CN116599668A - Method and device for changing encryption protocol, storage medium and electronic equipment - Google Patents

Method and device for changing encryption protocol, storage medium and electronic equipment Download PDF

Info

Publication number
CN116599668A
CN116599668A CN202310655450.3A CN202310655450A CN116599668A CN 116599668 A CN116599668 A CN 116599668A CN 202310655450 A CN202310655450 A CN 202310655450A CN 116599668 A CN116599668 A CN 116599668A
Authority
CN
China
Prior art keywords
encryption protocol
terminal
change
data
protocol
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310655450.3A
Other languages
Chinese (zh)
Inventor
董蕾
朱皞罡
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hebei Xiong'an Fenghe Technology Co ltd
Original Assignee
Hebei Xiong'an Fenghe Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hebei Xiong'an Fenghe Technology Co ltd filed Critical Hebei Xiong'an Fenghe Technology Co ltd
Priority to CN202310655450.3A priority Critical patent/CN116599668A/en
Publication of CN116599668A publication Critical patent/CN116599668A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • H04L9/16Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms the keys or algorithms being changed during operation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Communication Control (AREA)

Abstract

The invention provides a method and a device for changing an encryption protocol, a storage medium and electronic equipment, wherein the method comprises the steps of determining a second encryption protocol when a trigger instruction for changing a first encryption protocol of a first terminal is received, sending a change request to the second terminal based on the first encryption protocol, determining change information corresponding to the second encryption protocol when a permission change response corresponding to the change request is received, and sending the change information to the second terminal based on the first encryption protocol; judging whether the second terminal changes the data encryption protocol for transmitting data to the first terminal into a second encryption protocol based on the change information; and if the second terminal has completed the change, changing the data encryption protocol of the data transmitted by the first terminal to the second terminal into a second encryption protocol. By applying the method of the invention, the data encryption protocol between the two ends can be flexibly changed, and the safety of data transmission is improved.

Description

Method and device for changing encryption protocol, storage medium and electronic equipment
Technical Field
The present invention relates to the field of data transmission technologies, and in particular, to a method and apparatus for changing an encryption protocol, a storage medium, and an electronic device.
Background
With the continuous development of internet technology, internet-based data transmission technology has been widely used in various fields.
In the process of data transmission, in order to prevent data leakage, a data transmitting end generally encrypts data with a preset encryption protocol, and transmits the encrypted data to a data receiving end.
The inventor finds that the possibility of cracking the encryption protocol is higher and higher along with the development of cracking technology. The encryption protocol for data transmission between the two terminals is fixed at present, and if the fixed encryption protocol is cracked, the risk of data leakage is extremely high. Therefore, the data transmission security is low by the transmission mode of the fixed encryption protocol between the two terminals.
Disclosure of Invention
In view of this, the embodiment of the invention provides a method for changing an encryption protocol, so as to solve the problem of low security when data transmission is performed by using a fixed encryption protocol.
The embodiment of the invention also provides a device for changing the encryption protocol, which is used for ensuring the practical realization and application of the method.
In order to achieve the above object, the embodiment of the present invention provides the following technical solutions:
A method of altering an encryption protocol, the method being applied to a first terminal, the method comprising:
when a trigger instruction for changing a first encryption protocol of the first terminal is received, determining a second encryption protocol, wherein the first encryption protocol is a data encryption protocol applied by the first terminal for transmitting data to the second terminal currently;
transmitting a change request to the second terminal based on the first encryption protocol, wherein the change request is used for requesting to change a data encryption protocol applied by the second terminal for transmitting data to the first terminal into the second encryption protocol;
if a license change response corresponding to the change request sent by the second terminal is received, determining change information corresponding to the second encryption protocol, and sending the change information to the second terminal based on the first encryption protocol;
judging whether the second terminal changes a data encryption protocol of data transmitted by the second terminal to the first terminal into the second encryption protocol based on the change information;
and if the second terminal changes the data encryption protocol of the second terminal for transmitting data to the first terminal into the second encryption protocol based on the change information, changing the data encryption protocol of the first terminal for transmitting data to the second terminal into the second encryption protocol.
In the above method, optionally, the determining the change information corresponding to the second encryption protocol includes:
generating a key pair corresponding to the second encryption protocol based on a key generation algorithm corresponding to the second encryption protocol, and acquiring a public key from the key pair;
determining a preset change duration, and determining a cut-off time point based on the preset change duration and a current time point;
and determining the public key and the expiration time point as change information corresponding to the second encryption protocol.
In the above method, optionally, the determining whether the second terminal has changed the data encryption protocol of the second terminal for transmitting data to the first terminal to the second encryption protocol based on the change information includes:
judging whether a change confirmation response corresponding to the change information sent by the second terminal in the cut-off time point is received or not;
if the change confirmation response is received, sending a heartbeat signal to the second terminal based on the second encryption protocol;
judging whether a heartbeat response signal corresponding to the heartbeat signal, which is sent by the second terminal based on the second encryption protocol in the cut-off time point, is received or not;
And if the heartbeat response signal is received, determining that the second terminal changes the data encryption protocol of the data transmitted by the second terminal to the first terminal into the second encryption protocol based on the change signal.
A method of altering an encryption protocol, the method being applied to a second terminal, the method comprising:
when a change request sent by a first terminal based on a first encryption protocol is received, determining a second encryption protocol corresponding to the change request, wherein the change request is sent by the first terminal in response to a trigger instruction for changing the first encryption protocol;
judging whether the second encryption protocol is a permission encryption protocol or not;
if the second encryption protocol is a permission encryption protocol, determining a permission change response corresponding to the change request, and sending the permission change response to the first terminal based on the first encryption protocol, and triggering the first terminal to determine change information corresponding to the second encryption protocol;
if the change information sent by the first terminal is received, judging whether a data encryption protocol of the second terminal for transmitting data to the first terminal is required to be changed into the second encryption protocol based on the change information;
And if the data encryption protocol of the second terminal for transmitting data to the first terminal is required to be changed into the second encryption protocol, changing the data encryption protocol of the second terminal for transmitting data to the first terminal into the second encryption protocol.
In the above method, optionally, the determining, based on the change information, whether to change the data encryption protocol of the second terminal for transmitting data to the first terminal to the second encryption protocol includes:
determining a change confirmation response corresponding to the change information, sending the change confirmation response to the first terminal based on the first encryption protocol, and triggering the first terminal to send a heartbeat signal based on the second encryption protocol;
acquiring a cut-off time point contained in the change information;
judging whether a heartbeat signal sent by the first terminal based on the second encryption protocol is received within the cut-off time point or not;
if the heartbeat signal sent by the first terminal based on the second encryption protocol is received within the cut-off time point, determining a heartbeat response signal corresponding to the heartbeat signal;
transmitting the heartbeat response signal to the first terminal based on the second encryption protocol;
And determining whether the sending time of the heartbeat response signal is within the cut-off time point, and if the sending time of the heartbeat response signal is within the cut-off time point, determining that a data encryption protocol of the second terminal for transmitting data to the first terminal is required to be changed into the second encryption protocol.
The method, optionally, further comprises:
and if the sending time of the heartbeat response signal exceeds the cut-off time point, determining that the data encryption protocol of the second terminal for transmitting data to the first terminal is not required to be changed into the second encryption protocol.
An apparatus for altering an encryption protocol, the apparatus being applied to a first terminal, the apparatus comprising:
a first determining unit, configured to determine a second encryption protocol when a trigger instruction for changing a first encryption protocol of the first terminal is received, where the first encryption protocol is a data encryption protocol applied by the first terminal to transmit data to the second terminal currently;
a first sending unit, configured to send a change request to the second terminal based on the first encryption protocol, where the change request is used to request a data encryption protocol applied to transmit data from the second terminal to the first terminal to change to the second encryption protocol;
A second determining unit, configured to determine change information corresponding to the second encryption protocol if a license change response corresponding to the change request sent by the second terminal is received, and send the change information to the second terminal based on the first encryption protocol;
a first judging unit configured to judge whether the second terminal has changed a data encryption protocol of data transmitted by the second terminal to the first terminal to the second encryption protocol based on the change information;
and a first changing unit configured to change, if the second terminal has changed, based on the change information, a data encryption protocol of data transmitted by the second terminal to the first terminal to the second encryption protocol, to change the data encryption protocol of data transmitted by the first terminal to the second encryption protocol.
The above apparatus, optionally, the second determining unit includes:
a generating subunit, configured to generate a key pair corresponding to the second encryption protocol based on a key generation algorithm corresponding to the second encryption protocol, and acquire a public key from the key pair;
the first determining subunit is used for determining a preset change duration and determining a cut-off time point based on the preset change duration and a current time point;
And the second determining subunit is used for determining the public key and the cut-off time point as change information corresponding to the second encryption protocol.
The above apparatus, optionally, the first determining unit includes:
a first judging subunit, configured to judge whether a change acknowledgement response corresponding to the change information sent by the second terminal at the deadline is received;
a first sending subunit, configured to send a heartbeat signal to the second terminal based on the second encryption protocol if the change acknowledgement response is received;
a second judging subunit, configured to judge whether a heartbeat response signal corresponding to the heartbeat signal sent by the second terminal based on the second encryption protocol within the deadline is received;
and a third determining subunit, configured to determine that the second terminal has changed, based on the change signal, a data encryption protocol of data transmitted by the second terminal to the first terminal to the second encryption protocol if the heartbeat response signal is received.
An apparatus for altering an encryption protocol, the apparatus being applied to a second terminal, the apparatus comprising:
A third determining unit, configured to determine, when a change request sent by a first terminal based on a first encryption protocol is received, a second encryption protocol corresponding to the change request, where the change request is a request sent by the first terminal in response to a trigger instruction for changing the first encryption protocol;
a second judging unit configured to judge whether the second encryption protocol is a licensed encryption protocol;
the second sending unit is used for determining a permission change response corresponding to the change request if the second encryption protocol is a permission encryption protocol, sending the permission change response to the first terminal based on the first encryption protocol, and triggering the first terminal to determine change information corresponding to the second encryption protocol;
a third judging unit, configured to, if the change information sent by the first terminal is received, judge whether a data encryption protocol of data transmitted by the second terminal to the first terminal needs to be changed to the second encryption protocol based on the change information;
and the second changing unit is used for changing the data encryption protocol of the second terminal for transmitting data to the first terminal into the second encryption protocol if the data encryption protocol of the second terminal for transmitting data to the first terminal is required to be changed into the second encryption protocol.
The above apparatus, optionally, the third judging unit includes:
a second sending subunit, configured to determine a change acknowledgement response corresponding to the change information, and send the change acknowledgement response to the first terminal based on the first encryption protocol, and trigger the first terminal to send a heartbeat signal based on the second encryption protocol;
an acquisition subunit, configured to acquire a deadline point included in the change information;
a third judging subunit, configured to judge whether a heartbeat signal sent by the first terminal based on the second encryption protocol is received within the deadline;
a fourth determining subunit, configured to determine, if the heartbeat signal sent by the first terminal based on the second encryption protocol is received within the deadline, a heartbeat response signal corresponding to the heartbeat signal;
a third transmitting subunit, configured to transmit the heartbeat response signal to the first terminal based on the second encryption protocol;
and a fifth determining subunit, configured to determine whether the sending time of the heartbeat response signal is within the deadline, and if the sending time of the heartbeat response signal is within the deadline, determine that a data encryption protocol for transmitting data from the second terminal to the first terminal needs to be changed to the second encryption protocol.
The above apparatus, optionally, the fifth determining subunit further includes:
and a sixth determining subunit, configured to determine that it is not necessary to change the data encryption protocol of the second terminal for transmitting data to the first terminal to the second encryption protocol if the sending time of the heartbeat response signal exceeds the deadline.
A storage medium comprising stored instructions that, when executed, control a device on which the storage medium resides to perform a method of altering an encryption protocol as described above.
An electronic device comprising a memory and one or more instructions, wherein the one or more instructions are stored in the memory and configured to perform a method of altering an encryption protocol as described above by one or more processors.
Based on the method for changing the encryption protocol provided by the embodiment of the invention, the method is applied to the first terminal, and when a trigger instruction for changing the first encryption protocol is received, a second encryption protocol is determined, wherein the first encryption protocol is a data encryption protocol applied by the current first terminal for transmitting data to the second terminal; and transmitting a change request to the second terminal based on the first encryption protocol, determining change information corresponding to the second encryption protocol if a permission change response transmitted by the second terminal is received, transmitting the change information to the second terminal based on the first encryption protocol, judging whether the second terminal has changed the data encryption protocol for transmitting data to the first terminal by the second terminal to the second encryption protocol based on the change information, and changing the data encryption protocol for transmitting data to the second terminal by the first terminal to the second encryption protocol if the change is completed. By applying the method provided by the embodiment of the invention, the first terminal and the second terminal can be triggered to change the encryption protocol applied by mutually transmitting data, and the encryption protocol can be flexibly changed in the process of transmitting data by two ends, so that the safety of data transmission is improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are required to be used in the embodiments or the description of the prior art will be briefly described below, and it is obvious that the drawings in the following description are only embodiments of the present invention, and that other drawings can be obtained according to the provided drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a method for changing an encryption protocol according to an embodiment of the present invention;
FIG. 2 is a flowchart of another method for modifying an encryption protocol according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of an apparatus for changing an encryption protocol according to an embodiment of the present invention;
FIG. 4 is a flowchart of another method for modifying an encryption protocol according to an embodiment of the present invention;
FIG. 5 is a flowchart of another method for modifying an encryption protocol according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of an apparatus for changing an encryption protocol according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
The following description of the embodiments of the present application will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present application, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
In the present disclosure, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
As known from the background art, in the process of data transmission between two terminals, data is generally required to be encrypted through an encryption protocol, but at present, the encryption protocol between two terminals is generally fixed, if the encryption protocol is cracked, then all transmitted data has a great leakage risk, and the security of data transmission is lower.
Therefore, the embodiment of the invention provides a method for changing the encryption protocol, which can dynamically change the encryption protocol between two terminals, and can ensure the safety of data transmission even if a single encryption protocol is broken and the encryption protocol is dynamically changed so as to reduce the possibility that the encryption protocol is broken and all transmission data have leakage risk so as to improve the safety of data transmission.
The embodiment of the invention provides a method for changing an encryption protocol, which can be applied to a first terminal, wherein the first terminal can be various terminal devices such as a system server, computer equipment and the like, an execution main body of the first terminal can be a processor of the first terminal, and a flow chart of the method is shown in fig. 1 and comprises the following steps:
s101: when a trigger instruction for changing a first encryption protocol of the first terminal is received, determining a second encryption protocol, wherein the first encryption protocol is a data encryption protocol applied by the first terminal for transmitting data to the second terminal currently;
in the method provided by the embodiment of the invention, the first terminal is a terminal with the authority of issuing the encryption protocol, and the public key can be issued under the key encryption scene. In the method provided by the embodiment of the invention, the trigger instruction may be a trigger instruction sent at fixed time according to a preset timing task, so as to trigger the first terminal to change the data encryption protocol applied by the current data transmission to the second terminal, for example, change once at intervals of preset time length. The user can also send a trigger instruction through the front end under the condition that the change requirement exists, so as to trigger the first terminal to change the data encryption protocol. It should be noted that, the sending mode of the trigger instruction may be selected according to the actual requirement, so that the implementation function of the method provided by the embodiment of the present invention is not affected.
When the processor of the terminal receives the trigger instruction, it can determine the second encryption protocol, that is, the target of the intended change, and want to change the current data transmission protocol to the second encryption protocol. Specifically, the encryption protocol may be selected randomly from a preset protocol list, and the selected encryption protocol is used as the second encryption protocol. The use sequence of each type of encryption protocol can be preset, and the encryption protocol corresponding to the current sequence is selected as the second encryption protocol. The user may also specify a second encryption protocol when sending the trigger.
The first encryption protocol and the second encryption protocol provided by the embodiment of the invention can adopt an encryption algorithm in the prior art, for example, an asymmetric encryption algorithm can be adopted, a symmetric encryption algorithm can be adopted, an RSA algorithm can be adopted in the asymmetric encryption algorithm, an elliptic curve encryption (Elliptic Curve Cryptography, ECC) algorithm can be adopted, and an encryption algorithm based on a national encryption algorithm can be adopted, or an encryption algorithm based on an international algorithm can be adopted. The specific algorithm of the first encryption protocol and the second encryption protocol is determined by a specific data transmission scene, the implementation function of the method provided by the embodiment of the invention is not affected, and the first encryption protocol and the second encryption protocol are different encryption protocols under the same scene.
S102: transmitting a change request to the second terminal based on the first encryption protocol, wherein the change request is used for requesting to change a data encryption protocol applied by the second terminal for transmitting data to the first terminal into the second encryption protocol;
in the method provided by the embodiment of the invention, the processor can generate the corresponding change request, the change request comprises the request label for requesting to change the encryption protocol, the type of the second encryption protocol and other information, the change request is encrypted based on the encryption algorithm corresponding to the first encryption protocol, and the encrypted change request is sent to the second terminal through the transmission channel.
S103: if a license change response corresponding to the change request sent by the second terminal is received, determining change information corresponding to the second encryption protocol, and sending the change information to the second terminal based on the first encryption protocol;
in the method provided by the embodiment of the invention, if the first terminal receives the information sent by the second terminal after sending the change request, and after decrypting the received information through the decryption algorithm corresponding to the first encryption protocol, it is determined that the license change response is received, then the change information corresponding to the second encryption protocol, for example, the public key corresponding to the second encryption protocol or the encryption and decryption algorithm program information corresponding to the second encryption protocol, etc. are determined. And encrypting the change information through an encryption algorithm corresponding to the first encryption protocol, and sending the encrypted change information to the second terminal.
S104: judging whether the second terminal changes a data encryption protocol of data transmitted by the second terminal to the first terminal into the second encryption protocol based on the change information;
in the method provided by the embodiment of the invention, after the first terminal sends the change information, whether the second terminal changes the data encryption protocol applied by the second terminal for transmitting the data to the first terminal into the second encryption protocol can be judged based on a preset algorithm, and specifically, whether the second terminal can mutually transmit the data with the first terminal based on the second encryption protocol can be judged.
S105: and if the second terminal changes the data encryption protocol of the second terminal for transmitting data to the first terminal into the second encryption protocol based on the change information, changing the data encryption protocol of the first terminal for transmitting data to the second terminal into the second encryption protocol.
In the method provided by the embodiment of the invention, if the second terminal is judged to change the data encryption protocol applied by the second terminal for transmitting data to the first terminal into the second encryption protocol, the first terminal changes the data encryption protocol applied by the second terminal for transmitting data to the second terminal into the second encryption protocol, and before the encryption protocol is changed again, the data transmission is performed between the first terminal and the second terminal based on the second encryption protocol.
Based on the method provided by the embodiment of the invention, when the first terminal receives the trigger instruction for changing the first encryption protocol, namely the data encryption protocol applied to the data transmission to the second terminal, the second encryption protocol can be determined, and a change request corresponding to the second encryption protocol is sent to the second terminal. And if the permission change response is received, determining change information corresponding to the second encryption protocol, and transmitting the change information to the second terminal. And then judging whether the second terminal has completed the change of the data encryption protocol, and if the second terminal has completed the change, changing the data encryption protocol applied by the first terminal for transmitting data to the second terminal into the second encryption protocol. By applying the method provided by the embodiment of the invention, the data encryption protocol applied to data transmission between the first terminal and the second terminal can be flexibly changed instead of using a fixed data encryption protocol, even if the current data encryption protocol is cracked, after the encryption protocol is changed at both ends, a new encryption protocol is adopted to carry out data transmission, so that the data leakage in the whole data transmission process can be avoided after the encryption protocol is cracked at one time, and the safety of data transmission can be improved.
Further, in the method shown in fig. 1, if the second terminal does not change the data encryption protocol applied to transmit data to the first terminal to the second encryption protocol based on the change information, the first terminal also discards the change, and maintains the data encryption protocol applied to transmit data to the second terminal to the first encryption protocol, that is, if the data transmission protocol is switched to the second encryption protocol during the change, the data encryption protocol is switched back to the first encryption protocol.
Further, an embodiment of the present invention provides a method for changing an encryption protocol, based on the method shown in fig. 1, a process for determining change information corresponding to the second encryption protocol mentioned in step S103 includes:
generating a key pair corresponding to the second encryption protocol based on a key generation algorithm corresponding to the second encryption protocol, and acquiring a public key from the key pair;
in the method provided by the embodiment of the invention, the second encryption protocol is a protocol adopting a public key encryption (namely asymmetric encryption) mode, and a key pair comprising a private key and a public key can be generated based on a key generation algorithm corresponding to the second encryption protocol. From the generated key pair, the public key is extracted. The secret key refers to secret information used for encryption, decryption and other cryptography applications, while the public key is a public key, and the private key is a non-public key.
Determining a preset change duration, and determining a cut-off time point based on the preset change duration and a current time point;
in the method provided by the embodiment of the invention, the changing duration of the changing encryption protocol can be preset, and the changing duration can characterize the normal response time of establishing data transmission by using the new encryption protocol. The preset change duration can be obtained from the configuration information, the current time point is read, the preset change duration is added on the basis of the current time point, and the cut-off time point can be obtained, namely under normal conditions, the first terminal and the second terminal can finish the data transmission between each other based on the second encryption protocol before the cut-off time point, so that the change of the data encryption protocol is finished. For example, the time point of the current time is 8:00:00, the preset change duration is 20s, and the cut-off time point is determined to be 8:00:20.
And determining the public key and the expiration time point as change information corresponding to the second encryption protocol.
In the method provided by the embodiment of the invention, the public key extracted from the newly generated key pair and the determined expiration time point can be used as the change information corresponding to the second encryption protocol, so that the first terminal and the second terminal can complete the change of the data encryption protocol based on the change information.
Based on the method provided by the embodiment of the invention, the extracted public key and the determined expiration time point can be used as change information and sent to the second terminal. The public key can be applied to data encryption and decryption processing based on the second encryption protocol, and the expiration time point can be applied to judging whether the two ends respond to data based on the second encryption protocol within a preset duration, so that the change duration can be limited, and abnormal influence caused by overlong change time can be avoided.
In order to better illustrate the method provided by the embodiment of the present invention, in combination with the flowchart shown in fig. 2, on the basis of the method provided by the foregoing embodiment, the embodiment of the present invention provides a further method for changing an encryption protocol, a process for determining whether the second terminal has changed a data encryption protocol for transmitting data to the first terminal by the second terminal to the second encryption protocol based on the change information, which is mentioned in step S104, includes:
s201: judging whether a change confirmation response corresponding to the change information sent by the second terminal in the cut-off time point is received or not;
in the method provided by the embodiment of the invention, after the first terminal sends the change information to the second terminal, whether the change confirmation response sent by the second terminal is received or not can be monitored, when the change confirmation response is received, the sending time stamp in the change confirmation response is obtained to determine the sending time, and the sending time is compared with the expiration time point to judge whether the second terminal sends the change confirmation response within the expiration time point, namely, whether the second terminal sends the change confirmation response before the expiration time point or not.
If the change confirmation response sent by the second terminal before the cut-off time point is not received, the subsequent steps are not carried out, the second terminal is determined not to change the data encryption protocol applied by the second terminal for transmitting the data to the first terminal into the second encryption protocol based on the change information.
S202: if the change confirmation response is received, sending a heartbeat signal to the second terminal based on the second encryption protocol;
in the method provided by the embodiment of the invention, if the first terminal receives the change confirmation response sent before the cut-off time point, the data encryption protocol applied by the first terminal for transmitting the data to the second terminal is switched to the second encryption protocol. Generating a heartbeat signal, encrypting the heartbeat signal based on an encryption algorithm corresponding to the second encryption protocol, and transmitting the encrypted heartbeat signal to the second terminal through the transmission channel. Optionally, if the second encryption protocol is a public key encryption protocol, the heartbeat signal is encrypted based on the public key included in the change information.
S203: judging whether a heartbeat response signal corresponding to the heartbeat signal, which is sent by the second terminal based on the second encryption protocol in the cut-off time point, is received or not;
In the method provided by the embodiment of the invention, after the first terminal sends the heartbeat signal to the second terminal, whether the information sent by the second terminal is received or not is monitored, if the information sent by the second terminal is received, the received information is decrypted based on the second encryption protocol to judge whether the information is the signal sent by the second terminal based on the second encryption protocol, and if the corresponding heartbeat response signal can be obtained after decryption, the sending time stamp corresponding to the heartbeat response signal is obtained to judge whether the heartbeat response signal is sent before the cut-off time point.
S204: and if the heartbeat response signal is received, determining that the second terminal changes the data encryption protocol of the data transmitted by the second terminal to the first terminal into the second encryption protocol based on the change signal.
In the method provided by the embodiment of the invention, if the first terminal receives the heartbeat response signal sent by the second terminal before the cut-off time point based on the second encryption protocol, the second terminal is determined to have completed changing.
In the method provided by the embodiment of the invention, if the first terminal does not receive the heartbeat response signal sent by the second terminal before the cut-off time point, the second terminal is determined to not finish changing, so that the data encryption protocol applied by the first terminal for transmitting data to the second terminal is switched back to the first encryption protocol.
Based on the method provided by the embodiment of the invention, whether the data transmission can be established between the first terminal and the second terminal based on the second encryption protocol can be judged by adopting the heartbeat signal, the process is simpler and faster, and the efficiency of changing the encryption protocol can be improved.
Corresponding to the method for changing the encryption protocol shown in fig. 1, the embodiment of the invention further provides a device for changing the encryption protocol, where the device is applied to the first terminal and is used for implementing the method shown in fig. 1, and a schematic structural diagram of the device is shown in fig. 3, and the device includes:
a first determining unit 301, configured to determine, when a trigger instruction for changing a first encryption protocol of the first terminal is received, a second encryption protocol, where the first encryption protocol is a data encryption protocol applied by the first terminal to transmit data to the second terminal currently;
a first sending unit 302, configured to send, to the second terminal, a change request based on the first encryption protocol, where the change request is used to request a data encryption protocol applied to transmit data from the second terminal to the first terminal to change to the second encryption protocol;
a second determining unit 303, configured to determine change information corresponding to the second encryption protocol if a license change response corresponding to the change request sent by the second terminal is received, and send the change information to the second terminal based on the first encryption protocol;
A first judging unit 304, configured to judge whether the second terminal has changed a data encryption protocol of data transmitted by the second terminal to the first terminal to the second encryption protocol based on the change information;
a first changing unit 305, configured to change, if the second terminal has changed, based on the change information, a data encryption protocol of the second terminal for transmitting data to the first terminal to the second encryption protocol, then change the data encryption protocol of the first terminal for transmitting data to the second terminal to the second encryption protocol.
Based on the device provided by the embodiment of the invention, when the first terminal receives the trigger instruction for changing the first encryption protocol, namely the data encryption protocol applied to the data transmission to the second terminal, the second encryption protocol can be determined, and a change request corresponding to the second encryption protocol is sent to the second terminal. And if the permission change response is received, determining change information corresponding to the second encryption protocol, and transmitting the change information to the second terminal. And then judging whether the second terminal has completed the change of the data encryption protocol, and if the second terminal has completed the change, changing the data encryption protocol applied by the first terminal for transmitting data to the second terminal into the second encryption protocol. By applying the device provided by the embodiment of the invention, the data encryption protocol applied to data transmission between the first terminal and the second terminal can be flexibly changed instead of using a fixed data encryption protocol, even if the current data encryption protocol is cracked, after the encryption protocol is changed at both ends, a new encryption protocol is adopted to carry out data transmission, so that the data leakage in the whole data transmission process can be avoided after the encryption protocol is cracked at one time, and the safety of data transmission can be improved.
On the basis of the apparatus shown in fig. 3, in the apparatus provided in the embodiment of the present invention, the second determining unit 303 includes:
a generating subunit, configured to generate a key pair corresponding to the second encryption protocol based on a key generation algorithm corresponding to the second encryption protocol, and acquire a public key from the key pair;
the first determining subunit is used for determining a preset change duration and determining a cut-off time point based on the preset change duration and a current time point;
and the second determining subunit is used for determining the public key and the cut-off time point as change information corresponding to the second encryption protocol.
On the basis of the apparatus provided in the foregoing embodiment, in the apparatus provided in the embodiment of the present invention, the first judging unit 304 includes:
a first judging subunit, configured to judge whether a change acknowledgement response corresponding to the change information sent by the second terminal at the deadline is received;
a first sending subunit, configured to send a heartbeat signal to the second terminal based on the second encryption protocol if the change acknowledgement response is received;
a second judging subunit, configured to judge whether a heartbeat response signal corresponding to the heartbeat signal sent by the second terminal based on the second encryption protocol within the deadline is received;
And a third determining subunit, configured to determine that the second terminal has changed, based on the change signal, a data encryption protocol of data transmitted by the second terminal to the first terminal to the second encryption protocol if the heartbeat response signal is received.
Next, an embodiment of the present invention provides another method for changing an encryption protocol, where the method may be applied to a second terminal, where the second terminal may be various terminal devices such as a system server, a computer device, and the like, and an execution subject of the method may be a processor of the second terminal, and a flowchart of the method is shown in fig. 4, where the method includes:
s401: when a change request sent by a first terminal based on a first encryption protocol is received, determining a second encryption protocol corresponding to the change request, wherein the change request is sent by the first terminal in response to a trigger instruction for changing the first encryption protocol;
in the method provided by the embodiment of the invention, the second terminal performs data transmission with the first terminal by the first encryption protocol. When a change request sent by the first terminal based on the first encryption protocol is received, a protocol identifier contained in the change request can be acquired to determine a second encryption protocol, that is, the change request is a request to change a data encryption protocol applied to transmit data to the first terminal from the first encryption protocol to the second encryption protocol.
S402: judging whether the second encryption protocol is a permission encryption protocol or not;
in the method provided by the embodiment of the invention, an encryption protocol list can be preconfigured, and the encryption protocol list comprises all encryption protocols supportable by the second terminal. The second encryption protocol may be matched with each encryption protocol in the encryption protocol list, and if the second encryption protocol matches any encryption protocol in the encryption protocol list, the second encryption protocol is determined to be a licensed encryption protocol. If the second encryption protocol is not a licensed encryption protocol, the change may be aborted.
It should be noted that the second terminal may also be configured to support any encryption protocol, where the second encryption protocol is determined to be a licensed encryption protocol.
S403: if the second encryption protocol is a permission encryption protocol, determining a permission change response corresponding to the change request, and sending the permission change response to the first terminal based on the first encryption protocol, and triggering the first terminal to determine change information corresponding to the second encryption protocol;
in the method provided by the embodiment of the invention, if the second encryption protocol is judged to be the permission encryption protocol, the change request is agreed, a corresponding permission change response is generated, and the permission change response comprises the identification of the permission change. Optionally, the second terminal may self-check whether the encryption and decryption algorithm program information corresponding to the second encryption protocol exists, and if the corresponding program package does not exist, add the identifier of the encryption algorithm program information corresponding to the second encryption protocol to the request for sending in the permission change response. The second terminal may encrypt the license change response based on an encryption algorithm corresponding to the first encryption protocol, and transmit the encrypted license change response to the first terminal through the transmission channel.
S404: if the change information sent by the first terminal is received, judging whether a data encryption protocol of the second terminal for transmitting data to the first terminal is required to be changed into the second encryption protocol based on the change information;
in the method provided by the embodiment of the invention, after the second terminal sends the permission change response, if the change information sent by the first terminal is received, whether the data encryption protocol applied to the data transmission to the first terminal is required to be changed to the second encryption protocol or not can be judged based on the preset algorithm and the change information, that is, whether the second terminal and the first terminal can perform data transmission based on the second encryption protocol or not is judged.
S405: and if the data encryption protocol of the second terminal for transmitting data to the first terminal is required to be changed into the second encryption protocol, changing the data encryption protocol of the second terminal for transmitting data to the first terminal into the second encryption protocol.
In the method provided by the embodiment of the invention, if the second terminal can carry out data transmission with the first terminal based on the second encryption protocol, the data encryption protocol applied by the second terminal for transmitting data to the first terminal is changed to the second encryption protocol, and if the data encryption protocol is switched to the second encryption protocol in the judging process, the state is maintained.
Based on the method provided by the embodiment of the invention, when the second terminal receives the request for changing the first encryption protocol sent by the first terminal, the second encryption protocol to be changed can be determined, whether the second encryption protocol is a permission encryption protocol or not is judged, if the second encryption protocol is the permission encryption protocol, a permission change response is sent to the first terminal so as to trigger the first terminal to determine change information, after the change information is received, whether the data encryption protocol needs to be changed or not can be judged, and if the data encryption protocol to be applied to the data transmission of the first terminal needs to be changed, the data transmission protocol to be applied to the first terminal is changed into the second encryption protocol. By applying the method provided by the embodiment of the invention, the data encryption protocol applied to data transmission between the second terminal and the first terminal can be flexibly changed instead of using a fixed data encryption protocol, even if the current data encryption protocol is cracked, after the encryption protocol is changed at both ends, a new encryption protocol is adopted to carry out data transmission, so that the data leakage in the whole data transmission process can be avoided after the encryption protocol is cracked at one time, and the safety of data transmission can be improved.
Further, in the method shown in fig. 4, if the second terminal does not need to change the data transmission protocol applied by the second terminal to transmit data to the first terminal to the second encryption protocol after the determination in step S404, the second terminal discards the change and maintains the data encryption protocol applied by the second terminal to transmit data to the first terminal to the first encryption protocol, that is, if the second terminal switches the data encryption protocol to the second encryption protocol during the change, the data encryption protocol is switched back to the first encryption protocol.
In order to better illustrate the method provided by the embodiment of the present invention, in conjunction with the flowchart shown in fig. 5, on the basis of the method shown in fig. 4, another method for changing an encryption protocol is provided in the embodiment of the present invention, and the process for determining whether to change the data encryption protocol of the second terminal for transmitting data to the first terminal to the second encryption protocol based on the change information mentioned in step S404 includes:
s501: determining a change confirmation response corresponding to the change information, sending the change confirmation response to the first terminal based on the first encryption protocol, and triggering the first terminal to send a heartbeat signal based on the second encryption protocol;
in the method provided by the embodiment of the invention, after the second terminal receives the change information, the corresponding change confirmation response can be generated, the change confirmation response is encrypted based on the encryption algorithm corresponding to the first encryption protocol, and the encrypted change confirmation response is sent to the first terminal, so that the first terminal is triggered to switch the data encryption protocol to send the heartbeat signal after receiving the change confirmation response.
S502: acquiring a cut-off time point contained in the change information;
In the method provided by the embodiment of the invention, the change information sent by the first terminal includes a cut-off time point, and the data transmission between the first terminal and the second terminal is completed based on the second encryption protocol before the cut-off time point, which can be regarded as that the two ends can perform data transmission based on the second encryption protocol.
S503: judging whether a heartbeat signal sent by the first terminal based on the second encryption protocol is received within the cut-off time point or not;
in the method provided by the embodiment of the invention, after the second terminal sends the change confirmation response to the first terminal, the data encryption protocol applied by the second terminal for transmitting the data to the first terminal is switched to the second encryption protocol. Based on the second encryption protocol, whether the heartbeat signal sent by the first terminal is received or not is monitored, namely, when the information sent by the first terminal is received, the information is decrypted based on a decryption algorithm corresponding to the second encryption protocol, if the corresponding heartbeat signal is obtained through decryption, a sending time stamp corresponding to the heartbeat signal is obtained, and therefore whether the heartbeat signal is sent by the first terminal before the expiration time point or not is judged.
S504: if the heartbeat signal sent by the first terminal based on the second encryption protocol is received within the cut-off time point, determining a heartbeat response signal corresponding to the heartbeat signal;
In the method provided by the embodiment of the invention, if the heartbeat signal sent before the cut-off time point is received, a corresponding heartbeat response signal is generated.
If the heartbeat signal sent by the first terminal before the cut-off time point is not received, the data encryption protocol applied by the second terminal for transmitting the data to the first terminal is determined not to be changed into the second encryption protocol.
S505: transmitting the heartbeat response signal to the first terminal based on the second encryption protocol;
in the method provided by the embodiment of the invention, when the heartbeat signal sent before the expiration time point is received, the heartbeat response signal can be encrypted based on the encryption algorithm corresponding to the second encryption protocol, and the encrypted heartbeat response signal is sent to the first terminal.
S506: and determining whether the sending time of the heartbeat response signal is within the cut-off time point, and if the sending time of the heartbeat response signal is within the cut-off time point, determining that a data encryption protocol of the second terminal for transmitting data to the first terminal is required to be changed into the second encryption protocol.
In the method provided by the embodiment of the invention, the second terminal can acquire the sending time stamp of the heartbeat response signal or record the current time when the signal is sent so as to determine the sending time point of the heartbeat response signal, compare the sending time point with the cut-off time point to determine whether the sending time of the heartbeat response signal is before the cut-off time point, and if the heartbeat response signal is sent before the cut-off time point, determine that the data encryption protocol applied by the second terminal for transmitting the data to the first terminal is changed into the second encryption protocol.
Based on the method provided by the embodiment of the invention, whether the data transmission can be established between the second terminal and the first terminal based on the second encryption protocol can be judged by adopting the heartbeat signal, the process is simpler and faster, and the efficiency of changing the encryption protocol can be improved.
Further, an embodiment of the present invention provides a method for changing an encryption protocol, where in step S506, if the sending time of the heartbeat response signal exceeds the deadline, it is determined that the data encryption protocol of the second terminal for transmitting data to the first terminal is not required to be changed to the second encryption protocol.
In the method provided by the embodiment of the invention, if the sending time of the heartbeat response signal exceeds the cut-off time point, the second terminal and the first terminal are indicated that the data transmission between the second terminal and the first terminal cannot be completed based on the second encryption protocol in the normal response time, and it is determined that the data encryption protocol applied to the data transmission to the first terminal is not required to be changed into the second encryption protocol.
According to the method provided by the embodiment of the invention, the abnormal data transmission caused by changing the data transmission protocol into the second encryption protocol under the condition that the normal data communication between the first terminal and the second terminal is difficult to establish based on the second encryption protocol can be avoided.
Corresponding to the method for changing the encryption protocol shown in fig. 4, the embodiment of the invention further provides a device for changing the encryption protocol, which is applied to the second terminal and is used for implementing the method shown in fig. 4, and the structural schematic diagram of the device is shown in fig. 6, and includes:
a third determining unit 601, configured to determine, when receiving a change request sent by a first terminal based on a first encryption protocol, a second encryption protocol corresponding to the change request, where the change request is a request sent by the first terminal in response to a trigger instruction for changing the first encryption protocol;
a second judging unit 602, configured to judge whether the second encryption protocol is a licensed encryption protocol;
a second sending unit 603, configured to determine a permission change response corresponding to the change request if the second encryption protocol is a permission encryption protocol, and send the permission change response to the first terminal based on the first encryption protocol, and trigger the first terminal to determine change information corresponding to the second encryption protocol;
a third judging unit 604, configured to, if the change information sent by the first terminal is received, judge whether a data encryption protocol of data transmitted by the second terminal to the first terminal needs to be changed to the second encryption protocol based on the change information;
And a second changing unit 605, configured to change, if the data encryption protocol of the second terminal for transmitting data to the first terminal needs to be changed to the second encryption protocol, the data encryption protocol of the second terminal for transmitting data to the first terminal to be changed to the second encryption protocol.
On the basis of the apparatus shown in fig. 6, in the apparatus provided by the embodiment of the present invention, the third judging unit 604 includes:
a second sending subunit, configured to determine a change acknowledgement response corresponding to the change information, and send the change acknowledgement response to the first terminal based on the first encryption protocol, and trigger the first terminal to send a heartbeat signal based on the second encryption protocol;
an acquisition subunit, configured to acquire a deadline point included in the change information;
a third judging subunit, configured to judge whether a heartbeat signal sent by the first terminal based on the second encryption protocol is received within the deadline;
a fourth determining subunit, configured to determine, if the heartbeat signal sent by the first terminal based on the second encryption protocol is received within the deadline, a heartbeat response signal corresponding to the heartbeat signal;
A third transmitting subunit, configured to transmit the heartbeat response signal to the first terminal based on the second encryption protocol;
and a fifth determining subunit, configured to determine whether the sending time of the heartbeat response signal is within the deadline, and if the sending time of the heartbeat response signal is within the deadline, determine that a data encryption protocol for transmitting data from the second terminal to the first terminal needs to be changed to the second encryption protocol.
On the basis of the above device, in the device provided by the embodiment of the present invention, the fifth determining subunit further includes:
and a sixth determining subunit, configured to determine that it is not necessary to change the data encryption protocol of the second terminal for transmitting data to the first terminal to the second encryption protocol if the sending time of the heartbeat response signal exceeds the deadline.
The embodiment of the invention also provides a storage medium, which comprises stored instructions, wherein when the instructions run, the equipment where the storage medium is located is controlled to execute the method for changing the encryption protocol.
The embodiment of the present invention further provides an electronic device, whose structural schematic diagram is shown in fig. 7, specifically including a memory 701, and one or more instructions 702, where the one or more instructions 702 are stored in the memory 701, and configured to be executed by the one or more processors 703, where the one or more instructions 702 perform the following operations:
When a trigger instruction for changing a first encryption protocol of a first terminal is received, determining a second encryption protocol, wherein the first encryption protocol is a data encryption protocol applied by the first terminal for transmitting data to the second terminal currently;
transmitting a change request to the second terminal based on the first encryption protocol, wherein the change request is used for requesting to change a data encryption protocol applied by the second terminal for transmitting data to the first terminal into the second encryption protocol;
if a license change response corresponding to the change request sent by the second terminal is received, determining change information corresponding to the second encryption protocol, and sending the change information to the second terminal based on the first encryption protocol;
judging whether the second terminal changes a data encryption protocol of data transmitted by the second terminal to the first terminal into the second encryption protocol based on the change information;
and if the second terminal changes the data encryption protocol of the second terminal for transmitting data to the first terminal into the second encryption protocol based on the change information, changing the data encryption protocol of the first terminal for transmitting data to the second terminal into the second encryption protocol.
Or alternatively, the process may be performed,
when a change request sent by a first terminal based on a first encryption protocol is received, determining a second encryption protocol corresponding to the change request, wherein the change request is sent by the first terminal in response to a trigger instruction for changing the first encryption protocol;
judging whether the second encryption protocol is a permission encryption protocol or not;
if the second encryption protocol is a permission encryption protocol, determining a permission change response corresponding to the change request, and sending the permission change response to the first terminal based on the first encryption protocol, and triggering the first terminal to determine change information corresponding to the second encryption protocol;
if the change information sent by the first terminal is received, judging whether a data encryption protocol of data transmitted by a second terminal to the first terminal is required to be changed to the second encryption protocol or not based on the change information;
and if the data encryption protocol of the second terminal for transmitting data to the first terminal is required to be changed into the second encryption protocol, changing the data encryption protocol of the second terminal for transmitting data to the first terminal into the second encryption protocol.
In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for a system or system embodiment, since it is substantially similar to a method embodiment, the description is relatively simple, with reference to the description of the method embodiment being made in part. The systems and system embodiments described above are merely illustrative, wherein the elements illustrated as separate elements may or may not be physically separate, and the elements shown as elements may or may not be physical elements, may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. Those of ordinary skill in the art will understand and implement the present invention without undue burden.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative elements and steps are described above generally in terms of functionality in order to clearly illustrate the interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1. A method of altering an encryption protocol, the method being applied to a first terminal, the method comprising:
when a trigger instruction for changing a first encryption protocol of the first terminal is received, determining a second encryption protocol, wherein the first encryption protocol is a data encryption protocol applied by the first terminal for transmitting data to the second terminal currently;
transmitting a change request to the second terminal based on the first encryption protocol, wherein the change request is used for requesting to change a data encryption protocol applied by the second terminal for transmitting data to the first terminal into the second encryption protocol;
If a license change response corresponding to the change request sent by the second terminal is received, determining change information corresponding to the second encryption protocol, and sending the change information to the second terminal based on the first encryption protocol;
judging whether the second terminal changes a data encryption protocol of data transmitted by the second terminal to the first terminal into the second encryption protocol based on the change information;
and if the second terminal changes the data encryption protocol of the second terminal for transmitting data to the first terminal into the second encryption protocol based on the change information, changing the data encryption protocol of the first terminal for transmitting data to the second terminal into the second encryption protocol.
2. The method of claim 1, wherein the determining the change information corresponding to the second encryption protocol comprises:
generating a key pair corresponding to the second encryption protocol based on a key generation algorithm corresponding to the second encryption protocol, and acquiring a public key from the key pair;
determining a preset change duration, and determining a cut-off time point based on the preset change duration and a current time point;
And determining the public key and the expiration time point as change information corresponding to the second encryption protocol.
3. The method according to claim 2, wherein the determining whether the second terminal has changed a data encryption protocol of data transmitted by the second terminal to the first terminal to the second encryption protocol based on the change information, includes:
judging whether a change confirmation response corresponding to the change information sent by the second terminal in the cut-off time point is received or not;
if the change confirmation response is received, sending a heartbeat signal to the second terminal based on the second encryption protocol;
judging whether a heartbeat response signal corresponding to the heartbeat signal, which is sent by the second terminal based on the second encryption protocol in the cut-off time point, is received or not;
and if the heartbeat response signal is received, determining that the second terminal changes the data encryption protocol of the data transmitted by the second terminal to the first terminal into the second encryption protocol based on the change signal.
4. A method of altering an encryption protocol, the method being applied to a second terminal, the method comprising:
When a change request sent by a first terminal based on a first encryption protocol is received, determining a second encryption protocol corresponding to the change request, wherein the change request is sent by the first terminal in response to a trigger instruction for changing the first encryption protocol;
judging whether the second encryption protocol is a permission encryption protocol or not;
if the second encryption protocol is a permission encryption protocol, determining a permission change response corresponding to the change request, and sending the permission change response to the first terminal based on the first encryption protocol, and triggering the first terminal to determine change information corresponding to the second encryption protocol;
if the change information sent by the first terminal is received, judging whether a data encryption protocol of the second terminal for transmitting data to the first terminal is required to be changed into the second encryption protocol based on the change information;
and if the data encryption protocol of the second terminal for transmitting data to the first terminal is required to be changed into the second encryption protocol, changing the data encryption protocol of the second terminal for transmitting data to the first terminal into the second encryption protocol.
5. The method of claim 4, wherein the determining whether the data encryption protocol of the second terminal for transmitting data to the first terminal needs to be changed to the second encryption protocol based on the change information comprises:
determining a change confirmation response corresponding to the change information, sending the change confirmation response to the first terminal based on the first encryption protocol, and triggering the first terminal to send a heartbeat signal based on the second encryption protocol;
acquiring a cut-off time point contained in the change information;
judging whether a heartbeat signal sent by the first terminal based on the second encryption protocol is received within the cut-off time point or not;
if the heartbeat signal sent by the first terminal based on the second encryption protocol is received within the cut-off time point, determining a heartbeat response signal corresponding to the heartbeat signal;
transmitting the heartbeat response signal to the first terminal based on the second encryption protocol;
and determining whether the sending time of the heartbeat response signal is within the cut-off time point, and if the sending time of the heartbeat response signal is within the cut-off time point, determining that a data encryption protocol of the second terminal for transmitting data to the first terminal is required to be changed into the second encryption protocol.
6. The method as recited in claim 5, further comprising:
and if the sending time of the heartbeat response signal exceeds the cut-off time point, determining that the data encryption protocol of the second terminal for transmitting data to the first terminal is not required to be changed into the second encryption protocol.
7. An apparatus for altering an encryption protocol, the apparatus being applied to a first terminal, the apparatus comprising:
a first determining unit, configured to determine a second encryption protocol when a trigger instruction for changing a first encryption protocol of the first terminal is received, where the first encryption protocol is a data encryption protocol applied by the first terminal to transmit data to the second terminal currently;
a first sending unit, configured to send a change request to the second terminal based on the first encryption protocol, where the change request is used to request a data encryption protocol applied to transmit data from the second terminal to the first terminal to change to the second encryption protocol;
a second determining unit, configured to determine change information corresponding to the second encryption protocol if a license change response corresponding to the change request sent by the second terminal is received, and send the change information to the second terminal based on the first encryption protocol;
A first judging unit configured to judge whether the second terminal has changed a data encryption protocol of data transmitted by the second terminal to the first terminal to the second encryption protocol based on the change information;
and a first changing unit configured to change, if the second terminal has changed, based on the change information, a data encryption protocol of data transmitted by the second terminal to the first terminal to the second encryption protocol, to change the data encryption protocol of data transmitted by the first terminal to the second encryption protocol.
8. An apparatus for altering an encryption protocol, the apparatus being applied to a second terminal, the apparatus comprising:
a third determining unit, configured to determine, when a change request sent by a first terminal based on a first encryption protocol is received, a second encryption protocol corresponding to the change request, where the change request is a request sent by the first terminal in response to a trigger instruction for changing the first encryption protocol;
a second judging unit configured to judge whether the second encryption protocol is a licensed encryption protocol;
the second sending unit is used for determining a permission change response corresponding to the change request if the second encryption protocol is a permission encryption protocol, sending the permission change response to the first terminal based on the first encryption protocol, and triggering the first terminal to determine change information corresponding to the second encryption protocol;
A third judging unit, configured to, if the change information sent by the first terminal is received, judge whether a data encryption protocol of data transmitted by the second terminal to the first terminal needs to be changed to the second encryption protocol based on the change information;
and the second changing unit is used for changing the data encryption protocol of the second terminal for transmitting data to the first terminal into the second encryption protocol if the data encryption protocol of the second terminal for transmitting data to the first terminal is required to be changed into the second encryption protocol.
9. A storage medium comprising stored instructions, wherein the instructions, when executed, control a device in which the storage medium is located to perform a method of changing an encryption protocol according to any one of claims 1 to 3 or a method of changing an encryption protocol according to any one of claims 4 to 6.
10. An electronic device comprising a memory and one or more instructions, wherein the one or more instructions are stored in the memory and configured to be executed by the one or more processors to implement the method of altering an encryption protocol of any one of claims 1-3 or the method of altering an encryption protocol of any one of claims 4-6.
CN202310655450.3A 2023-06-05 2023-06-05 Method and device for changing encryption protocol, storage medium and electronic equipment Pending CN116599668A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310655450.3A CN116599668A (en) 2023-06-05 2023-06-05 Method and device for changing encryption protocol, storage medium and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310655450.3A CN116599668A (en) 2023-06-05 2023-06-05 Method and device for changing encryption protocol, storage medium and electronic equipment

Publications (1)

Publication Number Publication Date
CN116599668A true CN116599668A (en) 2023-08-15

Family

ID=87600704

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310655450.3A Pending CN116599668A (en) 2023-06-05 2023-06-05 Method and device for changing encryption protocol, storage medium and electronic equipment

Country Status (1)

Country Link
CN (1) CN116599668A (en)

Similar Documents

Publication Publication Date Title
CN108696411B (en) Device for use in a CAN system
US8997254B2 (en) Systems and methods for fast startup streaming of encrypted multimedia content
KR101032016B1 (en) Constrained cryptographic keys
EP2634991A1 (en) Content-centric networking
US9787663B2 (en) Replaying a batch of secure commands in a secure channel
CN106790223B (en) Data transmission method, equipment and system
CN114024710B (en) Data transmission method, device, system and equipment
CN108111497B (en) Mutual authentication method and device for camera and server
WO2010064666A1 (en) Key distribution system
CN109981562B (en) Software development kit authorization method and device
CN108173644A (en) Data transfer encryption method, device, storage medium, equipment and server
CN110708164B (en) Control method and device for Internet of things equipment, storage medium and electronic device
CN111064572B (en) Data communication method and device
CN109544747A (en) Encryption key update method, system and the computer storage medium of intelligent door lock
CN111080299B (en) Anti-repudiation method for transaction information, client and server
CN111970109B (en) Data transmission method and system
CN111628861A (en) Object sharing system and method
CN104243452B (en) A kind of cloud computing access control method and system
CN112672342B (en) Data transmission method, device, equipment, system and storage medium
CN110855597B (en) Message transmission method, server and client
US8006249B2 (en) Method of implementing a state tracking mechanism in a communications session between a server and a client system
CN111699706A (en) Master-slave system for communication over bluetooth low energy connections
CN110234102A (en) Communication means and equipment
CN115766066A (en) Data transmission method, device, safety communication system and storage medium
CN114553957A (en) Service system and method compatible with national password and international HTTPS transmission

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination