CN113645209A - Vehicle end software encryption and decryption method and device based on white box - Google Patents

Vehicle end software encryption and decryption method and device based on white box Download PDF

Info

Publication number
CN113645209A
CN113645209A CN202110874577.5A CN202110874577A CN113645209A CN 113645209 A CN113645209 A CN 113645209A CN 202110874577 A CN202110874577 A CN 202110874577A CN 113645209 A CN113645209 A CN 113645209A
Authority
CN
China
Prior art keywords
data
key
sub
encrypted
ciphertext
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN202110874577.5A
Other languages
Chinese (zh)
Inventor
杨如昆
曹阳
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Sankuai Online Technology Co Ltd
Original Assignee
Beijing Sankuai Online Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Sankuai Online Technology Co Ltd filed Critical Beijing Sankuai Online Technology Co Ltd
Priority to CN202110874577.5A priority Critical patent/CN113645209A/en
Publication of CN113645209A publication Critical patent/CN113645209A/en
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/045Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • H04L9/0825Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/16Obfuscation or hiding, e.g. involving white box
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/84Vehicles

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Storage Device Security (AREA)

Abstract

The specification discloses a vehicle end software encryption and decryption method and device based on a white box, and relates to the field of completely unmanned driving and the field of auxiliary driving. And then. The ciphertext data can be sent to the setting device, so that the setting device decrypts the ciphertext data according to each sub-key to obtain decrypted data, wherein each sub-key operates on a pre-generated decryption key through a preset decomposition operation mode, and the decryption key is deleted after each sub-key is generated, so that the risk that others acquire the original decryption key can be avoided, and the data security is ensured.

Description

Vehicle end software encryption and decryption method and device based on white box
Technical Field
The specification relates to the technical field of computers, in particular to a vehicle end software encryption and decryption method and device based on a white box.
Background
At present, data security problem also needs to be paid attention to in the intelligent driving field, and in practical application, data transmission between service platform and the intelligent driving equipment to and the intelligent driving equipment can encrypt at the produced data of driving in-process self, thereby guarantee the safe traveling of intelligent driving equipment, and service platform's data security.
In the prior art, data can be encrypted and decrypted by a plaintext key, and the plaintext key is stored and stored so as to decrypt the data, for example, a service platform can encrypt the data before the data is sent to an intelligent driving device, and the intelligent driving device decrypts the data by using the key held by the intelligent driving device.
Therefore, how to ensure the data security of the intelligent driving device and the service platform is an urgent problem to be solved.
Disclosure of Invention
The present specification provides a method and an apparatus for encrypting and decrypting vehicle-end software based on white box, so as to partially solve the above problems in the prior art.
The technical scheme adopted by the specification is as follows:
the specification provides a vehicle end software encryption and decryption method based on a white box, which is applied to the field of intelligent driving and comprises the following steps:
acquiring data to be encrypted, wherein the data to be encrypted is used for data transmission in intelligent driving;
encrypting the data to be encrypted through a preset encryption algorithm to obtain ciphertext data;
and sending the ciphertext data to a setting device, so that the setting device decrypts the ciphertext data according to each sub-key to obtain decrypted data, and controls the intelligent driving device based on the decrypted data, wherein each sub-key is obtained by operating a pre-generated decryption key in a preset decomposition operation mode, and the decryption key is deleted after each sub-key is generated.
Optionally, encrypting the data to be encrypted through a preset encryption algorithm to obtain ciphertext data, specifically including:
when the data volume corresponding to the data to be encrypted is smaller than a first set data volume, encrypting the data to be encrypted through an asymmetric encryption algorithm according to a pre-generated public key to obtain ciphertext data;
sending the ciphertext data to a setting device, so that the setting device decrypts the ciphertext data according to each sub-secret key to obtain decrypted data, and the method specifically includes:
and sending the ciphertext data to a setting device, so that the setting device decrypts the ciphertext data according to each sub-secret key corresponding to the public key to obtain decrypted data, and each sub-secret key is obtained by operating the private key corresponding to the public key in the operation decomposition mode.
Optionally, encrypting the data to be encrypted through a preset encryption algorithm to obtain ciphertext data, specifically including:
encrypting the data to be encrypted according to a preset symmetric encryption algorithm by using a pre-generated symmetric key to obtain ciphertext data, and encrypting the symmetric key according to a preset asymmetric encryption algorithm by using a pre-generated public key to obtain a ciphertext key;
sending the ciphertext data to a setting device, so that the setting device decrypts the ciphertext data according to each sub-secret key to obtain decrypted data, and the method specifically includes:
and sending the ciphertext data and the ciphertext secret key to a setting device, so that the setting device decrypts the ciphertext secret key according to each sub secret key corresponding to the public key to obtain a plaintext secret key, and decrypts the ciphertext data according to the plaintext secret key to obtain decrypted data, wherein each sub secret key is obtained by operating the private key corresponding to the public key in the operation decomposition mode.
Optionally, before encrypting the data to be encrypted according to a preset symmetric encryption algorithm by using a pre-generated symmetric key to obtain ciphertext data and encrypting the symmetric key according to a preset asymmetric encryption algorithm by using a pre-generated public key to obtain a ciphertext key, the method further includes:
and determining that the data volume corresponding to the data to be encrypted is larger than a second set data volume.
Optionally, generating each sub-key specifically includes:
acquiring equipment parameters corresponding to the set equipment;
and under the condition that the equipment parameter is one sub-key corresponding to the decryption key, operating the decryption key according to the decomposition operation mode to obtain other sub-keys corresponding to the decryption key, and storing the other sub-keys in the setting equipment.
Optionally, the sending the ciphertext data to a setting device, so that the setting device decrypts the ciphertext data according to each sub-key to obtain decrypted data, specifically including:
sending the ciphertext data to a setting device, so that the setting device determines a device parameter corresponding to the setting device, and reads other prestored sub keys except the device parameter;
and decrypting the ciphertext data according to the equipment parameters and other sub-keys except the equipment parameters to obtain decrypted data.
Optionally, sending the ciphertext data to a setting device, so that the setting device decrypts the ciphertext data according to each sub-key, specifically including:
sending the ciphertext data to a setting device, so that the setting device determines a decryption sequence corresponding to each sub-key, decrypts the (N-1) th decrypted intermediate data through an Nth sub-key based on the decryption sequence to obtain Nth decrypted intermediate data, decrypts the Nth decrypted intermediate data through an (N + 1) th sub-key until decryption is completed through a last sub-key in the decryption sequence to obtain the decrypted data, and decrypts the ciphertext data through a first sub-key in the decryption sequence to obtain first decrypted intermediate data, wherein N is a positive integer.
Optionally, encrypting the data to be encrypted through a preset encryption algorithm to obtain ciphertext data, specifically including:
judging whether the security level corresponding to the data to be encrypted is within a preset security level range;
and if so, encrypting the data to be encrypted through a preset encryption algorithm to obtain ciphertext data.
This specification provides a car machine end software encryption and decryption device based on white box, includes:
the system comprises an acquisition module, a storage module and a processing module, wherein the acquisition module is used for acquiring data to be encrypted, and the data to be encrypted is used for data transmission in intelligent driving;
the encryption module encrypts the data to be encrypted through a preset encryption algorithm to obtain ciphertext data;
the sending module is used for sending the ciphertext data to the setting equipment so that the setting equipment decrypts the ciphertext data according to each sub-key to obtain decrypted data, and controls the intelligent driving equipment based on the decrypted data, wherein each sub-key is obtained by operating a pre-generated decryption key in a preset decomposition operation mode, and the decryption key is deleted after each sub-key is generated.
The present specification provides a computer-readable storage medium storing a computer program which, when executed by a processor, implements the white-box based vehicle-end software encryption and decryption method described above.
The specification provides an electronic device, which comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the processor executes the program to realize the white-box-based vehicle-end software encryption and decryption method.
The technical scheme adopted by the specification can achieve the following beneficial effects:
in the vehicle-end software encryption and decryption method and device based on the white box provided by the specification, data to be encrypted can be obtained first, and the data to be encrypted is encrypted through a preset encryption algorithm to obtain ciphertext data, wherein the encryption algorithm comprises at least one of an asymmetric encryption algorithm and a symmetric encryption algorithm. And then. The ciphertext data may be sent to a setting device, so that the setting device decrypts the ciphertext data according to each sub-key to obtain decrypted data, where each sub-key operates on a pre-generated decryption key through a preset decomposition operation, and after each sub-key is generated, the decryption key is deleted.
As can be seen from the above method, when decrypting data, the ciphertext data can be decrypted by using each sub-key obtained by performing a decomposition operation on the decryption key instead of decrypting with a conventional decryption key, and after each sub-key is generated, the conventional decryption key can be directly deleted, and only each sub-key is retained for decryption.
Drawings
The accompanying drawings, which are included to provide a further understanding of the specification and are incorporated in and constitute a part of this specification, illustrate embodiments of the specification and together with the description serve to explain the specification and not to limit the specification in a non-limiting sense. In the drawings:
FIG. 1 is a schematic flow chart of a white-box-based encryption and decryption method for vehicle-end software in this specification;
fig. 2 is a schematic flowchart of encrypting data to be encrypted only by an asymmetric encryption algorithm provided in this specification;
fig. 3 is a schematic flow chart of encrypting data to be encrypted by combining an asymmetric encryption algorithm with a symmetric encryption algorithm provided in this specification;
FIG. 4 is a schematic diagram of a white-box-based encryption and decryption apparatus for vehicle-end software;
fig. 5 is a schematic diagram of an electronic device corresponding to fig. 1 provided in the present specification.
Detailed Description
In order to make the objects, technical solutions and advantages of the present disclosure more clear, the technical solutions of the present disclosure will be clearly and completely described below with reference to the specific embodiments of the present disclosure and the accompanying drawings. It is to be understood that the embodiments described are only a few embodiments of the present disclosure, and not all embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments in the present specification without any creative effort belong to the protection scope of the present specification.
The technical solutions provided by the embodiments of the present description are described in detail below with reference to the accompanying drawings.
Fig. 1 is a schematic flow chart of a white-box-based vehicle-end software encryption and decryption method in this specification, including the following steps:
s101: and acquiring data to be encrypted, wherein the data to be encrypted is used for data transmission in intelligent driving.
S102: and encrypting the data to be encrypted through a preset encryption algorithm to obtain ciphertext data.
S103: and sending the ciphertext data to a setting device or storing the ciphertext data in the setting device, so that the setting device decrypts the ciphertext data according to each sub-key to obtain decrypted data, and controls the intelligent driving device based on the decrypted data, wherein each sub-key is obtained by operating a pre-generated decryption key in a preset decomposition operation mode, and the decryption key is deleted after each sub-key is generated.
In practical applications, when a service platform operating an intelligent driving device (e.g., an unmanned driving device, a vehicle with a driving assistance function, etc.) performs bidirectional data transmission with the intelligent driving device, data encryption is required, and some data generated locally by the intelligent driving device also needs to be encrypted, for example, a remote control instruction sent by the service platform to the intelligent driving device, and image, video data, etc. sent by the intelligent driving device to the service platform may be encrypted and then transmitted, and for example, a driving log generated locally by the intelligent driving device may also be encrypted and then stored. Thus, it is necessary to ensure that the encrypted data is not easily decrypted by an external person.
Therefore, in this specification, the execution subject that encrypts data may refer to a service platform, an intelligent driving device, or the like, and accordingly, the execution subject that decrypts data may refer to the execution subject itself that encrypts data, or a device to which the execution subject that encrypts data is transmitted, and therefore, the execution subject that decrypts data may also refer to a service platform, an intelligent driving device, or the like. Therefore, the setting device in this specification may be a device such as a server in the service platform, or may be an intelligent driving device.
Based on this, the service platform (or the intelligent driving device) may obtain data to be encrypted, and encrypt the data to be encrypted through a preset encryption algorithm to obtain ciphertext data, where the encryption algorithm may include at least one of an asymmetric encryption algorithm and a symmetric encryption algorithm. That is to say, the service platform may encrypt the decrypted data only through the asymmetric encryption algorithm, may encrypt the decrypted data only through the symmetric encryption algorithm, or may encrypt the data to be encrypted in a manner of combining the asymmetric encryption algorithm and the symmetric encryption algorithm. The data to be encrypted is used for data transmission in intelligent driving, and the data transmission mentioned here may include transmission between the intelligent driving device and the service platform, and also include data transmission at the internal software level of the intelligent driving device, for example, a log generated by the intelligent driving device itself is stored in the memory, and may also be understood as the data transmission indicated here.
In order to make it difficult for an external person to obtain a decryption key capable of directly decrypting ciphertext data, the service platform may determine, in advance, each sub-key corresponding to the decryption key (which may be a symmetric key or a private key in an asymmetric key), if the service platform sends the ciphertext data to a setting device (such as an intelligent driving device, or of course, an intelligent driving device sends the ciphertext data to the service platform, in which case the setting device may be a server in the service platform), the setting device may decrypt the ciphertext data through each sub-key to obtain decrypted data, and thereby control the intelligent driving device based on the decrypted data. The decrypted data can be image and video data collected by the intelligent driving equipment, the driving log of the intelligent driving equipment is recorded, and the service platform sends a control instruction to the intelligent driving equipment, so that the data can reflect more or less functions on the control of the intelligent driving equipment.
Of course, if the service platform or the intelligent driving device only needs to encrypt the data stored in the service platform or the intelligent driving device, the encrypted data is directly stored in the local, that is, the setting device (the intelligent driving device, the device in the service platform, or the like) encrypts the data to be encrypted and stores the ciphertext data in the local of the setting device, and the ciphertext data can be decrypted after the data to be encrypted is used in the subsequent process.
Since the decryption key is divided into the sub-keys, the way of decrypting the ciphertext data by directly using the decryption key is different from that of decrypting the ciphertext data by directly using the decryption key, when decryption is performed by using each sub-key, the setting device needs to determine a decryption order corresponding to each sub-key, and based on the decryption order, decrypts the N-1 th decrypted intermediate data by using the nth key to obtain the nth decrypted intermediate data, and decrypts the nth decrypted intermediate data by using the N +1 th sub-key until decryption is completed by using the last sub-key in the decryption order to obtain the decrypted data, and the ciphertext data is decrypted by using the first sub-key in the decryption order to obtain the first decrypted intermediate data, wherein N is a positive integer.
For example, dA is a decryption key, d1, d2, d3 and d4 are sub keys, respectively, and assuming that M is ciphertext data, first decryption intermediate data may be obtained by performing an operation on d1 and the ciphertext data, second decryption intermediate data may be obtained by performing an operation on the first decryption intermediate data and d2, third decryption intermediate data may be obtained by performing an operation on d3 and the second decryption intermediate data, and decrypted data may be obtained by performing an operation on the third decryption intermediate data and d4, that is, each sub key is operated during decryption, and thus, an original decryption key is not generated.
When each sub-key is predetermined, the decryption key can be operated in a preset decomposition operation mode to generate each sub-key, each sub-key is stored in the setting equipment for subsequent decryption, and after each sub-key is generated, the decryption key needs to be deleted, so that an external person cannot obtain the original decryption key, and when the encrypted data is decrypted by each sub-key subsequently, the encrypted data can be decrypted by each sub-key step by step, the original decryption key cannot appear in the decryption process, and therefore the external person cannot easily decrypt the encrypted data.
The decomposing operation mentioned here may be various, for example, a mathematical expression including each sub-key may be preset, that is, each sub-key is used as an unknown number in the mathematical expression, and each sub-key is obtained by targeting the decryption key as a result of the mathematical expression, and the data expression mentioned here may be preset, for example, (d1+ d2) d3+ d42Where d1 to d4 are each sub-keys, and dA is a key, dA is set as the mathematical expression. For another example, a plurality of values may be preset, and each sub-key is obtained by performing a remainder operation on each value through the decryption key, and since the decryption key is used for decrypting the ciphertext data, the decryption key is a private key in the asymmetric encryption algorithm.
If the data to be encrypted is encrypted only by the asymmetric encryption algorithm, a private key needs to be generated in advance, a public key corresponding to the private key is generated, the data to be encrypted is encrypted according to the asymmetric encryption algorithm through the public key, and ciphertext data is obtained. Therefore, after sending the ciphertext data to the setting device, the setting device may decrypt the ciphertext data according to each sub-key corresponding to the public key to obtain decrypted data, and each sub-key may be obtained by performing an operation on the private key corresponding to the public key through an operation decomposition method.
The above method is to encrypt the data to be encrypted by an asymmetric encryption method, which consumes more resources and time than a symmetric encryption method, so that when encrypting and decrypting by the above method, the above method can be adopted to encrypt and decrypt the data under the condition that the data amount corresponding to the data to be encrypted is smaller than the first set data amount. The first setting data amount may be set in advance, and the first setting data amount may be set to a small data amount.
The above mentioned mode is a process of encrypting and decrypting the data to be encrypted by the asymmetric encryption algorithm, and certainly, the data to be encrypted may be encrypted by the asymmetric encryption algorithm in combination with the symmetric encryption algorithm. Specifically, data to be encrypted can be encrypted according to a preset symmetric encryption algorithm through a pre-generated symmetric key to obtain ciphertext data, the symmetric key is encrypted according to a preset asymmetric encryption algorithm through a pre-generated public key to obtain a ciphertext key, then the ciphertext key and the ciphertext data are sent to a setting device, and when the setting device decrypts the ciphertext data, the ciphertext key can be decrypted according to sub-keys corresponding to the public key to obtain a plaintext key, and the ciphertext data is decrypted according to the plaintext key to obtain decrypted data. That is, the decryption key refers to the private key in this scheme, and each sub-key is obtained by performing a decomposition operation on the private key corresponding to the public key.
Because the symmetric key is encrypted by the asymmetric encryption algorithm, the method saves more computing resources and time compared with a method of directly encrypting data to be encrypted by the asymmetric encryption algorithm, so that the data to be encrypted can be encrypted by adopting a mode of combining the asymmetric encryption algorithm and the symmetric encryption algorithm on the premise that the data amount corresponding to the data to be encrypted is larger than the second set data amount, namely, if the data amount corresponding to the data to be encrypted is larger than the second set data amount, the data to be encrypted can be encrypted by the symmetric key and the symmetric encryption algorithm to obtain ciphertext data, and the symmetric key is encrypted by the public key according to the asymmetric encryption algorithm to obtain the ciphertext key, namely, before the data to be encrypted is encrypted by the symmetric key, whether the data amount corresponding to the data to be encrypted is larger than the second set data amount or not can be judged, and under the condition that the data volume corresponding to the data to be encrypted is larger than the second set data volume, encrypting the data to be encrypted by using the symmetric key, and encrypting the symmetric key by using the public key, wherein the second set data volume mentioned here can be preset according to actual requirements, and the second set data volume can be larger than the first set data volume.
It should be noted that, the setting device may refer to an intelligent driving device, and the intelligent driving device may encrypt and decrypt data by itself, where each sub-key required for decryption by the intelligent driving device may include device parameters of the intelligent driving device, and thus, for one intelligent driving device, each sub-key corresponding to the intelligent driving device is different from other intelligent driving devices, so that it is more difficult for an external person to decrypt the encrypted data.
Specifically, the service platform or the setting device itself may obtain a device parameter corresponding to the setting device, and obtain another sub-key corresponding to the decryption key after performing an operation on the key according to the above decomposition operation manner on the condition that the device parameter is one sub-key in the decryption key, so that each sub-key includes the device parameter, and store another sub-key except the device parameter in the setting device (each sub-key may be determined by the setting device itself, or may be determined by the service platform and sent to the setting device). The device parameter corresponding to the setting device may refer to a device identifier, an MAC address, and the like corresponding to the setting device (e.g., the smart driving device, the server), and therefore, only other sub-keys except the device parameter are stored, because the setting device may directly obtain the device parameter itself, and when decrypting, may directly obtain the device parameter and obtain other pre-stored sub-keys, so that decryption may be performed.
When each sub-key is determined in the above manner, one sub-key may be set as the device parameter, and then, in the above decomposition operation manner, the other sub-keys are used as unknown numbers to participate in the decomposition operation together with the device parameter, so as to obtain the other sub-keys. When a setting device (intelligent driving device) needs to decrypt ciphertext data, the device parameter corresponding to the setting device can be obtained, other pre-stored sub-keys except the device parameter are read, and the ciphertext data is decrypted according to the device parameter and the other sub-keys except the device parameter, so that decrypted data is obtained.
As can be seen from the above, by means of the way that the sub-key includes the device parameter, when ciphertext data needs to be decrypted, a setting device (e.g., a smart driving device) can directly read the device parameter of itself, and then combine with other sub-keys, so that the ciphertext data can be decrypted.
The unmanned equipment mentioned above may refer to equipment capable of realizing automatic driving, such as unmanned vehicles, unmanned aerial vehicles, automatic distribution equipment, and the like. Based on this, the vehicle-end software encryption and decryption based on the white box provided by the specification can be used for encrypting and decrypting data related to the unmanned device, so that the safety of the related data is ensured, and the unmanned device can be particularly applied to the field of delivery through intelligent driving equipment, such as business scenes of delivery, logistics, takeaway and the like by using the unmanned device.
It should be noted that the vehicle-end software encryption and decryption based on the white box in this specification may be applicable to data that needs certain security protection, but the data may not be data with the highest security level, and therefore, before the data to be encrypted is encrypted by the method, the security level corresponding to the data to be encrypted may be determined first, and the security level corresponding to the data to be encrypted is determined to be within a preset security level range, that is, it may be determined in advance whether the security level corresponding to the data to be encrypted is within a preset security level range, and if so, the data to be encrypted is encrypted by a preset encryption algorithm to obtain ciphertext data, and the security level range may be preset according to actual needs.
The above description is provided for each step of the method, and the white-box based vehicle-end software encryption and decryption method provided in this specification is described below by way of a complete example, as shown in fig. 2 and 3.
Fig. 2 is a schematic flowchart of encrypting data to be encrypted only by an asymmetric encryption algorithm provided in this specification.
As can be seen from fig. 2, in the process of encrypting data to be encrypted, the public key can be directly used for encryption to obtain ciphertext data, and in the decryption process, the ciphertext data can be decrypted by the device parameter and other sub-keys except for the device parameter, so as to obtain decrypted data, unlike the way of decryption by the original private key, the original private key is directly used for decryption by the private key and the decryption algorithm corresponding to the asymmetric encryption algorithm, and in the decryption process of the ciphertext data by each sub-key (including the device parameter), it is necessary to further and separately perform operations by each sub-key to obtain decrypted data, that is, assuming that there are 3 sub-keys, in the decryption process, the 1 st decrypted intermediate data can be determined according to the 1 st sub-key and the ciphertext data, and then determining the 2 nd decrypted intermediate data through the 2 nd sub-secret key and the 1 st intermediate data, and finally determining the decrypted data through the 3 rd sub-secret key and the 2 nd decrypted intermediate data.
Fig. 3 is a schematic flow chart of encrypting data to be encrypted by combining an asymmetric encryption algorithm and a symmetric encryption algorithm provided in this specification.
As can be seen from fig. 3, in the encryption process, after data to be encrypted is encrypted by the symmetric key, ciphertext data is obtained, and the symmetric key is encrypted by the public key, so as to obtain the ciphertext key. In the decryption process, the ciphertext secret key is decrypted through each sub secret key (including the equipment parameters) to obtain a plaintext secret key, the ciphertext data is decrypted through the plaintext secret key to obtain decrypted data, when the ciphertext secret key is decrypted through each sub secret key, the decryption mode of the ciphertext data through each sub secret key is the same as the decryption mode of the ciphertext data through each sub secret key, the ciphertext secret key is decrypted through a first sub secret key to obtain first decrypted intermediate data, then the second sub secret key is operated with the first decrypted intermediate data to obtain second decrypted intermediate data, and so on, the plaintext secret key is obtained through operation of the last sub secret key and the last decrypted intermediate data.
In the present specification, the asymmetric encryption algorithm and the symmetric encryption algorithm may use a common encryption algorithm, for example, the asymmetric encryption algorithm may use an SM4 algorithm, and the symmetric encryption algorithm may use an SM2 algorithm.
As can be seen from the above method, when decrypting data, the ciphertext data can be decrypted by not decrypting with a conventional decryption key, but with each sub-key obtained by performing a decomposition operation on the decryption key, and after each sub-key is generated, the conventional decryption key can be directly deleted, and only each sub-key is retained for decryption, so that an external person cannot obtain the conventional decryption key, and since the key used for decryption has changed, the manner of decrypting the ciphertext data with each sub-key is different from that of the conventional decryption key, that is, decryption with the conventional decryption key requires a decryption algorithm corresponding to the encryption algorithm, which is conventional, and more operations with each sub-key than the conventional decryption algorithm, therefore, even if the outsider obtains each sub-key, the ciphertext data cannot be decrypted by a conventional decryption algorithm.
Based on the same idea, the white-box-based encryption and decryption method for the vehicle-end software provided in one or more embodiments of the present specification further provides a corresponding white-box-based encryption and decryption device for the vehicle-end software, as shown in fig. 4.
Fig. 4 is a schematic diagram of a white-box-based vehicle-end software encryption and decryption apparatus provided in this specification, including:
the acquiring module 401 acquires data to be encrypted, wherein the data to be encrypted is used for data transmission in intelligent driving;
the encryption module 402 encrypts the data to be encrypted through a preset encryption algorithm to obtain ciphertext data;
the sending module 403 is configured to send the ciphertext data to a setting device, so that the setting device decrypts the ciphertext data according to each sub-key to obtain decrypted data, and controls the smart driving device based on the decrypted data, where each sub-key is obtained by performing operation on a pre-generated decryption key in a preset decomposition operation manner, and after each sub-key is generated, the decryption key is deleted.
Optionally, the encrypting module 402 is specifically configured to, when the data amount corresponding to the data to be encrypted is smaller than a first set data amount, encrypt the data to be encrypted by using an asymmetric encryption algorithm according to a pre-generated public key to obtain ciphertext data; the sending module 403 is specifically configured to send the ciphertext data to a setting device, so that the setting device decrypts the ciphertext data according to each sub-key corresponding to the public key to obtain decrypted data, and each sub-key is obtained by performing an operation on a private key corresponding to the public key through the operation decomposition method.
Optionally, the encryption module 402 is specifically configured to encrypt the data to be encrypted according to a preset symmetric encryption algorithm by using a pre-generated symmetric key to obtain ciphertext data, and encrypt the symmetric key according to a preset asymmetric encryption algorithm by using a pre-generated public key to obtain a ciphertext key; the sending module 403 is specifically configured to send the ciphertext data and the ciphertext key to a setting device, so that the setting device decrypts the ciphertext key according to each sub-key corresponding to the public key to obtain a plaintext key, and decrypts the ciphertext data according to the plaintext key to obtain decrypted data, where each sub-key is obtained by performing an operation on a private key corresponding to the public key through the operation decomposition method.
Optionally, the encryption module 402 is further configured to determine that a data amount corresponding to the data to be encrypted is greater than a second set data amount before encrypting the data to be encrypted according to a preset symmetric encryption algorithm by using a pre-generated symmetric key to obtain ciphertext data and encrypting the symmetric key according to a preset asymmetric encryption algorithm by using a pre-generated public key to obtain the ciphertext key.
Optionally, the apparatus further comprises:
a generating module 404, configured to obtain a device parameter corresponding to the set device; and under the condition that the equipment parameter is one sub-key corresponding to the decryption key, operating the decryption key according to the decomposition operation mode to obtain other sub-keys corresponding to the decryption key, and storing the other sub-keys in the setting equipment.
Optionally, the sending module 403 is specifically configured to send the ciphertext data to a setting device, so that the setting device determines a device parameter corresponding to the setting device, and reads a pre-stored sub-key except the device parameter; and decrypting the ciphertext data according to the equipment parameters and other sub-keys except the equipment parameters to obtain decrypted data.
Optionally, the sending module 403 is specifically configured to send the ciphertext data to a setting device, so that the setting device determines a decryption order corresponding to each sub-key, and based on the decryption order, decrypts the nth-1 st decrypted intermediate data by using an nth sub-key to obtain an nth decrypted intermediate data, and decrypts the nth decrypted intermediate data by using an N +1 th sub-key until decryption is completed by using a last sub-key in the decryption order, so as to obtain the decrypted data, where the ciphertext data is decrypted by using a first sub-key in the decryption order to obtain a first decrypted intermediate data, and N is a positive integer.
Optionally, the encryption module 402 is specifically configured to determine whether a security level corresponding to the data to be encrypted is within a preset security level range; and if so, encrypting the data to be encrypted through a preset encryption algorithm to obtain ciphertext data.
The present specification also provides a computer readable storage medium storing a computer program, which is operable to execute a white-box based vehicle-end software encryption and decryption method provided in fig. 1.
This specification also provides a schematic block diagram of an electronic device corresponding to that of figure 1, shown in figure 5. As shown in fig. 5, at the hardware level, the electronic device includes a processor, an internal bus, a network interface, a memory, and a non-volatile memory, but may also include hardware required for other services. The processor reads a corresponding computer program from the nonvolatile memory into the memory and then runs the computer program to implement the white-box based encryption and decryption method for the vehicle-side software described in fig. 1. Of course, besides the software implementation, the present specification does not exclude other implementations, such as logic devices or a combination of software and hardware, and the like, that is, the execution subject of the following processing flow is not limited to each logic unit, and may be hardware or logic devices.
In the 90 s of the 20 th century, improvements in a technology could clearly distinguish between improvements in hardware (e.g., improvements in circuit structures such as diodes, transistors, switches, etc.) and improvements in software (improvements in process flow). However, as technology advances, many of today's process flow improvements have been seen as direct improvements in hardware circuit architecture. Designers almost always obtain the corresponding hardware circuit structure by programming an improved method flow into the hardware circuit. Thus, it cannot be said that an improvement in the process flow cannot be realized by hardware physical modules. For example, a Programmable Logic Device (PLD), such as a Field Programmable Gate Array (FPGA), is an integrated circuit whose Logic functions are determined by programming the Device by a user. A digital system is "integrated" on a PLD by the designer's own programming without requiring the chip manufacturer to design and fabricate application-specific integrated circuit chips. Furthermore, nowadays, instead of manually making an Integrated Circuit chip, such Programming is often implemented by "logic compiler" software, which is similar to a software compiler used in program development and writing, but the original code before compiling is also written by a specific Programming Language, which is called Hardware Description Language (HDL), and HDL is not only one but many, such as abel (advanced Boolean Expression Language), ahdl (alternate Hardware Description Language), traffic, pl (core universal Programming Language), HDCal (jhdware Description Language), lang, Lola, HDL, laspam, hardward Description Language (vhr Description Language), vhal (Hardware Description Language), and vhigh-Language, which are currently used in most common. It will also be apparent to those skilled in the art that hardware circuitry that implements the logical method flows can be readily obtained by merely slightly programming the method flows into an integrated circuit using the hardware description languages described above.
The controller may be implemented in any suitable manner, for example, the controller may take the form of, for example, a microprocessor or processor and a computer-readable medium storing computer-readable program code (e.g., software or firmware) executable by the (micro) processor, logic gates, switches, an Application Specific Integrated Circuit (ASIC), a programmable logic controller, and an embedded microcontroller, examples of which include, but are not limited to, the following microcontrollers: ARC 625D, Atmel AT91SAM, Microchip PIC18F26K20, and Silicone Labs C8051F320, the memory controller may also be implemented as part of the control logic for the memory. Those skilled in the art will also appreciate that, in addition to implementing the controller as pure computer readable program code, the same functionality can be implemented by logically programming method steps such that the controller is in the form of logic gates, switches, application specific integrated circuits, programmable logic controllers, embedded microcontrollers and the like. Such a controller may thus be considered a hardware component, and the means included therein for performing the various functions may also be considered as a structure within the hardware component. Or even means for performing the functions may be regarded as being both a software module for performing the method and a structure within a hardware component.
The systems, devices, modules or units illustrated in the above embodiments may be implemented by a computer chip or an entity, or by a product with certain functions. One typical implementation device is a computer. In particular, the computer may be, for example, a personal computer, a laptop computer, a cellular telephone, a camera phone, a smartphone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or a combination of any of these devices.
For convenience of description, the above devices are described as being divided into various units by function, and are described separately. Of course, the functions of the various elements may be implemented in the same one or more software and/or hardware implementations of the present description.
As will be appreciated by one skilled in the art, embodiments of the present description may be provided as a method, system, or computer program product. Accordingly, the description may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the description may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The description has been presented with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the description. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
As will be appreciated by one skilled in the art, embodiments of the present description may be provided as a method, system, or computer program product. Accordingly, the description may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the description may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
This description may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The specification may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including memory storage devices.
The embodiments in the present specification are described in a progressive manner, and the same and similar parts among the embodiments are referred to each other, and each embodiment focuses on the differences from the other embodiments. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and for the relevant points, reference may be made to the partial description of the method embodiment.
The above description is only an example of the present specification, and is not intended to limit the present specification. Various modifications and alterations to this description will become apparent to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present specification should be included in the scope of the claims of the present specification.

Claims (11)

1. A vehicle end software encryption and decryption method based on a white box is characterized in that the method is applied to vehicle end software and comprises the following steps:
acquiring data to be encrypted, wherein the data to be encrypted is used for data transmission in intelligent driving;
encrypting the data to be encrypted through a preset encryption algorithm to obtain ciphertext data;
and sending the ciphertext data to a setting device, so that the setting device decrypts the ciphertext data according to each sub-key to obtain decrypted data, and controls the intelligent driving device based on the decrypted data, wherein each sub-key is obtained by operating a pre-generated decryption key in a preset decomposition operation mode, and the decryption key is deleted after each sub-key is generated.
2. The method of claim 1, wherein the encrypting the data to be encrypted by a preset encryption algorithm to obtain ciphertext data specifically comprises:
when the data volume corresponding to the data to be encrypted is smaller than a first set data volume, encrypting the data to be encrypted through an asymmetric encryption algorithm according to a pre-generated public key to obtain ciphertext data;
sending the ciphertext data to a setting device, so that the setting device decrypts the ciphertext data according to each sub-secret key to obtain decrypted data, and the method specifically includes:
and sending the ciphertext data to a setting device, so that the setting device decrypts the ciphertext data according to each sub-secret key corresponding to the public key to obtain decrypted data, and each sub-secret key is obtained by operating the private key corresponding to the public key in the operation decomposition mode.
3. The method of claim 1, wherein the encrypting the data to be encrypted by a preset encryption algorithm to obtain ciphertext data specifically comprises:
encrypting the data to be encrypted according to a preset symmetric encryption algorithm by using a pre-generated symmetric key to obtain ciphertext data, and encrypting the symmetric key according to a preset asymmetric encryption algorithm by using a pre-generated public key to obtain a ciphertext key;
sending the ciphertext data to a setting device, so that the setting device decrypts the ciphertext data according to each sub-secret key to obtain decrypted data, and the method specifically includes:
and sending the ciphertext data and the ciphertext secret key to a setting device, so that the setting device decrypts the ciphertext secret key according to each sub secret key corresponding to the public key to obtain a plaintext secret key, and decrypts the ciphertext data according to the plaintext secret key to obtain decrypted data, wherein each sub secret key is obtained by operating the private key corresponding to the public key in the operation decomposition mode.
4. The method according to claim 3, wherein before the data to be encrypted is encrypted according to a preset symmetric encryption algorithm by using a pre-generated symmetric key to obtain ciphertext data, and the symmetric key is encrypted according to a preset asymmetric encryption algorithm by using a pre-generated public key to obtain the ciphertext key, the method further comprises:
and determining that the data volume corresponding to the data to be encrypted is larger than a second set data volume.
5. The method of claim 1, wherein generating each sub-key comprises:
acquiring equipment parameters corresponding to the set equipment;
and under the condition that the equipment parameter is one sub-key corresponding to the decryption key, operating the decryption key according to the decomposition operation mode to obtain other sub-keys corresponding to the decryption key, and storing the other sub-keys in the setting equipment.
6. The method according to claim 5, wherein the sending the ciphertext data to a setting device, so that the setting device decrypts the ciphertext data according to each sub-key to obtain decrypted data, specifically includes:
sending the ciphertext data to a setting device, so that the setting device determines a device parameter corresponding to the setting device, and reads other prestored sub keys except the device parameter;
and decrypting the ciphertext data according to the equipment parameters and other sub-keys except the equipment parameters to obtain decrypted data.
7. The method according to claim 1 or 6, wherein sending the ciphertext data to a setting device, so that the setting device decrypts the ciphertext data according to each sub-key, specifically comprises:
sending the ciphertext data to a setting device, so that the setting device determines a decryption sequence corresponding to each sub-key, decrypts the (N-1) th decrypted intermediate data through an Nth sub-key based on the decryption sequence to obtain Nth decrypted intermediate data, decrypts the Nth decrypted intermediate data through an (N + 1) th sub-key until decryption is completed through a last sub-key in the decryption sequence to obtain the decrypted data, and decrypts the ciphertext data through a first sub-key in the decryption sequence to obtain first decrypted intermediate data, wherein N is a positive integer.
8. The method of claim 1, wherein the encrypting the data to be encrypted by a preset encryption algorithm to obtain ciphertext data specifically comprises:
judging whether the security level corresponding to the data to be encrypted is within a preset security level range;
and if so, encrypting the data to be encrypted through a preset encryption algorithm to obtain ciphertext data.
9. A vehicle end software encryption and decryption device based on a white box is characterized by comprising:
the system comprises an acquisition module, a storage module and a processing module, wherein the acquisition module is used for acquiring data to be encrypted, and the data to be encrypted is used for data transmission in intelligent driving;
the encryption module encrypts the data to be encrypted through a preset encryption algorithm to obtain ciphertext data;
the sending module is used for sending the ciphertext data to the setting equipment so that the setting equipment decrypts the ciphertext data according to each sub-key to obtain decrypted data, and controls the intelligent driving equipment based on the decrypted data, wherein each sub-key is obtained by operating a pre-generated decryption key in a preset decomposition operation mode, and the decryption key is deleted after each sub-key is generated.
10. A computer-readable storage medium, characterized in that the storage medium stores a computer program which, when executed by a processor, implements the method of any of the preceding claims 1 to 8.
11. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any of claims 1 to 8 when executing the program.
CN202110874577.5A 2021-07-30 2021-07-30 Vehicle end software encryption and decryption method and device based on white box Withdrawn CN113645209A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110874577.5A CN113645209A (en) 2021-07-30 2021-07-30 Vehicle end software encryption and decryption method and device based on white box

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110874577.5A CN113645209A (en) 2021-07-30 2021-07-30 Vehicle end software encryption and decryption method and device based on white box

Publications (1)

Publication Number Publication Date
CN113645209A true CN113645209A (en) 2021-11-12

Family

ID=78419171

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110874577.5A Withdrawn CN113645209A (en) 2021-07-30 2021-07-30 Vehicle end software encryption and decryption method and device based on white box

Country Status (1)

Country Link
CN (1) CN113645209A (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107612683A (en) * 2017-09-30 2018-01-19 上海众人网络安全技术有限公司 A kind of encipher-decipher method, device, system, equipment and storage medium
CN110213041A (en) * 2019-04-26 2019-09-06 五八有限公司 Data ciphering method, decryption method, device, electronic equipment and storage medium
CN110995420A (en) * 2019-11-27 2020-04-10 支付宝(杭州)信息技术有限公司 Data processing method and system
CN111448812A (en) * 2018-12-27 2020-07-24 深圳市大疆软件科技有限公司 Information transmission method, storage medium, information transmission system, and unmanned aerial vehicle
CN112235299A (en) * 2020-10-14 2021-01-15 杭州海康威视数字技术股份有限公司 Data encryption and decryption method, device, equipment, system and medium
CN112906037A (en) * 2021-03-26 2021-06-04 北京三快在线科技有限公司 Communication encryption system, method and device

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107612683A (en) * 2017-09-30 2018-01-19 上海众人网络安全技术有限公司 A kind of encipher-decipher method, device, system, equipment and storage medium
CN111448812A (en) * 2018-12-27 2020-07-24 深圳市大疆软件科技有限公司 Information transmission method, storage medium, information transmission system, and unmanned aerial vehicle
CN110213041A (en) * 2019-04-26 2019-09-06 五八有限公司 Data ciphering method, decryption method, device, electronic equipment and storage medium
CN110995420A (en) * 2019-11-27 2020-04-10 支付宝(杭州)信息技术有限公司 Data processing method and system
CN112235299A (en) * 2020-10-14 2021-01-15 杭州海康威视数字技术股份有限公司 Data encryption and decryption method, device, equipment, system and medium
CN112906037A (en) * 2021-03-26 2021-06-04 北京三快在线科技有限公司 Communication encryption system, method and device

Similar Documents

Publication Publication Date Title
CN108932297B (en) Data query method, data sharing method, device and equipment
CN111885024B (en) Login information processing method and equipment
CN108063756B (en) Key management method, device and equipment
CN112016120B (en) Event prediction method and device based on user privacy protection
CN109347629B (en) Secret key transmission method and system based on shared security application, storage medium and equipment
CN111741028B (en) Service processing method, device, equipment and system
CN111342966B (en) Data storage method, data recovery method, device and equipment
CN112906037A (en) Communication encryption system, method and device
CN109560933B (en) Authentication method and system based on digital certificate, storage medium and electronic equipment
CN113709696B (en) Vehicle remote control method and device, and key initialization method and device
CN113037764B (en) System, method and device for executing service
CN111538995A (en) Data storage method and device and electronic equipment
CN111934874A (en) Block chain-based data encryption and decryption method, equipment and medium
CN110866274A (en) Data fusion method, data fusion platform, data fusion system and data processing platform
CN111104693A (en) Android platform software data cracking method, terminal device and storage medium
CN113645209A (en) Vehicle end software encryption and decryption method and device based on white box
CN107463808B (en) Method for calling functional module integrated in operating system
CN113724482B (en) Radio frequency remote control method and device, storage medium and electronic equipment
CN110995447B (en) Data storage method, device, equipment and medium
CN115484301A (en) Data transmission method and device, storage medium and electronic equipment
CN111641499A (en) Block chain-based private key restoration method, device, equipment and medium
CN110516468B (en) Method and device for encrypting memory snapshot of virtual machine
CN108319872B (en) Method, device and equipment for generating closed container
CN110750800A (en) Data security processing method, device, equipment and storage medium
CN115550071B (en) Data processing method, device, storage medium and equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication
WW01 Invention patent application withdrawn after publication

Application publication date: 20211112