CN114430345A - A data transmission method, device, storage medium and electronic device - Google Patents

A data transmission method, device, storage medium and electronic device Download PDF

Info

Publication number
CN114430345A
CN114430345A CN202210095983.6A CN202210095983A CN114430345A CN 114430345 A CN114430345 A CN 114430345A CN 202210095983 A CN202210095983 A CN 202210095983A CN 114430345 A CN114430345 A CN 114430345A
Authority
CN
China
Prior art keywords
data
ciphertext
dynamic token
original data
private key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
CN202210095983.6A
Other languages
Chinese (zh)
Inventor
张新林
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Lexin Software Technology Co Ltd
Original Assignee
Shenzhen Lexin Software Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Lexin Software Technology Co Ltd filed Critical Shenzhen Lexin Software Technology Co Ltd
Priority to CN202210095983.6A priority Critical patent/CN114430345A/en
Publication of CN114430345A publication Critical patent/CN114430345A/en
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/045Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

本申请实施例公开了一种数据传输方法、装置、存储介质及电子设备。该方法包括:将数据发送端预先确定的动态令牌作为对称加密算法的加密秘钥,对原始数据进行加密处理,得到原始数据密文;利用预先确定的第一公钥对所述动态令牌进行加密,得到动态令牌密文;其中,所述第一公钥为数据接收端发送的非对称加密算法的公钥;将所述原始数据密文、动态令牌密文以及预先确定的设备标识发送到数据接收端。本技术方案,可以提高数据传输效率,以及提高数据传输安全性。

Figure 202210095983

The embodiments of the present application disclose a data transmission method, an apparatus, a storage medium, and an electronic device. The method includes: using a dynamic token predetermined by a data sender as an encryption key of a symmetric encryption algorithm, encrypting original data to obtain a ciphertext of the original data; using a predetermined first public key to encrypt the dynamic token Encryption is performed to obtain the dynamic token ciphertext; wherein, the first public key is the public key of the asymmetric encryption algorithm sent by the data receiving end; the original data ciphertext, the dynamic token ciphertext and the predetermined device The identifier is sent to the data receiver. The technical solution can improve the efficiency of data transmission and improve the security of data transmission.

Figure 202210095983

Description

一种数据传输方法、装置、存储介质及电子设备A data transmission method, device, storage medium and electronic device

技术领域technical field

本申请实施例涉及数据传输技术领域,尤其涉及一种数据传输方法、装置、存储介质及电子设备。The embodiments of the present application relate to the technical field of data transmission, and in particular, to a data transmission method, an apparatus, a storage medium, and an electronic device.

背景技术Background technique

目前,数据在多个主体之间进行安全传输时(比如数据逐级向上传递),为保障数据安全,都会对数据进行加密后再传输。At present, when data is securely transmitted between multiple subjects (for example, data is transmitted up level by level), in order to ensure data security, the data will be encrypted before transmission.

常见思路是采用RSA非对称或者AES(Advanced Encryption Standard)对称加密算法对数据进行加密传输。The common idea is to use RSA asymmetric or AES (Advanced Encryption Standard) symmetric encryption algorithm to encrypt and transmit data.

该思路存在一定缺陷,使用RSA非对称加密,当传输数据比较长时,非对称加密性能十分低下。AES对称加密性能好,但是加解密双方使用相同的key,存在泄漏安全隐患。This idea has certain flaws. Using RSA asymmetric encryption, when the transmission data is relatively long, the performance of asymmetric encryption is very low. AES has good symmetric encryption performance, but both sides of encryption and decryption use the same key, which has potential security risks.

发明内容SUMMARY OF THE INVENTION

本申请实施例提供一种数据传输方法、装置、存储介质及电子设备,能够提高数据传输效率,以及提高数据传输安全性。Embodiments of the present application provide a data transmission method, apparatus, storage medium, and electronic device, which can improve data transmission efficiency and improve data transmission security.

第一方面,本申请实施例提供了一种数据传输方法,所述方法由数据发送端执行;该方法包括:In a first aspect, an embodiment of the present application provides a data transmission method, and the method is executed by a data sending end; the method includes:

将数据发送端预先确定的动态令牌作为对称加密算法的加密秘钥,对原始数据进行加密处理,得到原始数据密文;Using the dynamic token pre-determined by the data sender as the encryption key of the symmetric encryption algorithm, encrypting the original data to obtain the original data ciphertext;

利用预先确定的第一公钥对所述动态令牌进行加密,得到动态令牌密文;其中,所述第一公钥为数据接收端发送的非对称加密算法的公钥;The dynamic token is encrypted with a predetermined first public key to obtain a dynamic token ciphertext; wherein, the first public key is the public key of the asymmetric encryption algorithm sent by the data receiving end;

将所述原始数据密文、动态令牌密文以及预先确定的设备标识发送到数据接收端。The original data ciphertext, the dynamic token ciphertext and the predetermined device identification are sent to the data receiving end.

第二方面,本申请实施例提供了一种数据传输方法,所述方法由数据接收端执行;该方法包括:In a second aspect, an embodiment of the present application provides a data transmission method, and the method is executed by a data receiving end; the method includes:

接收数据发送端发送的原始数据密文、动态令牌密文以及预先确定的设备标识;Receive the original data ciphertext, the dynamic token ciphertext and the predetermined device identifier sent by the data sender;

根据所述设备标识,确定第一私钥;其中,所述第一私钥为数据接收端生成的非对称加密算法的私钥;Determine the first private key according to the device identification; wherein, the first private key is the private key of the asymmetric encryption algorithm generated by the data receiving end;

利用所述第一私钥对所述动态令牌密文进行解密,得到动态令牌明文;Decrypt the dynamic token ciphertext using the first private key to obtain the dynamic token plaintext;

将动态令牌作为对称加密算法的解密秘钥,对所述原始数据密文进行解密处理,得到原始数据明文。Using the dynamic token as the decryption key of the symmetric encryption algorithm, the original data ciphertext is decrypted to obtain the original data plaintext.

第三方面,本申请实施例提供了一种数据传输装置,所述装置配置于数据发送端;该装置包括:In a third aspect, an embodiment of the present application provides a data transmission device, where the device is configured at a data sending end; the device includes:

原始数据密文得到模块,用于将数据发送端预先确定的动态令牌作为对称加密算法的加密秘钥,对原始数据进行加密处理,得到原始数据密文;The original data ciphertext obtaining module is used to encrypt the original data by using the dynamic token predetermined by the data sender as the encryption key of the symmetric encryption algorithm to obtain the original data ciphertext;

动态令牌密文得到模块,用于利用预先确定的第一公钥对所述动态令牌进行加密,得到动态令牌密文;其中,所述第一公钥为数据接收端发送的非对称加密算法的公钥;The dynamic token ciphertext obtaining module is used for encrypting the dynamic token by using a predetermined first public key to obtain the dynamic token ciphertext; wherein, the first public key is an asymmetric data sent by the data receiving end The public key of the encryption algorithm;

数据发送模块,用于将所述原始数据密文、动态令牌密文以及预先确定的设备标识发送到数据接收端。The data sending module is used for sending the original data ciphertext, the dynamic token ciphertext and the predetermined device identification to the data receiving end.

第四方面,本申请实施例提供了一种数据传输装置,所述装置配置于数据接收端;该装置包括:In a fourth aspect, an embodiment of the present application provides a data transmission device, where the device is configured at a data receiving end; the device includes:

数据接收模块,用于接收数据发送端发送的原始数据密文、动态令牌密文以及预先确定的设备标识;The data receiving module is used to receive the original data ciphertext, the dynamic token ciphertext and the predetermined device identification sent by the data sender;

第一私钥确定模块,用于根据所述设备标识,确定第一私钥;其中,所述第一私钥为数据接收端生成的非对称加密算法的私钥;a first private key determination module, configured to determine a first private key according to the device identifier; wherein, the first private key is the private key of the asymmetric encryption algorithm generated by the data receiving end;

动态令牌明文得到模块,用于利用所述第一私钥对所述动态令牌密文进行解密,得到动态令牌明文;a dynamic token plaintext obtaining module, configured to decrypt the dynamic token ciphertext by using the first private key to obtain the dynamic token plaintext;

原始数据明文得到模块,用于将动态令牌作为对称加密算法的解密秘钥,对所述原始数据密文进行解密处理,得到原始数据明文。The original data plaintext obtaining module is used for decrypting the original data ciphertext by using the dynamic token as the decryption key of the symmetric encryption algorithm to obtain the original data plaintext.

第五方面,本申请实施例提供了一种计算机可读存储介质,其上存储有计算机程序,该程序被处理器执行时实现如本申请实施例所述的数据传输方法。In a fifth aspect, an embodiment of the present application provides a computer-readable storage medium on which a computer program is stored, and when the program is executed by a processor, implements the data transmission method described in the embodiment of the present application.

第六方面,本申请实施例提供了一种电子设备,包括存储器,处理器及存储在存储器上并可在处理器运行的计算机程序,所述处理器执行所述计算机程序时实现如本申请实施例所述的数据传输方法。In a sixth aspect, an embodiment of the present application provides an electronic device, including a memory, a processor, and a computer program stored on the memory and executed by the processor, and the processor executes the computer program to achieve the same implementation as the present application. The data transfer method described in the example.

本申请实施例所提供的技术方案,将数据发送端预先确定的动态令牌作为对称加密算法的加密秘钥,对原始数据进行加密处理,得到原始数据密文,并利用预先确定的第一公钥对动态令牌进行加密,得到动态令牌密文,然后将原始数据密文、动态令牌密文以及预先确定的设备标识发送到数据接收端。本技术方案,可以提高数据传输效率,以及提高数据传输安全性。In the technical solution provided by the embodiments of the present application, the dynamic token predetermined by the data sending end is used as the encryption key of the symmetric encryption algorithm, and the original data is encrypted to obtain the ciphertext of the original data, and the predetermined first public key is used to encrypt the original data. The key encrypts the dynamic token to obtain the ciphertext of the dynamic token, and then sends the ciphertext of the original data, the ciphertext of the dynamic token and the predetermined device identification to the data receiving end. The technical solution can improve the efficiency of data transmission and improve the security of data transmission.

附图说明Description of drawings

图1是本申请实施例一提供的数据传输方法的流程图;1 is a flowchart of a data transmission method provided in Embodiment 1 of the present application;

图2是本申请实施例二提供的数据传输方法的流程图;2 is a flowchart of a data transmission method provided in Embodiment 2 of the present application;

图3是本申请实施例三提供的数据传输装置的结构示意图;3 is a schematic structural diagram of a data transmission device provided in Embodiment 3 of the present application;

图4是本申请实施例四提供的数据传输装置的结构示意图;4 is a schematic structural diagram of a data transmission device provided in Embodiment 4 of the present application;

图5是本申请实施例六提供的一种电子设备的结构示意图。FIG. 5 is a schematic structural diagram of an electronic device provided in Embodiment 6 of the present application.

具体实施方式Detailed ways

下面结合附图和实施例对本申请作进一步的详细说明。可以理解的是,此处所描述的具体实施例仅仅用于解释本申请,而非对本申请的限定。另外还需要说明的是,为了便于描述,附图中仅示出了与本申请相关的部分而非全部结构。The present application will be further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are only used to explain the present application, but not to limit the present application. In addition, it should be noted that, for the convenience of description, the drawings only show some but not all the structures related to the present application.

在更加详细地讨论示例性实施例之前应当提到的是,一些示例性实施例被描述成作为流程图描绘的处理或方法。虽然流程图将各步骤描述成顺序的处理,但是其中的许多步骤可以被并行地、并发地或者同时实施。此外,各步骤的顺序可以被重新安排。当其操作完成时所述处理可以被终止,但是还可以具有未包括在附图中的附加步骤。所述处理可以对应于方法、函数、规程、子例程、子程序等等。Before discussing the exemplary embodiments in greater detail, it should be mentioned that some exemplary embodiments are described as processes or methods depicted as flowcharts. Although the flowchart depicts the steps as a sequential process, many of the steps may be performed in parallel, concurrently, or concurrently. Furthermore, the order of the steps can be rearranged. The process may be terminated when its operation is complete, but may also have additional steps not included in the figures. The processes may correspond to methods, functions, procedures, subroutines, subroutines, and the like.

实施例一Example 1

图1是本申请实施例一提供的数据传输方法的流程图,本实施例可适用于对传输数据进行加密的情况,该方法可以由本申请实施例所提供的数据传输装置执行,该装置可以由软件和/或硬件的方式来实现,并可集成于用于数据加密处理的智能终端等设备中。FIG. 1 is a flowchart of a data transmission method provided in Embodiment 1 of the present application. This embodiment is applicable to the case of encrypting transmitted data. The method can be executed by the data transmission device provided by the embodiment of the present application, and the device can be performed by It can be implemented by means of software and/or hardware, and can be integrated into devices such as smart terminals for data encryption processing.

如图1所示,所述数据传输方法包括:As shown in Figure 1, the data transmission method includes:

S110、将数据发送端预先确定的动态令牌作为对称加密算法的加密秘钥,对原始数据进行加密处理,得到原始数据密文;S110, using the dynamic token predetermined by the data sending end as the encryption key of the symmetric encryption algorithm, and encrypting the original data to obtain the original data ciphertext;

其中,动态令牌可以是由数据发送端通过预设工具自动生成的令牌。优选的,动态令牌可以由16位字符串构成。The dynamic token may be a token automatically generated by the data sender through a preset tool. Preferably, the dynamic token can be composed of a 16-bit character string.

在本方案中,原始数据可以是指需要进行传输的数据。In this solution, the original data may refer to the data that needs to be transmitted.

在本实施例中,对称加密算法可以是指AES(Advanced Encryption Standard)加密算法。可以将数据发送端自动生成的16位字符串的动态令牌作为AES加密算法的加密秘钥,对原始数据进行加密处理。In this embodiment, the symmetric encryption algorithm may refer to an AES (Advanced Encryption Standard) encryption algorithm. The 16-bit string dynamic token automatically generated by the data sender can be used as the encryption key of the AES encryption algorithm to encrypt the original data.

S120、利用预先确定的第一公钥对所述动态令牌进行加密,得到动态令牌密文;其中,所述第一公钥为数据接收端发送的非对称加密算法的公钥;S120, using a predetermined first public key to encrypt the dynamic token to obtain a dynamic token ciphertext; wherein, the first public key is the public key of the asymmetric encryption algorithm sent by the data receiving end;

其中,非对称加密算法可以是指RSA加密算法。该算法使用不同的密钥进行加密和解密。可以由数据接收端通过预设工具自动生成RSA非对称密钥对,即第一公钥和第一私钥。将第一私钥存储到数据接收端的数据库中,并将第一公钥下发到数据发送端,数据发送端接收到数据接收端下发的第一公钥后,将第一公钥存储到数据库中。The asymmetric encryption algorithm may refer to the RSA encryption algorithm. The algorithm uses different keys for encryption and decryption. The RSA asymmetric key pair, that is, the first public key and the first private key, can be automatically generated by the data receiving end through a preset tool. The first private key is stored in the database of the data receiving end, and the first public key is sent to the data sending end. After the data sending end receives the first public key sent by the data receiving end, the first public key is stored in the data sending end. in the database.

在本方案中,数据发送端可以从数据库中获取第一公钥,并采用第一公钥对动态令牌进行加密处理,以使得数据加密性能更好。In this solution, the data sending end can obtain the first public key from the database, and use the first public key to encrypt the dynamic token, so that the data encryption performance is better.

S130、将所述原始数据密文、动态令牌密文以及预先确定的设备标识发送到数据接收端。S130. Send the original data ciphertext, the dynamic token ciphertext, and the predetermined device identifier to the data receiving end.

其中,设备标识可以是由字母或者数字构成的字符串。不同数据接收端对应的设备标识不同,可以预先为数据接收端设置设备标识。The device identification may be a character string composed of letters or numbers. The device identifiers corresponding to different data receivers are different, and the device identifiers can be set for the data receivers in advance.

在本方案中,可以通过网络形式将原始数据密文、动态令牌密文以及预先确定的设备标识发送到数据接收端。In this solution, the original data ciphertext, the dynamic token ciphertext and the predetermined device identification can be sent to the data receiving end through the network.

在本技术方案中,可选的,所述方法还包括:In this technical solution, optionally, the method further includes:

对原始数据进行数字签名处理,得到签名串;Perform digital signature processing on the original data to obtain a signature string;

通过第二私钥对所述签名串进行加密处理,得到签名串密文;其中,所述第二私钥为数据发送端生成的非对称加密算法的私钥。The signature string is encrypted by the second private key to obtain the ciphertext of the signature string; wherein the second private key is the private key of the asymmetric encryption algorithm generated by the data sending end.

其中,数字签名是由数据发送端才能产生的,且其他端无法伪造的一段数字串,用于验证发送的数据的真实性。Among them, the digital signature is a digital string that can only be generated by the data sending end and cannot be forged by other ends, and is used to verify the authenticity of the sent data.

在本实施例中,由数据发送端通过预设工具生成非对称加密算法的密钥对,即第二私钥和第二公钥,并通过第二私钥对签名串进行加密处理。In this embodiment, a key pair of an asymmetric encryption algorithm, that is, a second private key and a second public key, is generated by the data sending end using a preset tool, and the signature string is encrypted by the second private key.

通过对原始数据进行数字签名,能够保证原始数据真实性,防止原始数据被篡改,提高数据传输的安全性。By digitally signing the original data, the authenticity of the original data can be guaranteed, the original data can be prevented from being tampered with, and the security of data transmission can be improved.

在本技术方案中,可选的,对原始数据进行数字签名处理,得到签名串,包括:In this technical solution, optionally, digital signature processing is performed on the original data to obtain a signature string, including:

使用SHA256算法对原始数据进行数据签名处理,得到签名串。Use the SHA256 algorithm to perform data signature processing on the original data to obtain a signature string.

其中,SHA256算法是一种从任何一种数据中创建小的数字指纹的方法。把消息或数据压缩成摘要,使得数据量变小,将数据的格式固定下来。该算法将数据打乱混合,重新创建一个叫做散列值或哈希值的指纹。Among them, the SHA256 algorithm is a method of creating a small digital fingerprint from any kind of data. Compress messages or data into digests to reduce the amount of data and fix the format of the data. The algorithm shuffles the data and recreates a fingerprint called a hash or hash.

通过SHA256算法对原始数据进行数字签名,能够保证原始数据真实性,防止原始数据被篡改,提高数据传输的安全性。The original data is digitally signed by the SHA256 algorithm, which can ensure the authenticity of the original data, prevent the original data from being tampered with, and improve the security of data transmission.

在本技术方案中,可选的,将所述原始数据密文、动态令牌密文以及预先确定的设备标识发送到数据接收端,包括:In this technical solution, optionally, sending the original data ciphertext, the dynamic token ciphertext and the predetermined device identification to the data receiving end, including:

将所述原始数据密文、动态令牌密文、签名串密文以及预先确定的设备标识发送到数据接收端。Send the original data ciphertext, the dynamic token ciphertext, the signature string ciphertext and the predetermined device identification to the data receiving end.

在本方案中,可以将加密后的原始数据密文、动态令牌密文、签名串密文以及预先确定的设备标识发送到数据接收端,以供数据接收端对原始数据进行解密,并判断原始数据是否被篡改。In this solution, the encrypted original data ciphertext, dynamic token ciphertext, signature string ciphertext and predetermined device identification can be sent to the data receiving end, so that the data receiving end can decrypt the original data and judge Whether the original data has been tampered with.

通过将原始数据密文、动态令牌密文、签名串密文以及预先确定的设备标识发送到数据接收端,能够提高数据传输效率,以及提高数据传输安全性。By sending the original data ciphertext, the dynamic token ciphertext, the signature string ciphertext and the predetermined device identification to the data receiving end, the data transmission efficiency and the data transmission security can be improved.

本申请实施例所提供的技术方案,将数据发送端预先确定的动态令牌作为对称加密算法的加密秘钥,对原始数据进行加密处理,得到原始数据密文,并利用预先确定的第一公钥对动态令牌进行加密,得到动态令牌密文,然后将原始数据密文、动态令牌密文以及预先确定的设备标识发送到数据接收端。通过执行本技术方案,可以提高数据传输效率,以及提高数据传输安全性。In the technical solution provided by the embodiments of the present application, the dynamic token predetermined by the data sending end is used as the encryption key of the symmetric encryption algorithm, and the original data is encrypted to obtain the ciphertext of the original data, and the predetermined first public key is used to encrypt the original data. The key encrypts the dynamic token to obtain the ciphertext of the dynamic token, and then sends the ciphertext of the original data, the ciphertext of the dynamic token and the predetermined device identification to the data receiving end. By implementing the technical solution, the efficiency of data transmission and the security of data transmission can be improved.

实施例二Embodiment 2

图2是本申请实施例二提供的数据传输方法的流程图,所述方法由数据接收端执行,如图2所示,该方法包括以下步骤:FIG. 2 is a flowchart of a data transmission method provided in Embodiment 2 of the present application, and the method is executed by a data receiving end. As shown in FIG. 2 , the method includes the following steps:

S210、接收数据发送端发送的原始数据密文、动态令牌密文以及预先确定的设备标识;S210. Receive the original data ciphertext, the dynamic token ciphertext and the predetermined device identifier sent by the data sending end;

在本实施例中,由数据接收端接收数据发送端传输的原始数据密文、动态令牌密文以及预先确定的设备标识。In this embodiment, the data receiving end receives the original data ciphertext, the dynamic token ciphertext and the predetermined device identification transmitted by the data transmitting end.

S220、根据所述设备标识,确定第一私钥;其中,所述第一私钥为数据接收端生成的非对称加密算法的私钥;S220, determining a first private key according to the device identification; wherein, the first private key is the private key of the asymmetric encryption algorithm generated by the data receiving end;

其中,可以由数据接收端通过预设工具自动生成RSA非对称密钥对,即第一公钥和第一私钥,并将第一私钥和预先确定的设备标识存储到数据库中。Wherein, the RSA asymmetric key pair, that is, the first public key and the first private key, can be automatically generated by the data receiving end through a preset tool, and the first private key and the predetermined device identifier are stored in the database.

在本方案中,在数据接收端获得设备标识时,可以从数据中获取与设备标识相对应的第一私钥。In this solution, when the data receiving end obtains the device identification, the first private key corresponding to the device identification can be obtained from the data.

S230、利用所述第一私钥对所述动态令牌密文进行解密,得到动态令牌明文;S230, using the first private key to decrypt the dynamic token ciphertext to obtain the dynamic token plaintext;

在本实施例中,第一私钥和第一公钥分别为数据接收端生成的非对称加密算法的秘钥对,则可以通过第一私钥对动态令牌密文进行解密。In this embodiment, the first private key and the first public key are respectively the key pair of the asymmetric encryption algorithm generated by the data receiving end, and the dynamic token ciphertext can be decrypted by using the first private key.

S240、将动态令牌作为对称加密算法的解密秘钥,对所述原始数据密文进行解密处理,得到原始数据明文。S240. Using the dynamic token as the decryption key of the symmetric encryption algorithm, decrypt the original data ciphertext to obtain the original data plaintext.

在本实施例中,通过对动态令牌进行解密,可以将动态令牌作为对称加密算法的解密秘钥,对原始数据密文进行解密处理,得到原始数据明文。In this embodiment, by decrypting the dynamic token, the dynamic token can be used as the decryption key of the symmetric encryption algorithm, and the original data ciphertext can be decrypted to obtain the original data plaintext.

在本技术方案中,可选的,所述方法还包括:In this technical solution, optionally, the method further includes:

接收数据发送端发送的签名串密文;Receive the ciphertext of the signature string sent by the data sender;

根据设备标识,确定第二公钥;其中,所述第二公钥为数据发送端发送的非对称加密算法的公钥;Determine the second public key according to the device identification; wherein, the second public key is the public key of the asymmetric encryption algorithm sent by the data sending end;

利用所述第二公钥对签名串密文进行解密,得到签名串明文,以用于判断原始数据进行发生更改。The ciphertext of the signature string is decrypted by using the second public key to obtain the plaintext of the signature string, which is used for judging that the original data is changed.

其中,第二公钥和第二私钥由数据发送端生成的非对称加密算法的密钥对,则可以从数据接收端的数据库中获取与设备标识相对应的第二公钥,并通过第二公钥对签名串密文进行解密。Wherein, the second public key and the second private key are the key pair of the asymmetric encryption algorithm generated by the data sending end, then the second public key corresponding to the device identification can be obtained from the database of the data receiving end, and the second public key can be obtained through the second The public key decrypts the ciphertext of the signature string.

在本方案中,若解密后的签名串明文与进行数字签名处理得到的签名串内容一致,则原始数据没有被更改。若解密后的签名串明文与进行数字签名处理得到的签名串内容不一致,则原始数据被篡改,发生数据泄密。In this scheme, if the decrypted plaintext of the signature string is consistent with the content of the signature string obtained by digital signature processing, the original data has not been changed. If the plaintext of the decrypted signature string is inconsistent with the content of the signature string obtained by digital signature processing, the original data is tampered with and data leakage occurs.

通过对签名串进行解密,能够判断原始数据是否发生更改,能够防止数据传输过程中被篡改,提高了数据传输的安全性。By decrypting the signature string, it can be determined whether the original data has been changed, which can prevent the data from being tampered with during the transmission process, and improve the security of the data transmission.

本申请实施例所提供的技术方案,接收数据发送端发送的原始数据密文、动态令牌密文以及预先确定的设备标识,根据设备标识,确定第一私钥,并利用第一私钥对所述动态令牌密文进行解密,得到动态令牌明文,然后将动态令牌作为对称加密算法的解密秘钥,对原始数据密文进行解密处理,得到原始数据明文。通过执行本技术方案,可以提高数据传输效率,以及提高数据传输安全性。The technical solutions provided by the embodiments of the present application receive the original data ciphertext, the dynamic token ciphertext and the predetermined device identification sent by the data sending end, determine the first private key according to the device identification, and use the first private key to pair The dynamic token ciphertext is decrypted to obtain the dynamic token plaintext, and then the dynamic token is used as the decryption key of the symmetric encryption algorithm, and the original data ciphertext is decrypted to obtain the original data plaintext. By implementing the technical solution, the efficiency of data transmission and the security of data transmission can be improved.

实施例三Embodiment 3

图3是本申请实施例三提供的数据传输装置的结构示意图,所述装置配置于数据发送端;如图3所示,数据传输装置包括:FIG. 3 is a schematic structural diagram of a data transmission device provided in Embodiment 3 of the present application, and the device is configured at a data sending end; as shown in FIG. 3 , the data transmission device includes:

原始数据密文得到模块310,用于将数据发送端预先确定的动态令牌作为对称加密算法的加密秘钥,对原始数据进行加密处理,得到原始数据密文;The original data ciphertext obtaining module 310 is configured to use the dynamic token predetermined by the data sender as the encryption key of the symmetric encryption algorithm, and encrypt the original data to obtain the original data ciphertext;

动态令牌密文得到模块320,用于利用预先确定的第一公钥对所述动态令牌进行加密,得到动态令牌密文;其中,所述第一公钥为数据接收端发送的非对称加密算法的公钥;The dynamic token ciphertext obtaining module 320 is used for encrypting the dynamic token by using a predetermined first public key to obtain the dynamic token ciphertext; wherein, the first public key is a non-volatile token sent by the data receiving end. The public key of the symmetric encryption algorithm;

数据发送模块330,用于将所述原始数据密文、动态令牌密文以及预先确定的设备标识发送到数据接收端。The data sending module 330 is configured to send the original data ciphertext, the dynamic token ciphertext and the predetermined device identification to the data receiving end.

在本技术方案中,可选的,所述装置还包括:In this technical solution, optionally, the device further includes:

签名串得到模块,用于对原始数据进行数字签名处理,得到签名串;The signature string obtaining module is used to perform digital signature processing on the original data to obtain the signature string;

签名串密文得到模块,用于通过第二私钥对所述签名串进行加密处理,得到签名串密文;其中,所述第二私钥为数据发送端生成的非对称加密算法的私钥。The signature string ciphertext obtaining module is used for encrypting the signature string by using the second private key to obtain the signature string ciphertext; wherein, the second private key is the private key of the asymmetric encryption algorithm generated by the data sender .

在本技术方案中,可选的,签名串得到模块,具体用于:In this technical solution, optionally, the signature string obtaining module is specifically used for:

使用SHA256算法对原始数据进行数据签名处理,得到签名串。Use the SHA256 algorithm to perform data signature processing on the original data to obtain a signature string.

在本技术方案中,可选的,数据发送模块330,具体用于:In this technical solution, optionally, the data sending module 330 is specifically used for:

将所述原始数据密文、动态令牌密文、签名串密文以及预先确定的设备标识发送到数据接收端。Send the original data ciphertext, the dynamic token ciphertext, the signature string ciphertext and the predetermined device identification to the data receiving end.

上述产品可执行本申请实施例一所提供的方法,具备执行方法相应的功能模块和有益效果。The above product can execute the method provided in the first embodiment of the present application, and has corresponding functional modules and beneficial effects for executing the method.

实施例四Embodiment 4

图4是本申请实施例四提供的数据传输装置的结构示意图,所述装置配置于数据接收端;如图4所示,数据传输装置包括:FIG. 4 is a schematic structural diagram of a data transmission device provided in Embodiment 4 of the present application, and the device is configured at a data receiving end; as shown in FIG. 4 , the data transmission device includes:

数据接收模块410,用于接收数据发送端发送的原始数据密文、动态令牌密文以及预先确定的设备标识;The data receiving module 410 is used for receiving the original data ciphertext, the dynamic token ciphertext and the predetermined device identification sent by the data sending end;

第一私钥确定模块420,用于根据所述设备标识,确定第一私钥;其中,所述第一私钥为数据接收端生成的非对称加密算法的私钥;The first private key determination module 420 is configured to determine the first private key according to the device identification; wherein, the first private key is the private key of the asymmetric encryption algorithm generated by the data receiving end;

动态令牌明文得到模块430,用于利用所述第一私钥对所述动态令牌密文进行解密,得到动态令牌明文;The dynamic token plaintext obtaining module 430 is used for decrypting the dynamic token ciphertext by using the first private key to obtain the dynamic token plaintext;

原始数据明文得到模块440,用于将动态令牌作为对称加密算法的解密秘钥,对所述原始数据密文进行解密处理,得到原始数据明文。The original data plaintext obtaining module 440 is used for decrypting the original data ciphertext by using the dynamic token as the decryption key of the symmetric encryption algorithm to obtain the original data plaintext.

在本技术方案中,可选的,所述装置还包括:In this technical solution, optionally, the device further includes:

签名串密文接收模块,用于接收数据发送端发送的签名串密文;The signature string ciphertext receiving module is used to receive the signature string ciphertext sent by the data sender;

第二公钥确定模块,用于根据设备标识,确定第二公钥;其中,所述第二公钥为数据发送端发送的非对称加密算法的公钥;The second public key determination module is configured to determine the second public key according to the device identification; wherein, the second public key is the public key of the asymmetric encryption algorithm sent by the data sending end;

签名串明文得到模块,用于利用所述第二公钥对签名串密文进行解密,得到签名串明文,以用于判断原始数据进行发生更改。The signature string plaintext obtaining module is used for decrypting the signature string ciphertext by using the second public key to obtain the signature string plaintext, which is used for judging that the original data is changed.

上述产品可执行本申请实施例二所提供的方法,具备执行方法相应的功能模块和有益效果。The above product can execute the method provided by the second embodiment of the present application, and has corresponding functional modules and beneficial effects for executing the method.

实施例五Embodiment 5

本申请实施例还提供一种包含计算机可执行指令的存储介质,所述计算机可执行指令在由计算机处理器执行时用于执行一种数据传输方法,该方法包括:Embodiments of the present application further provide a storage medium containing computer-executable instructions, where the computer-executable instructions are used to execute a data transmission method when executed by a computer processor, and the method includes:

将数据发送端预先确定的动态令牌作为对称加密算法的加密秘钥,对原始数据进行加密处理,得到原始数据密文;Using the dynamic token pre-determined by the data sender as the encryption key of the symmetric encryption algorithm, encrypting the original data to obtain the original data ciphertext;

利用预先确定的第一公钥对所述动态令牌进行加密,得到动态令牌密文;其中,所述第一公钥为数据接收端发送的非对称加密算法的公钥;The dynamic token is encrypted with a predetermined first public key to obtain a dynamic token ciphertext; wherein, the first public key is the public key of the asymmetric encryption algorithm sent by the data receiving end;

将所述原始数据密文、动态令牌密文以及预先确定的设备标识发送到数据接收端。The original data ciphertext, the dynamic token ciphertext and the predetermined device identification are sent to the data receiving end.

或者,or,

接收数据发送端发送的原始数据密文、动态令牌密文以及预先确定的设备标识;Receive the original data ciphertext, the dynamic token ciphertext and the predetermined device identifier sent by the data sender;

根据所述设备标识,确定第一私钥;其中,所述第一私钥为数据接收端生成的非对称加密算法的私钥;Determine the first private key according to the device identification; wherein, the first private key is the private key of the asymmetric encryption algorithm generated by the data receiving end;

利用所述第一私钥对所述动态令牌密文进行解密,得到动态令牌明文;Decrypt the dynamic token ciphertext using the first private key to obtain the dynamic token plaintext;

将动态令牌作为对称加密算法的解密秘钥,对所述原始数据密文进行解密处理,得到原始数据明文。Using the dynamic token as the decryption key of the symmetric encryption algorithm, the original data ciphertext is decrypted to obtain the original data plaintext.

存储介质——任何的各种类型的存储器设备或存储设备。术语“存储介质”旨在包括:安装介质,例如CD-ROM、软盘或磁带装置;计算机系统存储器或随机存取存储器,诸如DRAM、DDR RAM、SRAM、EDO RAM,兰巴斯(Rambus)RAM等;非易失性存储器,诸如闪存、磁介质(例如硬盘或光存储);寄存器或其它相似类型的存储器元件等。存储介质可以还包括其它类型的存储器或其组合。另外,存储介质可以位于程序在其中被执行的计算机系统中,或者可以位于不同的第二计算机系统中,第二计算机系统通过网络(诸如因特网)连接到计算机系统。第二计算机系统可以提供程序指令给计算机用于执行。术语“存储介质”可以包括可以驻留在不同位置中(例如在通过网络连接的不同计算机系统中)的两个或更多存储介质。存储介质可以存储可由一个或多个处理器执行的程序指令(例如具体实现为计算机程序)。storage medium - any of various types of memory devices or storage devices. The term "storage medium" is intended to include: installation media, such as CD-ROMs, floppy disks, or tape devices; computer system memory or random access memory, such as DRAM, DDR RAM, SRAM, EDO RAM, Rambus RAM, etc. ; non-volatile memory, such as flash memory, magnetic media (eg hard disk or optical storage); registers or other similar types of memory elements, etc. The storage medium may also include other types of memory or combinations thereof. In addition, the storage medium may be located in the computer system in which the program is executed, or may be located in a different second computer system connected to the computer system through a network such as the Internet. The second computer system may provide program instructions to the computer for execution. The term "storage medium" may include two or more storage media that may reside in different locations (eg, in different computer systems connected by a network). The storage medium may store program instructions (eg, embodied as a computer program) executable by one or more processors.

当然,本申请实施例所提供的一种包含计算机可执行指令的存储介质,其计算机可执行指令不限于如上所述的数据传输操作,还可以执行本申请任意实施例所提供的数据传输方法中的相关操作。Of course, a storage medium containing computer-executable instructions provided by the embodiments of the present application, the computer-executable instructions of which are not limited to the above-mentioned data transmission operations, and can also execute any of the data transmission methods provided in any of the embodiments of the present application. related operations.

实施例六Embodiment 6

本申请实施例提供了一种电子设备,该电子设备中可集成本申请实施例提供的数据传输装置。图5是本申请实施例六提供的一种电子设备的结构示意图。如图5所示,本实施例提供了一种电子设备500,其包括:一个或多个处理器520;存储装置510,用于存储一个或多个程序,当所述一个或多个程序被所述一个或多个处理器520执行,使得所述一个或多个处理器520实现本申请实施例所提供的数据传输方法,该方法包括:The embodiments of the present application provide an electronic device, in which the data transmission apparatus provided by the embodiments of the present application can be integrated. FIG. 5 is a schematic structural diagram of an electronic device according to Embodiment 6 of the present application. As shown in FIG. 5 , this embodiment provides an electronic device 500, which includes: one or more processors 520; and a storage device 510 for storing one or more programs, when the one or more programs are The one or more processors 520 execute, so that the one or more processors 520 implement the data transmission method provided by the embodiments of the present application, and the method includes:

将数据发送端预先确定的动态令牌作为对称加密算法的加密秘钥,对原始数据进行加密处理,得到原始数据密文;Using the dynamic token pre-determined by the data sender as the encryption key of the symmetric encryption algorithm, encrypting the original data to obtain the original data ciphertext;

利用预先确定的第一公钥对所述动态令牌进行加密,得到动态令牌密文;其中,所述第一公钥为数据接收端发送的非对称加密算法的公钥;The dynamic token is encrypted by using a predetermined first public key to obtain a dynamic token ciphertext; wherein, the first public key is the public key of the asymmetric encryption algorithm sent by the data receiving end;

将所述原始数据密文、动态令牌密文以及预先确定的设备标识发送到数据接收端。The original data ciphertext, the dynamic token ciphertext and the predetermined device identification are sent to the data receiving end.

或者,or,

接收数据发送端发送的原始数据密文、动态令牌密文以及预先确定的设备标识;Receive the original data ciphertext, the dynamic token ciphertext and the predetermined device identifier sent by the data sender;

根据所述设备标识,确定第一私钥;其中,所述第一私钥为数据接收端生成的非对称加密算法的私钥;Determine the first private key according to the device identification; wherein, the first private key is the private key of the asymmetric encryption algorithm generated by the data receiving end;

利用所述第一私钥对所述动态令牌密文进行解密,得到动态令牌明文;Decrypt the dynamic token ciphertext using the first private key to obtain the dynamic token plaintext;

将动态令牌作为对称加密算法的解密秘钥,对所述原始数据密文进行解密处理,得到原始数据明文。Using the dynamic token as the decryption key of the symmetric encryption algorithm, the original data ciphertext is decrypted to obtain the original data plaintext.

当然,本领域技术人员可以理解,处理器520还实现本申请任意实施例所提供的数据传输方法的技术方案。Of course, those skilled in the art can understand that the processor 520 also implements the technical solution of the data transmission method provided by any embodiment of the present application.

图5显示的电子设备500仅仅是一个示例,不应对本申请实施例的功能和使用范围带来任何限制。The electronic device 500 shown in FIG. 5 is only an example, and should not impose any limitations on the functions and scope of use of the embodiments of the present application.

如图5所示,该电子设备500包括处理器520、存储装置510、输入装置530和输出装置540;电子设备中处理器520的数量可以是一个或多个,图5中以一个处理器520为例;电子设备中的处理器520、存储装置510、输入装置530和输出装置540可以通过总线或其他方式连接,图5中以通过总线550连接为例。As shown in FIG. 5 , the electronic device 500 includes a processor 520 , a storage device 510 , an input device 530 and an output device 540 ; the number of processors 520 in the electronic device may be one or more, and one processor 520 is used in FIG. 5 . For example, the processor 520 , the storage device 510 , the input device 530 and the output device 540 in the electronic device may be connected by a bus or other means, and the connection by the bus 550 is taken as an example in FIG. 5 .

存储装置510作为一种计算机可读存储介质,可用于存储软件程序、计算机可执行程序以及模块单元,如本申请实施例中的数据传输方法对应的程序指令。As a computer-readable storage medium, the storage device 510 may be used to store software programs, computer-executable programs, and module units, such as program instructions corresponding to the data transmission methods in the embodiments of the present application.

存储装置510可主要包括存储程序区和存储数据区,其中,存储程序区可存储操作系统、至少一个功能所需的应用程序;存储数据区可存储根据终端的使用所创建的数据等。此外,存储装置510可以包括高速随机存取存储器,还可以包括非易失性存储器,例如至少一个磁盘存储器件、闪存器件、或其他非易失性固态存储器件。在一些实例中,存储装置510可进一步包括相对于处理器520远程设置的存储器,这些远程存储器可以通过网络连接。上述网络的实例包括但不限于互联网、企业内部网、局域网、移动通信网及其组合。The storage device 510 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created according to the use of the terminal, and the like. Additionally, storage device 510 may include high-speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid-state storage device. In some examples, storage device 510 may further include memory located remotely from processor 520, which may be connected through a network. Examples of such networks include, but are not limited to, the Internet, an intranet, a local area network, a mobile communication network, and combinations thereof.

输入装置530可用于接收输入的数字、字符信息或语音信息,以及产生与电子设备的用户设置以及功能控制有关的键信号输入。输出装置540可包括显示屏、扬声器等电子设备。The input device 530 may be used to receive input numbers, character information or voice information, and generate key signal input related to user settings and function control of the electronic device. The output device 540 may include electronic devices such as a display screen, a speaker, and the like.

本申请实施例提供的电子设备,可以达到提高数据传输效率,以及提高数据传输安全性的目的。The electronic device provided by the embodiments of the present application can achieve the purpose of improving the efficiency of data transmission and improving the security of data transmission.

上述实施例中提供的数据传输装置、存储介质及电子设备可执行本申请任意实施例所提供的数据传输方法,具备执行该方法相应的功能模块和有益效果。未在上述实施例中详尽描述的技术细节,可参见本申请任意实施例所提供的数据传输方法。The data transmission apparatus, storage medium and electronic device provided in the above embodiments can execute the data transmission method provided by any embodiment of the present application, and have corresponding functional modules and beneficial effects for executing the method. For technical details not described in detail in the foregoing embodiments, reference may be made to the data transmission method provided by any embodiment of the present application.

注意,上述仅为本申请的较佳实施例及所运用技术原理。本领域技术人员会理解,本申请不限于这里所述的特定实施例,对本领域技术人员来说能够进行各种明显的变化、重新调整和替代而不会脱离本申请的保护范围。因此,虽然通过以上实施例对本申请进行了较为详细的说明,但是本申请不仅仅限于以上实施例,在不脱离本申请构思的情况下,还可以包括更多其他等效实施例,而本申请的范围由所附的权利要求范围决定。Note that the above are only preferred embodiments of the present application and applied technical principles. Those skilled in the art will understand that the present application is not limited to the specific embodiments described herein, and various obvious changes, readjustments and substitutions can be made by those skilled in the art without departing from the protection scope of the present application. Therefore, although the present application has been described in detail through the above embodiments, the present application is not limited to the above embodiments, and can also include more other equivalent embodiments without departing from the concept of the present application. The scope is determined by the scope of the appended claims.

Claims (10)

1.一种数据传输方法,其特征在于,所述方法由数据发送端执行;所述方法包括:1. a data transmission method, is characterized in that, described method is carried out by data sending end; Described method comprises: 将数据发送端预先确定的动态令牌作为对称加密算法的加密秘钥,对原始数据进行加密处理,得到原始数据密文;Using the dynamic token pre-determined by the data sender as the encryption key of the symmetric encryption algorithm, encrypting the original data to obtain the original data ciphertext; 利用预先确定的第一公钥对所述动态令牌进行加密,得到动态令牌密文;其中,所述第一公钥为数据接收端发送的非对称加密算法的公钥;The dynamic token is encrypted with a predetermined first public key to obtain a dynamic token ciphertext; wherein, the first public key is the public key of the asymmetric encryption algorithm sent by the data receiving end; 将所述原始数据密文、动态令牌密文以及预先确定的设备标识发送到数据接收端。The original data ciphertext, the dynamic token ciphertext and the predetermined device identification are sent to the data receiving end. 2.根据权利要求1所述的方法,其特征在于,所述方法还包括:2. The method according to claim 1, wherein the method further comprises: 对原始数据进行数字签名处理,得到签名串;Perform digital signature processing on the original data to obtain a signature string; 通过第二私钥对所述签名串进行加密处理,得到签名串密文;其中,所述第二私钥为数据发送端生成的非对称加密算法的私钥。The signature string is encrypted by the second private key to obtain the ciphertext of the signature string; wherein the second private key is the private key of the asymmetric encryption algorithm generated by the data sending end. 3.根据权利要求2所述的方法,其特征在于,对原始数据进行数字签名处理,得到签名串,包括:3. The method according to claim 2, wherein digital signature processing is performed on the original data to obtain a signature string, comprising: 使用SHA256算法对原始数据进行数据签名处理,得到签名串。Use the SHA256 algorithm to perform data signature processing on the original data to obtain a signature string. 4.根据权利要求2所述的方法,其特征在于,将所述原始数据密文、动态令牌密文以及预先确定的设备标识发送到数据接收端,包括:4. The method according to claim 2, wherein sending the original data ciphertext, the dynamic token ciphertext and a predetermined device identifier to a data receiving end, comprising: 将所述原始数据密文、动态令牌密文、签名串密文以及预先确定的设备标识发送到数据接收端。Send the original data ciphertext, the dynamic token ciphertext, the signature string ciphertext and the predetermined device identification to the data receiving end. 5.一种数据传输方法,其特征在于,所述方法由数据接收端执行;所述方法包括:5. A data transmission method, wherein the method is performed by a data receiving end; the method comprises: 接收数据发送端发送的原始数据密文、动态令牌密文以及预先确定的设备标识;Receive the original data ciphertext, the dynamic token ciphertext and the predetermined device identifier sent by the data sender; 根据所述设备标识,确定第一私钥;其中,所述第一私钥为数据接收端生成的非对称加密算法的私钥;Determine the first private key according to the device identification; wherein, the first private key is the private key of the asymmetric encryption algorithm generated by the data receiving end; 利用所述第一私钥对所述动态令牌密文进行解密,得到动态令牌明文;Decrypt the dynamic token ciphertext by using the first private key to obtain the dynamic token plaintext; 将动态令牌作为对称加密算法的解密秘钥,对所述原始数据密文进行解密处理,得到原始数据明文。Using the dynamic token as the decryption key of the symmetric encryption algorithm, the original data ciphertext is decrypted to obtain the original data plaintext. 6.根据权利要求5所述的方法,其特征在于,所述方法还包括:6. The method according to claim 5, wherein the method further comprises: 接收数据发送端发送的签名串密文;Receive the ciphertext of the signature string sent by the data sender; 根据设备标识,确定第二公钥;其中,所述第二公钥为数据发送端发送的非对称加密算法的公钥;Determine the second public key according to the device identification; wherein, the second public key is the public key of the asymmetric encryption algorithm sent by the data sending end; 利用所述第二公钥对签名串密文进行解密,得到签名串明文,以用于判断原始数据进行发生更改。The ciphertext of the signature string is decrypted by using the second public key to obtain the plaintext of the signature string, which is used for judging that the original data is changed. 7.一种数据传输装置,其特征在于,所述装置配置于数据发送端;所述装置包括:7. A data transmission device, wherein the device is configured at a data sending end; the device comprises: 原始数据密文得到模块,用于将数据发送端预先确定的动态令牌作为对称加密算法的加密秘钥,对原始数据进行加密处理,得到原始数据密文;The original data ciphertext obtaining module is used to encrypt the original data by using the dynamic token predetermined by the data sender as the encryption key of the symmetric encryption algorithm to obtain the original data ciphertext; 动态令牌密文得到模块,用于利用预先确定的第一公钥对所述动态令牌进行加密,得到动态令牌密文;其中,所述第一公钥为数据接收端发送的非对称加密算法的公钥;The dynamic token ciphertext obtaining module is used for encrypting the dynamic token by using a predetermined first public key to obtain the dynamic token ciphertext; wherein, the first public key is an asymmetric data sent by the data receiving end The public key of the encryption algorithm; 数据发送模块,用于将所述原始数据密文、动态令牌密文以及预先确定的设备标识发送到数据接收端。The data sending module is used for sending the original data ciphertext, the dynamic token ciphertext and the predetermined device identification to the data receiving end. 8.一种数据传输装置,其特征在于,所述装置配置于数据接收端;所述装置包括:8. A data transmission device, wherein the device is configured at a data receiving end; the device comprises: 数据接收模块,用于接收数据发送端发送的原始数据密文、动态令牌密文以及预先确定的设备标识;The data receiving module is used to receive the original data ciphertext, the dynamic token ciphertext and the predetermined device identification sent by the data sender; 第一私钥确定模块,用于根据所述设备标识,确定第一私钥;其中,所述第一私钥为数据接收端生成的非对称加密算法的私钥;a first private key determination module, configured to determine a first private key according to the device identifier; wherein, the first private key is the private key of the asymmetric encryption algorithm generated by the data receiving end; 动态令牌明文得到模块,用于利用所述第一私钥对所述动态令牌密文进行解密,得到动态令牌明文;a dynamic token plaintext obtaining module, configured to decrypt the dynamic token ciphertext by using the first private key to obtain the dynamic token plaintext; 原始数据明文得到模块,用于将动态令牌作为对称加密算法的解密秘钥,对所述原始数据密文进行解密处理,得到原始数据明文。The original data plaintext obtaining module is used for decrypting the original data ciphertext by using the dynamic token as the decryption key of the symmetric encryption algorithm to obtain the original data plaintext. 9.一种计算机可读存储介质,其上存储有计算机程序,其特征在于,该程序被处理器执行时实现如权利要求1-4,或者如权利要求5-6中任一项所述的数据传输方法。9. A computer-readable storage medium on which a computer program is stored, characterized in that, when the program is executed by a processor, any one of claims 1-4 or any one of claims 5-6 is implemented. data transfer method. 10.一种电子设备,包括存储器,处理器及存储在存储器上并可在处理器运行的计算机程序,其特征在于,所述处理器执行所述计算机程序时实现如权利要求1-4,或者如权利要求5-6中任一项所述的数据传输方法。10. An electronic device, comprising a memory, a processor and a computer program stored on the memory and run on the processor, wherein the processor implements the computer program as claimed in claims 1-4, or The data transmission method according to any one of claims 5-6.
CN202210095983.6A 2022-01-26 2022-01-26 A data transmission method, device, storage medium and electronic device Withdrawn CN114430345A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210095983.6A CN114430345A (en) 2022-01-26 2022-01-26 A data transmission method, device, storage medium and electronic device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210095983.6A CN114430345A (en) 2022-01-26 2022-01-26 A data transmission method, device, storage medium and electronic device

Publications (1)

Publication Number Publication Date
CN114430345A true CN114430345A (en) 2022-05-03

Family

ID=81313825

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210095983.6A Withdrawn CN114430345A (en) 2022-01-26 2022-01-26 A data transmission method, device, storage medium and electronic device

Country Status (1)

Country Link
CN (1) CN114430345A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115442127A (en) * 2022-08-31 2022-12-06 中国工商银行股份有限公司 Transmission data processing method and device
CN118101298A (en) * 2024-03-14 2024-05-28 北京数软科技有限公司 Data encryption transmission method, device, computer equipment, medium and program product
CN118473838A (en) * 2024-07-15 2024-08-09 神州医疗科技股份有限公司 Medical knowledge distribution method and system based on dynamic token technology

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115442127A (en) * 2022-08-31 2022-12-06 中国工商银行股份有限公司 Transmission data processing method and device
CN118101298A (en) * 2024-03-14 2024-05-28 北京数软科技有限公司 Data encryption transmission method, device, computer equipment, medium and program product
CN118101298B (en) * 2024-03-14 2024-11-22 北京数软科技有限公司 Data encryption transmission method, device, computer equipment, medium and program product
CN118473838A (en) * 2024-07-15 2024-08-09 神州医疗科技股份有限公司 Medical knowledge distribution method and system based on dynamic token technology
CN118473838B (en) * 2024-07-15 2024-09-20 神州医疗科技股份有限公司 Medical knowledge distribution method and system based on dynamic token technology

Similar Documents

Publication Publication Date Title
CN113225352B (en) Data transmission method and device, electronic equipment and storage medium
CN110099064B (en) File processing method, device, equipment and storage medium based on Internet of things
CN111835774B (en) Data processing method, apparatus, equipment and storage medium
CN114430345A (en) A data transmission method, device, storage medium and electronic device
CN112823503B (en) Data access method, data access device and mobile terminal
CN107005577B (en) Fingerprint data processing method and processing device
WO2021103802A1 (en) Methods and apparatuses for encrypting and decrypting data, storage medium and encrypted file
CN114710351A (en) Method and system for improving data security during communications
CN115580396B (en) Tight trace query system and method
CN109272314B (en) A secure communication method and system based on two-party collaborative signature calculation
CN113132087A (en) Internet of things, identity authentication and secret communication method, chip, equipment and medium
TW202231014A (en) Message transmitting system, user device and hardware security module for use therein
JP2023533319A (en) FIRMWARE DATA VERIFICATION APPARATUS AND METHOD AND FIRMWARE UPDATE APPARATUS, METHOD AND SYSTEM
EP4525366A1 (en) Key agreement method and apparatus for applet
CN110690969B (en) Method and system for achieving bidirectional SSL/TLS authentication through multiparty cooperation
CN114024711A (en) A data transmission method, device and computer-readable storage medium
CN107425959A (en) A kind of method for realizing encryption, system, client and service end
CN114650181B (en) E-mail encryption and decryption method, system, device and computer-readable storage medium
CN114793184B (en) Security chip communication method and device based on third-party key management node
CN115567200B (en) HTTP interface anti-spam method, system and related equipment
CN112689276B (en) Bluetooth headset firmware updating processing method
CN108154037B (en) Inter-process data transmission method and device
CN107872312B (en) Method, device, equipment and system for dynamically generating symmetric key
CN116248265A (en) Execution method and device of data transmission protocol
CN111431846B (en) Data transmission method, device and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
WW01 Invention patent application withdrawn after publication
WW01 Invention patent application withdrawn after publication

Application publication date: 20220503