CN115913672A - Electronic file encryption transmission method, system, terminal equipment and computer medium - Google Patents
Electronic file encryption transmission method, system, terminal equipment and computer medium Download PDFInfo
- Publication number
- CN115913672A CN115913672A CN202211364872.7A CN202211364872A CN115913672A CN 115913672 A CN115913672 A CN 115913672A CN 202211364872 A CN202211364872 A CN 202211364872A CN 115913672 A CN115913672 A CN 115913672A
- Authority
- CN
- China
- Prior art keywords
- client
- file
- key
- electronic
- algorithm
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 68
- 230000005540 biological transmission Effects 0.000 title claims abstract description 59
- 238000004422 calculation algorithm Methods 0.000 claims abstract description 134
- 238000012795 verification Methods 0.000 claims abstract description 30
- 238000012545 processing Methods 0.000 claims abstract description 14
- 230000002457 bidirectional effect Effects 0.000 claims abstract description 13
- 230000006870 function Effects 0.000 claims description 27
- 238000004891 communication Methods 0.000 claims description 23
- 230000008569 process Effects 0.000 claims description 13
- 238000004590 computer program Methods 0.000 claims description 8
- 238000004806 packaging method and process Methods 0.000 claims description 7
- 230000002441 reversible effect Effects 0.000 claims description 5
- 238000004364 calculation method Methods 0.000 abstract description 4
- 238000010586 diagram Methods 0.000 description 4
- 239000011159 matrix material Substances 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 4
- 238000006467 substitution reaction Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 230000008520 organization Effects 0.000 description 3
- 230000009466 transformation Effects 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 2
- 230000015572 biosynthetic process Effects 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000003993 interaction Effects 0.000 description 2
- 230000001737 promoting effect Effects 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000006073 displacement reaction Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Images
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Landscapes
- Storage Device Security (AREA)
Abstract
The application discloses an electronic file encryption transmission method, a system, terminal equipment and a computer medium, wherein the method is applied to a server and comprises the steps of carrying out bidirectional identity authentication on the server and a client by utilizing an RSA algorithm; when the authentication is passed, the electronic file to be transmitted is obtained, the AES algorithm is used for processing the electronic file to be transmitted to generate a first secret key, the file version number of the electronic file to be transmitted is extracted, and a hash function is used for encrypting the file version number to generate a version number ciphertext; generating a second key by iterating the version number ciphertext by using an iteration function; receiving and verifying a first digital signature sent by a client, generating a second digital signature after the verification is successful, and sending the second digital signature to the client; the first digital signature and the second digital signature are both generated according to an SHA algorithm; and when the client side succeeds in verification, decrypting the first secret key and the second secret key to finish the encryption transmission of the electronic file. The hybrid encryption algorithm is low in calculation complexity and short in consumed time, and the safety of data transmission is guaranteed by combining hash function encryption.
Description
Technical Field
The present application relates to the field of archive management technologies, and in particular, to an electronic archive encryption transmission method, system, terminal device, and computer medium.
Background
At present, the traditional paper management is gradually replaced by the information management based on the internet, so that the manpower and material resources are saved to a great extent, and the production efficiency and the quality are greatly improved. The electronic file transmission mainly relates to the uploading and downloading of files between a server and a client, and the management operations of adding, deleting, modifying, checking and the like of the files at the server. In actual business, the uploading and downloading speed and safety should be ensured for different application environments. Therefore, the method for transmitting the electronic file with high efficiency, reliability and safety is provided, and has important significance for promoting resource sharing and promoting productivity development.
However, in the current electronic file encryption transmission method, the traditional symmetric encryption scheme, namely DES encryption technology, is most often adopted, and the encryption technology belongs to the category of block ciphers. The plaintext block is 64 bits, the key is 56 bits, and 64-bit ciphertext is obtained through three stages of initial replacement, 16 times of round transformation and inverse initial value transformation. However, as attack techniques advance, double DES against differential analysis and triple DES algorithms of two and three keys have subsequently been developed. However, the traditional DES algorithm is not only inefficient, but also has a large risk of file information leakage because the existing method can completely break the traditional DES algorithm due to the short secret key and weak strength of the traditional DES algorithm. In view of the above, there is a need for a method for encrypted transmission of electronic files with higher efficiency and higher security to solve the above problems.
Disclosure of Invention
The present application aims to provide an electronic file encryption transmission method, system, terminal device and computer medium, so as to solve the problems of long time consumption and low security in the existing electronic file encryption transmission method.
In order to achieve the above object, in a first aspect, the present application provides an electronic file encryption transmission method, applied in a server, including:
performing bidirectional identity authentication on a server and a client by using an RSA algorithm;
when the authentication is passed, acquiring the electronic file to be transmitted, and processing the electronic file data by using an AES algorithm to generate a first secret key;
extracting the file version number of the electronic file to be transmitted, and encrypting the file version number by using a hash function to generate a version number ciphertext; iterating the version number ciphertext by using an iteration function to generate a second secret key;
receiving and verifying a first digital signature sent by a client, and after the first digital signature is successfully verified, generating a second digital signature and sending the second digital signature to the client for verification; wherein the first digital signature and the second digital signature are both generated according to an SHA algorithm;
and when the client side succeeds in verification, decrypting the first secret key and the second secret key to finish the encryption transmission of the electronic file.
In some implementation manners of the first aspect, the method for encrypting and transmitting an electronic file further includes generating an electronic file identification card for the electronic file to be transmitted, including:
acquiring an electronic file and metadata of the electronic file;
extracting client information of the electronic archive and number source data used for generating an electronic archive identity card number from metadata of the electronic archive, wherein the client information comprises: a private key index of the client and a public key certificate of the client;
processing the electronic file by using a summary algorithm to generate a digital summary of the electronic file;
carrying out digital signature on the digital abstract of the electronic file by using a private key of the client to obtain a signature value;
generating an ID card number of the electronic file based on the number source data and a preset number generation rule;
and packaging the ID card number, the public key certificate of the client and the signature value to generate a packaged file, and generating the electronic archive ID card according to the packaged file.
In some implementation manners of the first aspect, the encapsulating the id number, the public key certificate of the client, and the signature value to generate an encapsulated file, and generating the electronic archive id card according to the encapsulated file includes:
packaging the ID card number, the public key certificate of the client and the signature value into a first XML file;
generating an encryption key according to a key generation rule based on the ID card number;
confusion scrambling is carried out on the first XML file by utilizing the encryption key to generate encrypted data;
and packaging the ID card number and the encrypted data into a second XML file, and taking the second XML file as the electronic archive ID card.
In some implementations of the first aspect, the performing bidirectional identity authentication on the server and the client by using an RSA algorithm includes:
receiving a communication connection request, a first random number and an encryption algorithm list supported by both communication parties, which are sent by a client;
selecting an encryption suite from the encryption algorithm list, sending a server certificate, a second random number and the encryption suite to a client, and sending the client certificate to the client;
when the client successfully verifies the server certificate, receiving the client certificate and a third random number sent by the client to legally verify the client certificate; wherein,
the first random number, the second random number, and the third random number are all generated by a random number generator; and the third random number is generated by encrypting the public key of the server by using an RSA algorithm.
In some implementations of the first aspect, the processing the electronic archive data using the AES algorithm to generate the first key includes:
and after the client certificate is successfully legally verified, decrypting the third random number by using a private key, and calculating and generating a communication key of an AES algorithm by using the first random number, the second random number and the decrypted third random number as a first key.
In some implementations of the first aspect, the generating of the first data signature includes:
the client calculates the third random number and the hash value of the client certificate by using an SHA algorithm, encrypts the hash value by using an AES algorithm, and generates a first data signature after encrypting by using an RSA algorithm through a server public key.
In some implementations of the first aspect, the iterating the version number ciphertext by using an iteration function to generate the second key includes:
and iterating the version number ciphertext by using a divergent non-invertible function Fun to generate a key of a 128-bit AES encryption algorithm as a second key.
In a second aspect, the present application further provides an electronic file encryption transmission system, applied in a server, including:
the identity authentication unit is used for performing bidirectional identity authentication on the server and the client by using an RSA algorithm;
the first key generation unit is used for acquiring the electronic file to be transmitted when the authentication is passed, and processing the data of the electronic file by using an AES algorithm to generate a first key;
the second key generation unit is used for extracting the file version number of the electronic file to be transmitted, and encrypting the file version number by utilizing a hash function to generate a version number ciphertext; iterating the version number ciphertext by using an iteration function to generate a second secret key;
the digital signature verification unit is used for receiving and verifying the first digital signature sent by the client, and after the first digital signature is successfully verified, generating a second digital signature and sending the second digital signature to the client for verification; wherein the first digital signature and the second digital signature are both generated according to an SHA algorithm;
and the decryption unit is used for decrypting the first secret key and the second secret key when the client is successfully verified, so as to finish the encrypted transmission of the electronic file.
In a third aspect, the present application further provides a terminal device, including:
one or more processors;
a memory coupled to the processor for storing one or more programs;
when executed by the one or more processors, cause the one or more processors to implement the method for encrypted transmission of an electronic archive as described in any of the above.
In a fourth aspect, the present application further provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the electronic archive encryption transmission method as described in any one of the above.
In a fifth aspect, the present application further provides a computer program product, when the computer program product runs on a terminal device, so that when the computer device executes, the method for setting a service flow attribute according to the first aspect is implemented.
Compared with the prior art, the beneficial effects of this application lie in:
1) According to the hybrid encryption algorithm, the RSA algorithm is adopted to carry out bidirectional identity authentication on the server side and the client side, the sent data are encrypted through the AES algorithm and the SHA algorithm to generate the ciphertext and the digital signature, and the ciphertext and the digital signature are sent to the client side for verification.
2) According to the method and the device, the version number of the electronic document is extracted, the hash function is used for encrypting the version number to generate the version-back ciphertext, then the divergent non-reversible function Fun is used for iterating the version-number ciphertext to generate the key of the 128-bit AES encryption algorithm, the indecomposability of the encryption algorithm is enhanced, and the safety of data transmission is greatly improved.
3) The method comprises the steps of digitally signing metadata of an electronic file and a digital abstract of the electronic file by using a private key of a client side of a received file, ensuring authenticity of the electronic file, generating a secret key according to a secret key generation rule based on an ID card number of the electronic file, encrypting a first XML file containing the ID card number of the electronic file, a public key certificate of the client side of the received file and a signature value, generating a unique electronic file ID card, ensuring safety of the electronic file, and simultaneously ensuring uniqueness and originality of the electronic file.
Drawings
In order to more clearly illustrate the technical solution of the present application, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.
Fig. 1 is a schematic diagram of an encryption process of an AES algorithm provided in an embodiment of the present application;
FIG. 2 is a flowchart illustrating a method for encrypted transmission of an electronic file according to an embodiment of the present application;
FIG. 3 is a flow chart illustrating the sub-steps of step S10 provided in an embodiment of the present application;
FIG. 4 is a schematic diagram illustrating a data interaction principle of electronic file transmission between a server and a client according to an embodiment of the present application;
FIG. 5 is a block diagram of an electronic file encryption transmission system according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of a terminal device according to an embodiment of the present application.
Detailed Description
The technical solutions in the embodiments of the present application will be described clearly and completely with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only some embodiments of the present application, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
It should be understood that the step numbers used herein are only for convenience of description and are not used as limitations on the order in which the steps are performed.
It is to be understood that the terminology used in the description of the present application is for the purpose of describing particular embodiments only and is not intended to be limiting of the application. As used in the specification of the present application and the appended claims, the singular forms "a," "an," and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise.
The terms "comprises" and "comprising" indicate the presence of the described features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
The term "and/or" refers to any and all possible combinations of one or more of the associated listed items and includes such combinations.
To assist understanding, the algorithm involved in the embodiments of the present application will first be described:
the RSA algorithm:
the RSA algorithm is one of the most commonly used asymmetric encryption algorithms, belongs to the most typical and perfect public key packet cryptosystem at present, can resist most of the existing cryptographic attacks, and has good confidentiality. The algorithm first generates a pair of RSA secret keys by a receiving party, wherein a public key can be issued in a network, and a secret key is only owned by a user; the sender uses the public key to encrypt the file and then sends the file to the receiver, and the receiver can decrypt the file by using the private key to recover the plaintext.
Specifically, the core of the reciprocity of RSA encryption and decryption is euler's theorem, and the algorithm first needs to generate a pair of public keysp k Henan provinceKey with key identifications k Then need to usep k Encrypting the inscription, uses k The ciphertext is decrypted, roughly as follows:
1) Two large numbers of ropes are selectedx、y;
2) Computinga=x*y;
3) Calculating outb=(x-1)*(y-1);
4) Selecting public key exponentsk,kIs less thanbAnd is notbA factor of (d);
5) Computing private key indicest,tIs less thanbAnd according to the calculation ofk*t)modb=1 calculate outt;
6) Generating a public keyp k =(a,k) Private keys k =(a,t);
7) Encrypting a plaintext M into a ciphertext C, C = M k mod a;
8) Decrypting the ciphertext C into the plaintext M, M = C t mod a。
The analysis of the above steps can show that the security of the RSA algorithm is closely related to the difficulty of factorization of large integers, that is, the security of the algorithm is related to the digits of the public and private keys, and the greater the digits, the safer the algorithm is. However, the encryption and decryption operations of the RSA algorithm are all arithmetic operations at an exponential level, and are complex in calculation and long in time consumption.
AES algorithm:
the AES algorithm is a symmetric encryption algorithm, and is generally divided into 4 steps: byte substitution, row displacement, column mixing, round key addition. Each step is reversible, so the decryption algorithm is the corresponding inverse operation. Where byte substitution is a non-linear byte-by-byte substitution operation that follows a substitution table. The line shift is a linear transformation, each line of the state matrix is circularly shifted to the right in bytes, and the linear shift is a multiple of 4. In the column mixing stage, four elements in each column of the state matrix are used as coefficients to form a column polynomial, and the column polynomial is subjected to modular multiplication with a specific polynomial. And a round key adding stage, namely performing exclusive OR operation on the column of the round key matrix byte by byte and the column of the state matrix. The AES algorithm will encrypt and decrypt hundreds of times faster than the asymmetric encryption algorithm. The encryption and decryption process of the AES algorithm is shown in FIG. 1.
The SHA algorithm is the most widely used hash encryption algorithm following the MD5 algorithm, which has encryption irreversibility and is generally used as a digital signature to verify the validity of a data signature.
Because the traditional DES algorithm is low in efficiency, and because the self secret key is short and weak in strength, the traditional DES algorithm can be completely broken through by an existing method, and therefore a larger risk of file information leakage exists. Therefore, the embodiment of the application aims to provide the electronic file encryption transmission method which is higher in efficiency and higher in safety, the method is a hybrid encryption algorithm, and the encryption and decryption operations of the RSA algorithm are all exponential operations, so that the calculation is complex and the time consumption is long. Therefore, the application firstly selects the 2048-bit public and private keys, which not only can ensure the security of the RSA algorithm, but also can save the time consumption of the encryption and decryption processes. Because the encryption and decryption speed of the AES algorithm is very high, after the certificates of the two parties are verified, the encryption and decryption of the data sent by the two parties are performed by using the AES algorithm instead. And finally, the version number is encrypted by combining a hash function, and a key generated after iteration and a digital signature generated by an SHA algorithm are combined, so that the transmission safety of the electronic document is ensured.
Referring to fig. 2, in an embodiment of a first aspect of the present application, a method for encrypting and transmitting an electronic file is provided, which is mainly applied to a server. As shown in fig. 2, the method for encrypted transmission of an electronic file includes steps S10 to S50. The method comprises the following steps:
and S10, performing bidirectional identity authentication on the server and the client by using an RSA algorithm.
It should be noted that the server is mainly a party providing the electronic file, that is, a data sending end, such as an electronic file management system of an enterprise, a talent market management bureau, or the like, and the client is mainly a receiving end of the electronic file, which may be an HR of the enterprise, an employee of the organization, or the like. When the electronic file needs to be called, a calling or downloading request is usually initiated by the client to the server, the server receives the request and establishes a communication link with the client after successful verification, the electronic file is encrypted and transmitted, and the transmission process of the electronic file is completed after the electronic file is decrypted by the client.
In this step, the RSA algorithm is mainly used to perform identity authentication on both the server itself and the client. In practical application, a more common way is that the server verifies the identity of the client, but once the identity of the server is in a problem, the file received by the client is likely to be wrong, and even potential safety hazards such as stealing of the identity of the client, information leakage and the like exist. Therefore, in order to enhance the security of the transmission process, authentication between the two parties is required in this step. It can be understood that, when the identity authentication of the two parties passes, the server and the client can establish a communication link, otherwise, the transmission of the electronic document cannot be performed. The identity authentication comprises validity authentication, validity authentication and uniqueness authentication.
S20, when the authentication is passed, the electronic file to be transmitted is obtained, the AES algorithm is utilized to process the data of the electronic file, and a first secret key is generated.
In this step, when the authentication is passed, the server side first obtains the electronic file to be transmitted from the system, and then processes the electronic file data by using the AES algorithm. According to the above description, the speed of encryption and decryption of the AES algorithm is hundreds of times faster than that of the RSA algorithm, so that after the identity authentication of both parties is passed by using the RSA algorithm, the data sent by both parties are encrypted and decrypted by using the AES algorithm instead in this step.
It will be appreciated that the decryption process is the inverse operation of the encryption process, and that the keys used for encryption and decryption are the same. Referring to fig. 1, as can be seen from the encryption and decryption process of the AES algorithm, the key to the security is to secure the key, and the security of the key is secured by the AES algorithm in the encryption chain. The AES algorithm can be divided into three versions, namely AES-128, AES-192 and AES-256 according to the key length. In order to speed up its decryption, in a preferred embodiment the electronic archive data is processed using the AES-128 version to generate the first key.
S30, extracting the file version number of the electronic file to be transmitted, and encrypting the file version number by using a hash function to generate a version number ciphertext; and iterating the version number ciphertext by using an iteration function to generate a second key.
In order to enhance the security of encrypted transmission, in this step, a hash function is used to encrypt the file version number to generate a version number ciphertext. Specifically, the MD5 is adopted to encrypt the file version number to obtain a ciphertext, and then an iteration function is used to iterate the ciphertext of the version number to generate a second key.
In a specific embodiment, the version number ciphertext is iterated by using a divergent non-invertible function Fun, and a key of a 128-bit AES encryption algorithm is generated as the second key. The version number is encrypted by combining the Hash algorithm MD5 and the advanced AES encryption algorithm, and the indecomposability of the encryption algorithm is enhanced by diverging the non-reversible function, so that the security of data transmission is greatly improved.
S40, receiving and verifying the first digital signature sent by the client, and after the verification is successful, generating a second digital signature and sending the second digital signature to the client for verification; wherein the first digital signature and the second digital signature are both generated according to the SHA algorithm.
In the process, identity authentication of the server and the client is completed through an RSA algorithm, and a communication link is established. And encrypting the electronic archive data by an AES encryption algorithm to generate a first key, encrypting the version number by a Hash algorithm MD5 and an advanced AES encryption algorithm, and iteratively generating a second key by using an iterative function. In the step, a digital signature is generated by mainly utilizing an SHA algorithm for verification, a first digital signature generated according to the SHA algorithm and sent by a client side is received by a server side and verified, and after the verification is successful, a second digital signature is generated by the server side through the SHA algorithm and sent to the client side for verification.
S50, when the client side succeeds in verification, the first secret key and the second secret key are decrypted, and electronic file encryption transmission is completed.
And finally, when the client successfully verifies the second digital signature, the first key and the second key are decrypted, the electronic file sent by the server can be received, and file transmission is successfully completed. The decryption process of the first key and the second key is specifically the inverse operation of generating the first key and the second key.
In summary, in the embodiment provided in the first aspect of the present application, the RSA algorithm is first used to perform bidirectional identity authentication on the server and the client, the AES algorithm and the SHA algorithm are then used to encrypt the transmission data to generate the ciphertext and the digital signature, and the ciphertext and the digital signature are finally transmitted to the client for verification. The version number of the electronic document is extracted, the hash function is used for encrypting the version number to generate a version ciphertext, then the divergent non-reversible function Fun is used for iterating the version number ciphertext to generate a key of a 128-bit AES encryption algorithm, the indecomposability of the encryption algorithm is enhanced, and the safety of data transmission is greatly improved.
In some implementation manners of the first aspect, the method for encrypting and transmitting an electronic archive further includes generating an electronic archive identification card for the electronic archive to be transmitted, where the method includes:
1) An electronic archive and metadata of the electronic archive are obtained.
In this step, first, metadata of the electronic file is obtained, including a name of the electronic file and a file type of the electronic file.
2) Extracting client information of the electronic archive and number source data used for generating an electronic archive identity card number from metadata of the electronic archive, wherein the client information comprises: a private key index of the client and a public key certificate of the client.
In the specific implementation, since the metadata of the electronic file includes the receiving unit information for receiving the electronic file, the number source data for generating the electronic file id number, and the core metadata of the electronic file, the receiving client information for receiving the electronic file, the number source data for generating the electronic file id number, and the core metadata of the electronic file can be directly extracted from the metadata of the electronic file when the receiving client information, the number source data, and the core metadata of the electronic file are extracted from the metadata of the electronic file.
Preferably, the core metadata of the electronic archive may also be acquired, including: one or more of a file name, a formation unit, a place of attribution, a file number, a formation time, and a file type of the electronic archive. Specifically, receiving the client information includes: receiving a private key index of a client and receiving a public key certificate of the client; the number source data used for generating the ID card number of the electronic file comprises: and receiving the code of the client, the file number of the electronic file and the file forming time.
3) And processing the electronic file by using a summary algorithm to generate a digital summary of the electronic file.
In this step, the digest algorithm is preferably an SM3 algorithm, and other digital digest algorithms may be used in practical applications, which are not specifically limited herein.
4) And carrying out digital signature on the digital abstract of the electronic archive by using the private key of the client to obtain a signature value.
In this step, the digital signature is performed on the abstract content and the core metadata of the electronic archive, which not only reduces the storage space, but also improves the transmission performance, compared with the digital signature performed on the full-text content of the electronic archive.
5) And generating the ID card number of the electronic file based on the number source data and a preset number generation rule.
When specifically implementing, based on serial number source data and the serial number generation rule that sets up in advance, generate the ID card number of electronic file, specifically include: and generating the number of the electronic file by utilizing the code of the receiving client, the file number of the electronic file, the file forming time and the preset serial number. The preset serial number may be a serial number that changes according to a preset rule, or a serial number that is freely set by a user.
If the preset sequence number is a sequence number that changes according to a preset rule, the preset rule may be: assuming that the preset serial number is six digits, the preset serial number is numbered with 000001 as a starting number for electronic files of different client (organization or personal) codes, and the preset serial numbers are numbered in an increasing manner for a plurality of electronic files of the same client (organization or personal) code. Of course, it should be understood by those skilled in the art that other preset rules may be provided in other embodiments of the present invention, and are not specifically limited herein.
6) And packaging the ID card number, the public key certificate of the client and the signature value to generate a packaged file, and generating the electronic archive ID card according to the packaged file.
In a specific embodiment, step 6) specifically comprises:
6.1 Package the identification card number, the public key certificate of the client, and the signature value into a first XML file;
6.2 Based on the ID card number, generating an encryption key according to a key generation rule;
6.3 Scrambling the first XML file by using the encryption key to generate encrypted data;
6.4 Encapsulate the identification card number and the encrypted data into a second XML file, and use the second XML file as the electronic archive identification card.
To sum up, the above embodiment digitally signs the metadata of the electronic archive and the digital digest of the electronic archive by using the private key of the client that receives the file, thereby ensuring the authenticity of the electronic archive, generates the key according to the key generation rule based on the id number of the electronic archive, encrypts the first XML file including the id number of the electronic archive, the public key certificate of the client that receives the file, and the signature value, thereby generating the unique electronic archive id, ensuring the security of the electronic archive, and simultaneously ensuring the uniqueness and originality of the electronic archive.
Referring to fig. 3, in some implementations of the first aspect, the performing bidirectional identity authentication on a server and a client by using an RSA algorithm includes the following steps:
s101, receiving a communication connection request, a first random number and an encryption algorithm list supported by both communication parties, wherein the communication connection request is sent by a client;
s102, selecting an encryption suite from the encryption algorithm list, sending a server certificate, a second random number and the encryption suite to a client, and sending the client certificate to the client;
s103, when the client successfully verifies the server certificate, receiving the client certificate and a third random number sent by the client to legally verify the client certificate; wherein the first random number, the second random number, and the third random number are all generated by a random number generator; and the third random number is generated by encrypting the public key of the server by using an RSA algorithm.
In one embodiment, the processing the electronic archive data using the AES algorithm to generate the first key includes:
and after the client certificate is successfully legally verified, decrypting the third random number by using a private key, and calculating and generating a communication key of an AES algorithm by using the first random number, the second random number and the decrypted third random number as a first key.
In a specific embodiment, the generating of the first data signature includes:
the client calculates the third random number and the hash value of the client certificate by using an SHA algorithm, encrypts the hash value by using an AES algorithm, and generates a first data signature after encrypting by using an RSA algorithm through a server public key.
Referring to fig. 4, to help understand the data interaction process between the server and the client, in some implementations of the first aspect, a dual-end communication link and a file transmission process are further provided, which are as follows:
1) The client A initiates a communication connection request to the server B, and the client A sends the generated 1 st random number random _ f and an encryption algorithm cirphersus list supported by both communication parties to the server B; wherein, random _ f needs to be stored in both a and B, and is used when generating the communication encryption key.
2) After the server B receives the connection request, B sends its certificate cert _ s and the generated 2 nd random number
And sending the random _ s and the encryption suite selected from the cirpheruites list to the A together, and requesting a certificate from the A to verify the validity of the identity of the A, wherein the random _ s also needs to be stored in the A and the B respectively and is used when a communication encryption key is generated.
3) The client A firstly verifies cert _ s of the server B, if the verification fails, the communication connection is disconnected, and corresponding error prompt is given; after successful verification, a sends its certificate cert _ c to B together with a third random number pre-master encrypted using the RSA algorithm by the B public key _ p.
4) The server B verifies the cert _ c of the client A, if the verification fails, the communication connection is disconnected, and corresponding error prompt is given; after the verification is successful, B decrypts the pre-master by using the private key _ s, and calculates the decrypted pre-master, random _ f and random _ s together to generate the communication of the AES algorithm
The key session _ secert _ s.
5) And the client A calculates the pre-master, the random _ f and the random _ s together to generate a communication key session _ secert _ c of the AES algorithm. The client A calculates the data sent in the step 3) by using an SHA-256 algorithm to obtain a hash value, encrypts the hash value by using a session _ secert _ c through an AES algorithm to obtain a handover _ message _ c, encrypts the hash value by using an RSA algorithm through a public key _ p of the B, and sends the encrypted hash value to the B for data signature verification.
6) The server B decrypts the received data by using the private key _ s of the server B, then decrypts the handshake _ message _ c by using the session _ sec _ s in the step 4), the decrypted hash value is compared with the hash value calculated by using the SHA-256 algorithm for the data received in the step 4), and if the comparison results are the same, the signature verification is successful, which indicates that the data is not tampered and is complete data sent by the server A. B calculates and generates signature data handshake _ message _ s by the same method, and sends handshake _ message _ s to A for data signature verification after being encrypted by the public key _ pc of A by using an RSA algorithm.
7) The client A decrypts the received data by using the private key _ sc of the client A, then decrypts the encrypted data hand _ message _ s by using the session _ secert _ c in the step 5), the decrypted hash value is compared with the hash value calculated by using the SHA-256 algorithm for the data received in the step 3), the obtained hash values are compared, if the comparison results are the same, the signature verification is successful, the data is not tampered, and the data is complete data sent by the client B. At this time, the safe transmission process of the electronic files A and B can be realized.
Therefore, in the process of transmitting the electronic file by the client and the server according to the embodiment, the client and the server are subjected to bidirectional identity authentication by using the hybrid encryption algorithm, the server and the client are encrypted by using the RSA algorithm to generate the ciphertext and the digital signature, and the ciphertext and the digital signature are transmitted to the client for verification, so that the client and the server can establish a secure communication link to complete secure transmission of the electronic file. The hybrid algorithm is short in time consumption, has lower requirements on system configuration, and reduces transmission cost on the premise of ensuring safe transmission.
Referring to fig. 5, in an embodiment of the second aspect of the present application, there is provided an electronic file encryption transmission system applied in a server, including:
the identity authentication unit 01 is used for performing bidirectional identity authentication on the server and the client by using an RSA algorithm;
the first key generation unit 02 is used for acquiring the electronic file to be transmitted when the authentication is passed, and processing the data of the electronic file by using an AES algorithm to generate a first key;
the second key generation unit 03 is configured to extract a file version number of the electronic file to be transmitted, encrypt the file version number by using a hash function, and generate a version number ciphertext; iterating the version number ciphertext by using an iteration function to generate a second secret key;
the digital signature verification unit 04 is used for receiving and verifying the first digital signature sent by the client, and after the first digital signature is successfully verified, generating a second digital signature and sending the second digital signature to the client for verification; wherein the first digital signature and the second digital signature are both generated according to an SHA algorithm;
and the decryption unit 05 is used for decrypting the first secret key and the second secret key when the client is successfully verified, so as to finish the encrypted transmission of the electronic file.
It is understood that the above-mentioned electronic file encryption transmission apparatus can implement the electronic file encryption transmission method of the above-mentioned method embodiment. The alternatives in the above-described method embodiments are also applicable to this embodiment and will not be described in detail here. The rest of the embodiments of the present application may refer to the contents of the above method embodiments, and in this embodiment, details are not described again.
Referring to fig. 6, in an embodiment of the third aspect of the present application, there is further provided a terminal device, including:
one or more processors;
a memory coupled to the processor for storing one or more programs;
when executed by the one or more processors, cause the one or more processors to implement the electronic file encrypted transmission method as described above.
The processor is used for controlling the overall operation of the terminal equipment so as to complete all or part of the steps of the electronic file encryption transmission method. The memory is used to store various types of data to support operation at the terminal device, and these data may include, for example, instructions for any application or method operating on the terminal device, as well as application-related data. The Memory may be implemented by any type of volatile or non-volatile Memory device or combination thereof, such as Static Random Access Memory (SRAM), electrically Erasable Programmable Read-Only Memory (EEPROM), erasable Programmable Read-Only Memory (EPROM), programmable Read-Only Memory (PROM), read-Only Memory (ROM), magnetic Memory, flash Memory, magnetic disk, or optical disk.
In an exemplary embodiment, the terminal Device may be implemented by one or more Application Specific 1 integrated circuits (AS 1C), digital Signal Processors (DSPs), digital Signal Processing Devices (DSPDs), programmable Logic Devices (PLDs), field Programmable Gate Arrays (FPGAs), controllers, microcontrollers, microprocessors, or other electronic components, and is configured to perform the electronic file encryption transmission method according to any one of the above embodiments, and achieve the technical effects consistent with the above methods.
In another exemplary embodiment, a computer-readable medium is also provided, which comprises a computer program, which when executed by a processor, performs the steps of the method for encrypted transmission of an electronic archive as described in any of the above embodiments. For example, the computer readable medium may be the above-mentioned memory including a computer program, and the above-mentioned computer program may be executed by a processor of a terminal device to implement the method for encrypted transmission of an electronic file according to any of the above-mentioned embodiments, and achieve the technical effects consistent with the above-mentioned method.
The computer readable media of the embodiments of the present application may be computer readable signal media or computer readable storage media or any combination of the two. More specific examples (a non-exhaustive list) of the computer-readable storage medium would include the following: an electrical connection (electronic device) having one or more wires, a portable computer diskette (magnetic device), a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber device, and a portable read-only memory (CDROM). Additionally, the computer-readable storage medium could even be paper or another suitable medium upon which the program is printed, as the program can be electronically captured, via for instance optical scanning of the paper or other medium, then compiled, interpreted or otherwise processed in a suitable manner if necessary, and then stored in a computer memory.
In embodiments of the present application, a computer readable signal medium may comprise a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, input method, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, radio Frequency (RF), etc., or any suitable combination of the foregoing.
It should be understood that portions of the present application may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, the various steps or methods may be implemented in software or firmware stored in memory and executed by a suitable instruction execution system. For example, if implemented in hardware, as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic gate circuit for implementing a logic function on a data signal, an application specific integrated circuit having an appropriate combinational logic gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), or the like.
It will be understood by those skilled in the art that all or part of the steps carried out in the method for implementing the above embodiment may be implemented by hardware that is related to instructions of a program, and the program may be stored in a computer readable storage medium, and when executed, the program includes one or a combination of the steps of the method embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing module, or each unit may exist alone physically, or two or more units are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. The integrated module, if implemented in the form of a software functional module and sold or used as a separate product, may also be stored in a computer readable storage medium. The storage medium may be a read-only memory, a magnetic or optical disk, or the like.
The above-mentioned embodiments are further detailed to explain the objects, technical solutions and advantages of the present application, and it should be understood that the above-mentioned embodiments are only examples of the present application and are not intended to limit the scope of the present application. It should be understood that any modifications, equivalents, improvements and the like, which come within the spirit and principle of the present application, may occur to those skilled in the art and are intended to be included within the scope of the present application.
Claims (10)
1. An electronic file encryption transmission method is applied to a server and comprises the following steps:
performing bidirectional identity authentication on a server and a client by using an RSA algorithm;
when the authentication is passed, acquiring the electronic file to be transmitted, and processing the data of the electronic file by using an AES algorithm to generate a first secret key;
extracting the file version number of the electronic file to be transmitted, and encrypting the file version number by utilizing a hash function to generate a version number ciphertext; iterating the version number ciphertext by using an iteration function to generate a second key;
receiving and verifying a first digital signature sent by a client, and after the first digital signature is successfully verified, generating a second digital signature and sending the second digital signature to the client for verification; wherein the first digital signature and the second digital signature are both generated according to an SHA algorithm;
and when the client side succeeds in verification, decrypting the first secret key and the second secret key to finish the encryption transmission of the electronic file.
2. The method for encrypted transmission of an electronic archive according to claim 1, further comprising generating an electronic archive identification card for the electronic archive to be transmitted, including:
acquiring an electronic file and metadata of the electronic file;
extracting client information of the electronic archive and number source data used for generating an electronic archive identity card number from metadata of the electronic archive, wherein the client information comprises: a private key index of the client and a public key certificate of the client;
processing the electronic file by using a summary algorithm to generate a digital summary of the electronic file;
carrying out digital signature on the digital abstract of the electronic file by using a private key of the client to obtain a signature value;
generating an ID card number of the electronic file based on the number source data and a preset number generation rule;
and packaging the ID card number, the public key certificate of the client and the signature value to generate a packaged file, and generating the electronic archive ID card according to the packaged file.
3. The method for encrypting and transmitting the electronic archive according to claim 2, wherein the step of encapsulating the id card number, the public key certificate of the client and the signature value to generate an encapsulated file, and generating the electronic archive id card according to the encapsulated file comprises:
packaging the ID card number, the public key certificate of the client and the signature value into a first XML file;
generating an encryption key according to a key generation rule based on the ID card number;
carrying out confusion scrambling on the first XML file by using the encryption key to generate encrypted data;
and packaging the ID card number and the encrypted data into a second XML file, and taking the second XML file as the electronic archive ID card.
4. The encryption transmission method for electronic record according to claim 1, wherein said bidirectional authentication for server and client by RSA algorithm comprises:
receiving a communication connection request, a first random number and an encryption algorithm list supported by both communication parties, which are sent by a client;
selecting an encryption suite from the encryption algorithm list, sending a server certificate, a second random number and the encryption suite to a client, and sending the client certificate to the client;
when the client successfully verifies the server certificate, receiving a client certificate and a third random number sent by the client to legally verify the client certificate; wherein,
the first random number, the second random number, and the third random number are all generated by a random number generator; and the third random number is generated by encrypting the public key of the server by utilizing an RSA algorithm.
5. The method for encrypted transmission of an electronic archive according to claim 4, wherein the processing the electronic archive data using the AES algorithm to generate the first key comprises:
and after the client certificate is successfully legally verified, decrypting the third random number by using a private key, and calculating and generating a communication key of an AES algorithm by using the first random number, the second random number and the decrypted third random number as a first key.
6. The method for encrypted transmission of an electronic archive according to claim 5, wherein the process of generating the first data signature comprises:
the client calculates the third random number and the hash value of the client certificate by using an SHA algorithm, encrypts the hash value by using an AES algorithm, and generates a first data signature after encrypting by using an RSA algorithm through a server public key.
7. The method for encrypted transmission of an electronic archive according to claim 1, wherein the iterating the version number ciphertext using an iterating function to generate a second key comprises:
and iterating the version number ciphertext by using a divergent non-reversible function Fun to generate a key of a 128-bit AES encryption algorithm as a second key.
8. An electronic file encryption transmission system, applied in a server, comprising:
the identity authentication unit is used for performing bidirectional identity authentication on the server and the client by utilizing an RSA algorithm;
the first key generation unit is used for acquiring the electronic file to be transmitted when the authentication is passed, and processing the data of the electronic file by using an AES algorithm to generate a first key;
the second key generation unit is used for extracting the file version number of the electronic file to be transmitted, and encrypting the file version number by utilizing a hash function to generate a version number ciphertext; iterating the version number ciphertext by using an iteration function to generate a second key;
the digital signature verification unit is used for receiving and verifying the first digital signature sent by the client, and after the first digital signature is successfully verified, generating a second digital signature and sending the second digital signature to the client for verification; wherein the first digital signature and the second digital signature are both generated according to an SHA algorithm;
and the decryption unit is used for decrypting the first secret key and the second secret key when the client is successfully verified, so as to finish the encrypted transmission of the electronic file.
9. A terminal device, comprising:
one or more processors;
a memory coupled to the processor for storing one or more programs;
when executed by the one or more processors, cause the one or more processors to implement the method for encrypted transmission of an electronic archive according to any of claims 1-7.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out a method for the encrypted transmission of an electronic archive according to any one of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211364872.7A CN115913672B (en) | 2022-11-02 | 2022-11-02 | Electronic file encryption transmission method, system, terminal equipment and computer medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211364872.7A CN115913672B (en) | 2022-11-02 | 2022-11-02 | Electronic file encryption transmission method, system, terminal equipment and computer medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115913672A true CN115913672A (en) | 2023-04-04 |
| CN115913672B CN115913672B (en) | 2023-09-01 |
Family
ID=86490520
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211364872.7A Active CN115913672B (en) | 2022-11-02 | 2022-11-02 | Electronic file encryption transmission method, system, terminal equipment and computer medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115913672B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116938459A (en) * | 2023-09-19 | 2023-10-24 | 厘壮信息科技(苏州)有限公司 | Data transmission security assessment method for network users |
| CN116996222A (en) * | 2023-09-27 | 2023-11-03 | 江西财经大学 | Data security transmission method and device, readable storage medium and electronic equipment |
| CN117376039A (en) * | 2023-12-08 | 2024-01-09 | 四川科朗新创建设有限公司 | Encryption method, system, equipment and medium of SD-WAN communication system |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108650210A (en) * | 2018-03-14 | 2018-10-12 | 深圳市中易通安全芯科技有限公司 | A kind of Verification System and method |
| CN110138772A (en) * | 2019-05-13 | 2019-08-16 | 上海英恒电子有限公司 | A kind of communication means, device, system, equipment and storage medium |
| CN110535868A (en) * | 2019-09-05 | 2019-12-03 | 山东浪潮商用系统有限公司 | Data transmission method and system based on Hybrid Encryption algorithm |
| CN110690969A (en) * | 2018-07-06 | 2020-01-14 | 武汉信安珞珈科技有限公司 | Method and system for completing bidirectional SSL/TLS authentication in cooperation of multiple parties |
| CN113225330A (en) * | 2021-04-30 | 2021-08-06 | 深圳沐沐森科技有限公司 | Electronic information data secure transmission method |
| US20210306158A1 (en) * | 2018-08-14 | 2021-09-30 | Crio Solutions S.R.L. | Certification system and certification method for certifying the existence of a digitial content |
| CN114389793A (en) * | 2020-10-16 | 2022-04-22 | 中移动信息技术有限公司 | Method, device and equipment for verifying session key and computer storage medium |
| CN114900304A (en) * | 2021-12-29 | 2022-08-12 | 北京爱知之星科技股份有限公司 | Digital signature method and apparatus, electronic device, and computer-readable storage medium |
| CN115941773A (en) * | 2022-11-02 | 2023-04-07 | 广州市南方人力资源评价中心有限公司 | Project transaction method, system, terminal device and medium based on cloud service sharing |
-
2022
- 2022-11-02 CN CN202211364872.7A patent/CN115913672B/en active Active
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108650210A (en) * | 2018-03-14 | 2018-10-12 | 深圳市中易通安全芯科技有限公司 | A kind of Verification System and method |
| CN110690969A (en) * | 2018-07-06 | 2020-01-14 | 武汉信安珞珈科技有限公司 | Method and system for completing bidirectional SSL/TLS authentication in cooperation of multiple parties |
| US20210306158A1 (en) * | 2018-08-14 | 2021-09-30 | Crio Solutions S.R.L. | Certification system and certification method for certifying the existence of a digitial content |
| CN110138772A (en) * | 2019-05-13 | 2019-08-16 | 上海英恒电子有限公司 | A kind of communication means, device, system, equipment and storage medium |
| CN110535868A (en) * | 2019-09-05 | 2019-12-03 | 山东浪潮商用系统有限公司 | Data transmission method and system based on Hybrid Encryption algorithm |
| CN114389793A (en) * | 2020-10-16 | 2022-04-22 | 中移动信息技术有限公司 | Method, device and equipment for verifying session key and computer storage medium |
| CN113225330A (en) * | 2021-04-30 | 2021-08-06 | 深圳沐沐森科技有限公司 | Electronic information data secure transmission method |
| CN114900304A (en) * | 2021-12-29 | 2022-08-12 | 北京爱知之星科技股份有限公司 | Digital signature method and apparatus, electronic device, and computer-readable storage medium |
| CN115941773A (en) * | 2022-11-02 | 2023-04-07 | 广州市南方人力资源评价中心有限公司 | Project transaction method, system, terminal device and medium based on cloud service sharing |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116938459A (en) * | 2023-09-19 | 2023-10-24 | 厘壮信息科技(苏州)有限公司 | Data transmission security assessment method for network users |
| CN116938459B (en) * | 2023-09-19 | 2024-01-09 | 厘壮信息科技(苏州)有限公司 | Data transmission security assessment method for network users |
| CN116996222A (en) * | 2023-09-27 | 2023-11-03 | 江西财经大学 | Data security transmission method and device, readable storage medium and electronic equipment |
| CN116996222B (en) * | 2023-09-27 | 2023-12-12 | 江西财经大学 | Data security transmission method and device, readable storage medium and electronic equipment |
| CN117376039A (en) * | 2023-12-08 | 2024-01-09 | 四川科朗新创建设有限公司 | Encryption method, system, equipment and medium of SD-WAN communication system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115913672B (en) | 2023-09-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101999188B1 (en) | Secure personal devices using elliptic curve cryptography for secret sharing | |
| CN108292402B (en) | Determination of a common secret and hierarchical deterministic keys for the secure exchange of information | |
| CN109756500B (en) | Anti-quantum computation HTTPS communication method and system based on multiple asymmetric key pools | |
| Rodriguez-Henriquez et al. | A brief introduction to modern cryptography | |
| CN115913672B (en) | Electronic file encryption transmission method, system, terminal equipment and computer medium | |
| US20140195804A1 (en) | Techniques for secure data exchange | |
| CN107251476A (en) | Secret communication is managed | |
| CN109861813B (en) | Anti-quantum computing HTTPS communication method and system based on asymmetric key pool | |
| CN112804205A (en) | Data encryption method and device and data decryption method and device | |
| CN110868287A (en) | Authentication encryption ciphertext coding method, system, device and storage medium | |
| US7894608B2 (en) | Secure approach to send data from one system to another | |
| WO2023151479A1 (en) | Data processing method, and device | |
| CN109547413B (en) | Access control method of convertible data cloud storage with data source authentication | |
| CN114338648A (en) | SFTP multi-terminal file secure transmission method and system based on state cryptographic algorithm | |
| CN111565108B (en) | Signature processing method, device and system | |
| CN105871858A (en) | Method and system for ensuring high data safety | |
| CN115941773A (en) | Project transaction method, system, terminal device and medium based on cloud service sharing | |
| CN116318654A (en) | SM2 algorithm collaborative signature system, method and equipment integrating quantum key distribution | |
| JP2008506293A (en) | How to provide digital authentication functionality | |
| CN109361506A (en) | Information processing method | |
| US20230269080A1 (en) | Provider and receiver cryptosystems comprising combined algorithms | |
| CN113381855A (en) | Communication method and system | |
| Barker et al. | SP 800-56A. recommendation for pair-wise key establishment schemes using discrete logarithm cryptography (revised) | |
| JPS63176043A (en) | Secret information communicating system | |
| TWI242966B (en) | Security transmitting method and system of digital medical information |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: 510000 rooms 308-316, 401-416, No. 5, jinshangu creative 10th Street, Donghuan street, Panyu District, Guangzhou City, Guangdong Province Patentee after: Wangcai Technology (Guangzhou) Group Co.,Ltd. Country or region after: China Address before: 510000 rooms 308-316, 401-416, No. 5, jinshangu creative 10th Street, Donghuan street, Panyu District, Guangzhou City, Guangdong Province Patentee before: GUANGZHOU NANFANG HUMAN RESOURCES EVALUATION CENTER Co.,Ltd. Country or region before: China |