CN116915393A - Quantum dynamic data encryption method and data decryption method - Google Patents

Quantum dynamic data encryption method and data decryption method Download PDF

Info

Publication number
CN116915393A
CN116915393A CN202310472928.9A CN202310472928A CN116915393A CN 116915393 A CN116915393 A CN 116915393A CN 202310472928 A CN202310472928 A CN 202310472928A CN 116915393 A CN116915393 A CN 116915393A
Authority
CN
China
Prior art keywords
encryption
algorithm
dynamic
data
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310472928.9A
Other languages
Chinese (zh)
Inventor
倪飞
曾祥矿
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Telecom Quantum Technology Co ltd
Original Assignee
China Telecom Quantum Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Telecom Quantum Technology Co ltd filed Critical China Telecom Quantum Technology Co ltd
Priority to CN202310472928.9A priority Critical patent/CN116915393A/en
Publication of CN116915393A publication Critical patent/CN116915393A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0852Quantum cryptography
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • H04L9/16Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms the keys or algorithms being changed during operation

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • Electromagnetism (AREA)
  • Theoretical Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a quantum dynamic data encryption method and a data decryption method, wherein the data encryption method comprises the following steps: encrypting the unique identifier UUID of the encrypted frame by using the security key to obtain a dynamic algorithm identifier; based on the dynamic algorithm identification, carrying out transformation processing on the encryption algorithm base to obtain a specific encryption algorithm corresponding to each encryption operation; performing transformation processing on the key groups in the key pool based on the dynamic algorithm identification to obtain encryption keys corresponding to each encryption operation; and encrypting the data to be encrypted by using a specific encryption algorithm and an encryption key corresponding to each encryption operation to obtain ciphertext information. The invention increases randomness and uncertainty on the basis of the original data and increases the cracking difficulty through the dynamic change of the algorithm and the random dynamic use of the multi-quantum key.

Description

Quantum dynamic data encryption method and data decryption method
Technical Field
The invention relates to the technical field of network security communication, in particular to a quantum dynamic data encryption method and a data decryption method.
Background
With the development of information technology, people need to use a large amount of information data in daily life, and transmit, interact and store the information data through computers and networks. Information assets become one of the most valuable assets, and the user information is stolen to cause great loss of individuals and enterprises, so that encryption and decryption processing is required to be carried out on the information data, and the information security is ensured.
The current information encryption and decryption technology mostly adopts a pre-negotiated encryption algorithm to realize the synchronous realization of encryption and summary algorithms at two ends. However, because the relevance between the encryption object and the encryption algorithm and between the encryption keys are not considered in the way, and the variability of the keys in the encryption and decryption processes, the encryption keys are easy to steal, and potential safety hazards exist.
In the related art, in a data encryption method and device proposed in the patent application document with publication number CN106656496a, after a file to be encrypted is obtained, a corresponding encryption mode is configured for the file to be encrypted, so that a corresponding encryption algorithm is invoked to encrypt the file to be encrypted. According to the on-demand distribution method for the quantum key of the terminal equipment of the Internet of things, which is provided by the patent application document with the publication number of CN113765660A, the on-demand distribution of the quantum key is realized, the dynamic distribution of the key in the scheme is mainly the use of the quantum key, and the key update is performed by an internal method.
Disclosure of Invention
The technical problem to be solved by the invention is how to ensure the security of data.
The invention solves the technical problems by the following technical means:
in a first aspect, the present invention proposes a method for quantum dynamic encryption of data, the method comprising:
encrypting the unique identifier UUID of the encrypted frame by using the security key to obtain a dynamic algorithm identifier;
based on the dynamic algorithm identification, carrying out transformation processing on the encryption algorithm base to obtain a specific encryption algorithm corresponding to each encryption operation;
performing transformation processing on the key groups in the key pool based on the dynamic algorithm identification to obtain encryption keys corresponding to each encryption operation;
and encrypting the data to be encrypted by using a specific encryption algorithm and an encryption key corresponding to each encryption operation to obtain ciphertext information.
Further, the encrypting the unique identifier UUID of the encrypted frame by using the security key to obtain a dynamic algorithm identifier includes:
calculating the security key according to the unique identifier UUID by using the key pool, wherein the key pool is positioned in a security medium;
and encrypting the unique identifier UUID by using the security key to obtain the dynamic algorithm identifier.
Further, the transforming the encryption algorithm base based on the dynamic algorithm identifier to obtain a specific encryption algorithm corresponding to each encryption operation includes:
the byte in the partial byte I identified by the dynamic algorithm and the encryption algorithm base are used for carrying out transformation processing to obtain the type of the encryption algorithm of the current time;
and acquiring the encryption algorithm corresponding to the current encryption operation from the encryption algorithm support table according to the current encryption algorithm type.
Further, the encryption algorithm support table includes encryption algorithms of a symmetric encryption algorithm type and encryption algorithms of an asymmetric encryption algorithm.
Further, each byte in the partial byte one identified by the dynamic algorithm corresponds to a specific encryption algorithm, and the corresponding relation between the encryption algorithm and each byte in the partial byte one is adjustable.
Further, the transforming the key group in the key pool based on the dynamic algorithm identifier to obtain an encryption key corresponding to each encryption operation includes:
and carrying out transformation processing on the key group in the key pool according to the byte in the second part of bytes identified by the dynamic algorithm to obtain the encryption key corresponding to each encryption operation.
Further, when encrypting for different block lengths of the data, the method further comprises:
adjusting bytes in the partial byte I of the dynamic algorithm identifier, and distributing different encryption algorithms for different block encryption of data;
and adjusting bytes in the second part of bytes identified by the dynamic algorithm, and distributing different encryption keys for different block encryption of the data.
Further, the number of times of the encryption operation is pre-designated or obtained by transforming the bytes in the part of bytes III identified by the dynamic algorithm.
Further, the encrypting the data to be encrypted by using a specific encryption algorithm corresponding to each encryption operation to obtain ciphertext information includes:
encrypting the data to be encrypted by utilizing a specific encryption algorithm corresponding to the current encryption operation and combining an encryption key to obtain encrypted data;
carrying out hash operation on the data to be encrypted by utilizing an encryption algorithm to obtain a plaintext hash value;
and sending the encrypted data and the plaintext hash value as the ciphertext information.
In a second aspect, the present invention also proposes a quantum dynamic encryption device, the encryption device comprising:
the first encryption module is used for encrypting the unique identifier UUID of the encrypted frame by utilizing the security key to obtain a dynamic algorithm identifier;
the first dynamic transformation module is used for transforming the encryption algorithm base based on the dynamic algorithm identification to obtain a specific encryption algorithm corresponding to each encryption operation;
the second dynamic transformation module is used for transforming the key groups in the key pool based on the dynamic algorithm identification to obtain the encryption key corresponding to each encryption operation;
the second encryption module is used for encrypting the data to be encrypted by utilizing a specific encryption algorithm and an encryption key corresponding to each encryption operation to obtain ciphertext information.
In a third aspect, the present invention further provides a method for quantum dynamic decryption of data, the method comprising:
receiving unique identification UUID and ciphertext information;
based on the unique identifier UUID, a decryption algorithm and an encryption key corresponding to each decryption operation are obtained;
and decrypting the ciphertext information based on the decryption algorithm and the encryption key.
Further, after decrypting the ciphertext information based on the decryption algorithm and the encryption key, the method further comprises:
carrying out hash operation on plaintext data obtained by decrypting the ciphertext information to obtain a plaintext Wen Haxi value to be verified;
and comparing the value of the plaintext Wen Haxi to be verified with the transmitted value of the plaintext Wen Haxi, and determining the correctness of the decrypted plaintext information.
Further, the method further comprises:
based on the unique identifier UUID, the encryption times and the encryption block length of the ciphertext information are obtained;
and decrypting the ciphertext information by using a decryption algorithm corresponding to the encryption algorithm adopted in each encryption process and matching the encryption times and the encryption block length.
In a fourth aspect, the present invention also proposes a quantum dynamic decryption device, the device comprising:
the receiving module is used for receiving the unique identifier UUID and the ciphertext information;
the decryption information acquisition module is used for acquiring a decryption algorithm and an encryption key corresponding to each decryption operation based on the unique identifier UUID;
and the decryption module is used for decrypting the ciphertext information based on the decryption algorithm and the encryption key.
The invention has the advantages that:
(1) The invention encrypts the unique identifier UUID of the encrypted frame by utilizing the security key based on the dynamic algorithm quantum encryption frame technology to obtain the dynamic algorithm identifier, dynamically transforms the encrypted algorithm and the encrypted key corresponding to each encryption operation based on the dynamic algorithm identifier to encrypt the data to be encrypted, and increases randomness and uncertainty on the basis of the original data and increases the cracking difficulty by the dynamic change of the algorithm and the random dynamic use of the multiple quantum keys; on the premise that the key is not known to correspond to the encrypted data, the existing violent cracking means with enough powerful calculation force can solve the problem that the original corresponding encrypted and decrypted data is insufficient or inaccurate, and the key is difficult to crack finally, so that the safety of the original data is further protected.
(2) The quantum key pool is dynamically generated according to the input UUIDs, and the encryption of each file uses different UUIDs, so that the keys in the key pool are dynamically transformed, namely the key selection is controlled by UUIDm, each time the encryption of the file uses different UUIDs, each time the encryption algorithm of the same file generates different UUIDs, and the security of data encryption and decryption is ensured.
Additional aspects and advantages of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.
Drawings
FIG. 1 is a schematic flow chart of a quantum dynamic encryption data method according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of quantum dynamic encryption data according to an embodiment of the present invention;
FIG. 3 is a diagram of a dynamic quantum key pool according to an embodiment of the present invention;
FIG. 4 is a diagram of a dynamic algorithm table according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a quantum dynamic encryption device according to an embodiment of the present invention;
FIG. 6 is a flow chart of a method for quantum dynamic decryption of data according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of a quantum dynamic decryption device according to an embodiment of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions in the embodiments of the present invention will be clearly and completely described in the following in conjunction with the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
As shown in fig. 1 to 2, a first embodiment of the present invention proposes a quantum dynamic encryption data method, which includes the steps of:
s101, encrypting a unique identifier UUID of an encrypted frame by using a security key to obtain a dynamic algorithm identifier;
it should be noted that, in this embodiment, the UUID is used as a unique identifier of the encrypted frame, and the globally unique identifier (Universally Unique Identifier, UUID) refers to a number generated on one machine, which ensures that it is unique to all machines in the same space-time.
It should be noted that, the dynamic algorithm identifier is a set of binary data corresponding to UUID encrypted by a secure key, and the dynamic algorithm identifier can be protected by secure key encryption.
S102, carrying out transformation processing on the encryption algorithm base based on the dynamic algorithm identification to obtain a specific encryption algorithm corresponding to each encryption operation;
it should be noted that, the encryption algorithm base may be a value of the number of supported algorithm types set in advance by the user, and the specific value is not limited in this embodiment.
S103, carrying out transformation processing on key groups in a key pool based on the dynamic algorithm identification to obtain an encryption key corresponding to each encryption operation;
s104, encrypting the data to be encrypted by using a specific encryption algorithm and an encryption key corresponding to each encryption operation to obtain ciphertext information.
According to the embodiment, based on a dynamic algorithm quantum encryption frame technology, a unique identifier UUID of an encryption frame is encrypted by utilizing a security key to obtain a dynamic algorithm identifier, an encryption algorithm and an encryption key corresponding to each encryption operation are obtained through dynamic transformation based on the dynamic algorithm identifier, encryption is carried out on data to be encrypted, and randomness and uncertainty are increased on the basis of original data through dynamic change of the algorithm and random dynamic use of multiple quantum keys, so that cracking difficulty is increased.
In one embodiment, the step S101: encrypting the unique identifier UUID of the encrypted frame by using the security key to obtain a dynamic algorithm identifier, and specifically comprising the following steps:
s111, calculating the security key according to the unique identifier UUID by using the key pool, wherein the key pool is positioned in a security medium;
it should be noted that, the security medium in this embodiment includes, but is not limited to, a U shield, a TF card, a quantum SIM card, a software cryptographic module, an encryption chip, and the like; a key pool QKeyPool is arranged in the secure medium, and a large number of quantum keys distributed by the QKD platform are stored in the key pool.
S112, encrypting the unique identifier UUID by using the security key to obtain the dynamic algorithm identifier.
In one embodiment, the step S102: based on the dynamic algorithm identification, the encryption algorithm base is transformed to obtain a specific encryption algorithm corresponding to each encryption operation, and the method specifically comprises the following steps:
s121, performing transformation processing on bytes in the part of bytes I identified by the dynamic algorithm and the encryption algorithm base to obtain the type of the current encryption algorithm;
s122, acquiring an encryption algorithm corresponding to the current encryption operation from an encryption algorithm support table according to the current encryption algorithm type.
Specifically, in this embodiment, the 1 st byte of the dynamic algorithm identifier UUIDm may be denoted as U1, and the U1 and the encryption algorithm base EncTypeNum may be transformed to obtain a specific encryption algorithm, that is: u1& EncTypeNum; and acquiring an actual encryption algorithm from the existing encryption algorithm support table according to the obtained encryption algorithm type.
In this embodiment, the 1 st byte of the dynamic algorithm identifier UUIDm and the encryption algorithm base EncTypeNum are transformed to obtain a specific encryption algorithm, so that the data usage of UUIDm can be reduced as much as possible, and more possibilities are reserved for the subsequent expansion, but those skilled in the art can also select other bytes of UUIDm and the encryption algorithm base according to the actual situation to transform to obtain a specific encryption algorithm, and this embodiment is not limited specifically.
It should be noted that, the dynamic encryption algorithm of this embodiment may dynamically change according to the actual encryption times and the block lengths, for example, the first encryption uses UUIDm (1 st byte) transformation to calculate the actual algorithm, the second encryption uses UUIDm (2 nd byte) transformation to calculate the actual algorithm, and so on.
In one embodiment, as shown in fig. 4, the encryption algorithm support table includes encryption algorithms of the symmetric encryption algorithm type and encryption algorithms of the asymmetric encryption algorithm.
It should be noted that the asymmetric encryption algorithm includes, but is not limited to, RSA, ECC, diffie-Hellman, el Gamal, DSA, SM2, etc.; symmetric encryption algorithms include, but are not limited to, des.3des.desx, blowfish, IDEA, RC4, RC5, RC6, AES, SM4 algorithms, and the like.
The asymmetric algorithm can select whether to use according to the data size and the actual service scene because of the problem of slower calculation when the data size is large.
In an embodiment, each byte in the partial byte one identified by the dynamic algorithm corresponds to a specific encryption algorithm, and the correspondence between the encryption algorithm and each byte in the partial byte one is adjustable.
The developer using the encrypted frame can dynamically adjust the position of the algorithm by himself, and ensure that the devices at the two ends of encryption and decryption are consistent.
In an embodiment, the step S103: and carrying out transformation processing on the key groups in the key pool based on the dynamic algorithm identification to obtain an encryption key corresponding to each encryption operation, wherein the encryption key comprises the following specific steps:
and carrying out transformation processing on the key group in the key pool according to the byte in the second part of bytes identified by the dynamic algorithm to obtain the encryption key corresponding to each encryption operation.
It should be noted that, the specific encryption key qkey can be obtained by calculating the 2 nd byte of the UUIDm identified by the dynamic algorithm, which is U2, and the method can ensure the algorithm agreed between the encryption and decryption ends according to the dynamic change Ux of the subsequent encryption times and the like.
Specifically, the validation of the encryption key qkey is calculated from the quantum key pool of each application, and as shown in fig. 3, the encryption key qkey may be selected by: groupn=u56% groupN (total group number); key=u56% key N (total key number per group), where groupN is the total key group number, key N is the number of encryption keys contained in the nth group of encryption keys, U represents UUIDm, U56 is an integer after the 5 th and 6 th bytes of data of UUIDm are valued, and% represents remainder.
In an embodiment, when encrypting for different chunk lengths of data, the method further comprises the steps of:
adjusting bytes in the partial byte I of the dynamic algorithm identifier, and distributing different encryption algorithms for different block encryption of data;
and adjusting bytes in the second part of bytes identified by the dynamic algorithm, and distributing different encryption keys for different block encryption of the data.
It should be noted that, as shown in fig. 2, by setting the block base, when the data size is large, the data is split into a plurality of sub-data based on the block base, and then each data is dynamically encrypted by using a dynamic encryption algorithm, and assuming that the encryption length of the data block is marked by EncBlockLen, the block length of the data encryption can be specified, and U1 and U2 identified by the dynamic adjustment dynamic algorithm are matched, so that the multi-block encryption of the data uses different encryption algorithms and encryption keys, and the security of the data is improved.
In an embodiment, the number of encryption operations is pre-specified or obtained by transforming bytes in the part of bytes three identified by the dynamic algorithm.
It should be noted that the encryption and decryption times record CryptoNum, which can be freely specified or obtained by using a dynamic algorithm to identify UUIDm for algorithm, and the security of the data can be further ensured by multiple encryption and decryption. Matching with the dynamic adjustment U1 can make each encryption use a different algorithm.
The encryption and decryption times can be directly obtained by using the appointed times of the upper layer or can be obtained by changing the Ux set by a user, and the complexity of data decryption can be further increased by setting different times of encryption and decryption.
In one embodiment, the step S104: encrypting the data to be encrypted by using a specific encryption algorithm corresponding to each encryption operation to obtain ciphertext information, wherein the method specifically comprises the following steps of:
s141, encrypting the data to be encrypted by utilizing a specific encryption algorithm corresponding to the current encryption operation and combining an encryption key to obtain encrypted data;
s142, carrying out hash operation on the data to be encrypted by utilizing an encryption algorithm to obtain a plaintext hash value;
and S143, the encrypted data and the plaintext hash value are used as the ciphertext information to be transmitted.
It should be noted that, the plaintext hash 16 bytes may be used to check whether the data after final decryption is correct, in the data encryption process, for convenience of specific implementation, sm3 algorithm is specifically used to hash the original data, the left 16 bytes are taken as L, the right 16 bytes are taken as R, and then L × R is used to calculate to obtain the final 16 bytes plaintext hash; and then the ciphertext data and the plaintext hash value are transmitted to a decryption end together.
Further, for the unused part of the UUIDm, the part of the data can be freely matched for use, for example, the unused part of the data in the UUID can be used for performing some transformation to obtain a specific algorithm in order to increase the dynamic state of the hash. The block encryption needs to use different Ux to change to obtain different encryption algorithms and encryption keys, and also can use part of data which is not used by UUIdm. The private algorithm of the user can be added in the encryption algorithm shown in fig. 4 to carry out private customization operation, and then the dynamic algorithm can be changed to be used, so that the encryption complexity is improved by matching the private encryption scheme with the self-use encryption support type.
In addition, as shown in fig. 5, a second embodiment of the present invention further proposes a quantum dynamic encryption device, which is characterized in that the encryption device includes:
the first encryption module 11 is configured to encrypt a unique identifier UUID of an encrypted frame by using a security key to obtain a dynamic algorithm identifier;
the first dynamic transformation module 12 is configured to transform the encryption algorithm base based on the dynamic algorithm identifier, so as to obtain a specific encryption algorithm corresponding to each encryption operation;
the second dynamic transformation module 13 is configured to transform the key packets in the key pool based on the dynamic algorithm identifier, so as to obtain an encryption key corresponding to each encryption operation;
the second encryption module 14 is configured to encrypt the data to be encrypted by using a specific encryption algorithm and an encryption key corresponding to each encryption operation, so as to obtain ciphertext information.
According to the embodiment, based on a dynamic algorithm quantum encryption frame technology, a unique identifier UUID of an encryption frame is encrypted by utilizing a security key to obtain a dynamic algorithm identifier, an encryption algorithm and an encryption key corresponding to each encryption operation are obtained through dynamic transformation based on the dynamic algorithm identifier, encryption is carried out on data to be encrypted, and randomness and uncertainty are increased on the basis of original data through dynamic change of the algorithm and random dynamic use of multiple quantum keys, so that cracking difficulty is increased.
In one embodiment, the first encryption module 11 includes:
the security key generation unit is used for calculating the security key according to the unique identifier UUID by using the key pool, and the key pool is positioned in a security medium;
and the first encryption unit is used for encrypting the unique identifier UUID by using the security key to obtain the dynamic algorithm identifier.
In one embodiment, the first dynamic transformation module 12 includes:
the first transformation unit is used for transforming the byte in the partial byte I identified by the dynamic algorithm with the encryption algorithm base to obtain the type of the current encryption algorithm;
the encryption algorithm acquisition unit is used for acquiring the encryption algorithm corresponding to the current encryption operation from the encryption algorithm support table according to the current encryption algorithm type.
In an embodiment, each byte in the partial byte one identified by the dynamic algorithm corresponds to a specific encryption algorithm, and the correspondence between the encryption algorithm and each byte in the partial byte one is adjustable.
In an embodiment, the second dynamic transformation module 13 is specifically configured to:
and carrying out transformation processing on the key group in the key pool according to the byte in the second part of bytes identified by the dynamic algorithm to obtain the encryption key corresponding to each encryption operation.
In an embodiment, the system further comprises an adjustment module for:
adjusting bytes in the partial byte I of the dynamic algorithm identifier, and distributing different encryption algorithms for different block encryption of data;
and adjusting bytes in the second part of bytes identified by the dynamic algorithm, and distributing different encryption keys for different block encryption of the data.
In an embodiment, the number of encryption operations is pre-specified or obtained by transforming bytes in the part of bytes three identified by the dynamic algorithm.
In one embodiment, the second encryption module 14 includes:
the second encryption unit is used for encrypting the data to be encrypted by utilizing a specific encryption algorithm corresponding to the current encryption operation and combining an encryption key to obtain encrypted data;
the hash unit is used for carrying out hash operation on the data to be encrypted by utilizing an encryption algorithm to obtain a plaintext hash value;
and the sending unit is used for sending the encrypted data and the plaintext hash value as the ciphertext information.
It should be noted that, other embodiments of the quantum dynamic encryption device or the implementation method thereof according to the present invention may refer to the above method embodiments, and are not repeated herein.
In addition, as shown in fig. 6, a third embodiment of the present invention further proposes a method for quantum dynamic decryption of data, the method comprising the steps of:
s201, receiving unique identifier UUID and ciphertext information;
s202, based on the unique identifier UUID, a decryption algorithm and an encryption key corresponding to each decryption operation are obtained;
s203, decrypting the ciphertext information based on the decryption algorithm and the encryption key.
In an embodiment, after said decrypting said ciphertext information based on said decryption algorithm and an encryption key, said method further comprises the steps of:
carrying out hash operation on plaintext data obtained by decrypting the ciphertext information to obtain a plaintext Wen Haxi value to be verified;
and comparing the value of the plaintext Wen Haxi to be verified with the transmitted value of the plaintext Wen Haxi, and determining the correctness of the decrypted plaintext information.
In an embodiment, the method further comprises the steps of:
based on the unique identifier UUID, the encryption times and the encryption block length of the ciphertext information are obtained;
and decrypting the ciphertext information by using a decryption algorithm corresponding to the encryption algorithm adopted in each encryption process and matching the encryption times and the encryption block length.
It should be noted that, the data decryption process is: and displaying the UUID of the analysis frame data, and acquiring the quantum key as encryption. And (4) using a corresponding encryption algorithm to coordinate with the calculation of the encryption times and the encryption block length. The quantum key is used for decrypting the actual ciphertext data. And finally comparing the obtained plaintext data with the transmitted plaintext hash. And confirming the correctness of the decrypted plaintext information.
In addition, as shown in fig. 7, a fourth embodiment of the present invention further proposes a quantum dynamic decryption device, the device comprising:
a receiving module 21, configured to receive the unique identifier UUID and ciphertext information;
the decryption information acquisition module 22 is configured to acquire a decryption algorithm and an encryption key corresponding to each decryption operation based on the unique identifier UUID;
a decryption module 23, configured to decrypt the ciphertext information based on the decryption algorithm and the encryption key.
In one embodiment the quantum dynamic decryption device further comprises:
the hash operation module is used for carrying out hash operation on plaintext data obtained by decrypting the ciphertext information to obtain a plaintext Wen Haxi value to be verified;
and the hash check module is used for comparing the to-be-checked plaintext Wen Haxi value with the transmitted plaintext Wen Haxi value and determining the correctness of the decrypted plaintext information.
In an embodiment, the quantum dynamic decryption device further comprises:
the decryption information obtaining module 22 is further configured to obtain the encryption number and the encryption block length of the ciphertext information based on the unique identifier UUID;
the decryption module 23 is further configured to decrypt the ciphertext information by using a decryption algorithm corresponding to the encryption algorithm adopted in each encryption process, in combination with the number of times of encryption and the length of the encryption block.
It should be noted that, the process of implementing data decryption by the quantum dynamic decryption device corresponds to the process of encrypting data by the quantum dynamic encryption device, and will not be described in detail here.
In the description of the present specification, a description referring to terms "one embodiment," "some embodiments," "examples," "specific examples," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present invention. In this specification, schematic representations of the above terms do not necessarily refer to the same embodiments or examples. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
Furthermore, the terms "first," "second," and the like, are used for descriptive purposes only and are not to be construed as indicating or implying a relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first" or "a second" may explicitly or implicitly include at least one such feature. In the description of the present invention, the meaning of "plurality" means at least two, for example, two, three, etc., unless specifically defined otherwise.
While embodiments of the present invention have been shown and described above, it will be understood that the above embodiments are illustrative and not to be construed as limiting the invention, and that variations, modifications, alternatives and variations may be made to the above embodiments by one of ordinary skill in the art within the scope of the invention.

Claims (14)

1. A method of quantum dynamic encryption of data, the method comprising:
encrypting the unique identifier UUID of the encrypted frame by using the security key to obtain a dynamic algorithm identifier;
based on the dynamic algorithm identification, carrying out transformation processing on the encryption algorithm base to obtain a specific encryption algorithm corresponding to each encryption operation;
performing transformation processing on the key groups in the key pool based on the dynamic algorithm identification to obtain encryption keys corresponding to each encryption operation;
and encrypting the data to be encrypted by using a specific encryption algorithm and an encryption key corresponding to each encryption operation to obtain ciphertext information.
2. The method for quantum dynamic data encryption according to claim 1, wherein encrypting the unique identifier UUID of the encrypted frame with the security key to obtain the dynamic algorithm identifier comprises:
calculating the security key according to the unique identifier UUID by using the key pool, wherein the key pool is positioned in a security medium;
and encrypting the unique identifier UUID by using the security key to obtain the dynamic algorithm identifier.
3. The method for quantum dynamic data encryption according to claim 1, wherein the transforming the encryption algorithm base based on the dynamic algorithm identifier to obtain a specific encryption algorithm corresponding to each encryption operation comprises:
the byte in the partial byte I identified by the dynamic algorithm and the encryption algorithm base are used for carrying out transformation processing to obtain the type of the encryption algorithm of the current time;
and acquiring the encryption algorithm corresponding to the current encryption operation from the encryption algorithm support table according to the current encryption algorithm type.
4. A method of quantum dynamic encrypting data according to claim 3 in which said encryption algorithm support table includes encryption algorithms of the symmetric encryption algorithm type and encryption algorithms of the asymmetric encryption algorithm.
5. A method of quantum dynamic encrypting data according to claim 3 wherein each byte in part byte one identified by said dynamic algorithm corresponds to a particular encryption algorithm and the correspondence between said encryption algorithm and each byte in said part byte one is adjustable.
6. The method for quantum dynamic data encryption according to claim 1, wherein the transforming the key packet in the key pool based on the dynamic algorithm identifier to obtain the encryption key corresponding to each encryption operation comprises:
and carrying out transformation processing on the key group in the key pool according to the byte in the second part of bytes identified by the dynamic algorithm to obtain the encryption key corresponding to each encryption operation.
7. A method of quantum dynamic encrypting data according to claim 3 or claim 6 and when encrypting for different block lengths of data, said method further comprises:
adjusting bytes in the partial byte I of the dynamic algorithm identifier, and distributing different encryption algorithms for different block encryption of data;
and adjusting bytes in the second part of bytes identified by the dynamic algorithm, and distributing different encryption keys for different block encryption of the data.
8. The method of claim 1, wherein the number of encryption operations is pre-specified or transformed from a byte in byte three of the portion identified by the dynamic algorithm.
9. The method for dynamically encrypting data according to claim 1, wherein the encrypting the data to be encrypted by using a specific encryption algorithm corresponding to each encryption operation to obtain ciphertext information comprises:
encrypting the data to be encrypted by utilizing a specific encryption algorithm corresponding to the current encryption operation and combining an encryption key to obtain encrypted data;
carrying out hash operation on the data to be encrypted by utilizing an encryption algorithm to obtain a plaintext hash value;
and sending the encrypted data and the plaintext hash value as the ciphertext information.
10. A quantum dynamic encryption device, the encryption device comprising:
the first encryption module is used for encrypting the unique identifier UUID of the encrypted frame by utilizing the security key to obtain a dynamic algorithm identifier;
the first dynamic transformation module is used for transforming the encryption algorithm base based on the dynamic algorithm identification to obtain a specific encryption algorithm corresponding to each encryption operation;
the second dynamic transformation module is used for transforming the key groups in the key pool based on the dynamic algorithm identification to obtain the encryption key corresponding to each encryption operation;
the second encryption module is used for encrypting the data to be encrypted by utilizing a specific encryption algorithm and an encryption key corresponding to each encryption operation to obtain ciphertext information.
11. A method of quantum dynamically decrypting data, the method comprising:
receiving unique identification UUID and ciphertext information;
based on the unique identifier UUID, a decryption algorithm and an encryption key corresponding to each decryption operation are obtained;
and decrypting the ciphertext information based on the decryption algorithm and the encryption key.
12. The quantum dynamic data decryption method of claim 11, wherein after decrypting the ciphertext information based on the decryption algorithm and an encryption key, the method further comprises:
carrying out hash operation on plaintext data obtained by decrypting the ciphertext information to obtain a plaintext Wen Haxi value to be verified;
and comparing the value of the plaintext Wen Haxi to be verified with the transmitted value of the plaintext Wen Haxi, and determining the correctness of the decrypted plaintext information.
13. The quantum dynamic data decryption method of claim 11, wherein the method further comprises:
based on the unique identifier UUID, the encryption times and the encryption block length of the ciphertext information are obtained;
and decrypting the ciphertext information by using a decryption algorithm corresponding to the encryption algorithm adopted in each encryption process and matching the encryption times and the encryption block length.
14. A quantum dynamic decryption device, the device comprising:
the receiving module is used for receiving the unique identifier UUID and the ciphertext information;
the decryption information acquisition module is used for acquiring a decryption algorithm and an encryption key corresponding to each decryption operation based on the unique identifier UUID;
and the decryption module is used for decrypting the ciphertext information based on the decryption algorithm and the encryption key.
CN202310472928.9A 2023-04-27 2023-04-27 Quantum dynamic data encryption method and data decryption method Pending CN116915393A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310472928.9A CN116915393A (en) 2023-04-27 2023-04-27 Quantum dynamic data encryption method and data decryption method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310472928.9A CN116915393A (en) 2023-04-27 2023-04-27 Quantum dynamic data encryption method and data decryption method

Publications (1)

Publication Number Publication Date
CN116915393A true CN116915393A (en) 2023-10-20

Family

ID=88361577

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310472928.9A Pending CN116915393A (en) 2023-04-27 2023-04-27 Quantum dynamic data encryption method and data decryption method

Country Status (1)

Country Link
CN (1) CN116915393A (en)

Similar Documents

Publication Publication Date Title
CN111740828B (en) Key generation method, device and equipment and encryption and decryption method
US10785019B2 (en) Data transmission method and apparatus
US8239679B2 (en) Authentication method, client, server and system
US8396218B2 (en) Cryptographic module distribution system, apparatus, and program
US20170244687A1 (en) Techniques for confidential delivery of random data over a network
US12010216B2 (en) Computer-implemented system and method for highly secure, high speed encryption and transmission of data
CN107135080B (en) SM9 decryption method and device
US20210152370A1 (en) Digital signature method, device, and system
CN111192050B (en) Digital asset private key storage and extraction method and device
CN107465665A (en) A kind of file encryption-decryption method based on fingerprint identification technology
CN105721153A (en) System and method for key exchange based on authentication information
CN110505053B (en) Quantum key filling method, device and system
CN113347143B (en) Identity verification method, device, equipment and storage medium
CN116318784B (en) Identity authentication method, identity authentication device, computer equipment and storage medium
US20200235915A1 (en) Computer-implemented system and method for highly secure, high speed encryption and transmission of data
CN113193958B (en) Quantum key service method and system
EP2680528B1 (en) Method, device and system for proxy transformation
CN113259722B (en) Secure video Internet of things key management method, device and system
CN117914483A (en) Secure communication method, apparatus, device and medium
CN110932847A (en) A user revocation method for identity identification cryptosystem with ciphertext homomorphism
CN114157488B (en) Key acquisition method, device, electronic equipment and storage medium
CN114697001B (en) Information encryption transmission method, equipment and medium based on blockchain
CN112954388B (en) A method, device, terminal device and storage medium for obtaining data files
CN116915393A (en) Quantum dynamic data encryption method and data decryption method
KR101388452B1 (en) Method of migrating certificate to mobile terminal using certificate transmission server based on one-time public information and apparatus using the same

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination