CN116614303A - Encryption method for network and information security - Google Patents
Encryption method for network and information security Download PDFInfo
- Publication number
- CN116614303A CN116614303A CN202310744837.6A CN202310744837A CN116614303A CN 116614303 A CN116614303 A CN 116614303A CN 202310744837 A CN202310744837 A CN 202310744837A CN 116614303 A CN116614303 A CN 116614303A
- Authority
- CN
- China
- Prior art keywords
- key
- encryption
- ciphertext
- signature
- unit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 31
- 230000005540 biological transmission Effects 0.000 claims abstract description 19
- 238000006467 substitution reaction Methods 0.000 claims description 4
- 230000004048 modification Effects 0.000 claims description 3
- 238000012986 modification Methods 0.000 claims description 3
- 238000007781 pre-processing Methods 0.000 claims description 3
- 238000012545 processing Methods 0.000 claims description 3
- 230000004044 response Effects 0.000 claims description 3
- 230000006870 function Effects 0.000 abstract description 8
- 230000008569 process Effects 0.000 abstract description 5
- 238000013478 data encryption standard Methods 0.000 description 23
- 238000007726 management method Methods 0.000 description 9
- 238000005516 engineering process Methods 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
- 238000012552 review Methods 0.000 description 1
- 230000017105 transposition Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Health & Medical Sciences (AREA)
- Biomedical Technology (AREA)
- General Health & Medical Sciences (AREA)
- Life Sciences & Earth Sciences (AREA)
- Biodiversity & Conservation Biology (AREA)
- Storage Device Security (AREA)
Abstract
The invention relates to the technical field of network security, and discloses a network and information security encryption method, which comprises the following steps: s1, performing DES encryption on a message digest through a session key; s2, generating a public key and a private key through an RAS; s3, authenticating the session key through fingerprints, and carrying out RAS encryption on the session key through the public key; and S4, sending the signature and the ciphertext to a receiver. The invention carries out the mixed encryption mode of the message by the symmetric encryption algorithm DES and the asymmetric encryption algorithm RAS, and carries out the identity authentication by fingerprints in the encryption process, has the functions of digital signature and authentication, can check the correctness of the signature and the secret key, ensures the integrity and the authenticity of the transmitted data, and ensures that the data is not easy to be tampered; and the encrypted key ciphertext is also stored in the file, so that the key safety is ensured, the key is not required to be independently transmitted, the risk of secret leakage of the key is reduced, and the safety of file transmission is improved.
Description
Technical Field
The invention relates to the technical field of network security, in particular to an encryption method for network and information security.
Background
With the development of the information age, computer networks have become an information exchange tool that is most important in our daily lives, but are revealed when information is transferred in the network, so that network security is increasingly receiving attention from enterprises and individuals. Encryption algorithm is one of important means for protecting information security; among them, DES (Data Encryption Standard) is a fast symmetric encryption algorithm, and is widely used in the field of commercial encryption. But the key length is shorter, and the key is easy to be threatened by attack means such as violent cracking, differential attack and the like; RSA (Ron Rivest, adi Shamir, leonard Adleman) is an asymmetric key encryption algorithm with higher security; but the encryption and decryption process takes a long time due to its slow speed. Due to the continuous evolution of encryption algorithms and the continuous improvement of encryption technologies, a single encryption algorithm often cannot completely meet the security requirements of cryptography. Thus, hybrid encryption algorithms have evolved.
The Chinese patent discloses a key management method and system (bulletin number CN 108092761B) based on RSA and 3DES, the technology of the patent is greatly improved in safety compared with the traditional single encryption protection of base64 and 3DES, the RSA is only used for guaranteeing the distribution of 3DES secret key pairs, the encryption and decryption of service data are processed by the 3DES algorithm, the encryption and decryption efficiency of the service request is furthest improved, but the integrity and the authenticity of the transmission data cannot be guaranteed, so that the data can be tampered and cannot be easily found.
Disclosure of Invention
The invention aims to provide a network and information security encryption method to solve the problems in the background technology.
In order to achieve the above purpose, the present invention provides the following technical solutions:
an encryption method for network and information security, which is based on a secure transmission system for encrypting, decrypting and transmitting information, is characterized by comprising the following steps:
s1, firstly calculating a message to be transmitted through a Hash function to generate a message abstract with a fixed length; generating a 64-bit random number serving as a session key through a symmetric encryption algorithm DES, and performing DES encryption on the message digest to obtain a ciphertext;
s2, generating a public key and a private key through an asymmetric encryption algorithm RAS, and disclosing the public key and keeping the private key secret;
s3, authenticating the session key to an identity authentication center through the fingerprint, and performing RAS encryption on the session key after fingerprint authentication through the public key to obtain a signature;
s4, the sender combines the signature and the ciphertext and sends the signature and the ciphertext to the receiver; after receiving the signature and the ciphertext, the receiver can decrypt the signature and the ciphertext by using the private key.
As still further aspects of the invention: in the step S1, the DES encryption method is as follows:
s11, initially replacing IP, namely firstly dividing a plaintext into bit strings with the same length as 64 bits, and then replacing the bit strings by the initially replacing IP; obtaining a new bit string with 64 bits and equal length;
s12, dividing the new bit string into a left half and a right half, and 32 bits each;
s13, carrying out 16 iterations on the new bit string through an encryption function; the result obtained after iteration is subjected to inverse initial substitution IP -1 And re-scrambling the new bit string, and obtaining an output result which is 64-bit ciphertext.
As still further aspects of the invention: in the step S2, the identity authentication method is as follows: registering the fingerprint in a sample database in advance, setting a corresponding identification code, inputting a fingerprint image and inputting the identification code during comparison, extracting a fingerprint sample from the database by the system according to the identification code, preprocessing the fingerprint image, and comparing the fingerprint image with the characteristics of the input fingerprint to obtain a fingerprint comparison result; and when the two results are consistent, the identity authentication is completed.
As still further aspects of the invention: in the step S3, the RAS encryption method is as follows:
s21, arbitrarily selecting two different large prime numbers p and q, and calculating a product n=p×q; randomly selecting an encryption key K e So that K is e Is compatible with (p-1), (q-1), K e As public key, and let n and K e Public, wherein p and q are discarded and are not known to anyone;
s23, calculating decryption key K by reusing Euclid algorithm d So that it meets K d *e=1(mod(p-1)*(q-1));K d As a private key and in secret;
s24, encrypting the plaintext Q into ciphertext C, wherein,encryption is completed.
As still further aspects of the invention: the secure transmission system comprises a system management module, a key management module, a hybrid encryption and decryption module and a file transmission module;
the system management module is used for user login authentication, based on user role access, a user can call out the authority of the user according to the role information owned by the user when logging in, and the operation beyond the authority of the user is forbidden forcedly according to the authority.
As still further aspects of the invention: the key management module comprises a key generation unit, a key preservation unit, a key modification unit, a key inquiry unit and a key release unit.
As still further aspects of the invention: the mixed encryption and decryption module comprises a mixed encryption unit and a mixed decryption unit, and the file transmission module comprises a file sending unit and a file receiving unit; the file sending unit is used for receiving the connection request of the client, receiving the information of the client and the sent encrypted file, and sending a receiving result and response information to the client; the file receiving unit is used for applying for connecting to the server, sending a file transmission request to the server and processing a receiving result sent back by the server.
Compared with the prior art, the invention has the beneficial effects that:
the invention carries out the mixed encryption mode of the message by the symmetric encryption algorithm DES and the asymmetric encryption algorithm RAS, and carries out the identity authentication by fingerprints in the encryption process, has the functions of digital signature and authentication, can check the correctness of the signature and the secret key, ensures the integrity and the authenticity of the transmitted data, and ensures that the data is not easy to be tampered; and the encrypted key ciphertext is also stored in the file, so that the key safety is ensured, the key is not required to be independently transmitted, the risk of secret leakage of the key is reduced, and the safety of file transmission is improved.
Detailed Description
In the embodiment of the invention, a network and information security encryption method is used for encrypting, decrypting and transmitting information based on a security transmission system and comprises the following steps:
s1, calculating a message X to be sent through a Hash function to generate a message abstract Hash (X) with a fixed length; then generating a 64-bit random number as a session key K through a symmetric encryption algorithm DES h Performing DES encryption on the message digest Hash (X) to obtain a ciphertext DES (X);
s2, generating a public key K through an asymmetric encryption algorithm RAS e And a private key K d And public key K e Public, but keep private key secret K d ;
S3, the session key K is further processed through fingerprints h Authentication is performed to the identity authentication center, and then public key K is used for authentication d Session key K after fingerprint authentication h RAS encryption is carried out to obtain a signature (Hash (X), K);
s4, the sender combines the signature (Hash (X), K) and the ciphertext DES (X) and then sends the signature (Hash (X), K) and the ciphertext DES (X) to the receiver; after the receiver receives the signature (Hash (X), K) and ciphertext DES (X), the receiver uses the private key K d Decryption may be performed.
Preferably, in step S1, the DES encryption method is as follows:
s11, initially replacing IP, firstly dividing a plaintext into bit strings m with 64 bits and equal length i Then the bit string m is subjected to initial substitution IP i Transposition is carried out; obtaining a new bit string m with 64 bits and equal length j ;
S12, new bit string m j Is divided into left and right halves, the left half is called L j The right half is called R j 32 bits each;
s13, the new bit string m is subjected to encryption function f j Is performed for 16 iterations; the result obtained after iteration is subjected to inverse initial substitution IP -1 New bit string m j Re-scrambling, and obtaining an output result which is 64-bit ciphertext; realizing the key K by means of an encryption function f j For R j-1 As a result of encryption of 32-bit data set f (R j-1 ,K j ) And f (R) j-1 ,K j ) And L is equal to j Modulo-2 addition, again yielding a 32 bitData sets of (2)Then use->R as second encryption iteration j By R j-1 L as an iteration of the second encryption j Ending the first encryption iteration process; the second to 16 th encryption iterations use the subkey K respectively 2 ,…,K 16 The process is the same as the first encryption iteration.
Preferably, in step S2, the method of identity authentication is as follows: registering the fingerprint in a sample database in advance, setting a corresponding identification code, inputting a fingerprint image and inputting the identification code during comparison, extracting a fingerprint sample from the database by the system according to the identification code, preprocessing the fingerprint image, and comparing the fingerprint image with the characteristics of the input fingerprint to obtain a fingerprint comparison result; and when the two results are consistent, the identity authentication is completed.
Preferably, in the step S3, the method for encrypting and decrypting the RAS is as follows:
s21, arbitrarily selecting two different large prime numbers p and q, and calculating a product n=p×q; randomly selecting an encryption key K e So that K is e Is compatible with (p-1), (q-1), K e As public key, and let n and K e Public, wherein p and q are discarded and are not known to anyone;
s23, calculating decryption key K by reusing Euclid algorithm d So that it meets K d *e=1(mod(p-1)*(q-1));K d As a private key and in secret;
s24, encrypting the plaintext Q into ciphertext C, wherein,finishing encryption; if the ciphertext C is decrypted into plaintext Q, wherein ++>Decryption is completed, and p and q are discarded, so that the decryption cannot be performed according to n and qK e To calculate K d The method comprises the steps of carrying out a first treatment on the surface of the Thus, anyone can encrypt the plaintext, but only the authorized user (i.e. knows K d ) The ciphertext may be decrypted.
Preferably, the secure transmission system comprises a system management module, a key management module, a hybrid encryption and decryption module and a file transmission module;
the system management module is used for user login authentication, based on user role access, a user can call out the authority of the user according to the role information owned by the user when logging in, and the operation beyond the authority of the user is forbidden forcedly according to the authority; for example, the administrator can perform operations of adding a user, deleting a user, modifying a password, and resetting a password, whereas the general user can perform only operations of modifying a password.
Preferably, the key management module includes a key generation unit, a key saving unit, a key modification unit, a key inquiry unit, and a key issuing unit.
Preferably, the hybrid encryption and decryption module comprises a hybrid encryption unit and a hybrid decryption unit, and the file transmission module comprises a file sending unit and a file receiving unit; the file sending unit is used for receiving the connection request of the client, receiving the information of the client and the sent encrypted file, and sending a receiving result and response information to the client; the file receiving unit is used for applying for connecting to the server, sending a file transmission request to the server and processing a receiving result sent back by the server.
To better illustrate the technical effects of the present invention, an explanation is given by way of example:
for example, the first company needs to send a bidding document X to the second company of bidding units through an electronic network, so as to prevent the document from being intercepted by a competitor, thereby enabling the competitor to obtain own base price and losing competitiveness, and therefore, the document needs to be encrypted;
project manager Zhang Mou of company a selects bidding document X to be transmitted from computer, then calculates bidding document X to be transmitted through Hash function to generate message abstract Hash (X) with fixed length; then generating a 6 by symmetric encryption algorithm DES4-bit random number as session key K h And the session key K h Storing the data into a memory of a computer; then pass through the session key K h Performing DES encryption on the message digest Hash (X) to obtain a ciphertext DES (X);
then Zhang Mou generates a public key K by the asymmetric encryption algorithm RAS e And a private key K d And public key K e Public, but keep private key secret K d The method comprises the steps of carrying out a first treatment on the surface of the Next, zhang Mou registers its own fingerprint in the authentication center, and uses its own fingerprint to store the session key K h Authenticating the identity authentication center, and passing through the public key K after authentication is completed d Session key K after fingerprint authentication h RAS encryption is carried out to obtain a signature (Hash (X), K);
next, zhang Mou sends the signature (Hash (X), K) to company b together with the ciphertext DES (X); after the signature (Hash (X), K) and ciphertext DES (X) are received by company b Li Mou, the private key K in the RAS pair is encrypted using an asymmetric encryption algorithm d Decrypting the signature (Hash (X), K) to obtain the original session key K h The method comprises the steps of carrying out a first treatment on the surface of the Reuse of session key K h The ciphertext DES (X) is decrypted, and the ciphertext DES (X) can be restored into the original data for review.
When the signature (Hash (X), K) and the ciphertext DES (X) are stolen by Wang Mou of a third party company in the communication transmission process, wang Mou, in order to enable the third party company to be unable to bid, the ciphertext DES (X) is modified to DES (X ') so as to improve the bid probability of the third party company, the signature (Hash (X), K) is modified to be (Hash (X'), and when Li Mou of the fourth party company receives the signature (Hash (X '), K') and DES (X '), the bidding document X can be tampered by comparing the message abstract Hash (X) with the Hash (X');
when the company Wang Mou of the company C impersonates Zhang Mou of the company A, the company B is signed (Hash (X '), K') by Li Mou, and as the company A Wang Mou cannot obtain the fingerprint of the company A Zhang Mou, the identity authentication cannot be passed, the RAS encryption cannot be carried out, and thus the signature cannot be successful;
in order to obtain improper benefits, li Mou of company b wants to tamper the bidding document X with X 'and tamper the message digest Hash (X) with Hash (X'), but Li Mou of company b cannot obtain decrypted (Hash (X '), K'), so Li Mou of company b cannot be fraudulent by tampering with the bidding document X;
when company b Li Mou holds the decrypted signature (Hash (X), K), after company a has bid, the previous bid is considered too low to acknowledge the previous bid file X, nor is it able to repudiate the transmitted message X.
The present invention is not limited to the above-mentioned embodiments, and any person skilled in the art, based on the technical solution of the present invention and the inventive concept thereof, can be replaced or changed equally within the scope of the present invention.
Claims (7)
1. An encryption method for network and information security, which is based on a secure transmission system for encrypting, decrypting and transmitting information, is characterized by comprising the following steps:
s1, firstly calculating a message to be transmitted through a Hash function to generate a message abstract with a fixed length; generating a 64-bit random number serving as a session key through a symmetric encryption algorithm DES, and performing DES encryption on the message digest to obtain a ciphertext;
s2, generating a public key and a private key through an asymmetric encryption algorithm RAS, and disclosing the public key and keeping the private key secret;
s3, authenticating the session key to an identity authentication center through the fingerprint, and performing RAS encryption on the session key after fingerprint authentication through the public key to obtain a signature;
s4, the sender combines the signature and the ciphertext and sends the signature and the ciphertext to the receiver; after receiving the signature and the ciphertext, the receiver can decrypt the signature and the ciphertext by using the private key.
2. The encryption method for network and information security according to claim 1, wherein in the step S1, the DES encryption method is as follows:
s11, initially replacing IP, namely firstly dividing a plaintext into bit strings with the same length as 64 bits, and then replacing the bit strings by the initially replacing IP; obtaining a new bit string with 64 bits and equal length;
s12, dividing the new bit string into a left half and a right half, and 32 bits each;
s13, carrying out 16 iterations on the new bit string through an encryption function; the result obtained after iteration is subjected to inverse initial substitution IP -1 And re-scrambling the new bit string, and obtaining an output result which is 64-bit ciphertext.
3. The method for encrypting network and information security according to claim 1, wherein in said step S2, the method for authenticating identity is as follows: registering the fingerprint in a sample database in advance, setting a corresponding identification code, inputting a fingerprint image and inputting the identification code during comparison, extracting a fingerprint sample from the database by the system according to the identification code, preprocessing the fingerprint image, and comparing the fingerprint image with the characteristics of the input fingerprint to obtain a fingerprint comparison result; and when the two results are consistent, the identity authentication is completed.
4. The encryption method for network and information security according to claim 1, wherein in the step S3, the RAS encryption method is as follows:
s21, arbitrarily selecting two different large prime numbers p and q, and calculating a product n=p×q; randomly selecting an encryption key K e So that K is e Is compatible with (p-1), (q-1), K e As public key, and let n and K e Public, wherein p and q are discarded and are not known to anyone;
s23, calculating decryption key K by reusing Euclid algorithm d So that it meets K d *e=1(mod(p-1)*(q-1));K d As a private key and in secret;
s24, encrypting the plaintext Q into ciphertext C, wherein,encryption is completed.
5. The network and information security encryption method according to claim 1, wherein the secure transmission system comprises a system management module, a key management module, a hybrid encryption and decryption module and a file transmission module;
the system management module is used for user login authentication, based on user role access, a user can call out the authority of the user according to the role information owned by the user when logging in, and the operation beyond the authority of the user is forbidden forcedly according to the authority.
6. The encryption method according to claim 5, wherein the key management module comprises a key generation unit, a key storage unit, a key modification unit, a key inquiry unit, and a key distribution unit.
7. The encryption method for network and information security according to claim 5, wherein the hybrid encryption/decryption module comprises a hybrid encryption unit and a hybrid decryption unit, and the file transmission module comprises a file sending unit and a file receiving unit; the file sending unit is used for receiving the connection request of the client, receiving the information of the client and the sent encrypted file, and sending a receiving result and response information to the client; the file receiving unit is used for applying for connecting to the server, sending a file transmission request to the server and processing a receiving result sent back by the server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310744837.6A CN116614303A (en) | 2023-06-21 | 2023-06-21 | Encryption method for network and information security |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310744837.6A CN116614303A (en) | 2023-06-21 | 2023-06-21 | Encryption method for network and information security |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116614303A true CN116614303A (en) | 2023-08-18 |
Family
ID=87685474
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310744837.6A Pending CN116614303A (en) | 2023-06-21 | 2023-06-21 | Encryption method for network and information security |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116614303A (en) |
-
2023
- 2023-06-21 CN CN202310744837.6A patent/CN116614303A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP3560439B2 (en) | Device for performing encryption key recovery | |
| US6125185A (en) | System and method for encryption key generation | |
| US5535276A (en) | Yaksha, an improved system and method for securing communications using split private key asymmetric cryptography | |
| CN101064595B (en) | Computer network safe input authentication system and method | |
| US20170244687A1 (en) | Techniques for confidential delivery of random data over a network | |
| US7149311B2 (en) | Methods and apparatus for providing networked cryptographic devices resilient to capture | |
| US20060195402A1 (en) | Secure data transmission using undiscoverable or black data | |
| US11870891B2 (en) | Certificateless public key encryption using pairings | |
| CN114024710A (en) | Data transmission method, device, system and equipment | |
| EP0755598A1 (en) | Computer network cryptographic key distribution system | |
| CN110519046A (en) | Quantum communications service station cryptographic key negotiation method and system based on disposable asymmetric key pair and QKD | |
| CN113067823B (en) | Mail user identity authentication and key distribution method, system, device and medium | |
| CN110519226B (en) | Quantum communication server secret communication method and system based on asymmetric key pool and implicit certificate | |
| CN111080299B (en) | Anti-repudiation method for transaction information, client and server | |
| EP1079565A2 (en) | Method of securely establishing a secure communication link via an unsecured communication network | |
| CN111416712B (en) | Quantum secret communication identity authentication system and method based on multiple mobile devices | |
| Darwish et al. | A model to authenticate requests for online banking transactions | |
| US20220038267A1 (en) | Methods and devices for secured identity-based encryption systems with two trusted centers | |
| CN110048852B (en) | Quantum communication service station digital signcryption method and system based on asymmetric key pool | |
| CN116707778A (en) | Data hybrid encryption transmission method and device and electronic equipment | |
| CN116614303A (en) | Encryption method for network and information security | |
| CN112822015A (en) | Information transmission method and related device | |
| RU2819174C1 (en) | Method of determining source of data packets in telecommunication networks | |
| CN114374519B (en) | Data transmission method, system and equipment | |
| US11962691B1 (en) | Systems, methods, and media for generating and using a multi-signature token for electronic communication validation |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |