CN116707778A - Data hybrid encryption transmission method and device and electronic equipment - Google Patents

Data hybrid encryption transmission method and device and electronic equipment Download PDF

Info

Publication number
CN116707778A
CN116707778A CN202310568917.0A CN202310568917A CN116707778A CN 116707778 A CN116707778 A CN 116707778A CN 202310568917 A CN202310568917 A CN 202310568917A CN 116707778 A CN116707778 A CN 116707778A
Authority
CN
China
Prior art keywords
data
key
original
symmetric encryption
encryption key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310568917.0A
Other languages
Chinese (zh)
Inventor
刘茂
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Boc Financial Technology Co ltd
Original Assignee
Boc Financial Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Boc Financial Technology Co ltd filed Critical Boc Financial Technology Co ltd
Priority to CN202310568917.0A priority Critical patent/CN116707778A/en
Publication of CN116707778A publication Critical patent/CN116707778A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/088Usage controlling of secret information, e.g. techniques for restricting cryptographic keys to pre-authorized uses, different access levels, validity of crypto-period, different key- or password length, or different strong and weak cryptographic algorithms

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides a data mixed encryption transmission method, a device and electronic equipment, which belong to the technical field of information security, wherein the data mixed encryption transmission method is applied to a data sending end and comprises the following steps: sending encrypted data encrypted by an original symmetric encryption key to a data processing end, and encrypting the original symmetric encryption key to obtain a first key in an asymmetric encryption mode; receiving an encryption return result sent by a data processing end; decrypting the encrypted return result to obtain a return result; the data mixed encryption transmission method is applied to a data processing end and comprises the following steps: receiving encrypted data and a first key sent by a data sending end; decrypting the first key to obtain an original symmetric encryption key; decrypting the encrypted data by using the original symmetric encryption key to obtain original data; carrying out service processing on the original data to generate a return result; encrypting the returned result to obtain an encrypted returned result; and sending an encryption return result to the data sending end.

Description

Data hybrid encryption transmission method and device and electronic equipment
Technical Field
The present invention relates to the field of information security technologies, and in particular, to a data hybrid encryption transmission method, device, and electronic device.
Background
With the rapid development of global informatization and networking, the data transmission amount is explosively increased. In business scenes such as payment, consultation and reservation, the service platform receives original data sent by the client, performs business processing based on the original data, generates return result data and sends the return result data to the client. Sensitive information such as personal privacy and business confidentiality exists in the original data and the returned result data, if the sensitive information is leaked, the damage of the sensitive information is immeasurable, so that the security of data transmission is enhanced in the whole flow of business processing. In the whole business processing process, the prior art is generally limited to encrypting and transmitting the original data, and the transmission of the returned result data lacks security protection and risks sensitive information leakage.
Disclosure of Invention
The invention provides a data mixed encryption transmission method, a device and electronic equipment, which are used for solving the defects that the transmission of return result data is lack of safety protection and risk of sensitive information leakage exists only when the transmission of the original data is limited to encryption transmission in the prior art, realizing the safety transmission of the original data and the return result data, and preventing sensitive information leakage.
In a first aspect, the present invention provides a data hybrid encryption transmission method, applied to a data transmitting end, including:
sending encrypted data encrypted by an original symmetric encryption key to a data processing end, and encrypting the original symmetric encryption key to obtain a first key in an asymmetric encryption mode;
receiving an encryption return result sent by the data processing end, wherein the encryption return result is obtained by decrypting a first key by the data processing end, obtaining an original symmetric encryption key, decrypting the encrypted data by using the original symmetric encryption key, obtaining the original data, performing service processing on the original data, obtaining a return result, and encrypting the return result by using the original symmetric encryption key;
and decrypting the encrypted return result through the original symmetric encryption key to obtain the return result.
In some embodiments, the method further comprises:
generating an original symmetric encryption key;
encrypting the original data by using the original symmetric encryption key to obtain the encrypted data;
encrypting the original symmetric encryption key according to an asymmetric encryption mode to obtain the first key.
In some embodiments, the generating the original symmetric encryption key includes:
the original symmetric encryption key is generated by the advanced encryption standard AES algorithm.
In some embodiments, the encrypting the original symmetric encryption key according to the asymmetric encryption manner to obtain the first key includes:
and encrypting the original symmetric encryption key through an RSA algorithm to obtain the first key.
In a second aspect, the present invention further provides a data hybrid encryption transmission method, applied to a data processing end, including:
receiving encrypted data which is transmitted by a data transmitting end and is encrypted by an original symmetric encryption key, and a first key which is obtained by encrypting the original symmetric encryption key in an asymmetric encryption mode;
decrypting the first key to obtain an original symmetric encryption key;
decrypting the encrypted data by using the original symmetric encryption key to obtain original data;
performing service processing on the original data to generate a return result;
encrypting the return result by using the original symmetric encryption key to obtain an encrypted return result;
and sending the encryption return result to the data sending end.
In some embodiments, the decrypting the first key to obtain the original symmetric encryption key includes:
and decrypting the first key through an RSA algorithm to obtain an original symmetric encryption key.
In some embodiments, the decrypting the encrypted data using the original symmetric encryption key to obtain the original data includes:
and performing AES decryption on the encrypted data by using the original symmetric encryption key to obtain original data.
In a third aspect, the present invention further provides a data hybrid encryption transmission device, applied to a data transmitting end, including:
the first sending unit is used for sending the encrypted data encrypted by the original symmetric encryption key and a first key obtained by encrypting the original symmetric encryption key in an asymmetric encryption mode to the data processing end;
the first receiving unit is used for receiving an encryption return result sent by the data processing end, wherein the encryption return result is obtained by decrypting a first key by the data processing end, obtaining the original symmetric encryption key, decrypting the encrypted data by using the original symmetric encryption key, obtaining the original data, carrying out service processing on the original data, obtaining a return result, and encrypting the return result by using the original symmetric encryption key;
And the first decryption unit is used for decrypting the encryption return result through the original symmetric encryption key to obtain the return result.
In a fourth aspect, the present invention further provides a data hybrid encryption transmission device, applied to a data processing end, including:
the second receiving unit is used for receiving the encrypted data which is transmitted by the data transmitting end and is encrypted by the original symmetric encryption key and a first key which is obtained by encrypting the original symmetric encryption key in an asymmetric encryption mode;
the second decryption unit is used for decrypting the first key to obtain an original symmetric encryption key;
the third decryption unit is used for decrypting the encrypted data by using the original symmetric encryption key to obtain original data;
the service processing unit is used for carrying out service processing on the original data and generating a return result;
the third encryption unit is used for encrypting the return result by using the original symmetric encryption key to obtain an encrypted return result;
and the second sending unit is used for sending the encryption return result to the data sending end.
In a fifth aspect, the present invention further provides an electronic device, including a memory, a processor, and a computer program stored in the memory and capable of running on the processor, where the processor implements the data hybrid encryption transmission method according to any one of the above or implements the data hybrid encryption transmission method according to any one of the above when executing the program.
According to the data mixed encryption transmission method, the data mixed encryption transmission device and the electronic equipment, the data transmitting end receives an encryption return result transmitted by the data processing end and decrypts the encryption return result to obtain the return result by transmitting the encrypted data encrypted by the original symmetric encryption key and a first key obtained by encrypting the original symmetric encryption key in an asymmetric encryption mode to the data processing end; the data processing end decrypts the first key by receiving the encrypted data and the first key sent by the data sending end to obtain an original symmetric encryption key, decrypts the encrypted data by using the original symmetric encryption key to obtain original data, performs service processing on the original data to generate a return result, encrypts the return result by using the original symmetric encryption key to obtain an encrypted return result, and sends the encrypted return result to the data sending end, so that the safety of the original data transmission is improved in a hybrid encryption mode, the return result can be safely transmitted, and sensitive information leakage can be effectively prevented.
Drawings
In order to more clearly illustrate the invention or the technical solutions of the prior art, the following description will briefly explain the drawings used in the embodiments or the description of the prior art, and it is obvious that the drawings in the following description are some embodiments of the invention, and other drawings can be obtained according to the drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic flow chart of a data hybrid encryption transmission method according to an embodiment of the present invention;
FIG. 2 is a second flow chart of a data hybrid encryption transmission method according to an embodiment of the present invention;
fig. 3 is an overall flow diagram of a data hybrid encryption transmission method according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a data hybrid encryption transmission device provided by the present invention;
FIG. 5 is a schematic diagram of a second embodiment of a data hybrid encryption transmission device according to the present invention;
fig. 6 is a schematic structural diagram of an electronic device provided by the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the present invention more apparent, the technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings, and it is apparent that the described embodiments are some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
The terms "first," "second," and the like in the description of the present invention, are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the terms so used are interchangeable under appropriate circumstances such that the embodiments of the invention are capable of operation in sequences other than those illustrated or otherwise described herein, and that the "first" and "second" distinguishing between objects generally are not limited in number to the extent that the first object may, for example, be one or more.
In business scenarios such as payment, consultation, reservation and the like, sensitive information such as user identity information, payment passwords and the like usually exists in the original data, and sensitive data may also exist in a returned result generated after business processing is performed based on the original data, such as account numbers, transaction amounts and the like may exist in a returned result such as payment certificates, electronic invoices and the like generated after payment, and if the information is leaked and utilized by lawbreakers in the transmission process, damage of the information is immeasurable, property loss may be caused, and serious influence may be caused on personal life and reputation of enterprises.
Cryptography is the key and core to secure information, and encryption algorithm research is a very important and effective measure to protect information security and integrity. The asymmetric encryption mode is simply used, the encryption process is complex, the time consumption is long, and the performance is not high. But has the advantage of data transmission security; the symmetric encryption mode is not safe, and the secret key is easy to intercept in the transmission process, but has the advantages of high encryption efficiency, and is suitable for encrypting sensitive data with large transmission quantity. In the prior art, only the original data is generally transmitted in a mixed encryption mode to prevent the original data from being leaked, and a return result is directly transmitted, so that the risk of leakage of sensitive information in the return result exists.
The invention provides a data mixed encryption transmission method, a device and electronic equipment, wherein a data transmitting end receives an encryption return result transmitted by a data processing end and decrypts the encryption return result to obtain a return result by transmitting encrypted data encrypted by an original symmetric encryption key and a first key obtained by encrypting the original symmetric encryption key in an asymmetric encryption mode to the data processing end; the data processing end decrypts the first key by receiving the encrypted data and the first key sent by the data sending end to obtain an original symmetric encryption key, decrypts the encrypted data by using the original symmetric encryption key to obtain the original data, performs service processing on the original data to generate a return result, encrypts the return result by using the original symmetric encryption key to obtain an encrypted return result, and sends the encrypted return result to the data sending end. The invention not only improves the safety of the original data transmission in a hybrid encryption mode, but also can carry out the safety transmission on the returned result, and can effectively prevent sensitive information from being leaked.
Fig. 1 is a schematic flow chart of a data hybrid encryption transmission method according to an embodiment of the present invention. As shown in fig. 1, a data hybrid encryption transmission method is provided, which is applied to a data transmitting end, and includes the following steps: step 110, step 120, step 230. The method flow steps are only one possible implementation of the invention.
And 110, transmitting the encrypted data encrypted by the original symmetric encryption key to the data processing end, and encrypting the original symmetric encryption key to obtain a first key in an asymmetric encryption mode.
The data transmitting end is a source or a sender of data, the data is generated and transmitted to the data processing end, and the data transmitting end can be a mobile phone, a computer, a sensor, an application program, a monitor and the like.
The data processing end is a data receiving end or a data processing service end, the service end can process and analyze the data according to the characteristics and service requirements of the data, obtain corresponding results and return the results to the data sending end or push the results to other terminal users, and the data processing end can be a computer, a server cluster, a cloud platform or other algorithm processing platforms.
It will be appreciated that in different application scenarios, the data transmitting end and the data processing end are different, and in a payment scenario, for example, the data transmitting end is typically a payment initiator terminal, and the raw data refers to information related to payment, such as payment amount, payer account information, payee account information, payment time, and so on; the data processing end is a payment mechanism, a bank or a third party payment platform and is responsible for receiving and processing the payment related data, completing the payment transaction and feeding back the payment result to the data sending end.
The symmetric encryption is a common encryption mode, uses the same key to encrypt and decrypt, and has the advantages of high encryption and decryption speed, and is suitable for encrypting a large amount of data.
The asymmetric encryption uses a pair of keys (public key and private key) to encrypt and decrypt, the public key and the private key are generated simultaneously and correspond to each other one by one, the public key can be published publicly, the private key is only known to an owner, the public key is used for encryption, the private key is used for decryption, the public key is irreversible, the data transmitting end is provided with the public key, the data processing end is provided with the private key corresponding to the public key, the data transmitting end encrypts data through the public key and then transmits encrypted data to the data processing end, the data processing end decrypts through the private key, and the asymmetric encryption has the advantage of better protecting the security of the key.
And 120, receiving an encryption return result sent by the data processing end, wherein the encryption return result is obtained by decrypting the first key by the data processing end to obtain an original symmetric encryption key, decrypting the encrypted data by using the original symmetric encryption key to obtain the original data, performing service processing on the original data to obtain a return result, and encrypting the return result by using the original symmetric encryption key.
Optionally, in the payment scenario, if the payment is successful, the returned result may include information about payment amount, payment time, transaction type, etc., and if the payment is unsuccessful, the returned result may include information about payment failure reason, error code, etc.
It will be appreciated that the returned result may contain sensitive information, such as a payment amount, and the accuracy of the returned result is very important, while the security of encrypting the returned result is better, so that the sensitive information is prevented from being revealed or tampered during the transmission process.
And 130, decrypting the encrypted return result through the original symmetric encryption key to obtain the return result.
Optionally, the encryption return may be decrypted by a data encryption standard (Data Encryption Standard, DES) algorithm, an advanced encryption standard (Advanced Encryption Standard, AES) algorithm, an international data encryption algorithm (International Data Encryption Algorithm, IDEA), or the like.
It can be understood that decrypting the returned result can obtain a returned result with higher accuracy, and the service processing condition can be known according to the returned result so as to further initiate processing of other related services.
In the embodiment of the invention, the encryption return result sent by the data processing end is received by sending the encrypted data encrypted by the original symmetric encryption key and the first key obtained by encrypting the original symmetric encryption key according to the asymmetric encryption mode to the data processing end, and the encryption return result is decrypted to obtain the return result.
It should be noted that each embodiment of the present invention may be freely combined, exchanged in order, or separately executed, and does not need to rely on or rely on a fixed execution sequence.
In some embodiments, the above method further comprises:
generating an original symmetric encryption key;
encrypting the original data by using the original symmetric encryption key to obtain encrypted data;
and encrypting the original symmetric encryption key in an asymmetric encryption mode to obtain a first key.
Alternatively, the original symmetric encryption key may be generated by a random number generator.
Further, in the process of encrypting the original data by using the original symmetric encryption key, the original data is subjected to byte Substitution by a byte Substitution box (S box), the original data is converted into a byte array, a cryptograph is initialized and set to determine a cryptograph element, the byte array is encrypted by the cryptograph to obtain encrypted content, the encrypted content is transcoded by a coding method Base64 based on 64 characters, and finally an encrypted character string, namely the encrypted data, is generated.
The encoder element may include an encryption algorithm, an encryption mode, a Padding mode, and the like, for example, the encryption algorithm is an AES algorithm, the encryption mode is a cipher block chaining mode (Cipher Block Chaining, CBC), the Padding mode is a public key cryptography standard part 5Padding (PKCS 5 Padding), and the encoder element is denoted as "AES/CBC/PKCS5Padding".
The first key is obtained by encrypting an original symmetric encryption key through an asymmetric encryption public key.
It can be understood that by generating the original symmetric encryption key, the original symmetric encryption key is used to encrypt the original data to obtain the encrypted data, so that the encryption efficiency can be improved, and the original symmetric encryption key is encrypted according to the asymmetric encryption mode to obtain the first key, so that the security of the original data is further improved.
In some embodiments, generating the original symmetric encryption key includes:
the original symmetric encryption key is generated by the AES algorithm.
Among them, AES algorithm encrypts and decrypts data using 128-bit, 192-bit or 256-bit key, and AES is widely used in the field of data encryption and decryption of computer and communication networks due to its high security and high reliability.
Alternatively, the AES algorithm is selected to determine a key length, such as a 128 bit key, to generate a random key of 128 bits in length.
It can be understood that the original symmetric encryption key generated by the AES algorithm can obtain the original symmetric encryption key with higher security and reliability, and can be used for encrypting the original data and the return result, so that the security of the transmission of the original data and the return result can be improved.
In some embodiments, encrypting the original symmetric encryption key in an asymmetric encryption manner to obtain a first key includes:
the original symmetric encryption key is encrypted through an RSA algorithm to obtain a first key.
Among them, the RSA algorithm is an asymmetric encryption cryptographic algorithm widely used in various fields, and involves generating a public key for encryption and a private key for decryption.
It can be understood that, based on the RSA algorithm, the original symmetric encryption key is encrypted by the public key to obtain the first key, the first key can be decrypted by the private key, the public key is public, and the private key is secret, and since the public key and the private key are used separately, it is difficult for an attacker to derive the private key from the public key, so that the security of the original symmetric encryption key can be improved.
Fig. 2 is a second flowchart of a data hybrid encryption transmission method according to an embodiment of the present invention. As shown in fig. 2, a data hybrid encryption transmission method is provided, which is applied to a data processing end, and includes the following steps: step 210, step 220, step 230, step 240, step 250 and step 260. The method flow steps are only one possible implementation of the invention.
Step 210, receiving the encrypted data sent by the data sending end and encrypted by the original symmetric encryption key, and encrypting the original symmetric encryption key to obtain a first key according to an asymmetric encryption mode.
Step 220, decrypting the first key to obtain the original symmetric encryption key.
In some embodiments, decrypting the first key results in an original symmetric encryption key, including:
and decrypting the first key through an RSA algorithm to obtain an original symmetric encryption key.
It can be understood that the public key and the private key are generated based on the RSA algorithm, and the first key is decrypted through the private key, so that an original symmetric encryption key with high safety and reliability can be obtained, further the same original symmetric encryption key can be utilized to decrypt encrypted data, a return result is encrypted, and the overall efficiency of data encryption transmission can be improved.
And 230, decrypting the encrypted data by using the original symmetric encryption key to obtain the original data.
In some embodiments, decrypting the encrypted data using the original symmetric encryption key to obtain the original data includes:
and performing AES decryption on the encrypted data by using the original symmetric encryption key to obtain the original data.
It will be appreciated that by AES decrypting the encrypted data using the original symmetric encryption key, the original data can be obtained, facilitating subsequent business processing.
And 240, performing service processing on the original data to generate a return result.
Optionally, in a payment scenario, the business process may be a payment process, which refers to the entire flow from order generation to funds settlement, including at least one of: order management, payment interface call, payment result notification, fund risk management, settlement and the like; the purpose of business processing is to ensure the security and timeliness of transactions, and simultaneously improve the payment efficiency and user experience.
Optionally, in the payment scenario, the returned result refers to payment result information returned to the merchant system by the payment system after the payment request is processed, where the returned result generally includes information such as whether payment is successful, payment amount, payment time, payment order number, and the like.
It can be understood that the generation of the return result is one of the core functions of the data processing end, and the accuracy and timeliness of the return result relate to the security of service processing and the service processing efficiency.
And 250, encrypting the return result by using the original symmetric encryption key to obtain an encrypted return result.
Alternatively, the return result may be encrypted by an AES algorithm using the original symmetric encryption key to obtain an encrypted return result.
It can be understood that the return result is encrypted by using the original symmetric encryption key to obtain the encrypted return result, and the key for encrypting the return result is not required to be regenerated, so that the encryption efficiency of the return result is improved, and the safety of the return result can be ensured.
Step 260, sending the encryption return result to the data sending end.
It can be understood that by sending the encrypted return result to the data sending end, the data sending end can efficiently decrypt the encrypted return result according to the known original symmetric encryption key to obtain the return result.
In the embodiment of the invention, the encrypted data which is transmitted by the data transmitting end and is encrypted by the original symmetric encryption key and the first key which is obtained by encrypting the original symmetric encryption key in an asymmetric encryption mode are received; decrypting the first key to obtain an original symmetric encryption key; decrypting the encrypted data by using the original symmetric encryption key to obtain original data; carrying out service processing on the original data to generate a return result; encrypting the returned result by using the original symmetric encryption key to obtain an encrypted returned result; and the encryption return result is sent to the data sending end, so that the mixed encryption data can be decrypted conveniently, the return result is encrypted, and the transmission safety of the return result is improved.
Fig. 3 is an overall flow chart of a data hybrid encryption transmission method provided by an embodiment of the present invention, as shown in fig. 3, there is provided a data hybrid encryption transmission method applied to a data hybrid encryption transmission system, where the data hybrid encryption transmission system includes a data transmitting end and a data processing end, and the method includes the following steps:
step 301, a data processing end queries an RSA public-private key pair to obtain a public key A and a private key B corresponding to the public key A;
step 302, the data transmitting end acquires a public key A;
step 303, the data transmitting end generates a string of random 16-bit character strings as a key C of AES;
step 304, the data transmitting end encrypts the key C through the public key A by using an RSA algorithm to obtain an encrypted key D;
step 305, the data transmitting end uses the key C to carry out AES encryption on the original data to obtain encrypted data;
step 306, the data transmitting end transmits the encrypted data and the secret key D to the data processing end;
step 307, the data processing end uses the private key B to perform RSA decryption on the key D to obtain a key C;
step 308, the data processing end decrypts the encrypted data by using the key C to obtain the original data;
309, the data processing end uses the original data to process the service and generate a return result;
Step 310, the data processing end uses the key C to carry out AES encryption on the returned result to obtain an encrypted returned result R;
step 311, the data processing end sends the encryption return result R to the data sending end;
step 312, the data transmitting end decrypts the encrypted return result R through the key C to obtain a return result.
Different users have different public and private key pairs, and the public key and the private key of the user can be obtained by inquiring based on the user information.
In the embodiment of the invention, a public key A and a private key B corresponding to the public key A are obtained through inquiry of a data processing end; the data transmitting end obtains a public key A, generates an AES key C, performs RSA encryption on the key C through the public key A to obtain an encrypted key D, performs AES encryption on original data through the key C to obtain encrypted data, and transmits the encrypted data and the key D to the data processing end; the data processing end uses the private key B to carry out RSA decryption on the key D to obtain a key C, uses the key C to decrypt the encrypted data to obtain original data, uses the original data to carry out service processing to generate a return result, uses the key C to carry out AES encryption on the return result to obtain an encryption return result R, and sends the encryption return result R to the data sending end; the data transmitting end decrypts the encrypted return result R through the secret key C to obtain a return result, so that the transmission safety of the original data and the return result is improved, the leakage of sensitive information can be effectively prevented, and the service processing efficiency is improved.
The data hybrid encryption transmission device provided by the embodiment of the invention is described below, and the data hybrid encryption transmission device described below and the data hybrid encryption transmission method described above can be referred to correspondingly.
Fig. 4 is a schematic structural diagram of a data hybrid encryption transmission device according to the present invention, as shown in fig. 4, the device 400 is applied to a data transmitting end, and includes:
a first sending unit 410, configured to send, to a data processing end, encrypted data encrypted by an original symmetric encryption key and a first key obtained by encrypting the original symmetric encryption key in an asymmetric encryption manner;
the first receiving unit 420 is configured to receive an encryption return result sent by the data processing end, where the encryption return result is obtained by decrypting a first key by the data processing end, obtaining the original symmetric encryption key, decrypting the encrypted data by using the original symmetric encryption key, obtaining the original data, performing service processing on the original data, obtaining a return result, and encrypting the return result by using the original symmetric encryption key;
the first decryption unit 430 is configured to decrypt the encrypted return result by using the original symmetric encryption key, to obtain the return result.
Optionally, the method further comprises:
a generation unit for generating an original symmetric encryption key;
the first encryption unit is used for encrypting the original data by using the original symmetric encryption key to obtain encrypted data;
and the second encryption unit is used for encrypting the original symmetric encryption key in an asymmetric encryption mode to obtain the first key.
Optionally, generating the original symmetric encryption key includes:
the original symmetric encryption key is generated by the AES algorithm.
Optionally, encrypting the original symmetric encryption key in an asymmetric encryption manner to obtain a first key, including:
the original symmetric encryption key is encrypted through an RSA algorithm to obtain a first key.
It should be noted that, the data hybrid encryption transmission device provided in the embodiment of the present invention is applied to the data transmitting end, and can implement all the method steps implemented in the data hybrid encryption transmission method embodiment applied to the data transmitting end, and can achieve the same technical effects, and detailed descriptions of the same parts and beneficial effects as those of the method embodiment in the embodiment are omitted herein.
Fig. 5 is a second schematic structural diagram of a data hybrid encryption transmission device according to the present invention, as shown in fig. 5, the device 500 is applied to a data processing end, and includes:
A second receiving unit 510, configured to receive encrypted data sent by the data sending end and encrypted by the original symmetric encryption key, and a first key obtained by encrypting the original symmetric encryption key in an asymmetric encryption manner;
a second decryption unit 520, configured to decrypt the first key to obtain an original symmetric encryption key;
a third decryption unit 530, configured to decrypt the encrypted data by using the original symmetric encryption key, to obtain original data;
a service processing unit 540, configured to perform service processing on the original data, and generate a return result;
a third encrypting unit 550, configured to encrypt the return result with the original symmetric encryption key, to obtain an encrypted return result;
and a second sending unit 560, configured to send the encryption return result to the data sending end.
Optionally, decrypting the first key to obtain an original symmetric encryption key includes:
and decrypting the first key through an RSA algorithm to obtain an original symmetric encryption key.
Optionally, decrypting the encrypted data using the original symmetric encryption key to obtain the original data, including:
and performing AES decryption on the encrypted data by using the original symmetric encryption key to obtain the original data.
It should be noted that, the data hybrid encryption transmission device provided in the embodiment of the present invention is applied to a data processing end, and can implement all the method steps implemented in the data hybrid encryption transmission method embodiment applied to the data processing end, and can achieve the same technical effects, and detailed descriptions of the same parts and beneficial effects as those of the method embodiment in the embodiment are omitted herein.
Fig. 6 illustrates a physical schematic diagram of an electronic device, as shown in fig. 6, which may include: processor 610, communication interface (Communications Interface) 620, memory 830, and communication bus 640, wherein processor 610, communication interface 620, and memory 630 communicate with each other via communication bus 640. The processor 610 may call logic instructions in the memory 630 to execute the data hybrid encryption transmission method applied to the data transmitting end or the data hybrid encryption transmission method applied to the data processing end provided by the above methods. The data mixed encryption transmission method applied to the data transmitting end comprises the following steps: sending encrypted data encrypted by an original symmetric encryption key to a data processing end, and encrypting the original symmetric encryption key in an asymmetric encryption mode to obtain a first key; receiving an encryption return result sent by a data processing end, wherein the encryption return result is obtained by decrypting a first key by the data processing end to obtain an original symmetric encryption key, decrypting encrypted data by using the original symmetric encryption key to obtain original data, performing service processing on the original data to obtain a return result, and encrypting the return result by using the original symmetric encryption key; and decrypting the encrypted return result through the original symmetric encryption key to obtain the return result. The data mixed encryption transmission method applied to the data processing end comprises the following steps: receiving encrypted data which is transmitted by a data transmitting end and is encrypted by an original symmetric encryption key, and encrypting the original symmetric encryption key in an asymmetric encryption mode to obtain a first key; decrypting the first key to obtain an original symmetric encryption key; decrypting the encrypted data by using the original symmetric encryption key to obtain original data; carrying out service processing on the original data to generate a return result; encrypting the returned result by using the original symmetric encryption key to obtain an encrypted returned result; and sending an encryption return result to the data sending end.
Further, the logic instructions in the memory 630 may be implemented in the form of software functional units and stored in a computer-readable storage medium when sold or used as a stand-alone product. Based on this understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
In another aspect, the present invention further provides a computer program product, where the computer program product includes a computer program, where the computer program can be stored on a non-transitory computer readable storage medium, and when the computer program is executed by a processor, the computer can execute the data hybrid encryption transmission method applied to the data transmitting end or the data hybrid encryption transmission method applied to the data processing end provided by the above methods. The data mixed encryption transmission method applied to the data transmitting end comprises the following steps: sending encrypted data encrypted by an original symmetric encryption key to a data processing end, and encrypting the original symmetric encryption key in an asymmetric encryption mode to obtain a first key; receiving an encryption return result sent by a data processing end, wherein the encryption return result is obtained by decrypting a first key by the data processing end to obtain an original symmetric encryption key, decrypting encrypted data by using the original symmetric encryption key to obtain original data, performing service processing on the original data to obtain a return result, and encrypting the return result by using the original symmetric encryption key; and decrypting the encrypted return result through the original symmetric encryption key to obtain the return result. The data mixed encryption transmission method applied to the data processing end comprises the following steps: receiving encrypted data which is transmitted by a data transmitting end and is encrypted by an original symmetric encryption key, and encrypting the original symmetric encryption key in an asymmetric encryption mode to obtain a first key; decrypting the first key to obtain an original symmetric encryption key; decrypting the encrypted data by using the original symmetric encryption key to obtain original data; carrying out service processing on the original data to generate a return result; encrypting the returned result by using the original symmetric encryption key to obtain an encrypted returned result; and sending an encryption return result to the data sending end.
In still another aspect, the present invention further provides a non-transitory computer readable storage medium, on which a computer program is stored, which when executed by a processor, is implemented to perform the data hybrid encryption transmission method provided by the above methods and applied to a data transmitting end, or the data hybrid encryption transmission method applied to a data processing end. The data mixed encryption transmission method applied to the data transmitting end comprises the following steps: sending encrypted data encrypted by an original symmetric encryption key to a data processing end, and encrypting the original symmetric encryption key in an asymmetric encryption mode to obtain a first key; receiving an encryption return result sent by a data processing end, wherein the encryption return result is obtained by decrypting a first key by the data processing end to obtain an original symmetric encryption key, decrypting encrypted data by using the original symmetric encryption key to obtain original data, performing service processing on the original data to obtain a return result, and encrypting the return result by using the original symmetric encryption key; and decrypting the encrypted return result through the original symmetric encryption key to obtain the return result. The data mixed encryption transmission method applied to the data processing end comprises the following steps: receiving encrypted data which is transmitted by a data transmitting end and is encrypted by an original symmetric encryption key, and encrypting the original symmetric encryption key in an asymmetric encryption mode to obtain a first key; decrypting the first key to obtain an original symmetric encryption key; decrypting the encrypted data by using the original symmetric encryption key to obtain original data; carrying out service processing on the original data to generate a return result; encrypting the returned result by using the original symmetric encryption key to obtain an encrypted returned result; and sending an encryption return result to the data sending end.
The apparatus embodiments described above are merely illustrative, wherein the elements illustrated as separate elements may or may not be physically separate, and the elements shown as elements may or may not be physical elements, may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. Those of ordinary skill in the art will understand and implement the present invention without undue burden.
From the above description of the embodiments, it will be apparent to those skilled in the art that the embodiments may be implemented by means of software plus necessary general hardware platforms, or of course may be implemented by means of hardware. Based on this understanding, the foregoing technical solution may be embodied essentially or in a part contributing to the prior art in the form of a software product, which may be stored in a computer readable storage medium, such as ROM/RAM, a magnetic disk, an optical disk, etc., including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method described in the respective embodiments or some parts of the embodiments.
Finally, it should be noted that: the above embodiments are only for illustrating the technical solution of the present invention, and are not limiting; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present invention.

Claims (10)

1. The data mixed encryption transmission method is characterized by being applied to a data transmitting end and comprising the following steps of:
sending encrypted data encrypted by an original symmetric encryption key to a data processing end, and encrypting the original symmetric encryption key to obtain a first key in an asymmetric encryption mode;
receiving an encryption return result sent by the data processing end, wherein the encryption return result is obtained by decrypting a first key by the data processing end, obtaining an original symmetric encryption key, decrypting the encrypted data by using the original symmetric encryption key, obtaining the original data, performing service processing on the original data, obtaining a return result, and encrypting the return result by using the original symmetric encryption key;
And decrypting the encrypted return result through the original symmetric encryption key to obtain the return result.
2. The data hybrid encryption transmission method of claim 1, further comprising:
generating an original symmetric encryption key;
encrypting the original data by using the original symmetric encryption key to obtain the encrypted data;
encrypting the original symmetric encryption key according to an asymmetric encryption mode to obtain the first key.
3. The data hybrid encryption transmission method of claim 2, wherein the generating the original symmetric encryption key comprises:
the original symmetric encryption key is generated by the advanced encryption standard AES algorithm.
4. The method for data hybrid encryption transmission according to claim 2, wherein encrypting the original symmetric encryption key in an asymmetric encryption manner to obtain the first key comprises:
and encrypting the original symmetric encryption key through an RSA algorithm to obtain the first key.
5. The data mixed encryption transmission method is characterized by being applied to a data processing end and comprising the following steps of:
receiving encrypted data which is transmitted by a data transmitting end and is encrypted by an original symmetric encryption key, and a first key which is obtained by encrypting the original symmetric encryption key in an asymmetric encryption mode;
Decrypting the first key to obtain an original symmetric encryption key;
decrypting the encrypted data by using the original symmetric encryption key to obtain original data;
performing service processing on the original data to generate a return result;
encrypting the return result by using the original symmetric encryption key to obtain an encrypted return result;
and sending the encryption return result to the data sending end.
6. The method for hybrid encryption transmission of data according to claim 5, wherein decrypting the first key to obtain the original symmetric encryption key comprises:
and decrypting the first key through an RSA algorithm to obtain an original symmetric encryption key.
7. The method for hybrid encryption transmission of data according to claim 6, wherein decrypting the encrypted data using the original symmetric encryption key to obtain the original data comprises:
and performing AES decryption on the encrypted data by using the original symmetric encryption key to obtain original data.
8. A data hybrid encryption transmission device, which is applied to a data transmitting end, comprising:
the first sending unit is used for sending the encrypted data encrypted by the original symmetric encryption key and a first key obtained by encrypting the original symmetric encryption key in an asymmetric encryption mode to the data processing end;
The first receiving unit is used for receiving an encryption return result sent by the data processing end, wherein the encryption return result is obtained by decrypting a first key by the data processing end, obtaining the original symmetric encryption key, decrypting the encrypted data by using the original symmetric encryption key, obtaining the original data, carrying out service processing on the original data, obtaining a return result, and encrypting the return result by using the original symmetric encryption key;
and the first decryption unit is used for decrypting the encryption return result through the original symmetric encryption key to obtain the return result.
9. A data hybrid encryption transmission device, which is applied to a data processing end, and comprises:
the second receiving unit is used for receiving the encrypted data which is transmitted by the data transmitting end and is encrypted by the original symmetric encryption key and a first key which is obtained by encrypting the original symmetric encryption key in an asymmetric encryption mode;
the second decryption unit is used for decrypting the first key to obtain an original symmetric encryption key;
the third decryption unit is used for decrypting the encrypted data by using the original symmetric encryption key to obtain original data;
The service processing unit is used for carrying out service processing on the original data and generating a return result;
the third encryption unit is used for encrypting the return result by using the original symmetric encryption key to obtain an encrypted return result;
and the second sending unit is used for sending the encryption return result to the data sending end.
10. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the data hybrid encryption transmission method according to any one of claims 1 to 4 or the data hybrid encryption transmission method according to any one of claims 5 to 7 when executing the program.
CN202310568917.0A 2023-05-19 2023-05-19 Data hybrid encryption transmission method and device and electronic equipment Pending CN116707778A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310568917.0A CN116707778A (en) 2023-05-19 2023-05-19 Data hybrid encryption transmission method and device and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310568917.0A CN116707778A (en) 2023-05-19 2023-05-19 Data hybrid encryption transmission method and device and electronic equipment

Publications (1)

Publication Number Publication Date
CN116707778A true CN116707778A (en) 2023-09-05

Family

ID=87844238

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310568917.0A Pending CN116707778A (en) 2023-05-19 2023-05-19 Data hybrid encryption transmission method and device and electronic equipment

Country Status (1)

Country Link
CN (1) CN116707778A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116980237A (en) * 2023-09-25 2023-10-31 北京智城联合科技发展有限公司 Urban safety informatization data acquisition method

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116980237A (en) * 2023-09-25 2023-10-31 北京智城联合科技发展有限公司 Urban safety informatization data acquisition method
CN116980237B (en) * 2023-09-25 2024-01-02 北京智城联合科技发展有限公司 Urban safety informatization data acquisition method

Similar Documents

Publication Publication Date Title
US8499156B2 (en) Method for implementing encryption and transmission of information and system thereof
CN103701812A (en) TMK (Terminal Master Key) secure downloading method and system
CN112702318A (en) Communication encryption method, decryption method, client and server
CN109800588B (en) Dynamic bar code encryption method and device and dynamic bar code decryption method and device
CN108632296B (en) Dynamic encryption and decryption method for network communication
CN113806772A (en) Information encryption transmission method and device based on block chain
CN111431713A (en) Private key storage method and device and related equipment
CN112804205A (en) Data encryption method and device and data decryption method and device
CN105307165A (en) Communication method based on mobile application, server and client
CN106506479B (en) Method, system and the client of cipher authentication, server and smart machine
CN109005184A (en) File encrypting method and device, storage medium, terminal
CN112564906A (en) Block chain-based data security interaction method and system
CN113452687B (en) Method and system for encrypting sent mail based on quantum security key
CN113507372A (en) Bidirectional authentication method for interface request
CN113630238A (en) User request permission method and device based on password confusion
CN115276978A (en) Data processing method and related device
CN116707778A (en) Data hybrid encryption transmission method and device and electronic equipment
CN116866029B (en) Random number encryption data transmission method, device, computer equipment and storage medium
CN117914483A (en) Secure communication method, apparatus, device and medium
CN111368271A (en) Method and system for realizing password management based on multiple encryption
EP4283549A1 (en) Payment service implementation method and device
CN113411347B (en) Transaction message processing method and processing device
CN109936448A (en) A kind of data transmission method and device
CN115204876A (en) Quantum security U shield equipment and method for mobile payment
CN113438074B (en) Decryption method of received mail based on quantum security key

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination