely on the machine, partly on the machine, as a stand-alone software package partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. A machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
Further, while operations are depicted in a particular order, this should be understood as requiring that such operations be performed in the particular order shown or in sequential order, or that all illustrated operations be performed, to achieve desirable results. Under certain circumstances, multitasking and parallel processing may be advantageous. Likewise, while several specific implementation details are included in the above discussion, these should not be construed as limitations on the scope of the disclosure. Certain features that are described in the context of separate embodiments can also be implemented in combination in a single implementation. Conversely, various features that are described in the context of a single implementation can also be implemented in multiple implementations separately or in any suitable subcombination.
Although the subject matter has been described in language specific to structural features and/or methodological acts, it is to be understood that the subject matter defined in the appended claims is not necessarily limited to the specific features or acts described above. Rather, the specific features and acts described above are disclosed as example forms of implementing the claims.
Claims (10)
1. A method for encoding a multi-tunnel adaptive data stream, comprising:
acquiring a data stream to be encoded, wherein the data stream to be encoded comprises a plurality of character strings for bearing data information;
encrypting the data stream to be encoded to generate an encrypted data stream, wherein the encrypted data stream contains an encrypted character string corresponding to a character string in the data stream to be encoded;
partitioning the encrypted data stream into a plurality of data stream blocks, wherein the partitioned data stream blocks can be jointly spliced into the encrypted data stream;
and matching the corresponding communication tunnel for the data stream block according to a preset condition, and sending the data stream block through the communication tunnel.
2. The method according to claim 1, wherein the encrypting the data stream to be encoded to generate an encrypted data stream comprises:
and encrypting the data stream to be encoded by using a secret key by using an asymmetric encryption algorithm to generate an encrypted data stream.
3. The method of claim 2, wherein the data chunking the encrypted data stream and splitting the encrypted data stream into a plurality of data stream chunks comprises:
determining a length of the encrypted data stream and a length of the key;
performing modular calculation on the length of the encrypted data stream and the length of the secret key, and determining a target value of the data stream block after segmentation according to a calculation result;
and partitioning the encrypted data stream according to the target value, and segmenting the encrypted data stream into a plurality of data stream blocks.
4. The method according to claim 3, wherein the data blocking the encrypted data stream according to the target value, and splitting the encrypted data stream into a plurality of data stream blocks comprises:
and splitting the target value into a sum of continuous integer tens, and splitting the encrypted data stream into data streams with corresponding widths along the longitudinal direction according to the obtained integer tens, so that the encrypted data stream is split into a plurality of data stream blocks.
5. The method of claim 4, wherein after the data-blocking the encrypted data stream according to the target value and splitting the encrypted data stream into a plurality of data stream blocks, the method further comprises:
and sequentially numbering the segmented data stream blocks.
6. The method for encoding the multi-tunnel adaptive data stream according to claim 5, wherein the matching the corresponding communication tunnel for the data stream block according to the preset condition comprises:
and performing modular calculation on the number of the data stream block and the number of the originating node of the communication tunnel, and taking the communication tunnel corresponding to the originating node with the same number and the same calculation result as the communication tunnel corresponding to the data stream block.
7. The method of claim 6, wherein the communication tunnel is created by:
randomly dividing nodes in a heterogeneous network into a plurality of node pools;
selecting a node pool as an originating node pool according to a preset condition, and numbering nodes in the originating node pool in sequence;
for other node pools, the nodes in each node pool are further divided into a plurality of node sets according to the performance, one node is randomly selected from the node set with the optimal performance in each node pool to serve as a forwarding node, and a communication link formed by a plurality of forwarding nodes is matched for each originating node, so that a plurality of communication tunnels are created.
8. The method for encoding a multi-tunnel adaptive data stream according to any one of claims 1 to 7, further comprising, after the data-blocking the encrypted data stream and the slicing the encrypted data stream into a plurality of data stream blocks:
redundancy and error correction coding are added to the data stream block.
9. An electronic device comprising a memory and a processor, the memory having stored thereon a computer program, wherein the processor, when executing the program, implements the method of any of claims 1-8.
10. A computer-readable storage medium, on which a computer program is stored, which program, when being executed by a processor, carries out the method according to any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010375742.8A CN111698208B (en) | 2020-05-07 | 2020-05-07 | Method, apparatus and storage medium for encoding multi-tunnel adaptive data stream |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010375742.8A CN111698208B (en) | 2020-05-07 | 2020-05-07 | Method, apparatus and storage medium for encoding multi-tunnel adaptive data stream |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111698208A true CN111698208A (en) | 2020-09-22 |
| CN111698208B CN111698208B (en) | 2022-08-02 |
Family
ID=72476503
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010375742.8A Active CN111698208B (en) | 2020-05-07 | 2020-05-07 | Method, apparatus and storage medium for encoding multi-tunnel adaptive data stream |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111698208B (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113038306A (en) * | 2021-03-25 | 2021-06-25 | 中国科学院半导体研究所 | Optical network secure communication method, device, electronic equipment and medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1300489A (en) * | 1998-05-13 | 2001-06-20 | 艾利森电话股份有限公司 | Data transfer method and varying packet transmission time interval security protecol |
| CN101394273A (en) * | 2008-10-17 | 2009-03-25 | 电子科技大学 | Multichannel ciphered information transmission method |
| US20130060906A1 (en) * | 2011-09-02 | 2013-03-07 | Christian Gan | Transmitting a Media Stream Over HTTP |
| CN104243142A (en) * | 2014-10-11 | 2014-12-24 | 江阴润玛电子材料股份有限公司 | Information segmented transmission system |
| US9755953B1 (en) * | 2014-07-24 | 2017-09-05 | Rockwell Collins, Inc. | Multi-path routing control for an encrypted tunnel |
-
2020
- 2020-05-07 CN CN202010375742.8A patent/CN111698208B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1300489A (en) * | 1998-05-13 | 2001-06-20 | 艾利森电话股份有限公司 | Data transfer method and varying packet transmission time interval security protecol |
| CN101394273A (en) * | 2008-10-17 | 2009-03-25 | 电子科技大学 | Multichannel ciphered information transmission method |
| US20130060906A1 (en) * | 2011-09-02 | 2013-03-07 | Christian Gan | Transmitting a Media Stream Over HTTP |
| US9755953B1 (en) * | 2014-07-24 | 2017-09-05 | Rockwell Collins, Inc. | Multi-path routing control for an encrypted tunnel |
| CN104243142A (en) * | 2014-10-11 | 2014-12-24 | 江阴润玛电子材料股份有限公司 | Information segmented transmission system |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113038306A (en) * | 2021-03-25 | 2021-06-25 | 中国科学院半导体研究所 | Optical network secure communication method, device, electronic equipment and medium |
| CN113038306B (en) * | 2021-03-25 | 2023-03-24 | 中国科学院半导体研究所 | Optical network secure communication method, device, electronic equipment and medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111698208B (en) | 2022-08-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3913850A1 (en) | Key management method and related device | |
| CN111343207B (en) | Multi-node joint encryption data transmission method, equipment and storage medium | |
| CN113641648A (en) | Distributed cloud security storage method, system and storage medium | |
| CN109039611B (en) | Decruption key segmentation and decryption method, device, medium based on SM9 algorithm | |
| CN116488919B (en) | Data processing method, communication node and storage medium | |
| CN104463012A (en) | Virtual machine image file exporting and importing method and device | |
| CN111698208B (en) | Method, apparatus and storage medium for encoding multi-tunnel adaptive data stream | |
| CN112287366A (en) | Data encryption method and device, computer equipment and storage medium | |
| CN111385090B (en) | Key distribution method and system based on multi-key combination quantum key relay | |
| US10432596B2 (en) | Systems and methods for cryptography having asymmetric to symmetric key agreement | |
| CN113938270A (en) | Data encryption method and device capable of flexibly reducing complexity | |
| CN105653983B (en) | Information distribution, reduction, integrity verification method and device based on cloud storage | |
| CN114338510A (en) | Data forwarding method and system with separated control and forwarding | |
| CN116389090A (en) | Data encryption and decryption methods and devices, electronic equipment and storage medium | |
| EP4084484B1 (en) | Method and device for encryption of video stream, communication equipment, and storage medium | |
| CN113452508B (en) | Data encryption method, device, equipment and computer readable storage medium | |
| CN107343001A (en) | Data processing method and device | |
| CN113553553A (en) | Decompilation prevention method and device, computer equipment and storage medium | |
| US11095429B2 (en) | Circuit concealing apparatus, calculation apparatus, and program | |
| CN111931202A (en) | Encrypted storage method, terminal device and storage medium for distributed system | |
| CN111343072B (en) | Open heterogeneous multi-tunnel adaptive data communication method, device and storage medium | |
| CN117040913B (en) | Cloud resource sharing data security transmission method and system | |
| CN115242389B (en) | Data confusion transmission method and system based on multi-level node network | |
| KR102025619B1 (en) | Apparatus for encrypting packet and Apparatus for communicating packet of a massive data | |
| CN117354018A (en) | Data encryption method, data decryption method, device, electronic equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |