CN111756532B - Data transmission method and device - Google Patents

Data transmission method and device Download PDF

Info

Publication number
CN111756532B
CN111756532B CN202010515479.8A CN202010515479A CN111756532B CN 111756532 B CN111756532 B CN 111756532B CN 202010515479 A CN202010515479 A CN 202010515479A CN 111756532 B CN111756532 B CN 111756532B
Authority
CN
China
Prior art keywords
data
hardware
security authentication
authentication terminal
target security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202010515479.8A
Other languages
Chinese (zh)
Other versions
CN111756532A (en
Inventor
张志勇
范志刚
卢涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xian Wanxiang Electronics Technology Co Ltd
Original Assignee
Xian Wanxiang Electronics Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xian Wanxiang Electronics Technology Co Ltd filed Critical Xian Wanxiang Electronics Technology Co Ltd
Priority to CN202010515479.8A priority Critical patent/CN111756532B/en
Publication of CN111756532A publication Critical patent/CN111756532A/en
Application granted granted Critical
Publication of CN111756532B publication Critical patent/CN111756532B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Small-Scale Networks (AREA)
  • Information Transfer Systems (AREA)

Abstract

The disclosure provides a data transmission method and device, relates to the field of data processing, and can solve the problem that the existing hardware encryption mode cannot realize remote data transmission. The specific technical scheme is as follows: carrying out hardware encryption on the data through a target security authentication terminal inserted into the USB interface to obtain hardware encrypted data; acquiring equipment description information of a target security authentication terminal; and transmitting the device description information and the hardware encryption data of the target security authentication terminal to the data receiving device through a network. The data transmitting device can encrypt data by utilizing the target security authentication terminal in hardware, and can transmit device description information of the target security authentication terminal to the data receiving device, so that USB bus in the data receiving device can decrypt the hardware encrypted data received from the data transmitting device based on the target security authentication terminal, and hardware encryption and hardware decryption in a data remote transmission process are realized.

Description

Data transmission method and device
Technical Field
The present disclosure relates to the field of data processing, and in particular, to a data transmission method and apparatus.
Background
At present, in the field of communication, the application of data transmission is very many, especially the remote data transmission scene, and when the transmission data is very important, the security of data transmission needs to be guaranteed, and for this reason, many devices encrypt the transmission data, but the encryption of the data is basically a software encryption mode. Compared with a software encryption mode, the hardware mode has higher security. However, in the existing hardware encryption methods, for example, encryption methods based on a secure authentication terminal (USB Key, abbreviated as UKey), data is often encrypted by using a UKey connected to a local device, and then decrypted by using the same UKey when the data is required. It is apparent that this approach does not enable remote transmission of data due to the physical UKey limitations.
Disclosure of Invention
The embodiment of the disclosure provides a data transmission method and device, which can solve the problem that the existing hardware encryption mode cannot realize remote data transmission. The technical scheme is as follows:
According to a first aspect of embodiments of the present disclosure, there is provided a data transmission method, which is applied to a data transmission apparatus, the method including:
carrying out hardware encryption on the data through a target security authentication terminal inserted into the USB interface to obtain hardware encrypted data;
acquiring equipment description information of the target security authentication terminal;
And sending the device description information of the target security authentication terminal and the hardware encryption data to a data receiving device through a network, so that the data receiving device can determine that the local target USB bus is accessed to the target security authentication terminal according to the device description information of the target security authentication terminal.
The data transmission method provided by the embodiment of the disclosure comprises the following steps: carrying out hardware encryption on the data through a target security authentication terminal inserted into the USB interface to obtain hardware encrypted data; acquiring equipment description information of a target security authentication terminal; and sending the device description information and the hardware encryption data of the target security authentication terminal to the data receiving device through a network so that the data receiving device can determine that the local target USB bus is accessed to the target security authentication terminal according to the device description information of the target security authentication terminal. The data transmitting device can encrypt data by utilizing the target security authentication terminal in hardware, and can transmit device description information of the target security authentication terminal to the data receiving device, so that USB bus in the data receiving device can decrypt the hardware encrypted data received from the data transmitting device based on the target security authentication terminal, and hardware encryption and hardware decryption in a data remote transmission process are realized.
In one embodiment, the hardware encrypting the data by the target security authentication terminal inserted into the USB interface to obtain hardware encrypted data includes:
And carrying out hardware encryption on the data through a data encryption interface of the target security authentication terminal to obtain hardware encrypted data.
In one embodiment, the method further comprises:
receiving information acquired by a hardware decryption algorithm;
And transmitting a hardware decryption algorithm corresponding to the target security authentication terminal to the data receiving equipment through a network.
In one embodiment, before the obtaining the device description information of the target security authentication terminal, the method further includes:
encrypting the hardware encryption data by a preset algorithm to obtain a first encryption value;
Transmitting the first encrypted value and the hardware encrypted data to the data receiving apparatus via a network;
receiving a data integrity verification success message sent by the data receiving equipment;
The sending, to a data receiving device via a network, device description information of the target security authentication terminal and the hardware encryption data includes:
and transmitting the device description information of the target security authentication terminal to the data receiving device through a network.
According to a second aspect of embodiments of the present disclosure, there is provided a data transmission method, the method being applied to a data receiving apparatus, the method comprising:
receiving hardware encryption data, device description information of a target security authentication terminal and the hardware encryption data through a network;
determining that the target security authentication terminal is accessed to a local target USB bus according to the device description information of the target security authentication terminal;
and carrying out hardware decryption on the hardware encryption data according to the target security authentication terminal to obtain data.
The data transmission method provided by the embodiment of the disclosure comprises the following steps: receiving hardware encryption data, device description information of a target security authentication terminal and the hardware encryption data through a network; determining that the target security authentication terminal is accessed into a local target USB bus according to the device description information of the target security authentication terminal; and carrying out hardware decryption on the hardware encrypted data according to the target security authentication terminal to obtain the data. The data transmitting device can encrypt data by utilizing the target security authentication terminal in hardware, and can transmit device description information of the target security authentication terminal to the data receiving device, so that USB bus in the data receiving device can decrypt the hardware encrypted data received from the data transmitting device based on the target security authentication terminal, and hardware encryption and hardware decryption in a data remote transmission process are realized.
In one embodiment, the receiving, through the network, the hardware encryption data and the device description information and the hardware encryption data of the target security authentication terminal includes:
Receiving a first encrypted value and the hardware encrypted data over a network;
Encrypting the hardware encryption data by a preset algorithm to obtain a second encryption value;
when the first encryption value and the second encryption value are detected to be the same, a data integrity verification success message is sent to the data sending equipment;
And receiving the equipment description information of the target security authentication terminal through a network.
In one embodiment, the decrypting the hardware encrypted data according to the target security authentication terminal includes:
Controlling a data decryption interface of the target security authentication terminal to generate hardware decryption algorithm acquisition information;
transmitting the hardware decryption algorithm acquisition information to the data transmitting equipment;
receiving hardware decryption algorithm information;
and carrying out hardware decryption on the hardware encryption data according to the hardware decryption algorithm information.
According to a third aspect of the embodiments of the present disclosure, there is provided a data transmission apparatus applied to a data transmission device, the apparatus comprising:
The first encryption module is used for carrying out hardware encryption on the data through a target security authentication terminal inserted into the USB interface to obtain hardware encrypted data;
The acquisition module is used for acquiring the equipment description information of the target security authentication terminal;
And the first sending module is used for sending the device description information of the target security authentication terminal and the hardware encryption data to the data receiving device through a network so that the data receiving device can determine that the target security authentication terminal is accessed to a local target USB bus according to the device description information of the target security authentication terminal.
In one embodiment, the first encryption module includes:
and the encryption sub-module is used for carrying out hardware encryption on the data through the data encryption interface of the target security authentication terminal to obtain hardware encrypted data.
In one embodiment, the apparatus further comprises:
the first receiving module is used for receiving information acquired by a hardware decryption algorithm;
and the second sending module is used for sending the hardware decryption algorithm corresponding to the target security authentication terminal to the data receiving equipment through a network.
In one embodiment, the apparatus further comprises: the second encryption module, the third sending module and the second receiving module, the first sending module includes: a first transmitting sub-module;
the second encryption module is used for carrying out preset algorithm encryption on the hardware encryption data to obtain a first encryption value before the acquisition module acquires the equipment description information of the target security authentication terminal;
The third sending module is further configured to send the first encrypted value and the hardware encrypted data to the data receiving device through a network;
the second receiving module is further configured to receive a data integrity verification success message sent by the data receiving device;
the first sending sub-module is used for sending the device description information of the target security authentication terminal to the data receiving device through a network.
Based on the data transmission method described in the above embodiment corresponding to fig. 3, the following is an embodiment of the apparatus of the present disclosure, which may be used to execute the embodiment of the method of the present disclosure.
According to a fourth aspect of embodiments of the present disclosure, there is provided a data transmission apparatus applied to a data receiving device, the apparatus comprising:
the third receiving module is used for receiving the hardware encryption data, the equipment description information of the target security authentication terminal and the hardware encryption data through a network;
The determining module is used for determining that the target security authentication terminal is accessed to a local target USB bus according to the device description information of the target security authentication terminal;
and the decryption module is used for carrying out hardware decryption on the hardware encrypted data according to the target security authentication terminal to obtain data.
In one embodiment, the third receiving module includes:
The first receiving sub-module is used for receiving the first encryption value and the hardware encryption data through a network;
the computing sub-module is used for carrying out preset algorithm encryption on the hardware encryption data to obtain a second encryption value;
the second sending submodule is used for sending a data integrity verification success message to the data sending equipment when the first encryption value and the second encryption value are detected to be the same;
And the second receiving sub-module is used for receiving the equipment description information of the target security authentication terminal through a network.
In one embodiment, the decryption module includes:
the control sub-module is used for controlling the data decryption interface of the target security authentication terminal to generate hardware decryption algorithm acquisition information;
The third sending sub-module is used for sending the hardware decryption algorithm acquisition information to the data sending equipment;
the second receiving sub-module is used for receiving the hardware decryption algorithm information;
and the decryption sub-module is used for carrying out hardware decryption on the hardware encryption data according to the hardware decryption algorithm information.
According to a fifth aspect of embodiments of the present disclosure, there is provided a data transmission system comprising: a data transmitting device and a data receiving device;
The data transmitting device is used for carrying out hardware encryption on data through a target security authentication terminal inserted into the USB interface to obtain hardware encrypted data;
The data transmitting device is further used for acquiring device description information of the target security authentication terminal;
The data transmitting device is further configured to transmit, to a data receiving device through a network, device description information of the target security authentication terminal and the hardware encryption data, so that the data receiving device determines that the local target USB bus is accessed to the target security authentication terminal according to the device description information of the target security authentication terminal;
the data receiving device is used for receiving the hardware encryption data, the device description information of the target security authentication terminal and the hardware encryption data through a network;
the data receiving device is further used for determining that the target security authentication terminal is accessed into a local target USB bus according to the device description information of the target security authentication terminal;
the data receiving device is further used for performing hardware decryption on the hardware encrypted data according to the target security authentication terminal to obtain data.
In one embodiment, the data sending device is further configured to perform hardware encryption on the data through a data encryption interface of the target security authentication terminal to obtain hardware encrypted data.
In one embodiment, the data receiving device is further configured to control a data decryption interface of the target security authentication terminal to generate hardware decryption algorithm acquisition information;
the data receiving device is further used for sending the hardware decryption algorithm acquisition information to the data sending device;
the data transmitting equipment is also used for receiving information acquired by a hardware decryption algorithm;
The data transmitting device is further configured to transmit a hardware decryption algorithm corresponding to the target security authentication terminal to the data receiving device through a network;
the data receiving device is also used for receiving hardware decryption algorithm information;
The data receiving device is further used for performing hardware decryption on the hardware encrypted data according to the hardware decryption algorithm information.
In one embodiment, the data sending device is further configured to encrypt the hardware encrypted data by using a preset algorithm to obtain a first encrypted value;
The data transmitting device is further configured to transmit the first encrypted value and the hardware encrypted data to the data receiving device through a network;
the data receiving device is further configured to receive a first encrypted value and the hardware encrypted data through a network;
The data receiving device is further configured to encrypt the hardware encrypted data by using a preset algorithm to obtain a second encrypted value;
the data receiving device is further configured to send a data integrity verification success message to the data sending device when detecting that the first encrypted value and the second encrypted value are the same;
the data transmitting device is further configured to receive a data integrity verification success message sent by the data receiving device;
The data transmitting device is further used for transmitting the device description information of the target security authentication terminal to the data receiving device through a network;
the data receiving device is further used for receiving the device description information of the target security authentication terminal through a network.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the disclosure and together with the description, serve to explain the principles of the disclosure.
Fig. 1 is a flowchart of a data transmission method provided in an embodiment of the present disclosure;
Fig. 2 is a flowchart of a data transmission method provided in an embodiment of the present disclosure;
fig. 3 is a flowchart of a data transmission method provided in an embodiment of the present disclosure;
fig. 4 is a flowchart of a data transmission method provided in an embodiment of the present disclosure;
FIG. 5 is a block diagram of a USB system provided by an embodiment of the present disclosure;
FIG. 6 is a schematic block diagram of a USB device in communication with a USB bus provided by an embodiment of the present disclosure;
FIG. 7 is a communication schematic block diagram of a device replication link provided by an embodiment of the present disclosure;
FIG. 8 is a communication schematic block diagram of USB space division multiplexing provided by an embodiment of the present disclosure;
fig. 9 is an interaction diagram of a data transmission method provided in an embodiment of the present disclosure;
fig. 10 is a schematic diagram of a data transmission system provided in an embodiment of the present disclosure;
Fig. 11 is a block diagram of a data transmission apparatus according to an embodiment of the present disclosure;
Fig. 12 is a block diagram of a first encryption module in a data transmission apparatus according to an embodiment of the present disclosure;
Fig. 13 is a block diagram of a data transmission apparatus according to an embodiment of the present disclosure;
Fig. 14 is a block diagram of a data transmission apparatus provided in an embodiment of the present disclosure;
fig. 15 is a block diagram of a data transmission apparatus according to an embodiment of the present disclosure;
fig. 16 is a block diagram of a third receiving module in a data transmission apparatus according to an embodiment of the present disclosure;
fig. 17 is a block diagram of a decryption module in a data transmission apparatus according to an embodiment of the present disclosure.
Detailed Description
Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numbers in different drawings refer to the same or similar elements, unless otherwise indicated. The implementations described in the following exemplary examples are not representative of all implementations consistent with the present disclosure. Rather, they are merely examples of apparatus and methods consistent with some aspects of the present disclosure as detailed in the accompanying claims.
An embodiment of the present disclosure provides a data transmission method, as shown in fig. 1, applied to a data transmission device, including the steps of:
101. and carrying out hardware encryption on the data through a target security authentication terminal inserted into the USB interface to obtain hardware encrypted data.
In this step, the data transmitting apparatus notifies the local USB bus (english: USB bus) to perform hardware encryption on the transmitted data through the local target security authentication terminal.
For example, the target secure authentication terminal may be a target UKey.
Specifically, the user inserts the target security authentication terminal into the USB interface of the data transmission device, so that the transmitted data is encrypted by the target security authentication terminal in hardware.
102. And acquiring the equipment description information of the target security authentication terminal.
After the data encryption is completed, the USB bus in the data sending device receives the device description information of the target security authentication terminal.
After the USB bus in the data transmitting device receives the device description information of the target security authentication terminal, it will know that a USB device accesses the local USB bus, thereby identifying the corresponding USB device (target security authentication terminal).
It is noted that the device description information of the target security authentication terminal herein is in the form of a URB request block (Usb Request Block, abbreviated as URB) packet.
103. And sending the device description information and the hardware encryption data of the target security authentication terminal to the data receiving device through a network so that the data receiving device can determine that the local target USB bus is accessed to the target security authentication terminal according to the device description information of the target security authentication terminal.
After the data transmitting device acquires the device description information of the target security authentication terminal, the USB bus in the data transmitting device copies the acquired device description information of the target security authentication terminal and transmits the copied device description information to the USB bus in the data receiving device; after receiving the device description information of the target security authentication terminal sent by the data sending device, the USB bus in the data receiving device considers that the USB device accesses the local USB bus, and can identify the USB device (the target security authentication terminal) with the corresponding device description information.
At this time, the same USB device (target security authentication terminal) is displayed regardless of the local data transmission device or the remote data reception device.
In the disclosure, the data transmitting device can perform hardware encryption on data by using the target security authentication terminal, and simultaneously, can transmit the device description information of the target security authentication terminal to the data receiving device, so that the USB bus in the data receiving device can perform hardware decryption on the hardware encrypted data received from the data transmitting device based on the target security authentication terminal.
The method can realize hardware encryption and hardware decryption in the data remote transmission process based on the same target security authentication terminal, and can greatly improve the security of data transmission.
The data transmitting device establishes a communication connection with the data receiving device before the data transmission takes place.
The data transmission method provided by the embodiment of the disclosure comprises the following steps: carrying out hardware encryption on the data through a target security authentication terminal inserted into the USB interface to obtain hardware encrypted data; acquiring equipment description information of a target security authentication terminal; and sending the device description information and the hardware encryption data of the target security authentication terminal to the data receiving device through a network so that the data receiving device can determine that the local target USB bus is accessed to the target security authentication terminal according to the device description information of the target security authentication terminal. The data transmitting device can encrypt data by utilizing the target security authentication terminal in hardware, and can transmit device description information of the target security authentication terminal to the data receiving device, so that USB bus in the data receiving device can decrypt the hardware encrypted data received from the data transmitting device based on the target security authentication terminal, and hardware encryption and hardware decryption in a data remote transmission process are realized.
The target security authentication terminal comprises two interfaces, one is a data encryption interface and the other is a data decryption interface, and the data encryption interface and the data decryption interface can be respectively used for two devices in the disclosure, namely, the data encryption interface is used for a data sending device, and the data decryption interface is used for a data receiving device.
Specifically, the step 101 includes the following sub-steps:
And carrying out hardware encryption on the data through a data encryption interface of the target security authentication terminal to obtain hardware encrypted data.
The data encryption interface and the data decryption interface included in the target security authentication terminal are respectively used for two devices, so that the data transmission device can conduct hardware encryption on transmission data by utilizing the data encryption interface of the target security authentication terminal, and the data receiving device can conduct decryption on the hardware encryption data by utilizing the data decryption interface of the target security authentication terminal, and hardware encryption and hardware decryption in a data remote transmission process are achieved.
In one embodiment, the above method further comprises the sub-steps of:
receiving information acquired by a hardware decryption algorithm;
And transmitting a hardware decryption algorithm corresponding to the target security authentication terminal to the data receiving equipment through a network.
After receiving the information acquired by the hardware decryption algorithm sent by the data receiving device, the hardware decryption algorithm corresponding to the target security authentication terminal is sent to the data receiving device through a network, so that the data receiving device decrypts the hardware encrypted data based on the hardware decryption algorithm.
In one embodiment, as shown in fig. 2, before the step 102, the method further includes the following steps:
104. Encrypting the hardware encryption data by a preset algorithm to obtain a first encryption value;
105. Transmitting the first encrypted value and the hardware encrypted data to the data receiving device through the network;
106. Receiving a data integrity verification success message sent by data receiving equipment;
the step 103 includes the following sub-steps:
1031. and transmitting the device description information of the target security authentication terminal to the data receiving device through a network.
In order to ensure the integrity of the hardware encrypted data decrypted by the data receiving device, in the present disclosure, the hardware encrypted data is encrypted by a preset algorithm to obtain a first encrypted value, and then the first encrypted value and the hardware encrypted data are sent to the data receiving device through a network, after a data integrity verification success message sent by the data receiving device is received, it is indicated that the hardware encrypted data decrypted by the data receiving device is complete, and at this time, the data sending device sends device description information of the target security authentication terminal to the data receiving device through the network.
The preset algorithm may include MD5 encryption, among others.
An embodiment of the present disclosure provides a data transmission method, as shown in fig. 3, applied to a data receiving apparatus, including the steps of:
201. And receiving the hardware encryption data, the device description information of the target security authentication terminal and the hardware encryption data through a network.
202. And determining that the target security authentication terminal is accessed into the local target USB bus according to the device description information of the target security authentication terminal.
203. And carrying out hardware decryption on the hardware encrypted data according to the target security authentication terminal to obtain the data.
When the data receiving device receives the device description information of the target security authentication terminal sent by the data sending device, the local target USB bus can be determined to be accessed to the target security authentication terminal according to the device description information of the target security authentication terminal, namely, the local USB interface is inserted with USB equipment (target security authentication terminal), and at the moment, hardware decryption can be carried out on hardware encrypted data according to the target security authentication terminal to obtain data.
The data transmission method provided by the embodiment of the disclosure comprises the following steps: receiving hardware encryption data, device description information of a target security authentication terminal and the hardware encryption data through a network; determining that the target security authentication terminal is accessed into a local target USB bus according to the device description information of the target security authentication terminal; and carrying out hardware decryption on the hardware encrypted data according to the target security authentication terminal to obtain the data. The data transmitting device can encrypt data by utilizing the target security authentication terminal in hardware, and can transmit device description information of the target security authentication terminal to the data receiving device, so that USB bus in the data receiving device can decrypt the hardware encrypted data received from the data transmitting device based on the target security authentication terminal, and hardware encryption and hardware decryption in a data remote transmission process are realized.
In one embodiment, as shown in fig. 4, the step 201 includes the following sub-steps:
2011. Receiving a first encrypted value and hardware encrypted data through a network;
2012. Encrypting the hardware encryption data by a preset algorithm to obtain a second encryption value;
2013. When the first encryption value and the second encryption value are detected to be the same, a data integrity verification success message is sent to the data sending equipment;
2014. and receiving the device description information of the target security authentication terminal through the network.
In order to ensure the integrity of the hardware encrypted data decrypted by the data receiving device, in the present disclosure, the data receiving device receives not only the hardware encrypted data sent by the data sending device, but also a first encrypted value obtained by encrypting the hardware encrypted data by the data sending device through a preset algorithm, after receiving the hardware encrypted data and the first encrypted value, the data receiving device encrypts the hardware encrypted data according to the preset algorithm to obtain a second encrypted value, then compares the first encrypted value with the second encrypted value, and when the first encrypted value and the second encrypted value are the same, determines that the received hardware encrypted data is complete, and sends a data integrity verification success message to the data sending device.
The preset algorithm may include MD5 encryption, among others.
In one embodiment, the step 203 includes the following sub-steps:
a1, a data decryption interface of a control target security authentication terminal generates hardware decryption algorithm acquisition information;
a2, transmitting information acquired by a hardware decryption algorithm to data transmitting equipment;
A3, receiving hardware decryption algorithm information;
And A4, performing hardware decryption on the hardware encrypted data according to the hardware decryption algorithm information.
The data encryption interface included in the target security authentication terminal is used by the data sending device, and the data decryption interface included in the target security authentication terminal is used by the data receiving device, so that the data receiving device can control the data decryption interface of the target security authentication terminal to generate hardware decryption algorithm acquisition information, then the hardware decryption algorithm acquisition information is sent to the data sending device, so that the data sending device sends the hardware decryption algorithm information to the data receiving device, and after the data receiving device receives the hardware decryption algorithm information, hardware decryption is performed on the hardware encrypted data according to the hardware decryption algorithm information.
The method of the present disclosure is described in detail by the following embodiment, where the target secure authentication terminal may be a target UKey, and the preset algorithm is: and the MD5 algorithm corresponds to the MD5 value as the encryption value.
According to the specification of the USB protocol, each physical USB device has only one USB device descriptor, but each physical device may have multiple configurations, each of which may include multiple interfaces, each of which includes multiple endpoints. The USB protocol specifies that each interface represents a function, i.e. it can perform multiple functions when a USB device has multiple interfaces, and different interfaces use different drivers, such as most commonly a USB camera, with both camera and audio functions. In the invention, two interfaces are realized for UKEY, one is a data encryption interface and the other is a data decryption interface, and a target UKey space division multiplexing mode is provided, wherein the space division multiplexing refers to that the encryption and the data decryption interfaces on the same physical UKey are respectively used for two devices.
Specifically, as shown in fig. 5, in the USB system, each USB device corresponds to only one descriptor of the USB device, but each USB device descriptor may include multiple configurations, each configuration includes multiple interfaces, and each interface includes multiple endpoints; wherein,
USB device descriptor: for describing a USB;
Configuration: each USB device descriptor may include a number of different configurations, each configuration representing a set of one type of functionality;
An interface: each configuration may include a plurality of interfaces, each interface representing a function, and each interface corresponding to a driver in the USB bus; in the UKEY encryption system, two INTERFACEs are also utilized to respectively realize the functions of a data encryption INTERFACE (INTERFACE 1) and a data decryption INTERFACE (INTERFACE 2), and different INTERFACEs can be understood to be different spaces.
End point: an endpoint is an interface for data interaction and communication by a USB device.
In the prior art, a communication schematic block diagram of a USB device and a USB bus may refer to fig. 6, as shown in fig. 6, after the USB device is inserted into a USB interface (english: USB Port), a hub (english: root hub) sends related information of the USB device to a USB controller, and the USB device and the USB controller communicate by means of a URB packet, which may be simply understood as a packaging format of USB data for the URB. The USB controller sends the URB packet to the end point of the USB device through the local USB bus through the USB controller driver, and further communication with the USB device is achieved. The USB device in fig. 6 is, for example, a UKEY, so there are a UKEY data encryption interface driver that controls the data encryption interface, and a UKEY data decryption interface driver that controls the data decryption interface.
In the invention, the space division multiplexing of the target UKey comprises two stages, wherein the first stage is a device copying stage; the second phase is the space division multiplexing phase.
A basic schematic diagram of a first stage plant replication link can be seen in fig. 7, the main purpose of which is: the data transmitting device and the remote data receiving device share the same USB device (target UKey). For this purpose, it is necessary to have the data transmitting apparatus and the data receiving apparatus recognize the target UKey simultaneously, and specific recognition steps are as follows:
step 1, inserting a target UKEY into a USB interface of data transmission equipment;
And step 2, roothub in the data sending equipment sends the equipment description information of the target UKey to the USB bus on the data sending equipment in the form of URB packets through the USB controller and the USB controller drive of the USB controller, and meanwhile, the USB bus on the data sending equipment copies the received URB packets to the USB bus on the data receiving equipment through the Internet.
Through the steps, the USB bus of the local data sending device or the USB bus of the remote data receiving device can be considered to be connected to the USB bus after receiving the USB device information URB packet, and meanwhile, the USB device with corresponding device description information can be identified, namely, the target UKey can be identified, so that the target UKey is called to realize encryption and/or decryption of data.
The schematic diagram of the second stage USB space division multiplexing may refer to fig. 8, and in the first stage, since the USB bus on the data transmission device copies a received URB packet to a USB bus on the data reception device, the USB bus on the data transmission device and the data reception device both have the capability of identifying the target UKey, so that the target UKey can be used simultaneously.
In the USB space division multiplexing stage, the flow of data encryption by the data sending device through the target UKey is as follows:
step 3, the data transmitting equipment generates a URB packet for controlling the target UKY to execute encryption processing through a data encryption interface driver using the target UKEY;
Step 4, the data encryption interface driver sends the generated URB packet to a local USB bus;
and step 5, the local USB bus sends the URB packet to a USB controller driver program, so that the target UKEY data encryption interface is controlled to encrypt data.
The data receiving device carries out data decryption through the target UKey as follows:
step 6, the data receiving equipment generates a URB packet for controlling the target UKey to carry out decryption processing by using a local UKEY data decryption interface driver;
step 7, the data decryption interface driver sends the generated URB packet to a USB bus of the data sending equipment;
And 8, the USB bus of the data sending equipment forwards the URB packet containing the decryption algorithm information to the USB bus on the data receiving equipment through the Internet, and the USB bus realizes the decryption of the data according to the corresponding decryption algorithm.
The data transmission method based on hardware encryption is provided, the data sending equipment can conduct hardware encryption on transmission data by using the target UKey, meanwhile, the USB bus can be controlled to achieve space division multiplexing of the data receiving equipment on the target UKey, and therefore the USB bus in the data receiving equipment can conduct hardware decryption on the hardware encryption data received from the data sending equipment based on the target UKey. The mode can realize hardware encryption and hardware decryption in the data remote transmission process based on the space division multiplexing of the same UKey, and can greatly improve the safety of data transmission.
Based on the data transmission method provided in the foregoing corresponding embodiments of fig. 1 to fig. 4, another embodiment of the disclosure further provides a data transmission method, as shown in fig. 9, including the following sub-steps:
301. the data transmitting device performs hardware encryption on the data through a target security authentication terminal inserted into the USB interface to obtain hardware encrypted data.
Specifically, the data transmitting device performs hardware encryption on the data through a data encryption interface of the target security authentication terminal to obtain hardware encrypted data.
302. The data sending equipment encrypts hardware encrypted data by a preset algorithm to obtain a first encrypted value.
303. The data transmitting device transmits the first encrypted value and the hardware encrypted data to the data receiving device via the network.
304. The data receiving device receives the first encrypted value and the hardware encrypted data through the network, and encrypts the hardware encrypted data through a preset algorithm to obtain a second encrypted value.
305. And when the data receiving device detects that the first encryption value and the second encryption value are the same, the data receiving device sends a data integrity verification success message to the data sending device.
306. And the data transmitting equipment acquires the equipment description information of the target security authentication terminal after receiving the data integrity verification success message transmitted by the data receiving equipment.
307. The data transmitting device transmits the device description information of the target security authentication terminal to the data receiving device through the network.
308. The data receiving device receives device description information and hardware encryption data of the target security authentication terminal through a network.
309. The data receiving device determines that the local target USB bus is accessed to the target security authentication terminal according to the device description information of the target security authentication terminal, and hardware decryption is carried out on the hardware encrypted data according to the target security authentication terminal to obtain the data.
Specifically, the data receiving device controls a data decryption interface of the target security authentication terminal to generate hardware decryption algorithm acquisition information;
The data receiving equipment sends the hardware decryption algorithm acquisition information to the data sending equipment;
after receiving the information acquired by the hardware decryption algorithm, the data transmitting device transmits the hardware decryption algorithm corresponding to the target security authentication terminal to the data receiving device through the network.
The data receiving device receives the hardware decryption algorithm information and performs hardware decryption on the hardware encrypted data according to the hardware decryption algorithm information.
Based on the data transmission method provided in the foregoing corresponding embodiments of fig. 1 to 4, another embodiment of the present disclosure provides a data transmission system, as shown in fig. 10, including: a data transmitting device and a data receiving device;
The data transmitting device is used for carrying out hardware encryption on data through a target security authentication terminal inserted into the USB interface to obtain hardware encrypted data;
The data transmitting device is further used for acquiring device description information of the target security authentication terminal;
The data transmitting device is further configured to transmit, to a data receiving device through a network, device description information of the target security authentication terminal and the hardware encryption data, so that the data receiving device determines that the local target USB bus is accessed to the target security authentication terminal according to the device description information of the target security authentication terminal;
the data receiving device is used for receiving the hardware encryption data, the device description information of the target security authentication terminal and the hardware encryption data through a network;
the data receiving device is further used for determining that the target security authentication terminal is accessed into a local target USB bus according to the device description information of the target security authentication terminal;
the data receiving device is further used for performing hardware decryption on the hardware encrypted data according to the target security authentication terminal to obtain data.
In one embodiment, the data sending device is further configured to perform hardware encryption on the data through a data encryption interface of the target security authentication terminal to obtain hardware encrypted data.
In one embodiment, the data receiving device is further configured to control a data decryption interface of the target security authentication terminal to generate hardware decryption algorithm acquisition information;
the data receiving device is further used for sending the hardware decryption algorithm acquisition information to the data sending device;
the data transmitting equipment is also used for receiving information acquired by a hardware decryption algorithm;
The data transmitting device is further configured to transmit a hardware decryption algorithm corresponding to the target security authentication terminal to the data receiving device through a network;
the data receiving device is also used for receiving hardware decryption algorithm information;
The data receiving device is further used for performing hardware decryption on the hardware encrypted data according to the hardware decryption algorithm information.
In one embodiment, the data sending device is further configured to encrypt the hardware encrypted data by using a preset algorithm to obtain a first encrypted value;
The data transmitting device is further configured to transmit the first encrypted value and the hardware encrypted data to the data receiving device through a network;
the data receiving device is further configured to receive a first encrypted value and the hardware encrypted data through a network;
The data receiving device is further configured to encrypt the hardware encrypted data by using a preset algorithm to obtain a second encrypted value;
the data receiving device is further configured to send a data integrity verification success message to the data sending device when detecting that the first encrypted value and the second encrypted value are the same;
the data transmitting device is further configured to receive a data integrity verification success message sent by the data receiving device;
The data transmitting device is further used for transmitting the device description information of the target security authentication terminal to the data receiving device through a network;
the data receiving device is further used for receiving the device description information of the target security authentication terminal through a network.
Based on the data transmission method described in the corresponding embodiment of fig. 1, the following is an embodiment of the apparatus of the present disclosure, which may be used to execute the embodiment of the method of the present disclosure.
An embodiment of the present disclosure provides a data transmission apparatus, as shown in fig. 11, applied to a data transmission device, including:
The first encryption module 11 is configured to perform hardware encryption on data through a target security authentication terminal inserted into the USB interface to obtain hardware encrypted data;
an obtaining module 12, configured to obtain device description information of the target security authentication terminal;
A first sending module 13, configured to send, to a data receiving device through a network, device description information of the target security authentication terminal and the hardware encrypted data, so that the data receiving device determines, according to the device description information of the target security authentication terminal, that the local target USB bus is accessed to the target security authentication terminal.
In one embodiment, as shown in fig. 12, the first encryption module 11 includes:
and the encryption sub-module 111 is configured to perform hardware encryption on the data through a data encryption interface of the target security authentication terminal to obtain hardware encrypted data.
In one embodiment, as shown in fig. 13, the apparatus further comprises:
a first receiving module 14, configured to receive information acquired by a hardware decryption algorithm;
And the second sending module 15 is used for sending the hardware decryption algorithm corresponding to the target security authentication terminal to the data receiving device through a network.
In one embodiment, as shown in fig. 14, the apparatus further comprises: a second encryption module 16, a third transmission module 17 and a second receiving module 18, the first transmission module 13 comprising: a first transmitting sub-module 131;
The second encryption module 16 is configured to encrypt the hardware encrypted data by using a preset algorithm to obtain a first encrypted value before the obtaining module obtains the device description information of the target security authentication terminal;
The third sending module 17 is further configured to send the first encrypted value and the hardware encrypted data to the data receiving apparatus through a network;
the second receiving module 18 is further configured to receive a data integrity verification success message sent by the data receiving device;
the first sending sub-module 131 is configured to send, to a data receiving device through a network, device description information of the target security authentication terminal.
Based on the data transmission method described in the above embodiment corresponding to fig. 3, the following is an embodiment of the apparatus of the present disclosure, which may be used to execute the embodiment of the method of the present disclosure.
An embodiment of the present disclosure provides a data transmission apparatus, as shown in fig. 15, applied to a data receiving device, including:
A third receiving module 21 for receiving the hardware encryption data and the device description information and the hardware encryption data of the target security authentication terminal through the network;
A determining module 22, configured to determine, according to the device description information of the target security authentication terminal, that the local target USB bus is accessed to the target security authentication terminal;
and the decryption module 23 is configured to perform hardware decryption on the hardware encrypted data according to the target security authentication terminal to obtain data.
In one embodiment, as shown in fig. 16, the third receiving module 21 includes:
a first receiving sub-module 211, configured to receive, via a network, a first encrypted value and the hardware encrypted data;
The computing sub-module 212 is configured to encrypt the hardware encrypted data by using a preset algorithm to obtain a second encrypted value;
A second transmitting sub-module 213, configured to transmit a data integrity verification success message to the data transmitting device when detecting that the first encrypted value and the second encrypted value are the same;
The second receiving sub-module 214 receives the device description information of the target security authentication terminal through a network.
In one embodiment, as shown in fig. 17, the decryption module 23 includes:
a control sub-module 231, configured to control the data decryption interface of the target security authentication terminal to generate hardware decryption algorithm acquisition information;
A third sending sub-module 232, configured to send the hardware decryption algorithm acquisition information to the data sending device;
a second receiving sub-module 233, configured to receive hardware decryption algorithm information;
And the decryption sub-module 234 is configured to perform hardware decryption on the hardware encrypted data according to the hardware decryption algorithm information.
Based on the data transmission method described in the above embodiment corresponding to fig. 1, the embodiment of the present disclosure further provides a computer readable storage medium, for example, a non-transitory computer readable storage medium may be a Read Only Memory (ROM), a random access Memory (Random Access Memory, RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like. The storage medium stores computer instructions for executing the data transmission method described in the corresponding embodiment of fig. 1, which is not described herein.
Based on the data transmission method described in the above embodiment corresponding to fig. 3, the embodiment of the present disclosure further provides a computer readable storage medium, for example, a non-transitory computer readable storage medium may be a Read Only Memory (ROM), a random access Memory (Random Access Memory, RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like. The storage medium stores computer instructions for executing the data transmission method described in the embodiment corresponding to fig. 3, which is not described herein.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This application is intended to cover any adaptations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It is to be understood that the present disclosure is not limited to the precise arrangements and instrumentalities shown in the drawings, and that various modifications and changes may be effected without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.

Claims (8)

1.A data transmission method, the method being applied to a data transmission apparatus, the method comprising:
carrying out hardware encryption on the data through a target security authentication terminal inserted into the USB interface to obtain hardware encrypted data;
acquiring equipment description information of the target security authentication terminal;
Transmitting the device description information of the target security authentication terminal and the hardware encryption data to a data receiving device through a network, so that the data receiving device can determine that the local target USB bus is accessed to the target security authentication terminal according to the device description information of the target security authentication terminal;
receiving information acquired by a hardware decryption algorithm;
Transmitting a hardware decryption algorithm corresponding to the target security authentication terminal to the data receiving equipment through a network;
the target security authentication terminal is provided with a data encryption interface and a data decryption interface, wherein the data encryption interface is used by the data sending equipment, and the data decryption interface is used by the data receiving equipment.
2. The method according to claim 1, wherein the hardware encrypting the data by the target security authentication terminal inserted into the USB interface includes:
And carrying out hardware encryption on the data through a data encryption interface of the target security authentication terminal to obtain hardware encrypted data.
3. The method according to claim 1, wherein prior to the obtaining the device description information of the target security authentication terminal, the method further comprises:
encrypting the hardware encryption data by a preset algorithm to obtain a first encryption value;
Transmitting the first encrypted value and the hardware encrypted data to the data receiving apparatus via a network;
receiving a data integrity verification success message sent by the data receiving equipment;
The sending, to a data receiving device via a network, device description information of the target security authentication terminal and the hardware encryption data includes:
and transmitting the device description information of the target security authentication terminal to the data receiving device through a network.
4. A data transmission method, the method being applied to a data receiving apparatus, the method comprising:
receiving hardware encryption data, device description information of a target security authentication terminal and the hardware encryption data through a network;
determining that the target security authentication terminal is accessed to a local target USB bus according to the device description information of the target security authentication terminal;
performing hardware decryption on the hardware encryption data according to the target security authentication terminal to obtain data;
the hardware decryption of the hardware encryption data according to the target security authentication terminal comprises the following steps:
Controlling a data decryption interface of the target security authentication terminal to generate hardware decryption algorithm acquisition information;
transmitting the hardware decryption algorithm acquired information to data transmitting equipment;
receiving hardware decryption algorithm information;
the target security authentication terminal is provided with a data encryption interface and a data decryption interface, wherein the data encryption interface is used by the data sending equipment, and the data decryption interface is used by the data receiving equipment.
5. The method of claim 4, wherein the receiving the hardware encryption data and the device description information and the hardware encryption data of the target security authentication terminal through the network comprises:
Receiving a first encrypted value and the hardware encrypted data over a network;
Encrypting the hardware encryption data by a preset algorithm to obtain a second encryption value;
when the first encryption value and the second encryption value are detected to be the same, a data integrity verification success message is sent to the data sending equipment;
And receiving the equipment description information of the target security authentication terminal through a network.
6. A data transmission apparatus, the data transmission apparatus being applied to a data transmission device, the apparatus comprising:
The first encryption module is used for carrying out hardware encryption on the data through a target security authentication terminal inserted into the USB interface to obtain hardware encrypted data;
The acquisition module is used for acquiring the equipment description information of the target security authentication terminal;
the first sending module is used for sending the device description information of the target security authentication terminal and the hardware encryption data to the data receiving device through a network so that the data receiving device can determine that the target security authentication terminal is accessed to a local target USB bus according to the device description information of the target security authentication terminal;
the first receiving module is used for receiving information acquired by a hardware decryption algorithm;
The second sending module is used for sending a hardware decryption algorithm corresponding to the target security authentication terminal to the data receiving equipment through a network;
the target security authentication terminal is provided with a data encryption interface and a data decryption interface, wherein the data encryption interface is used by the data sending equipment, and the data decryption interface is used by the data receiving equipment.
7. A data transmission apparatus, the data transmission apparatus being applied to a data receiving device, the apparatus comprising:
the third receiving module is used for receiving the hardware encryption data, the equipment description information of the target security authentication terminal and the hardware encryption data through a network;
The determining module is used for determining that the target security authentication terminal is accessed to a local target USB bus according to the device description information of the target security authentication terminal;
The decryption module is used for carrying out hardware decryption on the hardware encryption data according to the target security authentication terminal to obtain data;
The decryption module comprises:
the control sub-module is used for controlling the data decryption interface of the target security authentication terminal to generate hardware decryption algorithm acquisition information;
the third sending submodule is used for sending the hardware decryption algorithm acquisition information to the data sending equipment;
the second receiving sub-module is used for receiving the hardware decryption algorithm information;
The decryption sub-module is used for carrying out hardware decryption on the hardware encryption data according to the hardware decryption algorithm information;
the target security authentication terminal is provided with a data encryption interface and a data decryption interface, wherein the data encryption interface is used by the data sending equipment, and the data decryption interface is used by the data receiving equipment.
8. A data transmission system, the data transmission system comprising: a data transmitting device and a data receiving device;
The data transmitting device is used for carrying out hardware encryption on data through a target security authentication terminal inserted into the USB interface to obtain hardware encrypted data;
The data transmitting device is further used for acquiring device description information of the target security authentication terminal;
The data transmitting device is further configured to transmit, to a data receiving device through a network, device description information of the target security authentication terminal and the hardware encryption data, so that the data receiving device determines that the local target USB bus is accessed to the target security authentication terminal according to the device description information of the target security authentication terminal;
the data transmitting device is further configured to receive information acquired by a hardware decryption algorithm, and transmit the hardware decryption algorithm corresponding to the target security authentication terminal to the data receiving device through a network;
the data receiving device is used for receiving the hardware encryption data, the device description information of the target security authentication terminal and the hardware encryption data through a network;
the data receiving device is further used for determining that the target security authentication terminal is accessed into a local target USB bus according to the device description information of the target security authentication terminal;
the data receiving device is further used for performing hardware decryption on the hardware encryption data according to the target security authentication terminal to obtain data;
The data receiving device is further used for controlling the data decryption interface of the target security authentication terminal to generate hardware decryption algorithm acquisition information, sending the hardware decryption algorithm acquisition information to the data sending device and receiving the hardware decryption algorithm information;
the target security authentication terminal is provided with a data encryption interface and a data decryption interface, wherein the data encryption interface is used by the data sending equipment, and the data decryption interface is used by the data receiving equipment.
CN202010515479.8A 2020-06-08 2020-06-08 Data transmission method and device Active CN111756532B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010515479.8A CN111756532B (en) 2020-06-08 2020-06-08 Data transmission method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010515479.8A CN111756532B (en) 2020-06-08 2020-06-08 Data transmission method and device

Publications (2)

Publication Number Publication Date
CN111756532A CN111756532A (en) 2020-10-09
CN111756532B true CN111756532B (en) 2024-06-07

Family

ID=72676480

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010515479.8A Active CN111756532B (en) 2020-06-08 2020-06-08 Data transmission method and device

Country Status (1)

Country Link
CN (1) CN111756532B (en)

Citations (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6922785B1 (en) * 2000-05-11 2005-07-26 International Business Machines Corporation Apparatus and a method for secure communications for network computers
CN201160005Y (en) * 2008-03-12 2008-12-03 高志敏 U disk for encryption
WO2011120421A1 (en) * 2010-03-31 2011-10-06 北京飞天诚信科技有限公司 Method for implementing encryption engine
CN102238135A (en) * 2010-04-26 2011-11-09 许丰 Security authentication server
CN103152157A (en) * 2013-02-04 2013-06-12 快车科技有限公司 Secure encrypted method and relevant device
WO2014117429A1 (en) * 2013-02-04 2014-08-07 快车科技有限公司 Security information interaction method and related device
CN104219234A (en) * 2014-08-28 2014-12-17 杭州华澜微科技有限公司 Security method of personal data in cloud storage
KR101535622B1 (en) * 2014-01-27 2015-07-09 동서대학교산학협력단 Common use printer security system using indivisual authentication, encryption and decryption, and common use printer security method using the same
WO2015117333A1 (en) * 2014-07-16 2015-08-13 中兴通讯股份有限公司 Information processing method and apparatus, encryption device and computer storage medium
CN105426732A (en) * 2015-11-11 2016-03-23 北京市国路安信息技术股份有限公司 Network based USBKey multiplexing method and network remote end
CN106302482A (en) * 2016-08-22 2017-01-04 浙江省数字安全证书管理有限公司 A kind of browser-cross uses hardware encryption medium data safe transmission system and method
CN106506085A (en) * 2015-09-07 2017-03-15 哈尔滨卓晋科技有限公司 A kind of remote USB wavelength-division multiplex optical transceiver module
CN106992978A (en) * 2017-03-28 2017-07-28 联想(北京)有限公司 Network safety managing method and server
WO2017128707A1 (en) * 2016-01-29 2017-08-03 努比亚技术有限公司 Dual-channel mobile terminal for reusing usb port and information processing method
CN107146120A (en) * 2017-04-25 2017-09-08 大象慧云信息技术有限公司 The generation method and generating means of electronic invoice
CN107466030A (en) * 2017-07-31 2017-12-12 努比亚技术有限公司 Data transmission system, method, external equipment and mobile terminal
KR20180026230A (en) * 2016-09-02 2018-03-12 한전케이디엔주식회사 Security gateway that implements multiple communication cryptographic operation parallelism
CN108256339A (en) * 2016-12-28 2018-07-06 航天信息股份有限公司 A kind of method and system protected based on Quick Response Code to electronic invoice information
CN108763917A (en) * 2018-06-05 2018-11-06 北京华大智宝电子系统有限公司 A kind of data encryption/decryption method and device
CN109362077A (en) * 2018-12-24 2019-02-19 成都三零瑞通移动通信有限公司 A kind of mobile intelligent terminal packet data encrypted transmission method and device
CN109614789A (en) * 2018-11-07 2019-04-12 平安科技(深圳)有限公司 A kind of verification method and equipment of terminal device
CN110661814A (en) * 2019-10-14 2020-01-07 江苏国泰新点软件有限公司 Bidding file encryption and decryption method, device, equipment and medium
CN110830395A (en) * 2018-08-14 2020-02-21 上海诺基亚贝尔股份有限公司 Method, apparatus, and computer storage medium for data detection in a communication system

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW200421813A (en) * 2003-04-03 2004-10-16 Admtek Inc Encryption/decryption device of WLAN and method thereof
US20050114710A1 (en) * 2003-11-21 2005-05-26 Finisar Corporation Host bus adapter for secure network devices
JP2005173197A (en) * 2003-12-11 2005-06-30 Buffalo Inc Encryption /decryption processing system and encryption/decryption processing apparatus
US9451455B2 (en) * 2012-06-11 2016-09-20 Blackberry Limited Enabling multiple authentication applications
CN104838636B (en) * 2012-10-29 2018-10-16 高通股份有限公司 Ethernet on USB interface with full-duplex differential pair
US9680841B2 (en) * 2014-02-24 2017-06-13 Keypasco Ab Network authentication method for secure user identity verification using user positioning information

Patent Citations (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6922785B1 (en) * 2000-05-11 2005-07-26 International Business Machines Corporation Apparatus and a method for secure communications for network computers
CN201160005Y (en) * 2008-03-12 2008-12-03 高志敏 U disk for encryption
WO2011120421A1 (en) * 2010-03-31 2011-10-06 北京飞天诚信科技有限公司 Method for implementing encryption engine
CN102238135A (en) * 2010-04-26 2011-11-09 许丰 Security authentication server
CN103152157A (en) * 2013-02-04 2013-06-12 快车科技有限公司 Secure encrypted method and relevant device
WO2014117429A1 (en) * 2013-02-04 2014-08-07 快车科技有限公司 Security information interaction method and related device
KR101535622B1 (en) * 2014-01-27 2015-07-09 동서대학교산학협력단 Common use printer security system using indivisual authentication, encryption and decryption, and common use printer security method using the same
WO2015117333A1 (en) * 2014-07-16 2015-08-13 中兴通讯股份有限公司 Information processing method and apparatus, encryption device and computer storage medium
CN104219234A (en) * 2014-08-28 2014-12-17 杭州华澜微科技有限公司 Security method of personal data in cloud storage
CN106506085A (en) * 2015-09-07 2017-03-15 哈尔滨卓晋科技有限公司 A kind of remote USB wavelength-division multiplex optical transceiver module
CN105426732A (en) * 2015-11-11 2016-03-23 北京市国路安信息技术股份有限公司 Network based USBKey multiplexing method and network remote end
WO2017128707A1 (en) * 2016-01-29 2017-08-03 努比亚技术有限公司 Dual-channel mobile terminal for reusing usb port and information processing method
CN106302482A (en) * 2016-08-22 2017-01-04 浙江省数字安全证书管理有限公司 A kind of browser-cross uses hardware encryption medium data safe transmission system and method
KR20180026230A (en) * 2016-09-02 2018-03-12 한전케이디엔주식회사 Security gateway that implements multiple communication cryptographic operation parallelism
CN108256339A (en) * 2016-12-28 2018-07-06 航天信息股份有限公司 A kind of method and system protected based on Quick Response Code to electronic invoice information
CN106992978A (en) * 2017-03-28 2017-07-28 联想(北京)有限公司 Network safety managing method and server
CN107146120A (en) * 2017-04-25 2017-09-08 大象慧云信息技术有限公司 The generation method and generating means of electronic invoice
CN107466030A (en) * 2017-07-31 2017-12-12 努比亚技术有限公司 Data transmission system, method, external equipment and mobile terminal
CN108763917A (en) * 2018-06-05 2018-11-06 北京华大智宝电子系统有限公司 A kind of data encryption/decryption method and device
CN110830395A (en) * 2018-08-14 2020-02-21 上海诺基亚贝尔股份有限公司 Method, apparatus, and computer storage medium for data detection in a communication system
CN109614789A (en) * 2018-11-07 2019-04-12 平安科技(深圳)有限公司 A kind of verification method and equipment of terminal device
CN109362077A (en) * 2018-12-24 2019-02-19 成都三零瑞通移动通信有限公司 A kind of mobile intelligent terminal packet data encrypted transmission method and device
CN110661814A (en) * 2019-10-14 2020-01-07 江苏国泰新点软件有限公司 Bidding file encryption and decryption method, device, equipment and medium

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
基于USBKey认证技术的文档安全防护系统;施明泰;;电力信息化;20110915(第09期);90-94 *
基于USB接口的DVB-C数据广播接入终端;冯卓明, 刘卫忠, 郑立新, 刘屹;有线电视技术;20040510(第05期);95-99 *
无驱动USB认证模块在电子商务中的应用;谢知非;单片机与嵌入式系统应用;20030201(第02期);58-60 *
移动硬盘硬件加密的设计与实现;胡伟;慕德俊;刘航;李美峰;戴冠中;;计算机工程与应用;20100801(第22期);66-68 *

Also Published As

Publication number Publication date
CN111756532A (en) 2020-10-09

Similar Documents

Publication Publication Date Title
CN110134424B (en) Firmware upgrading method and system, server, intelligent device and readable storage medium
EP3255832B1 (en) Dynamic encryption method, terminal and server
US7218736B1 (en) Data transfer method
US20030226011A1 (en) Data transmitting apparatus, data receiving apparatus, data transmission system and data transmission method
CN113438071A (en) Method and device for secure communication
JP2005102163A (en) Equipment authentication system, server, method and program, terminal and storage medium
US11159329B2 (en) Collaborative operating system
KR20060045440A (en) A method and system for recovering password protected private data via a communication network without exposing the private data
CN108927808B (en) ROS node communication method, authentication method and device
US8363835B2 (en) Method for transmission/reception of contents usage right information in encrypted form, and device thereof
WO2020102974A1 (en) Data access method, data access apparatus, and mobile terminal
US20200089867A1 (en) System and method for authentication
CN111726801A (en) Network security control method
CN116830525A (en) Data transmission method, device, system, electronic equipment and readable medium
JPH10242957A (en) User authentication method, system therefor and storage medium for user authentication
CN113141333B (en) Communication method, device, server, system and storage medium of network access device
CN111756532B (en) Data transmission method and device
CN108989302B (en) OPC proxy connection system and connection method based on secret key
CN111901335A (en) Block chain data transmission management method and system based on middle station
EP4016921A1 (en) Certificate management method and apparatus
CN113434837B (en) Method and device for equipment identity authentication and smart home system
US20040019806A1 (en) Securing a remote command call using a security protocol
US20140032897A1 (en) Securely establishing a communication channel between a switch and a network-based application using a unique identifier for the network-based application
CN109150867B (en) Network information transmission encryption/decryption device and encryption/decryption method
CN112995107A (en) Communication method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant