CN117221002A - Target port determining method and device - Google Patents
Target port determining method and device Download PDFInfo
- Publication number
- CN117221002A CN117221002A CN202311414546.7A CN202311414546A CN117221002A CN 117221002 A CN117221002 A CN 117221002A CN 202311414546 A CN202311414546 A CN 202311414546A CN 117221002 A CN117221002 A CN 117221002A
- Authority
- CN
- China
- Prior art keywords
- port
- current
- current date
- identifier
- determining
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 59
- 238000004364 calculation method Methods 0.000 claims description 43
- 230000006835 compression Effects 0.000 claims description 25
- 238000007906 compression Methods 0.000 claims description 25
- 238000004590 computer program Methods 0.000 claims description 23
- 238000010586 diagram Methods 0.000 description 10
- 230000006870 function Effects 0.000 description 5
- 230000008569 process Effects 0.000 description 5
- 238000012545 processing Methods 0.000 description 4
- 238000011161 development Methods 0.000 description 2
- 230000003203 everyday effect Effects 0.000 description 2
- 238000012423 maintenance Methods 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
Abstract
The application provides a target port determining method and device, relates to the technical field of data security, and can be used in the financial field or other technical fields. The method comprises the following steps: encrypting the current date according to the symmetric key by utilizing the symmetric encryption mode to obtain a ciphertext; determining a port used for the first time on the current date according to the ciphertext and the port numerical identification range; if the port is used, determining a current port numerical value identifier which is currently used according to the port numerical value identifier and the port numerical value identifier range; and if the current port numerical value identification is different from the port numerical value identification used on the current date, determining the current port corresponding to the current port numerical value identification as the current-date currently-used target port. The apparatus performs the above method. The method and the device for determining the target port can dynamically generate the target port used currently on the current date, and ensure the safety of port data.
Description
Technical Field
The application relates to the technical field of data security, in particular to a method and a device for determining a target port.
Background
The USBKEY is an electronic product with a USB interface, an asymmetric key pair and a digital certificate are built in, and the key is protected by a password of a user. The product is typically used to authenticate the identity of the user. Currently, online banking uses a technology of digitally signing transfer information by using a usb key device to authenticate the identity of a user. The USBKEY is connected with the computer through a USB interface of the computer. When the user transfers accounts in the internet banking, the user inputs a password of the USBKEY, signs transaction information by using a secret key in the USBKEY, and the signature result is sent to the internet banking server. The server verifies the signature, and if the signature passes, the signature is considered as a legal user, and corresponding account operation is executed.
Internet banking typically accesses the USBKEY by means of a browser plug-in. Because of the numerous plug-ins of the browser, the versions are more, the bank needs to develop different plug-ins for different browsers, and the development and maintenance costs are high. In order to solve the problem, part of banks use local starting WEB service of client computers and access USBKEY through HTTPS communication protocol, thereby avoiding development and maintenance work of browser plug-in. However, there are many security issues in the client computer to initiate WEB services.
When the client computer starts the WEB service, if the service port is known by other people, an attacker can illegally access the WEB service. If the WEB service has a vulnerability, an attacker sends a malicious message to the service, so that a user computer can be controlled, and potential safety hazards of data are brought.
Disclosure of Invention
Aiming at the problems in the prior art, the embodiment of the application provides a target port determining method and a target port determining device, which can at least partially solve the problems in the prior art.
In one aspect, the present application provides a method for determining a target port, including:
encrypting the current date according to the symmetric key by utilizing the symmetric encryption mode to obtain a ciphertext;
determining a port used for the first time on the current date according to the ciphertext and the port numerical identification range;
if the port is used, determining a current port numerical value identifier which is currently used according to the port numerical value identifier and the port numerical value identifier range;
and if the current port numerical value identification is different from the port numerical value identification used on the current date, determining the current port corresponding to the current port numerical value identification as the current-date currently-used target port.
The determining the first port used by the current date according to the ciphertext and the port numerical identification range comprises the following steps:
and carrying out compression calculation on the ciphertext, and calculating according to a compression calculation result and the port value identification range to obtain a port used for the first time on the current date.
The first port used by the current date is obtained by calculation according to the compression calculation result and the port value identification range, and the method comprises the following steps:
bit inverting the compression calculation result to obtain an inverting result, and byte-connecting the compression calculation result and the inverting result to obtain a port calculation intermediate value;
and calculating an intermediate value according to the port and calculating the port numerical value identification range to obtain the port used for the first time on the current date.
The first port used in the current date is obtained by calculating the intermediate value according to the port calculation and the port value identification range, and the method comprises the following steps:
the port used for the first time on the current date is calculated according to the following formula:
p=R%(m-n+1)+n;
wherein p is the port value identification corresponding to the port used for the first time on the current date, R is the port calculation intermediate value, n is the minimum endpoint value in the port value identification range, and m is the maximum endpoint value in the port value identification range.
The determining the current port value identifier currently used on the current date according to the port value identifier and the port value identifier range includes:
and calculating to obtain the current port numerical identifier currently used by the current date according to the following formula:
p’=(p+1)%(m-n+1)+n;
wherein, p' is the current port value identifier used at the current time, p is the port value identifier corresponding to the port used at the first time on the current date, n is the minimum endpoint value in the port value identifier range, and m is the maximum endpoint value in the port value identifier range.
The target port determining method further comprises the following steps:
if the current port numerical identifier is the same as the port numerical identifier which is used on the current date, continuing to execute the current port numerical identifier which is used on the current date according to the current port numerical identifier and the equipment port numerical identifier range and the subsequent steps until the current port numerical identifier is different from the port numerical identifier which is used on the current date.
After the step of determining that the current port corresponding to the current port numerical identifier is the currently used target port on the current date, the target port determining method further includes:
and sending the target port identification to an internet banking system.
In one aspect, the present application proposes a destination port determining apparatus, including:
the encryption unit is used for encrypting the current date according to the symmetric key by utilizing the symmetric encryption mode to obtain a ciphertext;
the first determining unit is used for determining a port used for the first time on the current date according to the ciphertext and the port numerical identification range;
the second determining unit is used for determining a current port numerical value identifier currently used on the current date according to the port numerical value identifier and the port numerical value identifier range if the port is determined to be used;
and the third determining unit is used for determining that the current port corresponding to the current port numerical identifier is the currently used target port of the current date if the current port numerical identifier is determined to be different from the port numerical identifier which is already used on the current date.
In yet another aspect, an embodiment of the present application provides a computer device including a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing the following method when executing the computer program:
encrypting the current date according to the symmetric key by utilizing the symmetric encryption mode to obtain a ciphertext;
determining a port used for the first time on the current date according to the ciphertext and the port numerical identification range;
if the port is used, determining a current port numerical value identifier which is currently used according to the port numerical value identifier and the port numerical value identifier range;
and if the current port numerical value identification is different from the port numerical value identification used on the current date, determining the current port corresponding to the current port numerical value identification as the current-date currently-used target port.
An embodiment of the present application provides a computer-readable storage medium including:
the computer readable storage medium stores a computer program which, when executed by a processor, performs the following method:
encrypting the current date according to the symmetric key by utilizing the symmetric encryption mode to obtain a ciphertext;
determining a port used for the first time on the current date according to the ciphertext and the port numerical identification range;
if the port is used, determining a current port numerical value identifier which is currently used according to the port numerical value identifier and the port numerical value identifier range;
and if the current port numerical value identification is different from the port numerical value identification used on the current date, determining the current port corresponding to the current port numerical value identification as the current-date currently-used target port.
Embodiments of the present application also provide a computer program product comprising a computer program which, when executed by a processor, performs the following method:
encrypting the current date according to the symmetric key by utilizing the symmetric encryption mode to obtain a ciphertext;
determining a port used for the first time on the current date according to the ciphertext and the port numerical identification range;
if the port is used, determining a current port numerical value identifier which is currently used according to the port numerical value identifier and the port numerical value identifier range;
and if the current port numerical value identification is different from the port numerical value identification used on the current date, determining the current port corresponding to the current port numerical value identification as the current-date currently-used target port.
According to the target port determining method and device provided by the embodiment of the application, the current date is encrypted according to the symmetric key by utilizing the symmetric encryption mode to obtain the ciphertext; determining a port used for the first time on the current date according to the ciphertext and the port numerical identification range; if the port is used, determining a current port numerical value identifier which is currently used according to the port numerical value identifier and the port numerical value identifier range; if the current port numerical value identification is different from the port numerical value identification used on the current date, the current port corresponding to the current port numerical value identification is determined to be the target port used currently on the current date, the target port used currently on the current date can be dynamically generated, and the port data safety is ensured.
Drawings
In order to more clearly illustrate the embodiments of the application or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, it being obvious that the drawings in the following description are only some embodiments of the application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art. In the drawings:
fig. 1 is a flowchart of a method for determining a destination port according to an embodiment of the present application.
Fig. 2 is a flowchart of a method for determining a destination port according to another embodiment of the present application.
Fig. 3 is a flowchart of a method for determining a destination port according to another embodiment of the present application.
Fig. 4 is a schematic structural diagram of a destination port determining apparatus according to an embodiment of the present application.
Fig. 5 is a schematic diagram of a physical structure of a computer device according to an embodiment of the present application.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present application more apparent, the embodiments of the present application will be described in further detail with reference to the accompanying drawings. The exemplary embodiments of the present application and their descriptions herein are for the purpose of explaining the present application, but are not to be construed as limiting the application. It should be noted that, without conflict, the embodiments of the present application and features of the embodiments may be arbitrarily combined with each other.
Fig. 1 is a flow chart of a method for determining a target port according to an embodiment of the present application, as shown in fig. 1, where the method for determining a target port according to an embodiment of the present application includes:
step S1: and encrypting the current date according to the symmetric key by utilizing the symmetric encryption mode to obtain the ciphertext.
Step S2: and determining the port used for the first time on the current date according to the ciphertext and the port numerical identification range.
Step S3: and if the port is used, determining the current port numerical identifier currently used on the current date according to the port numerical identifier and the port numerical identifier range.
Step S4: and if the current port numerical value identification is different from the port numerical value identification used on the current date, determining the current port corresponding to the current port numerical value identification as the current-date currently-used target port.
In the step S1, the device encrypts the current date according to the symmetric key by using the symmetric encryption mode to obtain the ciphertext. The apparatus may be a computer device or the like performing the method, for example a usb key, i.e. a U shield. The technical scheme of the application obtains, stores, uses, processes and the like the data, which all meet the relevant regulations of national laws and regulations.
As shown in fig. 2, before this step, the method for determining a destination port further includes:
step S0: and receiving a port acquisition instruction sent by the terminal equipment after the insertion of the USBKEY is detected. The terminal device may be a computer device into which the usb key is inserted. Further, a port acquisition instruction is sent to the USBKEY through a daemon of the terminal equipment.
After receiving the port acquisition instruction, the usb key may start to execute the step S1 and the subsequent steps.
The symmetric encryption mode may include a CBC mode, an ECB mode, and the like, and further may encrypt the current date according to the symmetric key using the CBC mode to obtain a ciphertext.
The full name of CBC mode: cipher Block Chaining mode (ciphertext block chaining mode), this name is called because ciphertext blocks are linked to each other like a chain.
In CBC mode, the plaintext block and one ciphertext block are first xored, and then encrypted. In this approach, each ciphertext block depends on all plaintext blocks that precede it.
The symmetric key K may be pre-stored in the USBKEY. The current date may include a year, month, and day, e.g., 20221027. The encrypted current date is taken as the ciphertext, and it can be understood that the ciphertext can be changed along with the change of the current date every day, so that the ciphertext is different every day, and the data security is improved.
In the step S2, the device determines the port used for the first time on the current date according to the ciphertext and the port number identification range. After determining the port first used on the current date, the port value identifier corresponding to the port may be recorded, for example, the port value identifier p corresponding to the port first used on the current date is 121. The determining the first port used by the current date according to the ciphertext and the port numerical identification range comprises the following steps:
and carrying out compression calculation on the ciphertext, and calculating according to a compression calculation result and the port value identification range to obtain a port used for the first time on the current date. The ciphertext may be subjected to a summation operation based on all bytes of the ciphertext M, where the summation result is a compression result, denoted as S, and the summation operation may reduce the number of bytes of the ciphertext M, thereby having the effect of compressing data. The above-mentioned summation operation for all bytes of the ciphertext M is a conventional calculation process in the art, and will not be repeated.
The first port used on the current date is obtained by calculation according to the compression calculation result and the port value identification range, and the method comprises the following steps:
bit inverting the compression calculation result to obtain an inverting result, and byte-connecting the compression calculation result and the inverting result to obtain a port calculation intermediate value; and inverting the S by bit, namely converting 0 into 1 and converting 1 into 0, thereby obtaining an inverting result S'.
The port calculation intermediate value R may be obtained by connecting S and S ' in order of S and S ', or may be obtained by connecting S and S ' in order of S and S, and the connection method is not particularly limited.
And calculating an intermediate value according to the port and calculating the port numerical value identification range to obtain the port used for the first time on the current date. The first port used on the current date is obtained by calculating the intermediate value according to the port and the port numerical value identification range, and the method comprises the following steps:
the port used for the first time on the current date is calculated according to the following formula:
p=R%(m-n+1)+n;
wherein p is the port value identification corresponding to the port used for the first time on the current date, R is the port calculation intermediate value, n is the minimum endpoint value in the port value identification range, and m is the maximum endpoint value in the port value identification range. Wherein,% represents the remainder.
It should be noted that, the port number identification range refers to the available port number identification range [ n, m ] of the above-mentioned computer device, and the available port number identification range may include consecutive number values, for example, 100-200. Referring to the above example, the minimum endpoint is 100, the maximum endpoint is 200, and p is a value between 100 and 200, which can identify the port corresponding to the number.
In the step S3, if the device determines that the port has been used, the device determines the current port number identifier currently used on the current date according to the port number identifier and the port number identifier range. The recorded port number identification may be obtained to determine if the port was used, e.g., if the port number identification for the port was used, 121, then the port was used.
The determining the current port value identifier currently used on the current date according to the port value identifier and the port value identifier range comprises the following steps:
and calculating to obtain the current port numerical identifier currently used by the current date according to the following formula:
p’=(p+1)%(m-n+1)+n;
wherein, p' is the current port value identifier used at the current time, p is the port value identifier corresponding to the port used at the first time on the current date, n is the minimum endpoint value in the port value identifier range, and m is the maximum endpoint value in the port value identifier range.
For example, as shown in the following, the port value identifier p corresponding to the port used for the first time on the current date is 121, and the calculation result p 'calculated according to the calculation formula of p' may be the same as 121 or may be different from 121 when the port is used for the second time due to the randomness of the intermediate value R calculated by the port.
In the step S4, if the device determines that the current port number identifier is different from the port number identifier that has been used on the current date, it determines that the current port corresponding to the current port number identifier is the target port currently used on the current date. Referring to the above example, if p ' is different from 121, the port corresponding to p ' is directly determined as the currently used target port on the current date, for example, p ' is 175, the target port value is 175, the port value identifier 175 corresponding to the port is recorded, and when the used port is determined again, 121 and 175 need to be considered, and each time a target port is generated, the number of the port value identifiers corresponding to the port is recorded and is increased by 1.
After the target port is determined, the daemon starts the WEB service at the target port. After the user operation is finished, the daemon closes the target port and records the port p used on the current date in the USBKEY.
The target port determining method further comprises the following steps:
if the current port numerical identifier is the same as the port numerical identifier which is used on the current date, continuing to execute the current port numerical identifier which is used on the current date according to the current port numerical identifier and the equipment port numerical identifier range and the subsequent steps until the current port numerical identifier is different from the port numerical identifier which is used on the current date. Referring to the above example, if p ' is the same as 121, p ' is recalculated by substituting 121 into p in p ' = (p+1)% (m-n+1) +n, and p ' is not the same as 121 at this time, and the port corresponding to the recalculated p ' is the target port.
As shown in fig. 3, after the step of determining that the current port corresponding to the current port value identifier is the currently used target port on the current date, the target port determining method further includes:
step S5: and sending the target port identification to an internet banking system. The online banking system also needs to generate a dynamic service port to be accessed by itself, and the dynamic service port needs to be consistent with the target port so as to normally access the USBKEY through the WEB service.
The method for determining the target port provided by the embodiment of the application is briefly described as follows:
1. the client inserts the USBKEY on the USB port of the computer.
2. The daemon on the computer sends a port acquisition instruction to the USBKEY.
And 3, encrypting the current date by using the USBKEY according to the symmetric key K, and obtaining the ciphertext M by adopting a CBC encryption mode. And summing all bytes of the ciphertext M to obtain S. S' is obtained by inverting the S by bit. And connecting the S and S' bytes to obtain R.
Assuming that the available port range of the computer is [ n, m ], calculating p=r% (m-n+1) +n, wherein p is the port obtained by this calculation.
The usbkey checks if port p is used on the current date. If used, p ' = (p+1)% (m-n+1) +n, p ' is calculated as the new port, let p=p '.
5. The previous step is repeatedly executed until a port p which is unused on the current date is obtained.
After the port is generated, the daemon starts the WEB service at port p. After the user operation is finished, the daemon closes the port and records the port p used on the current date in the USBKEY. The online banking system also needs to generate a dynamic service port to be accessed by itself, and the dynamic service port needs to be consistent with the target port so as to normally access the USBKEY through the WEB service.
The application improves the safety of accessing the USBKEY by the internet banking system through the WEB service mode.
1. Dynamic service ports are used instead of static service ports to launch WEB services, and an attacker cannot predict the available service ports.
2. The dynamic port is generated by USBKEY hardware instead of software, so that the randomness is better.
3. The dynamic port has the temporary property, and the WEB service is closed in time after the USBKEY operation is finished, so that the time for exposing the port to the outside is reduced.
The application adopts a dynamic service port generation mechanism to improve the safety of WEB service. When the client performs operations such as transferring and the like which need to access the USBKEY, a daemon process on the client computer generates a dynamic port through the USBKEY and starts WEB service. After the customer finishes the operation, the service port is closed in time. The dynamic service port has randomness, so that an attacker is difficult to predict, and the data security is improved.
According to the target port determining method provided by the embodiment of the application, the current date is encrypted according to the symmetric key by utilizing the symmetric encryption mode to obtain the ciphertext; determining a port used for the first time on the current date according to the ciphertext and the port numerical identification range; if the port is used, determining a current port numerical value identifier which is currently used according to the port numerical value identifier and the port numerical value identifier range; if the current port numerical value identification is different from the port numerical value identification used on the current date, the current port corresponding to the current port numerical value identification is determined to be the target port used currently on the current date, the target port used currently on the current date can be dynamically generated, and the port data safety is ensured.
Further, the determining the first port used by the current date according to the ciphertext and the port value identification range includes:
and carrying out compression calculation on the ciphertext, and calculating according to a compression calculation result and the port value identification range to obtain a port used for the first time on the current date. Reference is made to the above description and will not be repeated.
Further, the calculating the port used for the first time on the current date according to the compression calculation result and the port number identification range includes:
bit inverting the compression calculation result to obtain an inverting result, and byte-connecting the compression calculation result and the inverting result to obtain a port calculation intermediate value; reference is made to the above description and will not be repeated.
And calculating an intermediate value according to the port and calculating the port numerical value identification range to obtain the port used for the first time on the current date. Reference is made to the above description and will not be repeated.
Further, the calculating the port first used by the current date according to the port calculating intermediate value and the port number identification range includes:
the port used for the first time on the current date is calculated according to the following formula:
p=R%(m-n+1)+n;
wherein p is the port value identification corresponding to the port used for the first time on the current date, R is the port calculation intermediate value, n is the minimum endpoint value in the port value identification range, and m is the maximum endpoint value in the port value identification range. Reference is made to the above description and will not be repeated.
Further, the determining the current port number identifier currently used on the current date according to the port number identifier and the port number identifier range includes:
and calculating to obtain the current port numerical identifier currently used by the current date according to the following formula:
p’=(p+1)%(m-n+1)+n;
wherein, p' is the current port value identifier used at the current time, p is the port value identifier corresponding to the port used at the first time on the current date, n is the minimum endpoint value in the port value identifier range, and m is the maximum endpoint value in the port value identifier range. Reference is made to the above description and will not be repeated.
Further, the target port determining method further includes:
if the current port numerical identifier is the same as the port numerical identifier which is used on the current date, continuing to execute the current port numerical identifier which is used on the current date according to the current port numerical identifier and the equipment port numerical identifier range and the subsequent steps until the current port numerical identifier is different from the port numerical identifier which is used on the current date. Reference is made to the above description and will not be repeated.
Further, after the step of determining that the current port corresponding to the current port value identifier is the currently used target port on the current date, the target port determining method further includes:
and sending the target port identification to an internet banking system. Reference is made to the above description and will not be repeated.
It should be noted that, the method for determining the target port provided by the embodiment of the application can be used in the financial field and also can be used in any technical field except the financial field, and the application field of the method for determining the target port is not limited by the embodiment of the application.
Fig. 4 is a schematic structural diagram of a destination port determining apparatus according to an embodiment of the present application, as shown in fig. 4, where the destination port determining apparatus according to an embodiment of the present application includes an encryption unit 401, a first determining unit 402, a second determining unit 403, and a third determining unit 404, where:
the encryption unit 401 is configured to encrypt the current date according to the symmetric key by using the symmetric encryption mode to obtain a ciphertext; the first determining unit 402 is configured to determine, according to the ciphertext and the port value identification range, a port that is first used on the current date; the second determining unit 403 is configured to determine, if it is determined that the port has been used, a current port number identifier currently used on a current date according to the port number identifier and the port number identifier range; the third determining unit 404 is configured to determine that the current port corresponding to the current port value identifier is the currently used target port on the current date if it is determined that the current port value identifier is different from the port value identifier that has been used on the current date.
Specifically, the encryption unit 401 in the device is configured to encrypt the current date according to the symmetric key by using the symmetric encryption mode to obtain a ciphertext; the first determining unit 402 is configured to determine, according to the ciphertext and the port value identification range, a port that is first used on the current date; the second determining unit 403 is configured to determine, if it is determined that the port has been used, a current port number identifier currently used on a current date according to the port number identifier and the port number identifier range; the third determining unit 404 is configured to determine that the current port corresponding to the current port value identifier is the currently used target port on the current date if it is determined that the current port value identifier is different from the port value identifier that has been used on the current date.
The target port determining device provided by the embodiment of the application encrypts the current date according to the symmetric key by utilizing the symmetric encryption mode to obtain the ciphertext; determining a port used for the first time on the current date according to the ciphertext and the port numerical identification range; if the port is used, determining a current port numerical value identifier which is currently used according to the port numerical value identifier and the port numerical value identifier range; if the current port numerical value identification is different from the port numerical value identification used on the current date, the current port corresponding to the current port numerical value identification is determined to be the target port used currently on the current date, the target port used currently on the current date can be dynamically generated, and the port data safety is ensured.
Further, the first determining unit 402 is specifically configured to:
and carrying out compression calculation on the ciphertext, and calculating according to a compression calculation result and the port value identification range to obtain a port used for the first time on the current date.
Further, the first determining unit 402 is specifically further configured to:
bit inverting the compression calculation result to obtain an inverting result, and byte-connecting the compression calculation result and the inverting result to obtain a port calculation intermediate value;
and calculating an intermediate value according to the port and calculating the port numerical value identification range to obtain the port used for the first time on the current date.
Further, the first determining unit 402 is specifically further configured to:
the port used for the first time on the current date is calculated according to the following formula:
p=R%(m-n+1)+n;
wherein p is the port value identification corresponding to the port used for the first time on the current date, R is the port calculation intermediate value, n is the minimum endpoint value in the port value identification range, and m is the maximum endpoint value in the port value identification range.
Further, the second determining unit 403 is specifically configured to:
and calculating to obtain the current port numerical identifier currently used by the current date according to the following formula:
p’=(p+1)%(m-n+1)+n;
wherein, p' is the current port value identifier used at the current time, p is the port value identifier corresponding to the port used at the first time on the current date, n is the minimum endpoint value in the port value identifier range, and m is the maximum endpoint value in the port value identifier range.
Further, the destination port determining apparatus is further configured to:
if the current port numerical identifier is the same as the port numerical identifier which is used on the current date, continuing to execute the current port numerical identifier which is used on the current date according to the current port numerical identifier and the equipment port numerical identifier range and the subsequent steps until the current port numerical identifier is different from the port numerical identifier which is used on the current date.
Further, after the step of determining that the current port corresponding to the current port value identifier is the currently used target port on the current date, the target port determining device is further configured to:
and sending the target port identification to an internet banking system.
The embodiment of the present application provides a process flow of the embodiment of the target port determining apparatus, which may be specifically used to execute the above method embodiments, and the functions thereof are not described herein in detail, and may refer to the detailed description of the above method embodiments.
Fig. 5 is a schematic diagram of an entity structure of a computer device according to an embodiment of the present application, as shown in fig. 5, where the computer device includes: memory 501, processor 502 and a computer program stored on memory 501 and executable on processor 502, which processor 502 when executing the computer program implements the method of:
encrypting the current date according to the symmetric key by utilizing the symmetric encryption mode to obtain a ciphertext;
determining a port used for the first time on the current date according to the ciphertext and the port numerical identification range;
if the port is used, determining a current port numerical value identifier which is currently used according to the port numerical value identifier and the port numerical value identifier range;
and if the current port numerical value identification is different from the port numerical value identification used on the current date, determining the current port corresponding to the current port numerical value identification as the current-date currently-used target port.
The present embodiment discloses a computer program product comprising a computer program which, when executed by a processor, implements the method of:
encrypting the current date according to the symmetric key by utilizing the symmetric encryption mode to obtain a ciphertext;
determining a port used for the first time on the current date according to the ciphertext and the port numerical identification range;
if the port is used, determining a current port numerical value identifier which is currently used according to the port numerical value identifier and the port numerical value identifier range;
and if the current port numerical value identification is different from the port numerical value identification used on the current date, determining the current port corresponding to the current port numerical value identification as the current-date currently-used target port.
The present embodiment provides a computer-readable storage medium storing a computer program which, when executed by a processor, implements the method of:
encrypting the current date according to the symmetric key by utilizing the symmetric encryption mode to obtain a ciphertext;
determining a port used for the first time on the current date according to the ciphertext and the port numerical identification range;
if the port is used, determining a current port numerical value identifier which is currently used according to the port numerical value identifier and the port numerical value identifier range;
and if the current port numerical value identification is different from the port numerical value identification used on the current date, determining the current port corresponding to the current port numerical value identification as the current-date currently-used target port.
Compared with the technical scheme in the prior art, the embodiment of the application encrypts the current date according to the symmetric key by utilizing the symmetric encryption mode to obtain the ciphertext; determining a port used for the first time on the current date according to the ciphertext and the port numerical identification range; if the port is used, determining a current port numerical value identifier which is currently used according to the port numerical value identifier and the port numerical value identifier range; if the current port numerical value identification is different from the port numerical value identification used on the current date, the current port corresponding to the current port numerical value identification is determined to be the target port used currently on the current date, the target port used currently on the current date can be dynamically generated, and the port data safety is ensured.
It will be appreciated by those skilled in the art that embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In the description of the present specification, reference to the terms "one embodiment," "one particular embodiment," "some embodiments," "for example," "an example," "a particular example," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the application. In this specification, schematic representations of the above terms do not necessarily refer to the same embodiments or examples. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
The foregoing description of the embodiments has been provided for the purpose of illustrating the general principles of the application, and is not meant to limit the scope of the application, but to limit the application to the particular embodiments, and any modifications, equivalents, improvements, etc. that fall within the spirit and principles of the application are intended to be included within the scope of the application.
Claims (11)
1. A method for determining a destination port, comprising:
encrypting the current date according to the symmetric key by utilizing the symmetric encryption mode to obtain a ciphertext;
determining a port used for the first time on the current date according to the ciphertext and the port numerical identification range;
if the port is used, determining a current port numerical value identifier which is currently used according to the port numerical value identifier and the port numerical value identifier range;
and if the current port numerical value identification is different from the port numerical value identification used on the current date, determining the current port corresponding to the current port numerical value identification as the current-date currently-used target port.
2. The method of claim 1, wherein the determining the first port to be used on the current date based on the ciphertext and the port value identification range comprises:
and carrying out compression calculation on the ciphertext, and calculating according to a compression calculation result and the port value identification range to obtain a port used for the first time on the current date.
3. The method according to claim 2, wherein the calculating the port first used on the current date according to the compression calculation result and the port number identification range includes:
bit inverting the compression calculation result to obtain an inverting result, and byte-connecting the compression calculation result and the inverting result to obtain a port calculation intermediate value;
and calculating an intermediate value according to the port and calculating the port numerical value identification range to obtain the port used for the first time on the current date.
4. The method according to claim 3, wherein the calculating the port first used on the current date from the port calculation intermediate value and the port number identification range includes:
the port used for the first time on the current date is calculated according to the following formula:
p=R%(m-n+1)+n;
wherein p is the port value identification corresponding to the port used for the first time on the current date, R is the port calculation intermediate value, n is the minimum endpoint value in the port value identification range, and m is the maximum endpoint value in the port value identification range.
5. The method according to claim 1, wherein determining the current port number identifier currently used on the current date according to the port number identifier and the port number identifier range comprises:
and calculating to obtain the current port numerical identifier currently used by the current date according to the following formula:
p’=(p+1)%(m-n+1)+n;
wherein, p' is the current port value identifier used at the current time, p is the port value identifier corresponding to the port used at the first time on the current date, n is the minimum endpoint value in the port value identifier range, and m is the maximum endpoint value in the port value identifier range.
6. The target port determination method according to any one of claims 1 to 5, characterized in that the target port determination method further comprises:
if the current port numerical value identification is the same as the port numerical value identification which is used on the current date, continuing to execute the current port numerical value identification which is used on the current date according to the current port numerical value identification and the port numerical value identification range and the follow-up steps until the current port numerical value identification is different from the port numerical value identification which is used on the current date.
7. The destination port determining method as recited in any one of claims 1 to 5, wherein after the step of determining that the current port corresponding to the current port numerical identification is the destination port currently used on the current date, the destination port determining method further comprises:
and sending the target port identification to an internet banking system.
8. A destination port determining apparatus, comprising:
the encryption unit is used for encrypting the current date according to the symmetric key by utilizing the symmetric encryption mode to obtain a ciphertext;
the first determining unit is used for determining a port used for the first time on the current date according to the ciphertext and the port numerical identification range;
the second determining unit is used for determining a current port numerical value identifier currently used on the current date according to the port numerical value identifier and the port numerical value identifier range if the port is determined to be used;
and the third determining unit is used for determining that the current port corresponding to the current port numerical identifier is the currently used target port of the current date if the current port numerical identifier is determined to be different from the port numerical identifier which is already used on the current date.
9. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the method of any of claims 1 to 7 when executing the computer program.
10. A computer readable storage medium, characterized in that the computer readable storage medium stores a computer program which, when executed by a processor, implements the method of any of claims 1 to 7.
11. A computer program product, characterized in that the computer program product comprises a computer program which, when executed by a processor, implements the method of any of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311414546.7A CN117221002A (en) | 2023-10-27 | 2023-10-27 | Target port determining method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311414546.7A CN117221002A (en) | 2023-10-27 | 2023-10-27 | Target port determining method and device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117221002A true CN117221002A (en) | 2023-12-12 |
Family
ID=89035613
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311414546.7A Pending CN117221002A (en) | 2023-10-27 | 2023-10-27 | Target port determining method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117221002A (en) |
-
2023
- 2023-10-27 CN CN202311414546.7A patent/CN117221002A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11877213B2 (en) | Methods and systems for asset obfuscation | |
| US20220231857A1 (en) | Hash-based data verification system | |
| CN110692214B (en) | Method and system for ownership verification using blockchain | |
| US10796306B2 (en) | Point of sale (POS) personal identification number (PIN) security | |
| CN111756533B (en) | System, method and storage medium for secure password generation | |
| CN107210914B (en) | Method for secure credential provisioning | |
| CN107077670B (en) | Method and apparatus for transmitting and processing transaction message, computer readable storage medium | |
| US11949791B2 (en) | Hash contract generation and verification system | |
| EP3861507A1 (en) | Systems and methods for cryptographic authentication of contactless cards | |
| US20160260091A1 (en) | Universal wallet for digital currency | |
| CN113169973B (en) | System and method for enhancing strength of encryption algorithm | |
| US11784820B2 (en) | Systems and methods for cryptographic authentication of contactless cards | |
| Cebeci et al. | Secure e-commerce scheme | |
| US9246677B2 (en) | Method and system for secure data communication between a user device and a server | |
| US11379849B2 (en) | Security for contactless transactions | |
| CN116823257A (en) | Information processing method, device, equipment and storage medium | |
| US20170330177A1 (en) | Payment terminal authentication | |
| JP2005198288A (en) | On line pin verification which uses polynomial | |
| WO2018113508A1 (en) | Ciphertext-based identity verification method | |
| CN117221002A (en) | Target port determining method and device | |
| US20230124498A1 (en) | Systems And Methods For Whitebox Device Binding | |
| CN116188009A (en) | National cipher soft encryption mode key acquisition method, system, terminal and readable storage medium | |
| CN116781273A (en) | Method, device, equipment and storage medium for linking rights migration information |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |