CN115967790A - Monitoring system and monitoring data encryption transmission method - Google Patents
Monitoring system and monitoring data encryption transmission method Download PDFInfo
- Publication number
- CN115967790A CN115967790A CN202211384460.XA CN202211384460A CN115967790A CN 115967790 A CN115967790 A CN 115967790A CN 202211384460 A CN202211384460 A CN 202211384460A CN 115967790 A CN115967790 A CN 115967790A
- Authority
- CN
- China
- Prior art keywords
- monitoring data
- key
- quantum key
- monitoring
- data acquisition
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Abstract
The invention provides a monitoring system and a monitoring data encryption transmission method. Wherein, monitored control system includes: the system comprises a key generation unit, a monitoring data acquisition end, a monitoring data display end and a management server. The key generation unit is in data transmission with the management server, the management server is in data transmission with the monitoring data acquisition end and the monitoring data display end respectively, and data transmission is carried out between the monitoring data acquisition end and the monitoring data display end. And the key generation unit, the monitoring data acquisition end, the monitoring data display end and the management server send keys in a wireless transmission mode. The invention uses the quantum key to encrypt the video data packet, ensures the privacy and the non-tampering property of the video data, and effectively improves the data security of the monitoring equipment.
Description
Technical Field
The invention relates to the technical field of video data encryption, in particular to a monitoring system and a monitoring data encryption transmission method.
Background
Along with the development of AI technology, the development of video forgery technology and camera cracking technology is rapid, and the existing monitoring equipment generally does not have an encryption function, so that the safety of the existing monitoring equipment is low. Although a few monitoring devices have an encryption function, the monitoring devices use a traditional encryption mode, the encryption strength is not high, and the monitoring devices are easy to crack and tamper. For some important video data, a high-strength encryption means is urgently needed to protect the data security. Therefore, there is a need for further solutions to the above problems.
Disclosure of Invention
The invention aims to provide a monitoring system and a monitoring data encryption transmission method, which are used for overcoming the defects in the prior art.
In order to solve the technical problem, the technical scheme of the invention is as follows:
a monitoring data encryption transmission method comprises the following steps:
s1, generating an initial quantum key QKey0, dividing the quantum key QKey0 into keys 01 and 02 and keys 03.. Key0n, wherein n is more than or equal to 2, and storing each sub-key decomposed by the QKey0 in a key pool;
s2, sending the sub-keys decomposed by the QKey0 to a monitoring data acquisition end, and sending the sub-keys decomposed by the QKey0 to a monitoring data display end;
s3, a monitoring data acquisition end acquires a data packet 1, the acquired data packet 1 is encrypted by using a key1 and then is sent to a monitoring data display end, and the monitoring data display end decrypts the data packet 1 by using the key1 and then displays the data packet 1;
s4, repeatedly executing the step S3 aiming at the collected data packet 2-N, and executing the step S5 when the sub-key only remains key 0N;
s5, sending a new key request to generate a quantum key QKey1, sending the quantum key QKey1 to a monitoring data acquisition end and a monitoring data display end respectively, and dividing the quantum key QKey1 into key11, key12 and key13.. Key1n by each terminal, wherein n is more than or equal to 2;
and S6, when the monitoring data acquisition end continues to acquire data, repeating the steps from S3 to S5 aiming at the subsequently acquired data packet.
As an improvement of the monitoring data encryption transmission method, the field of the initial quantum key and the field of the newly generated quantum key are divided into a plurality of equal-length sub-keys in an averaging mode.
As an improvement of the monitoring data encryption transmission method, an initial quantum key is generated through a quantum key random number generator, and a new quantum key is generated in response to a new key request.
As an improvement of the monitoring data encryption transmission method, the monitoring data acquisition end and the monitoring data display end write in respective unique equipment IDs in a registration mode; and the monitoring data display end is bound with at least one monitoring data acquisition end.
As an improvement of the monitoring data encryption transmission method of the present invention, the step S5 further includes: and encrypting the generated quantum key QKey1 and then respectively sending the encrypted quantum key QKey1 to a monitoring data acquisition end and a monitoring data display end, wherein the monitoring data acquisition end and the monitoring data display end decrypt the received quantum key QKey1 and then throw the decrypted quantum key QKey1 into use.
As an improvement of the monitoring data encryption transmission method of the present invention, the step S5 further includes: the generated quantum key QKey1 is encrypted by using the sub-key 0n and then respectively sent to the monitoring data acquisition end and the monitoring data display end, and the monitoring data acquisition end and the monitoring data display end decrypt the received quantum key QKey1 by using the sub-key 0n respectively possessed by the monitoring data acquisition end and the monitoring data display end and then put into use.
As an improvement of the monitoring data encryption transmission method of the present invention, the step S5 further includes: and expanding the sub-key 0n through an expansion algorithm to generate a new key ', encrypting the generated quantum key QKey1 by using the key ', and then respectively sending the encrypted quantum key1 to a monitoring data acquisition end and a monitoring data display end, wherein the monitoring data acquisition end and the monitoring data display end decrypt the received quantum key QKey1 by using the key ' respectively provided by the monitoring data acquisition end and the monitoring data display end and then throw the decrypted quantum key1 into use.
As an improvement of the monitoring data encryption transmission method of the present invention, the expansion algorithm includes: SHA256 algorithm or AES algorithm.
As an improvement of the monitoring data encryption transmission method of the present invention, a method of encrypting the generated quantum key QKey1 includes: AES algorithm, RSA algorithm, SM2 algorithm, and SM4 algorithm.
As an improvement of the monitoring data encryption transmission method, the key is sent in a wireless transmission mode.
In order to solve the technical problem, the technical scheme of the invention is as follows:
a monitoring system, comprising: the system comprises a key generation unit, a monitoring data acquisition end, a monitoring data display end and a management server;
the key generation unit can generate an initial quantum key and send the initial quantum key to the management server;
the management server divides the initial quantum key into a plurality of sub-keys and stores each decomposed sub-key in a key pool;
the monitoring data acquisition end and the monitoring data display end can receive each sub-secret key from the secret key pool, a data packet acquired by the monitoring data acquisition end is encrypted through the corresponding sub-secret key and then is sent to the monitoring data display end, and the monitoring data display end displays the received data packet after decrypting the received data packet by using the corresponding sub-secret key;
and when the sub-keys are about to be used up, the key generation unit can respond to a new key request to generate a new quantum key, and distribute the new quantum key to the monitoring data acquisition end and the monitoring data display end through the management server so as to continuously encrypt and transmit subsequently acquired data packets.
As an improvement of the monitoring system of the present invention, before the new quantum key is distributed to the monitoring data acquisition end and the monitoring data display end, the management server may encrypt the new quantum key and then distribute the new quantum key to the monitoring data acquisition end and the monitoring data display end, and the monitoring data acquisition end and the monitoring data display end decrypt the received new quantum key and then use the decrypted new quantum key.
As an improvement of the monitoring system, the management server encrypts the next group of new keys by using the remaining sub-keys in the previous group of quantum keys, and the monitoring data acquisition end and the monitoring data display end decrypt the new keys by using the corresponding remaining sub-keys and then use the new keys.
As an improvement of the monitoring system, the management server, the monitoring data acquisition end and the monitoring data display end respectively perform expansion operation on the remaining sub-keys in the previous group of quantum keys, the management server encrypts the next group of new keys by using the keys obtained after the expansion operation, and the monitoring data acquisition end and the monitoring data display end decrypt the new keys by using the keys obtained after the expansion operation and then put into use.
As an improvement of the monitoring system, the key generation unit, the monitoring data acquisition end, the monitoring data display end and the management server send the key in a wireless transmission mode.
As an improvement of the monitoring system of the invention, the key generation unit is a quantum key generator; the monitoring data acquisition end is a quantum encryption camera; the monitoring data display end is video monitoring equipment.
Compared with the prior art, the invention has the beneficial effects that:
the invention uses the quantum key to encrypt the video data packet, ensures the privacy and the non-tamper property of the video data, and effectively improves the data security of the monitoring equipment.
The initial quantum key is pre-filled in the server and each terminal device, and the subsequent key is distributed in a wireless mode after filling, so that the sending mode of the quantum key is simplified, the sending efficiency of the quantum key is improved, and each terminal device can encrypt and decrypt the data packet conveniently. In addition, the pre-pouring mode is favorable for ensuring the safety of the secret key and avoiding the leakage in the transmission process.
The invention divides the quantum key into a plurality of shorter fields, which is beneficial to reducing the data volume of the encrypted data packet while being beneficial to fully utilizing the quantum key.
When a new quantum key is supplemented, the new quantum key is encrypted by utilizing the previous group of residual sub-keys or encrypted after the previous group of residual sub-keys are subjected to expansion calculation, so that the security of the key is ensured, and the leakage in the transmission process is avoided.
In the hardware aspect, the camera end can be used as a module to be accessed into other application equipment, and meanwhile, the camera monitoring end is synchronously accessed into the applied equipment monitoring end, so that the function of quantum encrypted video monitoring can be conveniently expanded for other equipment.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the embodiments or the description of the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments described in the present invention, and it is also possible for those skilled in the art to obtain other drawings based on the drawings without creative efforts.
FIG. 1 is a flowchart of a monitoring data encryption transmission method according to an embodiment of the present invention;
FIG. 2 is a block diagram of a monitoring system according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
An embodiment of the present invention provides a monitoring data encryption transmission method, which can be applied to monitoring systems such as video monitoring, and performs encryption transmission on video data packets collected during monitoring by using a quantum key, thereby ensuring privacy and non-tamper property of video data, and effectively improving data security of monitoring equipment.
As shown in fig. 1, the monitoring data encryption transmission method of the present embodiment includes:
s1, generating an initial quantum key QKey0, dividing the quantum key QKey0 into keys 01 and 02 and keys 03.. Key0n, wherein n is more than or equal to 2, and storing each sub-key decomposed by the QKey0 in a key pool to be distributed for use.
In step S1, an initial quantum key may be generated by a quantum key random number generator. The generated quantum key data may be split into multiple shorter key fields, considering that it is a longer field. In one embodiment, the field of the initial quantum key and the field of the subsequent newly generated quantum key can be divided into a plurality of equal-length sub-keys in an equal division manner. Thus, the quantum key is fully utilized, and meanwhile, the data volume of the encrypted data packet is reduced.
Meanwhile, in the embodiment, the initial quantum key is pre-poured into the server and each terminal device, and the subsequent key is distributed in a wireless mode after pouring is finished, so that the sending mode of the quantum key is simplified, the sending efficiency of the quantum key is improved, and each terminal device can conveniently encrypt and decrypt the data packet. In addition, the pre-pouring mode is favorable for ensuring the safety of the secret key and avoiding the leakage in the transmission process.
And S2, sending each sub-key decomposed by the QKey0 to a monitoring data acquisition end, and sending each sub-key decomposed by the QKey0 to a monitoring data display end. Therefore, the monitoring data acquisition end and the monitoring data display end are provided with the sub-keys decomposed by the QKey0, so that the acquired data packet can be encrypted at the monitoring data acquisition end, and can be decrypted by the corresponding keys when being transmitted to the monitoring data display end, and further encrypted transmission of the data packet is realized.
In addition, one monitoring data acquisition end can be provided, and a plurality of monitoring data acquisition ends can be provided according to requirements. In order to associate the monitoring data acquisition end with the monitoring data display end, the monitoring data acquisition end and the monitoring data display end need to be bound. Specifically, the monitoring data acquisition end is registered on the application platform where the monitoring data acquisition end is located, that is, the monitoring data acquisition end is assigned with a device ID of one. Similarly, the monitoring data display terminal is registered on the application platform where the monitoring data display terminal is located, that is, the monitoring data display terminal is assigned with a device ID of one. And then, associating the equipment ID of the monitoring data acquisition end with the equipment ID of the monitoring data display end.
And S3, the monitoring data acquisition end acquires the data packet 1, encrypts the acquired data packet 1 by using the key1 and then sends the encrypted data packet to the monitoring data display end, and the monitoring data display end decrypts the data packet 1 by using the key1 and then displays the decrypted data packet.
The data packet 1 is the minimum data size acquired and sent by the monitoring data acquisition end according to a standard protocol, and data encryption transmission between the monitoring data acquisition end and the monitoring data display end can be realized by encrypting the minimum data size.
Furthermore, since the monitoring data acquisition end and the monitoring data display end are filled with the sub-keys decomposed by the QKey0, when the keys are used, queues at two ends of the monitoring data acquisition end and the monitoring data display end are continuously dequeued, for example, the keys 1 at two ends are dequeued for encryption and decryption.
And S4, repeatedly executing the step S3 aiming at the collected data packet 2-N, and executing the step S5 when the subkey only remains key 0N.
S5, sending a new key request to generate a quantum key QKey1, sending the quantum key QKey1 to a monitoring data acquisition end and a monitoring data display end respectively, and dividing the quantum key QKey1 into a key11, a key12 and a key13.
The supplemental distribution of the quantum key can be realized through step S5. In one embodiment, a new quantum key may be generated by a quantum key random number generator in response to a new key request. Likewise, given that the quantum key data generated is a longer field, it may be split into multiple shorter key fields. In one embodiment, the field of the initial quantum key and the field of the subsequent newly generated quantum key can be divided into a plurality of equal-length sub-keys in an equal division manner. Thus, the quantum key is fully utilized, and meanwhile, the data volume of the encrypted data packet is reduced.
In order to avoid leakage during the distribution of the supplemental quantum key, step S5 further includes: and encrypting the generated quantum key QKey1 and then respectively sending the encrypted quantum key QKey1 to a monitoring data acquisition end and a monitoring data display end, and decrypting the received quantum key QKey1 and then putting the decrypted quantum key QKey1 into use by the monitoring data acquisition end and the monitoring data display end. Thus, encrypted transmission of the newly generated quantum key is guaranteed.
In one embodiment, the newly generated quantum key QKey1 may be encrypted using the last set of remaining subkeys. Thus, the additional setting of the key generation device can be avoided. At this time, the generated quantum key QKey1 may be encrypted by using the sub-key 0n and then sent to the monitoring data acquisition end and the monitoring data display end, and the monitoring data acquisition end and the monitoring data display end decrypt the received quantum key QKey1 by using the sub-key 0n of each of the monitoring data acquisition end and the monitoring data display end and then launch the decrypted quantum key QKey1 for use.
In the present embodiment, the method of encrypting the generated quantum key QKey1 includes: AES algorithm, RSA algorithm, SM2 algorithm, and SM4 algorithm. The encryption algorithm is an existing standard encryption algorithm, and those skilled in the art can select the encryption algorithm as needed and apply the encryption algorithm to the technical solution of the embodiment in combination.
In another embodiment, in consideration that the last group of remaining sub-keys may be used up, before encrypting the newly generated quantum key QKey1 with the last group of remaining sub-keys, the method further includes: and expanding the sub-key 0n through an expansion algorithm to generate a new key'. In this way, a key of a certain length can be extended to a key of several times the length, such as a 128-bit key to 256 bits.
And then, encrypting the generated quantum key QKey1 by using the key keyn ', and then respectively sending the encrypted quantum key QKey1 to the monitoring data acquisition end and the monitoring data display end, wherein the monitoring data acquisition end and the monitoring data display end decrypt the received quantum key QKey1 by using the key keyn' respectively and then throw the decrypted quantum key into use.
In this embodiment, the extension algorithm includes: SHA256 algorithm or AES algorithm. The method for encrypting the generated quantum key QKey1 comprises the following steps: AES algorithm, RSA algorithm, SM2 algorithm, and SM4 algorithm. The above-mentioned expansion algorithm and encryption algorithm are both existing standard algorithms, and those skilled in the art can select them according to the needs and apply them in combination in the technical solution of this embodiment.
And S6, when the monitoring data acquisition end continues to acquire data, repeating the steps from S3 to S5 aiming at the subsequently acquired data packet.
Based on the same inventive concept, an embodiment of the present invention further provides a monitoring system, which can perform transmission of monitoring data according to the monitoring data encryption transmission method described in the above embodiment. Furthermore, the video data packets collected during monitoring are encrypted and transmitted by using the quantum key, so that the privacy and the tamper resistance of the video data are ensured, and the data security of the monitoring equipment is effectively improved.
As shown in fig. 2, the monitoring system of the present embodiment includes: the system comprises a key generation unit 10, a monitoring data acquisition end 20, a monitoring data display end 30 and a management server 40.
The key generation unit 10 and the management server 40 perform data transmission, the management server 40 performs data transmission with the monitoring data acquisition terminal 20 and the monitoring data display terminal 30, and the monitoring data acquisition terminal 20 and the monitoring data display terminal 30 perform data transmission therebetween. The key generation unit 10, the monitoring data collection terminal 20, the monitoring data display terminal 30 and the management server 40 are located in the same trusted network. The key generating unit 10, the monitoring data collecting terminal 20, the monitoring data displaying terminal 30 and the management server 40 transmit the key in a wireless transmission manner.
Specifically, the key generation unit 10 may be a quantum key generator; the monitoring data acquisition terminal 20 may be a quantum encryption camera; the monitoring data display terminal 30 may be a video monitoring device. In the hardware aspect, the camera end can be used independently, and can also be used as a module to access other application equipment through various interfaces (USB, serial ports and the like), and meanwhile, the camera monitoring end is synchronously accessed to the applied equipment monitoring end, so that the function of quantum encryption video monitoring can be conveniently expanded for other equipment. It should be noted that, each terminal is not necessarily customized, and the same function can be realized by software, and the SDK is installed on a smart phone, a computer, or other devices, so long as the devices include an encryption chip and a wireless communication function, the usage requirement can be met.
The key generation unit 10 can generate an initial quantum key QKey0 and send the initial quantum key to the key pool of the management server 40 to be distributed for use.
The management server 40 divides the initial quantum key into QKey0 and a plurality of subkeys: key01, key02, key03.. Key0n, n ≧ 2, and store each sub-key decomposed in the key pool.
This is to take into account that the generated quantum key data is a longer field and can therefore be split into a plurality of shorter key fields. When the monitoring data acquisition end 20 and the monitoring data display end 30 operate, the management server 40 may send a plurality of sub-keys to the monitoring data acquisition end 20 and the monitoring data display end 30 at the same time.
In one embodiment, the management server 40 may divide the field of the initial quantum key and the field of the subsequent newly generated quantum key into a plurality of equal-length sub-keys in an equal division manner. Thus, the quantum key is fully utilized, and meanwhile, the data volume of the encrypted data packet is reduced.
The monitoring data acquisition end 20 and the monitoring data display end 30 can receive each sub-secret key from the secret key pool, the data packet acquired by the monitoring data acquisition end 20 is encrypted through the corresponding sub-secret key and then sent to the monitoring data display end 30, and the monitoring data display end 30 displays the received data packet after decryption through the corresponding sub-secret key.
The data packet is the minimum data size acquired and sent by the monitoring data acquisition terminal 20 according to a standard protocol, and data encryption transmission between the monitoring data acquisition terminal 20 and the monitoring data display terminal 30 can be realized by encrypting the minimum data size.
Further, since the monitoring data acquisition end 20 and the monitoring data display end 30 have each sub-key from the key pool, when the key is used, queues at both ends of the monitoring data acquisition end 20 and the monitoring data display end 30 are continuously dequeued, and then corresponding data packets are encrypted and decrypted.
And when the subkey is about to be used up, the monitoring data collection terminal 20 can send a new key request to the management server 40. The key generation unit 10 can further respond to the new key request, generate a new quantum key QKey1, and distribute the new quantum key QKey1 to the monitoring data acquisition end 20 and the monitoring data display end 30 through the management server 40, so as to perform continuous encryption transmission on subsequently acquired data packets.
In order to avoid leakage when sending a new quantum key, before distributing the new quantum key to the monitoring data acquisition end 20 and the monitoring data display end 30, the management server 40 may encrypt the new quantum key, and then distribute the new quantum key to the monitoring data acquisition end 20 and the monitoring data display end 30, and the monitoring data acquisition end 20 and the monitoring data display end 30 decrypt the received new quantum key and then use the new quantum key.
In one embodiment, the management server 40 may encrypt the newly generated quantum key QKey1 using the last set of remaining sub-keys. Thus, the additional setting of the key generation device can be avoided. At this time, the generated quantum key QKey1 may be encrypted by using the sub-key 0n and then transmitted to the monitoring data acquisition end 20 and the monitoring data display end 30, and the monitoring data acquisition end 20 and the monitoring data display end 30 decrypt the received quantum key QKey1 by using the sub-key 0n that they have and then launch into use.
In the present embodiment, the method of encrypting the generated quantum key QKey1 includes: AES algorithm, RSA algorithm, SM2 algorithm, and SM4 algorithm. The encryption algorithm is an existing standard encryption algorithm, and a person skilled in the art can select the encryption algorithm as needed and apply the encryption algorithm to the technical scheme of the embodiment in combination.
In another embodiment, in consideration that the previous group of remaining sub-keys may be used up, the management server 40 further expands the sub-key 0n by an expansion algorithm to generate a new key keyn' before encrypting the newly generated quantum key QKey1 with the previous group of remaining sub-keys. In this way, a key of a certain length can be extended to a key of several times the length, such as a 128-bit key to 256 bits.
Then, the management server 40 encrypts the generated quantum key QKey1 by using the key keyn 'and then respectively sends the encrypted quantum key QKey1 to the monitoring data acquisition end 20 and the monitoring data display end 30, and the monitoring data acquisition end 20 and the monitoring data display end 30 decrypt the received quantum key QKey1 by using the key keyn' of each of the monitoring data acquisition end 20 and the monitoring data display end 30 and then use the decrypted quantum key QKey 1.
In this embodiment, the extension algorithm includes: SHA256 algorithm or AES algorithm. The method for encrypting the generated quantum key QKey1 comprises the following steps: AES algorithm, RSA algorithm, SM2 algorithm, and SM4 algorithm. The above-mentioned expansion algorithm and encryption algorithm are both existing standard algorithms, and those skilled in the art can select them according to the needs and apply them in combination in the technical solution of this embodiment.
In conclusion, the invention uses the quantum key to encrypt the video data packet, thereby ensuring the privacy and the non-tamper property of the video data and effectively improving the data security of the monitoring equipment. The initial quantum key is pre-filled in the server and each terminal device, and the subsequent key is distributed in a wireless mode after filling, so that the sending mode of the quantum key is simplified, the sending efficiency of the quantum key is improved, and each terminal device can encrypt and decrypt the data packet conveniently. In addition, the pre-pouring mode is favorable for ensuring the safety of the secret key and avoiding the leakage in the transmission process. The invention divides the quantum key into a plurality of shorter fields, which is beneficial to reducing the data volume of the encrypted data packet while being beneficial to fully utilizing the quantum key. When a new quantum key is supplemented, the new quantum key is encrypted by utilizing the previous group of residual sub-keys or encrypted after the previous group of residual sub-keys are subjected to expansion calculation, so that the security of the key is ensured, and the leakage in the transmission process is avoided. In the hardware aspect, the camera end can be used as a module to be accessed into other application equipment, and meanwhile, the camera monitoring end is synchronously accessed into the applied equipment monitoring end, so that the function of quantum encrypted video monitoring can be conveniently expanded for other equipment.
It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof. The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned.
Furthermore, it should be understood that although the present description refers to embodiments, not every embodiment may contain only a single embodiment, and such description is for clarity only, and those skilled in the art should integrate the description, and the embodiments may be combined as appropriate to form other embodiments understood by those skilled in the art.
Claims (16)
1. A monitoring data encryption transmission method is characterized by comprising the following steps:
s1, generating an initial quantum key QKey0, dividing the quantum key QKey0 into keys 01, 02 and 03.. Key0n, wherein n is more than or equal to 2, and storing each sub-key decomposed by the QKey0 in a key pool;
s2, sending the sub-keys decomposed by the QKey0 to a monitoring data acquisition end, and sending the sub-keys decomposed by the QKey0 to a monitoring data display end;
s3, a monitoring data acquisition end acquires a data packet 1, the acquired data packet 1 is encrypted by using a key1 and then is sent to a monitoring data display end, and the monitoring data display end decrypts the data packet 1 by using the key1 and then displays the data packet 1;
s4, repeatedly executing the step S3 aiming at the collected data packet 2-N, and executing the step S5 when the sub-key only remains key 0N;
s5, sending a new key request to generate a quantum key QKey1, respectively sending the quantum key QKey1 to a monitoring data acquisition end and a monitoring data display end, and dividing the quantum key QKey1 into a key11, a key12 and a key13.
And S6, when the monitoring data acquisition end continues to acquire data, repeating the steps from S3 to S5 aiming at the subsequently acquired data packet.
2. The encrypted transmission method for the monitoring data according to claim 1, wherein the field of the initial quantum key and the field of the newly generated quantum key are divided into a plurality of equal-length sub-keys in an equal division manner.
3. The encrypted transmission method of monitoring data according to claim 1, wherein the initial quantum key is generated by a quantum key random number generator, and the new quantum key is generated in response to a new key request.
4. The encrypted monitoring data transmission method according to claim 1, wherein the monitoring data acquisition end and the monitoring data display end both write in respective unique device IDs in a registered manner; and the monitoring data display end is bound with at least one monitoring data acquisition end.
5. The encrypted transmission method of monitoring data according to claim 1, wherein the step S5 further includes: and encrypting the generated quantum key QKey1 and then respectively sending the encrypted quantum key QKey1 to a monitoring data acquisition end and a monitoring data display end, wherein the monitoring data acquisition end and the monitoring data display end decrypt the received quantum key QKey1 and then put the decrypted quantum key QKey1 into use.
6. The encrypted transmission method of monitoring data according to claim 5, wherein the step S5 further includes: the generated quantum key QKey1 is encrypted by using the sub-key 0n and then respectively sent to the monitoring data acquisition end and the monitoring data display end, and the monitoring data acquisition end and the monitoring data display end decrypt the received quantum key QKey1 by using the sub-key 0n respectively possessed by the monitoring data acquisition end and the monitoring data display end and then put into use.
7. The encrypted monitoring data transmission method according to claim 5, wherein the step S5 further comprises: and expanding the sub-key 0n through an expansion algorithm to generate a new key ', encrypting the generated quantum key QKey1 by using the key ', and then respectively sending the encrypted quantum key1 to a monitoring data acquisition end and a monitoring data display end, wherein the monitoring data acquisition end and the monitoring data display end decrypt the received quantum key QKey1 by using the key ' respectively provided by the monitoring data acquisition end and the monitoring data display end and then throw the decrypted quantum key1 into use.
8. The encrypted transmission method of monitoring data according to claim 7, wherein the expansion algorithm includes: SHA256 algorithm or AES algorithm.
9. The monitoring data encryption transmission method according to claim 6 or 7, wherein the manner of encrypting the generated quantum key QKey1 comprises: AES algorithm, RSA algorithm, SM2 algorithm, and SM4 algorithm.
10. The encrypted transmission method of monitoring data according to any one of claims 1 to 9, wherein the key is transmitted by wireless transmission.
11. A monitoring system, characterized in that the monitoring system comprises: the system comprises a key generation unit, a monitoring data acquisition end, a monitoring data display end and a management server;
the key generation unit can generate an initial quantum key and send the initial quantum key to the management server;
the management server divides the initial quantum key into a plurality of sub-keys and stores each decomposed sub-key in a key pool;
the monitoring data acquisition end and the monitoring data display end can receive each sub-secret key from the secret key pool, a data packet acquired by the monitoring data acquisition end is encrypted through the corresponding sub-secret key and then is sent to the monitoring data display end, and the monitoring data display end displays the received data packet after decrypting the received data packet by using the corresponding sub-secret key;
and when the sub-keys are about to be used up, the key generation unit can respond to a new key request to generate a new quantum key, and distribute the new quantum key to the monitoring data acquisition end and the monitoring data display end through the management server so as to continuously encrypt and transmit subsequently acquired data packets.
12. The monitoring system according to claim 11, wherein before distributing the new quantum key to the monitoring data acquisition end and the monitoring data display end, the management server is further capable of encrypting the new quantum key and distributing the new quantum key to the monitoring data acquisition end and the monitoring data display end, and the monitoring data acquisition end and the monitoring data display end decrypt the received new quantum key and then put into use.
13. The monitoring system according to claim 12, wherein the management server encrypts the next new set of secret keys by using the remaining sub-secret keys in the previous set of quantum secret keys, and the monitoring data acquisition end and the monitoring data display end decrypt the new secret keys by using the corresponding remaining sub-secret keys and then use the new secret keys.
14. The monitoring system according to claim 12, wherein the management server, the monitoring data acquisition end, and the monitoring data display end perform expansion operation on the remaining sub-keys in the previous group of quantum keys, the management server encrypts the next group of new keys by using the keys obtained after the expansion operation, and the monitoring data acquisition end and the monitoring data display end decrypt the new keys by using the keys obtained after the expansion operation and then put into use.
15. The monitoring system according to claim 11, wherein the key generation unit, the monitoring data acquisition terminal, the monitoring data display terminal and the management server transmit the key in a wireless transmission manner.
16. The monitoring system of claim 11, wherein the key generation unit is a quantum key generator; the monitoring data acquisition end is a quantum encryption camera; the monitoring data display end is video monitoring equipment.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211384460.XA CN115967790A (en) | 2022-11-07 | 2022-11-07 | Monitoring system and monitoring data encryption transmission method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211384460.XA CN115967790A (en) | 2022-11-07 | 2022-11-07 | Monitoring system and monitoring data encryption transmission method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115967790A true CN115967790A (en) | 2023-04-14 |
Family
ID=87351863
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211384460.XA Pending CN115967790A (en) | 2022-11-07 | 2022-11-07 | Monitoring system and monitoring data encryption transmission method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115967790A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116170232A (en) * | 2023-04-21 | 2023-05-26 | 安徽中科锟铻量子工业互联网有限公司 | Quantum gateway data display management system |
-
2022
- 2022-11-07 CN CN202211384460.XA patent/CN115967790A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116170232A (en) * | 2023-04-21 | 2023-05-26 | 安徽中科锟铻量子工业互联网有限公司 | Quantum gateway data display management system |
| CN116170232B (en) * | 2023-04-21 | 2023-06-23 | 安徽中科锟铻量子工业互联网有限公司 | Quantum gateway data display management system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8948377B2 (en) | Encryption device, encryption system, encryption method, and encryption program | |
| CN109525390B (en) | Quantum key wireless distribution method and system for terminal equipment secret communication | |
| EP2355401A1 (en) | Key distribution system | |
| CN112398651B (en) | Quantum secret communication method and device, electronic equipment and storage medium | |
| CN105262772A (en) | Data transmission method, data transmission system and related apparatus for data transmission method and system | |
| WO2017147503A1 (en) | Techniques for confidential delivery of random data over a network | |
| CN104052742A (en) | Internet of things communication protocol capable of being encrypted dynamically | |
| CN108173644A (en) | Data transfer encryption method, device, storage medium, equipment and server | |
| CN110535641B (en) | Key management method and apparatus, computer device, and storage medium | |
| CN102710415A (en) | Method and table look-up device for encrypting and decrypting data by using symmetric cryptographic algorithm | |
| CN102148798A (en) | Method for efficiently, parallelly and safely encrypting and decrypting high-capacity data packets | |
| WO2013178019A1 (en) | Method, device and system for implementing media data processing | |
| KR101608815B1 (en) | Method and system for providing service encryption in closed type network | |
| US20150229621A1 (en) | One-time-pad data encryption in communication channels | |
| CN105071927A (en) | Mobile device data local storage method | |
| CN104202158A (en) | Symmetric and asymmetric hybrid data encryption/decryption method based on cloud computing | |
| CN108306732A (en) | A kind of random digit generation method, relevant device and system | |
| CN109218451A (en) | A kind of data transmission method of distributed cluster system, device, equipment and medium | |
| CN111699706A (en) | Master-slave system for communication over bluetooth low energy connections | |
| CN1323523C (en) | Method of forming dynamic key in radio local network | |
| CN110417544A (en) | A kind of generation method of root key, device and medium | |
| CN115967790A (en) | Monitoring system and monitoring data encryption transmission method | |
| CN113193958B (en) | Quantum key service method and system | |
| CN116155491B (en) | Symmetric key synchronization method of security chip and security chip device | |
| CN106487761B (en) | Message transmission method and network equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |