CN102255725A - Random hybrid key encryption/decryption method - Google Patents
Random hybrid key encryption/decryption method Download PDFInfo
- Publication number
- CN102255725A CN102255725A CN2011101989277A CN201110198927A CN102255725A CN 102255725 A CN102255725 A CN 102255725A CN 2011101989277 A CN2011101989277 A CN 2011101989277A CN 201110198927 A CN201110198927 A CN 201110198927A CN 102255725 A CN102255725 A CN 102255725A
- Authority
- CN
- China
- Prior art keywords
- key
- random
- keys
- algorithm
- session
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 31
- MIVWVMMAZAALNA-IJLUTSLNSA-N SCB2 Chemical compound CCCCCCC[C@@H](O)[C@H]1[C@H](CO)COC1=O MIVWVMMAZAALNA-IJLUTSLNSA-N 0.000 claims abstract description 4
- MIVWVMMAZAALNA-UHFFFAOYSA-N SCB2 Natural products CCCCCCCC(O)C1C(CO)COC1=O MIVWVMMAZAALNA-UHFFFAOYSA-N 0.000 claims abstract description 4
- 238000002513 implantation Methods 0.000 claims description 3
- 230000005540 biological transmission Effects 0.000 abstract description 11
- 241001441724 Tetraodontidae Species 0.000 abstract description 3
- 238000013478 data encryption standard Methods 0.000 abstract 4
- 238000005336 cracking Methods 0.000 abstract 1
- 238000005516 engineering process Methods 0.000 description 4
- 238000004891 communication Methods 0.000 description 2
- 230000002950 deficient Effects 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000002539 anti-aggressive effect Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention relates to a random hybrid key encryption/decryption method, which is used for the fields of E-government affairs, E-commerce and the Internet of things. Hybrid keys consisting of asymmetrical keys such as SM2, Rivest-Shamir-Adleman (RSA) keys, elliptic curve cipher (ECC) keys and the like and symmetrical keys such as data encryption standard (DES) keys, triple data encryption standard (3DES) keys, international data encryption algorithm (IDEA) keys, SFF33 keys, SCB2 keys, advanced encryption standard (AES) keys, fast encryption algorithm (FEAL) keys, BLOWFISH keys and the like, random key selection and generation ways and methods, and a security mechanism for information transmission encryption and decryption processes are involved. The asymmetrical keys and session symmetrical key algorithms are both selected randomly, session symmetrical keys are generated randomly, asymmetrical key selection results and random session symmetrical keys are discarded every time when encryption/decryption is finished, and the asymmetrical keys and the session symmetrical keys are selected and generated again in the next time, so the cracking probability of encrypted information in the whole information transmission process is almost zero.
Description
Technical field
The present invention relates to a kind of key encipher-decipher method that mixes at random, be mainly used in E-Government, ecommerce, the Internet of Things field.
Background technology
Message transmission is in the Internet, ubiquitous in the diverse network such as mobile network and Internet of Things, wherein the fail safe of message transmission is most important, network information security technology is also in continuous development, the encryption and decryption technology of particularly transmitting information is more and more ripe, but wherein the security intensity of information encryption depends on cryptographic algorithm that the information encryption and decryption is adopted and the method that is adopted fully, currently used key algorithm has asymmetric key algorithm that SM2 is arranged, RSA and ECC, symmetric key algorithm has DES, 3DES, IDEA, SFF33, SCB2, AES, FEAL, BLOWFISH etc., but these cryptographic algorithms are in network information security transmission, only use single single unsymmetrical key of asymmetric arithmetic of planting to realizing the transmission of information encryption and decryption with single symmetry algorithm of planting, so its application does not reach ultimate attainment, its fail safe and the anti-aggressive not really high defective that exists.
Summary of the invention
The objective of the invention is, according to the deficiencies in the prior art, a kind of key encipher-decipher method that mixes at random is provided, mixing key that unsymmetrical key (SM2, RSA, ECC etc.) and symmetric key (DES, 3DES, IDEA, SFF33, SCB2, AES, FEAL, BLOWFISH etc.) form is arranged, select and generate at random the methods of key, the security mechanism of transmission information encryption and decryption process at random.Because unsymmetrical key and session symmetric key algorithm are all selected at random, the session symmetric key generates at random, to abandon the selection result of this unsymmetrical key and session symmetric key at random after encryption and decryption is finished each time, reselect next time and generate unsymmetrical key and session symmetric key, therefore the probability that information encrypted is cracked in the whole message transmitting procedure is almost nil.
Technical scheme of the present invention, the step that a kind of method of mixing secret key encryption at random comprises:
1) according to the total class of asymmetric key algorithm and corresponding key to forming the unsymmetrical key container;
2) form session key algorithm container according to the total class of symmetric key algorithm;
3) there is at random generator realize unsymmetrical key selector and session key algorithm selector at random at random;
4) form by the unsymmetrical key of selecting at random and symmetrical close algorithm and the symmetric key that produces at random and mix key at random;
5) have unsymmetrical key at random selector in the unsymmetrical key container, select to obtain unsymmetrical key folder name sign and unsymmetrical key sign at random, and unsymmetrical key folder name sign and unsymmetrical key are identified implantation information flow head;
6) have session key at random selector in session key algorithm container, select to obtain session key algorithm sign at random, have the random signal generator to produce session key according to the key length that the session key algorithm identifies specified algorithm; PKI with the unsymmetrical key of selecting is at random implanted the information flow middle part with session key algorithm sign and session key, then with session key the information flow afterbody is implanted in information encryption;
According to purpose of the present invention, a kind of with the above-mentioned method that the secret key encryption method is mixed secret key decryption accordingly at random of mixing at random also is provided, this method belongs to the part of the inventive method, and it comprises step:
1) private key with the unsymmetrical key in the unsymmetrical key container of information flow head appointment gets session key sign and session key to information flow middle part decrypts information;
2) algorithm of being formulated according to the session key sign with session key is deciphered acquired information expressly with the information flow afterbody.
The invention has the beneficial effects as follows: a kind of method of mixing the key encryption and decryption at random, adopted the unsymmetrical key container technique, session key algorithm container technique, select technology and generation technique at random at random, realized many groups unsymmetrical key of multiple asymmetric key algorithm right select at random and the selection at random and the session key of multiple symmetric key algorithm generate at random, with the unsymmetrical key of selecting at random the session key with symmetric key algorithm and generation is at random carried out encryption and decryption with transmission information, increased the fail safe and the anti-attack ability of information, overcome conventional single single unsymmetrical key of asymmetric arithmetic of planting planting the defective of symmetry algorithm to transmission information encryption and decryption with list.
Description of drawings:
Fig. 1 mixes key encryption and decryption illustraton of model at random
Fig. 2 authentication request flow process
Fig. 3 information flow form
Fig. 4 unsymmetrical key is selector at random
Fig. 5 session key algorithm is selector at random
Fig. 6 key generates at random
Embodiment:
Below by a simple transmitting terminal and receiving terminal information encryption and decryption mode content of the present invention is described, but be not construed as limiting the invention.
The key encryption and decryption illustraton of model that mixes at random shown in Figure 1
Wherein realize transmitting terminal and receiving terminal authentication request flow process by authentication request flow process shown in Figure 2:
With the unique identify label of the public key value of certificate as equipment, terminal is carried out authentication request to node or server proposition transmission terminal certificate, node or server are at first investigated the legitimacy of this terminal user ID, can adopt simple judgment mode, whether verification terminal user certificate and this node or server certificate are done with root and identical certificate and are sent out a mechanism, identical then legal, verify user certificate CRL(certificate status in addition again) whether effective, if then producing EncryToken information, the legal and valid terminal use returns to terminal, terminal is signed to EncryToken with its certificate private key, generate authentication string, be uploaded to node or server, node or server are verified authentication string with terminal use's PKI, after checking is passed through, the authentication code that authentication result and both sides' communication is required is transferred to the terminal use after encrypting with terminal public key, the terminal use decrypts authentication result and authentication code (as: 5431) with its certificate private key, both sides' authentication so far is finished, and enters in the cipher-text information communication.
Form the asymmetric key algorithm container according to form shown in the following table 1:
Wherein application state is according to following table 2 formal definitions:
Key Tpe is according to following table 3 formal definitions:
According to the algorithm of formal definition session key shown in the following table 4 container:
Fig. 4 is a unsymmetrical key selector schematic diagram at random.
Fig. 5 is a session key algorithm selector schematic diagram.
Information flow in the message transmitting procedure shown in Figure 3 forms form:
The information flow generative process:
Have the session key algorithm at random selector in the session key container, select to obtain session key algorithm numbering 06 at random, then according to generation session key shown in Figure 6 " AF2223321234 ... " have unsymmetrical key at random selector in the unsymmetrical key container, select to obtain unsymmetrical key folder identifier 5301 at random, unsymmetrical key sign 03 and key version 10, unsymmetrical key folder identifier (5301)+key version (10)+unsymmetrical key sign (03) is formed information flow head TS, with session key information " 33333 ... .. " is encrypted and to obtain ciphertext TIM, authentication code (5431)+session key algorithm numbering (06)+session key (AF2223321234 ...) obtain TK, be designated with unsymmetrical key 03 PKI to TK encrypt TMK, TS+TMK+TIM is just formed flow of transmitted information.
The information flow decrypting process:
The first step with the private key (03) in the key file of the TS appointment folder (5301) to ciphertext TMK be decrypted acquisition " 543106AF222332123 .... ", wherein " 5431 " are authentication code, " 06 " expression back is the aes algorithm key, " AF222332123 .... " be key.
Second step card authentication code is considered as invalid transmission information if identifying code is incorrect, if identifying code is effective, then use key " AF222332123 .... " aes algorithm deciphering TIM information acquisition expressly " 333333333333 .... ".
Claims (5)
1. one kind is mixed the key encipher-decipher method at random, comprises step:
A, according to the total class of asymmetric key algorithm and corresponding key to forming the unsymmetrical key container;
B, form session key algorithm container according to the total class of symmetric key algorithm;
C, there is at random generator realize unsymmetrical key selector and session key algorithm selector at random at random;
D, form by the unsymmetrical key of selecting at random and symmetrical close algorithm and the symmetric key that produces at random and to mix key at random;
E, have unsymmetrical key at random selector in the unsymmetrical key container, select to obtain unsymmetrical key folder name sign and unsymmetrical key sign at random, and with unsymmetrical key folder name sign and unsymmetrical key sign implantation information flow head;
F, have the session key algorithm at random selector in session key algorithm container, select to obtain session key algorithm sign at random, have the random signal generator to produce session key according to the key length that the session key algorithm identifies specified algorithm; PKI with the unsymmetrical key of selecting is at random implanted the information flow middle part with session key algorithm sign and session key, then will information transmitted encrypt implantation information flow afterbody with session key;
G, with the private key of the unsymmetrical key in the unsymmetrical key container of information flow head appointment information flow middle part decrypts information is got session key sign and session key, the algorithm of being formulated according to the session key sign with session key is with information flow afterbody deciphering acquired information plaintext then.
2. a kind of key encipher-decipher method that mixes at random as claimed in claim 1 is characterized in that, the total class of described asymmetric key algorithm comprises and is not limited to: SM2, ECC and RSA.
3. a kind of key encipher-decipher method that mixes at random as claimed in claim 1 is characterized in that, the total class of described symmetric key algorithm comprises and is not limited to: DES, 3DES, SSF33, SCB2, IDEA, AES and SM1.
4. a kind of key encipher-decipher method that mixes at random as claimed in claim 1 is characterized in that, described information flow head comprises unsymmetrical key folder name sign and unsymmetrical key sign at least.
5. a kind of key encipher-decipher method that mixes at random as claimed in claim 1 is characterized in that, described information flow middle part comprises session key algorithm sign and session key information at least.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011101989277A CN102255725A (en) | 2011-07-16 | 2011-07-16 | Random hybrid key encryption/decryption method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011101989277A CN102255725A (en) | 2011-07-16 | 2011-07-16 | Random hybrid key encryption/decryption method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102255725A true CN102255725A (en) | 2011-11-23 |
Family
ID=44982732
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2011101989277A Pending CN102255725A (en) | 2011-07-16 | 2011-07-16 | Random hybrid key encryption/decryption method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102255725A (en) |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103346886A (en) * | 2013-07-01 | 2013-10-09 | 天地融科技股份有限公司 | Signature data sending method and electronic signature token |
| CN104052742A (en) * | 2014-06-11 | 2014-09-17 | 上海康煦智能科技有限公司 | Internet of things communication protocol capable of being encrypted dynamically |
| CN104507087A (en) * | 2014-12-19 | 2015-04-08 | 上海斐讯数据通信技术有限公司 | Security service system and security service method for mobile office work |
| CN105025036A (en) * | 2015-08-07 | 2015-11-04 | 北京环度智慧智能技术研究所有限公司 | Cognitive ability test value encryption and transmission method based on internet |
| CN105099672A (en) * | 2015-08-04 | 2015-11-25 | 东南大学 | Hybrid encryption method and device for realizing the same |
| US9430657B2 (en) | 2013-03-07 | 2016-08-30 | National Cheng Kung University | Data encryption system and method |
| CN107070948A (en) * | 2017-05-23 | 2017-08-18 | 广东工业大学 | Signature and verification method based on hybrid encryption algorithm in cloud storage |
| CN109033830A (en) * | 2018-08-10 | 2018-12-18 | 上海联寓智能科技有限公司 | Data safety processing method, device, equipment and medium |
| WO2019153701A1 (en) * | 2018-02-12 | 2019-08-15 | 华为技术有限公司 | Method and apparatus for obtaining device identification |
| CN111600829A (en) * | 2019-02-21 | 2020-08-28 | 杭州萤石软件有限公司 | Secure communication method and system for Internet of things equipment |
| CN115834043A (en) * | 2022-11-04 | 2023-03-21 | 金邦达有限公司 | Encrypted communication method, first end equipment and second end equipment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1909447A (en) * | 2005-08-03 | 2007-02-07 | 盛趣信息技术(上海)有限公司 | Method for network data communication by using dynamic encryption algorithm |
| CN101656960A (en) * | 2009-09-16 | 2010-02-24 | 中兴通讯股份有限公司 | Point-to-point communication method based on near field communication and near field communication device |
| CN101964786A (en) * | 2010-09-17 | 2011-02-02 | 中山大学 | Set-top box-based secure information transmission system and method |
| CN102111265A (en) * | 2011-01-13 | 2011-06-29 | 中国电力科学研究院 | Method for encrypting embedded secure access module (ESAM) of power system acquisition terminal |
-
2011
- 2011-07-16 CN CN2011101989277A patent/CN102255725A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1909447A (en) * | 2005-08-03 | 2007-02-07 | 盛趣信息技术(上海)有限公司 | Method for network data communication by using dynamic encryption algorithm |
| CN101656960A (en) * | 2009-09-16 | 2010-02-24 | 中兴通讯股份有限公司 | Point-to-point communication method based on near field communication and near field communication device |
| CN101964786A (en) * | 2010-09-17 | 2011-02-02 | 中山大学 | Set-top box-based secure information transmission system and method |
| CN102111265A (en) * | 2011-01-13 | 2011-06-29 | 中国电力科学研究院 | Method for encrypting embedded secure access module (ESAM) of power system acquisition terminal |
Non-Patent Citations (2)
| Title |
|---|
| 《信息化建设》 20060430 於建华 基于DES和RSA的混合加密机制 37-39 1-5 , 第4期 * |
| 於建华: "基于DES和RSA的混合加密机制", 《信息化建设》, no. 4, 30 April 2006 (2006-04-30), pages 37 - 39 * |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9430657B2 (en) | 2013-03-07 | 2016-08-30 | National Cheng Kung University | Data encryption system and method |
| CN103346886A (en) * | 2013-07-01 | 2013-10-09 | 天地融科技股份有限公司 | Signature data sending method and electronic signature token |
| CN103346886B (en) * | 2013-07-01 | 2016-12-28 | 天地融科技股份有限公司 | A kind of method sending signed data and electronic signature token |
| CN104052742A (en) * | 2014-06-11 | 2014-09-17 | 上海康煦智能科技有限公司 | Internet of things communication protocol capable of being encrypted dynamically |
| CN104507087A (en) * | 2014-12-19 | 2015-04-08 | 上海斐讯数据通信技术有限公司 | Security service system and security service method for mobile office work |
| CN105099672B (en) * | 2015-08-04 | 2018-01-26 | 东南大学 | Hybrid encryption method and device for realizing the method |
| CN105099672A (en) * | 2015-08-04 | 2015-11-25 | 东南大学 | Hybrid encryption method and device for realizing the same |
| CN105025036A (en) * | 2015-08-07 | 2015-11-04 | 北京环度智慧智能技术研究所有限公司 | Cognitive ability test value encryption and transmission method based on internet |
| CN105025036B (en) * | 2015-08-07 | 2018-08-17 | 北京环度智慧智能技术研究所有限公司 | A kind of Cognitive Aptitude Test value Internet-based encryption and transmission method |
| CN107070948A (en) * | 2017-05-23 | 2017-08-18 | 广东工业大学 | Signature and verification method based on hybrid encryption algorithm in cloud storage |
| WO2019153701A1 (en) * | 2018-02-12 | 2019-08-15 | 华为技术有限公司 | Method and apparatus for obtaining device identification |
| US11350286B2 (en) | 2018-02-12 | 2022-05-31 | Huawei Technologies Co., Ltd. | Device identifier obtaining method and apparatus |
| CN109033830A (en) * | 2018-08-10 | 2018-12-18 | 上海联寓智能科技有限公司 | Data safety processing method, device, equipment and medium |
| CN111600829A (en) * | 2019-02-21 | 2020-08-28 | 杭州萤石软件有限公司 | Secure communication method and system for Internet of things equipment |
| CN115834043A (en) * | 2022-11-04 | 2023-03-21 | 金邦达有限公司 | Encrypted communication method, first end equipment and second end equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102255725A (en) | Random hybrid key encryption/decryption method | |
| CN113259329B (en) | Method and device for data careless transmission, electronic equipment and storage medium | |
| US20100031051A1 (en) | Protocol And Method For Client-Server Mutual Authentication Using Event-Based OTP | |
| CN105376213A (en) | Identity-based broadcast encryption scheme | |
| CN112564906B (en) | Block chain-based data security interaction method and system | |
| JP2022537733A (en) | Authenticated key agreement | |
| US20190268145A1 (en) | Systems and Methods for Authenticating Communications Using a Single Message Exchange and Symmetric Key | |
| CN104735070B (en) | A kind of data sharing method between general isomery encryption cloud | |
| CN102664740B (en) | Remote-authorization-based bidding document encryption and decryption method | |
| CN103152362B (en) | Based on the large data files encrypted transmission method of cloud computing | |
| CN112804205A (en) | Data encryption method and device and data decryption method and device | |
| CN103036684B (en) | Identity-based encryption (IBE) data encryption system and method capable of lowering damages of master key crack and disclosure | |
| CN105763331A (en) | Data encryption method, device, data decryption method and device | |
| US11722466B2 (en) | Methods for communicating data utilizing sessionless dynamic encryption | |
| CN114362928A (en) | A Quantum Key Distribution and Reconstruction Method for Multi-node Encryption | |
| CN108933659B (en) | An identity verification system and verification method for a smart grid | |
| CN101977197A (en) | Multi-receiver encryption method based on biological characteristics | |
| CN104836657A (en) | Identity anonymity-based broadcast encryption method having efficient decryption characteristic | |
| CN103117850B (en) | A kind of method for building up of the cryptographic system based on random sequence database | |
| CN106789053A (en) | Random ciphertext generation method and system, decryption method and system | |
| CN102281303A (en) | Data exchange method | |
| CN105376221A (en) | Game message encryption mechanism based on dynamic password, and game system | |
| CN107171797A (en) | A kind of data ciphering method and device | |
| US20210044435A1 (en) | Method for transmitting data from a motor vehicle and method for another vehicle to receive the data through a radio communication channel | |
| CN114070549A (en) | Key generation method, device, equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20111123 |