WO2021218088A1 - Communication data processing method and apparatus, and computer system and storage medium - Google Patents

Communication data processing method and apparatus, and computer system and storage medium Download PDF

Info

Publication number
WO2021218088A1
WO2021218088A1 PCT/CN2020/125074 CN2020125074W WO2021218088A1 WO 2021218088 A1 WO2021218088 A1 WO 2021218088A1 CN 2020125074 W CN2020125074 W CN 2020125074W WO 2021218088 A1 WO2021218088 A1 WO 2021218088A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
key
gyroscope
receiving
time stamp
Prior art date
Application number
PCT/CN2020/125074
Other languages
French (fr)
Chinese (zh)
Inventor
席悦洋
Original Assignee
平安科技(深圳)有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 平安科技(深圳)有限公司 filed Critical 平安科技(深圳)有限公司
Publication of WO2021218088A1 publication Critical patent/WO2021218088A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0863Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords

Definitions

  • This application relates to the field of computer technology, and in particular to a communication data encryption method, device, computer system and readable storage medium.
  • Information security can be roughly divided into storage security, use security, and transmission security.
  • Transmission security is the most directly threatened one, because in the process of information transmission
  • parties of information exchange are open, and they are very vulnerable to data leakage and data tampering.
  • an asymmetric encryption algorithm or a symmetric encryption algorithm is used to encrypt the transmitted data in the existing information transmission process.
  • the asymmetric encryption algorithm requires two keys, and two keys are used for encryption and decryption.
  • the asymmetric encryption algorithm has higher security but more complex decryption, and is not suitable for frequent processing of data with too large length; the symmetric encryption algorithm uses the same key for encryption and decryption, and the decryption speed is faster when the symmetric encryption algorithm is used for encryption. efficient.
  • the purpose of this application is to provide a communication data processing method, device, computer system, and storage medium, which are used to solve the problem of data leakage caused by the interception of the key in the communication data transmission process in the prior art.
  • this application provides a communication data processing method applied to the sending end, including:
  • each of the gyroscope data corresponds to a time stamp data
  • the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm.
  • This application also provides a communication data processing method, which is applied to the receiving end, and includes:
  • each gyroscope data corresponds to a time stamp data
  • the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm
  • the encrypted text is decrypted by using a symmetric encryption algorithm based on the second key to obtain the initial text.
  • this application also provides a device including a sending end server and a receiving end server communicating with the sending end server:
  • the sending end server is used to collect the gyroscope data of the mobile terminal in real time after receiving the start signal and synchronously send it to the receiving end; obtain the last collected gyroscope data as the first data; use a self-built algorithm to compare the first data Perform the first processing to obtain the first key; wherein the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm; obtain the initial text to be encrypted, and compare the initial text based on the first key Encrypt by using a symmetric encryption algorithm to obtain an encrypted text, and send the encrypted text to the receiving end;
  • the receiving end server is used to receive the gyroscope data synchronized from the transmitting end and receive the key generation signal; obtain the last received gyroscope data as the second data; use a self-built algorithm to perform the second data on the second data Process to obtain a second key, where the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm; the encrypted text sent by the sender is received, and the encrypted text is symmetric based on the second key
  • the encryption algorithm decrypts and obtains the initial text;
  • the self-built algorithms executed by the first processing unit and the second processing unit are consistent.
  • the present application also provides a computer system, which includes at least one computer device, each computer device includes a memory.
  • each of the gyroscope data corresponds to a time stamp data
  • the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm.
  • each gyroscope data corresponds to a time stamp data
  • the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm
  • the encrypted text is decrypted by using a symmetric encryption algorithm based on the second key to obtain the initial text.
  • the present application also provides a computer storage medium, which includes a plurality of storage media, each storage medium stores computer readable instructions, and the computer readable instructions stored in the multiple storage media are processed by a processor.
  • the following steps of the above method are jointly implemented during execution:
  • each of the gyroscope data corresponds to a time stamp data
  • the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm.
  • each gyroscope data corresponds to a time stamp data
  • the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm
  • the encrypted text is decrypted by using a symmetric encryption algorithm based on the second key to obtain the initial text.
  • the communication data processing method, device, computer system and storage medium provided in this application use the transmitting end to collect the gyroscope data of the mobile terminal in real time and send it to the receiving end synchronously. Both the transmitting end and the receiving end obtain the respective keys generated based on the gyroscope data , Only the gyroscope data and encrypted text collected in real time are transmitted through the network, and the key generated by each is not transmitted through the network, which avoids the high risk of interception in the transmission and distribution of the key, and improves the security of data transmission.
  • FIG. 1 is a flowchart of Embodiment 1 of a communication data processing method described in this application;
  • FIG. 2 is a flowchart of the first embodiment of the communication data processing method of this application before the first processing is performed on the first data to obtain the key;
  • FIG. 3 is a flowchart of performing consistency check on the first data and the second data in the first embodiment of a communication data processing method of this application;
  • FIG. 4 is a flowchart of obtaining other gyroscope data to replace the first data in Embodiment 1 of a communication data processing method of this application, and performing re-verification;
  • FIG. 5 is a flowchart of Embodiment 2 of a communication data processing method described in this application;
  • FIG. 7 is a schematic diagram of program modules of Embodiment 4 of a communication data processing apparatus according to this application.
  • FIG. 8 is a schematic diagram of the hardware structure of the computer device in the fifth embodiment of the computer system of this application.
  • This application provides a communication data processing method, device, computer system, and readable storage medium method based on a sending end server and a receiving end server communicating with the sending end server, which are suitable for the field of computer technology.
  • the gyroscope data of the mobile terminal is collected in real time by the collecting unit in the sending end server and sent to the receiving end server synchronously, and the first obtaining unit in the sending end server and the second obtaining unit in the receiving end server are used to obtain the same
  • the first processing unit in the sending end server and the second processing unit in the receiving end server respectively process the gyroscope data to obtain the key.
  • the encryption unit in the sending end server performs the initial text Encrypt to obtain the encrypted text and send it to the receiving server.
  • the receiving server After receiving the encrypted text, the receiving server decrypts based on the key to obtain the initial text. In this process, only the transmission of encrypted text and the transmission of gyroscope data are required.
  • the key generation is performed on the sending end server and the receiving end server respectively, and the key itself is not transmitted through the network, which solves the problem of data leakage caused by the interception of the key in the communication data transmission process in the prior art.
  • the key generation in this application depends on the collected gyroscope data of the mobile terminal, and the collected key is based on the last set of gyroscope data before the key generation signal is received, that is, the gyroscope that generates the key depends on the user trigger
  • the process of key generation signal enhances the dynamic nature of the key, that is, the single-use key cannot be used and decrypted successfully after the next login. Due to real-time collection, theoretically, a large number of users will not generate the same key. , To further improve safety.
  • this embodiment provides a communication data processing method, which is applied to the sending end server, as shown in Figs. 1 and 6, including the following steps:
  • the sending end is the mobile device end of the first user
  • the receiving end is the mobile device end or computer end of the second user
  • the collected data is the gyroscope data and time stamp data of the user's mobile terminal.
  • the start signal can be triggered when the user uses the APP for collecting terminal data. After the user logs in to the APP, the start signal is triggered. It can be realized by monitoring technical means.
  • the real-time collection is collected at a preset time interval.
  • the preset time interval is set to one minute, or it can be set to other time periods.
  • the preset time interval cannot be too long or too short. If the interval is too short, too much terminal data will be collected, which will cause delays in both the sender and the receiver. Large pressure and too little terminal data collected at too long intervals will affect the security of subsequent key generation.
  • Collect gyroscope data and corresponding time stamp data The gyroscope data is used to generate the key described later.
  • the time stamp data is used to identify the gyroscope data.
  • the collected gyroscope data are recorded in sequence according to the order of collection. After the gyroscope data is collected The data can be preprocessed, for example, the gyroscope data and the time stamp data are serialized, that is, the gyroscope data is converted into a specific format for transmission on the network.
  • S12 Receive a key generation signal, and obtain the last collected gyroscope data based on the time stamp data as the first data;
  • the key generation signal can be triggered by the sending end or the receiving end, and sent to the receiving end and the sending end at the same time.
  • the last collected gyroscope data refers to the data before the sending end receives the key generation signal.
  • the gyroscope data and time stamp data acquired in the last collection set can be selected based on the time stamp sequence, that is, the gyroscope data corresponding to the latest time represented by the time stamp. More specifically, the gyroscope data can be the user exiting the APP
  • the last set of data collected can also be a set of data uploaded during the start of the APP or halfway.
  • FIG. 2 Before performing the first processing on the first data to obtain the key, refer to FIG. 2, including the following:
  • S121 Send an information request signal to the receiving end, and obtain the gyroscope data last received by the receiving end as the second data.
  • S122 Perform consistency check on the first data and the second data.
  • the last recorded gyroscope data is obtained at the sending end and the receiving end through S12 and S121. Since the sending end collects terminal data each time it is sent to the receiving end synchronously, theoretically the receiving end and the sending end save the same Gyroscope data and timestamp data.
  • the key is generated based on gyroscope data.
  • the subsequent sender encrypts the initial text and transmits it to the receiver to be decrypted by the receiver, it is necessary to ensure that the receiver and sender use the generated key Therefore, in order to ensure the consistency of the obtained key, before the following steps, it also includes the consistency check of the gyroscope data used by the sender and the receiver to generate the key.
  • the specific verification process includes the following steps :
  • the consistency check on the first data and the second data includes the following steps:
  • S1221 Obtain corresponding first summary values and second summary values based on the first data and the second data, respectively;
  • the MD5 algorithm is used to obtain the digest value.
  • the MD5 algorithm is an irreversible digest algorithm that is common in the prior art, and is used to verify the consistency of two data. In this embodiment, it is used to verify whether the target data respectively obtained by the sending end and the receiving end are consistent.
  • the MD5 algorithm based on timestamp is used to transform the target data and its corresponding timestamp data into a 128-bit, 32-character (hexadecimal identification) output through a hash algorithm.
  • the first summary value and the second summary value can be compared at the sender, or can be directly compared by handshake.
  • the handshake comparison means that the sender and the receiver need to establish a TCP connection to achieve the first summary. The comparison between the value and the second summary value.
  • the time stamp data is a complete, verifiable data that can indicate that a piece of data has existed before a certain time. It is usually a sequence of characters that uniquely identifies the time at a certain moment, and corresponds to the data based on the gyroscope.
  • the time stamp data of the gyro can know the time corresponding to the data collection of the gyroscope, that is, the time stamp data can be used to identify the data of each gyroscope, arranged in chronological order, and then the time stamp data collected in sequence can be obtained.
  • the second data consistency verification fails, that is, the first data is inconsistent with the second data. The greatest possibility is that the first data set is more than the second data set. Therefore, the historical collection of the sender server is used to obtain the gyroscope data to replace the current one. For the first data, the process can be realized by using time stamp data.
  • S1224-3 Acquire corresponding gyroscope data based on the second time stamp data
  • S1224-4 Use the gyroscope data corresponding to the second time stamp data to replace the current first data to obtain the replaced first data;
  • S1224-5 Use the replaced first data and the second data to perform verification.
  • the sending end server can use the previous data of the last set of data to overcome the inconsistency of the gyroscope data obtained by the sender and the receiving end, and ensure the subsequent sending server The consistency of the generated keys with the receiving server.
  • the performing the first processing on the first data includes the following:
  • the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm.
  • self-built algorithms include but are not limited to serialization, disorder, character replacement, digest algorithms, etc.
  • the sending end server and the receiving end server use the same self-built algorithm, which can be based on the use environment or The corresponding setting of the preset text type can also be randomly generated. It is only necessary to keep the sending end server and the receiving end server consistent, as an example and not a limitation: in this embodiment, a serialization function is used to convert the gyroscope data into Binary string, then use every 8 bytes in reverse order, deserialize, and finally perform BASE64 encoding to obtain the key.
  • the self-built algorithm is written in native C code in the APP to prevent it from being simple java Decompile to obtain the content of the algorithm.
  • the generation of the first key at the sending end depends on the collected gyroscope data of the mobile terminal, and the collection of gyroscope data starts with the start signal and stops with the key generation signal.
  • the key obtained each time can only be Once used, due to real-time collection, theoretically there will not be a large number of users generating the same secret key, which improves the security of use.
  • S14 Obtain the initial text to be encrypted, encrypt the initial text with a symmetric encryption algorithm based on the first key, obtain the encrypted text, and send the encrypted text to the receiving end.
  • the initial text is encrypted using an AES encryption algorithm (symmetric encryption algorithm).
  • the AES encryption algorithm includes key expansion (KeyExpansion), initial round (Initial Round), repeat round (Rounds), final round (Final Round), where each round in the repeated round includes: byte substitution (SubBytes), row shift (ShiftRows), column mixing (MixColumns), round key addition (AddRoundKey), and the final round without column mixing (MixColumns) ,
  • KeyExpansion key expansion
  • Initial Round initial round
  • Rounds repeat round
  • Final Round final round
  • each round in the repeated round includes: byte substitution (SubBytes), row shift (ShiftRows), column mixing (MixColumns), round key addition (AddRoundKey), and the final round without column mixing (MixColumns)
  • the following decryption process reverses the encryption process.
  • the key extension extends the 16-byte key to obtain the extended key.
  • the 16-byte target data must be preprocessed to form a
  • the 4*4 matrix is then XORed with the extended key, and each round of key addition is XORed with the corresponding extended key.
  • the byte replacement is based on the processed matrix through a preset
  • the reverse byte replacement in the decryption process of the receiving end server in the following embodiment 2 is completed by the inverse mapping of the S-box, and the row shift is based on the above matrix for the first row unchanged, and the second row cyclically Shift 1 byte to the left, cyclically shift the 3rd row to the left by 2 bytes, and cyclically shift the 4th row to the left by 3 bytes.
  • the following decryption process is reversed, and the column mixing multiplies the processed matrix to the left by a fixed matrix, In the following decryption process, the column mix uses the processed matrix to be left multiplied by the inverse matrix of the fixed matrix.
  • the first key directly generated by the receiving end, the generated first key itself is not transmitted through the network, and is generated for the gyroscope data of the sending end, which avoids the transmission and distribution of the first key.
  • the risk of being intercepted improves the security of data transmission.
  • symmetric encryption is used to protect the transmitted data, the decryption performance consumption of the receiving end is relatively reduced, the overall encryption of longer data can be supported, and the data transmission efficiency is improved.
  • This embodiment provides a communication data processing method, which is applied to a receiving end server, as shown in FIG. 5 and FIG. 6, and includes the following steps:
  • S21 Receive gyroscope data synchronized from the sending end server, where each gyroscope data corresponds to a time stamp data;
  • the receiving end server receives the key generation signal, and obtains the last received gyroscope data based on the time stamp data as the second data;
  • the sending end server collects gyroscope data, and then synchronously sends the gyroscope data to the receiving end server.
  • the receiving end server and the sending end server record all the same gyroscope data, so in order to obtain the first
  • the accuracy of the second key is based on the last received gyroscope data to reduce the confusion caused by multiple gyroscope data and affect the accuracy of the second key generated subsequently.
  • the generation of the second key depends on the received gyroscope data and is synchronized with the sender, that is, the generation of the second key does not need to be transmitted through the network, which avoids the transmission and distribution of the second key.
  • the high risk of interception improves the security of data transmission, and the subsequent decryption can be performed directly based on the second key.
  • the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm.
  • the self-built algorithm includes but is not limited to serialization, disorder, character replacement, digest algorithm, etc. It should be noted that the receiving end server and the sending end server in the first embodiment above use the same self-built algorithm. It can be set according to the use environment or the preset text type, or it can be randomly generated. You only need to keep the sending end server and the receiving end server consistent to ensure that the second key is the same as the first key generated by the sending end server Consistent, complete the subsequent decryption of the encrypted text.
  • the self-built algorithm can be stored on the blockchain network, and the data information can be shared between different platforms through the storage of the blockchain, and the data can also be prevented from being tampered with.
  • Blockchain is a new application mode of computer technology such as distributed data storage, point-to-point transmission, consensus mechanism, and encryption algorithm.
  • Blockchain essentially a decentralized database, is a series of data blocks associated with cryptographic methods. Each data block contains a batch of network transaction information for verification. The validity of the information (anti-counterfeiting) and the generation of the next block.
  • the blockchain can include the underlying platform of the blockchain, the platform product service layer, and the application service layer.
  • the second data is sent to the sending end.
  • the AES encryption algorithm is used for decryption
  • the reverse processing of the encryption process in the receiving server is used as an example and not a limitation.
  • the reverse byte is replaced by the reverse mapping of the S box, and the row shift is based on the encryption process.
  • the column mixing is to multiply the processed matrix by a fixed matrix to the left.
  • the column mixing uses the processed matrix to multiply the inverse of the fixed matrix to the left to obtain The original text after decryption.
  • This embodiment provides a communication data processing method. Referring to FIG. 6, the method includes the following:
  • S31 Receive the start signal, and the sending end collects gyroscope data in real time, each of the gyroscope data corresponds to a time stamp data, and synchronously sends the gyroscope data and the corresponding time stamp data to the receiving end.
  • the sending end is the mobile device end of the first user
  • the receiving end is the mobile device end or the computer end of the second user
  • the collected data is the gyroscope data and time stamp data of the user's mobile terminal.
  • the time stamp data is used to identify the gyroscope data, and the collected gyroscope data are recorded in sequence according to the order of collection.
  • S32 receiving the key generation signal, the sending end and the receiving end respectively obtain the last collected gyroscope data as the first data and the second data based on the time stamp data, and obtain the initial text to be encrypted;
  • S33 The sending end and the receiving end respectively use self-built algorithms to process the first data and the second data to obtain the first key and the second key;
  • a consistency check of the first data and the second data is performed to ensure that the subsequent generation of the first key and the second key are consistent.
  • the consistency check can be performed by using the receiving end to send the second data to the sending end, or the sending end can be used to send the first data to the receiving end for consistency checking, and the sending end and the receiving end can also be used.
  • Handshake comparison is because most mobile terminals adopt the TCP/IP protocol. The establishment of a TCP connection requires multiple handshake, that is, the client sends a TCP trial connection to the server, a handshake; the server agrees to establish the TCP connection and returns Confirm the information, two handshake; the client then confirms the message to the server, three handshake, to achieve the establishment of the TCP connection. Therefore, the handshake comparison here mainly means that the first data is on the sender and the second data is on the receiver. The sender and the receiver need to establish a TCP connection to achieve the comparison of the first data and the second data.
  • the same self-built algorithm is used to process the first data and the second data, where the self-built algorithm includes serialization, disorder, character replacement, and digest algorithms.
  • Self-built algorithms include but are not limited to serialization, disorder, character replacement, digest algorithms, etc. It should be noted that the sender server and the receiver server use the same self-built algorithm to ensure that the same key is obtained, as an example Without limitation, in this embodiment, a serialization function is used to convert the gyroscope data into a binary string, and then every 8 bytes are used in reverse order, deserialization, and finally BASE64 encoding is performed to obtain the key.
  • the sending end encrypts the initial text based on the first key, obtains the encrypted text, and sends the encrypted text to the receiving end;
  • a symmetric encryption algorithm (AES encryption algorithm) is used to encrypt or decrypt the initial text.
  • AES encryption algorithm the sender processes the initial text and the encryption key together with the encryption algorithm to make it complicated
  • the encrypted ciphertext is sent out.
  • the receiver wants to obtain the initial text it needs to decrypt the ciphertext with the used encryption key and the inverse algorithm of the same algorithm to restore it to the original text.
  • the symmetric encryption algorithm there is only one key used. Both the sender and the receiver use this key to encrypt and decrypt data. The decryption process reverses the encryption process.
  • the key is expanded first, that is, the 16-byte key is expanded to obtain the expanded key.
  • the 16-byte initial text must be preprocessed. Processing, compose it into a 4*4 matrix, and then perform XOR operation with the extended key. After each round of key addition, XOR is performed with the corresponding extended key.
  • the byte replacement is based on the processed key.
  • the matrix of is completed by the preset S-box mapping.
  • the reverse byte replacement is completed by the inverse mapping of the S-box.
  • the row shift is based on the above matrix for the first row unchanged, and the second row rotates to the left.
  • the key generated in this application is not transmitted over the network. It is generated by the sender and receiver separately based on the synchronized gyroscope data, avoiding the high risk of interception in the transmission and distribution of the key, and improving the data transmission. safety.
  • the key generation in this application relies on the collected gyroscope data of the mobile terminal. Based on the last set of gyroscope data before the key generation and collection, theoretically, there will be no large batch of users generating the same secret key, which is further improved. Security during data transmission.
  • a communication data processing apparatus of this embodiment includes a sending end server 71 and a receiving end server 72;
  • the sending end server 71 is configured to collect the gyroscope data of the mobile terminal in real time after receiving the start signal and send it to the receiving end synchronously; obtain the last collected gyroscope data as the first data; The data undergoes the first processing to obtain the first key; wherein the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm; the initial text to be encrypted is obtained, and the initial text is obtained based on the first key.
  • the text is encrypted using a symmetric encryption algorithm to obtain an encrypted text, and send the encrypted text to the receiving end;
  • the sending end server 71 includes the following:
  • the collecting unit 711 is configured to collect the gyroscope data of the mobile terminal in real time after receiving the start signal and send it to the receiving end synchronously;
  • the first obtaining unit 712 is configured to obtain the last collected gyroscope data as the first data
  • the first processing unit 713 is configured to perform first processing on the first data to obtain a first key
  • the verification unit 714 is configured to perform consistency verification on the first data and the second data
  • the encryption unit 715 is configured to obtain the initial text to be encrypted, encrypt the initial text with a symmetric encryption algorithm based on the first key, obtain the encrypted text, and send the encrypted text to the receiving end;
  • the receiving end server 72 is configured to receive the gyroscope data synchronized from the transmitting end and receive the key generation signal; obtain the last received gyroscope data as the second data; use a self-built algorithm to perform the second data on the second data.
  • the second process is to obtain the second key, where the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm; the encrypted text sent by the sender is received, and the encrypted text is used based on the second key
  • the symmetric encryption algorithm decrypts and obtains the initial text;
  • the self-built algorithms executed by the first processing unit and the second processing unit are consistent.
  • the receiving end server 72 includes the following:
  • the receiving unit 721 is configured to receive gyroscope data synchronized from the transmitting end, and receive a key generation signal;
  • the second acquiring unit 722 is configured to acquire the last received gyroscope data as the second data
  • the second processing unit 723 is configured to perform second processing on the second data to obtain a second key
  • the decryption unit 724 is configured to receive the encrypted text sent by the sender, and decrypt the encrypted text using a symmetric encryption algorithm based on the second key to obtain the initial text.
  • This technical solution is based on the information encryption and decryption technology in cryptographic technology, and uses the acquisition unit to collect the gyroscope data of the mobile terminal in real time and send it to the receiving end server synchronously.
  • the receiving end server receives the gyroscope data sent by the sending end server
  • the sending end server and The receiving end server uses the first acquisition unit and the second acquisition unit to acquire the last gyroscope data as the first data and the second data respectively; and then uses the verification unit to verify whether the first data and the second data are consistent. After the verification is completed Then the same algorithm is used on the sending end server and the receiving end server to generate the first key and the second key based on the first data and the second data respectively.
  • the obtained first One key is consistent with the second key, and then the sending end server uses the first key to encrypt the initial text and transmits the encrypted text to the receiving end server, and the receiving end server uses the second key to decrypt the encrypted text to obtain the initial text
  • the sending end server uses the first key to encrypt the initial text and transmits the encrypted text to the receiving end server
  • the receiving end server uses the second key to decrypt the encrypted text to obtain the initial text
  • only the gyroscope data and encrypted text collected in real time are transmitted through the network.
  • the first key and the second key generated are not transmitted through the network. They are generated separately for the sender and receiver based on the synchronized gyroscope data. Therefore, the transmission and distribution of the key has a higher risk of being intercepted, and the security of data transmission is improved.
  • the gyroscope data collected by the sending end server through the acquisition unit starts with the collected key with the start signal, stops with the key generation signal, and stops collecting the last set of gyroscope data before the acquisition.
  • the gyroscope that the end server generates the second key and the first key depends on the process of the user logging in or logging out of the APP, which enhances the dynamics of the key, that is, the single-use key cannot be used and decrypted after the next login Success, due to real-time collection, theoretically will not produce a large number of users to produce the same secret key, and further improve the security.
  • the present application also provides a computer system.
  • the computer system includes at least one computer device 8.
  • the components of the communication data processing apparatus of the fourth embodiment can be dispersed in different computer devices.
  • the computer equipment can be a smart phone, a tablet computer, a notebook computer, a desktop computer, a rack server, a blade server, a tower server, or a cabinet server (including an independent server, or a combination of multiple servers) that executes the program. Server cluster) and so on.
  • the computer device in this embodiment at least includes but is not limited to: a memory 81 and a processor 82 that can be communicatively connected to each other through a system bus, as shown in FIG. 8. It should be pointed out that FIG. 8 only shows a computer device with components, but it should be understood that it is not required to implement all the illustrated components, and more or fewer components may be implemented instead.
  • the memory 81 (ie, readable storage medium) includes flash memory, hard disk, multimedia card, card-type memory (for example, SD or DX memory, etc.), random access memory (RAM), static random access memory (SRAM), Read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), programmable read-only memory (PROM), magnetic memory, magnetic disks, optical disks, etc.
  • the memory 81 may be an internal storage unit of a computer device, such as a hard disk or memory of the computer device.
  • the memory 81 may also be an external storage device of the computer device, such as a plug-in hard disk, a smart memory card (Smart Media Card, SMC), and a secure digital (Secure Digital, SD) equipped on the computer device. Flash memory card Card) and so on.
  • the memory 81 may also include both an internal storage unit of the computer device and an external storage device thereof.
  • the memory 81 is generally used to store the operating system and various application software installed in the computer equipment, such as the program code of the communication data processing method of the first embodiment, the second embodiment, and the third embodiment, and the first embodiment. Example two, the initial text, encrypted text, etc. of the third example.
  • the memory 81 can also be used to temporarily store various types of data that have been output or will be output.
  • the processor 82 may be a central processing unit (Central Processing Unit) in some embodiments. Processing Unit, CPU), controller, microcontroller, microprocessor, or other data processing chip.
  • the processor 82 is generally used to control the overall operation of the computer equipment.
  • the processor 82 is used to run the program code or process data stored in the memory 81, for example, to run a data storage and query device, so as to implement a communication data processing method of the first embodiment.
  • this application also provides a computer-readable storage system, which includes multiple storage media, such as flash memory, hard disk, multimedia card, card-type memory (for example, SD or DX memory, etc.), random access memory (RAM ), static random access memory (SRAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), programmable read-only memory (PROM), magnetic storage, magnetic disks, optical disks, servers, App applications Shopping malls, etc., have computer-readable instructions stored thereon, and the programs are executed by the processor 82 to realize corresponding functions.
  • multiple storage media such as flash memory, hard disk, multimedia card, card-type memory (for example, SD or DX memory, etc.), random access memory (RAM ), static random access memory (SRAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), programmable read-only memory (PROM), magnetic storage, magnetic disks, optical disks, servers, App applications Shopping malls, etc.
  • multiple storage media such as
  • the computer-readable storage medium of this embodiment is used to store the data storage and query device, and when executed by the processor 82, it implements the communication data processing method of the first embodiment, the second embodiment, or the third embodiment.
  • the computer-readable storage medium may be non-volatile or volatile.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Information Transfer Between Computers (AREA)

Abstract

Disclosed are a communication data processing method and apparatus, and a computer system and a storage medium, which relate to encryption algorithms in the field of blockchains in computer technology, and are applied to a sending end and a receiving end. The method comprises: receiving an enabling signal; a sending end collecting, in real time, timestamp data corresponding to gyroscope data, and synchronously sending the timestamp data to a receiving end; receiving a key generation signal; the sending end and the receiving end respectively acquiring the finally collected gyroscope data as first data and second data, and acquiring initial text to be encrypted; and the sending end and the receiving end respectively processing the first data and the second data by using self-built algorithms to obtain a first key and a second key, wherein the self-built algorithms used by the sending end and the receiving end are the same, the self-built algorithms may be stored in a blockchain node, the sending end and the receiving end respectively perform encryption and decryption, and thus no key needs to be transmitted during data transmission, which solves the problem, in the prior art, of data leakage caused after a key is intercepted in a communication data transmission process.

Description

一种通信数据处理方法、装置、计算机系统及存储介质Communication data processing method, device, computer system and storage medium
本申请要求于2020年4月30日递交中国专利局、申请号为CN 202010361365.2,发明名称为“一种通信数据处理方法、装置、计算机系统及存储介质”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application is required to be submitted to the Chinese Patent Office on April 30, 2020, the application number is CN 202010361365.2, the priority of the Chinese patent application with the title of "a communication data processing method, device, computer system and storage medium", the entire content of which is incorporated into this application by reference.
技术领域Technical field
本申请涉及计算机技术领域,尤其涉及一种通信数据加密方法、装置、计算机系统及可读存储介质。This application relates to the field of computer technology, and in particular to a communication data encryption method, device, computer system and readable storage medium.
背景技术Background technique
随着科技的不断发展,信息安全越来越成为人们关注的问题,信息安全大致可以分为存储安全、使用安全、传输安全,其中传输安全是面临威胁最直接的一种,因为在信息传输过程中,信息交换双方是开放的,非常容易遭受攻击而产生数据泄露、数据篡改的情况。With the continuous development of science and technology, information security has increasingly become a concern of people. Information security can be roughly divided into storage security, use security, and transmission security. Transmission security is the most directly threatened one, because in the process of information transmission In, both parties of information exchange are open, and they are very vulnerable to data leakage and data tampering.
发明人发现为了提高信息传输的安全性,现有的信息传输过程中采用非对称加密算法或对称加密算法对传输数据进行加密,其中,非对称加密算法需要两个密钥,加密和解密使用两个不同的密钥,非对称加密算法安全性更高但解密较复杂,不适宜频繁处理长度过大的数据;对称加密算法加密和解密采用同一密钥,对称加密算法时解密速度较快,加密效率高。The inventor found that in order to improve the security of information transmission, an asymmetric encryption algorithm or a symmetric encryption algorithm is used to encrypt the transmitted data in the existing information transmission process. Among them, the asymmetric encryption algorithm requires two keys, and two keys are used for encryption and decryption. The asymmetric encryption algorithm has higher security but more complex decryption, and is not suitable for frequent processing of data with too large length; the symmetric encryption algorithm uses the same key for encryption and decryption, and the decryption speed is faster when the symmetric encryption algorithm is used for encryption. efficient.
但是,由于对称加密算法加密和解密使用同一个密钥,因此密钥的传输和分发存在较高的被拦截的风险,当服务器端与用户端任一方密钥在传输过程中被第三方劫持并破解,传输数据均会被泄露。However, because the symmetric encryption algorithm uses the same key for encryption and decryption, there is a high risk of interception in the transmission and distribution of the key. Cracking, transmission data will be leaked.
申请内容Application content
本申请的目的是提供一种通信数据处理方法、装置、计算机系统及存储介质,用于解决现有技术存在的通信数据传输过程中密钥被截获后造成数据泄露问题。The purpose of this application is to provide a communication data processing method, device, computer system, and storage medium, which are used to solve the problem of data leakage caused by the interception of the key in the communication data transmission process in the prior art.
为实现上述目的,本申请提供一种通信数据处理方法,应用于发送端,包括:In order to achieve the above objective, this application provides a communication data processing method applied to the sending end, including:
接收启动信号后,实时采集移动终端的陀螺仪数据并同步发送至接收端;其中,每一所述陀螺仪数据均对应一时间戳数据;After receiving the start signal, collect the gyroscope data of the mobile terminal in real time and synchronously send it to the receiving end; wherein, each of the gyroscope data corresponds to a time stamp data;
接收密钥生成信号,基于所述时间戳数据获取最后采集的陀螺仪数据,作为第一数据;Receiving a key generation signal, and obtaining the last collected gyroscope data based on the time stamp data as the first data;
采用自建算法对所述第一数据进行第一处理,获得第一密钥;Performing first processing on the first data by using a self-built algorithm to obtain a first key;
其中,所述自建算法包括序列化、乱序、字符替换、摘要算法。Wherein, the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm.
获取待加密的初始文本,基于所述第一密钥对所述初始文本采用对称加密算法进行加密,获得加密文本,将所述加密文本发送至接收端。Obtain the initial text to be encrypted, encrypt the initial text with a symmetric encryption algorithm based on the first key, obtain the encrypted text, and send the encrypted text to the receiving end.
本申请还提供一种通信数据处理方法,应用于接收端,包括:This application also provides a communication data processing method, which is applied to the receiving end, and includes:
接收从发送端同步的陀螺仪数据,其中,每一所述陀螺仪数据均对应一时间戳数据;Receiving gyroscope data synchronized from the sending end, where each gyroscope data corresponds to a time stamp data;
接收密钥生成信号,基于所述时间戳数据获取最后接收到的陀螺仪数据,作为第二数据;Receiving a key generation signal, and obtaining the last received gyroscope data based on the time stamp data as the second data;
采用自建算法对所述第二数据进行第二处理,获得第二密钥;Performing second processing on the second data by using a self-built algorithm to obtain a second key;
其中,所述自建算法包括序列化、乱序、字符替换、摘要算法;Wherein, the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm;
接收发送端发出的加密文本;Receive the encrypted text sent by the sender;
基于所述第二密钥对所述加密文本采用对称加密算法进行解密,获得初始文本。The encrypted text is decrypted by using a symmetric encryption algorithm based on the second key to obtain the initial text.
为实现上述目的,本申请还提供一种装置,包括发送端服务器和与所述发送端服务器通信的接收端服务器:In order to achieve the above objective, this application also provides a device including a sending end server and a receiving end server communicating with the sending end server:
所述发送端服务器用于接收启动信号后,实时采集移动终端的陀螺仪数据并同步发送至接收端;获取最后采集的陀螺仪数据,作为第一数据;采用自建算法对所述第一数据进行第一处理,获得第一密钥;其中,所述自建算法包括序列化、乱序、字符替换、摘要算法;获取待加密的初始文本,基于所述第一密钥对所述初始文本采用对称加密算法进行加密,获得加密文本,将所述加密文本发送至接收端;The sending end server is used to collect the gyroscope data of the mobile terminal in real time after receiving the start signal and synchronously send it to the receiving end; obtain the last collected gyroscope data as the first data; use a self-built algorithm to compare the first data Perform the first processing to obtain the first key; wherein the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm; obtain the initial text to be encrypted, and compare the initial text based on the first key Encrypt by using a symmetric encryption algorithm to obtain an encrypted text, and send the encrypted text to the receiving end;
所述接收端服务器用于接收从发送端同步的陀螺仪数据,接收密钥生成信号;获取最后接收到的陀螺仪数据,作为第二数据;采用自建算法对所述第二数据进行第二处理,获得第二密钥,其中,所述自建算法包括序列化、乱序、字符替换、摘要算法;接收发送端发出的加密文本,基于所述第二密钥对所述加密文本采用对称加密算法进行解密,获得初始文本;The receiving end server is used to receive the gyroscope data synchronized from the transmitting end and receive the key generation signal; obtain the last received gyroscope data as the second data; use a self-built algorithm to perform the second data on the second data Process to obtain a second key, where the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm; the encrypted text sent by the sender is received, and the encrypted text is symmetric based on the second key The encryption algorithm decrypts and obtains the initial text;
其中,所述第一处理单元与所述第二处理单元执行的自建算法一致。Wherein, the self-built algorithms executed by the first processing unit and the second processing unit are consistent.
为实现上述目的,本申请还提供一种计算机系统,其包括至少一个计算机设备,各计算机设备包括存储器. 处理器以及存储在存储器上并可在处理器上运行的计算机可读指令,所述至少一个计算机设备的处理器执行所述计算机可读指令时共同实现上述方法的以下步骤:In order to achieve the above object, the present application also provides a computer system, which includes at least one computer device, each computer device includes a memory. A processor and computer readable instructions stored in the memory and executable on the processor, the at least When a processor of a computer device executes the computer-readable instructions, the following steps of the above method are jointly implemented:
包括应用于发送端,接收启动信号后,实时采集移动终端的陀螺仪数据并同步发送至接收端;其中,每一所述陀螺仪数据均对应一时间戳数据;Including being applied to the sending end, after receiving the start signal, collecting the gyroscope data of the mobile terminal in real time and sending it to the receiving end synchronously; wherein, each of the gyroscope data corresponds to a time stamp data;
接收密钥生成信号,基于所述时间戳数据获取最后采集的陀螺仪数据,作为第一数据;Receiving a key generation signal, and obtaining the last collected gyroscope data based on the time stamp data as the first data;
采用自建算法对所述第一数据进行第一处理,获得第一密钥;Performing first processing on the first data by using a self-built algorithm to obtain a first key;
其中,所述自建算法包括序列化、乱序、字符替换、摘要算法。Wherein, the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm.
获取待加密的初始文本,基于所述第一密钥对所述初始文本采用对称加密算法进行加密,获得加密文本,将所述加密文本发送至接收端。Obtain the initial text to be encrypted, encrypt the initial text with a symmetric encryption algorithm based on the first key, obtain the encrypted text, and send the encrypted text to the receiving end.
还包括应用于接收端,包括:It also includes applications to the receiving end, including:
接收从发送端同步的陀螺仪数据,其中,每一所述陀螺仪数据均对应一时间戳数据;Receiving gyroscope data synchronized from the sending end, where each gyroscope data corresponds to a time stamp data;
接收密钥生成信号,基于所述时间戳数据获取最后接收到的陀螺仪数据,作为第二数据;Receiving a key generation signal, and obtaining the last received gyroscope data based on the time stamp data as the second data;
采用自建算法对所述第二数据进行第二处理,获得第二密钥;Performing second processing on the second data by using a self-built algorithm to obtain a second key;
其中,所述自建算法包括序列化、乱序、字符替换、摘要算法;Wherein, the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm;
接收发送端发出的加密文本;Receive the encrypted text sent by the sender;
基于所述第二密钥对所述加密文本采用对称加密算法进行解密,获得初始文本。The encrypted text is decrypted by using a symmetric encryption algorithm based on the second key to obtain the initial text.
为实现上述目的,本申请还提供一种计算机存储介质,其包括多个存储介质,各存储介质上存储有计算机可读指令,所述多个存储介质存储的所述计算机可读指令被处理器执行时共同实现上述方法的以下步骤:In order to achieve the above objective, the present application also provides a computer storage medium, which includes a plurality of storage media, each storage medium stores computer readable instructions, and the computer readable instructions stored in the multiple storage media are processed by a processor. The following steps of the above method are jointly implemented during execution:
包括应用于发送端,接收启动信号后,实时采集移动终端的陀螺仪数据并同步发送至接收端;其中,每一所述陀螺仪数据均对应一时间戳数据;Including being applied to the sending end, after receiving the start signal, collecting the gyroscope data of the mobile terminal in real time and sending it to the receiving end synchronously; wherein, each of the gyroscope data corresponds to a time stamp data;
接收密钥生成信号,基于所述时间戳数据获取最后采集的陀螺仪数据,作为第一数据;Receiving a key generation signal, and obtaining the last collected gyroscope data based on the time stamp data as the first data;
采用自建算法对所述第一数据进行第一处理,获得第一密钥;Performing first processing on the first data by using a self-built algorithm to obtain a first key;
其中,所述自建算法包括序列化、乱序、字符替换、摘要算法。Wherein, the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm.
获取待加密的初始文本,基于所述第一密钥对所述初始文本采用对称加密算法进行加密,获得加密文本,将所述加密文本发送至接收端。Obtain the initial text to be encrypted, encrypt the initial text with a symmetric encryption algorithm based on the first key, obtain the encrypted text, and send the encrypted text to the receiving end.
还包括应用于接收端,包括:It also includes applications to the receiving end, including:
接收从发送端同步的陀螺仪数据,其中,每一所述陀螺仪数据均对应一时间戳数据;Receiving gyroscope data synchronized from the sending end, where each gyroscope data corresponds to a time stamp data;
接收密钥生成信号,基于所述时间戳数据获取最后接收到的陀螺仪数据,作为第二数据;Receiving a key generation signal, and obtaining the last received gyroscope data based on the time stamp data as the second data;
采用自建算法对所述第二数据进行第二处理,获得第二密钥;Performing second processing on the second data by using a self-built algorithm to obtain a second key;
其中,所述自建算法包括序列化、乱序、字符替换、摘要算法;Wherein, the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm;
接收发送端发出的加密文本;Receive the encrypted text sent by the sender;
基于所述第二密钥对所述加密文本采用对称加密算法进行解密,获得初始文本。The encrypted text is decrypted by using a symmetric encryption algorithm based on the second key to obtain the initial text.
本申请提供的通信数据处理方法、装置、计算机系统及存储介质,利用发送端实时采集移动终端的陀螺仪数据并同步发送至接收端,发送端和接收端均获取基于陀螺仪数据各自生成密钥,仅通过网络传输实时采集的陀螺仪数据和加密文本,各自生成的密钥不通过网络传输,避免了密钥的传输和分发存在较高的被拦截的风险,提高了数据传输的安全性。The communication data processing method, device, computer system and storage medium provided in this application use the transmitting end to collect the gyroscope data of the mobile terminal in real time and send it to the receiving end synchronously. Both the transmitting end and the receiving end obtain the respective keys generated based on the gyroscope data , Only the gyroscope data and encrypted text collected in real time are transmitted through the network, and the key generated by each is not transmitted through the network, which avoids the high risk of interception in the transmission and distribution of the key, and improves the security of data transmission.
附图说明Description of the drawings
图1为本申请所述的一种通信数据处理方法的实施例一的流程图;FIG. 1 is a flowchart of Embodiment 1 of a communication data processing method described in this application;
图2为本申请的一种通信数据处理方法的实施例一中在对所述第一数据进行第一处理,获得密钥前的流程图;2 is a flowchart of the first embodiment of the communication data processing method of this application before the first processing is performed on the first data to obtain the key;
图3为本申请的一种通信数据处理方法的实施例一中对所述第一数据与第二数据进行一致性校验的流程图;FIG. 3 is a flowchart of performing consistency check on the first data and the second data in the first embodiment of a communication data processing method of this application;
图4为本申请的一种通信数据处理方法的实施例一中获取其他陀螺仪数据替换所述第一数据,进行再次验证的流程图;FIG. 4 is a flowchart of obtaining other gyroscope data to replace the first data in Embodiment 1 of a communication data processing method of this application, and performing re-verification;
图5为本申请所述的一种通信数据处理方法的实施例二的流程图;FIG. 5 is a flowchart of Embodiment 2 of a communication data processing method described in this application;
图6为本申请所述的一种通信数据处理方法的实施例三的流程图;6 is a flowchart of Embodiment 3 of a communication data processing method described in this application;
图7为本申请的一种通信数据处理装置实施例四的程序模块示意图;FIG. 7 is a schematic diagram of program modules of Embodiment 4 of a communication data processing apparatus according to this application;
图8为本申请计算机系统实施例五中计算机设备的硬件结构示意图。FIG. 8 is a schematic diagram of the hardware structure of the computer device in the fifth embodiment of the computer system of this application.
本发明的实施方式Embodiments of the present invention
为了使本申请的目的、技术方案及优点更加清楚明白,以下结合附图及实施例,对本申请进行进一步详细说明。应当理解,此处所描述的具体实施例仅用以解释本申请,并不用于限定本申请。基于本申请中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。In order to make the purpose, technical solutions, and advantages of this application clearer and clearer, the following further describes the application in detail with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described here are only used to explain the application, and are not used to limit the application. Based on the embodiments in this application, all other embodiments obtained by those of ordinary skill in the art without creative work shall fall within the protection scope of this application.
本申请提供适用于计算机技术领域,提供基于发送端服务器和与所述发送端服务器通信的接收端服务器的一种通信数据处理方法、装置、计算机系统及可读存储介质方法。本申请通过发送端服务器内的采集单元实时采集移动终端的陀螺仪数据并同步发送至接收端服务器,并采用发送端服务器中的第一获取单元及接收端服务器中的第二获取单元分别获取一致的陀螺仪数据,再通过发送端服务器中的第一处理单元及接收端服务器中的第二处理单元分别对陀螺仪数据进行处理获得密钥,基于该密钥发送端服务器中加密单元对初始文本进行加密获得加密文本并发送至接收端服务器,接收端服务器接收到加密文本后再基于该密钥进行解密,获得初始文本,在此过程中,只需要进行加密文本的传输以及陀螺仪数据的传输,密钥的生成分别在发送端服务器和接收端服务器上进行,密钥本身不通过网络传输,解决现有技术存在的通信数据传输过程中密钥被截获后造成数据泄露问题。This application provides a communication data processing method, device, computer system, and readable storage medium method based on a sending end server and a receiving end server communicating with the sending end server, which are suitable for the field of computer technology. In this application, the gyroscope data of the mobile terminal is collected in real time by the collecting unit in the sending end server and sent to the receiving end server synchronously, and the first obtaining unit in the sending end server and the second obtaining unit in the receiving end server are used to obtain the same The first processing unit in the sending end server and the second processing unit in the receiving end server respectively process the gyroscope data to obtain the key. Based on the key, the encryption unit in the sending end server performs the initial text Encrypt to obtain the encrypted text and send it to the receiving server. After receiving the encrypted text, the receiving server decrypts based on the key to obtain the initial text. In this process, only the transmission of encrypted text and the transmission of gyroscope data are required. The key generation is performed on the sending end server and the receiving end server respectively, and the key itself is not transmitted through the network, which solves the problem of data leakage caused by the interception of the key in the communication data transmission process in the prior art.
本申请中密钥生成依赖于采集的移动终端的陀螺仪数据,且采集的密钥以接收到密钥生成信号前最后一组陀螺仪数据为基础,即生成密钥的陀螺仪取决于用户触发密钥生成信号的过程,增强了密钥的动态性,即单次使用的密钥无法在下次登录后使用并解密成功,由于实时采集,理论上不会产生大批量用户产生相同的密钥情况,进一步提高了安全性。The key generation in this application depends on the collected gyroscope data of the mobile terminal, and the collected key is based on the last set of gyroscope data before the key generation signal is received, that is, the gyroscope that generates the key depends on the user trigger The process of key generation signal enhances the dynamic nature of the key, that is, the single-use key cannot be used and decrypted successfully after the next login. Due to real-time collection, theoretically, a large number of users will not generate the same key. , To further improve safety.
实施例1Example 1
请参阅图1,本实施例提供了一种通信数据处理方法,应用于发送端服务端,如图1和图6所示,包括以下步骤:Referring to Fig. 1, this embodiment provides a communication data processing method, which is applied to the sending end server, as shown in Figs. 1 and 6, including the following steps:
S11:接收启动信号后,实时采集移动终端的陀螺仪数据并同步发送至接收端;其中,每一所述陀螺仪数据均对应一时间戳数据;S11: After receiving the start signal, collect the gyroscope data of the mobile terminal in real time and synchronously send it to the receiving end; wherein, each of the gyroscope data corresponds to a time stamp data;
具体的,在本具体实施方式中,发送端为第一用户的移动设备端,接收端为第二用户的移动设备端或电脑端,采集的数据为用户移动终端的陀螺仪数据和时间戳数据。Specifically, in this embodiment, the sending end is the mobile device end of the first user, the receiving end is the mobile device end or computer end of the second user, and the collected data is the gyroscope data and time stamp data of the user's mobile terminal. .
启动信号被触发可以是在用户使用用于采集终端数据的APP时,用户登入APP后,即触发启动信号,可以采用监听的技术手段实现,在本实施方式中,实时采集以预设时间间隔采集,预设时间间隔设为一分钟,也可设置为其他时间段,预设的时间间隔不能过长或过短,间隔过短采集的终端数据过多,会对发送端和接收端均造成较大的压力,间隔过长采集的终端数据过少,会影响后续密钥生成后的安全性。The start signal can be triggered when the user uses the APP for collecting terminal data. After the user logs in to the APP, the start signal is triggered. It can be realized by monitoring technical means. In this embodiment, the real-time collection is collected at a preset time interval. , The preset time interval is set to one minute, or it can be set to other time periods. The preset time interval cannot be too long or too short. If the interval is too short, too much terminal data will be collected, which will cause delays in both the sender and the receiver. Large pressure and too little terminal data collected at too long intervals will affect the security of subsequent key generation.
采集陀螺仪数据及对应的时间戳数据,陀螺仪数据用于后述密钥的生成,时间戳数据用于标识陀螺仪数据,采集获得的陀螺仪数据按照采集顺序依次记录,采集陀螺仪数据后可以对数据进行预处理,具体例如对陀螺仪数据和时间戳数据进行序列化处理,即将陀螺仪数据转化成特定的格式,使其在网络中传输。Collect gyroscope data and corresponding time stamp data. The gyroscope data is used to generate the key described later. The time stamp data is used to identify the gyroscope data. The collected gyroscope data are recorded in sequence according to the order of collection. After the gyroscope data is collected The data can be preprocessed, for example, the gyroscope data and the time stamp data are serialized, that is, the gyroscope data is converted into a specific format for transmission on the network.
S12:接收密钥生成信号,基于所述时间戳数据获取最后采集的陀螺仪数据,作为第一数据;S12: Receive a key generation signal, and obtain the last collected gyroscope data based on the time stamp data as the first data;
具体的,密钥生成信号可以为发送端触发,也可以为接收端触发,同时发送至接收端和发送端,所述最后采集的陀螺仪数据是指发送端在接收到密钥生成信号前的最后一次采集集获取的陀螺仪数据和时间戳数据,可以时间戳顺序为选择基准,即时间戳代表的时间最晚对应的陀螺仪数据,更具体的,所述陀螺仪数据可以是用户退出APP采集到的最后一组数据,也可是启动APP或中途上传的一组数据。Specifically, the key generation signal can be triggered by the sending end or the receiving end, and sent to the receiving end and the sending end at the same time. The last collected gyroscope data refers to the data before the sending end receives the key generation signal. The gyroscope data and time stamp data acquired in the last collection set can be selected based on the time stamp sequence, that is, the gyroscope data corresponding to the latest time represented by the time stamp. More specifically, the gyroscope data can be the user exiting the APP The last set of data collected can also be a set of data uploaded during the start of the APP or halfway.
在对所述第一数据进行第一处理,获得密钥前,参阅图2,包括以下:Before performing the first processing on the first data to obtain the key, refer to FIG. 2, including the following:
S121:发送信息请求信号至接收端,获取接收端最后接收到的陀螺仪数据,作为第二数据。S121: Send an information request signal to the receiving end, and obtain the gyroscope data last received by the receiving end as the second data.
S122:对所述第一数据与第二数据进行一致性校验。S122: Perform consistency check on the first data and the second data.
在本实施方式中,通过S12与S121在发送端和接收端分别获取最后记录的陀螺仪数据,由于发送端每采集一次终端数据就同步发送至接收端,理论上接收端和发送端保存相同的陀螺仪数据和时间戳数据,密钥的生成基础为陀螺仪数据,为了保证后续发送端对初始文本加密后传输至接收端后能够被接收端解密,需要保证接收端和发送端使用生成密钥的陀螺仪数据,因此为了保证获得的密钥的一致性,在下述步骤前还包括对发送端和接收端各自用于生成密钥的陀螺仪数据进行一致性检验,具体的检验过程包括以下步骤:In this embodiment, the last recorded gyroscope data is obtained at the sending end and the receiving end through S12 and S121. Since the sending end collects terminal data each time it is sent to the receiving end synchronously, theoretically the receiving end and the sending end save the same Gyroscope data and timestamp data. The key is generated based on gyroscope data. In order to ensure that the subsequent sender encrypts the initial text and transmits it to the receiver to be decrypted by the receiver, it is necessary to ensure that the receiver and sender use the generated key Therefore, in order to ensure the consistency of the obtained key, before the following steps, it also includes the consistency check of the gyroscope data used by the sender and the receiver to generate the key. The specific verification process includes the following steps :
具体的,所述对所述第一数据与第二数据进行一致性校验,参阅图3,包括以下步骤:Specifically, the consistency check on the first data and the second data, referring to FIG. 3, includes the following steps:
S1221:基于所述第一数据和所述第二数据分别获得对应的第一摘要值和第二摘要值;S1221: Obtain corresponding first summary values and second summary values based on the first data and the second data, respectively;
在本实施方式中,获取摘要值采用MD5算法实现。In this embodiment, the MD5 algorithm is used to obtain the digest value.
具体的,MD5算法为现有技术中常见的一种不可逆摘要算法,用于验证两个数据的一致性,在本实施方式中,用于验证发送端和接收端分别获取的目标数据是否一致,使用基于时间戳的MD5算法把所述目标数据及其对应的时间戳数据通过散列算法变换成128位,32个字符(16进制标识)的输出。Specifically, the MD5 algorithm is an irreversible digest algorithm that is common in the prior art, and is used to verify the consistency of two data. In this embodiment, it is used to verify whether the target data respectively obtained by the sending end and the receiving end are consistent. The MD5 algorithm based on timestamp is used to transform the target data and its corresponding timestamp data into a 128-bit, 32-character (hexadecimal identification) output through a hash algorithm.
S1222:将所述第一摘要值和所述第二摘要值进行对比;S1222: Compare the first summary value and the second summary value;
在本实施方式中,第一摘要值与第二摘要值可以在发送端进行比对,也可以直接进行握手比对,握手比对是指发送方和接收方需要建立TCP连接以实现第一摘要值和第二摘要值的比对。In this embodiment, the first summary value and the second summary value can be compared at the sender, or can be directly compared by handshake. The handshake comparison means that the sender and the receiver need to establish a TCP connection to achieve the first summary. The comparison between the value and the second summary value.
S1223:若一致,则所述第一数据通过校验;S1223: If they are consistent, the first data passes the verification;
S1224:若不一致,则获取其他陀螺仪数据替换所述第一数据,进行再次校验。S1224: If they are inconsistent, obtain other gyroscope data to replace the first data, and perform verification again.
具体的,所述获取其他陀螺仪数据替换所述第一数据,进行再次验证,参阅图4,包括以下:Specifically, the acquisition of other gyroscope data replaces the first data, and re-verification is performed. Refer to FIG. 4, including the following:
S1224-1:基于所述第一数据获取对应的时间戳数据;S1224-1: Obtain corresponding time stamp data based on the first data;
S1224-2:获取在所述第一时间戳前一次记录的第二时间戳数据;S1224-2: Obtain the second time stamp data recorded once before the first time stamp;
具体的,时间戳数据是一个能表示一份数据在某个特定时间之前已经存在的、完整的、可验证的数据,通常是一个字符序列,唯一地标识某一刻的时间,基于陀螺仪数据对应的时间戳数据可知该陀螺仪数据采集对应的时间,即时间戳数据可作用与对每一陀螺仪数据的标识,按照时间顺序排列,即可得到依次采集的时间戳数据,由于第一数据与第二数据一致性验证不通过,即第一数据与第二数据不一致,最大可能性是第一数据集合比第二数据集合多的情况,因此采取发送端服务器历史采集获得陀螺仪数据替换当前的第一数据,采用时间戳数据即可实现该过程。Specifically, the time stamp data is a complete, verifiable data that can indicate that a piece of data has existed before a certain time. It is usually a sequence of characters that uniquely identifies the time at a certain moment, and corresponds to the data based on the gyroscope. The time stamp data of the gyro can know the time corresponding to the data collection of the gyroscope, that is, the time stamp data can be used to identify the data of each gyroscope, arranged in chronological order, and then the time stamp data collected in sequence can be obtained. The second data consistency verification fails, that is, the first data is inconsistent with the second data. The greatest possibility is that the first data set is more than the second data set. Therefore, the historical collection of the sender server is used to obtain the gyroscope data to replace the current one. For the first data, the process can be realized by using time stamp data.
S1224-3:基于所述第二时间戳数据获取对应的陀螺仪数据;S1224-3: Acquire corresponding gyroscope data based on the second time stamp data;
S1224-4:采用所述第二时间戳数据对应的陀螺仪数据替换当前第一数据,获得替换后的第一数据;S1224-4: Use the gyroscope data corresponding to the second time stamp data to replace the current first data to obtain the replaced first data;
S1224-5:采用所述替换后的第一数据与所述第二数据进行校验。S1224-5: Use the replaced first data and the second data to perform verification.
在上述实施方式中,理论上以发送端服务器和接收端服务器记录的最后一组数据为生成依据,当发送端服务器和接收端服务器记录的最后一组数据不一致时,大概率是由于发送端服务器采集完陀螺仪数据但并未发送至接收端服务器,发送端服务器可采用最后一组数据的前一组数据,以克服发送端和接收端获取的陀螺仪数据不一致的问题,确保后续发送端服务器和接收端服务器各自生成密钥的一致性。In the above embodiment, theoretically the last set of data recorded by the sending end server and the receiving end server is used as the basis for generating. When the last set of data recorded by the sending end server and the receiving end server are inconsistent, the high probability is due to the sending end server. After collecting the gyroscope data but not sending it to the receiving server, the sending server can use the previous data of the last set of data to overcome the inconsistency of the gyroscope data obtained by the sender and the receiving end, and ensure the subsequent sending server The consistency of the generated keys with the receiving server.
S13:对所述第一数据进行第一处理,获得第一密钥;S13: Perform first processing on the first data to obtain a first key;
所述对所述第一数据进行第一处理,包括以下:The performing the first processing on the first data includes the following:
采用自建算法对所述第一数据进行处理;Processing the first data by using a self-built algorithm;
其中,所述自建算法包括序列化、乱序、字符替换、摘要算法。Wherein, the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm.
在上述实施方式中,自建算法包括但不限于序列化、乱序、字符替换、摘要算法等,需要说明的是,发送端服务器和接收端服务器采用同样的自建算法,可根据使用环境或预设文本类型对应设置,也可采用随机生成的方式,只需要保持发送端服务器和接收端服务器一致即可,作为举例而非限定的:本实施例中采用序列化函数将陀螺仪数据转变为二进制字符串,然后使用每8个字节倒序处理,反序列化,最后进行BASE64编码,获得密钥,具体的,所述自建算法在APP中使用native底层C代码编写,防止被简单的java反编译获取算法内容。In the above embodiments, self-built algorithms include but are not limited to serialization, disorder, character replacement, digest algorithms, etc. It should be noted that the sending end server and the receiving end server use the same self-built algorithm, which can be based on the use environment or The corresponding setting of the preset text type can also be randomly generated. It is only necessary to keep the sending end server and the receiving end server consistent, as an example and not a limitation: in this embodiment, a serialization function is used to convert the gyroscope data into Binary string, then use every 8 bytes in reverse order, deserialize, and finally perform BASE64 encoding to obtain the key. Specifically, the self-built algorithm is written in native C code in the APP to prevent it from being simple java Decompile to obtain the content of the algorithm.
在本实施例中发送端的第一密钥的生成依赖于采集的移动终端的陀螺仪数据,且采集陀螺仪数据以启动信号开始,以接收密钥生成信号停止,每次获得的密钥仅能使用一次,由于实时采集,理论上不会产生大批量用户产生相同的秘钥情况,提高了使用安全性。In this embodiment, the generation of the first key at the sending end depends on the collected gyroscope data of the mobile terminal, and the collection of gyroscope data starts with the start signal and stops with the key generation signal. The key obtained each time can only be Once used, due to real-time collection, theoretically there will not be a large number of users generating the same secret key, which improves the security of use.
S14:获取待加密的初始文本,基于所述第一密钥对所述初始文本采用对称加密算法进行加密,获得加密文本,将所述加密文本发送至接收端。S14: Obtain the initial text to be encrypted, encrypt the initial text with a symmetric encryption algorithm based on the first key, obtain the encrypted text, and send the encrypted text to the receiving end.
具体的,对所述初始文本采用AES加密算法(对称加密算法)进行加密,AES加密算法包括密钥扩展(KeyExpansion)、初始轮(Initial Round)、重复轮(Rounds)、最终轮(Final Round),其中,重复轮中每一轮又包括:字节替换(SubBytes)、行移位(ShiftRows)、列混合(MixColumns)、轮密钥加(AddRoundKey),最终轮没有列混合(MixColumns),下述解密过程则是将加密过程进行逆向处理。Specifically, the initial text is encrypted using an AES encryption algorithm (symmetric encryption algorithm). The AES encryption algorithm includes key expansion (KeyExpansion), initial round (Initial Round), repeat round (Rounds), final round (Final Round), where each round in the repeated round includes: byte substitution (SubBytes), row shift (ShiftRows), column mixing (MixColumns), round key addition (AddRoundKey), and the final round without column mixing (MixColumns) , The following decryption process reverses the encryption process.
更具体的,密钥扩展对16字节的所述密钥进行扩展获得扩展后的密钥,在首次进行轮密钥加之前,要对16字节对目标数据进行预处理,将其组成一个4*4的矩阵,然后与扩展后的密钥进行异或运算,之后每次轮密钥加都是与对应扩展后密钥进行异或,字节代替是基于处理后的矩阵通过预设的S盒映射完成的,下述实施例二中接收端服务器解密过程中逆向字节代替是通过S盒的逆映射完成的,行移位则基于上述矩阵进行第1行不变,第2行循环左移1字节,第3行循环左移2字节,第4行循环左移3字节,下述解密过程则逆向进行,列混合将所述处理后的矩阵再左乘一个固定矩阵,下述解密过程中列混合采用处理后的矩阵左乘所述固定矩阵的逆矩阵。More specifically, the key extension extends the 16-byte key to obtain the extended key. Before the first round key addition, the 16-byte target data must be preprocessed to form a The 4*4 matrix is then XORed with the extended key, and each round of key addition is XORed with the corresponding extended key. The byte replacement is based on the processed matrix through a preset After the S-box mapping is completed, the reverse byte replacement in the decryption process of the receiving end server in the following embodiment 2 is completed by the inverse mapping of the S-box, and the row shift is based on the above matrix for the first row unchanged, and the second row cyclically Shift 1 byte to the left, cyclically shift the 3rd row to the left by 2 bytes, and cyclically shift the 4th row to the left by 3 bytes. The following decryption process is reversed, and the column mixing multiplies the processed matrix to the left by a fixed matrix, In the following decryption process, the column mix uses the processed matrix to be left multiplied by the inverse matrix of the fixed matrix.
在本实施例中接收端直接生成的第一密钥,生成后的第一密钥本身不通过网络传输,为发送端的陀螺仪数据生成,避免了第一密钥的传输和分发存在较高的被拦截的风险,提高了数据传输的安全性。In this embodiment, the first key directly generated by the receiving end, the generated first key itself is not transmitted through the network, and is generated for the gyroscope data of the sending end, which avoids the transmission and distribution of the first key. The risk of being intercepted improves the security of data transmission.
在本实施例中采用对称加密对传输数据进行保护,接收端解密性能消耗相对降低,可以支持较长数据的整体加密,提高数据传输效率。In this embodiment, symmetric encryption is used to protect the transmitted data, the decryption performance consumption of the receiving end is relatively reduced, the overall encryption of longer data can be supported, and the data transmission efficiency is improved.
实施例2Example 2
本实施例提供了一种通信数据处理方法,应用于接收端服务器,如图5和图6所示,包括以下步骤:This embodiment provides a communication data processing method, which is applied to a receiving end server, as shown in FIG. 5 and FIG. 6, and includes the following steps:
S21:接收从发送端服务器同步的陀螺仪数据,其中,每一所述陀螺仪数据均对应一时间戳数据;S21: Receive gyroscope data synchronized from the sending end server, where each gyroscope data corresponds to a time stamp data;
S22:接收端服务器接收密钥生成信号,基于所述时间戳数据获取最后接收到的陀螺仪数据,作为第二数据;S22: The receiving end server receives the key generation signal, and obtains the last received gyroscope data based on the time stamp data as the second data;
在本实施方式中,发送端服务器会采集陀螺仪数据,而后将陀螺仪数据同步发送至接收端服务器,理论上接收端服务器和发送端服务器上记录相同的所有陀螺仪数据,因此为了后续获得第二密钥的准确性,采用最后收到的陀螺仪数据为基础,以减少多个陀螺仪数据造成的混乱影响后续生成的第二密钥的准确性。In this embodiment, the sending end server collects gyroscope data, and then synchronously sends the gyroscope data to the receiving end server. In theory, the receiving end server and the sending end server record all the same gyroscope data, so in order to obtain the first The accuracy of the second key is based on the last received gyroscope data to reduce the confusion caused by multiple gyroscope data and affect the accuracy of the second key generated subsequently.
在本实施例中第二密钥的生成依赖于接收到的陀螺仪数据,且与发送端同步,即生成第二密钥不需要通过网络传输,避免了第二密钥的传输和分发存在较高的被拦截的风险,提高了数据传输的安全性,后续直接基于第二密钥进行解密即可。In this embodiment, the generation of the second key depends on the received gyroscope data and is synchronized with the sender, that is, the generation of the second key does not need to be transmitted through the network, which avoids the transmission and distribution of the second key. The high risk of interception improves the security of data transmission, and the subsequent decryption can be performed directly based on the second key.
S23:对所述第二数据进行第二处理,获得第二密钥;S23: Perform second processing on the second data to obtain a second key;
具体的,对所述第二数据进行处理采用自建算法对所述第二数据进行处理;Specifically, processing the second data using a self-built algorithm to process the second data;
其中,所述自建算法包括序列化、乱序、字符替换、摘要算法。Wherein, the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm.
在上述实施方式中,自建算法包括但不限于序列化、乱序、字符替换、摘要算法等,需要说明的是,接收端服务器和上述实施例一中发送端服务器采用同样的自建算法,可根据使用环境或预设文本类型对应设置,也可采用随机生成的方式,只需要保持发送端服务器和接收端服务器一致即可,以保证第二密钥与发送端服务器生成的第一密钥一致,完成后续对加密文本的解密。In the above embodiment, the self-built algorithm includes but is not limited to serialization, disorder, character replacement, digest algorithm, etc. It should be noted that the receiving end server and the sending end server in the first embodiment above use the same self-built algorithm. It can be set according to the use environment or the preset text type, or it can be randomly generated. You only need to keep the sending end server and the receiving end server consistent to ensure that the second key is the same as the first key generated by the sending end server Consistent, complete the subsequent decryption of the encrypted text.
在一实施例中,可将自建算法保存在区块链网络上,通过区块链存储,实现数据信息在不同平台之间的共享,也可防止数据被篡改。In an embodiment, the self-built algorithm can be stored on the blockchain network, and the data information can be shared between different platforms through the storage of the blockchain, and the data can also be prevented from being tampered with.
区块链是分布式数据存储、点对点传输、共识机制、加密算法等计算机技术的新型应用模式。区块链(Blockchain),本质上是一个去中心化的数据库,是一串使用密码学方法相关联产生的数据块,每一个数据块中包含了一批次网络交易的信息,用于验证其信息的有效性(防伪)和生成下一个区块。区块链可以包括区块链底层平台、平台产品服务层以及应用服务层。Blockchain is a new application mode of computer technology such as distributed data storage, point-to-point transmission, consensus mechanism, and encryption algorithm. Blockchain, essentially a decentralized database, is a series of data blocks associated with cryptographic methods. Each data block contains a batch of network transaction information for verification. The validity of the information (anti-counterfeiting) and the generation of the next block. The blockchain can include the underlying platform of the blockchain, the platform product service layer, and the application service layer.
在对所述第二数据进行第二处理,获得第二密钥前,包括以下:Before performing the second processing on the second data to obtain the second key, it includes the following:
接收发送端发出的信息请求信号后,将所述第二数据发送至发送端。After receiving the information request signal sent by the sending end, the second data is sent to the sending end.
S24:接收发送端发出的加密文本;S24: Receive the encrypted text sent by the sender;
S25:基于所述第二密钥对所述加密文本采用对称加密算法进行解密,获得初始文本。S25: Use a symmetric encryption algorithm to decrypt the encrypted text based on the second key to obtain an initial text.
在本实施方式中,采用AES加密算法进行解密,与接收端服务器中加密过程逆向处理,作为举例而非限定的,如逆向字节代替通过S盒的逆映射完成,行移位则基于加密过程中行位移过程的逆向操作,加密过程中列混合是将所述处理后的矩阵再左乘一个固定矩阵,解密过程中列混合采用处理后的矩阵左乘所述固定矩阵的逆矩阵,由此获得解密后的初始文本。In this embodiment, the AES encryption algorithm is used for decryption, and the reverse processing of the encryption process in the receiving server is used as an example and not a limitation. For example, the reverse byte is replaced by the reverse mapping of the S box, and the row shift is based on the encryption process. The inverse operation of the middle row displacement process. In the encryption process, the column mixing is to multiply the processed matrix by a fixed matrix to the left. In the decryption process, the column mixing uses the processed matrix to multiply the inverse of the fixed matrix to the left to obtain The original text after decryption.
实施例3Example 3
本实施例提供了一种通信数据处理方法,参阅图6,包括以下:This embodiment provides a communication data processing method. Referring to FIG. 6, the method includes the following:
S31:接收启动信号,发送端实时采集陀螺仪数据,每一所述陀螺仪数据均对应一时间戳数据,并将所述陀螺仪数据及对应的时间戳数据同步发送至接收端。S31: Receive the start signal, and the sending end collects gyroscope data in real time, each of the gyroscope data corresponds to a time stamp data, and synchronously sends the gyroscope data and the corresponding time stamp data to the receiving end.
发送端为第一用户的移动设备端,接收端为第二用户的移动设备端或电脑端,采集的数据为用户移动终端的陀螺仪数据和时间戳数据。时间戳数据用于标识陀螺仪数据,采集获得的陀螺仪数据按照采集顺序依次记录。The sending end is the mobile device end of the first user, the receiving end is the mobile device end or the computer end of the second user, and the collected data is the gyroscope data and time stamp data of the user's mobile terminal. The time stamp data is used to identify the gyroscope data, and the collected gyroscope data are recorded in sequence according to the order of collection.
S32:接收密钥生成信号,发送端和接收端分别基于时间戳数据获取最后采集的陀螺仪数据作为第一数据和第二数据,并获取待加密的初始文本;S32: receiving the key generation signal, the sending end and the receiving end respectively obtain the last collected gyroscope data as the first data and the second data based on the time stamp data, and obtain the initial text to be encrypted;
S33:发送端和接收端分别采用自建算法对第一数据和第二数据进行处理,获得第一密钥和第二密钥;S33: The sending end and the receiving end respectively use self-built algorithms to process the first data and the second data to obtain the first key and the second key;
在对第一数据和第二数据进行处理前先进行第一数据与第二数据的一致性校验,以确保后续生成第一密钥和第二密钥的一致。Before processing the first data and the second data, a consistency check of the first data and the second data is performed to ensure that the subsequent generation of the first key and the second key are consistent.
具体的,可采用接收端将第二数据发送至发送端的方式进行一致性校验,也可采用发送端将第一数据发送至接收端的方式进行一致性校验,还可采用发送端与接收端握手对比,握手对比是由于大多移动终端均采用TCP/IP协议,建立起一个TCP连接需要经过多次握手,即客户端向服务器发送一个TCP的试探连接, 一次握手;服务器同意建立TCP连接,返回确认信息,两次握手;客户端再向服务器确认消息,三次握手,实现建立TCP连接。因此,此处的握手对比主要是指第一数据在发送方,第二数据在接收方,发送方和接收方需要建立TCP连接以实现第一数据和第二数据的比对。Specifically, the consistency check can be performed by using the receiving end to send the second data to the sending end, or the sending end can be used to send the first data to the receiving end for consistency checking, and the sending end and the receiving end can also be used. Handshake comparison. Handshake comparison is because most mobile terminals adopt the TCP/IP protocol. The establishment of a TCP connection requires multiple handshake, that is, the client sends a TCP trial connection to the server, a handshake; the server agrees to establish the TCP connection and returns Confirm the information, two handshake; the client then confirms the message to the server, three handshake, to achieve the establishment of the TCP connection. Therefore, the handshake comparison here mainly means that the first data is on the sender and the second data is on the receiver. The sender and the receiver need to establish a TCP connection to achieve the comparison of the first data and the second data.
需要说明的是,对第一数据和第二数据采用相同的自建算法进行处理,其中,所述自建算法包括序列化、乱序、字符替换、摘要算法。It should be noted that the same self-built algorithm is used to process the first data and the second data, where the self-built algorithm includes serialization, disorder, character replacement, and digest algorithms.
自建算法包括但不限于序列化、乱序、字符替换、摘要算法等,需要说明的是,发送端服务器和接收端服务器采用同样的自建算法,以确保获得相同的密钥,作为举例而非限定的,本实施例中采用序列化函数将陀螺仪数据转变为二进制字符串,然后使用每8个字节倒序处理,反序列化,最后进行BASE64编码,获得密钥。Self-built algorithms include but are not limited to serialization, disorder, character replacement, digest algorithms, etc. It should be noted that the sender server and the receiver server use the same self-built algorithm to ensure that the same key is obtained, as an example Without limitation, in this embodiment, a serialization function is used to convert the gyroscope data into a binary string, and then every 8 bytes are used in reverse order, deserialization, and finally BASE64 encoding is performed to obtain the key.
S34:发送端基于所述第一密钥对所述初始文本进行加密,获取加密文本,将所述加密文本发送至接收端;S34: The sending end encrypts the initial text based on the first key, obtains the encrypted text, and sends the encrypted text to the receiving end;
S35:接收端接收到所述加密文本后,采用所述第二密钥对所述加密文本进行解密,获取初始文本。S35: After receiving the encrypted text, the receiving end uses the second key to decrypt the encrypted text to obtain the initial text.
在本实施方式中,采用对称加密算法(AES加密算法)对初始文本进行加密或解密,在对称加密算法中,发送方将初始文本和加密密钥一起经过加密算法处理后,使其变成复杂的加密密文发送出去,接收方收到密文后,若想获得初始文本,则需要使用加密用过的密钥及相同算法的逆算法对密文进行解密,才能使其恢复成初始文本,在对称加密算法中,使用的密钥只有一个,发送端和接收端双方都使用这个密钥对数据进行加密和解密,解密过程则是将加密过程进行逆向处理。In this embodiment, a symmetric encryption algorithm (AES encryption algorithm) is used to encrypt or decrypt the initial text. In the symmetric encryption algorithm, the sender processes the initial text and the encryption key together with the encryption algorithm to make it complicated The encrypted ciphertext is sent out. After receiving the ciphertext, if the receiver wants to obtain the initial text, it needs to decrypt the ciphertext with the used encryption key and the inverse algorithm of the same algorithm to restore it to the original text. In the symmetric encryption algorithm, there is only one key used. Both the sender and the receiver use this key to encrypt and decrypt data. The decryption process reverses the encryption process.
具体的,加密过程中先通过密钥扩展,即对16字节的所述密钥进行扩展获得扩展后的密钥,在首次进行轮密钥加之前,要对16字节对初始文本进行预处理,将其组成一个4*4的矩阵,然后与扩展后的密钥进行异或运算,之后每次轮密钥加都是与对应扩展后密钥进行异或,字节代替是基于处理后的矩阵通过预设的S盒映射完成的,下述解密过程中逆向字节代替是通过S盒的逆映射完成的,行移位则基于上述矩阵进行第1行不变,第2行循环左移1字节,第3行循环左移2字节,第4行循环左移3字节,下述解密过程则逆向进行,列混合将所述处理后的矩阵再左乘一个固定矩阵,下述解密过程中列混合采用处理后的矩阵左乘所述固定矩阵的逆矩阵。Specifically, in the encryption process, the key is expanded first, that is, the 16-byte key is expanded to obtain the expanded key. Before the round key addition is performed for the first time, the 16-byte initial text must be preprocessed. Processing, compose it into a 4*4 matrix, and then perform XOR operation with the extended key. After each round of key addition, XOR is performed with the corresponding extended key. The byte replacement is based on the processed key. The matrix of is completed by the preset S-box mapping. In the following decryption process, the reverse byte replacement is completed by the inverse mapping of the S-box. The row shift is based on the above matrix for the first row unchanged, and the second row rotates to the left. Shift 1 byte, the third row circulates to the left by 2 bytes, the fourth row circulates to the left by 3 bytes, the following decryption process is reversed, column mixing multiplies the processed matrix to the left by a fixed matrix, down In the decryption process, the column mixture adopts the processed matrix to be left multiplied by the inverse matrix of the fixed matrix.
本申请中生成的密钥本身不通过网络传输,为发送端和接收端根据同步的陀螺仪数据各自生成,避免了密钥的传输和分发存在较高的被拦截的风险,提高了数据传输的安全性。The key generated in this application is not transmitted over the network. It is generated by the sender and receiver separately based on the synchronized gyroscope data, avoiding the high risk of interception in the transmission and distribution of the key, and improving the data transmission. safety.
本申请中密钥生成依赖于采集的移动终端的陀螺仪数据,以密钥生成采集前最后一组陀螺仪数据为基础,理论上不会产生大批量用户产生相同的秘钥情况,进一步提高了数据传输过程中的安全性。The key generation in this application relies on the collected gyroscope data of the mobile terminal. Based on the last set of gyroscope data before the key generation and collection, theoretically, there will be no large batch of users generating the same secret key, which is further improved. Security during data transmission.
实施例4Example 4
请参阅图5,本实施例的一种通信数据处理装置,参阅图7,包括发送端服务器71和接收端服务器72;Please refer to FIG. 5, a communication data processing apparatus of this embodiment, referring to FIG. 7, includes a sending end server 71 and a receiving end server 72;
所述发送端服务器71用于接收启动信号后,实时采集移动终端的陀螺仪数据并同步发送至接收端;获取最后采集的陀螺仪数据,作为第一数据;采用自建算法对所述第一数据进行第一处理,获得第一密钥;其中,所述自建算法包括序列化、乱序、字符替换、摘要算法;获取待加密的初始文本,基于所述第一密钥对所述初始文本采用对称加密算法进行加密,获得加密文本,将所述加密文本发送至接收端;The sending end server 71 is configured to collect the gyroscope data of the mobile terminal in real time after receiving the start signal and send it to the receiving end synchronously; obtain the last collected gyroscope data as the first data; The data undergoes the first processing to obtain the first key; wherein the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm; the initial text to be encrypted is obtained, and the initial text is obtained based on the first key. The text is encrypted using a symmetric encryption algorithm to obtain an encrypted text, and send the encrypted text to the receiving end;
具体的,所述发送端服务器71包括以下:Specifically, the sending end server 71 includes the following:
采集单元711,用于接收启动信号后,实时采集移动终端的陀螺仪数据并同步发送至接收端;The collecting unit 711 is configured to collect the gyroscope data of the mobile terminal in real time after receiving the start signal and send it to the receiving end synchronously;
第一获取单元712,用于获取最后采集的陀螺仪数据,作为第一数据;The first obtaining unit 712 is configured to obtain the last collected gyroscope data as the first data;
第一处理单元713,用于对所述第一数据进行第一处理,获得第一密钥;The first processing unit 713 is configured to perform first processing on the first data to obtain a first key;
校验单元714,用于对所述第一数据与第二数据进行一致性校验;The verification unit 714 is configured to perform consistency verification on the first data and the second data;
加密单元715,用于获取待加密的初始文本,基于所述第一密钥对所述初始文本采用对称加密算法进行加密,获得加密文本,将所述加密文本发送至接收端;The encryption unit 715 is configured to obtain the initial text to be encrypted, encrypt the initial text with a symmetric encryption algorithm based on the first key, obtain the encrypted text, and send the encrypted text to the receiving end;
所述接收端服务器72用于接收从发送端同步的陀螺仪数据,接收密钥生成信号;获取最后接收到的陀螺仪数据,作为第二数据;采用自建算法对所述第二数据进行第二处理,获得第二密钥,其中,所述自建算法包括序列化、乱序、字符替换、摘要算法;接收发送端发出的加密文本,基于所述第二密钥对所述加密文本采用对称加密算法进行解密,获得初始文本;The receiving end server 72 is configured to receive the gyroscope data synchronized from the transmitting end and receive the key generation signal; obtain the last received gyroscope data as the second data; use a self-built algorithm to perform the second data on the second data. The second process is to obtain the second key, where the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm; the encrypted text sent by the sender is received, and the encrypted text is used based on the second key The symmetric encryption algorithm decrypts and obtains the initial text;
其中,所述第一处理单元与所述第二处理单元执行的自建算法一致。Wherein, the self-built algorithms executed by the first processing unit and the second processing unit are consistent.
具体的,所述接收端服务器72包括以下:Specifically, the receiving end server 72 includes the following:
接收单元721,用于接收从发送端同步的陀螺仪数据,接收密钥生成信号;The receiving unit 721 is configured to receive gyroscope data synchronized from the transmitting end, and receive a key generation signal;
第二获取单元722,用于获取最后接收到的陀螺仪数据,作为第二数据;The second acquiring unit 722 is configured to acquire the last received gyroscope data as the second data;
第二处理单元723,用于对所述第二数据进行第二处理,获得第二密钥,The second processing unit 723 is configured to perform second processing on the second data to obtain a second key,
其中,所述第一处理单元与所述第二处理单元执行的算法一致,最终获得的第二密钥与第一密钥一致;Wherein, the algorithms executed by the first processing unit and the second processing unit are consistent, and the finally obtained second key is consistent with the first key;
解密单元724,用于接收发送端发出的加密文本,基于所述第二密钥对所述加密文本采用对称加密算法进行解密,获得初始文本。The decryption unit 724 is configured to receive the encrypted text sent by the sender, and decrypt the encrypted text using a symmetric encryption algorithm based on the second key to obtain the initial text.
本技术方案基于密码技术中的信息加解密技术,利用采集单元实时采集移动终端的陀螺仪数据并同步发送至接收端服务器,接收端服务器接收发送端服务器发送的陀螺仪数据后,发送端服务器和接收端服务器分别采用第一获取单元和第二获取单元获取最后一个陀螺仪数据作为第一数据和第二数据;再采用校验单元校验第一数据和第二数据是否一致,完成校验后则在发送端服务器器和接收端服务器上采用相同的算法各自基于第一数据和第二数据生成第一密钥和第二密钥,基于采用的陀螺仪数据和处理算法均一致,获得的第一密钥和第二密钥一致,而后在发送端服务器采用第一密钥对初始文本进行加密并传输加密文本至接收端服务器,接收端服务器采用第二密钥对加密文本进行解密获得初始文本,上述过程中仅通过网络传输实时采集的陀螺仪数据和加密文本,生成的第一密钥和第二密钥不通过网络传输,为发送端和接收端根据同步的陀螺仪数据各自生成,避免了密钥的传输和分发存在较高的被拦截的风险,提高了数据传输的安全性。This technical solution is based on the information encryption and decryption technology in cryptographic technology, and uses the acquisition unit to collect the gyroscope data of the mobile terminal in real time and send it to the receiving end server synchronously. After the receiving end server receives the gyroscope data sent by the sending end server, the sending end server and The receiving end server uses the first acquisition unit and the second acquisition unit to acquire the last gyroscope data as the first data and the second data respectively; and then uses the verification unit to verify whether the first data and the second data are consistent. After the verification is completed Then the same algorithm is used on the sending end server and the receiving end server to generate the first key and the second key based on the first data and the second data respectively. Based on the adopted gyroscope data and processing algorithms are consistent, the obtained first One key is consistent with the second key, and then the sending end server uses the first key to encrypt the initial text and transmits the encrypted text to the receiving end server, and the receiving end server uses the second key to decrypt the encrypted text to obtain the initial text In the above process, only the gyroscope data and encrypted text collected in real time are transmitted through the network. The first key and the second key generated are not transmitted through the network. They are generated separately for the sender and receiver based on the synchronized gyroscope data. Therefore, the transmission and distribution of the key has a higher risk of being intercepted, and the security of data transmission is improved.
本技术方案中发送端服务器通过采集单元采集的陀螺仪数据以采集的密钥以启动信号开始,以密钥生成信号停止,以停止采集前最后一组陀螺仪数据为基础,接收端服务器和发送端服务器各自生成第二密钥和第一密钥的陀螺仪取决于用户登入或登出APP的过程,增强了密钥的动态性,即单次使用的密钥无法在下次登录后使用并解密成功,由于实时采集,理论上不会产生大批量用户产生相同的秘钥情况,进一步提高了安全性。In this technical solution, the gyroscope data collected by the sending end server through the acquisition unit starts with the collected key with the start signal, stops with the key generation signal, and stops collecting the last set of gyroscope data before the acquisition. The gyroscope that the end server generates the second key and the first key depends on the process of the user logging in or logging out of the APP, which enhances the dynamics of the key, that is, the single-use key cannot be used and decrypted after the next login Success, due to real-time collection, theoretically will not produce a large number of users to produce the same secret key, and further improve the security.
实施例5Example 5
为实现上述目的,本申请还提供一种计算机系统,如图8所示,该计算机系统包括至少一个计算机设备8,实施例四的一种通信数据处理装置的组成部分可分散于不同的计算机设备中,计算机设备可以是执行程序的智能手机、平板电脑、笔记本电脑、台式计算机、机架式服务器、刀片式服务器、塔式服务器或机柜式服务器(包括独立的服务器,或者多个服务器所组成的服务器集群)等。本实施例的计算机设备至少包括但不限于:可通过系统总线相互通信连接的存储器81、处理器82,如图8所示。需要指出的是,图8仅示出了具有组件的计算机设备,但是应理解的是,并不要求实施所有示出的组件,可以替代的实施更多或者更少的组件。To achieve the above objective, the present application also provides a computer system. As shown in FIG. 8, the computer system includes at least one computer device 8. The components of the communication data processing apparatus of the fourth embodiment can be dispersed in different computer devices. Among them, the computer equipment can be a smart phone, a tablet computer, a notebook computer, a desktop computer, a rack server, a blade server, a tower server, or a cabinet server (including an independent server, or a combination of multiple servers) that executes the program. Server cluster) and so on. The computer device in this embodiment at least includes but is not limited to: a memory 81 and a processor 82 that can be communicatively connected to each other through a system bus, as shown in FIG. 8. It should be pointed out that FIG. 8 only shows a computer device with components, but it should be understood that it is not required to implement all the illustrated components, and more or fewer components may be implemented instead.
本实施例中,存储器81(即可读存储介质)包括闪存、硬盘、多媒体卡、卡型存储器(例如,SD或DX存储器等)、随机访问存储器(RAM)、静态随机访问存储器(SRAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM)、可编程只读存储器(PROM)、磁性存储器、磁盘、光盘等。在一些实施例中,存储器81可以是计算机设备的内部存储单元,例如该计算机设备的硬盘或内存。在另一些实施例中,存储器81也可以是计算机设备的外部存储设备,例如该计算机设备上配备的插接式硬盘,智能存储卡(Smart Media Card, SMC),安全数字(Secure Digital, SD)卡,闪存卡(Flash Card)等。当然,存储器81还可以既包括计算机设备的内部存储单元也包括其外部存储设备。本实施例中,存储器81通常用于存储安装于计算机设备的操作系统和各类应用软件,例如实施例一、实施例二、实施例三的通信数据处理方法的程序代码、实施例一、实施例二、实施例三的初始文本、加密文本等。此外,存储器81还可以用于暂时地存储已经输出或者将要输出的各类数据。In this embodiment, the memory 81 (ie, readable storage medium) includes flash memory, hard disk, multimedia card, card-type memory (for example, SD or DX memory, etc.), random access memory (RAM), static random access memory (SRAM), Read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), programmable read-only memory (PROM), magnetic memory, magnetic disks, optical disks, etc. In some embodiments, the memory 81 may be an internal storage unit of a computer device, such as a hard disk or memory of the computer device. In other embodiments, the memory 81 may also be an external storage device of the computer device, such as a plug-in hard disk, a smart memory card (Smart Media Card, SMC), and a secure digital (Secure Digital, SD) equipped on the computer device. Flash memory card Card) and so on. Of course, the memory 81 may also include both an internal storage unit of the computer device and an external storage device thereof. In this embodiment, the memory 81 is generally used to store the operating system and various application software installed in the computer equipment, such as the program code of the communication data processing method of the first embodiment, the second embodiment, and the third embodiment, and the first embodiment. Example two, the initial text, encrypted text, etc. of the third example. In addition, the memory 81 can also be used to temporarily store various types of data that have been output or will be output.
处理器82在一些实施例中可以是中央处理器(Central Processing Unit,CPU)、控制器、微控制器、微处理器、或其他数据处理芯片。该处理器82通常用于控制计算机设备的总体操作。本实施例中,处理器82用于运行存储器81中存储的程序代码或者处理数据,例如运行数据保存查询装置,以实现实施例一的一种通信数据处理方法。The processor 82 may be a central processing unit (Central Processing Unit) in some embodiments. Processing Unit, CPU), controller, microcontroller, microprocessor, or other data processing chip. The processor 82 is generally used to control the overall operation of the computer equipment. In this embodiment, the processor 82 is used to run the program code or process data stored in the memory 81, for example, to run a data storage and query device, so as to implement a communication data processing method of the first embodiment.
实施例6Example 6
为实现上述目的,本申请还提供一种计算机可读存储系统,其包括多个存储介质,如闪存、硬盘、多媒体卡、卡型存储器(例如,SD或DX存储器等)、随机访问存储器(RAM)、静态随机访问存储器(SRAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM)、可编程只读存储器(PROM)、磁性存储器、磁盘、光盘、服务器、App应用商城等等,其上存储有计算机可读指令,程序被处理器82执行时实现相应功能。本实施例的计算机可读存储介质用于存储数据保存查询装置,被处理器82执行时实现实施例一、实施例二或实施例三的通信数据处理方法。所述计算机可读存储介质可以是非易失性,也可以是易失性。To achieve the above objective, this application also provides a computer-readable storage system, which includes multiple storage media, such as flash memory, hard disk, multimedia card, card-type memory (for example, SD or DX memory, etc.), random access memory (RAM ), static random access memory (SRAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), programmable read-only memory (PROM), magnetic storage, magnetic disks, optical disks, servers, App applications Shopping malls, etc., have computer-readable instructions stored thereon, and the programs are executed by the processor 82 to realize corresponding functions. The computer-readable storage medium of this embodiment is used to store the data storage and query device, and when executed by the processor 82, it implements the communication data processing method of the first embodiment, the second embodiment, or the third embodiment. The computer-readable storage medium may be non-volatile or volatile.
上述本申请实施例序号仅仅为了描述,不代表实施例的优劣。The serial numbers of the foregoing embodiments of the present application are for description only, and do not represent the superiority or inferiority of the embodiments.
通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到上述实施例方法可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件,但很多情况下前者是更佳的实施方式。Through the description of the above implementation manners, those skilled in the art can clearly understand that the above-mentioned embodiment method can be implemented by means of software plus the necessary general hardware platform, of course, it can also be implemented by hardware, but in many cases the former is better.的实施方式。
以上仅为本申请的优选实施例,并非因此限制本申请的专利范围,凡是利用本申请说明书及附图内容所作的等效结构或等效流程变换,或直接或间接运用在其他相关的技术领域,均同理包括在本申请的专利保护范围内。The above are only the preferred embodiments of the application, and do not limit the scope of the patent for this application. Any equivalent structure or equivalent process transformation made using the content of the description and drawings of the application, or directly or indirectly applied to other related technical fields , The same reason is included in the scope of patent protection of this application.

Claims (20)

  1. 一种通信数据处理方法,其中,应用于发送端,包括:A communication data processing method, which is applied to the sending end, includes:
    接收启动信号后,实时采集移动终端的陀螺仪数据并同步发送至接收端;其中,每一所述陀螺仪数据均对应一时间戳数据;After receiving the start signal, collect the gyroscope data of the mobile terminal in real time and synchronously send it to the receiving end; wherein, each of the gyroscope data corresponds to a time stamp data;
    接收密钥生成信号,基于所述时间戳数据获取最后采集的陀螺仪数据,作为第一数据;Receiving a key generation signal, and obtaining the last collected gyroscope data based on the time stamp data as the first data;
    采用自建算法对所述第一数据进行第一处理,获得第一密钥;Performing first processing on the first data by using a self-built algorithm to obtain a first key;
    其中,所述自建算法包括序列化、乱序、字符替换、摘要算法;Wherein, the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm;
    获取待加密的初始文本,基于所述第一密钥对所述初始文本采用对称加密算法进行加密,获得加密文本,将所述加密文本发送至接收端。Obtain the initial text to be encrypted, encrypt the initial text with a symmetric encryption algorithm based on the first key, obtain the encrypted text, and send the encrypted text to the receiving end.
  2. 根据权利要求1所述一种通信数据处理方法,其中,在对所述第一数据进行第一处理,获得密钥前,包括以下:The communication data processing method according to claim 1, wherein, before performing the first processing on the first data to obtain the key, the method includes the following:
    发送信息请求信号至接收端,获取接收端最后接收到的陀螺仪数据,作为第二数据;Send an information request signal to the receiving end, and obtain the gyroscope data last received by the receiving end as the second data;
    对所述第一数据与第二数据进行一致性校验。A consistency check is performed on the first data and the second data.
  3. 根据权利要求2所述一种通信数据处理方法,其中:所述对所述第一数据与第二数据进行一致性校验,包括以下:The communication data processing method according to claim 2, wherein: said checking the consistency of said first data and second data comprises the following:
    基于所述第一数据和所述第二数据分别获得对应的第一摘要值和第二摘要值;Respectively obtaining corresponding first summary values and second summary values based on the first data and the second data;
    将所述第一摘要值和所述第二摘要值进行对比;Comparing the first summary value and the second summary value;
    若一致,则所述第一数据通过校验;If they are consistent, the first data passes the verification;
    若不一致,则获取其他陀螺仪数据替换所述第一数据和/或第二数据,进行再次校验。If they are inconsistent, obtain other gyroscope data to replace the first data and/or second data, and perform re-verification.
  4.     根据权利要求3所述一种通信数据处理方法,其中:所述获取其他陀螺仪数据替换所述第一数据和/或第二数据,进行再次验证,包括以下:The communication data processing method according to claim 3, wherein: the obtaining other gyroscope data to replace the first data and/or the second data and performing re-verification includes the following:
    基于所述第一数据获取对应的时间戳数据;Acquiring corresponding time stamp data based on the first data;
    获取在所述第一时间戳前一次记录的第二时间戳数据;Acquiring the second time stamp data recorded once before the first time stamp;
    基于所述第二时间戳数据获取对应的陀螺仪数据;Acquiring corresponding gyroscope data based on the second time stamp data;
    采用所述第二时间戳数据对应的陀螺仪数据替换当前第一数据,获得替换后的第一数据;Replacing the current first data with the gyroscope data corresponding to the second time stamp data to obtain the replaced first data;
    采用所述替换后的第一数据与所述第二数据进行校验。The first data after the replacement and the second data are used for verification.
  5. 一种通信数据处理方法,其中,应用于接收端,包括:A communication data processing method, which is applied to the receiving end, includes:
    接收从发送端同步的陀螺仪数据,其中,每一所述陀螺仪数据均对应一时间戳数据;Receiving gyroscope data synchronized from the sending end, where each gyroscope data corresponds to a time stamp data;
    接收密钥生成信号,基于所述时间戳数据获取最后接收到的陀螺仪数据,作为第二数据;Receiving a key generation signal, and obtaining the last received gyroscope data based on the time stamp data as the second data;
    采用自建算法对所述第二数据进行第二处理,获得第二密钥;Performing second processing on the second data by using a self-built algorithm to obtain a second key;
    其中,所述自建算法包括序列化、乱序、字符替换、摘要算法;Wherein, the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm;
    接收发送端发出的加密文本;Receive the encrypted text sent by the sender;
    基于所述第二密钥对所述加密文本采用对称加密算法进行解密,获得初始文本。The encrypted text is decrypted by using a symmetric encryption algorithm based on the second key to obtain the initial text.
  6. 根据权利要求5所述一种通信数据处理方法,其中,A communication data processing method according to claim 5, wherein:
    在对所述第二数据进行第二处理,获得第二密钥前,包括以下:Before performing the second processing on the second data to obtain the second key, it includes the following:
    接收发送端发出的信息请求信号后,将所述第二数据发送至发送端。After receiving the information request signal sent by the sending end, the second data is sent to the sending end.
  7. 一种通信数据处理方法,应用于发送端和接收端,其中,包括:A communication data processing method, applied to the sending end and the receiving end, including:
    接收启动信号,发送端实时采集陀螺仪数据,并将所述陀螺仪数据及对应的时间戳数据同步发送至接收端,其中,每一所述陀螺仪数据均对应一时间戳数据;Receiving the start signal, the sending end collects gyroscope data in real time, and synchronously sending the gyroscope data and the corresponding time stamp data to the receiving end, wherein each of the gyroscope data corresponds to a time stamp data;
    接收密钥生成信号,发送端和接收端分别基于时间戳数据获取最后采集的陀螺仪数据作为第一数据和第二数据,并获取待加密的初始文本;Receiving the key generation signal, the sending end and the receiving end respectively obtain the last collected gyroscope data based on the time stamp data as the first data and the second data, and obtain the initial text to be encrypted;
    发送端和接收端分别采用自建算法对第一数据和第二数据进行处理,获得第一密钥和第二密钥;The sending end and the receiving end respectively use self-built algorithms to process the first data and the second data to obtain the first key and the second key;
    其中,发送端和接收端采用的自建算法一致;Among them, the self-built algorithm adopted by the sending end and the receiving end are the same;
    发送端基于所述第一密钥对所述初始文本进行加密,获取加密文本,将所述加密文本发送至接收端;The sending end encrypts the initial text based on the first key, obtains the encrypted text, and sends the encrypted text to the receiving end;
    接收端接收到所述加密文本后,采用所述第二密钥对所述加密文本进行解密,获取初始文本。After receiving the encrypted text, the receiving end uses the second key to decrypt the encrypted text to obtain the initial text.
  8. 一种通信数据处理装置,其中:包括发送端服务器和与所述发送端服务器通信的接收端服务器;A communication data processing device, including: a sending end server and a receiving end server communicating with the sending end server;
    所述发送端服务器用于接收启动信号后,实时采集移动终端的陀螺仪数据并同步发送至接收端;获取最后采集的陀螺仪数据,作为第一数据;采用自建算法对所述第一数据进行第一处理,获得第一密钥;其中,所述自建算法包括序列化、乱序、字符替换、摘要算法;获取待加密的初始文本,基于所述第一密钥对所述初始文本采用对称加密算法进行加密,获得加密文本,将所述加密文本发送至接收端;The sending end server is used to collect the gyroscope data of the mobile terminal in real time after receiving the start signal and synchronously send it to the receiving end; obtain the last collected gyroscope data as the first data; use a self-built algorithm to compare the first data Perform the first processing to obtain the first key; wherein the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm; obtain the initial text to be encrypted, and compare the initial text based on the first key Encrypt by using a symmetric encryption algorithm to obtain an encrypted text, and send the encrypted text to the receiving end;
    所述接收端服务器用于接收从发送端同步的陀螺仪数据,接收密钥生成信号;获取最后接收到的陀螺仪数据,作为第二数据;采用自建算法对所述第二数据进行第二处理,获得第二密钥,其中,所述自建算法包括序列化、乱序、字符替换、摘要算法;接收发送端发出的加密文本,基于所述第二密钥对所述加密文本采用对称加密算法进行解密,获得初始文本;The receiving end server is used to receive the gyroscope data synchronized from the transmitting end and receive the key generation signal; obtain the last received gyroscope data as the second data; use a self-built algorithm to perform the second data on the second data Process to obtain a second key, where the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm; the encrypted text sent by the sender is received, and the encrypted text is symmetric based on the second key The encryption algorithm decrypts and obtains the initial text;
    其中,所述第一处理单元与所述第二处理单元执行的自建算法一致。Wherein, the self-built algorithms executed by the first processing unit and the second processing unit are consistent.
  9. 一种计算机系统,其包括至少一个计算机设备,各计算机设备包括存储器、处理器以及存储在存储器上并可在处理器上运行的计算机可读指令,其中,所述至少一个计算机设备的处理器执行所述计算机可读指令时共同实现所述方法的步骤,包括应用于发送端,包括以下步骤:A computer system includes at least one computer device, each computer device includes a memory, a processor, and computer-readable instructions stored in the memory and executable on the processor, wherein the processor of the at least one computer device executes The computer-readable instructions collectively implement the steps of the method, including being applied to the sending end, including the following steps:
    接收启动信号后,实时采集移动终端的陀螺仪数据并同步发送至接收端;其中,每一所述陀螺仪数据均对应一时间戳数据;After receiving the start signal, collect the gyroscope data of the mobile terminal in real time and synchronously send it to the receiving end; wherein, each of the gyroscope data corresponds to a time stamp data;
    接收密钥生成信号,基于所述时间戳数据获取最后采集的陀螺仪数据,作为第一数据;Receiving a key generation signal, and obtaining the last collected gyroscope data based on the time stamp data as the first data;
    采用自建算法对所述第一数据进行第一处理,获得第一密钥;Performing first processing on the first data by using a self-built algorithm to obtain a first key;
    其中,所述自建算法包括序列化、乱序、字符替换、摘要算法;Wherein, the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm;
    获取待加密的初始文本,基于所述第一密钥对所述初始文本采用对称加密算法进行加密,获得加密文本,将所述加密文本发送至接收端。Obtain the initial text to be encrypted, encrypt the initial text with a symmetric encryption algorithm based on the first key, obtain the encrypted text, and send the encrypted text to the receiving end.
  10. 根据权利要求9所述的一种计算机系统,其中,在对所述第一数据进行第一处理,获得密钥前,包括以下:The computer system according to claim 9, wherein, before performing the first processing on the first data to obtain the key, the method includes the following:
    发送信息请求信号至接收端,获取接收端最后接收到的陀螺仪数据,作为第二数据;Send an information request signal to the receiving end, and obtain the gyroscope data last received by the receiving end as the second data;
    对所述第一数据与第二数据进行一致性校验。A consistency check is performed on the first data and the second data.
  11. 根据权利要求10所述的一种计算机系统,其中,所述对所述第一数据与第二数据进行一致性校验,包括以下:The computer system according to claim 10, wherein said checking the consistency of the first data and the second data comprises the following:
    基于所述第一数据和所述第二数据分别获得对应的第一摘要值和第二摘要值;Respectively obtaining corresponding first summary values and second summary values based on the first data and the second data;
    将所述第一摘要值和所述第二摘要值进行对比;Comparing the first summary value and the second summary value;
    若一致,则所述第一数据通过校验;If they are consistent, the first data passes the verification;
    若不一致,则获取其他陀螺仪数据替换所述第一数据和/或第二数据,进行再次校验。If they are inconsistent, obtain other gyroscope data to replace the first data and/or second data, and perform verification again.
  12. 根据权利要求11所述的一种计算机系统,其中,所述获取其他陀螺仪数据替换所述第一数据和/或第二数据,进行再次验证,包括以下:The computer system according to claim 11, wherein said acquiring other gyroscope data to replace said first data and/or second data and performing re-verification includes the following:
    基于所述第一数据获取对应的时间戳数据;Acquiring corresponding time stamp data based on the first data;
    获取在所述第一时间戳前一次记录的第二时间戳数据;Acquiring the second time stamp data recorded once before the first time stamp;
    基于所述第二时间戳数据获取对应的陀螺仪数据;Acquiring corresponding gyroscope data based on the second time stamp data;
    采用所述第二时间戳数据对应的陀螺仪数据替换当前第一数据,获得替换后的第一数据;Replacing the current first data with the gyroscope data corresponding to the second time stamp data to obtain the replaced first data;
    采用所述替换后的第一数据与所述第二数据进行校验。The first data after the replacement and the second data are used for verification.
  13. 一种计算机系统,其包括至少一个计算机设备,各计算机设备包括存储器、处理器以及存储在存储器上并可在处理器上运行的计算机可读指令,其中,所述至少一个计算机设备的处理器执行所述计算机可读指令时共同实现所述方法的步骤,还包括应用于接收端,包括以下步骤: A computer system includes at least one computer device, each computer device includes a memory, a processor, and computer-readable instructions stored in the memory and executable on the processor, wherein the processor of the at least one computer device executes When the computer-readable instructions jointly implement the steps of the method, it also includes the application to the receiving end, including the following steps:
    接收从发送端同步的陀螺仪数据,其中,每一所述陀螺仪数据均对应一时间戳数据;Receiving gyroscope data synchronized from the sending end, where each gyroscope data corresponds to a time stamp data;
    接收密钥生成信号,基于所述时间戳数据获取最后接收到的陀螺仪数据,作为第二数据;Receiving a key generation signal, and obtaining the last received gyroscope data based on the time stamp data as the second data;
    采用自建算法对所述第二数据进行第二处理,获得第二密钥;Performing second processing on the second data by using a self-built algorithm to obtain a second key;
    其中,所述自建算法包括序列化、乱序、字符替换、摘要算法;Wherein, the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm;
    接收发送端发出的加密文本;Receive the encrypted text sent by the sender;
    基于所述第二密钥对所述加密文本采用对称加密算法进行解密,获得初始文本。The encrypted text is decrypted by using a symmetric encryption algorithm based on the second key to obtain the initial text.
  14. 根据权利要求13所述的一种计算机系统,其中,在对所述第二数据进行第二处理,获得第二密钥前,包括以下:The computer system according to claim 13, wherein, before performing the second processing on the second data to obtain the second key, the method includes the following:
    接收发送端发出的信息请求信号后,将所述第二数据发送至发送端。After receiving the information request signal sent by the sending end, the second data is sent to the sending end.
  15. 一种计算机可读存储介质,其包括多个存储介质,各存储介质上存储有计算机可读指令,其中,所述多个存储介质存储的所述计算机可读指令被处理器执行时共同实现上述方法的步骤,包括应用于发送端,包括以下步骤:A computer-readable storage medium includes multiple storage media, and each storage medium stores computer-readable instructions, wherein the computer-readable instructions stored in the multiple storage media jointly implement the foregoing when executed by a processor The steps of the method, including application to the sender, include the following steps:
    接收启动信号后,实时采集移动终端的陀螺仪数据并同步发送至接收端;其中,每一所述陀螺仪数据均对应一时间戳数据;After receiving the start signal, collect the gyroscope data of the mobile terminal in real time and synchronously send it to the receiving end; wherein, each of the gyroscope data corresponds to a time stamp data;
    接收密钥生成信号,基于所述时间戳数据获取最后采集的陀螺仪数据,作为第一数据;Receiving a key generation signal, and obtaining the last collected gyroscope data based on the time stamp data as the first data;
    采用自建算法对所述第一数据进行第一处理,获得第一密钥;Performing first processing on the first data by using a self-built algorithm to obtain a first key;
    其中,所述自建算法包括序列化、乱序、字符替换、摘要算法;Wherein, the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm;
    获取待加密的初始文本,基于所述第一密钥对所述初始文本采用对称加密算法进行加密,获得加密文本,将所述加密文本发送至接收端。Obtain the initial text to be encrypted, encrypt the initial text with a symmetric encryption algorithm based on the first key, obtain the encrypted text, and send the encrypted text to the receiving end.
  16. 根据权利要求15所述的一种计算机可读存储介质,其中,在对所述第一数据进行第一处理,获得密钥前,包括以下:15. The computer-readable storage medium according to claim 15, wherein, before performing the first processing on the first data to obtain the key, the method includes the following:
    发送信息请求信号至接收端,获取接收端最后接收到的陀螺仪数据,作为第二数据;Send an information request signal to the receiving end, and obtain the gyroscope data last received by the receiving end as the second data;
    对所述第一数据与第二数据进行一致性校验。A consistency check is performed on the first data and the second data.
  17. 根据权利要求16所述的一种计算机可读存储介质,其中,所述对所述第一数据与第二数据进行一致性校验,包括以下:The computer-readable storage medium according to claim 16, wherein the checking the consistency of the first data and the second data comprises the following:
    基于所述第一数据和所述第二数据分别获得对应的第一摘要值和第二摘要值;Respectively obtaining corresponding first summary values and second summary values based on the first data and the second data;
    将所述第一摘要值和所述第二摘要值进行对比;Comparing the first summary value and the second summary value;
    若一致,则所述第一数据通过校验;If they are consistent, the first data passes the verification;
    若不一致,则获取其他陀螺仪数据替换所述第一数据和/或第二数据,进行再次校验。If they are inconsistent, obtain other gyroscope data to replace the first data and/or second data, and perform verification again.
  18. 根据权利要求17所述的一种计算机可读存储介质,其中,所述获取其他陀螺仪数据替换所述第一数据和/或第二数据,进行再次验证,包括以下:18. A computer-readable storage medium according to claim 17, wherein said acquiring other gyroscope data to replace said first data and/or second data and performing re-verification includes the following:
    基于所述第一数据获取对应的时间戳数据;Acquiring corresponding time stamp data based on the first data;
    获取在所述第一时间戳前一次记录的第二时间戳数据;Acquiring the second time stamp data recorded once before the first time stamp;
    基于所述第二时间戳数据获取对应的陀螺仪数据;Acquiring corresponding gyroscope data based on the second time stamp data;
    采用所述第二时间戳数据对应的陀螺仪数据替换当前第一数据,获得替换后的第一数据;Replacing the current first data with the gyroscope data corresponding to the second time stamp data to obtain the replaced first data;
    采用所述替换后的第一数据与所述第二数据进行校验。The first data after the replacement and the second data are used for verification.
  19. 一种计算机可读存储介质,其包括多个存储介质,各存储介质上存储有计算机可读指令,其中,所述多个存储介质存储的所述计算机可读指令被处理器执行时共同实现上述方法的步骤,还包括应用于接收端,包括以下步骤:A computer-readable storage medium includes multiple storage media, and each storage medium stores computer-readable instructions, wherein the computer-readable instructions stored in the multiple storage media jointly implement the foregoing when executed by a processor The steps of the method also include application to the receiving end, including the following steps:
    接收从发送端同步的陀螺仪数据,其中,每一所述陀螺仪数据均对应一时间戳数据;Receiving gyroscope data synchronized from the sending end, where each gyroscope data corresponds to a time stamp data;
    接收密钥生成信号,基于所述时间戳数据获取最后接收到的陀螺仪数据,作为第二数据;Receiving a key generation signal, and obtaining the last received gyroscope data based on the time stamp data as the second data;
    采用自建算法对所述第二数据进行第二处理,获得第二密钥;Performing second processing on the second data by using a self-built algorithm to obtain a second key;
    其中,所述自建算法包括序列化、乱序、字符替换、摘要算法;Wherein, the self-built algorithm includes serialization, disorder, character replacement, and digest algorithm;
    接收发送端发出的加密文本;Receive the encrypted text sent by the sender;
    基于所述第二密钥对所述加密文本采用对称加密算法进行解密,获得初始文本。The encrypted text is decrypted by using a symmetric encryption algorithm based on the second key to obtain the initial text.
  20. 根据权利要求19所述的一种计算机可读存储介质,其中,在对所述第二数据进行第二处理,获得第二密钥前,包括以下:A computer-readable storage medium according to claim 19, wherein, before performing the second processing on the second data to obtain the second key, the method includes the following:
    接收发送端发出的信息请求信号后,将所述第二数据发送至发送端。After receiving the information request signal sent by the sending end, the second data is sent to the sending end.
PCT/CN2020/125074 2020-04-30 2020-10-30 Communication data processing method and apparatus, and computer system and storage medium WO2021218088A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202010361365.2 2020-04-30
CN202010361365.2A CN111555872B (en) 2020-04-30 2020-04-30 Communication data processing method, device, computer system and storage medium

Publications (1)

Publication Number Publication Date
WO2021218088A1 true WO2021218088A1 (en) 2021-11-04

Family

ID=72004320

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/125074 WO2021218088A1 (en) 2020-04-30 2020-10-30 Communication data processing method and apparatus, and computer system and storage medium

Country Status (2)

Country Link
CN (1) CN111555872B (en)
WO (1) WO2021218088A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116522343A (en) * 2023-07-05 2023-08-01 北京国御网络安全技术有限公司 Native function attack defending method and device

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111555872B (en) * 2020-04-30 2022-06-21 平安科技(深圳)有限公司 Communication data processing method, device, computer system and storage medium
CN112035583A (en) * 2020-08-24 2020-12-04 浙江商汤科技开发有限公司 Positioning updating method, device and system, and mobile equipment control method and device
CN112019541B (en) * 2020-08-27 2022-10-04 平安国际智慧城市科技股份有限公司 Data transmission method and device, computer equipment and storage medium
CN113630217A (en) * 2021-09-10 2021-11-09 北京智思迪科技有限公司 Data transmission method and device
CN115085987A (en) * 2022-06-08 2022-09-20 海南电网有限责任公司信息通信分公司 Signal encryption method for power distribution terminal
CN115242390B (en) * 2022-09-26 2023-01-06 杭州思拓瑞吉科技有限公司 Energy storage control data packet transmission method and assembly based on timestamp
CN116451257B (en) * 2023-04-18 2024-01-02 北京白龙马云行科技有限公司 Encryption method and system for database data and electronic equipment
CN116633677B (en) * 2023-07-06 2023-09-19 深圳迅策科技有限公司 Associated encryption method and system for batch transaction data

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102724034A (en) * 2012-05-17 2012-10-10 人民搜索网络股份公司 Encryption/decryption system and method based on space motion
US20150117645A1 (en) * 2013-10-24 2015-04-30 Medtronic, Inc. Medical device communication using encryption based on correlated motion
CN106210240A (en) * 2016-07-28 2016-12-07 武汉斗鱼网络科技有限公司 A kind of encryption and decryption method and system based on intelligent terminal's gyroscope
CN107306457A (en) * 2016-04-22 2017-10-31 中兴通讯股份有限公司 A kind of terminal network-building method and device based on acceleration transducer
CN111555872A (en) * 2020-04-30 2020-08-18 平安科技(深圳)有限公司 Communication data processing method, device, computer system and storage medium

Family Cites Families (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
RU2420895C2 (en) * 2005-06-08 2011-06-10 Конинклейке Филипс Электроникс Н.В. Deterministic key pre-distribution and operational key management for mobile body sensor networks
US8275123B2 (en) * 2007-08-17 2012-09-25 Infineon Technologies, Ag Integrated data transceiver and sensor for the generation of a symmetrical cryptographic key
JP5879653B2 (en) * 2010-12-28 2016-03-08 日本電気株式会社 Key generation method
CN102984704B (en) * 2012-12-24 2014-11-26 中国地质大学(武汉) Authentication and key agreement method and system between light-weight smart mobile phones
CN103974244A (en) * 2014-05-23 2014-08-06 南京大学 Intelligent terminal authentication method based on multi-mode sensing and intelligent terminals
CN105281907B (en) * 2014-07-11 2020-08-07 腾讯科技(深圳)有限公司 Encrypted data processing method and device
CN107147490B (en) * 2017-05-09 2020-04-24 南京大学 Authentication system based on inertial sensor sensing handshake behavior and working method thereof
CN107360570B (en) * 2017-06-23 2019-12-20 中国地质大学(武汉) Behavior action perception-based lightweight real-time key generation method and system in wearable equipment of Internet of things
CN107579952A (en) * 2017-07-17 2018-01-12 招商银行股份有限公司 File transmitting method, message processing method and system and storage medium
CN108491184B (en) * 2018-03-16 2021-04-27 数安时代科技股份有限公司 Entropy source acquisition method of random number generator, computer equipment and storage medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102724034A (en) * 2012-05-17 2012-10-10 人民搜索网络股份公司 Encryption/decryption system and method based on space motion
US20150117645A1 (en) * 2013-10-24 2015-04-30 Medtronic, Inc. Medical device communication using encryption based on correlated motion
CN107306457A (en) * 2016-04-22 2017-10-31 中兴通讯股份有限公司 A kind of terminal network-building method and device based on acceleration transducer
CN106210240A (en) * 2016-07-28 2016-12-07 武汉斗鱼网络科技有限公司 A kind of encryption and decryption method and system based on intelligent terminal's gyroscope
CN111555872A (en) * 2020-04-30 2020-08-18 平安科技(深圳)有限公司 Communication data processing method, device, computer system and storage medium

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116522343A (en) * 2023-07-05 2023-08-01 北京国御网络安全技术有限公司 Native function attack defending method and device
CN116522343B (en) * 2023-07-05 2023-09-08 北京国御网络安全技术有限公司 Native function attack defending method and device

Also Published As

Publication number Publication date
CN111555872B (en) 2022-06-21
CN111555872A (en) 2020-08-18

Similar Documents

Publication Publication Date Title
WO2021218088A1 (en) Communication data processing method and apparatus, and computer system and storage medium
US20230396426A1 (en) Communication network with cryptographic key management for symmetric cryptography
US6105133A (en) Bilateral authentication and encryption system
US6125185A (en) System and method for encryption key generation
US8401186B2 (en) Cloud storage data access method, apparatus and system based on OTP
US7299356B2 (en) Key conversion method for communication session encryption and authentication system
US7506161B2 (en) Communication session encryption and authentication system
WO2010064666A1 (en) Key distribution system
US20050050328A1 (en) Key generation method for communication session encryption and authentication system
WO1998045975A9 (en) Bilateral authentication and information encryption token system and method
JP2001514834A (en) Secure deterministic cryptographic key generation system and method
CN110381055B (en) RFID system privacy protection authentication protocol method in medical supply chain
US10999073B2 (en) Secure network communication method
CN109544747A (en) Encryption key update method, system and the computer storage medium of intelligent door lock
CN111181723B (en) Method and device for offline security authentication between Internet of things devices
CN110781140B (en) Method, device, computer equipment and storage medium for signing data in blockchain
CN114244508B (en) Data encryption method, device, equipment and storage medium
CN105281902A (en) Web system safety login method based on mobile terminal
CA2294170A1 (en) Bilateral authentication and encryption system
CN112713995A (en) Dynamic communication key distribution method and device for terminal of Internet of things
CN111490874B (en) Distribution network safety protection method, system, device and storage medium
CN112947967A (en) Software updating method, block chain application store and software uploading terminal
CN116155491B (en) Symmetric key synchronization method of security chip and security chip device
CN115423474A (en) Transaction processing method and device based on chaotic mapping
CN114143098A (en) Data storage method and data storage device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20933133

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20933133

Country of ref document: EP

Kind code of ref document: A1