WO2022199404A1

WO2022199404A1 - Communication encryption

Info

Publication number: WO2022199404A1
Application number: PCT/CN2022/080432
Authority: WO
Inventors: 方超
Original assignee: 北京三快在线科技有限公司
Priority date: 2021-03-26
Filing date: 2022-03-11
Publication date: 2022-09-29
Also published as: CN112906037A

Abstract

The present disclosure discloses a communication encryption system, method and apparatus. An unmanned device in the system may generate a key by means of a symmetric encryption algorithm and send same to a control station; and the control station in the system may, according to a pre-stored device identifier of the unmanned device, encrypt target data to be sent, determine first hybrid data, and re-encrypt the first hybrid data according to a received key so as to obtain first ciphertext and send same to the unmanned device. After receiving the first ciphertext, the unmanned device may decrypt the first ciphertext by means of the key generated by the symmetric encryption algorithm to obtain the first hybrid data, and then decrypt the obtained first hybrid data according to a device identifier thereof to obtain target data. In the system, two parties perform XOR encryption and decryption on the transmitted target data by means of the device identifier of the unmanned device, which further enhances the security of information transmission.

Description

Communication encryption

technical field

The present application relates to the technical field of information encryption.

Background technique

With the development of unmanned technology, unmanned equipment has been widely used in military, industrial and agricultural fields.

SUMMARY OF THE INVENTION

Embodiments of the present disclosure provide a communication encryption system, method, and apparatus.

Embodiments of the present disclosure adopt the following technical solutions: In a first aspect, the present disclosure provides a communication encryption system, the system includes an unmanned device and a control station, and the control station pre-stores the equipment of the unmanned device identification, wherein: the unmanned device is configured to generate a key through a symmetric encryption algorithm and send the key to the control station; the control station is configured to The device identifier of the device and the target data to be sent are XOR-encrypted to determine the first mixed data; the control station is configured to encrypt the first mixed data according to the key to obtain the first ciphertext, and send the first ciphertext to the unmanned device; the unmanned device is configured to decrypt the received first ciphertext according to the key, and determine the first ciphertext. Mix data, and perform XOR decryption on the first mixed data according to its own device identification to determine the target data.

In a second aspect, the present disclosure also provides a communication encryption method, including: performing XOR encryption according to a pre-stored device identifier of an unmanned device and target data to be sent to determine the first mixed data; The first mixed data is encrypted to obtain a first ciphertext, and the first ciphertext is sent to the unmanned device, so that the unmanned device can, according to the key, Decrypt the first ciphertext to determine the first mixed data, and perform XOR decryption on the first mixed data according to its own device identification to determine the target data; wherein, the key is the unmanned The driving device is generated and sent through a symmetric encryption algorithm.

In a third aspect, the present disclosure provides a communication encryption device, comprising: a mixing module that performs XOR encryption according to a pre-stored device identifier of an unmanned device and target data to be sent to determine the first mixed data; an encryption and decryption module , encrypting the first mixed data according to the key to obtain the first ciphertext, and sending the first ciphertext to the unmanned device, so that the unmanned device, according to the key, Decrypt the received first ciphertext to determine the first mixed data, and perform XOR decryption on the first mixed data according to its own device identification to determine the target data, wherein the key is The unmanned vehicle is generated and sent through a symmetric encryption algorithm.

In a fourth aspect, the present disclosure provides a computer-readable storage medium, where a computer program is stored in the storage medium, and when the computer program is executed by a processor, the foregoing communication encryption method is implemented.

The above-mentioned at least one technical solution adopted in the embodiments of the present disclosure can achieve the following beneficial effects: In the present disclosure, the unmanned device in the system can generate a key through a symmetric encryption algorithm and send it to the control station, and the control station in the system can generate a key by using a symmetric encryption algorithm. The target data to be sent can be encrypted according to the pre-stored device identification of the unmanned device, the first mixed data can be determined, and the first mixed data can be re-encrypted according to the received key to obtain the first ciphertext. Sent to the unmanned device. After receiving the first ciphertext, the unmanned device can decrypt the first ciphertext by using the key generated by the symmetric encryption algorithm to obtain the first mixed data, and then according to its own device identification, decrypt the obtained first ciphertext. A mixed data is decrypted again to obtain the target data. Both parties in the system perform XOR encryption and decryption on the transmitted target data through the device identification of the unmanned device, which further enhances the security of information transmission.

Description of drawings

The drawings described herein are used to provide further understanding of the present application and constitute a part of the present application. The schematic embodiments and descriptions of the present application are used to explain the present application and do not constitute an improper limitation of the present application. In the attached image:

1 is a schematic diagram of a communication encryption system according to an embodiment of the present disclosure;

FIG. 2 is an interactive schematic diagram of a ground terminal transmitting information to an unmanned aerial vehicle according to an embodiment of the present disclosure;

FIG. 3 is an interactive schematic diagram of a UAV transmitting information to a ground terminal according to an embodiment of the present disclosure;

4 is a schematic diagram of transmitting a key based on an asymmetric encryption algorithm according to an embodiment of the present disclosure;

5 is a schematic flowchart of a communication encryption method according to an embodiment of the present disclosure;

FIG. 6 is a schematic structural diagram of a communication encryption apparatus according to an embodiment of the present disclosure.

Detailed ways

In order to make the purpose, technical solutions and advantages of the present disclosure clearer, the technical solutions of the present application will be described clearly and completely below with reference to the specific embodiments of the present disclosure and the corresponding drawings. The described embodiments are only some, but not all, embodiments of the present application. Based on the disclosed embodiments, all other embodiments obtained by persons of ordinary skill in the art without creative efforts shall fall within the protection scope of the present application.

Generally, in the process of performing tasks, the unmanned equipment needs to communicate with the control station in real time to transmit control instructions or collected images and other information. In order to ensure the communication security between the unmanned device and the control station and reduce the risk of communication being hijacked or tampered with, the information transmitted between the two parties can be encrypted.

Common encryption algorithms include symmetric encryption algorithms and asymmetric encryption algorithms. Among them, the symmetric encryption algorithm means that both the sender and the receiver use the same key for encryption and decryption, the asymmetric encryption algorithm means that the sender and the receiver use different keys for encryption and decryption, and the sender uses the public key to encrypt and decrypt the transmitted data. The information is encrypted, and the recipient decrypts the encrypted ciphertext through the private key.

When a symmetric encryption algorithm is used to encrypt the information transmitted between the two parties, the unmanned device and the control station need to exchange the key first, and then transmit the encrypted ciphertext to decrypt the encrypted ciphertext through the key. However, if the key transmitted by both parties is hijacked, the subsequent encryption is invalid, so the security of the symmetric encryption algorithm is low.

When an asymmetric encryption algorithm is used to encrypt the information transmitted between the two parties, if the unmanned device sends information to the control station, the control station needs to generate the first public key and the first private key through the asymmetric encryption algorithm, and Send the generated first public key to the unmanned device, then the unmanned device can encrypt the information to be transmitted with the first public key, and send the encrypted ciphertext to the control station, so that the control station can pass the first private key. key to decrypt the encrypted ciphertext.

When the control station sends information to the unmanned device, the unmanned device can generate a second public key and a second private key through an asymmetric encryption algorithm, and send the generated second public key to the control station, then the control station can The information to be transmitted is encrypted with the second public key, and the encrypted ciphertext is sent to the unmanned device, so that the unmanned device can decrypt the encrypted ciphertext through the second private key.

For information transmission security requirements, before each information transmission, the information receiver needs to generate a new public key and private key through an asymmetric encryption algorithm, and send the newly generated public key to the information sender. Therefore, the preparation time for both parties in the information transmission process is long, that is, the time required to generate and exchange keys is long, resulting in long information transmission time and low transmission efficiency.

Based on the above existing technical problems, the present disclosure provides a communication encryption system, which can reduce the information transmission delay caused by key exchange while enhancing the security of information transmission. The technical solutions provided by the embodiments of the present application will be described in detail below with reference to the accompanying drawings.

1 is a schematic diagram of a communication encryption system provided by an embodiment of the present disclosure, the system includes an unmanned device 100 and a control station 102, wherein the unmanned device 100 may be an unmanned aerial vehicle, an unmanned vehicle, an unmanned boat, and a control station 102. In any of the devices such as robots, the control station 102 refers to a control center that controls the unmanned device 100 to perform tasks. For the convenience of description in this disclosure, the following description will be given by taking the unmanned device 100 as an unmanned aerial vehicle and the control station 102 corresponding to the unmanned aerial vehicle as a ground terminal as an example.

In one embodiment, the drone and the ground terminal transmit information through wireless transmission technology, the drone can transmit the key required for information encryption and decryption to the ground terminal, and the ground terminal can encrypt based on the key to obtain the first key. ciphertext, and send the first ciphertext to the drone. In addition, the ground terminal can also transmit flight control instructions to the UAV, and the UAV can transmit the collected images and other information to the ground terminal. The ground terminal usually refers to the server on the ground that controls the flight of the UAV, which may be a single server or a system composed of multiple servers, such as a distributed server system, which is not limited in this disclosure. Can be set as required.

In order to ensure the security of information transmission between the UAV and the ground terminal, the present disclosure provides a low-latency communication encryption system, which can further shorten the information transmission time on the premise of ensuring security.

Specifically, when the UAV and the ground end transmit information, they can first generate a key through a symmetric encryption algorithm, and the two parties can exchange the key. Figure 2 is a schematic diagram of the interaction between the ground end transmitting information to the UAV. In this disclosure, the drone generates a key through a symmetric encryption algorithm and sends it to the ground terminal as an example for description. It should be noted that, due to different information transmission directions (UAV to ground terminal or ground terminal to UAV), the corresponding information encryption systems and methods are similar, and only subject exchange is implemented. Therefore, although the present disclosure The information encryption system and method based on one information transmission direction are described, but the information encryption system and method based on another information transmission direction also belong to the protection scope of this application.

If both the UAV and the ground terminal only encrypt the transmitted information through the key pair, the third party can hijack the key during the key transmission process and decrypt the encrypted ciphertext transmitted subsequently through the hijacked key. Transmission is less secure. Therefore, in the present disclosure, in order to further enhance the security of information transmission, in FIG. 2, after receiving the key sent by the drone, the ground terminal can, according to the pre-stored device identification of the drone, identify the key to be sent. The target data is XOR-encrypted to generate first mixed data. Since the device identification of the drone is pre-agreed between the ground and the drone and is not carried in the information for transmission, even if a third party hijacks the key, the encrypted ciphertext cannot be decrypted according to the key.

Further, the target data to be transmitted is usually larger than the data of the device identification of the drone, and the data length is longer, so when performing XOR encryption, the device identification of the drone can be used to perform a zero-fill operation, Or repeat the device identification of the drone several times to ensure that the data for XOR processing is the same as the data bits of the target data to be transmitted, which is convenient for XOR processing. For example, assuming that the target data to be transmitted is 0110, and the device ID of the drone is 01, when the target data is XOR-encrypted by the device ID, a 0-fill operation can be performed to make it match the bit of the target data. The numbers are the same, and the target data is XORed by adding 0 to the data 0100. Alternatively, the device identification of the drone can also be repeated several times to make it the same as the number of data bits of the target data, and the target data can be XORed through the repeated data 0101.

After that, the ground terminal can encrypt the first mixed data to obtain the first ciphertext according to the received key, and send the first ciphertext to the drone.

Then, the drone can decrypt the received first ciphertext according to the key generated by itself and the symmetric encryption algorithm used to determine the first mixed data. In one example, the UAV can decrypt the received first ciphertext according to the key generated by itself to determine the first mixed data.

Finally, the UAV can perform XOR decryption on the first mixed data according to its own device identification, and determine the target data transmitted by the ground terminal, so as to perform corresponding operations according to the target data. For example, when the target data is a flight control command, the UAV can adjust flight parameters according to the flight control command.

Further, since the data volume of the first mixed data is often larger than the data volume of the device identifier of the drone, when using the device identifier to XOR decrypt the first mixed data, it is necessary to adopt the same method as the above for the device identifier. The same operation as XOR encryption. If the device ID is filled with 0 and then XOR encryption is performed, the device ID needs to be filled with 0 and then XOR decrypted. Similarly, if the device ID is repeated and then XOR encryption is performed, it is also necessary to The device identification is repeated and then XOR decrypted.

The information transmission process shown in Figure 2 above is the process of transmitting information from the ground terminal to the UAV. The interactive schematic diagram of the information transmission from the UAV to the ground terminal is shown in Figure 3. When the drone returns information to the ground terminal, The drone can also perform XOR encryption according to its own device identification and the reply data to be sent to determine the second mixed data. After that, encrypt the second mixed data again according to the self-generated key to obtain a third ciphertext, and send the third ciphertext to the ground terminal.

When the ground terminal receives the third ciphertext sent by the UAV, it can decrypt the third ciphertext according to the previously received key to obtain the second mixed data. Device identification, XOR decryption of the second mixed data, and get the reply data actually transmitted by the drone.

In the above-mentioned embodiments of the present disclosure, the drone generates a key through a symmetric encryption algorithm and sends the generated key to the ground terminal as an example for description. However, in fact, both the UAV and the ground side that use the symmetric encryption algorithm for encrypted transmission use the same encryption key, and only need to exchange the key before the encrypted transmission. Therefore, the key can also be generated by the ground terminal through a symmetric encryption algorithm, and the generated key can be sent to the UAV, which is not limited in the present disclosure, and can be set as required.

In another embodiment provided by the present disclosure, in order to ensure the security of key transmission, the key may be encrypted and transmitted through an asymmetric encryption algorithm. Specifically, as shown in Figure 4, taking the above-mentioned UAV generating and sending the key to the ground terminal as an example, in order to encrypt and transmit the key, before the UAV sends the key to the ground terminal, the ground The terminal generates a public key and a private key through an asymmetric encryption algorithm, and sends the public key to the drone.

After the UAV generates a key through a symmetric encryption algorithm, it can encrypt the key according to the received public key, generate a second ciphertext, and send the second ciphertext to the ground terminal to ensure the transmission of the key security.

After that, the ground terminal can decrypt the received second ciphertext according to the private key generated by itself and the used asymmetric encryption algorithm to obtain the transmitted key. In an example, the ground terminal can decrypt the received second ciphertext according to the private key generated by itself to obtain the transmitted key.

When an asymmetric encryption algorithm is used to encrypt and transmit the key, if the ground terminal generates the key and sends it to the drone, the drone can pass the asymmetric encryption before the ground terminal sends the key to the drone. The algorithm generates a public key and a private key, and sends the public key to the ground terminal. So that the ground terminal encrypts the key to be transmitted according to the received public key, obtains the second ciphertext, and sends the second ciphertext to the drone. After that, the drone can decrypt the second ciphertext according to the private key generated by the asymmetric encryption algorithm to obtain the key.

In yet another embodiment provided by the present disclosure, the above-mentioned symmetric encryption algorithm may specifically use a stream cipher, then when the ground terminal uses the key to encrypt the first mixed data, the ground terminal can first encrypt the The initial key input pseudo-random number generator (pseudo-random number generator, PRNG), generates a pseudo-random key stream (pseudo-random keystream), and uses the pseudo-random key stream to XOR the first mixed data Encrypt, determine the first ciphertext.

When the drone decrypts the received first ciphertext, it also needs to input the initial key into the pseudo-random number generator to generate a pseudo-random key stream, and through the pseudo-random key stream, the first encrypted XOR decryption is performed on the text to obtain the first mixed data.

In some embodiments, when the drone uses the key to encrypt the second mixed data, the drone may also first input the initial key into a pseudo-random number generator, generate a pseudo-random key stream, and use The pseudo-random key stream performs XOR encryption on the second mixed data to determine the third ciphertext.

When the ground terminal decrypts the third ciphertext, the initial key also needs to be input into the pseudo-random number generator to generate a pseudo-random key stream, and through the pseudo-random key stream, the third ciphertext is differentiated. or decryption to obtain the second mixed data.

In order to ensure the security of information transmission, usually the UAV and the ground end need to re-determine the key before each communication, and the two parties exchange keys. That is to say, every time the drone and the ground end communicate, they need to regenerate the key through the above steps and exchange the key, and then use the key for encrypted transmission.

It should be noted that each communication process between the UAV and the ground end can last for a period of time, and during the communication process, the two parties can transmit information to each other multiple times. Moreover, since the same key is used in each communication process, only one key needs to be generated and one key transmission is performed in each communication process.

In some embodiments, in order to ensure the security of key transmission, both the UAV and the ground terminal may use an asymmetric encryption algorithm to encrypt and transmit the key when transmitting the key. Since the UAV and the ground end only need to transmit the key once in each communication process, the UAV and the ground end only need to use an asymmetric encryption algorithm once in each communication process to encrypt the transmitted key. . Among them, in each communication process between the UAV and the ground terminal, after the two parties exchange keys, each subsequent information transmission between the two parties can directly use the exchanged key to encrypt and decrypt the transmitted information.

In addition, in some cases, since the ground terminal can control the flight of multiple drones at the same time, the ground terminal can communicate with several drones at the same time. Therefore, when the two parties transmit information, the transmitted information should also be It includes the unique identifier of the UAV that is communicating, so that the ground terminal can determine the device identifier of the UAV from the device identifiers of the UAVs stored in advance according to the unique identifier of the UAV, and use the unique identifier of the UAV. The device identification of the drone, and decrypt the information transmitted by the drone.

Based on the communication encryption system shown in Figure 1, the UAV in the system can generate a key through a symmetric encryption algorithm and send it to the ground terminal. The target data to be sent is encrypted, the first mixed data is determined, and the first mixed data is encrypted again according to the received key to obtain the first ciphertext and send it to the drone. After the drone receives the first ciphertext, it can decrypt the first ciphertext through the key generated by the symmetric encryption algorithm to obtain the first mixed data, and then according to its own device identification, decrypt the obtained first ciphertext. The mixed data is decrypted again to obtain the target data. In the system, both the UAV and the ground terminal perform XOR encryption and decryption on the transmitted target data through the device identification of the UAV, which further enhances the security of information transmission.

In addition, in the present disclosure, the key transmission can also be encrypted by an asymmetric encryption algorithm to ensure the security of the key transmission. Moreover, because the UAV and the ground end only need to pass the asymmetric encryption algorithm in each communication process. The key is transmitted once, so under the premise of ensuring the security of information transmission, the delay of information transmission is small.

Of course, the communication encryption system shown in this disclosure can also be used for information transmission between unmanned vehicles 100 such as unmanned vehicles and unmanned ships and their corresponding control stations 102, which will not be described in detail in this disclosure. The information encryption transmission process between the above-mentioned UAV and its control center ground terminal.

For the communication encryption system shown in FIG. 1 , the present disclosure also provides a communication encryption method used in the communication encryption system, as shown in FIG. 5 .

5 is a schematic flowchart of a communication encryption method provided by an embodiment of the present disclosure, wherein the communication encryption method may be used in a communication encryption system, and may specifically include the following steps:

S200: Perform XOR encryption according to the pre-stored device identifier of the unmanned device and the target data to be sent to determine the first mixed data.

The communication encryption system in the present disclosure includes an unmanned device and a control station, wherein the unmanned device may be one of devices such as an unmanned aerial vehicle, an unmanned vehicle, an unmanned ship, and a robot. The control center where the manned device performs the mission. For the convenience of description, the unmanned equipment is an unmanned aerial vehicle, and the control station of the unmanned aerial vehicle is the ground terminal as an example.

In the present disclosure, the ground terminal usually refers to a server on the ground that controls the flight of the drone. The server can send flight control instructions to the drone, receive information such as images collected by the drone, and transmit information with the drone. . In addition, the server may be a single server, or a system composed of multiple servers, such as a distributed server system, etc., which is not limited in the present disclosure, and can be specifically set as required.

The communication encryption method provided by the present disclosure can be specifically executed by either the drone or the ground terminal in the communication encryption system. For the convenience of description, the present disclosure takes the ground terminal as the execution subject as an example for description.

Specifically, when the ground terminal transmits information to the drone, the ground terminal may perform XOR encryption on the target data to be sent according to the pre-stored device identifier of the drone to obtain the first mixed data. Wherein, when the data length of the device identification of the UAV is less than the data length of the target data, it can be processed by a 0-fill operation or a repeated operation, which has been described in detail on the above-mentioned system side, and will not be repeated here.

S202: Encrypt the first mixed data according to the key to obtain a first ciphertext, and send the first ciphertext to the unmanned device, so that the unmanned device, according to the key, The received first ciphertext is decrypted to determine the first mixed data, and the first mixed data is XOR decrypted according to its own device identification to determine the target data.

When the ground terminal performs XOR encryption on the target data based on the device identification of the UAV, and obtains the first mixed data, in order to further ensure the security of information transmission, a key generated by a symmetric encryption algorithm can be used for the first mixed data. data encryption.

Specifically, the ground terminal can encrypt the first mixed data obtained in step S200 again according to the key to obtain the first ciphertext, and send the first ciphertext to the drone. The key may be generated by the ground terminal through a symmetric encryption algorithm, or may be generated by the drone through a symmetric encryption algorithm and sent to the ground terminal, which is not limited in this disclosure, and can be set as required. When the key is generated by the ground terminal, the ground terminal also needs to transmit the key to the UAV, so that the UAV can decrypt the transmitted encrypted information through the key.

After that, when the drone receives the first ciphertext sent by the ground terminal, it can decrypt the first ciphertext through the key to obtain the first mixed data, and use its own device identification to decrypt the obtained first ciphertext again. Decrypt the mixed data to obtain the target data.

Based on the communication encryption method shown in FIG. 5 , the ground terminal in the system can first perform XOR encryption according to the pre-stored device identification of the UAV and the target data to be sent to determine the first mixed data. After that, encrypt the first mixed data according to the key to obtain the first ciphertext, and send the first ciphertext to the drone, so that the drone decrypts the first ciphertext according to the key to determine the first ciphertext. Mix the data, and perform XOR decryption on the decrypted first mixed data according to its own device identification to determine the target data. The XOR encryption and decryption of the transmitted information is carried out through the device identification of the drone, which greatly improves the security of information transmission.

In the present disclosure, the communication encryption method can be used in the above-mentioned communication encryption system. For the communication encryption process, please refer to the detailed description of information encryption transmission in the communication encryption system provided in this disclosure. For the detailed description, reference can be made to the foregoing description, which will not be repeated in the present disclosure.

In the present disclosure, when the UAV is used as the execution subject to execute the communication encryption method, the UAV can generate a key and send the key to the ground terminal, and then can receive the information sent by the control station. the first ciphertext, and decrypt the received first ciphertext according to the key to determine the first mixed data, and then perform XOR decryption on the first mixed data according to its own device identification to determine the target data. The specific encryption transmission method on the UAV side has been described in detail in the above-mentioned communication encryption system, so reference can be made to the foregoing, which will not be repeated in this disclosure.

The communication encryption method provided by the present disclosure can be specifically used in the process of unmanned distribution. When the unmanned distribution task is performed, the control station and the unmanned device can transmit the delivery instruction and the unmanned device through the communication encryption method in the present disclosure. Real-time location and other information to ensure the security of information transmission between the two parties and further improve the security of unmanned distribution.

Based on the communication encryption method shown in FIG. 5 , an embodiment of the present disclosure also provides a schematic structural diagram of a communication encryption device, as shown in FIG. 6 .

FIG. 6 is a schematic structural diagram of a communication encryption device provided by an embodiment of the present disclosure, including:

The mixing module 300 performs XOR encryption according to the pre-stored device identifier of the unmanned device and the target data to be sent to determine the first mixed data;

The encryption and decryption module 302 encrypts the first mixed data according to the key to obtain a first ciphertext, and sends the first ciphertext to the unmanned device, so that the unmanned device can obtain the first ciphertext according to the encryption key. key, decrypt the received first ciphertext to determine the first mixed data, and perform XOR decryption on the first mixed data according to its own device identification to determine the target data, wherein the key is The unmanned vehicle is generated and sent through a symmetric encryption algorithm.

An embodiment of the present disclosure further provides a computer-readable storage medium, where a computer program is stored in the storage medium, and the computer program can be used to execute the communication encryption method provided in FIG. 5 above.

Of course, in addition to software implementation, the present disclosure does not exclude other implementations, such as logic devices or a combination of software and hardware, etc., that is to say, the execution subject of the following processing flow is not limited to each logic unit, but can also be hardware or logic device.

In the 1990s, improvements in a technology could be clearly differentiated between improvements in hardware (for example, improvements in circuit structures such as diodes, transistors, switches, etc.) or improvements in software (improvements in method flow). However, with the development of technology, the improvement of many methods and processes today can be regarded as a direct improvement of the hardware circuit structure. Designers almost get the corresponding hardware circuit structure by programming the improved method flow into the hardware circuit. Therefore, it cannot be said that the improvement of a method flow cannot be realized by hardware entity modules. For example, a Programmable Logic Device (PLD) (such as a Field Programmable Gate Array (FPGA)) is an integrated circuit whose logic function is determined by user programming of the device. It is programmed by the designer to "integrate" a digital system on a PLD without having to ask the chip manufacturer to design and manufacture a dedicated integrated circuit chip. Moreover, today, instead of making integrated circuit chips by hand, this kind of programming is also mostly implemented using "logic compiler" software, which is similar to the software compiler used in program development and writing, and needs to be compiled before compiling. The original code also has to be written in a specific programming language, which is called Hardware Description Language (HDL), and there is not only one HDL, but many kinds, such as ABEL (Advanced Boolean Expression Language) , AHDL (Altera Hardware Description Language), Confluence, CUPL (Cornell University Programming Language), HDCal, JHDL (Java Hardware Description Language), Lava, Lola, MyHDL, PALASM, RHDL (Ruby Hardware Description Language), etc., currently the most commonly used The ones are VHDL (Very-High-Speed Integrated Circuit Hardware Description Language) and Verilog. It should also be clear to those skilled in the art that a hardware circuit for implementing the logic method process can be easily obtained by simply programming the method process in the above-mentioned several hardware description languages and programming it into the integrated circuit.

The controller may be implemented in any suitable manner, for example, the controller may take the form of eg a microprocessor or processor and a computer readable medium storing computer readable program code (eg software or firmware) executable by the (micro)processor , logic gates, switches, application specific integrated circuits (ASICs), programmable logic controllers and embedded microcontrollers, examples of controllers include but are not limited to the following microcontrollers: ARC 625D, Atmel AT91SAM, Microchip PIC18F26K20 and Silicon Labs C8051F320, the memory controller can also be implemented as part of the control logic of the memory. Those skilled in the art also know that, in addition to implementing the controller in the form of pure computer-readable program code, the controller can be implemented as logic gates, switches, application-specific integrated circuits, programmable logic controllers and embedded devices by logically programming the method steps. The same function can be realized in the form of a microcontroller, etc. Therefore, such a controller can be regarded as a hardware component, and the devices included therein for realizing various functions can also be regarded as a structure within the hardware component. Or even, the means for implementing various functions can be regarded as both a software module implementing a method and a structure within a hardware component.

The systems, devices, modules or units described in the above embodiments may be specifically implemented by computer chips or entities, or by products with certain functions. A typical implementation device is a computer. Specifically, the computer may be, for example, a personal computer, a laptop computer, a cellular phone, a camera phone, a smart phone, a personal digital assistant, a media player, a navigation device, an email device, a game console, a tablet computer, a wearable device, or A combination of any of these devices.

For the convenience of description, when describing the above device, the functions are divided into various units and described respectively. Of course, when implementing the present disclosure, the functions of each unit may be implemented in one or more software and/or hardware.

As will be appreciated by one skilled in the art, embodiments of the present disclosure may be provided as a method, system, or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present disclosure may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.

The present disclosure is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the disclosure. It will be understood that each flow and/or block in the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to the processor of a general purpose computer, special purpose computer, embedded processor or other programmable data processing device to produce a machine such that the instructions executed by the processor of the computer or other programmable data processing device produce Means for implementing the functions specified in a flow or flow of a flowchart and/or a block or blocks of a block diagram.

These computer program instructions may also be stored in a computer-readable memory capable of directing a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory result in an article of manufacture comprising instruction means, the instructions The apparatus implements the functions specified in the flow or flow of the flowcharts and/or the block or blocks of the block diagrams.

These computer program instructions can also be loaded on a computer or other programmable data processing device to cause a series of operational steps to be performed on the computer or other programmable device to produce a computer-implemented process such that The instructions provide steps for implementing the functions specified in the flow or blocks of the flowcharts and/or the block or blocks of the block diagrams.

In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.

Memory may include forms of non-persistent memory, random access memory (RAM) and/or non-volatile memory in computer readable media, such as read only memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.

Computer readable media includes both persistent and non-permanent, removable and non-removable media, and can be implemented by any method or technology for storage of information. Information may be computer readable instructions, data structures, modules of programs, or other data. Examples of computer storage media include, but are not limited to, phase-change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read only memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), Flash Memory or other memory technology, Compact Disc Read Only Memory (CD-ROM), Digital Versatile Disc (DVD) or other optical storage, Magnetic tape cassettes, magnetic tape magnetic disk storage or other magnetic storage devices or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, computer-readable media does not include transitory computer-readable media, such as modulated data signals and carrier waves.

It should also be noted that the terms "comprising", "comprising" or any other variation thereof are intended to encompass a non-exclusive inclusion such that a process, method, article or device comprising a series of elements includes not only those elements, but also Other elements not expressly listed, or which are inherent to such a process, method, article of manufacture, or apparatus are also included. Without further limitation, an element qualified by the phrase "comprising a..." does not preclude the presence of additional identical elements in the process, method, article of manufacture, or device that includes the element.

As will be appreciated by one skilled in the art, embodiments of the present disclosure may be provided as a method, system or computer program product. Accordingly, the present disclosure may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present disclosure may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.

The present disclosure may be described in the general context of computer-executable instructions, such as program modules, being executed by a computer. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The disclosure may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote computer storage media including storage devices.

The various embodiments in the present disclosure are described in a progressive manner, and the same and similar parts between the various embodiments may be referred to each other, and each embodiment focuses on the differences from other embodiments. In particular, as for the system embodiments, since they are basically similar to the method embodiments, the description is relatively simple, and for related parts, please refer to the partial descriptions of the method embodiments.

The above descriptions are merely embodiments of the present disclosure, and are not intended to limit the present disclosure. Various modifications and variations of the present disclosure will occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present disclosure should be included within the scope of the claims of the present disclosure.

Claims

A communication encryption system, characterized in that the system comprises an unmanned device and a control station, the control station pre-stores the device identifier of the unmanned device, wherein:

the unmanned device configured to generate a key and send the key to the control station;

The control station is configured to perform XOR encryption according to the pre-stored device identification of the unmanned device and the target data to be sent to determine the first mixed data;

The control station is configured to encrypt the first mixed data to obtain a first ciphertext according to the key, and send the first ciphertext to the unmanned vehicle;

The unmanned device is configured to decrypt the received first ciphertext according to the key, determine the first mixed data, and decrypt the first mixed data according to its own device identification. XOR decryption is performed to determine the target data.
The system of claim 1, wherein the control station is further configured to generate a public key and a private key through an asymmetric encryption algorithm, and send the public key to the unmanned vehicle;

The unmanned device is further configured to encrypt the key according to the received public key, determine a second ciphertext, and send it to the control station;

The control station is further configured to decrypt the received second ciphertext according to the private key to determine the key.
The system of claim 1, wherein the control station is further configured to:

determining a pseudo-random key stream according to the key and the pseudo-random number generator;

According to the pseudo-random key stream, XOR encryption is performed on the first mixed data to determine the first ciphertext.
The system of claim 3, wherein the unmanned device is further configured to:

determining the pseudo-random key stream according to the key and the pseudo-random number generator;

According to the pseudo-random key stream, XOR decryption is performed on the received first ciphertext to determine the first mixed data.
The system of claim 1, wherein the unmanned device is further configured to:

According to its own device identification and the reply data to be sent, XOR encryption is performed to determine the second mixed data;

According to the key, the second mixed data is encrypted to generate a third ciphertext, and the third ciphertext is sent to the control station;

The control station is further configured to decrypt the received third ciphertext according to the key, determine the second mixed data, and, according to the device identification of the unmanned device, decrypt the received third ciphertext. The second mixed data is XOR decrypted to determine the reply data.
A communication encryption method, comprising:

According to the pre-stored device identifier of the unmanned device and the target data to be sent, XOR encryption is performed to determine the first mixed data;

The first mixed data is encrypted according to the key to obtain a first ciphertext, and the first ciphertext is sent to the unmanned device, so that the unmanned device can, according to the key, Decrypting the received first ciphertext to determine the first mixed data, and performing XOR decryption on the first mixed data according to its own device identification to determine the target data;

Wherein, the key is generated and sent by the unmanned device through a symmetric encryption algorithm.
A communication encryption device, comprising:

The mixing module, according to the pre-stored device identifier of the unmanned device and the target data to be sent, performs XOR encryption to determine the first mixed data;

The encryption and decryption module encrypts the first mixed data according to the key to obtain a first ciphertext, and sends the first ciphertext to the unmanned device, so that the unmanned device key, decrypt the received first ciphertext to determine the first mixed data, and perform XOR decryption on the first mixed data according to its own device identification to determine the target data, wherein, The key is generated and sent by the unmanned device through a symmetric encryption algorithm.
A computer-readable storage medium, characterized in that, the storage medium stores a computer program, and when the computer program is executed by a processor, the method of claim 6 is implemented.