CN114430345A - Data transmission method and device, storage medium and electronic equipment - Google Patents
Data transmission method and device, storage medium and electronic equipment Download PDFInfo
- Publication number
- CN114430345A CN114430345A CN202210095983.6A CN202210095983A CN114430345A CN 114430345 A CN114430345 A CN 114430345A CN 202210095983 A CN202210095983 A CN 202210095983A CN 114430345 A CN114430345 A CN 114430345A
- Authority
- CN
- China
- Prior art keywords
- data
- ciphertext
- dynamic token
- original data
- encryption algorithm
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
- 230000005540 biological transmission Effects 0.000 title claims abstract description 63
- 238000000034 method Methods 0.000 title claims abstract description 58
- 238000004590 computer program Methods 0.000 claims description 8
- 239000002609 medium Substances 0.000 description 13
- 238000010586 diagram Methods 0.000 description 6
- 230000006870 function Effects 0.000 description 4
- 230000009286 beneficial effect Effects 0.000 description 3
- 230000007547 defect Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 239000012120 mounting media Substances 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008707 rearrangement Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/045—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the application discloses a data transmission method, a data transmission device, a storage medium and electronic equipment. The method comprises the following steps: taking a dynamic token predetermined by a data sending end as an encryption key of a symmetric encryption algorithm, and encrypting original data to obtain an original data ciphertext; encrypting the dynamic token by using a predetermined first public key to obtain a dynamic token ciphertext; the first public key is a public key of an asymmetric encryption algorithm sent by a data receiving end; and sending the original data ciphertext, the dynamic token ciphertext and the predetermined equipment identifier to a data receiving end. According to the technical scheme, the data transmission efficiency can be improved, and the data transmission safety is improved.
Description
Technical Field
The embodiment of the application relates to the technical field of data transmission, in particular to a data transmission method, a data transmission device, a storage medium and electronic equipment.
Background
At present, when data is transmitted safely among a plurality of main bodies (for example, data is transmitted upwards step by step), in order to guarantee data safety, the data is encrypted and then transmitted.
The common idea is to use RSA asymmetric or aes (advanced Encryption standard) symmetric Encryption algorithm to encrypt and transmit data.
The idea has certain defects, RSA asymmetric encryption is used, and when the transmission data is longer, the asymmetric encryption performance is very low. The AES symmetric encryption has good performance, but the encryption and decryption parties use the same key, so that the potential safety hazard of leakage exists.
Disclosure of Invention
The embodiment of the application provides a data transmission method, a data transmission device, a storage medium and an electronic device, which can improve data transmission efficiency and data transmission safety.
In a first aspect, an embodiment of the present application provides a data transmission method, where the method is executed by a data sending end; the method comprises the following steps:
taking a dynamic token predetermined by a data sending end as an encryption key of a symmetric encryption algorithm, and encrypting original data to obtain an original data ciphertext;
encrypting the dynamic token by using a predetermined first public key to obtain a dynamic token ciphertext; the first public key is a public key of an asymmetric encryption algorithm sent by a data receiving end;
and sending the original data ciphertext, the dynamic token ciphertext and the predetermined equipment identifier to a data receiving end.
In a second aspect, an embodiment of the present application provides a data transmission method, where the method is executed by a data receiving end; the method comprises the following steps:
receiving an original data ciphertext, a dynamic token ciphertext and a predetermined device identifier sent by a data sending end;
determining a first private key according to the equipment identification; the first private key is a private key of an asymmetric encryption algorithm generated by a data receiving terminal;
decrypting the dynamic token ciphertext by using the first private key to obtain a dynamic token plaintext;
and taking the dynamic token as a decryption key of a symmetric encryption algorithm, and decrypting the original data ciphertext to obtain an original data plaintext.
In a third aspect, an embodiment of the present application provides a data transmission apparatus, where the apparatus is configured at a data sending end; the device includes:
the original data ciphertext obtaining module is used for encrypting the original data by taking a dynamic token predetermined by the data sending end as an encryption key of a symmetric encryption algorithm to obtain an original data ciphertext;
the dynamic token ciphertext obtaining module is used for encrypting the dynamic token by using a predetermined first public key to obtain a dynamic token ciphertext; the first public key is a public key of an asymmetric encryption algorithm sent by a data receiving end;
and the data sending module is used for sending the original data ciphertext, the dynamic token ciphertext and the predetermined equipment identifier to a data receiving end.
In a fourth aspect, an embodiment of the present application provides a data transmission apparatus, where the apparatus is configured at a data receiving end; the device includes:
the data receiving module is used for receiving an original data ciphertext, a dynamic token ciphertext and a predetermined device identifier sent by the data sending end;
the first private key determining module is used for determining a first private key according to the equipment identifier; the first private key is a private key of an asymmetric encryption algorithm generated by a data receiving terminal;
the dynamic token plaintext obtaining module is used for decrypting the dynamic token ciphertext by using the first private key to obtain a dynamic token plaintext;
and the original data plaintext obtaining module is used for decrypting the original data ciphertext by taking the dynamic token as a decryption key of a symmetric encryption algorithm to obtain the original data plaintext.
In a fifth aspect, the present application provides a computer-readable storage medium, on which a computer program is stored, where the computer program is executed by a processor to implement the data transmission method according to the present application.
In a sixth aspect, an embodiment of the present application provides an electronic device, which includes a memory, a processor, and a computer program stored on the memory and executable by the processor, where the processor executes the computer program to implement the data transmission method according to the embodiment of the present application.
According to the technical scheme provided by the embodiment of the application, the predetermined dynamic token of the data sending end is used as the encryption key of the symmetric encryption algorithm, the original data is encrypted to obtain the original data ciphertext, the predetermined first public key is used for encrypting the dynamic token to obtain the dynamic token ciphertext, and then the original data ciphertext, the dynamic token ciphertext and the predetermined equipment identification are sent to the data receiving end. According to the technical scheme, the data transmission efficiency can be improved, and the data transmission safety is improved.
Drawings
Fig. 1 is a flowchart of a data transmission method according to an embodiment of the present application;
fig. 2 is a flowchart of a data transmission method according to a second embodiment of the present application;
fig. 3 is a schematic structural diagram of a data transmission apparatus according to a third embodiment of the present application;
fig. 4 is a schematic structural diagram of a data transmission apparatus according to a fourth embodiment of the present application;
fig. 5 is a schematic structural diagram of an electronic device according to a sixth embodiment of the present application.
Detailed Description
The present application will be described in further detail with reference to the following drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the application and are not limiting of the application. It should be further noted that, for the convenience of description, only some of the structures related to the present application are shown in the drawings, not all of the structures.
Before discussing exemplary embodiments in more detail, it should be noted that some exemplary embodiments are described as processes or methods depicted as flowcharts. Although a flowchart may describe the steps as a sequential process, many of the steps can be performed in parallel, concurrently or simultaneously. In addition, the order of the steps may be rearranged. The process may be terminated when its operations are completed, but may have additional steps not included in the figure. The processes may correspond to methods, functions, procedures, subroutines, and the like.
Example one
Fig. 1 is a flowchart of a data transmission method provided in an embodiment of the present application, where the present embodiment is applicable to a case of encrypting transmission data, and the method may be executed by a data transmission apparatus provided in the embodiment of the present application, where the apparatus may be implemented by software and/or hardware, and may be integrated in a device such as an intelligent terminal for data encryption processing.
As shown in fig. 1, the data transmission method includes:
s110, taking a dynamic token predetermined by a data sending end as an encryption key of a symmetric encryption algorithm, and encrypting original data to obtain an original data ciphertext;
the dynamic token may be a token automatically generated by the data sender through a preset tool. Preferably, the dynamic token may be constituted by a 16-bit string.
In this embodiment, the original data may refer to data that needs to be transmitted.
In this embodiment, the symmetric Encryption algorithm may be referred to as an aes (advanced Encryption standard) Encryption algorithm. The dynamic token of the 16-bit string automatically generated by the data sending end can be used as an encryption key of an AES encryption algorithm to encrypt the original data.
S120, encrypting the dynamic token by using a predetermined first public key to obtain a dynamic token ciphertext; the first public key is a public key of an asymmetric encryption algorithm sent by a data receiving end;
the asymmetric encryption algorithm may be referred to as an RSA encryption algorithm. The algorithm uses different keys for encryption and decryption. The RSA asymmetric key pair, i.e. the first public key and the first private key, may be automatically generated by the data receiving end through a preset tool. And the data sending end stores the first public key into the database after receiving the first public key sent by the data receiving end.
In the scheme, the data sending end can obtain the first public key from the database, and encrypt the dynamic token by adopting the first public key, so that the data encryption performance is better.
S130, sending the original data ciphertext, the dynamic token ciphertext and the predetermined equipment identification to a data receiving end.
The device identifier may be a character string composed of letters or numbers. The device identifications corresponding to different data receiving ends are different, and the device identifications can be set for the data receiving ends in advance.
In the scheme, the original data ciphertext, the dynamic token ciphertext and the predetermined device identifier can be sent to the data receiving end in a network form.
In this technical solution, optionally, the method further includes:
carrying out digital signature processing on the original data to obtain a signature string;
encrypting the signature string through a second private key to obtain a signature string ciphertext; the second private key is a private key of an asymmetric encryption algorithm generated by the data sending end.
The digital signature is a section of digital string which can be generated only by a data sending end and cannot be forged by other ends, and is used for verifying the authenticity of the sent data.
In this embodiment, the data sending end generates a key pair of an asymmetric encryption algorithm, that is, a second private key and a second public key, through a preset tool, and encrypts the signature string through the second private key.
By carrying out digital signature on the original data, the authenticity of the original data can be ensured, the original data is prevented from being tampered, and the safety of data transmission is improved.
In this technical solution, optionally, the digital signature processing is performed on the original data to obtain a signature string, including:
and carrying out data signature processing on the original data by using an SHA256 algorithm to obtain a signature string.
The SHA256 algorithm is a method of creating a small digital fingerprint from any kind of data. Compressing the message or data into a summary reduces the amount of data and fixes the format of the data. The algorithm mixes the data in a hash and recreates a fingerprint called a hash value or hash value.
The original data is digitally signed by the SHA256 algorithm, so that the authenticity of the original data can be ensured, the original data is prevented from being tampered, and the safety of data transmission is improved.
In this technical solution, optionally, the sending the original data ciphertext, the dynamic token ciphertext, and the predetermined device identifier to a data receiving end includes:
and sending the original data ciphertext, the dynamic token ciphertext, the signature string ciphertext and the predetermined equipment identifier to a data receiving end.
In the scheme, the encrypted original data ciphertext, the dynamic token ciphertext, the signature string ciphertext and the predetermined device identifier can be sent to the data receiving end, so that the data receiving end can decrypt the original data and judge whether the original data is tampered.
By sending the original data ciphertext, the dynamic token ciphertext, the signature string ciphertext and the predetermined device identifier to the data receiving end, the data transmission efficiency can be improved, and the data transmission safety can be improved.
According to the technical scheme provided by the embodiment of the application, a predetermined dynamic token of a data sending end is used as an encryption key of a symmetric encryption algorithm, original data are encrypted to obtain an original data ciphertext, the dynamic token is encrypted by using a predetermined first public key to obtain a dynamic token ciphertext, and then the original data ciphertext, the dynamic token ciphertext and a predetermined device identifier are sent to a data receiving end. By executing the technical scheme, the data transmission efficiency can be improved, and the data transmission safety can be improved.
Example two
Fig. 2 is a flowchart of a data transmission method according to a second embodiment of the present application, where the method is executed by a data receiving end, and as shown in fig. 2, the method includes the following steps:
s210, receiving an original data ciphertext, a dynamic token ciphertext and a predetermined device identifier sent by a data sending end;
in this embodiment, the data receiving end receives the original data cipher text, the dynamic token cipher text, and the predetermined device identifier transmitted by the data transmitting end.
S220, determining a first private key according to the equipment identifier; the first private key is a private key of an asymmetric encryption algorithm generated by a data receiving terminal;
the RSA asymmetric key pair, namely the first public key and the first private key, can be automatically generated by the data receiving end through a preset tool, and the first private key and the predetermined equipment identifier are stored in the database.
In the scheme, when the data receiving end obtains the device identifier, the first private key corresponding to the device identifier can be obtained from the data.
S230, decrypting the dynamic token ciphertext by using the first private key to obtain a dynamic token plaintext;
in this embodiment, the first private key and the first public key are respectively a key pair of an asymmetric encryption algorithm generated by the data receiving end, and the dynamic token ciphertext can be decrypted by the first private key.
And S240, the dynamic token is used as a decryption secret key of a symmetric encryption algorithm to decrypt the original data ciphertext to obtain an original data plaintext.
In this embodiment, by decrypting the dynamic token, the dynamic token can be used as a decryption key of a symmetric encryption algorithm to decrypt the original data ciphertext, so as to obtain the original data plaintext.
In this technical solution, optionally, the method further includes:
receiving a signature string ciphertext sent by a data sending end;
determining a second public key according to the equipment identifier; the second public key is a public key of an asymmetric encryption algorithm sent by the data sending end;
and decrypting the signature string ciphertext by using the second public key to obtain a signature string plaintext for judging that the original data is changed.
The second public key and the second private key are a key pair of an asymmetric encryption algorithm generated by the data sending end, so that the second public key corresponding to the equipment identifier can be obtained from a database of the data receiving end, and the signature string ciphertext is decrypted through the second public key.
In the scheme, if the decrypted clear text of the signature string is consistent with the content of the signature string obtained by digital signature processing, the original data is not changed. And if the decrypted clear text of the signature string is inconsistent with the content of the signature string obtained by the digital signature processing, the original data is tampered, and data leakage occurs.
By decrypting the signature string, whether the original data is changed or not can be judged, the data can be prevented from being tampered in the data transmission process, and the safety of data transmission is improved.
According to the technical scheme provided by the embodiment of the application, the original data ciphertext, the dynamic token ciphertext and the predetermined equipment identifier sent by the data sending end are received, the first private key is determined according to the equipment identifier, the dynamic token ciphertext is decrypted by using the first private key to obtain the dynamic token plaintext, then the dynamic token is used as a decryption key of a symmetric encryption algorithm, the original data ciphertext is decrypted, and the original data plaintext is obtained. By executing the technical scheme, the data transmission efficiency can be improved, and the data transmission safety can be improved.
EXAMPLE III
Fig. 3 is a schematic structural diagram of a data transmission apparatus according to a third embodiment of the present application, where the apparatus is configured at a data sending end; as shown in fig. 3, the data transmission apparatus includes:
an original data ciphertext obtaining module 310, configured to use a dynamic token predetermined by a data sending end as an encryption key of a symmetric encryption algorithm, and encrypt the original data to obtain an original data ciphertext;
a dynamic token ciphertext obtaining module 320, configured to encrypt the dynamic token with a predetermined first public key to obtain a dynamic token ciphertext; the first public key is a public key of an asymmetric encryption algorithm sent by a data receiving end;
and the data sending module 330 is configured to send the original data ciphertext, the dynamic token ciphertext, and the predetermined device identifier to a data receiving end.
In this technical solution, optionally, the apparatus further includes:
the signature string obtaining module is used for carrying out digital signature processing on the original data to obtain a signature string;
the signature string ciphertext obtaining module is used for encrypting the signature string through a second private key to obtain a signature string ciphertext; the second private key is a private key of an asymmetric encryption algorithm generated by the data sending end.
In this technical solution, optionally, the signature string obtaining module is specifically configured to:
and carrying out data signature processing on the original data by using an SHA256 algorithm to obtain a signature string.
In this technical solution, optionally, the data sending module 330 is specifically configured to:
and sending the original data ciphertext, the dynamic token ciphertext, the signature string ciphertext and the predetermined equipment identifier to a data receiving end.
The product can execute the method provided by the first embodiment of the application, and has the corresponding functional modules and beneficial effects of the execution method.
Example four
Fig. 4 is a schematic structural diagram of a data transmission apparatus according to a fourth embodiment of the present application, the apparatus being configured at a data receiving end; as shown in fig. 4, the data transmission apparatus includes:
a data receiving module 410, configured to receive an original data ciphertext, a dynamic token ciphertext and a predetermined device identifier sent by a data sending end;
a first private key determining module 420, configured to determine a first private key according to the device identifier; the first private key is a private key of an asymmetric encryption algorithm generated by a data receiving terminal;
a dynamic token plaintext obtaining module 430, configured to decrypt the dynamic token ciphertext by using the first private key to obtain a dynamic token plaintext;
the original data plaintext obtaining module 440 is configured to use the dynamic token as a decryption key of a symmetric encryption algorithm to decrypt the original data ciphertext to obtain an original data plaintext.
In this technical solution, optionally, the apparatus further includes:
the signature string ciphertext receiving module is used for receiving a signature string ciphertext sent by the data sending end;
the second public key determining module is used for determining a second public key according to the equipment identifier; the second public key is a public key of an asymmetric encryption algorithm sent by the data sending end;
and the signature string plaintext obtaining module is used for decrypting the signature string ciphertext by using the second public key to obtain a signature string plaintext for judging that the original data is changed.
The product can execute the method provided by the second embodiment of the application, and has the corresponding functional modules and beneficial effects of the execution method.
EXAMPLE five
Embodiments of the present application also provide a storage medium containing computer-executable instructions, which when executed by a computer processor, perform a data transmission method, the method comprising:
taking a dynamic token predetermined by a data sending end as an encryption key of a symmetric encryption algorithm, and encrypting original data to obtain an original data ciphertext;
encrypting the dynamic token by using a predetermined first public key to obtain a dynamic token ciphertext; the first public key is a public key of an asymmetric encryption algorithm sent by a data receiving end;
and sending the original data ciphertext, the dynamic token ciphertext and the predetermined equipment identifier to a data receiving end.
Or,
receiving an original data ciphertext, a dynamic token ciphertext and a predetermined device identifier sent by a data sending end;
determining a first private key according to the equipment identification; the first private key is a private key of an asymmetric encryption algorithm generated by a data receiving terminal;
decrypting the dynamic token ciphertext by using the first private key to obtain a dynamic token plaintext;
and taking the dynamic token as a decryption key of a symmetric encryption algorithm, and decrypting the original data ciphertext to obtain an original data plaintext.
Storage medium-any of various types of memory devices or storage devices. The term "storage medium" is intended to include: mounting media such as CD-ROM, floppy disk, or tape devices; computer system memory or random access memory such as DRAM, DDR RAM, SRAM, EDO RAM, Lanbas (Rambus) RAM, etc.; non-volatile memory, such as flash memory, magnetic media (e.g., hard disk or optical storage); registers or other similar types of memory elements, etc. The storage medium may also include other types of memory or combinations thereof. In addition, the storage medium may be located in the computer system in which the program is executed, or may be located in a different second computer system connected to the computer system through a network (such as the internet). The second computer system may provide the program instructions to the computer for execution. The term "storage medium" may include two or more storage media that may reside in different locations, such as in different computer systems that are connected by a network. The storage medium may store program instructions (e.g., embodied as a computer program) that are executable by one or more processors.
Of course, the storage medium provided in the embodiments of the present application contains computer-executable instructions, and the computer-executable instructions are not limited to the data transmission operations described above, and may also perform related operations in the data transmission method provided in any embodiments of the present application.
EXAMPLE six
The embodiment of the application provides electronic equipment, and the data transmission device provided by the embodiment of the application can be integrated in the electronic equipment. Fig. 5 is a schematic structural diagram of an electronic device according to a sixth embodiment of the present application. As shown in fig. 5, the present embodiment provides an electronic device 500, which includes: one or more processors 520; the storage 510 is configured to store one or more programs, and when the one or more programs are executed by the one or more processors 520, the one or more processors 520 implement the data transmission method provided in the embodiment of the present application, the method includes:
taking a dynamic token predetermined by a data sending end as an encryption key of a symmetric encryption algorithm, and encrypting original data to obtain an original data ciphertext;
encrypting the dynamic token by using a predetermined first public key to obtain a dynamic token ciphertext; the first public key is a public key of an asymmetric encryption algorithm sent by a data receiving end;
and sending the original data ciphertext, the dynamic token ciphertext and the predetermined equipment identifier to a data receiving end.
Or,
receiving an original data ciphertext, a dynamic token ciphertext and a predetermined device identifier sent by a data sending end;
determining a first private key according to the equipment identification; the first private key is a private key of an asymmetric encryption algorithm generated by a data receiving terminal;
decrypting the dynamic token ciphertext by using the first private key to obtain a dynamic token plaintext;
and taking the dynamic token as a decryption key of a symmetric encryption algorithm, and decrypting the original data ciphertext to obtain an original data plaintext.
Of course, those skilled in the art can understand that the processor 520 also implements the technical solution of the data transmission method provided in any embodiment of the present application.
The electronic device 500 shown in fig. 5 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present application.
As shown in fig. 5, the electronic device 500 includes a processor 520, a storage 510, an input 530, and an output 540; the number of the processors 520 in the electronic device may be one or more, and one processor 520 is taken as an example in fig. 5; the processor 520, the storage 510, the input device 530, and the output device 540 in the electronic apparatus may be connected by a bus or other means, and are exemplified by a bus 550 in fig. 5.
The storage device 510 is a computer-readable storage medium, and can be used to store software programs, computer-executable programs, and module units, such as program instructions corresponding to the data transmission method in the embodiments of the present application.
The storage device 510 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to the use of the terminal, and the like. Further, the storage 510 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device. In some examples, storage 510 may further include memory located remotely from processor 520, which may be connected via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The input device 530 may be used to receive input numbers, character information, or voice information, and to generate key signal inputs related to user settings and function control of the electronic apparatus. The output device 540 may include a display screen, speakers, etc. of electronic equipment.
The electronic equipment provided by the embodiment of the application can achieve the purposes of improving the data transmission efficiency and improving the data transmission safety.
The data transmission device, the storage medium and the electronic device provided in the above embodiments may execute the data transmission method provided in any embodiment of the present application, and have corresponding functional modules and beneficial effects for executing the method. For technical details that are not described in detail in the above embodiments, reference may be made to a data transmission method provided in any embodiment of the present application.
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present application and the technical principles employed. It will be understood by those skilled in the art that the present application is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the application. Therefore, although the present application has been described in more detail with reference to the above embodiments, the present application is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present application, and the scope of the present application is determined by the scope of the appended claims.
Claims (10)
1. A data transmission method, wherein the method is performed by a data transmitting end; the method comprises the following steps:
taking a dynamic token predetermined by a data sending end as an encryption key of a symmetric encryption algorithm, and encrypting original data to obtain an original data ciphertext;
encrypting the dynamic token by using a predetermined first public key to obtain a dynamic token ciphertext; the first public key is a public key of an asymmetric encryption algorithm sent by a data receiving end;
and sending the original data ciphertext, the dynamic token ciphertext and the predetermined equipment identifier to a data receiving end.
2. The method of claim 1, further comprising:
carrying out digital signature processing on the original data to obtain a signature string;
encrypting the signature string through a second private key to obtain a signature string ciphertext; the second private key is a private key of an asymmetric encryption algorithm generated by the data sending end.
3. The method of claim 2, wherein digitally signing the original data to obtain a signature string comprises:
and performing data signature processing on the original data by using an SHA256 algorithm to obtain a signature string.
4. The method of claim 2, wherein sending the original data ciphertext, the dynamic token ciphertext, and the predetermined device identifier to a data sink comprises:
and sending the original data ciphertext, the dynamic token ciphertext, the signature string ciphertext and the predetermined equipment identifier to a data receiving end.
5. A data transmission method, wherein the method is performed by a data receiving end; the method comprises the following steps:
receiving an original data ciphertext, a dynamic token ciphertext and a predetermined device identifier sent by a data sending end;
determining a first private key according to the equipment identification; the first private key is a private key of an asymmetric encryption algorithm generated by a data receiving terminal;
decrypting the dynamic token ciphertext by using the first private key to obtain a dynamic token plaintext;
and taking the dynamic token as a decryption key of a symmetric encryption algorithm, and decrypting the original data ciphertext to obtain an original data plaintext.
6. The method of claim 5, further comprising:
receiving a signature string ciphertext sent by a data sending end;
determining a second public key according to the equipment identifier; the second public key is a public key of an asymmetric encryption algorithm sent by the data sending end;
and decrypting the signature string ciphertext by using the second public key to obtain a signature string plaintext for judging that the original data is changed.
7. A data transmission apparatus, wherein the apparatus is configured at a data transmitting end; the device comprises:
the original data ciphertext obtaining module is used for encrypting the original data by taking a dynamic token predetermined by the data sending end as an encryption key of a symmetric encryption algorithm to obtain an original data ciphertext;
the dynamic token ciphertext obtaining module is used for encrypting the dynamic token by utilizing a predetermined first public key to obtain a dynamic token ciphertext; the first public key is a public key of an asymmetric encryption algorithm sent by a data receiving end;
and the data sending module is used for sending the original data ciphertext, the dynamic token ciphertext and the predetermined equipment identifier to a data receiving end.
8. A data transmission apparatus, wherein said apparatus is configured at a data receiving end; the device comprises:
the data receiving module is used for receiving an original data ciphertext, a dynamic token ciphertext and a predetermined device identifier sent by the data sending end;
the first private key determining module is used for determining a first private key according to the equipment identifier; the first private key is a private key of an asymmetric encryption algorithm generated by a data receiving terminal;
the dynamic token plaintext obtaining module is used for decrypting the dynamic token ciphertext by using the first private key to obtain a dynamic token plaintext;
and the original data plaintext obtaining module is used for decrypting the original data ciphertext by taking the dynamic token as a decryption key of a symmetric encryption algorithm to obtain the original data plaintext.
9. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out a data transmission method according to one of claims 1 to 4 or according to one of claims 5 to 6.
10. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the data transmission method according to any of claims 1-4 or 5-6 when executing the computer program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210095983.6A CN114430345A (en) | 2022-01-26 | 2022-01-26 | Data transmission method and device, storage medium and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210095983.6A CN114430345A (en) | 2022-01-26 | 2022-01-26 | Data transmission method and device, storage medium and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114430345A true CN114430345A (en) | 2022-05-03 |
Family
ID=81313825
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210095983.6A Withdrawn CN114430345A (en) | 2022-01-26 | 2022-01-26 | Data transmission method and device, storage medium and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114430345A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN118473838A (en) * | 2024-07-15 | 2024-08-09 | 神州医疗科技股份有限公司 | Medical knowledge distribution method and system based on dynamic token technology |
-
2022
- 2022-01-26 CN CN202210095983.6A patent/CN114430345A/en not_active Withdrawn
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN118473838A (en) * | 2024-07-15 | 2024-08-09 | 神州医疗科技股份有限公司 | Medical knowledge distribution method and system based on dynamic token technology |
| CN118473838B (en) * | 2024-07-15 | 2024-09-20 | 神州医疗科技股份有限公司 | Medical knowledge distribution method and system based on dynamic token technology |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111130803B (en) | Method, system and device for digital signature | |
| WO2021103802A1 (en) | Methods and apparatuses for encrypting and decrypting data, storage medium and encrypted file | |
| CN107425971B (en) | Certificateless data encryption/decryption method and device and terminal | |
| CN110912920A (en) | Data processing method, apparatus and medium | |
| CN112823503B (en) | Data access method, data access device and mobile terminal | |
| CN113794734A (en) | Vehicle-mounted CAN bus encryption communication method, control device and readable storage medium | |
| CN115296807B (en) | Key generation method, device and equipment for preventing industrial control network viruses | |
| CN109005184A (en) | File encrypting method and device, storage medium, terminal | |
| CN114793184B (en) | Security chip communication method and device based on third-party key management node | |
| CN115208697A (en) | Adaptive data encryption method and device based on attack behavior | |
| CN113347143A (en) | Identity authentication method, device, equipment and storage medium | |
| CN112118098A (en) | Method, device and system for enhancing digital envelope by post-quantum security | |
| US20240205204A1 (en) | Data transmission protocol execution methods and apparatuses | |
| CN114024711A (en) | Data transmission method and device and computer readable storage medium | |
| CN114430345A (en) | Data transmission method and device, storage medium and electronic equipment | |
| CN117632099A (en) | Multi-language calling method, device, equipment and medium based on application program interface | |
| US7436966B2 (en) | Secure approach to send data from one system to another | |
| CN111382451A (en) | Security level identification method and device, electronic equipment and storage medium | |
| CN114650181B (en) | E-mail encryption and decryption method, system, equipment and computer readable storage medium | |
| CN107872312B (en) | Method, device, equipment and system for dynamically generating symmetric key | |
| CN113810779B (en) | Code stream signature verification method, device, electronic equipment and computer readable medium | |
| CN116204903A (en) | Financial data security management method and device, electronic equipment and storage medium | |
| CN111431846B (en) | Data transmission method, device and system | |
| KR101974411B1 (en) | In-vehicle secure communication support device and operating method thereof | |
| CN115296934B (en) | Information transmission method and device based on industrial control network intrusion and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WW01 | Invention patent application withdrawn after publication | ||
| WW01 | Invention patent application withdrawn after publication |
Application publication date: 20220503 |