CN117579366A - Embedded channel encryption method - Google Patents

Embedded channel encryption method Download PDF

Info

Publication number
CN117579366A
CN117579366A CN202311624896.6A CN202311624896A CN117579366A CN 117579366 A CN117579366 A CN 117579366A CN 202311624896 A CN202311624896 A CN 202311624896A CN 117579366 A CN117579366 A CN 117579366A
Authority
CN
China
Prior art keywords
channel
key
embedded
sender
random number
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311624896.6A
Other languages
Chinese (zh)
Inventor
翟群峰
张炜
胡江宁
周飞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Zhibao Yunke Technology Co ltd
Original Assignee
Beijing Zhibao Yunke Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Zhibao Yunke Technology Co ltd filed Critical Beijing Zhibao Yunke Technology Co ltd
Priority to CN202311624896.6A priority Critical patent/CN117579366A/en
Publication of CN117579366A publication Critical patent/CN117579366A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention belongs to the technical field of embedded communication, and relates to an embedded channel encryption method which comprises a channel initialization stage and a channel key use stage. The channel initialization stage is used for generating channel key initialization information; the channel key use phase includes a channel key negotiation process and an encrypted transmission process. The channel key negotiation process includes: the sender judges whether to generate a channel key based on the channel key initialization information of the embedded equipment, if not, the negotiation is terminated, and if so, a random number is generated and encrypted to be sent to the embedded equipment; the embedded equipment decrypts to obtain a random number; the sender and the embedded device use the random number as a channel key to complete the negotiation process. The encrypted transmission process is performed by the sender and the embedded device based on the channel key for data transmission. The method can realize the safe data transmission between the sender and the embedded device without using a complex key exchange algorithm.

Description

Embedded channel encryption method
Technical Field
The invention belongs to the technical field of embedded communication, and particularly relates to an embedded channel encryption method.
Background
The transmission communication data between the channels is easy to obtain by technical means. For sensitive data, for example: passwords, transaction data, etc., even if the data is in a tape format, there is still a risk of disclosure if security processing is not performed. If the data transmitted in the channel is encrypted, the risk of disclosure is greatly reduced.
Encrypting data transmitted between channels requires both ends of the channel communication to negotiate a channel key. When data is transferred between an embedded device and a software client or other devices, a conventional method is to use a DH key exchange algorithm or a national secret SM2 key exchange protocol to negotiate a channel key. However, such a key exchange algorithm is complex, occupies more resources when implemented, and greatly affects the channel encryption efficiency and transmission efficiency of the embedded device with a software client or other devices, wherein the embedded device is limited in storage, power consumption and processing capacity of a processor.
Disclosure of Invention
In view of the above analysis, the present invention aims to provide an embedded channel encryption method, which can realize secure data transmission between a sender and an embedded device without using a complex key exchange algorithm.
In the method, the data receiving party of the channel is embedded equipment, and the channel encryption method comprises a channel initialization stage and a channel key use stage;
the channel initialization stage is used for generating channel key initialization information;
the channel key using stage comprises a channel key negotiation process and an encryption transmission process;
the channel key negotiation process includes: the sender judges whether to generate a channel key based on the channel key initialization information of the embedded equipment, if not, the negotiation is terminated, and if so, a random number is generated and encrypted to be sent to the embedded equipment; the embedded equipment decrypts to obtain the random number; the sender and the embedded device use the random number as the channel key to complete the negotiation process;
the encryption transmission process is carried out by the sender and the embedded device based on the channel key.
Further, the channel key initialization information comprises a first public-private key pair and a signature value; the generating the channel key initialization information includes:
the production tool software sends a key pair generation instruction to the embedded equipment;
the embedded equipment receives the instruction and generates the first public and private key pair comprising a first public key and a first private key;
the production tool software signs the first public key by using a second private key to obtain a signature value;
and the production tool software writes the signature value into a file of the embedded equipment.
Further, the writing the signature value into the file of the embedded device by the production tool software includes:
generating a file writing instruction by the generating tool software, and sending the signature value as a data field of the instruction to COS of the embedded equipment;
and the COS of the embedded equipment writes the signature value into a file of the embedded equipment.
Further, the embedded device generates the first public key and the first private key using an asymmetric key algorithm;
the production tooling software carries a second public key and the second private key which are generated based on an asymmetric key algorithm.
Further, the determining, by the sender, whether to generate the channel key based on the channel key initialization information of the embedded device includes:
the transmitting direction transmits a channel resetting instruction to the embedded equipment;
the embedded equipment resets the channel identification to be the encryption channel which is not established based on the channel resetting instruction;
the sender reads the first public key and the signature value of the embedded device;
the sender carries out signature verification on the signature value based on the second public key and the first public key to obtain a signature value verification result;
the sender judges whether to generate a channel key based on the signature value verification result.
Further, the sender determining whether to generate a channel key based on the signature value verification result includes:
if the signature value verification result is valid, then yes;
if the signature value verification result is invalid, no.
Further, the generating the random number, encrypting and transmitting the random number to the embedded device, and decrypting the random number by the embedded device includes:
the sender generates a random number;
the sender encrypts the random number by using an asymmetric key algorithm based on the first public key to obtain a random number ciphertext;
the sender sends the random number ciphertext to the embedded device;
and the embedded device decrypts the random number ciphertext based on the first private key to obtain the random number.
Further, the channel key negotiation process further includes, after the sender and the embedded device use the random number as the channel key, the embedded device setting a channel identifier as an encrypted channel establishment.
Further, the transmitting, by the sender and the embedded device, data transmission based on the channel key includes:
the sender encrypts an application instruction by using the channel key to obtain a ciphertext, and sends the ciphertext to the embedded equipment as a data field of the channel transmission instruction;
the embedded equipment decrypts the data field of the channel transmission instruction based on the channel key to obtain the application instruction plaintext;
the embedded equipment encrypts the response of the instruction plaintext by using the channel key to obtain a response data ciphertext and sends the response data ciphertext to a sender;
and transmitting Fang Jiemi the response data ciphertext to obtain response data plaintext.
Further, the embedded device decrypts the data field of the channel transmission instruction based on the channel key to obtain the application instruction plaintext, and then further includes:
the embedded equipment reads the channel identification, judges whether the channel is established based on the channel identification, if yes, continues, and if not, returns an error code to the sender.
The invention can realize at least one of the following beneficial effects:
the sender generates the random number and encrypts and sends the random number to the embedded device, the embedded device decrypts to obtain the random number, and the sender and the embedded device use the random number as the channel key, so that the key negotiation process is simplified, a complex key negotiation algorithm is not needed, resources of the embedded device can be effectively saved, and the key negotiation efficiency and the encrypted data transmission efficiency between the embedded device and the sender are improved. The method has the characteristics of simplicity, high efficiency and convenient transplanting.
By generating the channel key initialization information in the channel initialization stage, when the sender and the embedded equipment perform data transmission, whether the embedded equipment is safe or not can be judged based on the channel key initialization information, so that whether the channel key can be generated to establish an encryption channel or not can be judged, and the risk brought by establishing the encryption channel under the unsafe condition is effectively avoided.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
Drawings
The drawings are only for purposes of illustrating particular embodiments and are not to be construed as limiting the invention, like reference numerals being used to designate like parts throughout the drawings;
FIG. 1 is a schematic flow chart of the method of the invention.
Detailed Description
Preferred embodiments of the present invention will now be described in detail with reference to the accompanying drawings, which form a part hereof, and together with the description serve to explain the principles of the invention, and are not intended to limit the scope of the invention.
Example 1
The invention discloses an embedded channel encryption method, wherein a data receiving party of the channel is embedded equipment.
The embedded channel encryption method comprises a channel initialization stage and a channel key use stage.
1. Channel initialization phase
The channel initialization stage is used for generating channel key initialization information. The channel key initialization information includes a first public-private key pair and the signature value.
Specifically, the channel initialization stage includes: COS filling (COS refers to Chip Operating System, i.e. on-chip operating system), generating channel key initialization information, embedded device personalization.
Further, the channel initial stage is completed in a safe environment of a production factory by using production tooling software. The production tool software refers to software for installing and debugging the embedded system in a production environment.
Further, at the initial stage of the channel, the instruction between the production tooling software and the embedded device is plaintext transmission.
Furthermore, the COS filling refers to an embedded device in a state that production tool software fills COS into a bare chip, and COS starts to work after the embedded device is electrified again, wherein the COS is used for controlling information exchange between the embedded device and the outside.
The generating of the channel key initialization information in the initialization stage includes:
the production tool software sends a key pair generation instruction to the embedded equipment;
after receiving the instruction, the embedded equipment generates a first public-private key pair by using an asymmetric key algorithm, wherein the first public-private key pair comprises a first public key PUB1 and a first private key PRV1; the asymmetric key algorithm may be an SM2 algorithm and an RSA algorithm;
the production tool software signs the first public key PUB1 by using a second private key PRV2 to obtain a signature value S1; the production tool software carries a second public key PUB2 and a second private key PRV2 which are generated based on an asymmetric key algorithm;
the production tool software writes the signature value S1 into a file of the embedded equipment, and the production tool software comprises the following steps: generating a file writing instruction by the generating tool software, and sending the signature value S1 as a data field of the instruction to COS of the embedded equipment; and the COS of the embedded equipment writes the signature value S1 into a FILE of the embedded equipment.
Further, embedded device personalization refers to exemplary operations such as writing serial numbers for the device to be specific to different applications when the embedded device is produced.
2. Channel key usage stage
The channel key use stage includes a channel key negotiation process and an encrypted transmission process.
Specifically, in the channel key use stage, the data sender of the channel may be a software client or other devices.
Specifically, the channel key negotiation process includes:
the sender creates a device handle;
the sender judges whether to generate a channel key based on the channel key initialization information of the embedded device, including:
the transmitting direction transmits a channel resetting instruction to the embedded equipment;
the embedded equipment resets the channel identification to be the encryption channel which is not established based on the channel resetting instruction; it should be noted that, if the embedded device has the last negotiated channel key at this time, the last negotiated channel key needs to be discarded;
the sender sends a channel reading instruction to read the first public key PUB1 of the embedded equipment;
the sender sends a FILE reading instruction to read the signature value S1 in the embedded equipment FILE;
the sender performs signature verification on the signature value S1 based on the second public key PUB2 and the first public key PUB1 to obtain a signature value verification result;
the sender judges whether to generate a channel key based on the signature value verification result:
if the signature value verification result is invalid, if not, not generating a channel key, and ending negotiation;
if the signature value verification result is valid, generating a random number by a sender, encrypting the random number by using an asymmetric key algorithm based on the first public key PUB1 to obtain a random number ciphertext, and sending a channel key setting instruction to send the random number ciphertext to an embedded device;
the embedded device decrypts the random number ciphertext based on the first private key PRV1 to obtain the random number and stores the random number;
the sender and the embedded equipment use the random number as the channel key, and the embedded equipment sets the channel identifier as the encryption channel to establish, so as to complete the negotiation process.
Specifically, the encryption transmission process is performed by the sender and the embedded device based on the channel key.
Specifically, in the encrypted transmission process, the data transmission by the sender and the embedded device based on the channel key includes:
the sender encrypts an application instruction by using the channel key and a symmetric key algorithm to obtain a ciphertext, and sends the ciphertext to the embedded equipment as a data field of the channel transmission instruction; the symmetric key algorithm may be an SM4 algorithm, a 3DES algorithm, an AES algorithm;
after receiving the channel transmission instruction, the embedded equipment reads the channel identifier, judges whether an encryption channel is established or not based on the channel identifier, if so, continues, and if not, returns an error code to the sender;
under the condition that an encryption channel is established, the embedded equipment decrypts the data field of the channel transmission instruction based on the channel key to obtain the application instruction plaintext;
the embedded device analyzes the instruction plaintext, judges whether the instruction is legal or not according to the instruction list information, and if yes, continues; if not, returning an error code to the sender; instruction legitimacy includes instruction unsupported, incorrect instruction format and instruction cycle inconsistencies;
the embedded device responds according to the instruction plaintext; encrypting the response by using the channel key to obtain a response data ciphertext and sending the response data ciphertext to a sender;
transmitting Fang Jiemi the response data ciphertext to obtain response data plaintext;
the sender closes the device handle.
The embodiment discloses an embedded channel encryption method, which generates channel key initialization information in a channel initialization stage, so that when a sender and embedded equipment perform data transmission, whether the embedded equipment is safe or not is judged based on the channel key initialization information, thereby judging whether the embedded equipment can generate a channel key to establish an encryption channel or not, and effectively avoiding risks brought by establishing the encryption channel under unsafe conditions.
The sender generates the random number and encrypts and sends the random number to the embedded equipment, the embedded equipment decrypts to obtain the random number, and the sender and the embedded equipment use the random number as the channel key, so that the key negotiation process is simplified, the resources of the embedded equipment can be effectively saved, and the key negotiation efficiency and the encrypted data transmission efficiency between the embedded equipment and the sender are improved.
The method of the embodiment is simple and efficient, and can be widely applied to the safety data transmission application scenes of various embedded devices.
Example two
The invention discloses an embedded channel encryption method, wherein a data receiving party of the channel is embedded equipment, and a data sending party is a software client.
The channel encryption method of the present embodiment includes a channel initialization stage and a channel key use stage.
In this embodiment, the channel initialization stage includes COS filling, generating channel key initialization information, and embedded device personalization. The COS filling and embedded device personalization process is the same as in embodiment one, and will not be described here again.
In this embodiment, the generating of the channel key initialization information in the initialization stage includes:
the production tool software sends a key pair generation instruction to the embedded equipment;
after receiving the instruction, the embedded equipment generates a first public and private key pair by using a national secret SM2 algorithm, wherein the first public and private key pair comprises a first public key PUB11 and a first private key PRV11;
the production tool software signs the first public key PUB11 by using a second private key PRV22 to obtain a signature value S11; the production tool software carries a second public key PUB22 and a second private key PRV22 which are generated based on a national secret SM2 algorithm;
the production tool software writes the signature value S11 into a file of the embedded equipment, and the production tool software comprises the following steps: generating a file writing instruction by the generating tool software, and sending the signature value S11 as a data field of the instruction to COS of the embedded equipment; the COS of the embedded device writes the signature value S11 into a FILE1 of the embedded device.
In the present embodiment, the channel key use phase includes a channel key negotiation process and an encrypted transmission process.
Specifically, the channel key negotiation process includes:
1. creating a device handle by the software client;
2. the software client sends a channel resetting instruction to the embedded equipment, informs the equipment to reset a channel and discards the channel key negotiated last time;
3. after receiving the channel resetting instruction, the embedded equipment resets the channel identifier to be that the encryption channel is not established;
4. the software client sends a channel reading instruction and reads the first public key PUB11 of the embedded equipment;
5. the software client sends a FILE reading instruction and reads the signature value S11 in the embedded equipment FILE 1;
6. the software client performs signature verification on the signature value S11 based on the second public key PUB22 and the first public key PUB11 to obtain a signature value verification result;
7. if the signature value verification result is invalid, indicating that the embedded equipment is attacked or tampered, and terminating key negotiation; if the signature value verification result is valid, the embedded equipment is safe, the software client generates a random number R, encrypts the R by using a national secret SM2 algorithm based on the first public key PUB11 to obtain a random number ciphertext R_encrypt, and sends a channel key setting instruction to send the R_encrypt to the embedded equipment;
8. the embedded equipment uses a national secret SM2 algorithm, decrypts R_encrypter based on the first private key PRV11 to obtain R and stores the R;
9. and the software client and the embedded equipment use R as the channel key, the embedded equipment sets the channel identifier as the encryption channel to establish, and the negotiation process is completed.
In an embodiment, the encrypted transmission process is data transmission by the software client and the embedded device based on the channel key.
Specifically, in the encryption transmission process, the data transmission by the software client and the embedded device based on the channel key includes:
1. the software client uses a national encryption SM4 algorithm to encrypt an application instruction based on the channel key to obtain a ciphertext, and sends the ciphertext to the embedded equipment as a data field of the channel transmission instruction;
2. after receiving the channel transmission instruction, the embedded equipment reads the channel identifier, judges whether an encryption channel is established or not based on the channel identifier, if so, continues, and if not, returns an error code to the software client;
3. under the condition that an encryption channel is established, the embedded equipment decrypts the data field of the channel transmission instruction based on the channel key to obtain the application instruction plaintext;
4. the embedded device analyzes the instruction plaintext, judges whether the instruction is legal or not according to the instruction list information, and if yes, continues; if not, returning an error code to the software client; instruction legitimacy includes instruction unsupported, incorrect instruction format and instruction cycle inconsistencies;
5. the embedded device responds according to the instruction plaintext; encrypting the response by using the channel key to obtain a response data ciphertext and sending the response data ciphertext to the software client;
6. the software client decrypts the response data ciphertext to obtain a response data plaintext;
7. and closing the device handle after the software client finishes the operation corresponding to the response data text.
Compared with the prior art, the beneficial effects of the embedded channel encryption method provided by the embodiment are basically the same as those provided by the first embodiment, and are not described in detail herein.
It should be noted that, the above embodiments are based on the same inventive concept, and the description is not repeated, and the description may be referred to each other.
The present invention is not limited to the above-mentioned embodiments, and any changes or substitutions that can be easily understood by those skilled in the art within the technical scope of the present invention are intended to be included in the scope of the present invention.

Claims (10)

1. An embedded channel encryption method, wherein the data receiving party of the channel is an embedded device, and the method is characterized by comprising a channel initialization stage and a channel key use stage;
the channel initialization stage is used for generating channel key initialization information;
the channel key using stage comprises a channel key negotiation process and an encryption transmission process;
the channel key negotiation process includes: the sender judges whether to generate a channel key based on the channel key initialization information of the embedded equipment, if not, the negotiation is terminated, and if so, a random number is generated and encrypted to be sent to the embedded equipment; the embedded equipment decrypts to obtain the random number; the sender and the embedded device use the random number as the channel key to complete the negotiation process;
the encryption transmission process is carried out by the sender and the embedded device based on the channel key.
2. The channel encryption method of claim 1, wherein the channel key initialization information includes a first public-private key pair and a signature value; the generating the channel key initialization information includes:
the production tool software sends a key pair generation instruction to the embedded equipment;
the embedded equipment receives the instruction and generates the first public and private key pair comprising a first public key and a first private key;
the production tool software signs the first public key by using a second private key to obtain a signature value;
and the production tool software writes the signature value into a file of the embedded equipment.
3. The channel encryption method of claim 2, wherein the production tooling software writing the signature value into the file of the embedded device comprises:
generating a file writing instruction by the generating tool software, and sending the signature value as a data field of the instruction to COS of the embedded equipment;
and the COS of the embedded equipment writes the signature value into a file of the embedded equipment.
4. A channel encryption method according to claim 3, wherein the embedded device generates the first public key and first private key using an asymmetric key algorithm;
the production tooling software carries a second public key and the second private key which are generated based on an asymmetric key algorithm.
5. The channel encryption method according to claim 4, wherein the sender judging whether to generate the channel key based on the channel key initialization information of the embedded device comprises:
the transmitting direction transmits a channel resetting instruction to the embedded equipment;
the embedded equipment resets the channel identification to be the encryption channel which is not established based on the channel resetting instruction;
the sender reads the first public key and the signature value of the embedded device;
the sender carries out signature verification on the signature value based on the second public key and the first public key to obtain a signature value verification result;
the sender judges whether to generate a channel key based on the signature value verification result.
6. The channel encryption method according to claim 5, wherein the sender judging whether to generate a channel key based on the signature value verification result comprises:
if the signature value verification result is valid, then yes;
if the signature value verification result is invalid, no.
7. The channel encryption method according to claim 6, wherein the generating and encrypting the random number for transmission to an embedded device and decrypting by the embedded device to obtain the random number comprises:
the sender generates a random number;
the sender encrypts the random number by using an asymmetric key algorithm based on the first public key to obtain a random number ciphertext;
the sender sends the random number ciphertext to the embedded device;
and the embedded device decrypts the random number ciphertext based on the first private key to obtain the random number.
8. The channel encryption method according to claim 7, wherein the channel key negotiation process further comprises, after the sender and the embedded device use the random number as the channel key, the embedded device setting a channel identification as an encrypted channel establishment.
9. The channel encryption method of claim 8, wherein the transmitting, by the sender and the embedded device, of data based on the channel key comprises:
the sender encrypts an application instruction by using the channel key to obtain a ciphertext, and sends the ciphertext to the embedded equipment as a data field of the channel transmission instruction;
the embedded equipment decrypts the data field of the channel transmission instruction based on the channel key to obtain the application instruction plaintext;
the embedded equipment encrypts the response of the instruction plaintext by using the channel key to obtain a response data ciphertext and sends the response data ciphertext to a sender;
and transmitting Fang Jiemi the response data ciphertext to obtain response data plaintext.
10. The channel encryption method according to claim 9, wherein the decrypting, by the embedded device, the data field of the channel transmission instruction based on the channel key to obtain the application instruction plaintext further comprises:
the embedded equipment reads the channel identification, judges whether the channel is established based on the channel identification, if yes, continues, and if not, returns an error code to the sender.
CN202311624896.6A 2023-11-30 2023-11-30 Embedded channel encryption method Pending CN117579366A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311624896.6A CN117579366A (en) 2023-11-30 2023-11-30 Embedded channel encryption method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311624896.6A CN117579366A (en) 2023-11-30 2023-11-30 Embedded channel encryption method

Publications (1)

Publication Number Publication Date
CN117579366A true CN117579366A (en) 2024-02-20

Family

ID=89888043

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311624896.6A Pending CN117579366A (en) 2023-11-30 2023-11-30 Embedded channel encryption method

Country Status (1)

Country Link
CN (1) CN117579366A (en)

Similar Documents

Publication Publication Date Title
CN110995642B (en) Providing secure connections using pre-shared keys
CN107070657B (en) Secure chip and application processor and operating method thereof
CN110380852B (en) Bidirectional authentication method and communication system
CN109510708B (en) Public key password calculation method and system based on Intel SGX mechanism
CN107358441B (en) Payment verification method and system, mobile device and security authentication device
CN101828357B (en) Credential provisioning method and device
KR101239297B1 (en) System for protecting information and method thereof
CN111600854B (en) Method for establishing security channel between intelligent terminal and server
CN104579679B (en) Wireless public network data forwarding method for agriculture distribution communication equipment
US20210367767A1 (en) Methods and systems for secure network communication
CN103036880A (en) Network information transmission method, transmission equipment and transmission system
CN104901803A (en) Data interaction safety protection method based on CPK identity authentication technology
CN116132043B (en) Session key negotiation method, device and equipment
CN112487380A (en) Data interaction method, device, equipment and medium
CN111654503A (en) Remote control method, device, equipment and storage medium
JPH10242957A (en) User authentication method, system therefor and storage medium for user authentication
CN111901335B (en) Block chain data transmission management method and system based on middle station
CN113612746A (en) Sensitive information storage method and system based on Android system
CN113422753B (en) Data processing method, device, electronic equipment and computer storage medium
CN117579366A (en) Embedded channel encryption method
EP4020875A1 (en) Method, first server, second server, and system for transmitting securely a key
CN110365482B (en) Data communication method and device
CN114896608A (en) Method, medium and device for realizing hardware password interface by adopting go language
CN115334480A (en) Bluetooth peripheral and central equipment and verification method
CN113660276A (en) Remote task scheduling method based on privacy data protection

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination