CN117544418A - Method and system for realizing mutual trust of different terminals based on message encryption and decryption - Google Patents
Method and system for realizing mutual trust of different terminals based on message encryption and decryption Download PDFInfo
- Publication number
- CN117544418A CN117544418A CN202410014126.8A CN202410014126A CN117544418A CN 117544418 A CN117544418 A CN 117544418A CN 202410014126 A CN202410014126 A CN 202410014126A CN 117544418 A CN117544418 A CN 117544418A
- Authority
- CN
- China
- Prior art keywords
- data
- sub
- terminal
- message
- message data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 62
- 230000005540 biological transmission Effects 0.000 claims abstract description 22
- 230000006870 function Effects 0.000 claims description 19
- 238000004364 calculation method Methods 0.000 claims description 15
- 238000004422 calculation algorithm Methods 0.000 claims description 14
- 238000004590 computer program Methods 0.000 claims description 6
- 238000004891 communication Methods 0.000 abstract description 3
- 238000006243 chemical reaction Methods 0.000 description 2
- 230000006835 compression Effects 0.000 description 2
- 238000007906 compression Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000007781 pre-processing Methods 0.000 description 2
- 239000000758 substrate Substances 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004806 packaging method and process Methods 0.000 description 1
- 230000000750 progressive effect Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/40—Network security protocols
Abstract
The invention relates to the technical field of secure communication, in particular to a method and a system for realizing mutual trust of different terminals based on message encryption and decryption. The method comprises the steps of obtaining the total number of bytes of message data, and dividing the message data into sub-data packets; acquiring an overall influence factor according to the hash value, the position, the data distribution and the byte number of the sub-data packet; according to the total number of bytes, IP addresses of a message data sending terminal and a message data receiving terminal, the width of a channel between the sending terminal and the receiving terminal and the maximum transmission rate on the channel, and acquiring the mutual trust characteristics of the terminals; acquiring a public key according to the terminal mutual trust characteristics and the integral influence factors; encrypting the message data according to the sequence number of the sub-data packet and the public key to obtain ciphertext data; and the receiving terminal decrypts according to the public key to obtain the message data. According to the invention, the public key is obtained in a self-adaptive manner through the mutual trust characteristic of the terminals and the integral influence factor, so that the ciphertext data is safer, and the confidentiality of the message data is ensured.
Description
Technical Field
The invention relates to the technical field of secure communication, in particular to a method and a system for realizing mutual trust of different terminals based on message encryption and decryption.
Background
Because of the openness and versatility of the internet, many information on the internet is disclosed to all people, and thus information security problems in the internet are also increasingly prominent. The information security problem mainly comprises the problems of information disclosure, information tampering, resource theft, reputation damage and the like, and a large amount of loss is caused in reality.
In the existing method, encryption and decryption of message data in the Internet are carried out by encrypting the whole message data by using an AES encryption algorithm and then sub-packaging and transmitting, and due to the publicity of the AES encryption algorithm, under the condition that different terminals carry out mutual trust, once a secret key is leaked, the message data in the whole system are in a plaintext transmission state, so that the mutual trust safety of the terminals is seriously influenced, and the message data leakage causes loss.
Disclosure of Invention
In order to solve the technical problem that the message data in the whole system is in a plaintext transmission state when the secret key is leaked, the invention aims to provide a method and a system for realizing mutual trust of different terminals based on message encryption and decryption, and the adopted technical scheme is as follows:
in a first aspect, an embodiment of the present invention provides a method for implementing mutual trust between different terminals based on message encryption and decryption, where the method includes the following steps:
acquiring the total number of bytes of the message data; acquiring IP addresses of a message data transmitting terminal and a receiving terminal, and the channel width between the transmitting terminal and the receiving terminal and the maximum transmission rate on the channel;
dividing the message data into at least one sub-data packet according to the total number of bytes; acquiring the integral influence factor of the message data according to the hash value and the position of each sub-data packet and the data distribution and the byte number of each sub-data packet;
according to the total number of bytes, IP addresses of a message data sending terminal and a message data receiving terminal, and the channel width between the sending terminal and the receiving terminal and the maximum transmission rate on the channel, acquiring the terminal mutual trust characteristic of the message data;
acquiring a public key of message data according to the size and the position of each character in the terminal mutual trust characteristics and the integral influence factor; encrypting the message data according to the serial number of each sub-data packet and the public key to obtain ciphertext data;
and sending the ciphertext data and the public key to a network, and decrypting by the receiving terminal according to the public key to obtain the message data.
Further, the method for obtaining the whole influence factor comprises the following steps:
acquiring marks MF, DF and offset of each sub-data packet according to the position and data distribution of each sub-data packet;
acquiring the content influence factor of each sub-data packet according to the marks MF, DF and offset of each sub-data packet and the byte length and hash value of each sub-data packet;
converting the content influence factor of each sub-data packet into a decimal result as a first result;
and accumulating the first result of each sub-data packet to be used as the integral influence factor of the message data.
Further, the calculation formula of the content influence factor is as follows:
in the method, in the process of the invention,the content influence factor of the ith sub-data packet; />Hash value of the ith sub-data packet;indicating that the ith sub-packet is followed by sub-packets,/for example>Indicating that no sub-packet follows the ith sub-packet; />Indicating that the ith sub-packet cannot be fragmented,/->Indicating that the ith sub-packet may be fragmented; />An offset for the ith sub-packet; />The number of bytes of the ith sub-data packet; />Is a right shift symbol; mod is a remainder function; ASCII is a function that converts characters into corresponding ASCII code values.
Further, the method for acquiring the terminal mutual trust characteristics comprises the following steps:
acquiring terminal characteristics according to IP addresses of the message data transmitting terminal and the receiving terminal;
acquiring channel characteristics according to the total number of bytes, the channel width between a sending terminal and a receiving terminal and the maximum transmission rate on a channel;
obtaining the remainder of the ratio of the channel characteristics to each element in a preset digital sequence as target data;
converting each target data into a binary byte as first characteristic data;
carrying out logic operation on the terminal characteristics and characters at the same position in each first characteristic data to obtain a single mutually trusted characteristic corresponding to each element in a preset digital sequence;
and taking a sequence formed by the single mutually trusted features according to the position sequence of the corresponding elements in the preset digital sequence as the terminal mutually trusted feature of the message data.
Further, the calculation formula of the terminal characteristics is as follows:
wherein Z is a terminal feature;the method comprises the steps of sending a u-th data segment in an IP address of a terminal; />The method comprises the steps of receiving a u-th data segment in an IP address of a terminal; />Taking the rest symbols; bin is a binary transfer function.
Further, the calculation formula of the channel characteristics is as follows:
wherein X is a channel characteristic; n is the total number of bytes of the message data;for a maximum transmission rate on a channel between a transmitting terminal and a receiving terminal; b is the channel width between the sending terminal and the receiving terminal; e is a natural constant.
Further, the calculation formula of the public key is as follows:
in the method, in the process of the invention,is the mth character in the public key; />The mth character in the terminal mutual trust characteristic; c is the integral influence factor of the message data; m is the m-th position number; />Is a logarithmic function with 2 as a base; />Rounding down the symbol; bin is a binary transfer function; key is a public Key; />Is the 1 st character in the public key; />Is the 64 th character in the public key; />The ASCII code values are converted to corresponding character functions as the inverse of ASCII.
Further, the method for encrypting the message data according to the serial number of each sub-data packet and the public key to obtain ciphertext data comprises the following steps:
carrying out unique processing on the public key corresponding to each sub-data packet according to the serial number of each sub-data packet, and obtaining the private key of each sub-data packet;
and encrypting the message data according to the private key and the public key by using an AES encryption algorithm to obtain ciphertext data.
Further, the method for obtaining the hash value comprises the following steps:
and obtaining the hash value of each sub-data packet through a hash algorithm.
In a second aspect, another embodiment of the present invention provides a system for implementing mutual trust between different terminals based on message encryption and decryption, where the system includes: a memory, a processor and a computer program stored in the memory and executable on the processor, the processor implementing the steps of any one of the methods described above when executing the computer program.
The invention has the following beneficial effects:
dividing the message data into at least one sub-data packet according to the total number of bytes, so that the message data can be transmitted in a network; acquiring the integral influence factor of the message data according to the hash value and the position of each sub-data packet and the data distribution and the byte number of each sub-data packet, and preparing for self-adaptive acquisition of a public key; according to the total number of bytes, IP addresses of a message data sending terminal and a message data receiving terminal, the channel width between the sending terminal and the receiving terminal and the maximum transmission rate on the channel, the terminal mutual trust characteristic of the message data is obtained, and the obtained public key is unique by combining the characteristics between the sending terminal and the receiving terminal; according to the size and the position of each character in the terminal mutual trust characteristics and the integral influence factor, a public key of the message data is obtained, so that the ciphertext data is safer; further, the message data is encrypted according to the serial number and the public key of each sub-data packet to obtain ciphertext data, and the uniqueness of the key corresponding to each ciphertext data is determined, so that the ciphertext data cannot be cracked by the public key, and meanwhile, even if one ciphertext data is cracked, other ciphertext data in the system cannot be cracked, so that the ciphertext data is safer, and the safety of the message data is ensured. And then the ciphertext data and the public key are sent to the network, and the receiving terminal decrypts according to the public key, so that the message data is obtained safely and accurately.
Drawings
In order to more clearly illustrate the embodiments of the invention or the technical solutions and advantages of the prior art, the following description will briefly explain the drawings used in the embodiments or the description of the prior art, and it is obvious that the drawings in the following description are only some embodiments of the invention, and other drawings can be obtained according to the drawings without inventive effort for a person skilled in the art.
Fig. 1 is a flow chart of a method for implementing mutual trust of different terminals based on message encryption and decryption according to an embodiment of the present invention.
Detailed Description
In order to further explain the technical means and the effects adopted by the invention to achieve the preset aim, the following is a method and a system for realizing mutual trust of different terminals based on message encryption and decryption, which are provided by the invention, and the specific implementation, structure, characteristics and effects thereof are described in detail below. In the following description, different "one embodiment" or "another embodiment" means that the embodiments are not necessarily the same. Furthermore, the particular features, structures, or characteristics of one or more embodiments may be combined in any suitable manner.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
The invention provides a specific scheme for realizing the mutual trust of different terminals based on message encryption and decryption.
Referring to fig. 1, a flow chart of a method for implementing mutual trust between different terminals based on message encryption and decryption according to an embodiment of the present invention is shown, the method includes the following steps:
step S1: acquiring the total number of bytes of the message data; and acquiring IP addresses of the message data transmitting terminal and the receiving terminal, and the channel width between the transmitting terminal and the receiving terminal and the maximum transmission rate on the channel.
Specifically, when secret message data is transmitted on a network, the message data is encrypted by an AES encryption algorithm in the prior method, but once a secret key in the AES encryption algorithm is leaked, the message data is completely cracked, and information leakage is easy to occur. Therefore, when the embodiment of the invention encrypts the message data, the message data of all links is not encrypted by using one key and a single existing AES encryption algorithm, but the unique encryption key for the message data is generated according to the relevant basic characteristics of the message data and the terminal condition of the transmitted link, and even if the key is leaked, the decryption cannot be performed by using the existing AES encryption algorithm. Meanwhile, on the same communication link, the transmitted message data have different contents, and the encrypted secret key can be influenced, so that even if the secret key of one section of message data is leaked, the whole message data cannot be broken, and the message data are safer.
The embodiment of the invention mainly encrypts the message data to finish multi-terminal mutual trust, thus firstly acquiring the message data to be transmitted, and carrying out related preprocessing operations such as data coding, compression and the like on the message data so as to improve the transmission efficiency of the message data. The data encoding and compression are in the prior art, and are not described herein. It should be noted that, the message data appearing subsequently are all the message data after preprocessing. In order to better illustrate the mutual trust process of the message data between different terminals, the embodiment of the invention takes one message data as an example, and simultaneously takes a sending terminal and a receiving terminal of the message data as an example.
Firstly, the total number of bytes of the message data is obtained, wherein one byte is 8 bits. In order to better enable the generation of the secret key, the embodiment of the invention obtains the IP addresses of the message data sending terminal and the receiving terminal, and the channel width between the sending terminal and the receiving terminal and the maximum transmission rate on the channel, so as to prepare for the subsequent obtaining of the secret key.
Step S2: dividing the message data into at least one sub-data packet according to the total number of bytes; and acquiring the integral influence factor of the message data according to the hash value and the position of each sub-data packet and the data distribution and the byte number of each sub-data packet.
Specifically, when the message data is transmitted in the internet, the maximum data packet length is limited, and at most 1500 bytes of data packets can be transmitted at a time, so the embodiment of the invention divides the message data according to the byte number of the maximum data packets. In step S1, the total number N of bytes of the message data is obtained, when N is less than or equal to 1500, the message data is not divided, and the message data is a sub-data packet; when N is greater than 1500, starting from the first byte of the message data, taking every 1500 bytes as a sub-data packet, wherein no overlap exists between every two adjacent sub-data packets, and if the number of bytes of the last section of the message data is less than 1500, taking the last section of the message data as a sub-data packet. So far, each sub-data packet of the message data is acquired.
The hash value of each sub-data packet is obtained through a hash algorithm, wherein the hash algorithm is the prior art and is not described in detail. And further, according to the hash value and the position of each sub-data packet and the data distribution and the byte number of each sub-data packet, acquiring the integral influence factor of the message data.
Preferably, the method for obtaining the whole influence factor is as follows: acquiring marks MF, DF and offset of each sub-data packet according to the position and data distribution of each sub-data packet; acquiring the content influence factor of each sub-data packet according to the marks MF, DF and offset of each sub-data packet and the byte number and hash value of each sub-data packet; converting the content influence factor of each sub-data packet into a decimal result as a first result; and accumulating the first result of each sub-data packet to be used as the integral influence factor of the message data. The method for obtaining the marks MF, DF and the offset is the prior art, and will not be described in detail.
Taking the ith sub-packet as an example, according to the marks MF, DF and offset of the ith sub-packet, and the byte number and hash value of the ith sub-packet, the calculation formula for obtaining the content influence factor of the ith sub-packet is as follows:
in the method, in the process of the invention,the content influence factor of the ith sub-data packet; />Hash value of the ith sub-data packet;indicating that the ith sub-packet is followed by sub-packets,/for example>Indicating that no sub-packet follows the ith sub-packet; />Indicating that the ith sub-packet cannot be fragmented,/->Indicating that the ith sub-packet may be fragmented; />An offset for the ith sub-packet; />The number of bytes of the ith sub-data packet; />Is a right shift symbol; mod is a remainder function; ASCII is a function that converts characters into corresponding ASCII code values.
It should be noted that the number of the substrates,determine->Right shifted bit number, right shifted ++through ASCII>Converted into corresponding ASCII code values.
And acquiring the content influence factor of each sub-data packet according to the method for acquiring the content influence factor of the ith sub-data packet. Wherein the content influencing factor of each sub-data packet is different, i.e. the content influencing factor of each sub-data packet is unique. And further, obtaining the calculation formula of the integral influence factor of the message data according to the content influence factor of each sub-data packet, wherein the calculation formula is as follows:
wherein, C is the integral influence factor of the message data; n is the total number of sub-packets;the content influence factor of the ith sub-data packet; B2D is a decimal transfer function.
It should be noted that the number of the substrates,the larger C is, the larger C is; c is decimal data.
Step S3: and according to the total number of bytes, the IP addresses of the message data sending terminal and the receiving terminal, the channel width between the sending terminal and the receiving terminal and the maximum transmission rate on the channel, and obtaining the terminal mutual trust characteristic of the message data.
Specifically, in order to complete the encryption of the mutually trusted messages between the message data sending terminal and the receiving terminal and simultaneously make the encrypted data safer, the embodiment of the invention obtains the terminal mutually trusted characteristics of the message data according to the IP addresses of the message data sending terminal and the receiving terminal, the channel width between the sending terminal and the receiving terminal and the maximum transmission rate on the channel.
Preferably, the method for acquiring the mutual trust characteristics of the terminals comprises the following steps: acquiring terminal characteristics according to IP addresses of the message data transmitting terminal and the receiving terminal; acquiring channel characteristics according to the total number of bytes, the channel width between a sending terminal and a receiving terminal and the maximum transmission rate on a channel; obtaining the remainder of the ratio of the channel characteristics to each element in a preset digital sequence as target data; converting each target data into a binary byte as first characteristic data; carrying out logic operation on the terminal characteristics and characters at the same position in each first characteristic data to obtain a single mutually trusted characteristic corresponding to each element in a preset digital sequence; and taking a sequence formed by the single mutually trusted features according to the position sequence of the corresponding elements in the preset digital sequence as the terminal mutually trusted feature of the message data.
As an example, the IP addresses of the packet data transmitting terminal and the receiving terminal are obtained, and if the IP address of the packet data transmitting terminal is 192.168.26.82, there are 4 data segments in total in the IP address, where the first data segment is 192, the second data segment is 168, the third data segment is 26, and the fourth data segment is 82. According to IP addresses of a message data sending terminal and a message data receiving terminal, a calculation formula for obtaining terminal characteristics is as follows:
wherein Z is a terminal feature;the method comprises the steps of sending a u-th data segment in an IP address of a terminal; />The method comprises the steps of receiving a u-th data segment in an IP address of a terminal; />Taking the rest symbols; bin is a binary transfer function.
It should be noted thatBinary conversion is performed, and the obtained value is necessarily an 8-bit binary byte. For example, if the IP address of the message data transmitting terminal is 192.168.26.82 and the IP address of the receiving terminal is 192.168.56.32, then ∈>At the point of 916 the number of the pairs of,151 is converted into a binary byte.
In order to better acquire the public key of the message data, the embodiment of the invention further acquires the calculation formula of the channel characteristics according to the total number of bytes, the channel width between the sending terminal and the receiving terminal and the maximum transmission rate on the channel, wherein the calculation formula is as follows:
wherein X is a channel characteristic; n is the total number of bytes of the message data;for a maximum transmission rate on a channel between a transmitting terminal and a receiving terminal; b is the channel width between the sending terminal and the receiving terminal; e is a natural constant.
The larger N is, the larger X is;the smaller X, the larger X; the larger B, the larger X. Wherein X defaults to decimal data.
In the embodiment of the invention, the preset digital sequence is set to be (1, 2, 3, 4, 5, 6, 7 and 8), and the remainder of the ratio of the channel characteristics to each element in the preset digital sequence is obtained. For example, if the channel characteristic is 51, the remainder of the ratio of the channel characteristic 51 to the first element 1 is 0, and the remainder 0 is converted into a binary byte, that is, the first characteristic data corresponding to the first element 1 is 00000000; the remainder of the ratio of the channel characteristic 51 to the second element 2 is 1, and the remainder 1 is converted into a binary byte, namely the first characteristic data corresponding to the second element 2 is 00000001; the remainder of the ratio of the channel characteristic 51 to the third element 3 is 0, and the remainder 0 is converted into a binary byte, namely the first characteristic data corresponding to the third element 3 is 00000000; the remainder of the ratio of the channel characteristic 51 to the fourth element 4 is 3, and the remainder 3 is converted into a binary byte, that is, the first characteristic data corresponding to the fourth element 4 is 00000011 and …, so as to obtain the first characteristic data corresponding to each element in the preset number sequence.
In the embodiment of the invention, the logical operation is an exclusive-or operation, if the terminal feature is 11011100, the result of exclusive-or operation between the terminal feature 11011100 and the character at the same position in the first feature data 00000000 corresponding to the first element 1, that is, the single mutually trusted feature corresponding to the first element 1 is 11011100; the result of performing the exclusive-or operation on the terminal feature 11011100 and the character at the same position in the first feature data 00000001 corresponding to the second element 2, that is, the single mutually trusted feature corresponding to the second element 2 is 11011101 …, and the result of performing the exclusive-or operation on the terminal feature and the character at the same position in the first feature data corresponding to each element, that is, the single mutually trusted feature corresponding to each element is obtained. The sequence being formed by the order of the positions of the individual mutually trusted features in the predetermined sequence of numbers, i.eAs the terminal mutual trust characteristic of the message data. Wherein the terminal mutual trust characteristic is 64 bits.
The terminal mutual trust characteristic reflects the characteristic between the sending terminal and the receiving terminal, and further generates a public key for encrypting the message data between the sending terminal and the receiving terminal according to the terminal mutual trust characteristic.
Step S4: acquiring a public key of message data according to the size and the position of each character in the terminal mutual trust characteristics and the integral influence factor; and encrypting the message data according to the serial number of each sub-data packet and the public key to obtain ciphertext data.
Specifically, according to the size and the position of each character in the obtained terminal mutual trust characteristics and the integral influence factor of the message data, the calculation formula for obtaining the public key is as follows:
in the method, in the process of the invention,is the mth character in the public key; />The mth character in the terminal mutual trust characteristic; c is the integral influence factor of the message data; m is the m-th position number; />Is a logarithmic function with 2 as a base; />Rounding down the symbol; bin is a binary transfer function; key is a public Key; />Is the 1 st character in the public key; />Is the 64 th character in the public key; />Conversion of ASCII code values into pairs for the inverse of ASCIIA corresponding character function.
Note that the public key format is in the form of an ASCII code value.
In the embodiment of the invention, mutual trust between the sending terminal and the receiving terminal is required to be completed, so that the public key of the message data is obtained as a base for generating the private key according to the mutual trust characteristics of the terminals between the sending terminal and the receiving terminal and the integral influence factor of the message data. The transmission of the message data in the network is carried out in the form of sub-data packets, in order to ensure the uniqueness of the corresponding key of each sub-data packet, the condition that one sub-data packet is broken and the ciphertext data on the whole link is broken is prevented, and for each sub-data packet of the message data, the uniqueness processing is carried out on the public key corresponding to each sub-data packet according to the serial number of each sub-data packet, and the private key of each sub-data packet is obtained. And encrypting each sub-data packet of the message data according to the private key and the public key by using an AES encryption algorithm to obtain ciphertext data. The AES encryption algorithm is in the prior art, and will not be described in detail.
Step S5: and sending the ciphertext data and the public key to a network, and decrypting by the receiving terminal according to the public key to obtain the message data.
And sequentially sending ciphertext data corresponding to the message data to the network, and simultaneously sending the public key to the network. And the sending terminal and the receiving terminal are communicated by using a key management mode, and the receiving terminal receives the ciphertext data and then decrypts by using a public key and a decryption S box to obtain the message data sent by the sending terminal. The decryption process is the prior art, and will not be described herein. The embodiment of the invention avoids the problem that all ciphertext data are cracked due to the leakage of the secret key, ensures that the ciphertext data are safer, and ensures the safety of the message data. The embodiment of the invention only aims at the sending terminal and one receiving terminal, and the sending terminal and the plurality of receiving terminals are equally applicable to the invention.
The present invention has been completed.
In summary, the embodiment of the invention obtains the total number of bytes of the message data and divides the message data into sub-data packets; acquiring an overall influence factor according to the hash value, the position, the data distribution and the byte number of the sub-data packet; according to the total number of bytes, IP addresses of a message data sending terminal and a message data receiving terminal, the width of a channel between the sending terminal and the receiving terminal and the maximum transmission rate on the channel, and acquiring the mutual trust characteristics of the terminals; acquiring a public key according to the terminal mutual trust characteristics and the integral influence factors; encrypting the message data according to the sequence number of the sub-data packet and the public key to obtain ciphertext data; and the receiving terminal decrypts according to the public key to obtain the message data. According to the invention, the public key is obtained in a self-adaptive manner through the mutual trust characteristic of the terminals and the integral influence factor, so that the ciphertext data is safer, and the confidentiality of the message data is ensured.
Based on the same inventive concept as the method embodiment, the embodiment of the invention also provides a system for realizing mutual trust of different terminals based on message encryption and decryption, which comprises: the method comprises a memory, a processor and a computer program stored in the memory and capable of running on the processor, wherein the steps in the method embodiment for realizing mutual trust of different terminals based on message encryption and decryption are realized when the processor executes the computer program, for example, the steps are shown in fig. 1. The method for realizing mutual trust of different terminals based on message encryption and decryption is described in detail in the above embodiments, and will not be described in detail.
It should be noted that: the sequence of the embodiments of the present invention is only for description, and does not represent the advantages and disadvantages of the embodiments. The processes depicted in the accompanying drawings do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
In this specification, each embodiment is described in a progressive manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments.
Claims (10)
1. A method for realizing mutual trust of different terminals based on message encryption and decryption is characterized by comprising the following steps:
acquiring the total number of bytes of the message data; acquiring IP addresses of a message data transmitting terminal and a receiving terminal, and the channel width between the transmitting terminal and the receiving terminal and the maximum transmission rate on the channel;
dividing the message data into at least one sub-data packet according to the total number of bytes; acquiring the integral influence factor of the message data according to the hash value and the position of each sub-data packet and the data distribution and the byte number of each sub-data packet;
according to the total number of bytes, IP addresses of a message data sending terminal and a message data receiving terminal, and the channel width between the sending terminal and the receiving terminal and the maximum transmission rate on the channel, acquiring the terminal mutual trust characteristic of the message data;
acquiring a public key of message data according to the size and the position of each character in the terminal mutual trust characteristics and the integral influence factor; encrypting the message data according to the serial number of each sub-data packet and the public key to obtain ciphertext data;
and sending the ciphertext data and the public key to a network, and decrypting by the receiving terminal according to the public key to obtain the message data.
2. The method for realizing mutual trust of different terminals based on message encryption and decryption as claimed in claim 1, wherein the method for obtaining the integral influence factor is as follows:
acquiring marks MF, DF and offset of each sub-data packet according to the position and data distribution of each sub-data packet;
acquiring the content influence factor of each sub-data packet according to the marks MF, DF and offset of each sub-data packet and the byte length and hash value of each sub-data packet;
converting the content influence factor of each sub-data packet into a decimal result as a first result;
and accumulating the first result of each sub-data packet to be used as the integral influence factor of the message data.
3. The method for realizing mutual trust of different terminals based on message encryption and decryption as claimed in claim 2, wherein the calculation formula of the content influence factor is as follows:
in the method, in the process of the invention,the content influence factor of the ith sub-data packet; />Hash value of the ith sub-data packet; />Indicating that the ith sub-packet is followed by sub-packets,/for example>Indicating that no sub-packet follows the ith sub-packet;indicating that the ith sub-packet cannot be fragmented,/->Indicating that the ith sub-packet may be fragmented; />An offset for the ith sub-packet; />The number of bytes of the ith sub-data packet; />Is a right shift symbol; mod is a remainder function; ASCII is a function that converts characters into corresponding ASCII code values.
4. The method for realizing mutual trust of different terminals based on message encryption and decryption as claimed in claim 1, wherein the method for obtaining the mutual trust characteristics of the terminals is as follows:
acquiring terminal characteristics according to IP addresses of the message data transmitting terminal and the receiving terminal;
acquiring channel characteristics according to the total number of bytes, the channel width between a sending terminal and a receiving terminal and the maximum transmission rate on a channel;
obtaining the remainder of the ratio of the channel characteristics to each element in a preset digital sequence as target data;
converting each target data into a binary byte as first characteristic data;
carrying out logic operation on the terminal characteristics and characters at the same position in each first characteristic data to obtain a single mutually trusted characteristic corresponding to each element in a preset digital sequence;
and taking a sequence formed by the single mutually trusted features according to the position sequence of the corresponding elements in the preset digital sequence as the terminal mutually trusted feature of the message data.
5. The method for realizing mutual trust of different terminals based on message encryption and decryption as claimed in claim 4, wherein the calculation formula of the terminal characteristics is as follows:
wherein Z is a terminal feature;the method comprises the steps of sending a u-th data segment in an IP address of a terminal; />The method comprises the steps of receiving a u-th data segment in an IP address of a terminal; />Taking the rest symbols; bin is a binary transfer function.
6. The method for realizing mutual trust of different terminals based on message encryption and decryption as set forth in claim 4, wherein the calculation formula of the channel characteristics is:
wherein X is a channel characteristic; n is the total number of bytes of the message data;for a maximum transmission rate on a channel between a transmitting terminal and a receiving terminal; b is the channel width between the sending terminal and the receiving terminal; e is a natural constant.
7. The method for realizing mutual trust of different terminals based on message encryption and decryption as set forth in claim 1, wherein the calculation formula of the public key is:
in the method, in the process of the invention,is the mth character in the public key; />The mth character in the terminal mutual trust characteristic; c is the integral influence factor of the message data; m is the m-th position number; />To take the following measures2 is a logarithmic function of the base; />Rounding down the symbol; bin is a binary transfer function; key is a public Key; />Is the 1 st character in the public key; />Is the 64 th character in the public key; />The ASCII code values are converted to corresponding character functions as the inverse of ASCII.
8. The method for realizing mutual trust of different terminals based on message encryption and decryption as set forth in claim 1, wherein the method for encrypting the message data according to the sequence number of each sub-data packet and the public key to obtain ciphertext data comprises the following steps:
carrying out unique processing on the public key corresponding to each sub-data packet according to the serial number of each sub-data packet, and obtaining the private key of each sub-data packet;
and encrypting the message data according to the private key and the public key by using an AES encryption algorithm to obtain ciphertext data.
9. The method for realizing mutual trust of different terminals based on message encryption and decryption as claimed in claim 1, wherein the hash value obtaining method is as follows:
and obtaining the hash value of each sub-data packet through a hash algorithm.
10. A system for realizing mutual trust of different terminals based on message encryption and decryption, comprising a memory, a processor and a computer program stored in the memory and capable of running on the processor, wherein the processor realizes the steps of the method for realizing mutual trust of different terminals based on message encryption and decryption according to any one of the claims 1-9 when executing the computer program.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410014126.8A CN117544418B (en) | 2024-01-05 | 2024-01-05 | Method and system for realizing mutual trust of different terminals based on message encryption and decryption |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410014126.8A CN117544418B (en) | 2024-01-05 | 2024-01-05 | Method and system for realizing mutual trust of different terminals based on message encryption and decryption |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117544418A true CN117544418A (en) | 2024-02-09 |
| CN117544418B CN117544418B (en) | 2024-03-29 |
Family
ID=89786476
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410014126.8A Active CN117544418B (en) | 2024-01-05 | 2024-01-05 | Method and system for realizing mutual trust of different terminals based on message encryption and decryption |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117544418B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2007208410A (en) * | 2006-01-31 | 2007-08-16 | Hitachi Ltd | Id base encryption communication system |
| WO2022142038A1 (en) * | 2020-12-29 | 2022-07-07 | 平安普惠企业管理有限公司 | Data transmission method and related device |
| CN115118756A (en) * | 2022-05-19 | 2022-09-27 | 中国电力科学研究院有限公司 | Method and device for designing safety interaction protocol in energy internet scene |
| CN117278324A (en) * | 2023-11-17 | 2023-12-22 | 北京亚康万玮信息技术股份有限公司 | Message encryption transmission method and system |
-
2024
- 2024-01-05 CN CN202410014126.8A patent/CN117544418B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2007208410A (en) * | 2006-01-31 | 2007-08-16 | Hitachi Ltd | Id base encryption communication system |
| WO2022142038A1 (en) * | 2020-12-29 | 2022-07-07 | 平安普惠企业管理有限公司 | Data transmission method and related device |
| CN115118756A (en) * | 2022-05-19 | 2022-09-27 | 中国电力科学研究院有限公司 | Method and device for designing safety interaction protocol in energy internet scene |
| CN117278324A (en) * | 2023-11-17 | 2023-12-22 | 北京亚康万玮信息技术股份有限公司 | Message encryption transmission method and system |
Non-Patent Citations (1)
| Title |
|---|
| 禹聪 等: "一种基于互信的特权分离虚拟机安全模型研究", 计算机应用研究, no. 09, 15 May 2013 (2013-05-15) * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117544418B (en) | 2024-03-29 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Alenezi et al. | Symmetric encryption algorithms: Review and evaluation study | |
| US5757913A (en) | Method and apparatus for data authentication in a data communication environment | |
| US8687810B2 (en) | Chaotic cipher system and method for secure communication | |
| CN111555872B (en) | Communication data processing method, device, computer system and storage medium | |
| US6640303B1 (en) | System and method for encryption using transparent keys | |
| CN112165443A (en) | Multi-key information encryption and decryption method and device and storage medium | |
| CN102469173A (en) | IPv6 (Internet Protocol Version 6) network layer credible transmission method and system based on combined public key algorithm | |
| RU2459367C2 (en) | Method to generate alternating key for unit coding and transfer of coded data | |
| CN117278324B (en) | Message encryption transmission method and system | |
| US11057193B2 (en) | Enhanced randomness for digital systems | |
| CN111800784A (en) | Block chain cloud service system based on cloud computing | |
| CN117544418B (en) | Method and system for realizing mutual trust of different terminals based on message encryption and decryption | |
| KR100551992B1 (en) | encryption/decryption method of application data | |
| CN116094716A (en) | Text encryption and decryption method, system and equipment based on elliptic curve cryptography | |
| CN115632765A (en) | Encryption method, decryption device, electronic equipment and storage medium | |
| EP1456997B1 (en) | System and method for symmetrical cryptography | |
| CN113923029B (en) | Internet of things information encryption method based on ECC (error correction code) hybrid algorithm | |
| CN116996206B (en) | Network communication information encryption transmission method and system | |
| Yang et al. | Efficient Asymmetric Encryption Scheme based on Elliptic Encryption Technology | |
| CN117098120B (en) | Beidou short message data encryption and decryption method, equipment and storage medium | |
| CN114785484B (en) | Big data safety transmission method and system | |
| CN116743505B (en) | Safety transmission encryption method based on national secret | |
| CN116866029B (en) | Random number encryption data transmission method, device, computer equipment and storage medium | |
| CN116684095B (en) | Sensor data encryption method and system based on Internet of Things | |
| CN117915317A (en) | Data transmission method and system for intelligent wearable equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |