CN115001869B - Encryption transmission method and system - Google Patents
Encryption transmission method and system Download PDFInfo
- Publication number
- CN115001869B CN115001869B CN202210915520.XA CN202210915520A CN115001869B CN 115001869 B CN115001869 B CN 115001869B CN 202210915520 A CN202210915520 A CN 202210915520A CN 115001869 B CN115001869 B CN 115001869B
- Authority
- CN
- China
- Prior art keywords
- user terminal
- transmission
- user
- file
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Signal Processing (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to the technical field of data encryption, and particularly discloses an encryption transmission method and system, wherein the method comprises the steps of acquiring user information, and determining a user terminal which is in a mapping relation with a user and contains a terminal tag based on the user information; establishing a connection channel with a corresponding user terminal, and sending a target file to the user terminal based on the connection channel; in the process of sending the target file, both the server side and the user terminal acquire transmission parameters and transmission progress in real time; and the server and the user terminal encrypt and decrypt the target file according to the transmission parameters and the transmission progress. The invention generates the user terminal which is exclusive to the user according to the user information, and encrypts and decrypts the file based on the data transmission parameter between the two ports in the data transmission process, thereby having extremely high security.
Description
Technical Field
The invention relates to the technical field of data encryption, in particular to an encryption transmission method and an encryption transmission system.
Background
Data encryption is a long-history technology, which means that plaintext is converted into ciphertext through an encryption algorithm and an encryption key, and decryption is to recover the ciphertext into the plaintext through a decryption algorithm and a decryption key, and the core of the data encryption is cryptography.
Data encryption is still the most reliable way for computer systems to protect information. The information is encrypted by utilizing a cryptographic technology, so that the information is concealed, and the information is protected.
There are many existing encryption algorithms, but they are all to increase the complexity of the cipher as much as possible, and the way of generating the cipher is mostly some well-defined algorithms, which is suitable for a wide range of one-to-many data transmission processes, but for the point-to-point transmission process, the security is slightly insufficient. Therefore, how to provide a data encryption mode which is high in safety and suitable for a point-to-point transmission process is a technical problem to be solved by the technical scheme of the invention.
Disclosure of Invention
The present invention is directed to a method and system for encrypted transmission to solve the problems set forth in the background art.
In order to achieve the purpose, the invention provides the following technical scheme:
a method of encrypted transmission, the method comprising:
receiving a registration request sent by a user, acquiring user information, and determining a user terminal which is in a mapping relation with the user and contains a terminal tag based on the user information; the user terminal is used as password input equipment;
acquiring a file receiving request containing a file index sent by a user through the user terminal, and inquiring a target file in a preset file library according to the file index; the first step of a file receiving request which is sent by a user through the user terminal and contains a file index is to input a password;
establishing a connection channel with a corresponding user terminal according to the terminal tag, and sending a target file to the user terminal based on the connection channel; in the process of sending the target file, both the server side and the user terminal acquire transmission parameters and transmission progress in real time;
when the transmission progress reaches a preset first progress threshold, pausing the transmission progress, determining an encryption code according to the transmission parameter, encrypting the target file based on the encryption code, and recovering the transmission progress;
and when the user terminal receives the encrypted target file, determining a decryption code based on the transmission parameters and the transmission progress, and decrypting the encrypted target file based on the decryption code.
As a further scheme of the invention: the step of receiving a registration request sent by a user, acquiring user information, and determining a user terminal which is in a mapping relation with the user and contains a terminal tag based on the user information comprises the following steps:
receiving a registration request sent by a user and acquiring user information;
inputting the user information into a trained feature extraction model to obtain a user number which is in a mapping relation with the user information;
determining a terminal tag based on the user number, and generating a user terminal taking the terminal tag as an index;
setting a pass password of the user terminal according to a custom password design rule;
when a user needs to log in, a pass password is input through the user terminal, the user terminal expands the pass password according to an expansion matrix prestored in the user terminal, and the expanded pass password is sent to a server; and the server identifies the expanded password.
As a further scheme of the invention: the user-defined password design rule comprises one or more of a user-defined point and line gesture password, a user-defined maternal logic point and line gesture password, a user-defined plane array point and line gesture password and a user-defined stereoscopic array point and line gesture password.
As a further scheme of the invention: the steps of the server side and the user terminal for acquiring the transmission parameters and the transmission progress in real time comprise:
acquiring the size of a target file and the network bandwidth of a connecting channel;
calculating and predicting transmission time according to the size of the target file and the network bandwidth;
determining sampling nodes according to the predicted transmission time and the preset sampling point digits; the sampling node contains a label;
acquiring transmission parameters in real time based on the sampling nodes, sequencing the transmission parameters according to the labels, and generating a parameter table; the parameter table contains a label item and a transmission parameter item;
and generating a transmission progress item according to the label item in the parameter table.
As a further scheme of the invention: the step of determining an encryption code based on the transmission parameters comprises:
reading a parameter table, and sequentially converting the parameter table into an encryption parameter table according to a preset encryption matrix library;
generating a fitting curve group according to the encryption parameter table;
converting the fitting curve group into a curve image, and performing feature extraction on the curve image according to a preset extraction index to obtain a feature area; the extraction index is a function of time;
and inputting the characteristic region into a trained encryption code generation model to obtain an encryption code.
As a further scheme of the invention: the method further comprises the following steps:
when the user terminal fails to decrypt, the user terminal generates a splitting instruction;
splitting the target file into subfiles based on the splitting instruction;
randomly sending the subfiles to each memory of the user terminal, and recording the sending positions to obtain a position table;
and when the user terminal receives a recovery instruction sent by the server, recombining the target file according to the position table.
As a further scheme of the invention: the method further comprises the following steps:
performing file segmentation on the target file to obtain subfiles;
randomly extracting data in the subfiles, and recording position information of the data to obtain a data table;
sending the subfiles with the data tables removed as target files to a user terminal; when the user terminal successfully decrypts, the data sheet is sent to the user terminal;
and the user terminal fills the subfiles with the removed data tables according to the received data tables.
The technical scheme of the invention also provides an encryption transmission system, which comprises:
the terminal generation module is used for receiving a registration request sent by a user, acquiring user information, and determining a user terminal which is in a mapping relation with the user and contains a terminal tag based on the user information; the user terminal is used as password input equipment;
the file query module is used for acquiring a file receiving request which is sent by a user through the user terminal and contains a file index, and querying a target file in a preset file library according to the file index; the first step of a file receiving request which is sent by a user through the user terminal and contains a file index is to input a password;
the channel establishing module is used for establishing a connection channel with a corresponding user terminal according to the terminal tag and sending a target file to the user terminal based on the connection channel; in the process of sending the target file, both the server side and the user terminal acquire transmission parameters and transmission progress in real time;
the file encryption module is used for pausing the transmission process when the transmission progress reaches a preset first progress threshold, determining an encryption code according to the transmission parameter, encrypting the target file based on the encryption code and recovering the transmission process;
and the file decryption module is used for determining a decryption code based on the transmission parameters and the transmission progress when the user terminal receives the encrypted target file, and decrypting the encrypted target file based on the decryption code.
As a further scheme of the invention: the channel establishing module comprises:
the network parameter acquisition unit is used for acquiring the size of the target file and acquiring the network bandwidth of the connection channel;
the speed prediction unit is used for calculating and predicting transmission time according to the size of the target file and the network bandwidth;
the node determining unit is used for determining sampling nodes according to the predicted transmission time length and the preset sampling point number of bits; the sampling node contains a label;
the parameter table generating unit is used for acquiring transmission parameters in real time based on the sampling nodes, sequencing the transmission parameters according to the labels and generating a parameter table; the parameter table contains a label item and a transmission parameter item;
and the progress item generating unit is used for generating a transmission progress item according to the label item in the parameter table.
As a further scheme of the invention: the file encryption module comprises:
the parameter table conversion unit is used for reading a parameter table and sequentially converting the parameter table into an encryption parameter table according to a preset encryption matrix library;
the curve group generating unit is used for generating a fitting curve group according to the encryption parameter table;
the characteristic extraction unit is used for converting the fitting curve group into a curve image and extracting the characteristics of the curve image according to a preset extraction index to obtain a characteristic area; the extraction index is a function of time;
and the processing execution unit is used for inputting the characteristic region into the trained encryption code generation model to obtain the encryption code.
Compared with the prior art, the invention has the beneficial effects that: the invention generates the user terminal which is exclusive to the user according to the user information, and encrypts and decrypts the file based on the data transmission parameter between the two ports in the data transmission process, thereby having extremely high security.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present invention, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention.
Fig. 1 is a flow chart diagram of an encrypted transmission method.
Fig. 2 is a first sub-flow diagram of an encrypted transmission method.
Fig. 3 is a second sub-flow diagram of the encrypted transmission method.
Fig. 4 is a third sub-flow diagram of an encrypted transmission method.
Fig. 5 is a block diagram showing the configuration of the encryption transmission system.
Fig. 6 is a block diagram showing a configuration of a channel establishing module in the encryption transmission system.
Fig. 7 is a block diagram showing a configuration of a file encryption module in the encryption transmission system.
Detailed Description
In order to make the technical problems, technical solutions and advantageous effects to be solved by the present invention more clearly apparent, the present invention is further described in detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and do not limit the invention.
Example 1
Fig. 1 is a flow chart of an encryption transmission method, and in an embodiment of the present invention, an encryption transmission method includes steps S100 to S500:
step S100: receiving a registration request sent by a user, acquiring user information, and determining a user terminal which is in a mapping relation with the user and contains a terminal tag based on the user information; the user terminal is used as password input equipment;
the two ends of the technical scheme of the invention are respectively a server and a user terminal, a user registers on the server, if the registration is successful, a unique user terminal corresponding to user information is generated, and the user terminal is used as password input equipment; the user terminal comprises a terminal label, when the user terminal sends a file acquisition request to the server, the user terminal sends the terminal label to the server, and the server positions the corresponding user terminal according to the terminal label.
Step S200: acquiring a file receiving request containing a file index sent by a user through the user terminal, and inquiring a target file in a preset file library according to the file index; the first step of a file receiving request which is sent by a user through the user terminal and contains a file index is to input a password;
step S300: establishing a connection channel with a corresponding user terminal according to the terminal tag, and sending a target file to the user terminal based on the connection channel; in the process of sending the target file, both the server side and the user terminal acquire transmission parameters and transmission progress in real time;
the method comprises the steps that a user sends a file index to a user terminal, the user terminal generates a file receiving request containing the file index according to the file index, the file receiving request containing the file index is sent to a server, then the server inquires a corresponding file in a preset file library, namely the target file, and the target file is a file required by the user.
Step S400: when the transmission progress reaches a preset first progress threshold, pausing the transmission progress, determining an encryption code according to the transmission parameter, encrypting the target file based on the encryption code, and recovering the transmission progress;
step S500: when the user terminal receives the encrypted target file, determining a decryption code based on the transmission parameters and the transmission progress, and decrypting the encrypted target file based on the decryption code;
step S400 and step S500 are core functions of the technical solution of the present invention, and when the transmission progress reaches a certain degree, for example, 90%, the file is encrypted according to the file transmission parameter, the encryption process is based on the transmission parameter, and the transmission parameter is only available to the server and the user terminal, so that the security is extremely high; the encryption process and the decryption process are inverse processes, and both processes should be designed simultaneously under the same technical scheme.
Fig. 2 is a block diagram of a first sub-flow of an encryption transmission method, where the step of receiving a registration request sent by a user, obtaining user information, and determining a user terminal containing a terminal tag that is in a mapping relationship with the user based on the user information includes steps S101 to S105:
step S101: receiving a registration request sent by a user and acquiring user information;
step S102: inputting the user information into a trained feature extraction model to obtain a user number which is in a mapping relation with the user information;
step S103: determining a terminal tag based on the user number, and generating a user terminal taking the terminal tag as an index;
step S104: setting a pass password of the user terminal according to a custom password design rule;
step S105: when a user needs to log in, a pass password is input through the user terminal, the user terminal expands the pass password according to an expansion matrix prestored in the user terminal, and the expanded pass password is sent to a server; and the server identifies the expanded password.
The method comprises the following steps that S101 to S105 specifically limit the generation process of a user terminal, firstly, a registration request is received, user information is obtained, then, the user information is summarized to obtain a user number, and the user number has uniqueness; and finally, generating a user terminal special for a certain user according to the user number.
It should be noted that, after the user terminal is generated, the user terminal is provided with a password, which is a password used by the user during login, and the password is also generated at the server. The generation process of the pass password is completed by a user-defined password design rule; besides, the authentication relationship between the user terminal and the server side has a password in addition to the terminal label, and the password is obtained by expanding the password.
As a preferred embodiment of the technical solution of the present invention, the user-defined password design rule includes one or more of a user-defined point and point line gesture password, a user-defined maternal logic point and point line gesture password, a user-defined planar array point and point line gesture password, and a user-defined stereoscopic array point and point line gesture password.
The user-defined password design rule is specifically limited by the above contents, and the passwords are conventional password design means and are not described in detail.
Fig. 3 is a second sub-flow diagram of the encryption transmission method, where the steps of the server and the ue acquiring the transmission parameters and the transmission schedule in real time include steps S301 to S305:
step S301: acquiring the size of a target file and the network bandwidth of a connecting channel;
step S302: calculating and predicting transmission duration according to the size of the target file and the network bandwidth;
step S303: determining sampling nodes according to the predicted transmission time and the preset sampling point digits; the sampling node contains a label;
step S304: acquiring transmission parameters in real time based on the sampling nodes, sequencing the transmission parameters according to the labels, and generating a parameter table; the parameter table contains a label item and a transmission parameter item;
step S305: and generating a transmission progress item according to the label item in the parameter table.
The transmission process is changed in real time, the smaller the sampling granularity is, the greater the demand of computing resources is, and therefore, the sampling granularity needs to be specifically designed; specifically, the predicted transmission time length can be determined according to the size of the target file and the average network transmission speed (network bandwidth of a connection channel), and then the predicted transmission time length can be segmented according to the number of point locations of preset sampling point locations to determine sampling nodes; the number of sampling points can be replaced by a sampling frequency.
The determined sampling nodes are sequential, the sequence of the sampling nodes represents the transmission progress, and corresponding transmission parameters are obtained at different sampling nodes to obtain transmission parameter items; the transmission parameter is typically a transmission speed.
Fig. 4 is a third sub-flowchart of the encryption transmission method, and the step of determining the encryption code according to the transmission parameter includes steps S401 to S404:
step S401: reading a parameter table, and sequentially converting the parameter table into an encryption parameter table according to a preset encryption matrix library;
step S402: generating a fitting curve group according to the encryption parameter table;
step S403: converting the fitting curve group into a curve image, and performing feature extraction on the curve image according to a preset extraction index to obtain a feature area; the extraction index is a function of time;
step S404: and inputting the characteristic region into a trained encryption code generation model to obtain an encryption code.
Step S401 to step S404 specifically limit the generation process of the encryption code, firstly, a parameter table containing transmission parameters and transmission progress is read, then the parameter table is encrypted, and the encryption process is to convert data in the parameter table through a preset encryption matrix; finally, generating a fitting curve group according to the converted parameter table; wherein the fitting curve group comprises characteristic information.
Specifically, the fitting curve group is converted into a curve image, some areas can be extracted by means of an image processing technology, and the extraction mode (extraction index) is preset; then, an encryption code can be generated according to the characteristic regions, the process comprises a plurality of steps, the calculation amount of each step is not large, and the security is ensured by the plurality of steps.
As a preferred embodiment of the technical solution of the present invention, the method further comprises:
when the user terminal fails to decrypt, the user terminal generates a splitting instruction;
splitting the target file into subfiles based on the splitting instruction;
randomly sending the subfiles to each memory of the user terminal, and recording the sending positions to obtain a position table;
and when the user terminal receives a recovery instruction sent by the server, recombining the target file according to the position table.
When the user terminal fails to decrypt, what the file should go to and from, if the file is always stored in the user terminal, the user terminal actually has the complete file, and the file can be used without decryption by some brute force cracking methods, so that the technical problem to be solved by the technical scheme is how to deal with.
Firstly, splitting a file into subfiles, randomly sending the subfiles to different positions, then generating a position table, sending the position table to a server side, and not keeping a user terminal; and then, after the user performs identity verification in other ways, the server side sends a recovery instruction containing the position table to the user terminal, and the user terminal recovers the split sub-files into the original file according to the position table.
As a preferred embodiment of the technical solution of the present invention, the method further comprises:
performing file segmentation on the target file to obtain subfiles;
randomly extracting data in the subfiles, and recording position information of the data to obtain a data table;
sending the subfiles with the data tables removed as target files to a user terminal; when the user terminal is successfully decrypted, the data table is sent to the user terminal;
and the user terminal fills the subfiles with the removed data tables according to the received data tables.
As with the problem mentioned in the previous embodiment, if there is a complete file in the user terminal, the key can be cracked no matter how complex it is; in view of the above, the foregoing embodiment provides a technical solution of "leave one hand", and before transmission, data in the target file is extracted, so that the target file cannot normally operate, and after a decryption process is completed, the small part of data is transmitted to a user, which ensures transmission efficiency and further improves security.
Example 2
Fig. 5 is a block diagram of a composition structure of an encryption transmission system, in an embodiment of the present invention, an encryption transmission system, where the system 10 includes:
a terminal generation module 11, configured to receive a registration request sent by a user, acquire user information, and determine, based on the user information, a user terminal that has a mapping relationship with the user and contains a terminal tag; the user terminal is used as password input equipment;
the file query module 12 is configured to obtain a file receiving request containing a file index sent by a user through the user terminal, and query a target file in a preset file library according to the file index; the first step of a file receiving request which is sent by a user through the user terminal and contains a file index is to input a password;
a channel establishing module 13, configured to establish a connection channel with a corresponding user terminal according to the terminal tag, and send a target file to the user terminal based on the connection channel; in the process of sending the target file, both the server side and the user terminal acquire transmission parameters and transmission progress in real time;
the file encryption module 14 is configured to suspend the transmission process when the transmission process reaches a preset first process threshold, determine an encryption code according to the transmission parameter, encrypt the target file based on the encryption code, and resume the transmission process;
and the file decryption module 15 is configured to, when the user terminal receives the encrypted target file, determine an decryption code based on the transmission parameter and the transmission progress, and decrypt the encrypted target file based on the decryption code.
Fig. 6 is a block diagram of a component structure of the channel establishing module 13 in the encryption transmission system, where the channel establishing module 13 includes:
a network parameter obtaining unit 131, configured to obtain a size of the target file and obtain a network bandwidth of the connection channel;
a speed prediction unit 132, configured to calculate a predicted transmission duration according to the size of the target file and the network bandwidth;
a node determining unit 133, configured to determine a sampling node according to the predicted transmission duration and a preset number of sampling points; the sampling node contains a label;
a parameter table generating unit 134, configured to obtain transmission parameters in real time based on the sampling node, sort the transmission parameters according to the labels, and generate a parameter table; the parameter table contains a label item and a transmission parameter item;
a schedule item generating unit 135, configured to generate a transmission schedule item according to the label item in the parameter table.
Fig. 7 is a block diagram of a component structure of the file encryption module 14 in the encryption transmission system, where the file encryption module 14 includes:
a parameter table conversion unit 141, configured to read a parameter table, and sequentially convert the parameter table into an encryption parameter table according to a preset encryption matrix library;
a curve group generating unit 142, configured to generate a fitting curve group according to the encryption parameter table;
the feature extraction unit 143 is configured to convert the fitting curve group into a curve image, and perform feature extraction on the curve image according to a preset extraction index to obtain a feature region; the extraction index is a function of time;
and the processing execution unit 144 is configured to input the feature region into the trained encryption code generation model to obtain an encryption code.
The functions that can be performed by the encrypted transmission method are performed by a computer device that includes one or more processors and one or more memories having at least one program code stored therein, the program code being loaded and executed by the one or more processors to perform the functions of the encrypted transmission method.
The processor fetches instructions and analyzes the instructions one by one from the memory, then completes corresponding operations according to the instruction requirements, generates a series of control commands, enables all parts of the computer to automatically, continuously and coordinately act to form an organic whole, realizes the input of programs, the input of data, the operation and the output of results, and the arithmetic operation or the logic operation generated in the process is completed by the arithmetic unit; the Memory comprises a Read-Only Memory (ROM) for storing a computer program, and a protection device is arranged outside the Memory.
Illustratively, a computer program can be partitioned into one or more modules, which are stored in memory and executed by a processor to implement the present invention. One or more of the modules may be a series of computer program instruction segments capable of performing certain functions, which are used to describe the execution of the computer program in the terminal device.
Those skilled in the art will appreciate that the above description of the service device is merely exemplary and not limiting of the terminal device, and may include more or less components than those described, or combine certain components, or different components, such as may include input output devices, network access devices, buses, etc.
The Processor may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic, discrete hardware components, etc. The general-purpose processor may be a microprocessor or the processor may be any conventional processor or the like, which is the control center of the terminal equipment and connects the various parts of the entire user terminal using various interfaces and lines.
The memory may be used to store computer programs and/or modules, and the processor may implement various functions of the terminal device by operating or executing the computer programs and/or modules stored in the memory and calling data stored in the memory. The memory mainly comprises a storage program area and a storage data area, wherein the storage program area can store an operating system, application programs (such as an information acquisition template display function, a product information publishing function and the like) required by at least one function and the like; the storage data area may store data created according to the use of the berth status display system (such as product information acquisition templates corresponding to different product categories, product information that needs to be issued by different product providers, and the like). In addition, the memory may include high speed random access memory, and may also include non-volatile memory, such as a hard disk, a memory, a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), at least one magnetic disk storage device, a Flash memory device, or other volatile solid state storage device.
The terminal device integrated modules/units, if implemented in the form of software functional units and sold or used as separate products, may be stored in a computer readable storage medium. Based on such understanding, all or part of the modules/units in the system according to the above embodiment may be implemented by a computer program, which may be stored in a computer-readable storage medium and used by a processor to implement the functions of the embodiments of the system. Wherein the computer program comprises computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer readable medium may include: any entity or device capable of carrying computer program code, recording medium, U.S. disk, removable hard disk, magnetic diskette, optical disk, computer Memory, read-Only Memory (ROM), random Access Memory (RAM), electrical carrier wave signal, telecommunications signal, software distribution medium, etc.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising a … …" does not exclude the presence of another identical element in a process, method, article, or apparatus that comprises the element.
The above description is only a preferred embodiment of the present invention, and not intended to limit the scope of the present invention, and all modifications of equivalent structures and equivalent processes, which are made by using the contents of the present specification and the accompanying drawings, or directly or indirectly applied to other related technical fields, are included in the scope of the present invention.
Claims (8)
1. An encrypted transmission method, the method comprising:
receiving a registration request sent by a user, acquiring user information, and determining a user terminal which is in a mapping relation with the user and contains a terminal tag based on the user information; the user terminal is used as password input equipment;
acquiring a file receiving request containing a file index sent by a user through the user terminal, and inquiring a target file in a preset file library according to the file index; the first step of a file receiving request which is sent by a user through the user terminal and contains a file index is to input a password;
establishing a connection channel with a corresponding user terminal according to the terminal tag, and sending a target file to the user terminal based on the connection channel; in the process of sending the target file, both the server side and the user terminal acquire transmission parameters and transmission progress in real time;
when the transmission progress reaches a preset first progress threshold, pausing the transmission progress, determining an encryption code according to the transmission parameter, encrypting the target file based on the encryption code, and recovering the transmission progress;
when the user terminal receives the encrypted target file, determining a decryption code based on the transmission parameters and the transmission progress, and decrypting the encrypted target file based on the decryption code;
the step of determining an encryption code based on the transmission parameters comprises:
reading a parameter table, and sequentially converting the parameter table into an encryption parameter table according to a preset encryption matrix library;
generating a fitting curve group according to the encryption parameter table;
converting the fitting curve group into a curve image, and performing feature extraction on the curve image according to a preset extraction index to obtain a feature area; the extraction index is a function of time;
and inputting the characteristic region into a trained encryption code generation model to obtain an encryption code.
2. The encryption transmission method according to claim 1, wherein the step of receiving a registration request sent by a user, obtaining user information, and determining a user terminal having a terminal tag and having a mapping relation with the user based on the user information comprises:
receiving a registration request sent by a user and acquiring user information;
inputting the user information into a trained feature extraction model to obtain a user number which is in a mapping relation with the user information;
determining a terminal tag based on the user number, and determining a user terminal taking the terminal tag as an index;
setting a pass password of the user terminal according to a custom password design rule;
when a user needs to log in, a pass password is input through the user terminal, the user terminal expands the pass password according to an expansion matrix prestored in the user terminal, and the expanded pass password is sent to a server; and the server identifies the expanded password.
3. The encrypted transmission method according to claim 2, wherein the custom password design rule includes one or more of a custom point and line gesture password, a custom maternal logic point and line gesture password, a custom planar array point and line gesture password, and a custom stereoscopic array point and line gesture password.
4. The encryption transmission method according to claim 1, wherein the step of acquiring the transmission parameters and the transmission progress in real time by both the server and the user terminal comprises:
acquiring the size of a target file and the network bandwidth of a connecting channel;
calculating and predicting transmission duration according to the size of the target file and the network bandwidth;
determining sampling nodes according to the predicted transmission time and the preset sampling point digits; the sampling node contains a label;
acquiring transmission parameters in real time based on the sampling nodes, sequencing the transmission parameters according to the labels, and generating a parameter table; the parameter table contains a label item and a transmission parameter item;
and generating a transmission progress item according to the label item in the parameter table.
5. The encrypted transmission method according to claim 1, further comprising:
when the user terminal fails to decrypt, the user terminal generates a splitting instruction;
splitting the target file into subfiles based on the splitting instruction;
randomly sending the subfiles to each memory of the user terminal, and recording the sending positions to obtain a position table;
and when the user terminal receives a recovery instruction sent by the server, recombining the target file according to the position table.
6. The encrypted transmission method according to claim 5, further comprising:
performing file segmentation on the target file to obtain subfiles;
randomly extracting data in the subfiles, and recording position information of the data to obtain a data table;
sending the subfiles with the data tables removed as target files to a user terminal; when the user terminal is successfully decrypted, the data table is sent to the user terminal;
and the user terminal fills the subfiles with the removed data tables according to the received data tables.
7. An encrypted transmission system, the system comprising:
the terminal generation module is used for receiving a registration request sent by a user, acquiring user information, and determining a user terminal which is in a mapping relation with the user and contains a terminal tag based on the user information; the user terminal is used as password input equipment;
the file query module is used for acquiring a file receiving request containing a file index sent by a user through the user terminal and querying a target file in a preset file library according to the file index; the first step of a file receiving request which is sent by a user through the user terminal and contains a file index is to input a password;
the channel establishing module is used for establishing a connection channel with a corresponding user terminal according to the terminal tag and sending a target file to the user terminal based on the connection channel; in the process of sending the target file, both the server side and the user terminal acquire transmission parameters and transmission progress in real time;
the file encryption module is used for pausing the transmission process when the transmission progress reaches a preset first progress threshold, determining an encryption code according to the transmission parameter, encrypting the target file based on the encryption code and recovering the transmission process;
the file decryption module is used for determining a decryption code based on the transmission parameters and the transmission progress when the user terminal receives the encrypted target file, and decrypting the encrypted target file based on the decryption code;
the file encryption module comprises:
the parameter table conversion unit is used for reading a parameter table and sequentially converting the parameter table into an encryption parameter table according to a preset encryption matrix library;
the curve group generating unit is used for generating a fitting curve group according to the encryption parameter table;
the characteristic extraction unit is used for converting the fitting curve group into a curve image and extracting the characteristics of the curve image according to a preset extraction index to obtain a characteristic area; the extraction index is a function of time;
and the processing execution unit is used for inputting the characteristic region into the trained encryption code generation model to obtain the encryption code.
8. The encrypted transmission system according to claim 7, wherein the channel establishing module includes:
the network parameter acquisition unit is used for acquiring the size of the target file and acquiring the network bandwidth of the connection channel;
the speed prediction unit is used for calculating and predicting transmission time according to the size of the target file and the network bandwidth;
the node determining unit is used for determining sampling nodes according to the predicted transmission time length and the number of preset sampling points; the sampling node contains a label;
the parameter table generating unit is used for acquiring transmission parameters in real time based on the sampling nodes, sequencing the transmission parameters according to the labels and generating a parameter table; the parameter table contains a label item and a transmission parameter item;
and the progress item generating unit is used for generating a transmission progress item according to the label item in the parameter table.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210915520.XA CN115001869B (en) | 2022-08-01 | 2022-08-01 | Encryption transmission method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210915520.XA CN115001869B (en) | 2022-08-01 | 2022-08-01 | Encryption transmission method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115001869A CN115001869A (en) | 2022-09-02 |
| CN115001869B true CN115001869B (en) | 2022-10-28 |
Family
ID=83022472
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210915520.XA Active CN115001869B (en) | 2022-08-01 | 2022-08-01 | Encryption transmission method and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115001869B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115985000A (en) * | 2023-03-17 | 2023-04-18 | 威海海洋职业学院 | Hotel financial data verification method and system based on access control terminal |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6782101B1 (en) * | 2000-04-20 | 2004-08-24 | The United States Of America As Represented By The Secretary Of The Navy | Encryption using fractal key |
| CN101859350A (en) * | 2009-04-10 | 2010-10-13 | 凯迈(洛阳)电子有限公司 | Fingerprint password management method and off-line fingerprint password manager |
| US10361859B2 (en) * | 2017-10-06 | 2019-07-23 | Stealthpath, Inc. | Methods for internet communication security |
| CN112241527B (en) * | 2020-12-15 | 2021-04-27 | 杭州海康威视数字技术股份有限公司 | Secret key generation method and system of terminal equipment of Internet of things and electronic equipment |
-
2022
- 2022-08-01 CN CN202210915520.XA patent/CN115001869B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN115001869A (en) | 2022-09-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112182644B (en) | Data processing method and device and electronic equipment | |
| CN112929172B (en) | System, method and device for dynamically encrypting data based on key bank | |
| US10341091B2 (en) | Secure memory storage | |
| US7822209B2 (en) | Methods and systems for key recovery for a token | |
| CN107801165B (en) | Business short message pushing method and device, computer equipment and storage medium | |
| CN110768784B (en) | Password transmission method, device, computer equipment and storage medium | |
| US20200213331A1 (en) | Data service system | |
| EP4020265A1 (en) | Method and device for storing encrypted data | |
| CN109347839A (en) | Centralized password management method and centralized password management, device, electronic equipment and computer storage medium | |
| CN112953974B (en) | Data collision method, device, equipment and computer readable storage medium | |
| WO2017006118A1 (en) | Secure distributed encryption system and method | |
| CN115422570B (en) | Data processing method and system for distributed storage | |
| CN115001869B (en) | Encryption transmission method and system | |
| CN111628863B (en) | Data signature method and device, electronic equipment and storage medium | |
| CN111291420B (en) | Distributed off-link data storage method based on block chain | |
| CN112231309A (en) | Method, device, terminal equipment and medium for removing duplicate of longitudinal federal data statistics | |
| CN114398623A (en) | Method for determining security policy | |
| CN111294359B (en) | Pressure testing method, pressure testing device, computer equipment and storage medium | |
| CN107133517B (en) | Data recovery method based on data encryption and calculation in memory | |
| EP2286610B1 (en) | Techniques for peforming symmetric cryptography | |
| CN115935388B (en) | Software package safe sending method, device, equipment and storage medium | |
| CN113542187A (en) | File uploading and downloading method and device, computer device and medium | |
| US20220345292A1 (en) | Method and device for encryption of video stream, communication equipment, and storage medium | |
| CN115499178A (en) | Privacy evidence storage system and method based on block chain technology | |
| CN115442046A (en) | Signature method, signature device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |