CN117640098A - Data transmission method, secure transmission system and electronic equipment - Google Patents

Data transmission method, secure transmission system and electronic equipment Download PDF

Info

Publication number
CN117640098A
CN117640098A CN202311481489.4A CN202311481489A CN117640098A CN 117640098 A CN117640098 A CN 117640098A CN 202311481489 A CN202311481489 A CN 202311481489A CN 117640098 A CN117640098 A CN 117640098A
Authority
CN
China
Prior art keywords
controller
server
client
key
authentication
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311481489.4A
Other languages
Chinese (zh)
Inventor
王永吉
黄小鹏
王鸿程
胡先文
容路
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hynar Water Group Corp
Shenzhen Graduate School Harbin Institute of Technology
Eastcompeace Technology Co Ltd
Original Assignee
Hynar Water Group Corp
Shenzhen Graduate School Harbin Institute of Technology
Eastcompeace Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hynar Water Group Corp, Shenzhen Graduate School Harbin Institute of Technology, Eastcompeace Technology Co Ltd filed Critical Hynar Water Group Corp
Priority to CN202311481489.4A priority Critical patent/CN117640098A/en
Publication of CN117640098A publication Critical patent/CN117640098A/en
Pending legal-status Critical Current

Links

Landscapes

  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The embodiment of the invention relates to the fields of cryptography and network security, in particular to a data transmission method, a secure transmission system and electronic equipment, wherein a client signs an authentication packet through a secure chip, encrypts the authentication packet through a controller public key and sends the authentication packet to a networking controller; the client receives encrypted communication parameters which are sent after the network controller decrypts and the verification passes; the client obtains a communication key based on the communication parameters, encrypts the client key by using the communication key, and sends the encrypted client key to the networking controller; and the client receives the encrypted server-side key sent by the networking controller, and decrypts the server-side key by using the controller communication key to obtain the server-side key. The invention can carry out the identity authentication of communication and the issuing of the communication key before service communication, so that the server program is not easy to be attacked, and the safety of data transmission is ensured.

Description

Data transmission method, secure transmission system and electronic equipment
Technical Field
The embodiment of the invention relates to the fields of cryptography and network security, in particular to a data transmission method, a security transmission system and electronic equipment.
Background
With the rapid development of the internet and information technology, human beings enter a large data age, and data becomes a new resource in the age, and enterprises, institutions and individuals need to use and store a large amount of data. However, the problems of data leakage, loss, tampering and the like also occur, and the safety of the data is seriously affected.
At present, various encryption algorithms and schemes exist on the market, but various hacking means are more and more diversified and complicated, the existing encryption algorithms and schemes depend on application-level identity verification, are easy to attack and need to record a lot of useless information, and cannot meet the increasing data security requirements.
Disclosure of Invention
Based on the above, it is necessary to provide a data transmission method, a secure transmission system and an electronic device, which can perform identity authentication of communication and issuing of a communication key before service communication, ensure security of data transmission, and reduce problems of data leakage and tampering.
In a first aspect, an embodiment of the present invention provides a data transmission method, for a client, where the client includes a first security chip, the method includes:
generating a digital signature for the first authentication packet through the first security chip, encrypting the first authentication packet by using the controller public key, and transmitting the first authentication packet to the networking controller;
Obtaining a reply data packet returned after the authentication of the networking controller is passed, wherein the reply data packet comprises communication parameters;
decrypting the reply data packet by using the client private key, and checking the signature by using the controller public key as the reply data packet to obtain communication parameters;
obtaining a client communication key based on the communication parameters;
the method comprises the steps of obtaining a controller communication key sent by a networking controller, encrypting a client communication key by using the controller communication key, and sending the encrypted client communication key to the networking controller;
and receiving the encrypted server communication key sent by the networking controller, and decrypting by using the controller communication key to obtain the server communication key.
In some embodiments, the method further comprises:
and acquiring the request data of the application layer, and encrypting the request data by using the client communication key at the link layer.
Sending the encrypted request data to a server through a physical layer;
and/or the number of the groups of groups,
receiving encrypted return data sent by a server through a physical layer;
decrypting the return data by using the service end communication key at the link layer to obtain the return data;
and transmitting the returned data to the application layer.
In some embodiments, the request data and the return data are both encrypted data.
In some embodiments, before generating a digital signature for the first authentication package by the first security chip, encrypting the first authentication package with the controller public key, and transmitting the first authentication package to the networked controller, the method further comprises:
sending an authentication package to the registration server, wherein the authentication package is used for carrying out identity authentication on the registration server:
if the authentication success message sent by the registration server is received, a registration application is sent to the registration server, the registration application is used for registering in the registration server, and if the registration is successful, the client side obtains the network access right;
after obtaining the server-side communication key, the method further comprises:
the method comprises the steps of obtaining face features and fingerprint features, and sending the face features and the fingerprint features to a secondary authentication server to request an authentication code, wherein the secondary authentication server returns the authentication code when verifying that the face features and the fingerprint features are legal:
and responding to the input authentication code, sending an authentication packet to the networking controller to apply for the network access right, wherein if the networking controller successfully authenticates based on the authentication packet, the client reserves the network access right, and if the authentication fails, the client is cancelled.
In a second aspect, an embodiment of the present invention further provides a data transmission method, which is used for a server, where the server includes a second security chip, and the method includes:
Generating a digital signature for the second authentication packet by the second security chip, encrypting the second authentication packet by using the controller public key, and transmitting the second authentication packet to the networking controller;
obtaining a reply data packet returned after the authentication of the networking controller is passed, wherein the reply data packet comprises communication parameters;
decrypting the reply data packet by using the private key of the server side, and checking the signature by using the public key of the controller as the reply data packet to obtain communication parameters;
obtaining a server communication key based on the communication parameters;
the method comprises the steps of obtaining a controller communication key sent by a networking controller, encrypting a server communication key by using the controller communication key, and sending the encrypted server communication key to the networking controller;
and receiving the encrypted client communication key sent by the networking controller, decrypting by using the controller communication key, and obtaining the client communication key.
In a third aspect, an embodiment of the present invention further provides a data transmission method, which is used for a networking controller, where the method includes:
the method comprises the steps of obtaining an encrypted authentication packet sent by a client, decrypting the authentication packet by using a controller private key, and checking a signature by using a client public key;
after the authentication packet passes the authentication, a digital signature is generated for the communication parameters by using a controller private key, the communication parameters are encrypted by using a client public key, and the communication parameters are sent to the client;
The method comprises the steps of sending a controller communication key to a client, obtaining a client communication key sent by the client and encrypted based on the controller communication key, decrypting by using the controller communication key, obtaining the client communication key, and obtaining the client communication key based on communication parameters;
encrypting the client communication key by using the controller communication key, and transmitting the encrypted client communication key to the server;
or,
the method comprises the steps of obtaining an encrypted authentication packet sent by a server, decrypting the authentication packet by using a private key of a controller, and checking a signature by using a public key of the server;
after the authentication packet passes the authentication, a digital signature is generated for the communication parameters by using a private key of the controller, the communication parameters are encrypted by using a public key of the server, and the communication parameters are sent to the server;
the method comprises the steps of sending a controller communication key to a server, obtaining a server communication key which is sent by the server and is encrypted based on the controller communication key, decrypting by using the controller communication key, obtaining the server communication key, and obtaining the server communication key based on communication parameters;
encrypting the service end communication key by using the controller communication key, and transmitting the service communication key to the client;
in a fourth aspect, an embodiment of the present invention provides a client device, including:
At least one processor, and
and a memory communicatively coupled to the at least one processor, the memory storing instructions executable by the at least one processor to enable the at least one processor to perform the data transmission method as described above in the first aspect.
In a fifth aspect, an embodiment of the present invention further provides a server device, including:
at least one processor, and
and a memory communicatively coupled to the at least one processor, the memory storing instructions executable by the at least one processor to enable the at least one processor to perform the data transmission method as described in the second aspect above.
In a sixth aspect, an embodiment of the present invention further provides a networking controller, including:
at least one processor, and
and a memory communicatively coupled to the at least one processor, the memory storing instructions executable by the at least one processor to enable the at least one processor to perform the data transmission method as described in the third aspect above.
In a seventh aspect, an embodiment of the present invention further provides a secure transmission system, including:
The client device according to the fourth aspect above, the server device according to the fifth aspect above, and the networking controller according to the sixth aspect above.
In an eighth aspect, embodiments of the present invention also provide a non-transitory computer-readable storage medium storing computer-executable instructions that, when executed by at least one processor, cause the at least one processor to perform the method as set forth in any one of the first, second and third aspects above.
The embodiment of the invention has the beneficial effects that: different from the situation in the prior art, the data transmission method provided by the embodiment of the invention comprises the following steps: the client signs the authentication package through the security chip, encrypts the authentication package through the public key of the controller and sends the authentication package to the networking controller; the client receives encrypted communication parameters which are sent after the network controller decrypts and the verification passes; the client obtains a communication key based on the communication parameters, encrypts the client key by using the communication key, and sends the encrypted client key to the networking controller; and the client receives the encrypted server-side key sent by the networking controller, and decrypts the server-side key by using the controller communication key to obtain the server-side key. The invention can carry out the identity authentication of communication and the issuing of the communication key before service communication, so that the server program is not easy to be attacked, and the safety of data transmission is ensured.
Drawings
One or more embodiments are illustrated by way of example and not limitation in the figures of the accompanying drawings, in which like references indicate similar elements, and in which the figures of the drawings are not to be taken in a limiting sense, unless otherwise indicated.
Fig. 1 is a schematic view of an application environment of a data transmission method according to an embodiment of the present invention;
FIG. 2 is a block diagram of a client device according to an embodiment of the present invention;
FIG. 3 is a block diagram illustrating a networked controller according to an embodiment of the present invention;
fig. 4 is a block diagram of a server device according to an embodiment of the present invention;
fig. 5 is a flowchart of a data transmission method according to an embodiment of the present invention;
fig. 6 is a flowchart of a data transmission method according to another embodiment of the present invention;
fig. 7 is a flowchart of a data transmission method according to another embodiment of the present invention;
fig. 8 is a flowchart of a data transmission method according to another embodiment of the present invention;
fig. 9 is a flowchart of a data transmission method according to another embodiment of the present invention;
fig. 10 is a flowchart of a data transmission method according to another embodiment of the present invention;
Fig. 11 is a flowchart of a data transmission method according to another embodiment of the present invention;
fig. 12 is a schematic structural diagram of a secure transmission system according to an embodiment of the present invention;
Detailed Description
The present invention will be described in detail with reference to specific examples. The following examples will assist those skilled in the art in further understanding the present invention, but are not intended to limit the invention in any way. It should be noted that variations and modifications could be made by those skilled in the art without departing from the inventive concept. These are all within the scope of the present invention.
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be further described in detail with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the present application.
It should be noted that, if not conflicting, the various features of the embodiments of the present invention may be combined with each other, which are all within the protection scope of the present application. In addition, while functional block division is performed in a device diagram and logical order is shown in a flowchart, in some cases, the steps shown or described may be performed in a different order than the block division in the device, or in the flowchart. Moreover, the words "first," "second," "third," and the like as used herein do not limit the data and order of execution, but merely distinguish between identical or similar items that have substantially the same function and effect.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. The terminology used in the description of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. The term "and/or" as used in this specification includes any and all combinations of one or more of the associated listed items.
In addition, the technical features of the embodiments of the present invention described below may be combined with each other as long as they do not collide with each other.
Fig. 1 is an application environment schematic diagram of a data transmission method according to an embodiment of the present invention. Referring to fig. 1, the application environment includes a client device 10, a networking controller 20, and a server device 30, and the networking controller device 20 is communicatively connected to the client device 10 and the server device 10, respectively.
The communication connection may be a wired connection, for example: fiber optic cables, also wireless communication connections, such as: WIFI connection, bluetooth connection, 4G wireless communication connection, 5G wireless communication connection, etc.
The client device 10 is a terminal used by a client user, for example, the client device 10 may be a computer, a smart phone, a tablet computer or the like controlled by the client user, and the client user is an object that needs to transmit data or acquire data.
The server device 30 is a terminal for processing a client request, for example, the server device 30 may be a server, such as a rack server, a blade server, a tower server, or a rack server, or may be a server cluster formed by a plurality of servers, or a cloud computing service center. The server is responsible for receiving requests from the client, processing the requests, generating responses and sending the responses back to the client.
The networking controller 20 is a terminal for identity authentication and communication key distribution, for example, the networking controller 20 may be a computer, a smart phone or a tablet computer, or may be a server, for example, a rack server, a blade server, a tower server or a cabinet server, or may be a server cluster formed by a plurality of servers, or be a cloud computing service center.
The client user makes a request for acquiring data or outputting data to the server through the client device 10, the client device 1 transmits the requested data to the server device 30, and the server device 30 processes the client request and responds accordingly, and transmits the returned data to the client device 10.
In order to solve the problems that data transmission is easily attacked and many useless information needs to be recorded, an embodiment of the present invention provides a data transmission method implemented by the client device 10, the networking controller 20, and the server device 30. Identity authentication of both communication parties and issuing of a communication key, which is different from an application layer key, can be carried out before service communication, and data can be encrypted in a link layer, so that attack can be prevented more effectively, the safety of data transmission is ensured, and the problems of data leakage and tampering are reduced.
Before describing the data transmission method in detail, a hardware structure of the client device according to another embodiment of the present invention will be described.
On the basis of fig. 1, another embodiment of the present invention provides a client device, as shown in fig. 2, comprising at least one processor 11 and a memory 12 (bus connection, one processor being exemplified in fig. 2) in communication connection. It will be appreciated by those of ordinary skill in the art that the configuration shown in fig. 2 is merely illustrative and is not intended to limit the configuration of the electronic device described above. For example, the client device may also include more or fewer components than shown in fig. 2, or have a different configuration than shown in fig. 2.
Wherein the processor 11 is configured to provide computing and control capabilities to control the client device 10 to perform corresponding tasks, for example, to control the client device 10 to perform any one of the data transmission methods applied to clients provided in the following embodiments of the invention.
It is understood that the processor 11 may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU), a network processor (Network Processor, NP), etc.; but also digital signal processors (Digital Signal Processing, DSP), application specific integrated circuits (Application Specific Integrated Circuit, ASIC), field programmable gate arrays (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components.
The memory 12 is used as a non-transitory computer readable storage medium for storing non-transitory software programs, non-transitory computer executable programs, and modules, such as program instructions/modules corresponding to the data transmission method in the embodiment of the present invention. The processor 11 may implement the data transmission method applied to the client in any of the method embodiments described below by running non-transitory software programs, instructions and modules stored in the memory 12, where the memory 12 may include a high-speed random access memory, and may further include a non-transitory memory, such as at least one magnetic disk storage device, a flash memory device, or other non-transitory solid state storage device. In some embodiments, memory 12 may also include memory located remotely from the processor, which may be connected to the processor via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
On the basis of fig. 1, another embodiment of the present invention provides a networked controller, as shown in fig. 3, which includes at least one processor 21 and a memory 22 (bus connection, one processor being exemplified in fig. 3) which are communicatively connected. It will be appreciated by those of ordinary skill in the art that the configuration shown in fig. 3 is merely illustrative and is not intended to limit the configuration of the electronic device described above. For example, the networked controller may also include more or fewer components than shown in FIG. 3, or have a different configuration than shown in FIG. 3.
The processor 21 is configured to provide computing and control capabilities to control the networking controller 20 to perform corresponding tasks, for example, to control the networking controller 20 to perform any one of the data transmission methods provided in the following embodiments of the invention.
It is understood that the processor 21 may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU), a network processor (Network Processor, NP), etc.; but also digital signal processors (Digital Signal Processing, DSP), application specific integrated circuits (Application Specific Integrated Circuit, ASIC), field programmable gate arrays (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components.
The memory 22 is used as a non-transitory computer readable storage medium for storing non-transitory software programs, non-transitory computer executable programs, and modules, such as program instructions/modules corresponding to the data transmission method in the embodiment of the present invention. The processor 21 may implement the data transmission method applied to the networked controller in any of the method embodiments described below by running non-transitory software programs, instructions, and modules stored in the memory 22, where the memory 22 may include high-speed random access memory, and may also include non-transitory memory, such as at least one disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, the memory 22 may also include memory located remotely from the processor, which may be connected to the processor via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
On the basis of fig. 1, another embodiment of the present invention provides a server device, as shown in fig. 4, where the server device includes at least one processor 31 and a memory 32 (bus connection, one processor is taken as an example in fig. 4) that are communicatively connected. It will be appreciated by those of ordinary skill in the art that the configuration shown in fig. 4 is merely illustrative and is not intended to limit the configuration of the electronic device described above. For example, the server device may also include more or fewer components than shown in FIG. 4, or have a different configuration than shown in FIG. 4.
The processor 31 is configured to provide computing and control capabilities to control the server device 30 to perform corresponding tasks, for example, to control the server device 30 to perform any one of the data transmission methods applied to the server provided in the following embodiments of the present invention.
It is understood that the processor 31 may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU), a network processor (Network Processor, NP), etc.; but also digital signal processors (Digital Signal Processing, DSP), application specific integrated circuits (Application Specific Integrated Circuit, ASIC), field programmable gate arrays (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components.
The memory 32 is used as a non-transitory computer readable storage medium for storing non-transitory software programs, non-transitory computer executable programs, and modules, such as program instructions/modules corresponding to the data transmission method in the embodiment of the present invention. The processor 31 may implement the data transmission method applied to the server in any of the method embodiments described below by running non-transitory software programs, instructions and modules stored in the memory 32, where the memory 32 may include a high-speed random access memory, and may further include a non-transitory memory, such as at least one magnetic disk storage device, a flash memory device, or other non-transitory solid state storage device. In some embodiments, memory 32 may also include memory located remotely from the processor, which may be connected to the processor via a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The data transmission method provided by each embodiment of the present invention is described in detail below.
Fig. 5 shows a flow diagram of an embodiment of a data transmission method, which is applied to a client, and which can be performed by a client device. Referring to fig. 5, the method S200 includes, but is not limited to, the following steps:
s201: the method comprises the steps of generating a digital signature for a first authentication package through a first security chip, encrypting the first authentication package by using a controller public key, and sending the first authentication package to a networking controller.
Before business communication, the client side obtains the client side communication key and the server side communication key through the networking controller, and the specific process is that authentication is firstly carried out, and after the authentication is passed, the networking controller issues the client side communication key and the server side communication key.
This step is used to send an authentication package to the networked controller, where the authentication package is used to authenticate the identity of the client, and an identity identifier, such as a user name, a mailbox address, a user ID, etc., may be included in the authentication package to verify the identity of the client. The client device signs the authentication package through the first security chip, encrypts the authentication package through the controller public key, and then sends the encrypted authentication package to the networking controller. The authentication package is encrypted and then sent to the networking controller, so that the transmission safety of the authentication package can be ensured, and the identity information in the authentication package is prevented from being revealed.
In addition, the security chip is a chip integrated with special hardware and software security mechanisms, and adopts a security chip encryption mode to provide higher physical security at the hardware level, and because encryption operation is performed inside the encryption chip, an attacker can not easily acquire sensitive data through a software means, and physical attack, interception attack, side channel attack and the like can be better prevented.
In some embodiments, after the networked controller obtains the authentication package sent by the client, the authentication package may be decrypted using the controller private key and signed using the client public key. After the authentication is passed, the networking controller sends a reply data packet carrying communication parameters to the client. In order to ensure the transmission safety of the communication parameters, the communication parameters can be encrypted and then transmitted, specifically, a digital signature can be generated by using a controller private key for the communication parameters, the communication parameters are encrypted by using a client public key, and the encrypted communication parameters are sent to the client.
S202: and acquiring a reply data packet returned after the authentication of the networking controller is passed, wherein the reply data packet comprises communication parameters.
S203: decrypting the reply data packet by using the client private key, and checking the signature for the reply data packet by using the controller public key to obtain the communication parameters.
S204: a client communication key is obtained based on the communication parameters.
After receiving the reply data packet sent by the networking controller, the client decrypts the reply data packet by using the private key of the client, and verifies the label for the reply data packet by using the public key of the controller to obtain communication parameters, and obtains the communication key of the client based on the communication parameters. The client communication key is used for encrypting data when the data are transmitted with the server in the follow-up process, and the safety of data transmission is ensured.
The communication parameters may include, among others, traffic parameters such as counters, random numbers, time stamps.
S205: and acquiring a controller communication key sent by the networking controller, encrypting the client communication key by using the controller communication key, and sending the encrypted client communication key to the networking controller.
After receiving the controller communication key sent by the networking controller, the client encrypts the client communication key by using the controller communication key, and sends the encrypted client key to the networking controller. The controller communication key is used to encrypt for client communication keys that need to be sent and decrypt for server communication keys that are received. The purpose of encrypting the client communication key is to protect the transmission safety of the client communication key, the purpose of sending the client communication key out is to be transmitted to the server by the networking controller, and subsequent communication can be encrypted and decrypted through the key, so that the data transmission safety is ensured.
S206: and receiving the encrypted server communication key sent by the networking controller, and decrypting by using the controller communication key to obtain the server communication key.
The client receives the server communication key which is sent by the networking controller and is encrypted by the controller communication key, decrypts by utilizing the controller communication key obtained in the prior art to obtain the server communication key, and the key can be used for encrypting and decrypting transmission data in the subsequent communication so as to ensure the safety of data transmission. The method for obtaining the communication key at the server may be substantially the same as the method for obtaining the communication key at the client, which is not described herein.
In the embodiment, before the service communication, the client performs identity authentication through the networking controller, and the client obtains the service communication key from the networking controller, so that identity and access control are provided, the service program can be protected from being attacked, and safe transmission of data is ensured.
After authentication, client communication key and server communication key acquisition are completed through the networking controller, when data transmission is carried out between the client and the server, encryption can be carried out through the client communication key and the server communication key. Specifically, in some embodiments, the client acquires the request data of the application layer, encrypts the request data by using the client communication key at the data link layer, and sends the encrypted request data to the server through the physical layer, so as to realize the safe sending of the request.
In some embodiments, the client receives the encrypted return data sent by the server through the physical layer, decrypts the return data at the link layer using the server communication key obtained from the networked controller to obtain data returned by the client, and transmits the return data to the application layer.
The data is encrypted in the link layer, so that the attack can be prevented more effectively, the safety of data transmission is ensured, and the problems of data leakage and tampering are reduced.
In some embodiments, the request data and the return data are both encrypted data, i.e., at the client, the request data is encrypted at the application layer and then encrypted at the link layer, and at the server, the return data is encrypted at the application layer and then encrypted at the link layer. The secondary encryption further enhances the security of the data transmission.
In other embodiments, to further increase the security of network transmission, the method further includes a step of registering with a registration server to obtain network access rights before obtaining the communication key, and a step of authenticating with a secondary authentication server to confirm the network access rights after obtaining the communication key. Referring to fig. 6 and 7, before step S201, the method further includes:
S207: the client applies for registration to the registration server for obtaining the network access right, and the method comprises the steps of sending an authentication package to the registration server, wherein the authentication package is used for carrying out identity authentication on the registration server, sending a registration application to the registration server if an authentication success message sent by the registration server is received, and registering the registration application to the registration server, and obtaining the network access right by the client if the registration is successful.
Before acquiring the communication key, the client acquires the network access right through the registration server, wherein the process is that single-package authentication is firstly carried out, registration is applied after the authentication is passed, and the network access right is acquired after the registration is successful.
S208: the client applies for secondary authentication to the secondary authentication server and the networking controller, and the method comprises the following steps: the method comprises the steps of obtaining face features and fingerprint features, sending the face features and the fingerprint features to a secondary authentication server to request an authentication code, returning the authentication code by the secondary authentication server when verifying that the face features and the fingerprint features are legal, responding to the authentication code input, sending an authentication packet to a networking controller to apply for network access permission, reserving the network access permission by a client if the networking controller successfully authenticates based on the authentication packet, and canceling the network access permission by the client if authentication fails.
After the communication key is acquired, the client side firstly acquires the authentication code through the secondary authentication server, and then reserves the network access right through the networking controller.
The step S207 specifically includes:
s2071, the client sends an authentication package to the registration server to initiate single package authentication.
This step is used to send a registration ticket package authentication package to the registration server, where the authentication package is used to authenticate the identity of the client, and the authentication package may include an identity identifier, such as a user name, a mailbox address, a user ID, etc., for verifying the identity of the client.
In some embodiments, after acquiring the registration authentication packet sent by the client, the registration server may perform identity authentication, discard the authentication packet if authentication fails, generate an authentication success message if authentication is successful, and send the authentication success message to the client.
S2072: authentication fails and the client cannot register.
S2073: the authentication is successful, and the client receives the authentication success message sent by the registration server.
S2074: the client sends a registration application to the registration server.
S2075: the registration is successful, and the client obtains the network access right.
The step S208 specifically includes:
s2081: the client sends the face features and the fingerprint features to the secondary authentication server.
The step is used for sending the face features and the fingerprint features to the secondary authentication server, and the face features and the fingerprint features are used for carrying out feature authentication on the client.
In some embodiments, after receiving the face feature and the fingerprint feature sent by the client, the secondary authentication server may perform feature authentication, if the authentication fails, send a failure result to the client, and if the authentication succeeds, generate an authentication code and send the authentication code to the client.
S2082: the authentication fails, and the client receives the failure result and cannot access the network.
S2083: the authentication is successful, and the client receives the authentication code sent by the secondary authentication server.
S2084: the client sends an authentication packet to the networking controller.
In some embodiments, the secondary authentication server may send an authentication code to the client after successful authentication of the client. The client sends an authentication package to the networking controller, the authentication package is used for carrying out identity authentication on the client, the authentication package can comprise an identity identifier for verifying the identity of the client, such as a user name, a mailbox address, a user ID and the like, and can also comprise an authentication code, the networking controller carries out identity authentication on the client through the authentication package and the authentication code, if authentication fails, the network access authority of the client is canceled, and if authentication is successful, the network access authority of the client is reserved.
S2085: the authentication fails and the client is revoked of the network access right.
S2086: the authentication is successful, and the client reserves the network access right.
In the embodiment, before the communication key is acquired, registration authentication is performed through the registration server, so that identity authentication can be performed in advance, legal clients are screened to access the network, and illegal users are filtered; after the communication key is acquired, the user face features and the fingerprint features are utilized to carry out secondary authentication, and the client can be subjected to secondary screening; the method has the advantages of reducing the possibility of an illegal user attacking the network, reducing data theft and leakage and improving the security.
Correspondingly, the server side also needs to authenticate and acquire the server side communication key and the client side communication key through the networking controller, and fig. 8 shows a flow chart of an embodiment of a data transmission method, where the method is applied to the server side and can be executed by the server side device. Referring to fig. 8, the method S200 includes, but is not limited to, the following steps:
s209: generating a digital signature for the second authentication package by the second security chip, encrypting the second authentication package by using the controller public key, and transmitting the second authentication package to the networking controller.
Before business communication, the server side obtains the client side communication key and the server side communication key through the networking controller, and the specific process is that authentication is firstly carried out, and after the authentication is passed, the networking controller issues the client side communication key and the server side communication key.
The step is used for sending an authentication package to the networking controller, the authentication package is used for carrying out identity authentication on the server, and the authentication package can comprise an identity identifier for verifying the identity of the server. The server device signs the authentication package through the second security chip, encrypts the authentication package through the controller public key, and then sends the encrypted authentication package to the networking controller. The authentication package is encrypted and then sent to the networking controller, so that the transmission safety of the authentication package can be ensured, and the identity information in the authentication package is prevented from being revealed.
In some embodiments, after the networked controller obtains the authentication package sent by the server, the authentication package may be decrypted using the controller private key and signed using the server public key. After the authentication is passed, the networking controller sends a reply data packet carrying communication parameters to the server. In order to ensure the transmission safety of the communication parameters, the communication parameters can be encrypted and then transmitted, specifically, a digital signature can be generated by using a private key of a controller for the communication parameters, the communication parameters are encrypted by using a public key of a server, and the encrypted communication parameters are sent to the server.
S210: and acquiring a reply data packet returned after the authentication of the networking controller is passed, wherein the reply data packet comprises communication parameters.
S211: decrypting the reply data packet by using the private key of the server side, and checking the signature for the reply data packet by using the public key of the controller to obtain the communication parameters.
S212: and obtaining the server communication key based on the communication parameters.
After receiving the reply data packet sent by the networking controller, the server decrypts the reply data packet by using the private key of the server, and verifies the label for the reply data packet by using the public key of the controller to obtain communication parameters, and obtains a communication key based on the communication parameters. The communication key is used for encrypting data when the data is transmitted with the client in the follow-up process, so that the safety of data transmission is ensured.
S213: and acquiring a controller communication key sent by the networking controller, encrypting the server communication key by using the controller communication key, and sending the encrypted server communication key to the networking controller.
S214: and receiving the encrypted client communication key sent by the networking controller, and decrypting by using the controller communication key to obtain the client communication key.
Fig. 9 shows a flow diagram of an embodiment of a data transmission method, which is applied to a networked controller, and which can be performed by the networked controller. Referring to fig. 9, the method S200 includes, but is not limited to, the following steps:
S215: and acquiring an encrypted authentication packet sent by the client.
The networked controller obtains an encrypted authentication package sent by the client for authenticating the identity of the client, where the authentication package may include an identity identifier, such as a user name, a mailbox address, a user ID, etc., for verifying the identity of the client.
In some embodiments, after generating the authentication package, the client signs the authentication package through the first security chip, encrypts the authentication package through the public key of the controller, and then sends the encrypted authentication package to the networking controller.
S216: decrypting the authentication package by using the private key of the controller and checking the signature by using the public key of the client.
This step is used to acquire authentication package information and perform authentication.
S217: after the authentication packet passes the authentication, a digital signature is generated for the communication parameters by using a controller private key, the communication parameters are encrypted by using a client public key, and the communication parameters are sent to the client.
S218: the controller communication key is sent to the client.
S219: and acquiring an encrypted client communication key sent by the client, and decrypting by using the controller communication key.
S220: encrypting the client communication key by using the controller communication key, and transmitting the client communication key to the server.
In some embodiments, the networked controller may also authenticate the server, receive the server communication key, and send the server communication key to the client. The specific process is that an encrypted authentication package sent by a server is obtained, the authentication package is decrypted by using a private key of a controller, and a public key of the server is used for checking a signature. After the authentication packet passes the authentication, a digital signature is generated for the communication parameters by using a private key of the controller, the communication parameters are encrypted by using a public key of the server, and the communication parameters are sent to the server. And sending the controller communication key to the server. And acquiring an encrypted server communication key sent by the server, and decrypting by using the controller communication key. Encrypting the server communication key by using the controller communication key, and transmitting the server communication key to the client.
In this embodiment, before performing service communication, the networking controller performs identity authentication on the client and the server, sends the client communication key to the server, and sends the server communication key to the client, so that identity and access control are provided, and transmission data used in the process are encrypted, so that safe transmission of the data is ensured.
In summary, according to the data transmission method provided by the embodiment of the invention, before service communication, the network controller authenticates the identity of the communication party to confirm that the identity of the communication party is legal, and the data used for authentication are encrypted, so that the data transmission method is safer. And the communication key is issued, so that the subsequent service communication encryption is facilitated, and the data used in the communication key issuing process are encrypted and transmitted, so that the communication key issuing process is safer. Therefore, the communication program is not easy to attack, and the safe transmission of the data is ensured.
Taking a more specific embodiment as an example, the following describes an interaction process between the client and the server when they authenticate and acquire the communication key through the networking controller, referring to fig. 10, the method S200 includes, but is not limited to, the following steps:
s221: the client signs the single-packet authentication packet using a first secure chip private key (client private key).
S222: the client encrypts the single-packet authentication packet using the controller public key.
S223: the client sends the encrypted single-packet authentication packet to the networking controller.
S224: the networked controller decrypts the single-packet authentication packet using the controller private key.
S225: the networked controller uses a first secure chip public key (client public key) to authenticate the single package authentication package.
S226: the networked controller signs the communication parameters, including the traffic parameters required for authentication, using the controller private key.
S227: the networked controller encrypts the communication parameters using the client public key.
S228: the networking controller sends the encrypted communication parameters to the client.
S229: the client decrypts the communication parameters using the client private key.
S230: the client uses the controller public key to sign the communication parameters.
S231: and the communication parameters are decrypted and checked successfully, the client acquires the communication parameters, and the client communication key is acquired through the communication parameters.
S232: the networked controller sends a controller communication key to the client.
S233: the client encrypts the client communication key using the controller communication key.
S234: the client sends the encrypted client communication key to the networking controller.
S235: the networked controller encrypts the client communication key using the controller communication key.
And the networking controller encrypts the client communication key after receiving the client communication key, and the networking controller sends the client communication key to the server after the server passes the identity authentication.
S236: the networking controller sends the client communication key to the server.
S237: and the server decrypts the client communication key by using the controller communication key to obtain the client communication key.
S238: the server uses the second security chip private key to sign the single-packet authentication packet.
S239: the server encrypts the single-packet authentication packet using the controller public key.
S240: the server sends the encrypted single-packet authentication packet to the networking controller.
S241: the networked controller decrypts the single-packet authentication packet using the controller private key.
S242: the networked controller uses the second secure chip public key to authenticate the single package authentication package.
S243: the networked controller signs the communication parameters using the controller private key.
S244: the networked controller encrypts the communication parameters using the server public key.
S245: the networking controller sends the encrypted communication parameters to the server.
S246: the server decrypts the communication parameters using the server private key.
S247: the server uses the public key of the controller to sign the communication parameters.
S248: the server acquires the communication parameters and acquires the communication key of the server through the communication parameters.
S249: the networking controller sends the controller communication key to the server.
S250: the server encrypts the server communication key using the controller communication key.
And the networking controller encrypts the server-side communication key after receiving the server-side communication key, and the networking controller sends the server-side communication key to the client-side after the client-side passes the identity authentication.
S251: the server sends the encrypted server communication key to the networking controller.
S252: the networked controller encrypts the server-side communication key using the controller communication key.
S253: the networked controller sends the server-side communication key to the client.
S254: and the client decrypts the server communication key by using the controller communication key to obtain the server communication key.
The client device signs the single-packet authentication packet through the first security chip, encrypts the single-packet authentication packet through the controller public key and sends the single-packet authentication packet to the networking controller; the networking controller receives the encrypted single-packet authentication packet, decrypts by using the controller private key, performs signature verification by using the first security chip public key, signs the communication key by using the controller private key after the signature verification is passed, encrypts the communication parameter by using the client public key, and sends the encrypted communication parameter to the client device. The client device decrypts the encrypted communication parameters by using the client private key, and the communication parameters are checked by using the controller public key, so that the communication parameters are obtained by checking the signature. The client communication key is obtained through the communication parameters. The networked controller sends the controller key to the client device. The client device encrypts the client communication key using the controller communication key and sends it to the networking controller.
The server device signs the single-packet authentication packet through the second security chip, encrypts the single-packet authentication packet through the controller public key and sends the single-packet authentication packet to the networking controller; the networking controller receives the encrypted single-packet authentication packet, decrypts by using the controller private key, performs signature verification by using the second security chip public key, signs the communication key by using the controller private key after the signature verification is passed, encrypts the communication parameters by using the server public key, and sends the encrypted communication parameters to the server device. The server device decrypts the encrypted communication parameters by using the server private key, and the controller public key is used for checking the communication parameters and the communication parameters are obtained after the checking passes. And obtaining the communication key of the server through the communication parameters. The networked controller sends the controller key to the server device. The server device encrypts the server communication key using the controller communication key and sends the encrypted server communication key to the networking controller.
The networked controller encrypts the server-side communication key using the controller communication key and sends it to the client device. And the client device decrypts the server communication key by using the controller communication key to obtain the server communication key.
The networked controller encrypts the client communication key using the controller communication key and sends it to the server device. And the server device decrypts the client communication key by using the controller communication key to obtain the client communication key.
In this embodiment, before performing service communication, the networking controller performs identity authentication on the client and the server, and the client obtains the server communication key from the networking controller, and the server obtains the client communication key from the networking controller, so that identity and access control are provided, safe transmission of data is ensured, and subsequent encrypted communication between the client and the server is facilitated.
Taking a more specific embodiment as an example, the following describes an interaction process between the client and the server when transmitting data, referring to fig. 11, the method S200 further includes:
s255: the client security service program obtains request data of the client application program through the virtual network card.
S256: the client security service encrypts the request data using the client communication key.
S257: the client security program sends the encrypted request data to the server through the physical network card.
S258: the server security service decrypts the requested data using the client communication key.
S259: the server application program receives the request data through the virtual network card.
S260: the server side safety service program obtains the data returned by the server side application program through the virtual network card.
S261: the server security service encrypts the return data using the server communication key.
S262: the server side safety service program sends the returned data to the client side through the physical network card.
S263: the client security program decrypts the returned data using the server communication key.
S264: the client application receives the return data through the virtual network card.
And the client and the server carry out service communication after the identity authentication of the networking controller and the communication key are obtained. The client acquires the request data of the application layer, encrypts the request data by using the communication key at the link layer and sends the encrypted request data to the server by using the physical layer; the service end receives the request data through the physical layer, decrypts the request data through the communication key at the link layer, and transmits the request data to the application layer. The method comprises the steps that a server side obtains return data of an application layer, encrypts the return data by using a communication key at a link layer, and sends the return data to a client side by using a physical layer; the client receives the returned data through the physical layer, decrypts the returned data through the communication key at the link layer, and transmits the returned data to the application layer, and the communication between the client and the service end is completed in the above mode.
In the embodiment, the client device and the server device perform data encryption and decryption communication by using the server communication key and the client communication key, so that communication data are protected, and the safety of data transmission is ensured.
Another embodiment of the present invention also provides a secure transmission system, as shown in fig. 12, the secure transmission system 300 includes a client device 10, a networking controller 20, and a server device 30.
The client device 10 is configured to sign the authentication packet through the security chip, encrypt the authentication packet through the controller public key, and send the encrypted authentication packet to the networking controller 20; the client device 10 receives encrypted communication parameters which are sent after the network controller decrypts and passes the verification; the client device 10 obtains a communication key based on the communication parameter, encrypts the client key with the communication key, and transmits the encrypted client key to the networking controller 20; the client device 10 receives the encrypted server key sent by the networking controller 20, and the client device 10 decrypts the server key using the controller communication key.
The server device 30 is configured to sign the authentication packet through the security chip, encrypt the authentication packet through the public key of the controller, and send the encrypted authentication packet to the networking controller 20; the server device 30 receives the encrypted communication parameters which are sent after the decryption and signature verification of the networking controller pass; the server device 30 obtains a communication key based on the communication parameter, encrypts the server key by using the communication key, and sends the encrypted server key to the networking controller 20; the server device 30 receives the encrypted client key sent by the networking controller 20, and the server device 30 decrypts the encrypted client key using the controller communication key to obtain the client key.
Another embodiment of the present invention also provides a non-transitory computer-readable storage medium storing computer-executable instructions which, when executed by at least one processor, cause the at least one processor to perform the data transmission method according to any one of the above embodiments.
It should be noted that the above-described apparatus embodiments are merely illustrative, and the units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed over a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
From the above description of embodiments, it will be apparent to those skilled in the art that the embodiments may be implemented by means of software plus a general purpose hardware platform, or may be implemented by hardware. Those skilled in the art will appreciate that all or part of the processes implementing the methods of the above embodiments may be implemented by a computer program for instructing relevant hardware, where the program may be stored in a computer readable storage medium, and where the program may include processes implementing the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), or the like.
Finally, it should be noted that: the above embodiments are only for illustrating the technical solution of the present invention, and are not limiting; the technical features of the above embodiments or in the different embodiments may also be combined within the idea of the invention, the steps may be implemented in any order, and there are many other variations of the different aspects of the invention as described above, which are not provided in detail for the sake of brevity; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit of the invention.

Claims (11)

1. A data transmission method for a client, wherein the client includes a first security chip, the method comprising:
generating a digital signature for a first authentication packet through a first security chip, encrypting the first authentication packet by using a controller public key, and transmitting the first authentication packet to a networking controller;
Obtaining a reply data packet returned after the authentication of the networking controller is passed, wherein the reply data packet comprises communication parameters;
decrypting the reply data packet by using a client private key, and checking a signature for the reply data packet by using a controller public key to obtain the communication parameter;
obtaining a client communication key based on the communication parameters;
the controller communication key sent by the networking controller is obtained, the controller communication key is used for encrypting the client communication key, and the encrypted client communication key is sent to the networking controller;
and receiving the encrypted server communication key sent by the networking controller, and decrypting by utilizing the controller communication key to obtain the server communication key.
2. The method according to claim 1, wherein the method further comprises:
acquiring request data of an application layer, and encrypting the request data by using the client communication key at a link layer;
sending the encrypted request data to the server through a physical layer;
and/or the number of the groups of groups,
receiving encrypted return data sent by a server through a physical layer;
decrypting the return data by using the server communication key at a link layer to obtain the return data;
And transmitting the return data to an application layer.
3. The method of claim 2, wherein the request data and the return data are both encrypted data.
4. A method according to any of claims 1-3, characterized in that before generating a digital signature for a first authentication package by a first security chip, encrypting the first authentication package with a controller public key, and sending the first authentication package to a networked controller, the method further comprises:
sending an authentication package to a registration server, wherein the authentication package is used for carrying out identity authentication on the registration server;
if the authentication success message sent by the registration server is received, a registration application is sent to the registration server, wherein the registration application is used for registering at the registration server, and if the registration is successful, the client obtains network access rights;
after obtaining the server-side communication key, the method further comprises:
the method comprises the steps of obtaining face features and fingerprint features, and sending the face features and the fingerprint features to a secondary authentication server to request an authentication code, wherein the secondary authentication server returns the authentication code when verifying that the face features and the fingerprint features are legal:
And responding to the input of the authentication code, sending an authentication packet to the networking controller so as to apply for network access rights, if the networking controller successfully authenticates based on the authentication packet, the client reserves the network access rights, and if the authentication fails, the client is cancelled the network access rights.
5. A data transmission method for a server, wherein the server includes a second security chip, the method comprising:
generating a digital signature for a second authentication packet through a second security chip, encrypting the second authentication packet by using a controller public key, and transmitting the second authentication packet to a networking controller;
obtaining a reply data packet returned after the authentication of the networking controller is passed, wherein the reply data packet comprises communication parameters;
decrypting the reply data packet by using a server private key, and checking a signature for the reply data packet by using a controller public key to obtain the communication parameters;
obtaining a server communication key based on the communication parameters;
the controller communication key sent by the networking controller is obtained, the controller communication key is used for encrypting the server communication key, and the encrypted server communication key is sent to the networking controller;
And receiving the encrypted client communication key sent by the networking controller, decrypting by using the controller communication key, and obtaining the client communication key.
6. A method of data transmission for a networked controller, the method comprising:
the method comprises the steps of obtaining an encrypted authentication packet sent by a client, decrypting the authentication packet by using a controller private key, and checking a signature by using a client public key;
after the authentication packet passes the authentication, a digital signature is generated for the communication parameters by using a controller private key, the communication parameters are encrypted by using the client public key, and the communication parameters are sent to the client;
the controller communication key is sent to the client, the client communication key which is sent by the client and is encrypted based on the controller communication key is obtained, decryption is carried out by utilizing the controller communication key, the client communication key is obtained, and the client communication key is obtained based on communication parameters;
encrypting the client communication key by using the controller communication key, and transmitting the encrypted client communication key to the server;
or,
the method comprises the steps of obtaining an encrypted authentication packet sent by a server, decrypting the authentication packet by using a private key of a controller, and checking a signature by using a public key of the server;
After the authentication packet passes the authentication, a digital signature is generated for the communication parameters by using a controller private key, the communication parameters are encrypted by using the server public key, and the communication parameters are sent to the server;
the controller communication key is sent to the server, the server communication key which is sent by the server and is encrypted based on the controller communication key is obtained, decryption is carried out by utilizing the controller communication key, the server communication key is obtained, and the server communication key is obtained based on communication parameters;
encrypting the service side communication key by using the controller communication key, and sending the service communication key to the client side.
7. A client device, comprising:
at least one processor, and
a memory communicatively coupled to the at least one processor, the memory storing instructions executable by the at least one processor to enable the at least one processor to perform the data transmission method of any one of claims 1-3 or to perform the method of any one of claims 1-4.
8. A server device, comprising:
at least one processor, and
a memory communicatively coupled to the at least one processor, the memory storing instructions executable by the at least one processor to enable the at least one processor to perform the data transmission method of claim 5.
9. A networked controller, comprising:
at least one processor, and
a memory communicatively coupled to the at least one processor, the memory storing instructions executable by the at least one processor to enable the at least one processor to perform the data transmission method of claim 6.
10. A secure transmission system comprising the client device of claim 7, the server device of claim 8, and the networking controller of claim 9.
11. A non-transitory computer-readable storage medium storing computer-executable instructions which, when executed by at least one processor, cause the at least one processor to perform the method of any of claims 1-6.
CN202311481489.4A 2023-11-07 2023-11-07 Data transmission method, secure transmission system and electronic equipment Pending CN117640098A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311481489.4A CN117640098A (en) 2023-11-07 2023-11-07 Data transmission method, secure transmission system and electronic equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311481489.4A CN117640098A (en) 2023-11-07 2023-11-07 Data transmission method, secure transmission system and electronic equipment

Publications (1)

Publication Number Publication Date
CN117640098A true CN117640098A (en) 2024-03-01

Family

ID=90029515

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311481489.4A Pending CN117640098A (en) 2023-11-07 2023-11-07 Data transmission method, secure transmission system and electronic equipment

Country Status (1)

Country Link
CN (1) CN117640098A (en)

Similar Documents

Publication Publication Date Title
US11888993B2 (en) Digital certificate application method
US11799656B2 (en) Security authentication method and device
CN106878318B (en) Block chain real-time polling cloud system
CN114553568B (en) Resource access control method based on zero-trust single-package authentication and authorization
CN110336774B (en) Mixed encryption and decryption method, equipment and system
US20150163211A1 (en) Unclonable id based chip-to-chip communication
US11689367B2 (en) Authentication method and system
CN112651037A (en) Off-chain data access method and system of block chain system
KR20200080441A (en) Distributed device authentication protocol in internet of things blockchain environment
CN115277168B (en) Method, device and system for accessing server
CN113098697B (en) Block chain data writing and accessing method and device
CN110020869B (en) Method, device and system for generating block chain authorization information
CN113259123B (en) Block chain data writing and accessing method and device
WO2021170049A1 (en) Method and apparatus for recording access behavior
CN110572392A (en) Identity authentication method based on HyperLegger network
CN113612616A (en) Vehicle communication method and device based on block chain
CN106576050B (en) Three-tier security and computing architecture
CN114024682A (en) Cross-domain single sign-on method, service equipment and authentication equipment
CN117640098A (en) Data transmission method, secure transmission system and electronic equipment
Das et al. Design of a Trust-Based Authentication Scheme for Blockchain-Enabled IoV System
CN113259124A (en) Block chain data writing and accessing method and device
CN114629634A (en) Encrypted communication system, encrypted communication method, and encrypted communication device
CN112822217A (en) Server access method, device, equipment and storage medium
CN114338091A (en) Data transmission method and device, electronic equipment and storage medium
CN113556365B (en) Authentication result data transmission system, method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination