CN115766202A - System, method, storage medium and electronic equipment for data secure transmission - Google Patents
System, method, storage medium and electronic equipment for data secure transmission Download PDFInfo
- Publication number
- CN115766202A CN115766202A CN202211415682.3A CN202211415682A CN115766202A CN 115766202 A CN115766202 A CN 115766202A CN 202211415682 A CN202211415682 A CN 202211415682A CN 115766202 A CN115766202 A CN 115766202A
- Authority
- CN
- China
- Prior art keywords
- data
- random number
- algorithm
- sent
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000005540 biological transmission Effects 0.000 title claims abstract description 32
- 238000000034 method Methods 0.000 title claims abstract description 27
- 238000012795 verification Methods 0.000 claims description 22
- 238000004590 computer program Methods 0.000 claims description 7
- 238000010586 diagram Methods 0.000 description 10
- 230000008569 process Effects 0.000 description 7
- 230000001360 synchronised effect Effects 0.000 description 4
- 230000003993 interaction Effects 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 125000004122 cyclic group Chemical group 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The specification discloses a system, a method, a storage medium and an electronic device for data secure transmission, wherein a data sending end can determine data to be sent and generate a random number, then an encryption algorithm and an encryption key are selected from a preset encryption algorithm set and an encryption key set according to the random number, the data to be sent is encrypted according to the selected encryption algorithm and the selected encryption key to obtain encrypted data, the encrypted data and the random number are sent to a data receiving end, the data receiving end receives the encrypted data and the random number and determines a target decryption algorithm and a target decryption key according to the random number, and the encrypted data is decrypted according to the target decryption algorithm and the target decryption key to obtain the data.
Description
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to a system, a method, a storage medium, and an electronic device for secure data transmission.
Background
Currently, there is a need for data transmission in many industries, industrial control systems have wide application in the fields of electricity, process production, hydraulics, oil and gas, transportation, etc., and data transmission is common in industrial control systems.
In an industrial control system, data transmission has a requirement on data security, and how to ensure that data is not leaked and tampered is an urgent problem to be solved.
Disclosure of Invention
The present specification provides a system, method, apparatus, storage medium and electronic device for secure data transmission, so as to partially solve the above problems in the prior art.
The technical scheme adopted by the specification is as follows:
this specification provides a system for data secure transmission, including a data sending end and a data receiving end, including:
the data sending terminal is used for determining data to be sent and generating a random number; selecting an encryption algorithm and an encryption key from a preset encryption algorithm set and an encryption key set according to the random number; encrypting the data to be sent according to the selected encryption algorithm and the selected encryption key to obtain encrypted data, and sending the encrypted data and the random number to the data receiving end;
the data receiving end is configured to receive the encrypted data and the random number, determine a target decryption algorithm and a target decryption key according to the random number, and decrypt the encrypted data according to the target decryption algorithm and the target decryption key to obtain data to be sent.
Optionally, the random number includes a first random number and a second random number, where the first random number is used to determine the encryption algorithm, and the second random number is used to determine the encryption key.
Optionally, the data sending end is configured to select a verification algorithm and a verification factor from a preset verification algorithm set and a preset verification factor set according to the random number; generating a check code corresponding to the data to be sent according to the selected check algorithm and the check factor, encrypting the data to be sent and the check code according to the selected encryption algorithm to obtain encrypted data, and sending the encrypted data and the random number to the data receiving end;
the data receiving end is used for decrypting the encrypted data according to the target decryption algorithm and the target decryption key to obtain data to be sent and a check code, determining a target check algorithm and a target check factor according to the random number, and checking the check code according to the target check algorithm and the target check factor.
Optionally, the random number includes a third random number and a fourth random number, where the third random number is used to select the verification algorithm, and the fourth random number is used to select the verification factor.
Optionally, the data sending end is configured to determine a unique identifier corresponding to the data to be sent, and encrypt the data to be sent and the unique identifier according to the selected encryption algorithm and the selected encryption key to obtain encrypted data;
the data receiving end is used for decrypting the encrypted data according to the target decryption algorithm and the target decryption key to obtain data to be sent and the unique identifier, judging whether the data to be sent is repeated data or not according to the unique identifier, and if yes, discarding the data to be sent.
Optionally, in the system, the encryption key set and/or the check factor set are updated every set service period, and the updated encryption key set and/or the updated check factor set are synchronized to the data transmitting end and the data receiving end.
The present specification provides a method for secure data transmission, comprising:
determining data to be transmitted and generating a random number;
selecting an encryption algorithm and an encryption key from a preset encryption algorithm set and an encryption key set according to the random number;
encrypting the data to be sent according to the selected encryption algorithm and the selected encryption key to obtain encrypted data, sending the encrypted data and the random number to a data receiving end so that the data receiving end receives the encrypted data and the random number, determining a target decryption algorithm and a target decryption key according to the random number, and decrypting the encrypted data according to the target decryption algorithm and the target decryption key to obtain the data to be sent.
The present specification provides a method for secure data transmission, comprising:
receiving encrypted data and a random number sent by a data sending end, wherein the random number is generated by the data sending end, and the encrypted data is obtained by encrypting an encryption algorithm and an encryption key selected by the data sending end from a preset encryption algorithm set and an encryption key set according to the random number;
determining a target decryption algorithm and a target decryption key according to the random number;
and decrypting the encrypted data according to the target decryption algorithm and the target decryption secret key to obtain the data to be sent.
This specification provides an apparatus for secure transmission of data, comprising:
the generating module is used for determining data to be sent and generating random numbers;
the selecting module is used for selecting an encryption algorithm and an encryption key from a preset encryption algorithm set and an encryption key set according to the random number;
the sending module is configured to encrypt the data to be sent according to the selected encryption algorithm and the selected encryption key to obtain encrypted data, send the encrypted data and the random number to a data receiving end, so that the data receiving end receives the encrypted data and the random number, determine a target decryption algorithm and a target decryption key according to the random number, and decrypt the encrypted data according to the target decryption algorithm and the target decryption key to obtain the data to be sent.
This specification provides an apparatus for secure transmission of data, comprising:
the receiving module is used for receiving encrypted data and a random number sent by a data sending end, wherein the random number is generated by the data sending end, and the encrypted data is obtained by encrypting an encryption algorithm and an encryption key which are selected by the data sending end from a preset encryption algorithm set and an encryption key set according to the random number;
the determining module is used for determining a target decryption algorithm and a target decryption key according to the random number;
and the decryption module is used for decrypting the encrypted data according to the target decryption algorithm and the target decryption secret key to obtain data to be sent.
The present specification provides a computer-readable storage medium, which stores a computer program that, when executed by a processor, implements the above-described method of secure transmission of data.
The present specification provides an electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the above method for secure data transmission when executing the program.
The technical scheme adopted by the specification can achieve the following beneficial effects:
it can be seen from the above system and method for data secure transmission that the data sending end can determine data to be sent and generate a random number, then according to the random number, select an encryption algorithm and an encryption key from a preset encryption algorithm set and an encryption key set, encrypt the data to be sent according to the selected encryption algorithm and encryption key to obtain encrypted data, send the encrypted data and random number to the data receiving end, the data receiving end receives the encrypted data and random number, and according to the random number, determine a target decryption algorithm and a target decryption key, and decrypt the encrypted data according to the target decryption algorithm and the target decryption key to obtain the data to be sent.
As can be seen from the above, in the system for data secure transmission provided in this specification, the data sending end may select the encryption algorithm and the encryption key through the generated random number, so as to encrypt the data to be sent, and the data receiving end may also decrypt the received data according to the received random number, so that the generated random number may be different when different data is sent each time, and therefore, the used encryption algorithm and the used encryption key may also be different, so as to be difficult to be decrypted by the outside.
Drawings
The accompanying drawings, which are included to provide a further understanding of the specification and are incorporated in and constitute a part of this specification, illustrate embodiments of the specification and together with the description serve to explain the specification and not to limit the specification in a non-limiting sense. In the drawings:
fig. 1 is a schematic interaction flow diagram of a system for secure data transmission in the present specification;
fig. 2 is a schematic flow diagram illustrating a process of sending data to be sent from a data sending end to a data receiving end provided in this specification;
fig. 3 is a schematic flow diagram of a data receiving end after receiving data sent by a data sending end provided in this specification;
FIG. 4 is a schematic diagram of an apparatus for secure data transmission provided herein;
FIG. 5 is a schematic diagram of an apparatus for secure data transmission provided herein;
fig. 6 is a schematic diagram of an electronic device corresponding to fig. 1 provided in the present specification.
Detailed Description
In order to make the objects, technical solutions and advantages of the present disclosure more clear, the technical solutions of the present disclosure will be clearly and completely described below with reference to the specific embodiments of the present disclosure and the accompanying drawings. It is to be understood that the embodiments described are only a few embodiments of the present disclosure, and not all embodiments. All other embodiments obtained by a person of ordinary skill in the art based on the embodiments in the present specification without any creative effort belong to the protection scope of the present specification.
The technical solutions provided by the embodiments of the present description are described in detail below with reference to the accompanying drawings.
Fig. 1 is a schematic view of an interaction flow of a system for secure data transmission in this specification, which specifically includes the following steps:
s101: the data sending end determines data to be sent and generates a random number.
S102: and the data sending end selects the encryption algorithm and the encryption key from a preset encryption algorithm set and an encryption key set according to the random number.
S103: and the data sending end encrypts the data to be sent according to the selected encryption algorithm to obtain encrypted data, and sends the encrypted data and the random number to the data receiving end.
In practical application, data transmission of an industrial control system needs to be guaranteed to be safe, and therefore, in the specification, a data sending end can determine data to be sent and generate a random number, and then an encryption algorithm and an encryption key can be selected from a preset encryption algorithm set and an encryption key set according to the random number.
The random number may include a first random number ξ 1 and a second random number ξ 2, the first random number may be used to select an encryption algorithm from a preset set of encryption algorithms, and the second random number may be used to select an encryption key from the set of encryption keys.
That is to say, each time the data sending end sends different data to the data receiving end, the used encryption algorithm and the encryption key used for encryption may be different, and how to select the encryption algorithm and the encryption key may be determined by the random number generated by the data sending end when the data sending end is ready to send data to be sent.
For example, 4 encryption algorithms may be preset in the preset encryption algorithm set, 10 encryption keys may be preset in the encryption key set, and assuming that the first random number generated for the data a to be sent is 3 and the second random number is 7, the selected encryption algorithm may be the 3 rd encryption algorithm in the encryption algorithm set, and the selected encryption key may be the 7 th encryption key in the encryption key set.
Of course, the above-described manner is merely an example, that is, a first random number may be generated within a range of the number of encryption algorithms included in the encryption algorithm set, and a second random number may be generated within a range of the number of encryption keys included in the encryption key set, so that an encryption algorithm corresponding to the first random number is selected according to the first random number, and an encryption key corresponding to the second random number is selected according to the second random number. Of course, the encryption algorithm and the encryption key may be selected in other manners as long as the random number is used for selection.
And finally, encrypting the data to be transmitted according to the selected encryption algorithm and the selected encryption key to obtain encrypted data, and transmitting the encrypted data and the random number to a data receiving end.
It should be noted that, in order to avoid data transmission errors such as partial loss of data in the process of data secure transmission of data to be transmitted, a check code may be added to the data to be transmitted, similar to the way of encrypting the data to be transmitted, a check algorithm and a check factor may be selected from a preset check algorithm set and a preset check factor set according to a random number, a check code corresponding to the data to be transmitted is generated according to the selected check algorithm and check factor, the data to be transmitted and the check code are encrypted according to the selected encryption algorithm to obtain encrypted data, and the encrypted data and the random number are transmitted to a data receiving end.
The above-mentioned check factor is data for generating a check code for data to be transmitted by a check algorithm, such as an initial value in a cyclic redundancy check.
The random numbers mentioned above may include a third random number ξ 3 through which the check algorithm may be selected from the set of check algorithms, and a fourth random number ξ 4 through which the check factor may be selected from the set of check factors.
Further, in order to prevent the occurrence of a malicious traffic replay, that is, in order to prevent the occurrence of a malicious situation in which a data packet is obtained maliciously and then is sent to a data sending end by performing malicious replay, when data to be sent is ready to be sent, a unique identifier of the data to be sent may be determined, and the data to be sent and the unique identifier (and the check code) may be encrypted according to the selected encryption algorithm and the selected encryption key, so as to obtain encrypted data.
After the data receiving end receives the encrypted data, the encrypted data is decrypted according to the target decryption algorithm and the target decryption key, the unique identifier can be determined, if the unique identifier is repeated with the unique identifier corresponding to the previously received data, the data to be sent is probably the data which is maliciously replayed, and the data to be sent can be discarded.
S104: and the data receiving end receives the encrypted data and the random number and determines a target decryption algorithm and a target decryption key according to the random number.
S105: and the data receiving end decrypts the encrypted data according to the target decryption algorithm and the target decryption secret key to obtain the data to be sent.
After the data receiving end receives the encrypted data and the random number, a target decryption algorithm and a target decryption key can be determined according to the random number, and the encrypted data is decrypted according to the target decryption algorithm and the target decryption key to obtain the data to be sent.
The encryption and decryption algorithm may be a symmetric encryption algorithm, so that the same encryption algorithm set and encryption key set may be stored at the data sending end and the data receiving end, the encryption algorithm and the encryption key in the encryption algorithm set at the data sending end are used for encryption, and the encryption algorithm and the encryption key in the encryption algorithm set at the data receiving end are used for decryption.
A simpler encryption algorithm can be used, so that the performance requirements of corresponding equipment of the data receiving end and the data sending end can be reduced, and the efficiency of encrypting and decrypting the data receiving end and the data sending end is improved.
Similarly, for the above-mentioned verification algorithm, when the encrypted data is received as the random number, the encrypted data may be decrypted according to the target decryption algorithm and the target decryption key to obtain the data to be transmitted and the verification code, the target verification algorithm and the target verification factor are determined according to the random number, and the verification code is verified according to the target verification algorithm and the target verification factor.
That is, the same check algorithm set and the same check factor set may be stored in the data sending end and the data receiving end, and then the data receiving end may determine which check algorithm in the check algorithm set and which check factor in the check factor set are used by the data sending end according to the received random number, and generate a check code, so that the data receiving end may determine a target check algorithm from the check algorithm set and a target check factor from the check factor set according to the random number, and then regenerate the check code according to the target check algorithm, the target check factor and the data to be sent obtained by decryption, compare the generated check code with the received check code, and if the random numbers are the same, pass verification for the check code.
It should be further noted that, in order to further ensure data security, the encryption key set and/or the check factor set may be updated every set service period, and the updated encryption key set and/or the updated check factor set are synchronized to the data sending end and the data receiving end. That is, the encryption key set and/or the check factor set may be updated at regular intervals, and synchronization may be performed at the data transmitting end and the data receiving end. The updating mentioned here may be to directly replace the encryption key set and/or the check factor set, or may be to update the correspondence between the encryption key in the encryption key set and/or the check factor in the check factor set and the random number. The service period mentioned here can be set according to the requirements.
Similarly, the encryption algorithm set and/or the check algorithm set may be directly replaced, or the correspondence between the random number and the encryption key in the encryption algorithm set and/or the check factor in the check factor set may be updated. And the updating at intervals can ensure that the encryption logic and the verification logic for the data to be sent are not cracked.
The updating of the encryption key set and/or the check factor set and the encryption algorithm set and/or the check algorithm set mentioned herein may be performed by any device other than the data transmitting end and the data receiving end, or may be performed by any device among the data transmitting end and the data receiving end.
The specific form of the data sending end and the data receiving end is not limited, and the data sending end and the data receiving end may be devices in an industrial control system, such as a server, a desktop computer, a notebook computer, and the like.
It should be noted that the data format transmitted from the data transmitting end to the data receiving end may be specifically as shown in fig. 2 and fig. 3.
Fig. 2 is a schematic flow diagram of a process for transmitting data to be transmitted from a data transmitting end to a data receiving end, provided in this specification.
Fig. 3 is a schematic flowchart of a data receiving end after receiving data sent by a data sending end provided in this specification.
As can be seen from fig. 2 and 3, the logics of the data sending end and the data receiving end for processing the data to be sent are just opposite, the data sending end may add a unique identifier after the data to be sent, and then add a check code for the data to be sent (the check code may be generated only according to the data to be sent, or may be generated according to the data to be sent and the unique identifier corresponding to the data to be sent).
After the data receiving end receives the data, the encrypted data is decrypted through the random number, then the check code is verified, after the verification is passed, the data to be sent is verified to be not maliciously replayed through the unique identifier, after the unique identifier is verified to be passed, the data to be sent can be used as effective data, and tasks are executed according to the effective data.
It can be seen from the above system that, in the system for data secure transmission provided in this specification, the data sending end can select the encryption algorithm and the encryption key through the generated random number, so as to encrypt the data to be sent, and the data receiving end can decrypt the received data according to the received random number, so that the generated random number can be different when different data is sent each time, and therefore, the used encryption algorithm and the used encryption key can also be different, so that the random number is not easy to be decrypted by the outside.
Based on the same idea, the system and method for data secure transmission provided above for one or more embodiments of the present specification also provide a corresponding device for data secure transmission, as shown in fig. 4 and 5.
Fig. 4 is a schematic diagram of an apparatus for securely transmitting data provided in this specification, which specifically includes:
a generating module 401, configured to determine data to be sent, and generate a random number;
a selecting module 402, configured to select an encryption algorithm and an encryption key from a preset encryption algorithm set and an encryption key set according to the random number;
a sending module 403, configured to encrypt the data to be sent according to the selected encryption algorithm and the selected encryption key to obtain encrypted data, send the encrypted data and the random number to a data receiving end, so that the data receiving end receives the encrypted data and the random number, determine a target decryption algorithm and a target decryption key according to the random number, and decrypt the encrypted data according to the target decryption algorithm and the target decryption key to obtain the data to be sent.
Optionally, the random number includes a first random number and a second random number, where the first random number is used to determine the encryption algorithm, and the second random number is used to determine the encryption key.
Optionally, the selecting module 402 is specifically configured to select a checking algorithm and a checking factor from a preset checking algorithm set and a checking factor set according to the random number;
the sending module 403 is further configured to generate a check code corresponding to the data to be sent according to the selected check algorithm and the check factor, encrypt the data to be sent and the check code according to the selected encryption algorithm to obtain encrypted data, send the encrypted data and the random number to the data receiving end, so that the data receiving end decrypts the encrypted data according to the target decryption algorithm and the target decryption key to obtain the data to be sent and the check code, determine a target check algorithm and a target check factor according to the random number, and check the check code according to the target check algorithm and the target check factor.
Optionally, the random number includes a third random number and a fourth random number, where the third random number is used to select the verification algorithm, and the fourth random number is used to select the verification factor.
Optionally, the sending module 403 is specifically configured to determine a unique identifier corresponding to the data to be sent, encrypt the data to be sent and the unique identifier according to a selected encryption algorithm and a selected encryption key to obtain encrypted data, so that the data receiving end decrypts the encrypted data according to the target decryption algorithm and the target decryption key to obtain the data to be sent and the unique identifier, determine whether the data to be sent is duplicate data according to the unique identifier, and if yes, discard the data to be sent.
Optionally, the encryption key set and/or the check factor set are updated every other set service period, and the updated encryption key set and/or the updated check factor set are synchronized to the data sending end and the data receiving end.
Fig. 5 is a schematic diagram of an apparatus for secure data transmission provided in this specification, specifically including:
a receiving module 501, configured to receive encrypted data and a random number that are sent by a data sending end, where the random number is generated by the data sending end, and the encrypted data is obtained by encrypting, by the data sending end, an encryption algorithm and an encryption key that are selected from a preset encryption algorithm set and an encryption key set according to the random number;
a determining module 502, configured to determine a target decryption algorithm and a target decryption key according to the random number;
the decryption module 503 is configured to decrypt the encrypted data according to the target decryption algorithm and the target decryption key, so as to obtain data to be sent.
Optionally, the random number includes a first random number and a second random number, where the first random number is used to determine the encryption algorithm, and the second random number is used to determine the encryption key.
Optionally, the decryption module 503 is specifically configured to decrypt the encrypted data according to a target decryption algorithm and a target decryption key to obtain data to be sent and a check code, determine a target check algorithm and a target check factor according to the random number, and check the check code according to the target check algorithm and the target check factor, where the check code is generated by the data sending end according to the random number, from a preset check algorithm set and a preset check factor set, and according to the selected check algorithm and the selected check factor.
Optionally, the random number includes a third random number and a fourth random number, where the third random number is used to select the verification algorithm, and the fourth random number is used to select the verification factor.
Optionally, the decryption module 503 is specifically configured to decrypt the encrypted data according to the target decryption algorithm and the target decryption key to obtain data to be sent and the unique identifier, determine whether the data to be sent is duplicate data according to the unique identifier, discard the data to be sent if the data to be sent is duplicate data, where the unique identifier is generated by the data sending end for the data to be sent, and the encrypted data is obtained by the data sending end encrypting the data to be sent and the unique identifier according to the selected encryption algorithm and the selected encryption key.
Optionally, the encryption key set and/or the check factor set are updated every other set service period, and the updated encryption key set and/or the updated check factor set are synchronized to the data transmitting end and the data receiving end.
The present specification also provides a computer-readable storage medium having stored thereon a computer program operable to execute the above-described method for secure transmission of data.
This specification also provides a schematic block diagram of the electronic device shown in fig. 6. As shown in fig. 6, at the hardware level, the electronic device includes a processor, an internal bus, a network interface, a memory, and a non-volatile memory, but may also include hardware required for other services. The processor reads the corresponding computer program from the nonvolatile memory to the memory and then runs the computer program to realize the method for safely transmitting the data. Of course, besides the software implementation, this specification does not exclude other implementations, such as logic devices or combination of software and hardware, and so on, that is, the execution subject of the following processing flow is not limited to each logic unit, and may be hardware or logic devices.
In this specification, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising one of 8230; \8230;" 8230; "does not exclude the presence of additional like elements in a process, method, article, or apparatus that comprises that element.
The above description is only an example of the present specification, and is not intended to limit the present specification. Various modifications and alterations to this description will become apparent to those skilled in the art. Any modification, equivalent replacement, improvement or the like made within the spirit and principle of the present specification should be included in the scope of the claims of the present specification.
Claims (10)
1. A system for data secure transmission, the system includes data sending end and data receiving end, characterized by that, including:
the data sending terminal is used for determining data to be sent and generating a random number; selecting an encryption algorithm and an encryption key from a preset encryption algorithm set and an encryption key set according to the random number; encrypting the data to be sent according to the selected encryption algorithm and the selected encryption key to obtain encrypted data, and sending the encrypted data and the random number to the data receiving end;
the data receiving end is configured to receive the encrypted data and the random number, determine a target decryption algorithm and a target decryption key according to the random number, and decrypt the encrypted data according to the target decryption algorithm and the target decryption key to obtain data to be sent.
2. The system of claim 1, wherein the random number comprises a first random number and a second random number, the first random number being used to determine the encryption algorithm, and the second random number being used to determine the encryption key.
3. The system according to claim 1, wherein the data sending end is configured to select a checking algorithm and a checking factor from a preset checking algorithm set and a checking factor set according to the random number; generating a check code corresponding to the data to be sent according to the selected check algorithm and the check factor, encrypting the data to be sent and the check code according to the selected encryption algorithm to obtain encrypted data, and sending the encrypted data and the random number to the data receiving end;
the data receiving end is used for decrypting the encrypted data according to the target decryption algorithm and the target decryption secret key to obtain data to be sent and a check code, determining a target check algorithm and a target check factor according to the random number, and checking the check code according to the target check algorithm and the target check factor.
4. The system of claim 3, wherein the random numbers include a third random number for selecting the verification algorithm and a fourth random number for selecting the verification factor.
5. The system according to claim 1, wherein the data sending end is configured to determine a unique identifier corresponding to the data to be sent, and encrypt the data to be sent and the unique identifier according to the selected encryption algorithm and the selected encryption key to obtain encrypted data;
the data receiving end is used for decrypting the encrypted data according to the target decryption algorithm and the target decryption key to obtain data to be sent and the unique identifier, judging whether the data to be sent is repeated data or not according to the unique identifier, and if yes, discarding the data to be sent.
6. A system according to claim 3, wherein the encryption key set and/or the set of check factors are updated in the system every set traffic period.
7. A method for secure transmission of data, comprising:
determining data to be transmitted and generating a random number;
selecting an encryption algorithm and an encryption key from a preset encryption algorithm set and an encryption key set according to the random number;
encrypting the data to be sent according to the selected encryption algorithm and the selected encryption key to obtain encrypted data, sending the encrypted data and the random number to a data receiving end so that the data receiving end receives the encrypted data and the random number, determining a target decryption algorithm and a target decryption key according to the random number, and decrypting the encrypted data according to the target decryption algorithm and the target decryption key to obtain the data to be sent.
8. A method for secure transmission of data, comprising:
receiving encrypted data and a random number sent by a data sending end, wherein the random number is generated by the data sending end, and the encrypted data is obtained by encrypting an encryption algorithm and an encryption key selected by the data sending end from a preset encryption algorithm set and an encryption key set according to the random number;
determining a target decryption algorithm and a target decryption key according to the random number;
and decrypting the encrypted data according to the target decryption algorithm and the target decryption secret key to obtain the data to be sent.
9. A computer-readable storage medium, characterized in that the storage medium stores a computer program which, when being executed by a processor, carries out the method of claim 7 or 8.
10. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of claim 7 or 8 when executing the program.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211415682.3A CN115766202A (en) | 2022-11-11 | 2022-11-11 | System, method, storage medium and electronic equipment for data secure transmission |
| PCT/CN2022/132940 WO2024098452A1 (en) | 2022-11-11 | 2022-11-18 | Secure data transmission system and method, and storage medium and electronic device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211415682.3A CN115766202A (en) | 2022-11-11 | 2022-11-11 | System, method, storage medium and electronic equipment for data secure transmission |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115766202A true CN115766202A (en) | 2023-03-07 |
Family
ID=85369999
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211415682.3A Pending CN115766202A (en) | 2022-11-11 | 2022-11-11 | System, method, storage medium and electronic equipment for data secure transmission |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN115766202A (en) |
| WO (1) | WO2024098452A1 (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102421096A (en) * | 2011-12-22 | 2012-04-18 | 厦门雅迅网络股份有限公司 | Method for safely transmitting data based on wireless network |
| US20130145160A1 (en) * | 2011-12-05 | 2013-06-06 | Certicom Corp. | System and method for mounting encrypted data based on availability of a key on a network |
| CN105763331A (en) * | 2014-12-19 | 2016-07-13 | 北大方正集团有限公司 | Data encryption method, device, data decryption method and device |
| CN110768787A (en) * | 2018-07-27 | 2020-02-07 | 中国移动通信集团吉林有限公司 | Data encryption and decryption method and device |
| CN113596054A (en) * | 2021-07-14 | 2021-11-02 | 中国电子科技集团公司第二十八研究所 | Information intersystem transmission soft frequency hopping encryption method |
| CN114884716A (en) * | 2022-04-28 | 2022-08-09 | 世融能量科技有限公司 | Encryption and decryption method, device and medium |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101765100B (en) * | 2009-08-14 | 2012-08-22 | 北京握奇数据系统有限公司 | Method, system and device for realizing mobile office |
| CN104410616B (en) * | 2014-11-20 | 2018-01-05 | 广州日滨科技发展有限公司 | data encryption, decryption, transmission method and system |
| CN109840431A (en) * | 2017-11-28 | 2019-06-04 | 中天安泰(北京)信息技术有限公司 | Secure network chip and Safety net card and network-termination device |
| CN112153046B (en) * | 2020-09-24 | 2023-04-07 | 施耐德电气(中国)有限公司 | Data encryption and data decryption method, related equipment and storage medium |
-
2022
- 2022-11-11 CN CN202211415682.3A patent/CN115766202A/en active Pending
- 2022-11-18 WO PCT/CN2022/132940 patent/WO2024098452A1/en unknown
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130145160A1 (en) * | 2011-12-05 | 2013-06-06 | Certicom Corp. | System and method for mounting encrypted data based on availability of a key on a network |
| CN102421096A (en) * | 2011-12-22 | 2012-04-18 | 厦门雅迅网络股份有限公司 | Method for safely transmitting data based on wireless network |
| CN105763331A (en) * | 2014-12-19 | 2016-07-13 | 北大方正集团有限公司 | Data encryption method, device, data decryption method and device |
| CN110768787A (en) * | 2018-07-27 | 2020-02-07 | 中国移动通信集团吉林有限公司 | Data encryption and decryption method and device |
| CN113596054A (en) * | 2021-07-14 | 2021-11-02 | 中国电子科技集团公司第二十八研究所 | Information intersystem transmission soft frequency hopping encryption method |
| CN114884716A (en) * | 2022-04-28 | 2022-08-09 | 世融能量科技有限公司 | Encryption and decryption method, device and medium |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2024098452A1 (en) | 2024-05-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7127067B1 (en) | Secure patch system | |
| CN110050437B (en) | Apparatus and method for distributed certificate registration | |
| EP1109351B1 (en) | Cryptographic key management | |
| US20080025514A1 (en) | Systems And Methods For Root Certificate Update | |
| CN103414682A (en) | Method for cloud storage of data and system | |
| CN111294203B (en) | Information transmission method | |
| CN112115461B (en) | Equipment authentication method and device, computer equipment and storage medium | |
| CN112637836A (en) | Data processing method and device, electronic equipment and storage medium | |
| JP2022521525A (en) | Cryptographic method for validating data | |
| CN102821098A (en) | System and method for self-dissolving instant messaging under cloud environment | |
| CN115065472B (en) | Security chip encryption and decryption method and device based on multi-key encryption and decryption | |
| CN110688666A (en) | Data encryption and storage method in distributed storage | |
| CN111147247B (en) | Key updating method, device, computer equipment and storage medium | |
| CN115964728A (en) | File encryption method and device based on consensus algorithm | |
| CN114520726A (en) | Processing method and device based on block chain data, processor and electronic equipment | |
| KR102282788B1 (en) | Blockchain system for supporting change of plain text data included in transaction | |
| CN109617696B (en) | Data encryption and data decryption method and device | |
| KR101690093B1 (en) | Controlled security domains | |
| US11570008B2 (en) | Pseudonym credential configuration method and apparatus | |
| CN115766202A (en) | System, method, storage medium and electronic equipment for data secure transmission | |
| CN112910627B (en) | Key updating method, data decryption method and digital signature verification method | |
| CN114553557A (en) | Key calling method, key calling device, computer equipment and storage medium | |
| CN114091072A (en) | Data processing method and device | |
| Bojanova et al. | Cryptography classes in bugs framework (BF): Encryption bugs (ENC), verification bugs (VRF), and key management bugs (KMN) | |
| CN117997518B (en) | Message transmission method, device, storage medium and computer equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20230307 |
|
| RJ01 | Rejection of invention patent application after publication |