CN112995138A - Data communication method and device, electronic equipment and readable storage medium - Google Patents

Data communication method and device, electronic equipment and readable storage medium Download PDF

Info

Publication number
CN112995138A
CN112995138A CN202110151722.7A CN202110151722A CN112995138A CN 112995138 A CN112995138 A CN 112995138A CN 202110151722 A CN202110151722 A CN 202110151722A CN 112995138 A CN112995138 A CN 112995138A
Authority
CN
China
Prior art keywords
data message
data
user
field
communication method
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110151722.7A
Other languages
Chinese (zh)
Other versions
CN112995138B (en
Inventor
杨磊
李俊
王刚
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Junzheng Network Technology Co Ltd
Original Assignee
Shanghai Junzheng Network Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Junzheng Network Technology Co Ltd filed Critical Shanghai Junzheng Network Technology Co Ltd
Priority to CN202110151722.7A priority Critical patent/CN112995138B/en
Publication of CN112995138A publication Critical patent/CN112995138A/en
Application granted granted Critical
Publication of CN112995138B publication Critical patent/CN112995138B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/12Arrangements for detecting or preventing errors in the information received by using return channel
    • H04L1/16Arrangements for detecting or preventing errors in the information received by using return channel in which the return channel carries supervisory signals, e.g. repetition request signals
    • H04L1/1607Details of the supervisory signal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L1/00Arrangements for detecting or preventing errors in the information received
    • H04L1/12Arrangements for detecting or preventing errors in the information received by using return channel
    • H04L1/16Arrangements for detecting or preventing errors in the information received by using return channel in which the return channel carries supervisory signals, e.g. repetition request signals
    • H04L1/18Automatic repetition systems, e.g. Van Duuren systems
    • H04L1/1829Arrangements specially adapted for the receiver end
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks

Abstract

The invention discloses a data communication method, a data communication device, electronic equipment and a storage medium. The electronic equipment judges the data message after receiving the data message carrying the encrypted ciphertext information field, and when the data message is abnormal, the electronic equipment can send the data message carrying the unencrypted ciphertext information field to the sending end for requesting the sending end to resend the data message, so that the information security can be improved when the sending end sends the encrypted data message, and when the sending end requests to resend the data message, the link of decrypting the data without the security requirement by the sending end can be omitted, the efficiency in the interactive process is improved, meanwhile, the abnormal data is timely fed back, the resending of the data is requested, the information feedback to the user side can be provided, and the user experience is improved.

Description

Data communication method and device, electronic equipment and readable storage medium
Technical Field
The present invention relates to the field of communications technologies, and in particular, to a data communication method and apparatus, an electronic device, and a readable storage medium.
Background
With the rise of the internet of things, interaction between equipment and equipment is more and more, and a user can realize interaction with other equipment through a terminal, for example, a refrigerator, a water heater, an electric lamp, a television and the like are controlled through a mobile phone. The user terminal and the equipment can be directly interacted, and the interaction can also be carried out through the cloud server. With the information security being gradually valued by people, the interactive information security between devices in the internet of things is also more and more valued. The existing data communication usually realizes the security of the interactive information through an encryption mode, commonly used encryption methods include RC4, AES and the like, and the general data encryption is to encrypt a certain section or global data in the data. In the existing data communication scheme, when received data is abnormal, follow-up processing is not usually performed, the data is directly abandoned and then other data is processed or data to be received next time is waited, the information feedback of the equipment is poor due to the mode, a user cannot feel the feedback of the equipment to interactive information in the interaction process between the equipment, the user experience of the user to the equipment of the internet of things can be greatly reduced, and on the other hand, the efficiency of interaction and feedback is reduced due to the fact that the equipment of the internet of things is more frequent than the user due to the fact that the encryption link is added in the existing communication mode.
Disclosure of Invention
In view of the above defects in the prior art, the present invention is to solve the problems that a user cannot feel information feedback of an internet of things device due to no feedback when receiving abnormal data, and interaction efficiency is reduced due to a communication data encryption manner in the prior art.
In order to achieve the above object, the present invention provides a data communication method applied to an electronic device, the data communication method including: receiving a first data message sent by a sending end, wherein the first data message carries an encrypted ciphertext information field; judging whether the first data message is abnormal or not; and when the first data message is abnormal, sending a second data message for requesting to resend the first data message to the sending end, wherein the second data message has the same format as the first data message, and the second data message carries an unencrypted ciphertext information field.
In a preferred embodiment of the present invention, the first data packet and the second data packet each include an encryption method field for representing an encryption rule of a ciphertext information field, and the encryption method field of the first data packet is written with first identification information for representing encryption of the ciphertext information field; and second identification information for indicating that the ciphertext information field is not encrypted is written in the encryption method field of the second data message.
In a preferred embodiment of the present invention, the first data packet further includes a plaintext information field, where the plaintext information field includes the encryption method field and a user identification field, and the user identification field queries a key corresponding to a user identification.
In a preferred embodiment of the present invention, one user identifier corresponds to at least one key, and when the user has multiple user terminals, one key is generated according to the unique identifier of each user terminal, so as to obtain multiple keys in one-to-one correspondence with the multiple user terminals.
In a preferred embodiment of the invention, the key is generated by: acquiring a user identifier, a unique identifier of a user terminal, a mobile phone signal value at the application moment, mobile phone positioning information at the application moment, delay between a server and the user terminal and application time; and generating a secret key corresponding to the user terminal by using a preset algorithm by taking the user identifier, the unique identifier of the user terminal, the mobile phone signal value at the application moment, the mobile phone positioning information at the application moment, the delay between the server and the user terminal and the application time as seeds.
In a preferred embodiment of the present invention, the method further comprises: when the first data message is normal, all secret keys corresponding to the user identification are inquired from the local; and sequentially decrypting the ciphertext information fields in the first data message by using the inquired secret keys until the decryption is successful, and caching the secret keys which are successfully decrypted.
In a preferred embodiment of the present invention, the ciphertext information field further includes a ciphertext check field, configured to check the decryption result; after decryption succeeds, the data communication method further comprises the following steps: verifying the decryption result by using the ciphertext verification field; and when the decryption result passes the verification, determining that the decryption result is legal.
In a preferred embodiment of the present invention, the determining whether the first data packet is abnormal includes: checking the first data message; and when the first data message does not pass the verification, determining that the first data message is abnormal.
In order to achieve the above object, the present invention also provides a data communication apparatus, comprising: the receiving module is used for receiving a first data message sent by a sending end, wherein the first data message carries an encrypted ciphertext information field; the judging module is used for judging whether the first data message is abnormal or not; and the sending module is used for sending a second data message for requesting to resend the first data message to the sending end when the first data message is abnormal, wherein the second data message has the same format as the first data message, and the second data message carries an unencrypted ciphertext information field.
In order to achieve the above object, the present invention also provides an electronic device, including: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to perform the data communication method described above.
To achieve the above object, the present invention also provides a computer-readable storage medium storing computer instructions for causing a computer to execute the above data communication method.
The device or the method provided by the invention has the following technical effects:
1. according to the embodiment of the invention, after receiving the data message carrying the encrypted ciphertext information field, the electronic equipment performs abnormity judgment on the data message, and when the abnormity occurs, the electronic equipment can send the data message carrying the unencrypted ciphertext information field to the sending end for requesting the sending end to resend the data message, so that the information security can be improved when the sending end sends the encrypted data message, and when the resending is requested, the sending end sends the unencrypted data message, so that the link of decrypting the data without the security requirement can be omitted, the efficiency in the interactive process is improved, meanwhile, the abnormal data is timely fed back, the resending of the data is requested, the information feedback to the user side can be provided, and the user experience is improved.
2. In the embodiment of the invention, after the ciphertext information is successfully decrypted, the validity is verified, that is, in the embodiment of the invention, the data message is verified once, and then the decryption result is verified again, so that the correctness of the data can be fully ensured, and the abnormal interaction is avoided.
3. The embodiment of the invention supports various encryption modes, ensures the communication safety and improves the interaction efficiency.
The conception, the specific structure and the technical effects of the present invention will be further described with reference to the accompanying drawings to fully understand the objects, the features and the effects of the present invention.
Drawings
FIG. 1 is a flow chart of a preferred embodiment of a data communication method of the present invention;
FIG. 2 is a block diagram of a preferred embodiment of a data communication device according to the present invention;
FIG. 3 is a diagram of an electronic device according to a preferred embodiment of the present invention.
Detailed Description
The embodiments of the present invention are described below with reference to specific embodiments, and other advantages and effects of the present invention will be easily understood by those skilled in the art from the disclosure of the present specification. The invention is capable of other and different embodiments and of being practiced or of being carried out in various ways, and its several details are capable of modification in various respects, all without departing from the spirit and scope of the present invention. It is to be noted that the features in the following embodiments and examples may be combined with each other without conflict.
It should be noted that the drawings provided in the following embodiments are only for illustrating the basic idea of the present invention, and the drawings only show the components related to the present invention rather than the number, shape and size of the components in actual implementation, and the type, quantity and proportion of the components in actual implementation may be changed freely, and the layout of the components may be more complicated.
Some exemplary embodiments of the invention have been described for illustrative purposes, and it is to be understood that the invention may be practiced otherwise than as specifically described.
The embodiment of the invention provides a data communication method, which is applied to electronic equipment, mainly applied to electronic equipment in the Internet of things, and comprises the following steps: the household appliances such as televisions, water heaters, refrigerators, washing machines and the like can also be other electronic products. The electronic equipment in the embodiment of the invention can be communicated with a user terminal or a cloud server.
As shown in fig. 1, the data communication method according to the embodiment of the present invention includes:
step S101, a first data message sent by a sending end is received, wherein the first data message carries an encrypted ciphertext information field.
The sending end can be a user terminal or a cloud server, and the user can control and operate the electronic equipment in the internet of things through the cloud server, so that the data message sent to the electronic equipment can be forwarded by the cloud server. In the embodiment of the present invention, the sending end only represents a party of data interaction, and does not represent that the sending end only has a function of sending data, and when the electronic device sends a data packet to the sending end (for example, a user terminal or a cloud server), the sending end has functions of receiving data and analyzing data. The first data message may be any data message sent by the user terminal during an interaction process with the electronic device. The first data packet may be a data packet encapsulated according to a preset composition format. The first data message at least carries encrypted ciphertext information fields, and the first data message is encrypted, so that the first data message has relative security. In the embodiment of the invention, the format of the data message can be completely consistent with that of the same electronic equipment, and the format of the data message interacted with a plurality of different electronic equipment can also be the same, so that the communication can be unified and compatible.
Step S102, judging whether the first data message is abnormal.
After receiving the first data packet, the electronic device needs to determine whether the first data packet is abnormal. A data packet anomaly may refer to a loss of data, or an error. Since the data packets need to be processed by analog-to-digital conversion and the like in the communication process, and then are affected by various factors such as transmission signals, speed and the like, the data is lost or disordered, so that the data packets transmitted to the destination are different from the original data packets, and the electronic device cannot analyze correct data. In the embodiment of the invention, the integrity of the first data message can be verified through integrity check, so that whether the first data message is abnormal or not is determined.
In an optional implementation manner, the data packet received or sent by the electronic device may carry a check field, where the check field may be used to check the integrity and validity of the transmitted service data. Specifically, the determining whether the first data packet is abnormal includes: checking the first data message; and when the first data message is not verified, the first data message is abnormal. When the first data message passes the verification, subsequent decryption and other processing can be carried out, and data interaction is completed.
In the embodiment of the present invention, the check method may adopt a cyclic redundancy check code (CRC), which is a commonly used check code with error detection and correction capabilities. Cyclic redundancy check codes are commonly used for data checking in synchronous communication between external memories and computers. Parity check codes and hamming check codes both use parity detection as means for error detection and correction (parity check codes do not have error correction capability), while cyclic redundancy check establishes the agreed relationship between data bits and check bits through some mathematical operation. The Check method may also employ a Longitudinal Redundancy Check (LRC), which is an error detection method that generates Check bits from a specific bit string on a Longitudinal channel. In a row and column format (e.g., in tape), the LRC is often used with the VRC, which checks the code for each character.
It should be noted that, in the embodiment of the present invention, the specific judgment on the data packet exception may also adopt other forms, for example, directly decrypt the data, and when decryption fails, the first data packet exception may be determined. The invention is not limited to the data message abnormality judgment by the checking mode, and is not limited to the mode for checking the data message.
Step S103, when the first data packet is abnormal, sending a second data packet to the sending end, where the second data packet is in the same format as the first data packet, and the second data packet carries an unencrypted ciphertext information field.
In the embodiment of the present invention, in order to ensure the interchangeability between the two parties, the data packet (i.e., the first data packet) sent by the sending end and the data packet (i.e., the second data packet) sent by the electronic device have the same format, and the same communication protocol is used for the interaction. The first data message and the second data message both include ciphertext information fields for writing corresponding service data, but data in the ciphertext information fields may or may not be encrypted, which may be selected reasonably according to the security level of the transmitted data in the interaction process. Of course, encryption can be divided into simple encryption and complex encryption, and different encryption strategies are selected for different security levels. The security level can be determined by identifying the data type in the actual interaction process according to the corresponding relation between the data to be transmitted and the security level in advance, and then a corresponding encryption mode is selected.
And when the first data message is determined to be abnormal, the electronic equipment sends a second data message to the sending end to request the sending end to resend the first data message. Compared with the prior art, when the electronic equipment receives the abnormal data message, the electronic equipment can send a data message to the sending end so that the sending end can resend the previous data message, thereby achieving effective feedback to the user side, avoiding the problem that the user side does not receive subsequent feedback of any electronic equipment after sending the interactive instruction, and greatly improving the user experience. Meanwhile, in the embodiment of the invention, because the first data message is abnormal and the second data message only requests the sending end to send the message data again, the security level of the data is lower, and encryption is not needed, therefore, the second data message carries the ciphertext information field which is not encrypted, after the sending end receives the second data message, the sending end can obtain the corresponding information without operations such as decryption, and the interaction efficiency between the sending end and the electronic equipment is improved.
On the other hand, when the first data message is abnormal and the electronic device cannot inquire the key corresponding to the user, the second data message does not need to be encrypted, so that the second data message can be sent to the sending end even if the corresponding key is unknown, and the first data message retransmitted by the sending end can be obtained.
According to the embodiment of the invention, after receiving the data message carrying the encrypted ciphertext information field, the electronic equipment performs abnormity judgment on the data message, and when the abnormity occurs, the electronic equipment can send the data message carrying the unencrypted ciphertext information field to the sending end for requesting the sending end to resend the data message, so that the information security can be improved when the sending end sends the encrypted data message, and when the resending is requested, the sending end sends the unencrypted data message, so that the link of decrypting the data without the security requirement can be omitted, the efficiency in the interactive process is improved, meanwhile, the abnormal data is timely fed back, the resending of the data is requested, the information feedback to the user side can be provided, and the user experience is improved.
As an optional implementation manner, in the embodiment of the present invention, each of the first data packet and the second data packet includes an encryption method field for representing an encryption rule of a ciphertext information field, and first identification information for representing encryption of the ciphertext information field is written in the encryption method field of the first data packet; and second identification information for indicating that the ciphertext information field is not encrypted is written in the encryption method field of the second data message.
The data packet of the embodiment of the present invention also carries an encryption method field, and the field is mainly used for writing the encryption method adopted by the data packet. The encryption method described herein may be identification of an encryption rule, that is, the first identification information and the second identification information, for example, 0001 indicates no encryption, 0010 indicates simple encryption, 0100 indicates complex encryption, etc., and the form of specific identification information is not limited. After the data receiver receives the data, the information of the field of the encryption method is read, so that the encryption rule adopted by the received data message can be determined, and then the data is decrypted by adopting a corresponding decryption method.
Further optionally, in the embodiment of the present invention, when data is sent, whether the data is sent by the electronic device, the user terminal, or the cloud server, the security level of the service data to be sent may be determined, and then the corresponding encryption rule is determined. When the data message is packaged, the identification information (first identification information or second identification information) corresponding to the determined encryption rule is written into the field of the encryption method, and then the data message is packaged with other fields to form a data message and sent to an opposite terminal.
Specifically, in this embodiment of the present invention, sending, to the sending end, a second data packet for requesting to resend the first data packet may include: the electronic equipment acquires service data needing to be sent to a sending end; and judging the security level of the service data, writing the unencrypted identification information into the encryption method field when the security level of the service data is determined to be the lowest level, and encapsulating the service data to obtain the second data message.
In the embodiment of the invention, a plurality of encryption rules are supported, including no encryption, simple encryption, high-security encryption (complex encryption) and the like. The message encryption mode is more flexible and is mainly used for different scene requirements:
the non-encryption is used for reporting the general non-sensitive information, the non-encryption can improve the processing speed of the equipment and the server and the information reply when the decryption is not matched, and the opposite equipment can clearly know the reason of the failure.
Simple encryption is used for inquiring and reporting communication non-sensitive information, partial equipment information can be obtained under the condition that the master equipment does not need to request an equipment key, and the message cannot be easily cracked (although the key is universal, a third party does not know).
The high-security encryption refers to encryption and decryption by using a master key or a user key, and a specific rule needs to be analyzed together with a user ID.
The embodiment of the invention supports various encryption modes, ensures the communication safety and improves the interaction efficiency.
Optionally, the first data packet of the embodiment of the present invention further includes a plaintext information field, where the plaintext information field includes the encryption method field and a user identification field, and the user identification field queries a key corresponding to a user identification.
Specifically, the data message of the embodiment of the present invention includes the following components:
Header plaintext information Ciphertext information Verification
1. The Header is an identifier of the start of data, and is used for quickly finding the start address of the message.
2. The plaintext information includes at least:
length of User ID Protocol version information Encryption method
The user ID is used to identify the user identity, and may be a number, and may be a serial number, which is used to prompt the device which key to use for encryption and decryption.
The protocol version information is used for representing the version number of the protocol and is used for upgrading the protocol, so that the software compatibility can be improved.
The encryption method represents the encryption rules used by the message, including no encryption, simple encryption (a common encryption rule, for example, all devices share one encryption key), and high-security encryption.
3. The ciphertext information at least comprises:
serial number Time stamp Instruction ID Payload Verification
The serial number is used for identifying the serial number of communication in the communication process, does not carry out accumulation operation once, and can be used for carrying out deduplication processing in the communication process.
The timestamp is network time, and can be used for timing service, and can also be combined with the sequence number to perform deduplication operation.
The instruction ID, each communication can be understood as an instruction, and the instruction ID is used to distinguish the purpose of the communication.
Payload varies according to the instruction ID, and data analysis is performed according to the instruction ID. In the embodiment of the invention, Payload is positioned in the ciphertext information, and when the ciphertext information is encrypted, the effect is equivalent to the signature verification of the service data, so that the service data does not need to be decrypted for the second time, the processing flow is reduced, and the interaction efficiency is improved.
And the check (namely the ciphertext check field) is used for checking after the data are decrypted, if the check is passed, the decryption result is correct, the data are legal, and otherwise, the data are discarded.
4. Checking: the commonly used checking method mainly comprises CRC \ LRC and the like.
Optionally, as described above, in the embodiment of the present invention, the ciphertext information field further includes a ciphertext check field, which is used to check the decryption result; after decryption succeeds, the data communication method further comprises the following steps: verifying the decryption result by using the ciphertext verification field; and when the decryption result passes the verification, determining that the decryption result is legal.
In the embodiment of the invention, after the ciphertext information is successfully decrypted, the validity is verified, that is, in the embodiment of the invention, the data message is verified once, and then the decryption result is verified again, so that the correctness of the data can be fully ensured, and the abnormal interaction is avoided.
As an optional implementation manner, in an embodiment of the present invention, one user identifier corresponds to at least one key,
at present, electronic devices in mainstream have a built-in key for encrypting and decrypting data. However, in some scenarios, one device may have multiple users, and it may be necessary to isolate data, and it is not desirable that data of a certain user is decrypted by other users, so as to ensure security. In order to ensure the security sufficiently, the electronic device may embed a master key (user ID is 0 or other unique ID) in the electronic device when it leaves the factory, and the key is only stored in the device and server database. And when a new user is added, generating an instruction for adding the user by using the master key, and storing the user ID and the corresponding user key in a local storage medium of the electronic equipment after the electronic equipment receives the instruction. When a user wants to communicate with the electronic equipment, the user uses the secret key corresponding to the ID of the user to encrypt data, the equipment searches the secret key corresponding to the ID in a table look-up mode after receiving the data and decrypts the data and replies the data, and the replied data is encrypted by using the secret key corresponding to the ID.
On the other hand, when the user has a plurality of user terminals, a key is generated according to the unique identifier of each user terminal, and a plurality of keys corresponding to the plurality of user terminals one to one are obtained. A user ID may also correspond to a plurality of different user keys, for example, a user has a plurality of mobile phones, and the plurality of mobile phones may all operate the same electronic device.
One user may also have multiple devices at the same time, and the keys corresponding to the devices of the user should be different, so as to prevent the confusion of data transmission and reception. For the case where one user has a plurality of user terminals, the key may be generated by: acquiring a user identifier, a unique identifier of a user terminal, a mobile phone signal value at the application moment, mobile phone positioning information at the application moment, delay between a server and the user terminal and application time; and generating a secret key corresponding to the user terminal by using a preset algorithm by taking the user identifier, the unique identifier of the user terminal, the mobile phone signal value at the application moment, the mobile phone positioning information at the application moment, the delay between the server and the user terminal and the application time as seeds.
The generation logic of the user key may be algorithm randomly generated or may be based on a fixed rule algorithm. The current fixed rule is: the method comprises the steps that the account number of a user, the IMEI number of a mobile phone, the signal value RSSI of the mobile phone at the application time, the current positioning information of the mobile phone of the user, the current delay (Ping) between a server and the mobile phone, and the application time (accurate to millisecond) are used as random number seeds, and a fixed secret key is generated through an algorithm, so that any user can apply at any time, and the generated user secret keys are different.
For the embodiment of the present invention, in view of the situation that a user ID corresponds to multiple keys, in the above embodiment, when the first data packet is normal, all keys corresponding to the user identifier are locally queried; and sequentially decrypting the ciphertext information fields in the first data message by using the inquired secret keys until the decryption is successful, and caching the secret keys which are successfully decrypted. After receiving the message, the electronic device needs to traverse the local database, find out all the user keys to decrypt in sequence until the decryption is successful, cache the parameters, and preferentially use the keys to encrypt and decrypt the message when receiving and transmitting the data next time.
An embodiment of the present invention further provides a data communication device, where the data communication device may be used in an electronic device in an internet of things, as shown in fig. 2, the data communication device includes:
the receiving module 201 is configured to receive a first data packet sent by a sending end, where the first data packet carries an encrypted ciphertext information field.
The determining module 202 is configured to determine whether the first data packet is abnormal.
A sending module 203, configured to send, to the sending end, a second data packet for requesting to resend the first data packet when the first data packet is abnormal, where the second data packet has a format the same as that of the first data packet, and the second data packet carries an unencrypted ciphertext information field.
According to the embodiment of the invention, after receiving the data message carrying the encrypted ciphertext information field, the electronic equipment performs abnormity judgment on the data message, and when the abnormity occurs, the electronic equipment can send the data message carrying the unencrypted ciphertext information field to the sending end for requesting the sending end to resend the data message, so that the information security can be improved when the sending end sends the encrypted data message, and when the resending is requested, the sending end sends the unencrypted data message, so that the link of decrypting the data without the security requirement can be omitted, the efficiency in the interactive process is improved, meanwhile, the abnormal data is timely fed back, the resending of the data is requested, the information feedback to the user side can be provided, and the user experience is improved.
As an optional implementation manner, in the embodiment of the present invention, each of the first data packet and the second data packet includes an encryption method field for representing an encryption rule of a ciphertext information field, and first identification information for representing encryption of the ciphertext information field is written in the encryption method field of the first data packet; and second identification information for indicating that the ciphertext information field is not encrypted is written in the encryption method field of the second data message.
As an optional implementation manner, in an embodiment of the present invention, the first data packet further includes a plaintext information field, where the plaintext information field includes the encryption method field and a user identification field, and the user identification field queries a key corresponding to a user identification.
As an optional implementation manner, in the embodiment of the present invention, one user identifier corresponds to at least one key, and when the user has multiple user terminals, one key is generated according to a unique identifier of each user terminal, so as to obtain multiple keys in one-to-one correspondence with the multiple user terminals.
As an alternative implementation, in the embodiment of the present invention, the key is generated by the following steps:
acquiring a user identifier, a unique identifier of a user terminal, a mobile phone signal value at the application moment, mobile phone positioning information at the application moment, delay between a server and the user terminal and application time;
and generating a secret key corresponding to the user terminal by using a preset algorithm by taking the user identifier, the unique identifier of the user terminal, the mobile phone signal value at the application moment, the mobile phone positioning information at the application moment, the delay between the server and the user terminal and the application time as seeds.
As an optional implementation manner, in an embodiment of the present invention, the data communication apparatus further includes:
the query module is used for locally querying all secret keys corresponding to the user identification when the first data message is normal;
and the decryption module is used for sequentially decrypting the ciphertext information fields in the first data message by using the inquired secret keys until the decryption is successful, and caching the successfully decrypted secret keys.
As an optional implementation manner, in the embodiment of the present invention, the ciphertext information field further includes a ciphertext check field, which is used to check a decryption result; wherein the data communication apparatus further comprises:
the ciphertext verification module is used for verifying the decryption result by using the ciphertext verification field after the decryption is successful; and the determining module is used for determining that the decryption result is legal when the decryption result passes the verification.
As an optional implementation manner, in an embodiment of the present invention, the determining includes: the checking unit is used for checking the first data message; and the determining unit is used for determining that the first data message is abnormal when the first data message does not pass the verification.
In an embodiment of the present invention, an electronic device is further provided, and an internal structure diagram of the electronic device may be as shown in fig. 3. The electronic device comprises a processor, a memory and a network interface which are connected through a system bus. Wherein the processor of the electronic device is configured to provide computing and control capabilities. The memory of the electronic equipment comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The network interface of the electronic device is used for connecting and communicating with an external electronic device through a network. The computer program is executed by a processor to implement a data communication method. The electronic equipment can also comprise a display screen and an input device, wherein the display screen can be a liquid crystal display screen or an electronic ink display screen, and the input device of the electronic equipment can be a touch layer covered on the display screen or a key, a track ball or a touch pad and the like arranged on the shell of the electronic equipment.
On the other hand, the electronic device may not include a display screen and an input device, and those skilled in the art will understand that the structure shown in fig. 3 is only a block diagram of a part of the structure related to the present application, and does not constitute a limitation to the electronic device to which the present application is applied, and a specific electronic device may include more or less components than those shown in the figure, or combine some components, or have a different arrangement of components.
In one embodiment, an electronic device is provided that includes at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor, the instructions being executable by the at least one processor to perform the steps of:
receiving a first data message sent by a sending end, wherein the first data message carries an encrypted ciphertext information field;
judging whether the first data message is abnormal or not;
and when the first data message is abnormal, sending a second data message for requesting to resend the first data message to the sending end, wherein the second data message has the same format as the first data message, and the second data message carries an unencrypted ciphertext information field.
In one embodiment, a readable storage medium is provided, the computer readable storage medium having stored thereon computer instructions for causing the computer to perform:
receiving a first data message sent by a sending end, wherein the first data message carries an encrypted ciphertext information field;
judging whether the first data message is abnormal or not;
and when the first data message is abnormal, sending a second data message for requesting to resend the first data message to the sending end, wherein the second data message has the same format as the first data message, and the second data message carries an unencrypted ciphertext information field.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in the embodiments provided herein may include non-volatile and/or volatile memory, among others. Non-volatile memory can include read-only memory (ROM), Programmable ROM (PROM), Electrically Programmable ROM (EPROM), Electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), Dynamic RAM (DRAM), Synchronous DRAM (SDRAM), Double Data Rate SDRAM (DDRSDRAM), Enhanced SDRAM (ESDRAM), Synchronous Link DRAM (SLDRAM), Rambus Direct RAM (RDRAM), direct bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM).
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the present application. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.
The foregoing embodiments are merely illustrative of the principles and utilities of the present invention and are not intended to limit the invention. Any person skilled in the art can modify or change the above-mentioned embodiments without departing from the spirit and scope of the present invention. Accordingly, it is intended that all equivalent modifications or changes which can be made by those skilled in the art without departing from the spirit and technical spirit of the present invention be covered by the claims of the present invention.

Claims (11)

1. A data communication method is applied to an electronic device, and the data communication method comprises the following steps:
receiving a first data message sent by a sending end, wherein the first data message carries an encrypted ciphertext information field;
judging whether the first data message is abnormal or not;
and when the first data message is abnormal, sending a second data message for requesting to resend the first data message to the sending end, wherein the second data message has the same format as the first data message, and the second data message carries an unencrypted ciphertext information field.
2. The data communication method according to claim 1, wherein the first data packet and the second data packet each include an encryption method field for indicating an encryption rule of a ciphertext information field, the encryption method field of the first data packet being written with first identification information for indicating that the ciphertext information field is encrypted; and second identification information for indicating that the ciphertext information field is not encrypted is written in the encryption method field of the second data message.
3. The data communication method of claim 1, wherein the first data message further comprises a plaintext information field, wherein the plaintext information field comprises the encryption method field and a user identification field, and wherein the user identification field queries a key corresponding to a user identification.
4. The data communication method according to claim 3, wherein one user identifier corresponds to at least one key, and when the user has a plurality of user terminals, one key is generated according to the unique identifier of each user terminal, so as to obtain a plurality of keys in one-to-one correspondence with the plurality of user terminals.
5. The data communication method of claim 4, wherein the key is generated by:
acquiring a user identifier, a unique identifier of a user terminal, a mobile phone signal value at the application moment, mobile phone positioning information at the application moment, delay between a server and the user terminal and application time;
and generating a secret key corresponding to the user terminal by using a preset algorithm by taking the user identifier, the unique identifier of the user terminal, the mobile phone signal value at the application moment, the mobile phone positioning information at the application moment, the delay between the server and the user terminal and the application time as seeds.
6. The data communication method of claim 3, further comprising:
when the first data message is normal, all secret keys corresponding to the user identification are inquired from the local;
and sequentially decrypting the ciphertext information fields in the first data message by using the inquired secret keys until the decryption is successful, and caching the secret keys which are successfully decrypted.
7. The data communication method according to claim 6, wherein the ciphertext information field further comprises a ciphertext check field for checking a decryption result; after decryption succeeds, the data communication method further comprises the following steps:
verifying the decryption result by using the ciphertext verification field;
and when the decryption result passes the verification, determining that the decryption result is legal.
8. The data communication method according to claim 1, wherein the determining whether the first data packet is abnormal includes:
checking the first data message;
and when the first data message does not pass the verification, determining that the first data message is abnormal.
9. A data communication apparatus, comprising:
the receiving module is used for receiving a first data message sent by a sending end, wherein the first data message carries an encrypted ciphertext information field;
the judging module is used for judging whether the first data message is abnormal or not;
and the sending module is used for sending a second data message for requesting to resend the first data message to the sending end when the first data message is abnormal, wherein the second data message has the same format as the first data message, and the second data message carries an unencrypted ciphertext information field.
10. An electronic device, comprising: at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to perform the data communication method of any of claims 1-8.
11. A computer-readable storage medium storing computer instructions for causing a computer to perform the data communication method according to any one of claims 1 to 8.
CN202110151722.7A 2021-02-03 2021-02-03 Data communication method and device, electronic equipment and readable storage medium Active CN112995138B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110151722.7A CN112995138B (en) 2021-02-03 2021-02-03 Data communication method and device, electronic equipment and readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110151722.7A CN112995138B (en) 2021-02-03 2021-02-03 Data communication method and device, electronic equipment and readable storage medium

Publications (2)

Publication Number Publication Date
CN112995138A true CN112995138A (en) 2021-06-18
CN112995138B CN112995138B (en) 2022-12-27

Family

ID=76346627

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110151722.7A Active CN112995138B (en) 2021-02-03 2021-02-03 Data communication method and device, electronic equipment and readable storage medium

Country Status (1)

Country Link
CN (1) CN112995138B (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114095175A (en) * 2021-10-19 2022-02-25 网络通信与安全紫金山实验室 Data security method and device capable of gray level check and storage medium
CN114157492A (en) * 2021-12-02 2022-03-08 北京天融信网络安全技术有限公司 CAN bus intrusion detection method and device
CN114582151A (en) * 2022-01-21 2022-06-03 北京佰才邦技术股份有限公司 Signal lamp information distribution method, electronic device and storage medium
CN115665735A (en) * 2022-12-14 2023-01-31 尚禹河北电子科技股份有限公司 Data transmission method, device, system and storage medium

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040181679A1 (en) * 2003-03-13 2004-09-16 International Business Machines Corporation Secure database access through partial encryption
CN101645883A (en) * 2008-08-08 2010-02-10 比亚迪股份有限公司 Data transmitting method, a data sending method and a data receiving method
CN102017498A (en) * 2008-05-06 2011-04-13 阿尔卡特朗讯公司 Recovery of transmission errors
CN102281261A (en) * 2010-06-10 2011-12-14 杭州华三通信技术有限公司 Data transmission method, system and apparatus
CN107046531A (en) * 2017-03-06 2017-08-15 国网湖南省电力公司 The data processing method and system of the data access Power Information Network of monitoring terminal
CN107733590A (en) * 2017-11-28 2018-02-23 成都蓉威电子技术有限公司 The data transmission device and method of a kind of high-speed bus
CN108880753A (en) * 2018-06-20 2018-11-23 深圳无线电检测技术研究院 A kind of acquisition methods and system of grid equipment operation data
CN110505240A (en) * 2019-09-12 2019-11-26 山东浪潮人工智能研究院有限公司 One kind being based on server and client side's communication protocol implementation method
CN111600829A (en) * 2019-02-21 2020-08-28 杭州萤石软件有限公司 Secure communication method and system for Internet of things equipment
CN112217835A (en) * 2020-10-23 2021-01-12 中国工商银行股份有限公司 Message data processing method and device, server and terminal equipment

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040181679A1 (en) * 2003-03-13 2004-09-16 International Business Machines Corporation Secure database access through partial encryption
CN102017498A (en) * 2008-05-06 2011-04-13 阿尔卡特朗讯公司 Recovery of transmission errors
CN101645883A (en) * 2008-08-08 2010-02-10 比亚迪股份有限公司 Data transmitting method, a data sending method and a data receiving method
CN102281261A (en) * 2010-06-10 2011-12-14 杭州华三通信技术有限公司 Data transmission method, system and apparatus
CN107046531A (en) * 2017-03-06 2017-08-15 国网湖南省电力公司 The data processing method and system of the data access Power Information Network of monitoring terminal
CN107733590A (en) * 2017-11-28 2018-02-23 成都蓉威电子技术有限公司 The data transmission device and method of a kind of high-speed bus
CN108880753A (en) * 2018-06-20 2018-11-23 深圳无线电检测技术研究院 A kind of acquisition methods and system of grid equipment operation data
CN111600829A (en) * 2019-02-21 2020-08-28 杭州萤石软件有限公司 Secure communication method and system for Internet of things equipment
CN110505240A (en) * 2019-09-12 2019-11-26 山东浪潮人工智能研究院有限公司 One kind being based on server and client side's communication protocol implementation method
CN112217835A (en) * 2020-10-23 2021-01-12 中国工商银行股份有限公司 Message data processing method and device, server and terminal equipment

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114095175A (en) * 2021-10-19 2022-02-25 网络通信与安全紫金山实验室 Data security method and device capable of gray level check and storage medium
CN114095175B (en) * 2021-10-19 2024-03-26 网络通信与安全紫金山实验室 Gray-check-capable data confidentiality method, device and storage medium
CN114157492A (en) * 2021-12-02 2022-03-08 北京天融信网络安全技术有限公司 CAN bus intrusion detection method and device
CN114582151A (en) * 2022-01-21 2022-06-03 北京佰才邦技术股份有限公司 Signal lamp information distribution method, electronic device and storage medium
CN115665735A (en) * 2022-12-14 2023-01-31 尚禹河北电子科技股份有限公司 Data transmission method, device, system and storage medium

Also Published As

Publication number Publication date
CN112995138B (en) 2022-12-27

Similar Documents

Publication Publication Date Title
CN112995138B (en) Data communication method and device, electronic equipment and readable storage medium
CN110493197B (en) Login processing method and related equipment
CN107659406B (en) Resource operation method and device
CN108023874B (en) Single sign-on verification device and method and computer readable storage medium
CN110099064B (en) File processing method, device, equipment and storage medium based on Internet of things
CN108762791A (en) Firmware upgrade method and device
CN111107073B (en) Application automatic login method and device, computer equipment and storage medium
CN103036872B (en) The encryption and decryption method of transfer of data, equipment and system
CN105095696A (en) Method, system and apparatus for carrying out safety authentication on application programs
US11178122B2 (en) Data encryption and decryption method and system
CN111970109B (en) Data transmission method and system
WO2015003503A1 (en) Network device, terminal device and information security improving method
US20230224701A1 (en) Network connection method, terminal, device to be connected to network, and storage medium
CN114793184B (en) Security chip communication method and device based on third-party key management node
CN107959930B (en) Terminal access method and device, Lora server and Lora terminal
CN110581838B (en) Method for continuously requesting data stream, electronic device and computer equipment
CN113703911B (en) Virtual machine migration method, device, equipment and storage medium
WO2018076291A1 (en) Method and system for generating permission token, and device
CN112261002B (en) Data interface docking method and device
CN114095277A (en) Power distribution network secure communication method, secure access device and readable storage medium
CN113505353A (en) Authentication method, device, equipment and storage medium
CN112637307A (en) File updating method, system, computer device and storage medium
CN110636503B (en) Data encryption method, device, equipment and computer readable storage medium
CN108337083B (en) Method and device for generating secret key in automatic test process
CN109981666B (en) Access method, access system and access server

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant