CN113726725A - Data encryption and decryption method and device, electronic equipment and storage medium - Google Patents
Data encryption and decryption method and device, electronic equipment and storage medium Download PDFInfo
- Publication number
- CN113726725A CN113726725A CN202011598550.XA CN202011598550A CN113726725A CN 113726725 A CN113726725 A CN 113726725A CN 202011598550 A CN202011598550 A CN 202011598550A CN 113726725 A CN113726725 A CN 113726725A
- Authority
- CN
- China
- Prior art keywords
- key
- data
- encryption
- decryption
- generated
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 82
- 230000004044 response Effects 0.000 claims description 15
- 238000004590 computer program Methods 0.000 claims description 10
- 238000012545 processing Methods 0.000 claims description 7
- 230000005540 biological transmission Effects 0.000 abstract description 24
- 230000006870 function Effects 0.000 description 15
- 238000010586 diagram Methods 0.000 description 9
- 230000008569 process Effects 0.000 description 9
- 238000004891 communication Methods 0.000 description 6
- 230000002457 bidirectional effect Effects 0.000 description 4
- 230000008878 coupling Effects 0.000 description 4
- 238000010168 coupling process Methods 0.000 description 4
- 238000005859 coupling reaction Methods 0.000 description 4
- 230000008901 benefit Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 241001441724 Tetraodontidae Species 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000004806 packaging method and process Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 239000013598 vector Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/045—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0822—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using key encryption key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a data encryption and decryption method, a device, electronic equipment and a storage medium, wherein the data encryption method comprises the step of executing data encryption at a client, and the data encryption step comprises the following steps: randomly generating a first key, and encrypting the first key by using a second key which is obtained in advance at a server end to obtain a third key; encrypting data to be encrypted by using the first key to obtain first encrypted data, and transmitting the first encrypted data and the third key to a server side; wherein the first key is generated using a symmetric encryption algorithm and the second key is generated using an asymmetric encryption algorithm. The invention adopts a mode of combining a symmetric encryption algorithm and an asymmetric encryption algorithm, and the encryption key of data transmission is randomly generated when the client runs, thereby realizing the security and the high efficiency of data encryption.
Description
Technical Field
The present invention relates to the field of data encryption technologies, and in particular, to a data encryption and decryption method and apparatus, an electronic device, and a storage medium.
Background
With the rapid development and popularization of networks, data transmitted on the networks grows in geometric progression. With increasing emphasis on privacy, security of data transmission is important. At present, the processing mode of transmitting data on the network by many applications is as follows: (1) without encryption, plaintext transmission is used; (2) the identity authentication information such as a login password and the like is encrypted by using a hashing mode such as MD5 (English: MD5 Message-Digest Algorithm, Chinese: MD5 information Digest Algorithm) and the like, and the rest is transmitted by using plaintext; (3) using symmetric encryption, the encrypted key is stored in the client after being encrypted; (4) asymmetric encryption is used.
If the data transmission is encrypted by using a symmetric algorithm, the key is easy to crack locally because the key is stored in the client, and the key is fixed and invariable because the data transmission uses the symmetric encryption, so that the key leakage is easy to occur, and the historical transmission data can be decrypted after the key leakage. If the data transmission is encrypted by using an asymmetric algorithm, the performance is poor, and bidirectional encryption cannot be performed.
Disclosure of Invention
The invention provides a data encryption and decryption method, a data encryption and decryption device, electronic equipment and a storage medium, which are used for solving the problems that in the prior art, data transmission is easy to leak due to the fact that a secret key is fixed and unchanged when symmetric encryption is used, and low performance and bidirectional encryption cannot be achieved when asymmetric encryption is used.
The invention provides a data encryption method, which comprises a step of executing data encryption at a client, wherein the data encryption step comprises the following steps:
randomly generating a first key, and encrypting the first key by using a second key which is obtained in advance at a server end to obtain a third key;
encrypting data to be encrypted by using the first key to obtain first encrypted data, and transmitting the first encrypted data and the third key to a server side;
wherein the first key is generated using a symmetric encryption algorithm and the second key is generated using an asymmetric encryption algorithm.
According to a data encryption method of the present invention, before the step of randomly generating the first key is performed, the method includes:
and acquiring the second key generated by the server, wherein the second key is stored in the server.
According to the data encryption method, the obtaining of the second key generated by the server side includes:
and acquiring the second key generated by the server side by using an asymmetric encryption algorithm (RSA), wherein the second key comprises a public key for encryption and a private key for decryption.
According to a data encryption method of the present invention, the randomly generating a first key includes:
before a client initiates a request each time, the first secret key is randomly generated by using a symmetric encryption algorithm AES;
and caching the first key at the client.
The invention provides a data decryption method, which comprises a step of executing data decryption at a server side, wherein the step of executing data decryption comprises the following steps:
decrypting the third key by using the second key to obtain a first key;
decrypting the first encrypted data by using the first key to obtain data to be encrypted;
the second key is generated at the server in advance, the first key is generated randomly before a client initiates a request, the third key is obtained by encrypting the first key by using the second key, and the first encrypted data is obtained by encrypting the required encrypted data by using the first key;
wherein the first key is generated using a symmetric encryption algorithm and the second key is generated using an asymmetric encryption algorithm.
According to the data decryption method, the second secret key is generated by using an asymmetric encryption algorithm (RSA), and comprises a public key for encryption and a private key for decryption; the first key is randomly generated using the symmetric encryption algorithm AES.
The invention provides a data encryption and decryption method, which comprises the steps of executing data encryption at a client side and/or executing data decryption at a server side, wherein,
the data encryption step comprises:
randomly generating a first key, and encrypting the first key by using a second key which is obtained in advance at a server end to obtain a third key;
encrypting data to be encrypted by using the first key to obtain first encrypted data, and transmitting the first encrypted data and the third key to a server side;
the data decryption step includes:
decrypting the third key by using the second key to obtain the first key;
decrypting the first encrypted data by using the first key to obtain the data to be encrypted;
wherein the first key is generated using a symmetric encryption algorithm and the second key is generated using an asymmetric encryption algorithm.
According to a data encryption and decryption method provided by the present invention, after the decrypting the encrypted data by using the first key to obtain the data to be encrypted, the method comprises:
receiving second encrypted data returned by the server, wherein the second encrypted data is obtained by processing request data initiated by the client by the server and encrypting the processed response data by using the first key;
decrypting the second encrypted data using the first key.
According to a data encryption and decryption method provided by the invention, before the step of randomly generating the first key is executed, the method comprises the following steps:
and acquiring the second key generated by the server, wherein the second key is stored in the server.
According to the data encryption and decryption method provided by the invention, the acquiring the second key generated by the server side comprises the following steps:
and acquiring the second key generated by the server side by using an asymmetric encryption algorithm (RSA), wherein the second key comprises a public key for encryption and a private key for decryption.
According to a data encryption and decryption method provided by the present invention, the randomly generating a first key includes:
before a client initiates a request each time, the first secret key is randomly generated by using a symmetric encryption algorithm AES;
and caching the first key at the client.
The invention provides a data encryption device, which comprises an encryption module for executing a data encryption step at a client, wherein the encryption module is used for randomly generating a first key, encrypting the first key by using a second key which is obtained in advance at a server end to obtain a third key, encrypting data to be encrypted by using the first key to obtain first encrypted data, and transmitting the first encrypted data and the third key to the server end; wherein the first key is generated using a symmetric encryption algorithm and the second key is generated using an asymmetric encryption algorithm.
According to the data encryption device, the second secret key is generated by using an asymmetric encryption algorithm (RSA), and comprises a public key for encryption and a private key for decryption; the first key is randomly generated using the symmetric encryption algorithm AES.
The invention provides a data decryption device, which comprises a decryption module for executing a data decryption step at a server side, wherein the decryption module is used for decrypting a third key by using a second key to obtain a first key and decrypting first encrypted data by using the first key to obtain data to be encrypted;
the second key is generated at the server in advance, the first key is generated randomly before a client initiates a request, the third key is obtained by encrypting the first key by using the second key, and the first encrypted data is obtained by encrypting the required encrypted data by using the first key;
wherein the first key is generated using a symmetric encryption algorithm and the second key is generated using an asymmetric encryption algorithm.
According to the data decryption device, the second secret key is generated by using an asymmetric encryption algorithm (RSA), and comprises a public key for encryption and a private key for decryption; the first key is randomly generated using the symmetric encryption algorithm AES.
The invention provides a data encryption and decryption device, which comprises an encryption module for executing data encryption step at a client side and/or a decryption module for executing data decryption step at a server side, wherein,
the encryption module is used for randomly generating a first key, encrypting the first key by using a second key which is obtained in advance at a server end to obtain a third key, encrypting data to be encrypted by using the first key to obtain first encrypted data, and transmitting the first encrypted data and the third key to the server end;
the decryption module is used for decrypting the third key by using the second key to obtain the first key and decrypting the first encrypted data by using the first key to obtain the data to be encrypted;
wherein the first key is generated using a symmetric encryption algorithm and the second key is generated using an asymmetric encryption algorithm.
The data encryption and decryption device provided by the invention further comprises:
and the encryption and decryption module is used for processing request data initiated by the client, encrypting the processed response data by using the first key to obtain second encrypted data, returning the second encrypted data to the client and decrypting the second encrypted data by using the first key.
The data encryption and decryption device provided by the invention further comprises:
and the second key generation module is used for generating the second key at the server side and storing the second key at the server side.
The invention also provides an electronic device, which comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the processor executes the program to realize the steps of the data encryption and decryption method.
The present invention also provides a non-transitory computer readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of the data encryption and decryption method as described in any one of the above.
The invention provides a data encryption and decryption method, a data encryption and decryption device, electronic equipment and a storage medium, which are used for solving the problems that in the prior art, data transmission is easy to leak due to the fact that a secret key is fixed and unchanged when the data transmission is carried out, and the problems that low performance and bidirectional encryption cannot be achieved when asymmetric encryption is adopted.
Drawings
In order to more clearly illustrate the technical solutions of the present invention or the prior art, the drawings needed for the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and those skilled in the art can also obtain other drawings according to the drawings without creative efforts.
FIG. 1 is a schematic flow chart of a data encryption method provided by the present invention;
FIG. 2 is a flow chart of a data decryption method provided by the present invention;
FIG. 3 is a flow chart of a data encryption and decryption method provided by the present invention;
FIG. 4 is a flow diagram of response data processing provided by the present invention;
FIG. 5 is a schematic flow chart of generating an RSA public key according to the present invention;
FIG. 6 is a schematic diagram of the RSA encryption and decryption process provided by the present invention;
FIG. 7 is a schematic flow chart of AES key generation provided by the present invention;
FIG. 8 is a schematic diagram of AES encryption and decryption process provided by the present invention
FIG. 9 is a timing diagram illustrating a data encryption/decryption method according to the present invention;
FIG. 10 is a schematic structural diagram of a data encryption/decryption apparatus provided in the present invention;
fig. 11 is a schematic structural diagram of an electronic device provided in the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention clearer, the technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings, and it is obvious that the described embodiments are some, but not all embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The terms "first," "second," and the like in the description and in the claims, and in the drawings described above, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It will be appreciated that the data so used may be interchanged under appropriate circumstances such that the embodiments described herein may be practiced otherwise than as specifically illustrated or described herein. Furthermore, the terms "comprise" and "have," and any variations thereof, are intended to cover non-exclusive inclusions, such that a process, method, system, article, or apparatus that comprises a list of steps or modules is not necessarily limited to those steps or modules expressly listed, but may include other steps or modules not expressly listed or inherent to such process, method, article, or apparatus, wherein the division into blocks presented herein is merely a logical division and may be implemented in a practical application in a different manner, such that multiple blocks may be combined or integrated into another system or some feature vectors may be omitted or not implemented, and such that mutual or direct coupling or communicative coupling between blocks shown or discussed may be through interfaces, and indirect coupling or communicative coupling between blocks may be electrical or other similar, the present invention is not limited to these examples. The modules or sub-modules described as separate parts may or may not be physically separated, may or may not be physical modules, or may be distributed in a plurality of circuit modules, and some or all of the modules may be selected according to actual needs to achieve the purpose of the present invention.
Data encryption means that plaintext is converted into ciphertext through an encryption algorithm and an encryption key, and decryption means that ciphertext is recovered into plaintext through a decryption algorithm and a decryption key, and the core of the data encryption is cryptography. Data encryption is still the most reliable way for computer systems to protect information. The information is encrypted by utilizing a cryptographic technology, so that the information is concealed, and the effect of protecting the safety of the information is achieved.
Common encryption algorithms can be classified into three categories, symmetric encryption algorithms, asymmetric encryption algorithms, and Hash algorithms. Among them, the common symmetric encryption algorithm: DES, 3DES, DESX, Blowfish, IDEA, RC4, RC5, RC6, and AES. Common asymmetric encryption algorithms: RSA, ECC (for mobile devices), Diffie-Hellman, El Gamal, DSA (for digital signatures). The common Hash algorithm: MD2, MD4, MD5, HAVAL, SHA-1, HMAC-MD5, HMAC-SHA 1.
The invention provides a data encryption and decryption method, a data encryption and decryption device, electronic equipment and a storage medium, which are used for solving the problems that in the prior art, data transmission is easy to leak due to the fact that a secret key is fixed and unchanged when symmetric encryption is used, and low performance and bidirectional encryption cannot be achieved when asymmetric encryption is used.
The following describes a data encryption and decryption method, apparatus, electronic device and storage medium provided by the present invention with reference to fig. 1 to 11.
Fig. 1 is a schematic flow chart of a data encryption method provided by the present invention, as shown in the figure. A data encryption method comprising performing a data encryption step at a client, the data encryption step comprising:
Optionally, the first key is randomly generated by using a symmetric encryption algorithm AES before the client initiates a request each time, and is cached at the client and called by subsequent encrypted data.
Optionally, the second key is generated by the server side in advance and stored at the server side.
Optionally, the second key is generated by the server side using an asymmetric encryption algorithm RSA, and the second key includes a public key for encryption and a private key for decryption.
And 102, encrypting data to be encrypted by using the first key to obtain first encrypted data, and transmitting the first encrypted data and the third key to a server.
Fig. 2 is a schematic flow chart of a data decryption method provided by the present invention, as shown in the figure. A data decryption method, comprising performing a data decryption step at a server side, the data decryption step comprising:
The second key is generated at the server in advance, the first key is generated randomly before a client initiates a request, the third key is obtained by encrypting the first key by using the second key, and the first encrypted data is obtained by encrypting the required encrypted data by using the first key.
Optionally, the second key is generated by using an asymmetric encryption algorithm RSA, and the second key includes a public key for encryption and a private key for decryption;
the first key is randomly generated using the symmetric encryption algorithm AES.
Fig. 3 is a schematic flow chart of a data encryption and decryption method provided by the present invention, as shown in the figure. A data encryption and decryption method comprises a data encryption step 310 performed at a client and/or a data decryption step 320 performed at a server, wherein,
the data encryption step 310 includes:
The data decryption step 320 includes:
In the data encryption and decryption method, the second key in data transmission is stored in the server, the first key is generated by the client when the client initiates a request each time, each client is different, and the first key is randomly changed when the client initiates a request each time, so that the security of data transmission is improved.
The data transmission comprises two parts, wherein one part is actually transmitted data, and first encrypted data is generated after the data transmission is encrypted by using a first key; the other part is a third key which is generated by encrypting the first key by using the second key.
The above steps of the present invention are described below.
Fig. 4 is a flow chart of response data processing provided by the present invention, as shown. After the decrypting of the encrypted data by using the first key is executed to obtain the data to be encrypted, the method comprises the following steps:
The above steps are data transmission of response data returned by a server to a client initiating a request, the data transmission only includes second encrypted data, the second encrypted data is encrypted by using the first key, and the first key is randomly generated by the client and is not stored in the server, so that the encryption keys of the response data returned each time are different, and the security of data transmission is improved.
Fig. 5 is a schematic flow chart of generating an RSA public key according to the present invention, as shown in the figure. Before the step of randomly generating the first key is executed, the method comprises the following steps:
Optionally, the second key is generated by using an asymmetric encryption algorithm RSA, and the second key includes a public key for encryption and a private key for decryption.
The rsa (rsaalgorithm) encryption algorithm consists of five parts:
(1) text (Message): the information to be encrypted can be numbers, characters, video, audio and the like, and is represented by M.
(2) Ciphertext (cipertext): the information obtained after encryption is denoted by C.
(3) Public Key (Public Key) and Private Key (Private Key), denoted PU and PR.
(4) Encryption algorithm (Encryption): if e (x) is an encryption algorithm, the encryption process may be understood as C ═ e (m), and a ciphertext is obtained according to the original text and the encryption algorithm.
(5) Decryption algorithm (Decryption): if d (x) is a decryption algorithm, the decryption process may be understood as M ═ d (c), and the original text is obtained according to the ciphertext and the decryption algorithm.
Assuming that the client and the server are to perform encrypted communication, the steps of RSA encrypting and decrypting information are as follows:
first, two different prime numbers p, q are randomly selected.
Secondly, p and q are multiplied by each other, and n is represented as p q.
Thirdly, an euler function ψ (n) of n is calculated, and the euler function proves that when p and q are prime numbers which are not the same, ψ (n) is (p-1) × (q-1).
Fourthly, randomly selecting an integer e, and meeting two conditions: ψ (n) is coprime to e, and 1< e < ψ (n).
Fifth, the modulo element d for ψ (n) is calculated e, that is to say one d is found which satisfies ed 1mod ψ (n). This equation is equivalent to ed-1 k ψ (n), which is actually an integer solution of (d, k) for the equation ed-k ψ (n) 1. This equation can be solved using an extended euclidean algorithm.
Sixthly, finally packaging (e, n) into a public key and (d, n) into a private key.
Optionally, the embodiment of the present invention may adopt an asymmetric encryption algorithm RSA-2048, where RSA-2048 has 617 decimal digits and total 2048bits, which is the largest RSA digit at present.
Fig. 6 is a schematic diagram of RSA encryption and decryption provided by the present invention, as shown in the figure. Sender
And encrypting the plaintext P by using a public key through an RSA encryption function to obtain a ciphertext C. And the receiver decrypts by using the private key through an RSA decryption function to obtain the plaintext P.
Fig. 7 is a schematic flowchart of the AES key generation provided in the present invention, and as shown in the figure, the randomly generating the first key includes:
step 601, before the client initiates a request each time, the first key is randomly generated by using a symmetric encryption algorithm AES.
In AES (english: Advanced Encryption Standard, chinese: Advanced Encryption Standard), the symmetric Encryption algorithm is the same cipher for Encryption and decryption, and the specific Encryption and decryption flow is shown in fig. 8:
(1) a sender:
and encrypting the plaintext P and the key K through an AES encryption function to obtain a ciphertext C for network transmission.
(2) The receiving side:
and decrypting the received ciphertext C through the key K by using an AES decryption function to obtain a plaintext P.
Here, the plaintext P refers to data that has not been encrypted.
The invention encrypts the key through an asymmetric encryption algorithm, and then transmits the key to the opposite side through a network or directly transmits the key to the face-to-face trading volume key. If the secret key is leaked, an attacker can restore the ciphertext and steal confidential data.
Wherein, the AES encryption function: assuming the AES encryption function is E, C is E (K, P), where P is plaintext, K is a secret key, and C is ciphertext. That is, the encryption function E outputs the ciphertext C by inputting the plaintext P and the key K as parameters of the encryption function.
The ciphertext C is data processed by the encryption function.
Wherein the AES decryption function: let AES decrypt function be D, then P ═ D (K, C), where C is ciphertext, K is secret key, and P is plaintext. That is, the ciphertext C and the key K are input as parameters of the decryption function, and the decryption function outputs the plaintext P.
AES is a block cipher that divides the plaintext into groups of equal length, and encrypts one set of data at a time until the entire plaintext is encrypted. In the AES standard specification, the packet length can only be 128 bits, that is, 16 bytes per packet (8 bits per byte). The length of the key may use 128 bits, 192 bits, or 256 bits. The length of the key is different, and the number of encryption rounds is also different, such as AES-128, the length of the key is 128 bits, and the number of encryption rounds is 10 rounds; AES-256, the key length is 128, and the number of encryption rounds is 14.
It should be noted that, the keys used for encryption and decryption of the symmetric encryption algorithm are the same, and the encryption method has very high encryption speed and is suitable for occasions where data is often sent, and the defect is that the transmission of the keys is relatively troublesome. The keys for encryption and decryption of the asymmetric encryption algorithm are different, and the encryption mode is constructed by using a problem which is difficult to solve mathematically, so that the encryption and decryption speed is low generally, the method is suitable for occasions which send data occasionally, and the method has the advantage of convenient key transmission.
The data encryption and decryption method adopts a mode of combining a symmetric encryption algorithm and an asymmetric encryption algorithm for encryption, namely, a key of a symmetric AES algorithm is encrypted through an asymmetric RSA algorithm and transmitted to a receiving party, the receiving party decrypts to obtain the AES key, and then the transmitting party and the receiving party communicate by using the AES key.
Optionally, in data transmission, in order to ensure the integrity and security of data, the invention uses a combination of an asymmetric RSA-2048 algorithm and a symmetric AES-256 algorithm, and includes the following steps:
first, a random AES-256key is generated.
Second, the SHA-256 digest of the file plaintext is computed.
Third, the file is encrypted using AES-256.
Fourthly, carrying out a front operation on the encrypted file. The method comprises the following steps: (1) encrypting the AES-256key by using the RSA-2048 public key of the receiver to ensure that only the specified receiver can recover the corresponding AES-256 key; (2) SHA-256 digest, which the recipient may use to determine to confirm that the received decrypted file is correct.
Fig. 9 is a timing chart of the data encryption and decryption method provided by the present invention, as shown in the figure. The data encryption and decryption method comprises the following steps:
step 1, a client requests a server to obtain an RSA public key from the server, wherein the RSA public key is generated in advance by the server and is stored in the server.
And 2, the server returns the RSA public key to the client, and the client receives the RSA public key sent by the server and temporarily stores the RSA public key to be called when the RSA public key is subsequently encrypted.
And 3, randomly generating a group of AES keys by the client when the client initiates a request, and temporarily storing the AES keys in the client to be called by a subsequent decryption step.
And 4, encrypting the AES key by the client by using the RSA public key to obtain a key encryptedKey.
And step 5, the client encrypts the transmitted data by using the AES key to obtain first encrypted data encryptedData 1.
Optionally, the sequence of the step 4 and the step 5 may be exchanged, which does not affect the implementation of the data encryption and decryption method of the present invention.
And 6, the client sends the key encryptedKey and the first encrypted data encryptedData1 to the server together according to the agreed format.
And step 7, after the server receives the key encryptedKey and the first encrypted data encryptedData1, the server decrypts the key encryptedKey by using an RSA private key to obtain the AES key.
And 8, the server side decrypts the first encrypted data encryptedData1 by using the AES key in the step 7 to obtain plaintext data.
And 9, after the server side processes the request book sent by the client side, encrypting the response data returned to the client side by using the AES key in the step 7 to obtain second encrypted data encryptedData 2.
In step 10, the server side returns the second encrypted data encryptedData2 to the client side.
In step 11, the client decrypts the second encrypted data encryptedData2 returned by the server by using the AES key generated in step 3.
And (3) finishing the interactive request between the client and the server, and repeatedly executing the step 3 to the step 11 when the client sends a request to the server next time.
Therefore, the data encryption and decryption method does not store the encryption key at the client, but randomly generates the encryption key every time when a request is initiated, and combines the performance of data encryption and the security of data transmission by using a mode of combining a symmetric encryption algorithm and an asymmetric encryption algorithm.
The following describes the data encryption and decryption apparatus provided by the present invention, and the data encryption and decryption apparatus described below and the data encryption and decryption method described above may be referred to correspondingly.
Fig. 10 is a schematic structural diagram of a data encryption and decryption apparatus provided by the present invention, as shown in the figure. A data encryption/decryption apparatus 1000 includes an encryption module 1010 for performing a data encryption step at a client and/or a decryption module 1020 for performing a data decryption step at a server, wherein,
the encryption module 1010 is configured to randomly generate a first key, encrypt the first key with a second key that is obtained in advance from a server to obtain a third key, encrypt data to be encrypted with the first key to obtain first encrypted data, and transmit the first encrypted data and the third key to the server.
A decryption module 1020, configured to decrypt the third key with the second key to obtain the first key, and decrypt the first encrypted data with the first key to obtain the data to be encrypted;
wherein the first key is generated using a symmetric encryption algorithm and the second key is generated using an asymmetric encryption algorithm.
Optionally, the data encryption and decryption apparatus 1000 further includes an encryption and decryption module 1030 and a second key generation module 1040.
The encryption and decryption module 1030 is configured to process request data initiated by the client, encrypt the processed response data using the first key to obtain second encrypted data, return the second encrypted data to the client, and decrypt the second encrypted data using the first key.
The second key generation module 1040 is configured to generate the second key at the server side, and store the second key at the server side.
Based on another embodiment of the present invention, the present invention provides a data encryption apparatus, including an encryption module for performing a data encryption step at a client, where the encryption module is configured to randomly generate a first key, encrypt the first key with a second key obtained in advance at a server to obtain a third key, encrypt data to be encrypted with the first key to obtain first encrypted data, and transmit the first encrypted data and the third key to the server; wherein the first key is generated using a symmetric encryption algorithm and the second key is generated using an asymmetric encryption algorithm.
Optionally, the second key is generated by using an asymmetric encryption algorithm RSA, and the second key includes a public key for encryption and a private key for decryption; the first key is randomly generated using the symmetric encryption algorithm AES.
Based on another embodiment of the present invention, the present invention provides a data decryption apparatus, including a decryption module executing a data decryption step at a server, where the decryption module is configured to decrypt the third key using the second key to obtain the first key, and decrypt the first encrypted data using the first key to obtain the data to be encrypted;
the second key is generated at the server in advance, the first key is generated randomly before a client initiates a request, the third key is obtained by encrypting the first key by using the second key, and the first encrypted data is obtained by encrypting the required encrypted data by using the first key;
wherein the first key is generated using a symmetric encryption algorithm and the second key is generated using an asymmetric encryption algorithm.
Optionally, the second key is generated by using an asymmetric encryption algorithm RSA, and the second key includes a public key for encryption and a private key for decryption; the first key is randomly generated using the symmetric encryption algorithm AES.
The data encryption and decryption method of the present invention is described by experimental data provided by an application example as follows:
example (b):
(1) and generating an RSA-2048 key at the server, wherein the key comprises an RSA public key and an RSA private key, and the RSA public key comprises the following steps:
RSA public key:
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6pXi9Wbn3shVKTxS2fiv/TqOuwLhXGSMqNsqlFOhSK//Rj8Bx/yuerm5SAuKWOEXXaHXHhMLMaTMdBfaSAIvH++vLESkK4dHNumffV153PXo0YE9Y70MwNpjPwrXWUvWxre2KvjbwxAJSaRPTn9nTwfN6O3rkgy4TPr3xnflAuTI5ORzKdDYWcYvkER47P9lwGTD9BOmQvGW80/+gGbA7U25NxRzhiqFPZ/DV+l9r+083553qGjXytVrRodldj7PN9rsN+BJTo1Zl3wwM7I2QQiOECbGz+0x7z7lZA4qBMtAuq9CVcbAvZBGt0zqFf508L5cR9P9Hy59H6TynlS3mQIDAQAB。
RSA private key:
MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDqleL1ZufeyFUpPFLZ+K/9Oo67AuFcZIyo2yqUU6FIr/9GPwHH/K56ublIC4pY4RddodceEwsxpMx0F9pIAi8f768sRKQrh0c26Z99XXnc9ejRgT1jvQzA2mM/CtdZS9bGt7Yq+NvDEAlJpE9Of2dPB83o7euSDLhM+vfGd+UC5Mjk5HMp0NhZxi+QRHjs/2XAZMP0E6ZC8ZbzT/6AZsDtTbk3FHOGKoU9n8NX6X2v7TzfnneoaNfK1WtGh2V2Ps832uw34ElOjVmXfDAzsjZBCI4QJsbP7THvPuVkDioEy0C6r0JVxsC9kEa3TOoV/nTwvlxH0/0fLn0fpPKeVLeZAgMBAAECggEBAJBQ0aVjP3aBDFMn91h9c9d3tOM77GSovxgKbPF/WZOcIpGWpYPg4X5Cz8eQwfXX1EYYEH1B/fr2hYlOO01depxNGhlDyTO2L4uKwkGfxh63chmhRqEbZsMmFzRrePxIecMatglNu/UO4ofZe6ixHF80T+rio6/f/2nsY45HqC3UYG41YxWyilTwXSXJLK1pcR1Z3xEhOzeQU+Mzye5NuGOrr++vQDhPggjCSKtYNzcJXgSYSK4FgDWpMopJ2zz13nzzvHzxoNveNq3PSg0pPRirVf5+y/pUw0GA8VRrhwD2Sh18BD+S0tQUYst6Mwhqx+ICULQxOjPSMjb1Jlxvi7kCgYEA+F1UkHwAFnrcaHCCSz3XFuBkcpEJbUog6/Vkpq9Jv+YZ4ubfnyd6nW4jCaHIj5cRPOxelWHHlLY8Dp6IXddKxL81CW/tpnFirQE/8IH90d9zTNlzFAW5BJkUjdmfQfPsW3ch1AabTUu6ThuXlvB8YVIHGDGqOFxDK+PYJN4g9VsCgYEA8cwc1i0c8E1AMbtIGYBv2eYqreSee06C2gg4ZMTv58LK0Y4ejlmid71gWMGxHIeQ4NZ4urqo8YhURyJ2mCF+Dr7ijYCuFoeuwOE5MHCTZftaXXUZmu8TvxGw3s1jzGq/DV5vfP3wmd3B3OzZT4X74kq5INFvtmEiUQ+phHRdNRsCgYEAxT/SVoG0zCW9gNDCGiG9/nQuMnMP6pVx+hRFYMBcMST9MCCuP0dqcTe0agTsNWYEEb+kCr3CdVAZ+H5dzTGcNw+ofps/Qe5RMReKAWgr/o+ZkdItPByjaYxuL45Dlmy0LZw66JpqowPergPp672I+v3blpJzHxnfWy80TWuA/3sCgYEAj3YvVdQGa30qLVeU+6x8sKgjgnE2pqp6cKqX6xH91WB5vcO41XTRNIIj/AVP9EFq8DvP/dpqCoR8nIgSHUkh5dXTzWkf4TY3tTDsIZVpnwR3JSQpQQfAi4kPi+II6GwdVu1E8MAqVOCB+XZ9qPUx8Z2sIZCh22/eUIIebfwsoSkCgYAFMQ4DXupzdM1xHZQ5BztW5/50UgZMvy9Z/d0KojSpoSMqTixIUGqgzh29rxE3u1KRanqg19rUli/5DfP1NEDJ5bX7c7os4LPpzzzXuJZJURRil2VipxlRbW2k5VqJ0qadgecQGL3DmfnoJEfgAEeeds0lsoH7JMKOnbAh8y2Q6Q==。
(2) generating an AES-128 key at the client: vwrloo 46m5LdbGJLJOLQ ═ is given.
(3) And encrypting the AES key by using the RAS public key at the client to obtain an encryptedKey:
LriTU+rVOZLVGFpF3T3pDYC8+dNJcl+nOX5KV3u/l3b52sOMbdwStQXNO751moX6hanwZCsxQ0yNawShLKavqcSEMJJqWZEMxVpVryq7mw/9griYG+8rORehNdrvAQ3b7xgtjnogrQ85TfKPkiSPrmlGJS7qlogiV/hLv3f/8O49x+OTdXYYLcD57osXN5LmhLWTtn8KatkqHEHE9sXk9e77K0CJAXQZ0v0wg5Nc/mWt8NScs9K9u89jXF3CjrfZiyfvRMb7XGs2wfORFMGHCq+uDFfi6XCnIF86p1WWdsxGRzPJSOjZZiA9O541nCtBRb6s6zCJOcpWK0cMOwJ1sw==。
(4) the requested data is encrypted at the client using the AES key to obtain encryptedData 1. Wherein, the request data: username & password 123456;
encryptedData1:
0yzPXQql8Vkson53/dTh07HDCJ6f9x7XYQJSIdETb9ew4V5BxtUJLINW6g/rfvJ1。
(5) and decrypting the encryptedKey by using the RSA private key at the server to obtain the AES key: vwrloo 46m5LdbGJLJOLQ ═ is given.
(6) The server decrypts encrypted data1 using the AES key to obtain the requested data: username & password 123456.
(7) The server encrypts the response data using the AES key to obtain encryptedData 2.
Wherein the response data: success, then encrypted encryptedData 2: pQXw9v25oSpJx6bTCk2b6w ═ o.
(8) The client decrypts encryptedData2 using the AES key to obtain response data, the plaintext of which: success.
According to the embodiment, the mode of combining the symmetric encryption algorithm and the asymmetric encryption algorithm is adopted, and the encryption key for data transmission is randomly generated during the operation of the client, so that the safety and the high efficiency of data encryption are realized.
Fig. 11 illustrates a physical structure diagram of an electronic device, and as shown in fig. 11, the electronic device may include: a processor (processor)1110, a communication Interface (Communications Interface)1120, a memory (memory)1130, and a communication bus 1140, wherein the processor 1110, the communication Interface 1120, and the memory 1130 communicate with each other via the communication bus 1140. The processor 1110 may invoke logic instructions in the memory 1130 to perform the steps of a data encryption/decryption method that includes performing data encryption steps at the client and/or data decryption steps at the server, wherein,
the data encryption step comprises:
randomly generating a first key, and encrypting the first key by using a second key which is obtained in advance at a server end to obtain a third key;
encrypting data to be encrypted by using the first key to obtain first encrypted data, and transmitting the first encrypted data and the third key to a server side;
the data decryption step includes:
decrypting the third key by using the second key to obtain the first key;
and decrypting the first encrypted data by using the first key to obtain the data to be encrypted.
In addition, the logic instructions in the memory 1130 may be implemented in software functional units and stored in a computer readable storage medium when sold or used as a stand-alone product. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.
In another aspect, the present invention also provides a computer program product comprising a computer program stored on a non-transitory computer-readable storage medium, the computer program comprising program instructions which, when executed by a computer, enable the computer to perform the steps of the above-provided data encryption and decryption method, the data encryption and decryption method comprising performing a data encryption step at a client and/or performing a data decryption step at a server, wherein,
the data encryption step comprises:
randomly generating a first key, and encrypting the first key by using a second key which is obtained in advance at a server end to obtain a third key;
encrypting data to be encrypted by using the first key to obtain first encrypted data, and transmitting the first encrypted data and the third key to a server side;
the data decryption step includes:
decrypting the third key by using the second key to obtain the first key;
and decrypting the first encrypted data by using the first key to obtain the data to be encrypted.
In yet another aspect, the present invention also provides a non-transitory computer readable storage medium, on which a computer program is stored, the computer program being implemented by a processor to perform the steps of the above-provided data encryption and decryption method provided in each of the above, the data encryption and decryption method comprising performing a data encryption step at a client and/or performing a data decryption step at a server, wherein,
the data encryption step comprises:
randomly generating a first key, and encrypting the first key by using a second key which is obtained in advance at a server end to obtain a third key;
encrypting data to be encrypted by using the first key to obtain first encrypted data, and transmitting the first encrypted data and the third key to a server side;
the data decryption step includes:
decrypting the third key by using the second key to obtain the first key;
and decrypting the first encrypted data by using the first key to obtain the data to be encrypted.
The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment can be implemented by software plus a necessary general hardware platform, and certainly can also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments.
Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.
Claims (20)
1. A data encryption method comprising performing a data encryption step at a client, the data encryption step comprising:
randomly generating a first key, and encrypting the first key by using a second key which is obtained in advance at a server end to obtain a third key;
encrypting data to be encrypted by using the first key to obtain first encrypted data, and transmitting the first encrypted data and the third key to a server side;
wherein the first key is generated using a symmetric encryption algorithm and the second key is generated using an asymmetric encryption algorithm.
2. The data encryption method of claim 1, wherein before performing the step of randomly generating the first key, comprising:
and acquiring the second key generated by the server, wherein the second key is stored in the server.
3. The data encryption method according to claim 2, wherein the obtaining the second key generated by the server side comprises:
and acquiring the second key generated by the server side by using an asymmetric encryption algorithm (RSA), wherein the second key comprises a public key for encryption and a private key for decryption.
4. The data encryption method of claim 1, wherein the randomly generating a first key comprises:
before a client initiates a request each time, the first secret key is randomly generated by using a symmetric encryption algorithm AES;
and caching the first key at the client.
5. A data decryption method, comprising a step of performing data decryption at a server, wherein the step of performing data decryption comprises:
decrypting the third key by using the second key to obtain a first key;
decrypting the first encrypted data by using the first key to obtain data to be encrypted;
the second key is generated at the server in advance, the first key is generated randomly before a client initiates a request, the third key is obtained by encrypting the first key by using the second key, and the first encrypted data is obtained by encrypting the required encrypted data by using the first key;
wherein the first key is generated using a symmetric encryption algorithm and the second key is generated using an asymmetric encryption algorithm.
6. The data decryption method of claim 5,
the second key is generated by using an asymmetric encryption algorithm (RSA), and comprises a public key for encryption and a private key for decryption;
the first key is randomly generated using the symmetric encryption algorithm AES.
7. A data encryption and decryption method is characterized by comprising a step of performing data encryption on a client side and a step of performing data decryption on a server side, wherein,
the data encryption step comprises:
randomly generating a first key, and encrypting the first key by using a second key which is obtained in advance at a server end to obtain a third key;
encrypting data to be encrypted by using the first key to obtain first encrypted data, and transmitting the first encrypted data and the third key to a server side;
the data decryption step includes:
decrypting the third key by using the second key to obtain the first key;
decrypting the first encrypted data by using the first key to obtain the data to be encrypted;
wherein the first key is generated using a symmetric encryption algorithm and the second key is generated using an asymmetric encryption algorithm.
8. The data encryption and decryption method according to claim 7, wherein after the decrypting the encrypted data by using the first key is performed to obtain the data to be encrypted, the method comprises:
receiving second encrypted data returned by the server, wherein the second encrypted data is obtained by processing request data initiated by the client by the server and encrypting the processed response data by using the first key;
decrypting the second encrypted data using the first key.
9. The data encryption and decryption method according to claim 7, wherein before the step of randomly generating the first key, the method comprises:
and acquiring the second key generated by the server, wherein the second key is stored in the server.
10. The data encryption and decryption method according to claim 9, wherein the obtaining the second key generated by the server side includes:
and acquiring the second key generated by the server side by using an asymmetric encryption algorithm (RSA), wherein the second key comprises a public key for encryption and a private key for decryption.
11. The data encryption and decryption method according to claim 7, wherein the randomly generating the first key comprises:
before a client initiates a request each time, the first secret key is randomly generated by using a symmetric encryption algorithm AES;
and caching the first key at the client.
12. A data encryption device is characterized by comprising an encryption module for executing a data encryption step at a client, wherein the encryption module is used for randomly generating a first key, encrypting the first key by using a second key which is obtained in advance at a server to obtain a third key, encrypting data to be encrypted by using the first key to obtain first encrypted data, and transmitting the first encrypted data and the third key to the server; wherein the first key is generated using a symmetric encryption algorithm and the second key is generated using an asymmetric encryption algorithm.
13. The data encryption apparatus of claim 12, wherein the second key is generated using an asymmetric encryption algorithm (RSA), the second key comprising a public key for encryption and a private key for decryption; the first key is randomly generated using the symmetric encryption algorithm AES.
14. A data decryption apparatus, comprising a decryption module for performing a data decryption step at a server, where the decryption module is configured to decrypt the third key using the second key to obtain the first key, and decrypt the first encrypted data using the first key to obtain the data to be encrypted;
the second key is generated at the server in advance, the first key is generated randomly before a client initiates a request, the third key is obtained by encrypting the first key by using the second key, and the first encrypted data is obtained by encrypting the required encrypted data by using the first key;
wherein the first key is generated using a symmetric encryption algorithm and the second key is generated using an asymmetric encryption algorithm.
15. The data decryption apparatus according to claim 14, wherein the second key is generated using an asymmetric encryption algorithm RSA, the second key including a public key for encryption and a private key for decryption; the first key is randomly generated using the symmetric encryption algorithm AES.
16. A data encryption and decryption apparatus, comprising an encryption module for performing a data encryption step at a client side and/or a decryption module for performing a data decryption step at a server side, wherein,
the encryption module is used for randomly generating a first key, encrypting the first key by using a second key which is obtained in advance at a server end to obtain a third key, encrypting data to be encrypted by using the first key to obtain first encrypted data, and transmitting the first encrypted data and the third key to the server end;
the decryption module is used for decrypting the third key by using the second key to obtain the first key and decrypting the first encrypted data by using the first key to obtain the data to be encrypted;
wherein the first key is generated using a symmetric encryption algorithm and the second key is generated using an asymmetric encryption algorithm.
17. The data encryption/decryption device according to claim 16, further comprising:
and the encryption and decryption module is used for processing request data initiated by the client, encrypting the processed response data by using the first key to obtain second encrypted data, returning the second encrypted data to the client and decrypting the second encrypted data by using the first key.
18. The data encryption/decryption device according to claim 16, further comprising:
and the second key generation module is used for generating the second key at the server side and storing the second key at the server side.
19. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the steps of the data encryption method according to any one of claims 1 to 4 are implemented when the program is executed by the processor.
20. A non-transitory computer readable storage medium, on which a computer program is stored, wherein the computer program, when executed by a processor, implements the steps of the data encryption method according to any one of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011598550.XA CN113726725A (en) | 2020-12-29 | 2020-12-29 | Data encryption and decryption method and device, electronic equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202011598550.XA CN113726725A (en) | 2020-12-29 | 2020-12-29 | Data encryption and decryption method and device, electronic equipment and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113726725A true CN113726725A (en) | 2021-11-30 |
Family
ID=78672431
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202011598550.XA Pending CN113726725A (en) | 2020-12-29 | 2020-12-29 | Data encryption and decryption method and device, electronic equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113726725A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114172719A (en) * | 2021-12-03 | 2022-03-11 | 杭州安恒信息技术股份有限公司 | Encryption and decryption method, device, equipment and computer readable storage medium |
| CN114338239A (en) * | 2022-03-03 | 2022-04-12 | 福建天晴数码有限公司 | Data encryption transmission method and system |
| CN114362934A (en) * | 2021-12-20 | 2022-04-15 | 卓尔智联(武汉)研究院有限公司 | Key generation method and device, electronic equipment and storage medium |
| CN114500037A (en) * | 2022-01-24 | 2022-05-13 | 深圳壹账通智能科技有限公司 | Configurable interface encryption method and device, computer equipment and storage medium |
| CN114978769A (en) * | 2022-07-19 | 2022-08-30 | 济南慧天云海信息技术有限公司 | Unidirectional lead-in device, method, medium, and apparatus |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104219041A (en) * | 2014-09-23 | 2014-12-17 | 中国南方电网有限责任公司 | Data transmission encryption method applicable for mobile internet |
| CN104821944A (en) * | 2015-04-28 | 2015-08-05 | 广东小天才科技有限公司 | Hybrid encryption network data security method and system |
| CN104868996A (en) * | 2014-02-25 | 2015-08-26 | 中兴通讯股份有限公司 | Data encryption and decryption method, device thereof, and terminal |
| CN110535868A (en) * | 2019-09-05 | 2019-12-03 | 山东浪潮商用系统有限公司 | Data transmission method and system based on Hybrid Encryption algorithm |
-
2020
- 2020-12-29 CN CN202011598550.XA patent/CN113726725A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104868996A (en) * | 2014-02-25 | 2015-08-26 | 中兴通讯股份有限公司 | Data encryption and decryption method, device thereof, and terminal |
| CN104219041A (en) * | 2014-09-23 | 2014-12-17 | 中国南方电网有限责任公司 | Data transmission encryption method applicable for mobile internet |
| CN104821944A (en) * | 2015-04-28 | 2015-08-05 | 广东小天才科技有限公司 | Hybrid encryption network data security method and system |
| CN110535868A (en) * | 2019-09-05 | 2019-12-03 | 山东浪潮商用系统有限公司 | Data transmission method and system based on Hybrid Encryption algorithm |
Non-Patent Citations (1)
| Title |
|---|
| 吴功宜 等: "《计算机网络技术教程 自顶向下分析与设计方法》", vol. 2, 机械工业出版社, pages: 342 - 342 * |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114172719A (en) * | 2021-12-03 | 2022-03-11 | 杭州安恒信息技术股份有限公司 | Encryption and decryption method, device, equipment and computer readable storage medium |
| CN114362934A (en) * | 2021-12-20 | 2022-04-15 | 卓尔智联(武汉)研究院有限公司 | Key generation method and device, electronic equipment and storage medium |
| CN114500037A (en) * | 2022-01-24 | 2022-05-13 | 深圳壹账通智能科技有限公司 | Configurable interface encryption method and device, computer equipment and storage medium |
| CN114500037B (en) * | 2022-01-24 | 2023-02-28 | 深圳壹账通智能科技有限公司 | Configurable interface encryption method and device, computer equipment and storage medium |
| CN114338239A (en) * | 2022-03-03 | 2022-04-12 | 福建天晴数码有限公司 | Data encryption transmission method and system |
| CN114338239B (en) * | 2022-03-03 | 2023-09-01 | 福建天晴数码有限公司 | Method and system for data encryption transmission |
| CN114978769A (en) * | 2022-07-19 | 2022-08-30 | 济南慧天云海信息技术有限公司 | Unidirectional lead-in device, method, medium, and apparatus |
| CN114978769B (en) * | 2022-07-19 | 2023-08-18 | 济南慧天云海信息技术有限公司 | Unidirectional leading-in device, unidirectional leading-in method, unidirectional leading-in medium and unidirectional leading-in equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10785019B2 (en) | Data transmission method and apparatus | |
| Harba | Secure data encryption through a combination of AES, RSA and HMAC | |
| CN107294937B (en) | Data transmission method based on network communication, client and server | |
| US9172529B2 (en) | Hybrid encryption schemes | |
| CN113726725A (en) | Data encryption and decryption method and device, electronic equipment and storage medium | |
| CN108347419A (en) | Data transmission method and device | |
| US20150229621A1 (en) | One-time-pad data encryption in communication channels | |
| US11316671B2 (en) | Accelerated encryption and decryption of files with shared secret and method therefor | |
| CN104023013A (en) | Data transmission method, server side and client | |
| CN110999202B (en) | Computer-implemented system and method for highly secure, high-speed encryption and transmission of data | |
| CN1820448B (en) | System and method for encrypting and verifying messages using three-phase encryption | |
| CN111404953A (en) | Message encryption method, message decryption method, related devices and related systems | |
| KR20160020866A (en) | Method and system for providing service encryption in closed type network | |
| CN114095170A (en) | Data processing method, device, system and computer readable storage medium | |
| CN114362912A (en) | Identification password generation method based on distributed key center, electronic device and medium | |
| WO2013039659A1 (en) | Hybrid encryption schemes | |
| CN116248316A (en) | File encryption method, file decryption method, device and storage medium | |
| CN112995210B (en) | Data transmission method and device and electronic equipment | |
| KR101793528B1 (en) | Certificateless public key encryption system and receiving terminal | |
| KR100388059B1 (en) | Data encryption system and its method using asymmetric key encryption algorithm | |
| Abdelgader et al. | Design of a secure file transfer system using hybrid encryption techniques | |
| CN115549987B (en) | Mixed encryption method based on data security privacy protection | |
| EP4123956A1 (en) | Method for securely transferring data elements values | |
| KR100864092B1 (en) | Packet encryption method using block chaining mode of block cipher | |
| Parsovs | Security of the proposed Mobile-ID document decryption feature |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: Room 221, 2 / F, block C, 18 Kechuang 11th Street, Daxing District, Beijing, 100176 Applicant after: Jingdong Technology Holding Co.,Ltd. Address before: Room 221, 2 / F, block C, 18 Kechuang 11th Street, Daxing District, Beijing, 100176 Applicant before: Jingdong Digital Technology Holding Co.,Ltd. |
|
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20211130 |