CN115766902A - Method, device, equipment and medium for transmitting non-sensitive data through QUIC - Google Patents
Method, device, equipment and medium for transmitting non-sensitive data through QUIC Download PDFInfo
- Publication number
- CN115766902A CN115766902A CN202211418172.1A CN202211418172A CN115766902A CN 115766902 A CN115766902 A CN 115766902A CN 202211418172 A CN202211418172 A CN 202211418172A CN 115766902 A CN115766902 A CN 115766902A
- Authority
- CN
- China
- Prior art keywords
- quic
- sensitive data
- preset
- connection request
- server
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 64
- 230000005540 biological transmission Effects 0.000 claims abstract description 154
- 238000004590 computer program Methods 0.000 claims description 16
- 238000004422 calculation algorithm Methods 0.000 claims description 12
- 238000012545 processing Methods 0.000 claims description 12
- 238000001514 detection method Methods 0.000 claims description 3
- 238000004891 communication Methods 0.000 abstract description 16
- 230000008569 process Effects 0.000 description 7
- 238000005070 sampling Methods 0.000 description 6
- 238000010586 diagram Methods 0.000 description 4
- 238000013508 migration Methods 0.000 description 4
- 230000005012 migration Effects 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 230000002159 abnormal effect Effects 0.000 description 2
- 238000013473 artificial intelligence Methods 0.000 description 2
- 238000004364 calculation method Methods 0.000 description 2
- 238000005259 measurement Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 230000000295 complement effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000006870 function Effects 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
- 238000009877 rendering Methods 0.000 description 1
- 230000001052 transient effect Effects 0.000 description 1
Images
Landscapes
- Computer And Data Communications (AREA)
Abstract
The application discloses a method, a device, equipment and a medium for sending non-sensitive data through QUIC, which relate to the technical field of communication and are applied to a server, and the method comprises the following steps: acquiring a connection request sent by a client, and detecting whether the connection request contains a target transmission parameter; if the target transmission parameters exist in the connection request and the target transmission parameters also exist in the server, selecting a preset QUIC protocol; and transmitting non-sensitive data to the client based on a non-encrypted data transmission mode in a preset QUIC protocol. The method and the device have the advantages that the two sides connected with the connection request are detected, whether preset QUIC protocol transmission is started or not is determined in a mode of detecting whether both sides contain target transmission parameters or not, and non-sensitive data is transmitted in a non-encryption mode through the preset QUIC protocol, so that the transmission efficiency is improved, resources are saved, the safety is guaranteed, and meanwhile, original message transmission is not influenced.
Description
Technical Field
The invention relates to the technical field of communication, in particular to a method, a device, equipment and a medium for transmitting non-sensitive data through a QUIC.
Background
QUIC (Quick UDP Internet Connection, internet transport layer protocol) is a transmission standard of a secure channel, and is favored by http service providers due to the advantages of user mode protocol implementation, 0-RTT reconnection and the like. In the current draft, all messages and data of the QUIC must be encrypted, but in the context of non-sensitive data transmission, data typically does not require transport layer encryption, such as: some video data are encrypted and decrypted by a service provider and an application according to a copyright protection strategy, if the QUIC is encrypted and decrypted again, a large amount of CPU is wasted, although the service end can unload the video data to hardware, the video data are still wasted, hardware needs to be developed or special encryption service is bought in the cloud, and the video data can not be unloaded if the client end is a mobile phone or a computer, and only the CPU and the electric quantity are wasted. For the live video, which pursues real-time property but does not intend copyright protection and transmission protection, encryption is not cost-effective in any way, except that resources are wasted, and the real-time property is also reduced.
In the prior art, in an IETF personal draft, draft-banks-quic-disable-encryption proposes a scene and a method without encryption, a transmission parameter disable _1rtt \\ _ encryption is added for a client and a server to negotiate whether the client and the server can be unencrypted, and if both sides agree to be unencrypted, unencrypted data is transmitted. Handshake messages still need to be encrypted, so that the handshake messages are prevented from being maliciously tampered by a middleman but are not encrypted, but besides the handshake messages, a plurality of control messages can expose attack points, such as flow control messages, and the flow control messages can be tampered by the malicious middleman, so that message receiving and sending are abnormal; for example, a data packet may modify a stream ID to exhaust an available stream, which results in that both parties in normal communication cannot open a new stream; for example, address migration, a malicious man-in-the-middle can initiate address migration and pretend to be a normal communication party to receive and send a message. This is a risk of no way acceptable for data transmission. The draft-banks-quic-disable-encryption specifies that the applicable scenario is a completely trusted communication environment or that the application has encrypted the application data. However, as cloud environments become more common, multi-tenants make a cloud without a completely trusted communication environment, and even east-west traffic of a private cloud is not absolutely secure; for data that the user has encrypted, the portion of the QUIC protocol in the message is still vulnerable.
In summary, how to implement unencrypted non-sensitive data transmission to reduce the CPU performance consumed by non-sensitive data transmission and ensure the security of non-sensitive data transmission is a technical problem to be solved in the art.
Disclosure of Invention
In view of the above, an object of the present invention is to provide a method, an apparatus, a device, and a medium for sending non-sensitive data through a QUIC, which can implement non-encrypted non-sensitive data transmission, so as to reduce CPU performance consumed by non-sensitive data transmission and ensure security of non-sensitive data transmission. The specific scheme is as follows:
in a first aspect, the present application discloses a method for sending non-sensitive data through a QUIC, applied to a server, including:
acquiring a connection request sent by a client, and detecting whether the connection request contains a target transmission parameter;
if the target transmission parameters exist in the connection request and the target transmission parameters also exist in the server, selecting a preset QUIC protocol;
and transmitting non-sensitive data to the client based on a non-encrypted data transmission mode in the preset QUIC protocol.
Optionally, the method for sending non-sensitive data through a QUIC further includes:
and adding a type field for a non-encrypted data transmission mode in the original QUIC protocol to generate a preset QUIC protocol.
Optionally, adding a type field for an unencrypted data transmission mode in the original QUIC protocol to generate a preset QUIC protocol, where the method includes:
and respectively carrying out encryption processing on the type field used for the non-encrypted data transmission mode, the Stream ID and the Offset Length in the Stream frame so as to generate a preset QUIC protocol.
Optionally, the transmitting non-sensitive data to the client based on the non-encrypted data transmission mode in the preset QUIC protocol includes:
encrypting the Stream ID and the Offset Length based on a preset encryption algorithm; and respectively storing non-sensitive data in the Stream frames in a non-encrypted mode, so that the non-sensitive data is transmitted to the client by transmitting the Stream frames.
Optionally, after the non-sensitive data is transmitted to the client based on the non-encrypted data transmission manner in the preset QUIC protocol, the method further includes:
calculating a mask through the client, decrypting the Stream ID and the Offset Length by using the mask, and if the decryption is successful, storing non-sensitive data in the Stream frame.
In a second aspect, the present application discloses a method for sending non-sensitive data through a QUIC protocol, applied to a client, comprising:
sending a connection request to a server so that the server can detect whether the connection request contains target transmission parameters or not, wherein the server is used for selecting a corresponding preset QUIC protocol when detecting that the connection request contains the target transmission parameters and the server also contains the target transmission parameters;
and receiving non-sensitive data sent by the server side through a non-encrypted data transmission mode in the preset QUIC protocol.
In a third aspect, the present application discloses an apparatus for transmitting non-sensitive data through a QUIC, which is applied to a server and includes:
the parameter detection module is used for acquiring a connection request sent by a client and detecting whether the connection request contains a target transmission parameter;
the transmission starting module is used for selecting a preset QUIC protocol if the target transmission parameters exist in the connection request and the target transmission parameters also exist in the server side;
and the data transmission module is used for transmitting non-sensitive data to the client based on a non-encrypted data transmission mode in the preset QUIC protocol.
In a fourth aspect, the present application discloses an electronic device, comprising:
a memory for storing a computer program;
a processor for executing said computer program for carrying out the steps of the method for transmitting non-sensitive data through a QUIC as disclosed in the foregoing.
In a fifth aspect, the present application discloses a computer readable storage medium for storing a computer program; wherein said computer program, when being executed by a processor, carries out the steps of the method of transmitting non-sensitive data through a QUIC as disclosed in the preceding.
It can be seen that the application discloses a method for sending non-sensitive data through a QUIC, which is applied to a server and comprises the following steps: acquiring a connection request sent by a client, and detecting whether the connection request contains a target transmission parameter; if the target transmission parameters exist in the connection request and the target transmission parameters also exist in the server, selecting a preset QUIC protocol; and transmitting non-sensitive data to the client based on a non-encrypted data transmission mode in the preset QUIC protocol. Therefore, the method and the device have the advantages that the two sides connected with the connection request are detected, whether preset QUIC protocol transmission is started or not is determined in a mode of detecting whether the target transmission parameters are included or not, non-sensitive data is transmitted in a non-encryption mode through the preset QUIC protocol, transmission efficiency is improved, resources are saved, safety is guaranteed, and meanwhile original message transmission is not influenced.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the provided drawings without creative efforts.
FIG. 1 is a flow chart of a method for transmitting non-sensitive data via a QUIC according to the present disclosure;
FIG. 2 is a flowchart of a specific method for sending non-sensitive data via a QUIC according to the present disclosure;
FIG. 3 is a flow chart of another specific method disclosed herein for sending non-sensitive data via a QUIC;
FIG. 4 is a schematic diagram of an apparatus for transmitting non-sensitive data through a QUIC according to the present disclosure;
fig. 5 is a block diagram of an electronic device disclosed in the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only some embodiments of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In the prior art, in an IETF personal draft, draft-banks-quic-disable-encryption proposes a scene and a method without encryption, a transmission parameter disable _1rtt \\ _ encryption is added for a client and a server to negotiate whether the client and the server can be unencrypted, and if both sides agree to be unencrypted, unencrypted data is transmitted. Handshake messages still need to be encrypted, so that malicious tampering by a middleman is prevented from being changed into non-encrypted handshake messages, but besides the handshake messages, a plurality of control messages can expose attack points, such as flow control messages, and the malicious middleman can tamper with the flow control messages, so that message receiving and sending are abnormal; for example, a data message can modify a flow ID to exhaust an available flow, so that both parties in normal communication cannot open a new flow; for example, address migration, a malicious man-in-the-middle can initiate address migration and pretend to be a normal communication party to receive and send a message. This is a risk of no way of acceptance for data transmission. The draft-banks-quic-disable-encryption specifies that the applicable scenario is a completely trusted communication environment or that the application has encrypted the application data. However, as cloud environments become more common, multi-tenants make the cloud have no completely trusted communication environment, and even east-west traffic of private clouds is not absolutely secure; for data that the user has encrypted, the QUIC protocol portion of the message is still vulnerable.
Therefore, the scheme for sending the non-sensitive data through the QUIC is provided, and the non-encrypted non-sensitive data transmission can be achieved, so that the CPU performance consumed by the non-sensitive data transmission is reduced, and the safety of the non-sensitive data transmission is guaranteed.
Referring to fig. 1, an embodiment of the present invention discloses a method for sending non-sensitive data through a QUIC, which is applied to a server and includes:
step S11: the method comprises the steps of obtaining a connection request sent by a client side, and detecting whether the connection request contains target transmission parameters.
In this embodiment, the QUIC protocol is configured with parameters in advance, and when the client establishes the connection request, the target transmission parameters, that is, the transmission parameters big _ data, need to be added in addition to the normal transmission parameters of the QUIC protocol configured in the connection request, so that after the server receives the connection request sent by the client, the connection request is detected, and it is detected whether the connection request has the transmission parameters big _ data other than the normal transmission parameters. After the connection request sent by the client is obtained, the method further includes: establishing a connection with the client via the unique identification information and based on the connection request. It can be understood that the QUIC connection can be connected through the unique identification information, so that the connection between the client and the server can be avoided by presetting a random number as the unique identification information if the connection is interrupted in the middle of the transmission process of the same client and the same server.
Step S12: and if the target transmission parameters exist in the connection request and the target transmission parameters also exist in the server, selecting a preset QUIC protocol for transmission.
In this embodiment, if it is detected that the target transmission parameter exists in the connection request sent by the client and the target transmission parameter also exists in the server, it is proved that the function of unencrypted video transmission can be used, that is, the preset QUIC protocol transmission is immediately started; and if the connection request does not have the target transmission parameter and/or the server does not have the target transmission parameter, selecting an original QUIC protocol. It can be understood that due to the limitation of the preset target transmission parameters, if it is detected that the connection request does not have the target transmission parameters but the client has the target transmission parameters, the preset QUIC protocol transmission is not started, and the original QUIC protocol transmission, namely encrypted transmission, is still adopted; if the target transmission parameters exist in the connection request and the target transmission parameters do not exist in the client, the preset QUIC protocol transmission is not started, the original QUIC protocol transmission is still adopted, and the same logic is also adopted when the server negotiates and executes the client. That is, only if the client and the server have the transmission parameter big _ data, the preset QUIC protocol can be enabled to transmit the non-sensitive data without encryption, the sensitive data is the private data, and the non-sensitive data is the non-private data, for example: video on demand data, social news, internet published content, blockchain public chain transaction data, and the like.
In this embodiment, a type field for an unencrypted data transmission mode is added in an original QUIC protocol to generate a preset QUIC protocol, it can be understood that the preset QUIC protocol is obtained by modifying the original QUIC protocol, specifically, when the original QUIC protocol is used for transmitting application data, an entire Stream frame is encrypted and transmitted, the Stream frame includes a Stream ID (data Stream identifier), an Offset Length (Offset Length), and data, and if the entire Stream frame is encrypted and transmitted, data in the Stream frame is also encrypted and transmitted, and in a specific scenario of this embodiment, data in the Stream frame is not required to be encrypted and transmitted, so that the insensitive data transmission of the preset QUIC protocol is performed by encrypting a QUIC packet, but does not encrypt non-sensitive data, that is, when the preset QUIC protocol is enabled, correspondingly, when the insensitive data is transmitted, a header of the Stream frame is encrypted, a header of the Stream ID, an Offset Length, and the like, and a large number of data transmission data packets are not required to be transmitted, and it is indicated that RTT is different from RTT-1, so that the type of the encrypted data packets is not required to be transmitted in the original QUIC protocol. For example: modifying the type field in the short packet header, specifically as follows:
the first 8 bits of the short packet header in the draft are respectively:
|0|1|S|R|R|K|P|P|
0 (plaintext): the fixed value indicates the short header.
1 (plain text): the fixed value, used for verification, must be 1 and discarded as 0.
S (plain text): spin bits for delay measurement.
RR (ciphertext): the fixed value must be 0, and the other values are regarded as connection errors.
K (ciphertext): indicating whether the key is updated.
PP (ciphertext): the packet number length.
The scheme is modified as follows:
|0|1|S|T|T|K|P|P|
0 (plaintext): the fixed value, which is not changed, indicates a short header.
1 (plain text): the fixed value, which is used for verification, must be 1 and discarded as 0.
S (plain text): invariant, spin bits, are used for delay measurements.
TT (ciphertext): the RR bit is modified to correspond to the type bit of the long header, 00 is an original encrypted packet, and 01 is non-sensitive data, that is, a new data transmission mode is added in the present application, and specific contents are specified by a user.
K (ciphertext): and indicating whether the key is updated, wherein the bit is 0 for the non-sensitive data message, and if a data packet with the value of 1 is received, the data packet is regarded as a connection error.
PP (ciphertext): unchanged, packet number length.
After the short packet header is modified, the content of the message encrypted in the original mode is not changed, after RR is modified to TT, and when TT character is still 00, K has no change to the use mode of the encrypted data packet, and does not affect the format of the original message and the transmission and packet processing of the original message. It can be understood that when the TT value in the protocol is detected to be 01, the unencrypted transmission mode for the non-sensitive data is started, when the TT value in the protocol is detected to be 00, the original encrypted transmission mode is still performed on the non-sensitive data, when the type bit in the short packet header is detected to be 01, the type bit is indicated to be the non-sensitive data transmission mode, and then the video-on-demand data is packaged and transmitted to the client; it should be noted that when the TT bit in the short packet header is 01, the internal packet is a large number of unencrypted data packets specified in this embodiment, that is, the QUIC does not encrypt the vod data, but the application, etc. may encrypt the vod data by itself.
Step S13: and transmitting non-sensitive data to the client based on a non-encrypted data transmission mode in the preset QUIC protocol.
In the embodiment, after the non-sensitive data is transmitted through the preset QUIC protocol, the non-sensitive data is transmitted to the client through the selected preset QUIC protocol; it should be noted that, since the transmission is performed by means of the preset QUIC protocol, the process of transmitting the Stream frame is orderly and complete, and reliable transmission of the non-sensitive data is realized.
It can be seen that the application discloses a method for sending non-sensitive data through a QUIC, which is applied to a server and comprises the following steps: acquiring a connection request sent by a client, and detecting whether the connection request contains a target transmission parameter; if the target transmission parameters exist in the connection request and the target transmission parameters also exist in the server, selecting a preset QUIC protocol; and transmitting non-sensitive data to the client based on a non-encrypted data transmission mode in the preset QUIC protocol. Therefore, the method and the device have the advantages that the two sides connected with the connection request are detected, whether the preset QUIC protocol transmission is started or not is determined in a mode of detecting whether the target transmission parameters are included or not, the non-sensitive data is transmitted in a non-encryption mode through the preset QUIC protocol, the transmission efficiency is improved, resources are saved, the safety is guaranteed, and meanwhile the original message transmission is not influenced.
Referring to fig. 2, the embodiment of the present invention discloses a specific method for sending non-sensitive data through a QUIC, and compared with the previous embodiment, the present embodiment further describes and optimizes the technical solution. Specifically, the method comprises the following steps:
step S21: and encrypting the Stream ID and the Offset Length based on a preset encryption algorithm.
In this embodiment, a type field for an unencrypted data transmission mode is newly added to the original QUIC protocol, and the type field for the unencrypted data transmission mode, a Stream ID in a Stream frame, and an Offset Length are encrypted respectively to generate a preset QUIC protocol. It is understood that the encryption process first obtains a random number, wherein the random number is obtained by sampling data of a fixed number for determination, specifically, sampling operation is performed from a preset Bit after the end of Offset Length, and 136 bits are sampled, wherein when the sampled Stream ID and Offset are less than 128 bits, a part of non-sensitive data is skipped and sampling is performed from the fixed position, so that the sampled random number is a fixed random number used for calculation of a key at the time of encryption and decryption, and the sampled random number is Bit data including Fin Bit (end Bit), stream ID Length (data Stream identification Length), and Offset Length. And the server side needs to complement when the sampling length caused by skipping the non-sensitive data for sampling is less than the preset sampling length. The client needs to discard frames of insufficient sample length when receiving them.
In this embodiment, after the random number is obtained, a mask is generated by using a preset encryption algorithm, specifically, a short header key or a packet key and the random number may be calculated by using the preset encryption algorithm to generate a mask corresponding to the Stream frame, that is, an encryption key of the Stream frame, so as to complete encryption of the header of the Stream frame. The preset encryption algorithm may specifically include, but is not limited to: AES (Advanced Encryption Standard) algorithm, chacha 2.0 algorithm (streaming symmetric Encryption). The process of calculating the mask of the Stream frame is that a sample with a certain length, namely a random number, is taken first, and then the mask is generated by respectively utilizing a preset encryption algorithm to obtain the mask.
Step S22: after the preset QUIC protocol is selected for transmission, storing non-sensitive data in a Stream frame in a non-encryption mode respectively so as to transmit the non-sensitive data to the client by transmitting the Stream frame.
In the embodiment, after the preset QUIC protocol transmission is selected, the non-sensitive data is packaged and stored in the Stream frame, and the transmission of the non-sensitive data is completed in a mode of transmitting the Stream frame to the client; it should be noted that, the data packet may have a plurality of frames, and it should be understood that, since the packet described in this embodiment is generally used for transmitting a large amount of data, packet merging and frame merging are not involved, only one QUIC packet is included in one UDP packet, and only one QUIC packet includes one Stream frame, so that a frame Length field is not needed, and the Length continues until the end of the UDP packet. Generally, the Stream ID Length occupies 3 bits, plus one indicates the Length of the Stream ID; the Offset Length occupies 4 bits indicating the Length of Offset, and when the Length is 0, there is no Offset field.
Step S23: calculating a mask through the client, decrypting the Stream ID and the Offset Length by using the mask, and if the decryption is successful, storing non-sensitive data in the Stream frame.
In this embodiment, after receiving the Stream frame, the mask is calculated again, the Stream ID and the Offset Length in the header of the Stream frame are decrypted by using the calculated mask, and the decryption is successful, that is, the non-sensitive data in the Stream frame can be obtained, and the decryption fails, so that the non-sensitive data in the Stream frame cannot be obtained. Therefore, if the client does not receive a part of Stream frames due to some factors, the server can judge that a certain current Stream frame is not successfully received by the client through the packet number and the acknowledgement information fed back by the client, and since each Stream frame has the packet number and the sequence of the packet number is monotonically increased according to the front-back sequence of the data in the transmission process, after the client receives a plurality of Stream frames, the asynchronously arriving Stream frames are sequenced again through the Offset successfully obtained by decryption, and are combined to form complete non-sensitive data. Wherein the Offset is a data Offset amount and indicates an Offset amount of the Stream frame in the entire data.
Therefore, in the embodiment, because the Stream ID and the Offset are required to be used when the non-sensitive data is transmitted, the Stream ID and the Offset are protected by using a packet header protection or other algorithms, so that the possibility of preventing the part of the QUIC protocol from being broken is improved, and the possibility of various risks caused by exposing the non-sensitive data transmission process due to the broken QUIC protocol is improved.
Referring to fig. 3, an embodiment of the present invention further discloses a method for sending non-sensitive data through a QUIC, which is applied to a client, and includes:
step S31: sending a connection request to a server so that the server can detect whether the connection request contains target transmission parameters or not, wherein the server is used for selecting a corresponding preset QUIC protocol when detecting that the connection request contains the target transmission parameters and the server also contains the target transmission parameters;
step S32: and receiving non-sensitive data sent by the server side through a non-encrypted data transmission mode in the preset QUIC protocol.
For a more detailed processing procedure in steps S31 and S32, please refer to the content of the foregoing disclosed embodiments, which is not described herein again.
It can be seen that the application discloses a method for sending non-sensitive data through a QUIC, which is applied to a server and comprises the following steps: acquiring a connection request sent by a client, and detecting whether the connection request contains a target transmission parameter; if the target transmission parameters exist in the connection request and the target transmission parameters also exist in the server, selecting a preset QUIC protocol; and transmitting non-sensitive data to the client based on a non-encrypted data transmission mode in the preset QUIC protocol. Therefore, the method and the device have the advantages that the two sides connected with the connection request are detected, whether the preset QUIC protocol transmission is started or not is determined in a mode of detecting whether the target transmission parameters are included or not, the non-sensitive data is transmitted in a non-encryption mode through the preset QUIC protocol, the transmission efficiency is improved, resources are saved, the safety is guaranteed, and meanwhile the original message transmission is not influenced.
Referring to fig. 4, an embodiment of the present invention discloses an apparatus for sending non-sensitive data through a QUIC, applied to a server, including:
the parameter detection module 11 is configured to acquire a connection request sent by a client, and detect whether the connection request includes a target transmission parameter;
a transmission starting module 12, configured to select a preset QUIC protocol for transmission if it is detected that the target transmission parameter exists in the connection request and the target transmission parameter also exists in the server;
and the data transmission module 13 is used for transmitting the non-sensitive data to the client based on a non-encrypted data transmission mode in the preset QUIC protocol.
For more specific working processes of the above modules, reference may be made to corresponding contents disclosed in the foregoing embodiments, and details are not described herein again.
It can be seen that the present application also discloses a device, and the specific method adopted in the device is the method for sending non-sensitive data through the QUIC in the above embodiment, which comprises the following steps: acquiring a connection request sent by a client, and detecting whether the connection request contains a target transmission parameter; if the target transmission parameters exist in the connection request and the target transmission parameters also exist in the server, selecting a preset QUIC protocol; and transmitting non-sensitive data to the client based on a non-encrypted data transmission mode in the preset QUIC protocol. Therefore, the device determines whether to start the preset QUIC protocol transmission or not by detecting the two sides connected with the connection request and detecting whether both sides contain the target transmission parameters or not, and transmits non-sensitive data in a non-encryption mode through the preset QUIC protocol, so that the transmission efficiency is improved, the resources are saved, the safety is ensured, and the original message transmission is not influenced.
Further, an electronic device is disclosed in the embodiments of the present application, and fig. 5 is a block diagram of the electronic device 20 according to an exemplary embodiment, which should not be construed as limiting the scope of the application.
Fig. 5 is a schematic structural diagram of an electronic device 20 according to an embodiment of the present disclosure. The electronic device 20 may specifically include: at least one processor 21, at least one memory 22, a power supply 23, a communication interface 24, an input output interface 25, and a communication bus 26. Wherein the memory 22 is used for storing a computer program which is loaded and executed by the processor 21 to implement the relevant steps in the method for sending non-sensitive data through a QUIC as disclosed in any of the previous embodiments. In addition, the electronic device 20 in this embodiment may be specifically an electronic computer.
In this embodiment, the power supply 23 is configured to provide a working voltage for each hardware device on the electronic device 20; the communication interface 24 can create a data transmission channel between the electronic device 20 and an external device, and a communication protocol followed by the communication interface is any communication protocol that can be applied to the technical solution of the present application, and is not specifically limited herein; the input/output interface 25 is configured to obtain external input data or output data to the outside, and a specific interface type thereof may be selected according to specific application requirements, which is not specifically limited herein.
The processor 21 may include one or more processing cores, such as a 4-core processor, an 8-core processor, and the like. The processor 21 may be implemented in at least one hardware form of a DSP (Digital Signal Processing), an FPGA (Field-Programmable Gate Array), and a PLA (Programmable Logic Array). The processor 21 may also include a main processor and a coprocessor, where the main processor is a processor for Processing data in a wake state, and is also called a Central Processing Unit (CPU); a coprocessor is a low power processor for processing data in a standby state. In some embodiments, the processor 21 may be integrated with a GPU (Graphics Processing Unit), which is responsible for rendering and drawing the content required to be displayed on the display screen. In some embodiments, the processor 21 may further include an AI (Artificial Intelligence) processor for processing a calculation operation related to machine learning.
In addition, the storage 22 is used as a carrier for resource storage, and may be a read-only memory, a random access memory, a magnetic disk or an optical disk, etc., and the resources stored thereon may include an operating system 221, a computer program 222, etc., and the storage manner may be a transient storage or a permanent storage.
The operating system 221 is used for managing and controlling each hardware device and the computer program 222 on the electronic device 20, so as to realize the operation and processing of the mass data 223 in the memory 22 by the processor 21, and may be Windows Server, netware, unix, linux, and the like. The computer programs 222 may further include computer programs that can be used to perform other specific tasks in addition to the computer programs that can be used to perform the method for transmitting non-sensitive data through a QUIC, which is performed by the electronic device 20 disclosed in any of the foregoing embodiments. The data 223 may include data received by the electronic device and transmitted from an external device, or may include data collected by the input/output interface 25 itself.
Further, the present application also discloses a computer-readable storage medium for storing a computer program; wherein the computer program, when executed by a processor, implements the method of transmitting non-sensitive data over a QUIC as disclosed above. For the specific steps of the method, reference may be made to the corresponding contents disclosed in the foregoing embodiments, which are not described herein again.
The embodiments are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same or similar parts among the embodiments are referred to each other. The device disclosed by the embodiment corresponds to the method disclosed by the embodiment, so that the description is simple, and the relevant points can be referred to the method part for description.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application. The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in Random Access Memory (RAM), memory, read-only memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
Finally, it should also be noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising a," "8230," "8230," or "comprising" does not exclude the presence of additional like elements in a process, method, article, or apparatus that comprises the element.
The method, apparatus, device, and medium for transmitting non-sensitive data through a QUIC according to the present invention are described in detail, and specific examples are applied herein to explain the principles and embodiments of the present invention, and the descriptions of the examples are only used to help understand the method and its core idea of the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, the specific embodiments and the application range may be changed, and in summary, the content of the present specification should not be construed as a limitation to the present invention.
Claims (10)
1. A method for sending non-sensitive data through QUIC is characterized in that the method is applied to a server and comprises the following steps:
acquiring a connection request sent by a client, and detecting whether the connection request contains a target transmission parameter;
if the target transmission parameters exist in the connection request and the target transmission parameters also exist in the server, selecting a preset QUIC protocol;
and transmitting non-sensitive data to the client based on a non-encrypted data transmission mode in the preset QUIC protocol.
2. The method of claim 1, wherein after detecting whether the connection request includes the target transmission parameter, the method further comprises:
and if the connection request does not have the target transmission parameter and/or the server does not have the target transmission parameter, selecting an original QUIC protocol.
3. The method of transmitting non-sensitive data via QUIC according to claim 1, further comprising:
and adding a type field for an unencrypted data transmission mode in the original QUIC protocol to generate a preset QUIC protocol.
4. The method for sending non-sensitive data through QUIC according to claim 3, wherein said adding a type field for non-encrypted data transmission in original QUIC protocol to generate a preset QUIC protocol further comprises:
and respectively carrying out encryption processing on the type field used for the non-encrypted data transmission mode, the Stream ID and the Offset Length in the Stream frame to generate a preset QUIC protocol.
5. The method for transmitting non-sensitive data through QUIC according to claim 4, wherein said transmitting non-sensitive data to said client based on non-encrypted data transmission in said preset QUIC protocol includes:
encrypting the Stream ID and the Offset Length based on a preset encryption algorithm; and respectively storing the non-sensitive data in a Stream frame in a non-encryption mode so as to transmit the non-sensitive data to the client by transmitting the Stream frame.
6. The method of sending non-sensitive data through QUIC according to claim 5, after said transmitting non-sensitive data to said client based on non-encrypted data transmission in said preset QUIC protocol, further comprising:
calculating a mask through the client, decrypting the StreamID and the Offset Length by using the mask, and if the decryption is successful, saving the non-sensitive data in the Stream frame.
7. A method for sending non-sensitive data through QUIC is characterized by being applied to a client and comprising the following steps:
sending a connection request to a server so that the server can detect whether the connection request contains target transmission parameters or not, wherein the server is used for selecting a corresponding preset QUIC protocol when detecting that the connection request contains the target transmission parameters and the server also contains the target transmission parameters;
and receiving non-sensitive data sent by the server side through a non-encrypted data transmission mode in the preset QUIC protocol.
8. An apparatus for transmitting non-sensitive data through QUIC, applied to a server, comprising:
the parameter detection module is used for acquiring a connection request sent by a client and detecting whether the connection request contains a target transmission parameter;
the transmission starting module is used for selecting a preset QUIC protocol if the target transmission parameters exist in the connection request and the target transmission parameters also exist in the server side;
and the data transmission module is used for transmitting non-sensitive data to the client based on a non-encrypted data transmission mode in the preset QUIC protocol.
9. An electronic device, comprising:
a memory for storing a computer program;
processor for executing said computer program for implementing the steps of the method for transmitting non-sensitive data through a QUIC according to any of claims 1 to 6.
10. A computer-readable storage medium for storing a computer program; wherein said computer program, when being executed by a processor, carries out the steps of the method of transmitting non-sensitive data through a QUIC according to any of claims 1 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211418172.1A CN115766902A (en) | 2022-11-14 | 2022-11-14 | Method, device, equipment and medium for transmitting non-sensitive data through QUIC |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211418172.1A CN115766902A (en) | 2022-11-14 | 2022-11-14 | Method, device, equipment and medium for transmitting non-sensitive data through QUIC |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115766902A true CN115766902A (en) | 2023-03-07 |
Family
ID=85370027
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211418172.1A Pending CN115766902A (en) | 2022-11-14 | 2022-11-14 | Method, device, equipment and medium for transmitting non-sensitive data through QUIC |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115766902A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117097813A (en) * | 2023-10-19 | 2023-11-21 | 广州宇中网络科技有限公司 | Protocol adaptation method, device, equipment and storage medium |
-
2022
- 2022-11-14 CN CN202211418172.1A patent/CN115766902A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117097813A (en) * | 2023-10-19 | 2023-11-21 | 广州宇中网络科技有限公司 | Protocol adaptation method, device, equipment and storage medium |
| CN117097813B (en) * | 2023-10-19 | 2024-01-26 | 广州宇中网络科技有限公司 | Protocol adaptation method, device, equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110933118B (en) | Edge computing gateway secure communication method, system, terminal equipment and server | |
| CN106713320B (en) | Terminal data transmission method and device | |
| US9219709B2 (en) | Multi-wrapped virtual private network | |
| US11470060B2 (en) | Private exchange of encrypted data over a computer network | |
| CN113114701B (en) | QUIC data transmission method and device | |
| US20230283479A1 (en) | Data Transmission Method and Apparatus, Device, System, and Storage Medium | |
| JP2005117246A (en) | Packet-discriminating apparatus | |
| WO2017185978A1 (en) | Method and device for parsing packet | |
| US20080077938A1 (en) | Method of implementing a state tracking mechanism in a communications session between a server and a client system | |
| CN115766902A (en) | Method, device, equipment and medium for transmitting non-sensitive data through QUIC | |
| US20230239279A1 (en) | Method and apparatus for security communication | |
| CN107431691A (en) | A kind of data pack transmission method, device, node device and system | |
| US20230113138A1 (en) | Application Information Verification Method, Packet Processing Method, And Apparatuses Thereof | |
| CN113810173B (en) | Method for checking application information, message processing method and device | |
| CN111586344B (en) | Message sending method and device of network camera | |
| CN114996730A (en) | Data encryption and decryption system, method, computer equipment and storage medium | |
| JP2003244194A (en) | Data encrypting apparatus, encryption communication processing method, and data relaying apparatus | |
| CN117319088B (en) | Method, device, equipment and medium for blocking illegal external connection equipment | |
| CN115941600B (en) | Message distribution method, system and computer readable storage medium | |
| CN118678126B (en) | Self-adaptive cross-domain code stream password security protection method, system and equipment | |
| WO2023071958A1 (en) | Sni domain name extraction method, electronic device, and computer-readable storage medium | |
| WO2022063075A1 (en) | Billing method and apparatus, communication device, and readable storage medium | |
| US20220255911A1 (en) | Method for Secure Communication and Device | |
| CN116962843A (en) | Media information transmission method and device, storage medium and electronic device | |
| CN116455615A (en) | Data processing method, device, electronic equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |