CN116846650A - Data transmission method for improving network security operation - Google Patents
Data transmission method for improving network security operation Download PDFInfo
- Publication number
- CN116846650A CN116846650A CN202310840079.8A CN202310840079A CN116846650A CN 116846650 A CN116846650 A CN 116846650A CN 202310840079 A CN202310840079 A CN 202310840079A CN 116846650 A CN116846650 A CN 116846650A
- Authority
- CN
- China
- Prior art keywords
- encryption
- transmitted
- encryption algorithm
- data transmission
- data stream
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000005540 biological transmission Effects 0.000 title claims abstract description 55
- 238000000034 method Methods 0.000 title claims abstract description 23
- 238000004891 communication Methods 0.000 claims abstract description 10
- 238000012795 verification Methods 0.000 claims description 18
- 238000004364 calculation method Methods 0.000 claims description 2
- 230000007547 defect Effects 0.000 abstract description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 208000027418 Wounds and injury Diseases 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 208000014674 injury Diseases 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0478—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention relates to data transmission, in particular to a data transmission method for improving network security operation, which responds to a data transmission request to acquire a data stream to be transmitted; according to the information acquisition time and the data type of the data stream to be transmitted, matching a first encryption algorithm; generating a first encrypted ciphertext corresponding to the data stream to be transmitted based on a first encryption algorithm; generating index information based on state information when a data transmission request is received, and acquiring an encryption key from a preset key book according to the index information; encrypting the first encrypted ciphertext based on the encryption key to obtain a second encrypted ciphertext, and transmitting the second encrypted ciphertext by using the communication link; the technical scheme provided by the invention can effectively overcome the defect of poor data transmission safety and reliability in the prior art.
Description
Technical Field
The invention relates to data transmission, in particular to a data transmission method for improving network security operation.
Background
Information transmission is carried out in the network, so that the information transmission efficiency can be improved, and the effectiveness of information transmission is improved. The content involved in network data transmission is very extensive, and personal privacy data, such as identity information, account information, etc., and decision information, business confidentiality, etc., are often involved in enterprises.
At present, various attack means for network transmission interception information increase threat to a data transmission system, and once data information is maliciously intercepted, private data leakage can be caused, so that serious injury is caused to individuals and enterprises. In addition, for cross-system or cross-platform data transmission, the data is easy to be checked by unauthorized users, so that the data is leaked, and even the data is acquired and benefited by lawbreakers.
Disclosure of Invention
(one) solving the technical problems
Aiming at the defects existing in the prior art, the invention provides a data transmission method for improving the network security operation, which can effectively overcome the defects of poor data transmission security and reliability existing in the prior art.
(II) technical scheme
In order to achieve the above purpose, the invention is realized by the following technical scheme:
a data transmission method for improving network security operation comprises the following steps:
s1, responding to a data transmission request, and acquiring a data stream to be transmitted;
s2, according to the information acquisition time and the data type of the data stream to be transmitted, matching a first encryption algorithm;
s3, generating a first encrypted ciphertext corresponding to the data stream to be transmitted based on a first encryption algorithm;
s4, generating index information based on state information when a data transmission request is received, and acquiring an encryption key from a preset key book according to the index information;
s5, encrypting the first encrypted ciphertext based on the encryption key to obtain a second encrypted ciphertext, and transmitting the second encrypted ciphertext by using the communication link.
Preferably, in S2, according to the information acquisition time and the data type of the data stream to be transmitted, the matching of the first encryption algorithm includes:
generating a plurality of random numbers according to the information acquisition time of the data stream to be transmitted, and determining whether the serial numbers of the random numbers and the encryption algorithms in the encryption algorithm set meet preset conditions or not;
and forming a sequence group by utilizing the serial numbers of the encryption algorithms meeting the preset conditions, and determining a first encryption algorithm according to the sequence group and the data type.
Preferably, the determining whether the random numbers and the serial numbers of the encryption algorithms in the encryption algorithm set meet the preset conditions includes:
judging whether the number of random numbers matched with all numbers in a number pool corresponding to the serial numbers of the encryption algorithms is larger than a set threshold value or not;
if the number of the random numbers is larger than the set threshold, the sequence number of the encryption algorithm meets the preset condition, otherwise, the sequence number of the encryption algorithm does not meet the preset condition.
Preferably, the determining the first encryption algorithm according to the sequence group and the data type includes:
according to the data type of the data stream to be transmitted, a plurality of matched intermediate encryption algorithms are obtained from an encryption algorithm table;
and taking the encryption algorithm matched with the intermediate encryption algorithm in the encryption algorithm corresponding to the sequence group as a first encryption algorithm.
Preferably, in S3, based on a first encryption algorithm, generating a first encrypted ciphertext corresponding to a data stream to be transmitted includes:
determining a corresponding verification code list according to the information acquisition time of the data stream to be transmitted;
determining a corresponding ciphertext verification code in the verification code list according to a first encryption algorithm;
encrypting the data stream to be transmitted by using a first encryption algorithm to generate an intermediate encryption ciphertext, and splicing the ciphertext verification code into the intermediate encryption ciphertext to generate a first encryption ciphertext corresponding to the data stream to be transmitted;
wherein the verification code in the verification code list corresponds to each encryption algorithm in the encryption algorithm set.
Preferably, generating index information based on the state information at the time of receiving the data transmission request in S4 includes:
dividing the time increment by the number of encryption keys in the key book, and rounding the result to obtain index information;
or converting the time increment into a hash value by utilizing a hash function, dividing the hash value by the number of encryption keys in the key book, and rounding the result to be used as index information.
Preferably, generating index information based on the state information at the time of receiving the data transmission request in S4 includes:
dividing the number of the messages correspondingly acquired when the data stream to be transmitted is acquired by the number of the encryption keys in the key book, and rounding the result to be used as index information;
or converting the number of the messages correspondingly acquired when the data stream to be transmitted is acquired into a hash value by utilizing a hash function, dividing the hash value by the number of the encryption keys in the key book, and rounding the result to be used as index information.
Preferably, the state information when the data transmission request is received includes a time increment and the number of the acquired messages when the data stream to be transmitted is acquired;
the calculation process of the time increment comprises the following steps:
in response to receiving a time synchronization request including a standard increment, the standard increment is used as a reference for the time increment, and the time increment is calculated in real time on the basis of the standard increment.
Preferably, transmitting the second encrypted ciphertext using the communication link in S5 includes:
counting the total number of the transmitted messages at preset time intervals, generating message number synchronization information based on the total number of the transmitted messages, and transmitting the message number synchronization information and the corresponding total message count time together through a communication link.
(III) beneficial effects
Compared with the prior art, the data transmission method for improving the network security operation has the following beneficial effects:
1) Responding to a data transmission request, acquiring a data stream to be transmitted, matching a first encryption algorithm according to the information acquisition time and the data type of the data stream to be transmitted, generating a first encryption ciphertext corresponding to the data stream to be transmitted based on the first encryption algorithm, and realizing random matching of the first encryption algorithm based on the information acquisition time and the data type of the data stream to be transmitted, so that the adopted encryption algorithm has stronger randomness, and the safety and the reliability of data transmission are fully ensured;
2) Generating index information based on state information when a data transmission request is received, acquiring an encryption key from a preset key book according to the index information, encrypting the first encryption ciphertext based on the encryption key to obtain a second encryption ciphertext, and randomly selecting the encryption key by utilizing the state information when the data transmission request is received, so that the adopted encryption key has stronger randomness, and the safety and reliability of data transmission are further ensured.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below. It is evident that the drawings in the following description are only some embodiments of the present invention and that other drawings may be obtained from these drawings without inventive effort for a person of ordinary skill in the art.
FIG. 1 is a schematic flow chart of the present invention;
fig. 2 is a schematic flow chart of generating a first encrypted ciphertext corresponding to a data stream to be transmitted in the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention more clear, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention. It will be apparent that the described embodiments are some, but not all, embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
As shown in fig. 1 and fig. 2, (1) a data transmission method for improving network security operation is disclosed, wherein a data stream to be transmitted is acquired in response to a data transmission request.
(2) According to the information acquisition time and the data type of the data stream to be transmitted, a first encryption algorithm is matched, and the method specifically comprises the following steps:
generating a plurality of random numbers according to the information acquisition time of the data stream to be transmitted, and determining whether the serial numbers of the random numbers and the encryption algorithms in the encryption algorithm set meet preset conditions or not;
and forming a sequence group by utilizing the serial numbers of the encryption algorithms meeting the preset conditions, and determining a first encryption algorithm according to the sequence group and the data type.
1) Determining whether the sequence numbers of the random numbers and the encryption algorithms in the encryption algorithm set meet preset conditions comprises the following steps:
judging whether the number of random numbers matched with all numbers in a number pool corresponding to the serial numbers of the encryption algorithms is larger than a set threshold value or not;
if the number of the random numbers is larger than the set threshold, the sequence number of the encryption algorithm meets the preset condition, otherwise, the sequence number of the encryption algorithm does not meet the preset condition.
2) Determining a first encryption algorithm according to the sequence group and the data type, including:
according to the data type of the data stream to be transmitted, a plurality of matched intermediate encryption algorithms are obtained from an encryption algorithm table;
and taking the encryption algorithm matched with the intermediate encryption algorithm in the encryption algorithm corresponding to the sequence group as a first encryption algorithm.
(3) Based on a first encryption algorithm, generating a first encrypted ciphertext corresponding to a data stream to be transmitted, which specifically comprises:
determining a corresponding verification code list according to the information acquisition time of the data stream to be transmitted;
determining a corresponding ciphertext verification code in the verification code list according to a first encryption algorithm;
encrypting the data stream to be transmitted by using a first encryption algorithm to generate an intermediate encryption ciphertext, and splicing the ciphertext verification code into the intermediate encryption ciphertext to generate a first encryption ciphertext corresponding to the data stream to be transmitted;
wherein the verification code in the verification code list corresponds to each encryption algorithm in the encryption algorithm set. According to the technical scheme, the data stream to be transmitted is acquired in response to the data transmission request, the first encryption algorithm is matched according to the information acquisition time and the data type of the data stream to be transmitted, the first encryption ciphertext corresponding to the data stream to be transmitted is generated based on the first encryption algorithm, and the random matching of the first encryption algorithm is realized based on the information acquisition time and the data type of the data stream to be transmitted, so that the adopted encryption algorithm has strong randomness, and the safety and the reliability of data transmission are fully ensured.
As shown in fig. 1, (4) index information is generated based on state information when a data transmission request is received, and an encryption key is acquired from a preset key book according to the index information.
1) The state information when the data transmission request is received comprises time increment and the number of the messages correspondingly acquired when the data stream to be transmitted is acquired;
a process for calculating a time increment, comprising:
in response to receiving a time synchronization request including a standard increment, the standard increment is used as a reference for the time increment, and the time increment is calculated in real time on the basis of the standard increment.
2) Generating index information based on the state information at the time of receiving the data transmission request includes:
dividing the time increment by the number of encryption keys in the key book, and rounding the result to obtain index information;
or converting the time increment into a hash value by utilizing a hash function, dividing the hash value by the number of encryption keys in the key book, and rounding the result to be used as index information.
3) Generating index information based on the state information at the time of receiving the data transmission request includes:
dividing the number of the messages correspondingly acquired when the data stream to be transmitted is acquired by the number of the encryption keys in the key book, and rounding the result to be used as index information;
or converting the number of the messages correspondingly acquired when the data stream to be transmitted is acquired into a hash value by utilizing a hash function, dividing the hash value by the number of the encryption keys in the key book, and rounding the result to be used as index information.
(5) And encrypting the first encrypted ciphertext based on the encryption key to obtain a second encrypted ciphertext, and transmitting the second encrypted ciphertext by using the communication link.
Wherein transmitting the second encrypted ciphertext using the communication link comprises:
counting the total number of the transmitted messages at preset time intervals, generating message number synchronization information based on the total number of the transmitted messages, and transmitting the message number synchronization information and the corresponding total message count time together through a communication link.
According to the technical scheme, the index information is generated based on the state information when the data transmission request is received, the encryption key is obtained from the preset key book according to the index information, the first encryption ciphertext is encrypted based on the encryption key to obtain the second encryption ciphertext, and the encryption key is randomly selected by utilizing the state information when the data transmission request is received, so that the adopted encryption key has stronger randomness, and the safety and reliability of data transmission are further ensured.
The above embodiments are only for illustrating the technical solution of the present invention, and are not limiting; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit and scope of the technical solutions of the embodiments of the present invention.
Claims (9)
1. A data transmission method for improving network security operation is characterized in that: the method comprises the following steps:
s1, responding to a data transmission request, and acquiring a data stream to be transmitted;
s2, according to the information acquisition time and the data type of the data stream to be transmitted, matching a first encryption algorithm;
s3, generating a first encrypted ciphertext corresponding to the data stream to be transmitted based on a first encryption algorithm;
s4, generating index information based on state information when a data transmission request is received, and acquiring an encryption key from a preset key book according to the index information;
s5, encrypting the first encrypted ciphertext based on the encryption key to obtain a second encrypted ciphertext, and transmitting the second encrypted ciphertext by using the communication link.
2. The data transmission method for improving network security operation according to claim 1, wherein: s2, according to the information acquisition time and the data type of the data stream to be transmitted, matching a first encryption algorithm, wherein the method comprises the following steps:
generating a plurality of random numbers according to the information acquisition time of the data stream to be transmitted, and determining whether the serial numbers of the random numbers and the encryption algorithms in the encryption algorithm set meet preset conditions or not;
and forming a sequence group by utilizing the serial numbers of the encryption algorithms meeting the preset conditions, and determining a first encryption algorithm according to the sequence group and the data type.
3. The data transmission method for improving network security operation according to claim 2, wherein: the determining whether the random numbers and the serial numbers of the encryption algorithms in the encryption algorithm set meet the preset conditions comprises the following steps:
judging whether the number of random numbers matched with all numbers in a number pool corresponding to the serial numbers of the encryption algorithms is larger than a set threshold value or not;
if the number of the random numbers is larger than the set threshold, the sequence number of the encryption algorithm meets the preset condition, otherwise, the sequence number of the encryption algorithm does not meet the preset condition.
4. The data transmission method for improving network security operation according to claim 2, wherein: the determining a first encryption algorithm according to the sequence group and the data type comprises the following steps:
according to the data type of the data stream to be transmitted, a plurality of matched intermediate encryption algorithms are obtained from an encryption algorithm table;
and taking the encryption algorithm matched with the intermediate encryption algorithm in the encryption algorithm corresponding to the sequence group as a first encryption algorithm.
5. The data transmission method for improving network security operation according to claim 2, wherein: in S3, based on a first encryption algorithm, a first encrypted ciphertext corresponding to the data stream to be transmitted is generated, including:
determining a corresponding verification code list according to the information acquisition time of the data stream to be transmitted;
determining a corresponding ciphertext verification code in the verification code list according to a first encryption algorithm;
encrypting the data stream to be transmitted by using a first encryption algorithm to generate an intermediate encryption ciphertext, and splicing the ciphertext verification code into the intermediate encryption ciphertext to generate a first encryption ciphertext corresponding to the data stream to be transmitted;
wherein the verification code in the verification code list corresponds to each encryption algorithm in the encryption algorithm set.
6. The data transmission method for improving network security operation according to claim 1, wherein: and S4, generating index information based on the state information when the data transmission request is received, wherein the index information comprises the following steps:
dividing the time increment by the number of encryption keys in the key book, and rounding the result to obtain index information;
or converting the time increment into a hash value by utilizing a hash function, dividing the hash value by the number of encryption keys in the key book, and rounding the result to be used as index information.
7. The data transmission method for improving network security operation according to claim 1, wherein: and S4, generating index information based on the state information when the data transmission request is received, wherein the index information comprises the following steps:
dividing the number of the messages correspondingly acquired when the data stream to be transmitted is acquired by the number of the encryption keys in the key book, and rounding the result to be used as index information;
or converting the number of the messages correspondingly acquired when the data stream to be transmitted is acquired into a hash value by utilizing a hash function, dividing the hash value by the number of the encryption keys in the key book, and rounding the result to be used as index information.
8. The data transmission method for improving network security according to claim 6 or 7, wherein: the state information when the data transmission request is received comprises time increment and the number of the messages correspondingly acquired when the data stream to be transmitted is acquired;
the calculation process of the time increment comprises the following steps:
in response to receiving a time synchronization request including a standard increment, the standard increment is used as a reference for the time increment, and the time increment is calculated in real time on the basis of the standard increment.
9. The data transmission method for improving network security operation according to claim 1, wherein: transmitting the second encrypted ciphertext using the communication link in S5, comprising:
counting the total number of the transmitted messages at preset time intervals, generating message number synchronization information based on the total number of the transmitted messages, and transmitting the message number synchronization information and the corresponding total message count time together through a communication link.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310840079.8A CN116846650A (en) | 2023-07-10 | 2023-07-10 | Data transmission method for improving network security operation |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310840079.8A CN116846650A (en) | 2023-07-10 | 2023-07-10 | Data transmission method for improving network security operation |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116846650A true CN116846650A (en) | 2023-10-03 |
Family
ID=88172334
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310840079.8A Pending CN116846650A (en) | 2023-07-10 | 2023-07-10 | Data transmission method for improving network security operation |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116846650A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117240627A (en) * | 2023-11-15 | 2023-12-15 | 深圳市吉方工控有限公司 | Network data information secure transmission method and system |
-
2023
- 2023-07-10 CN CN202310840079.8A patent/CN116846650A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117240627A (en) * | 2023-11-15 | 2023-12-15 | 深圳市吉方工控有限公司 | Network data information secure transmission method and system |
| CN117240627B (en) * | 2023-11-15 | 2024-03-26 | 深圳市吉方工控有限公司 | Network data information secure transmission method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104023013B (en) | Data transmission method, server side and client | |
| Frkat et al. | Chainchannels: Private botnet communication over public blockchains | |
| WO2021109756A1 (en) | Proxy anonymous communication method based on homomorphic encryption scheme | |
| Guttman et al. | The faithfulness of abstract protocol analysis: Message authentication | |
| CN111698084B (en) | Block chain-based concealed communication method | |
| CN111797431B (en) | Encrypted data anomaly detection method and system based on symmetric key system | |
| Zhao et al. | One-time password authentication scheme based on the negative database | |
| CN106330862A (en) | Secure transmission method and system for dynamic password | |
| CN113411328B (en) | Efficient transmission system based on data pre-identification sensitive data | |
| CN107333262A (en) | A kind of system and method based on CN39 code authentication phone numbers | |
| CN116846650A (en) | Data transmission method for improving network security operation | |
| CN103973714A (en) | E-mail account generating method and system | |
| CN106657002A (en) | Novel crash-proof base correlation time multi-password identity authentication method | |
| CN114493593A (en) | Multi-block chain covert communication method | |
| CN110572392A (en) | Identity authentication method based on HyperLegger network | |
| Dowling et al. | Continuous authentication in secure messaging | |
| CN106230840A (en) | A kind of command identifying method of high security | |
| CN104394532A (en) | Anti-brute force safe log-in method for mobile terminal | |
| CN114389903B (en) | Digital identity information encryption and authentication method | |
| CN101299752A (en) | Method for establishing cipher protocol security based on trustful greenness | |
| CN114584407A (en) | System for embedding and extracting multilingual hidden data in online message | |
| CN115277000A (en) | Information transmission method based on menuo currency | |
| CN111800384A (en) | Financial service application management method and device based on block chain | |
| CN111654854A (en) | Remote data optimized transmission method and system based on cloud computing system | |
| CN112069487A (en) | Intelligent equipment network communication safety implementation method based on Internet of things |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |