CN106453426A - Symmetric encryption and decryption method and system based on key space-time fragmentation storage - Google Patents

Symmetric encryption and decryption method and system based on key space-time fragmentation storage Download PDF

Info

Publication number
CN106453426A
CN106453426A CN201611144255.0A CN201611144255A CN106453426A CN 106453426 A CN106453426 A CN 106453426A CN 201611144255 A CN201611144255 A CN 201611144255A CN 106453426 A CN106453426 A CN 106453426A
Authority
CN
China
Prior art keywords
time
space
cipher key
generation module
terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201611144255.0A
Other languages
Chinese (zh)
Other versions
CN106453426B (en
Inventor
刘剑飞
常清雪
肖建
付强
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan Changhong Electric Co Ltd
Original Assignee
Sichuan Changhong Electric Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan Changhong Electric Co Ltd filed Critical Sichuan Changhong Electric Co Ltd
Priority to CN201611144255.0A priority Critical patent/CN106453426B/en
Publication of CN106453426A publication Critical patent/CN106453426A/en
Application granted granted Critical
Publication of CN106453426B publication Critical patent/CN106453426B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/068Network architectures or network communication protocols for network security for supporting key management in a packet data network using time-dependent keys, e.g. periodically changing keys
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0478Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0872Generation of secret information including derivation or calculation of cryptographic keys or passwords using geo-location information, e.g. location data, time, relative position or proximity to other entities

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention relates to the encryption and decryption technology, and discloses a symmetric encryption and decryption method and system based on key space-time fragmentation storage for guaranteeing the security of keys to improve the security of data transmission. The symmetric encryption and decryption system comprises a terminal and a server; the terminal comprises a time key segment generation module, a space key segment generation module, a fixed key segment generation module and a verification module; the server comprises a time key segment generation module, a space key segment generation module, a fixed key segment generation module and a verification module, which are the same as those of the terminal, wherein the time key segment generation modules, the space key segment generation modules and the fixed key segment generation modules are distributed in different servers. The symmetric encryption and decryption method and system disclosed by the invention is suitable for high security data transmission.

Description

Symmetrical encryption and decryption method and system based on the storage of key space-time fragmentation
Technical field
The present invention relates to encryption and decryption technology and in particular to based on key space-time fragmentation storage symmetrical encipher-decipher method and System.
Background technology
With the development of Internet technology, the communication between terminal server is very frequent.By capturing terminal kimonos The message at business device end is analyzed counting, and finds that mass data does not all take encipherment protection measure, is directly plaintext transmission.Cause This, encrypted transmission message is extremely important.Take encrypted transmission, in order to ensure encryption and decryption efficiency, generally use symmetric cryptography mode. And the key safety of symmetric cryptography, it is that symmetric cipher secure is most important.How to store and obtain symmetric cryptographic key, especially It is the safety of terminal key storage, prevent it from being obtained the key being to ensure that key and symmetric cipher secure by decompiling.
Content of the invention
The technical problem to be solved is:A kind of symmetrical encryption and decryption based on the storage of key space-time fragmentation is proposed Method and system, ensure the safety of key, thus improving the safety of data transfer.
The technical solution adopted for the present invention to solve the technical problems is:
Based on the symmetrical encrypting and deciphering system of key space-time fragmentation storage, it includes terminal server end;
Described terminal includes:Time cipher key sections generation module, space cipher key sections generation module, fixed key section generation module And correction verification module;
Described server end includes and terminal identical time cipher key sections generation module, space cipher key sections generation module, solid Determine cipher key sections generation module and correction verification module, wherein, time cipher key sections generation module, space cipher key sections generation module, fixation are close Key section generation module adopts distributed arrangement in different server;
Described time cipher key sections generation module, for intercepting current time as parameter, through algorithm be converted into by letter, Numeral and spcial character composition 20 time cipher key sections, using this cipher key sections as symmetric cryptographic key Zeitigung attribute;
Described space cipher key sections generation module, for being presently in the longitude of position and latitude as parameter, warp using terminal Cross the 32 bit space cipher key sections that algorithm is converted into being made up of letter, numeral and spcial character, using this cipher key sections as symmetric cryptography The spatialization attribute of key;
Described fixed key section generation module, close for generating the fixation being made up of 8 character strings with service attribute Key section, and for forming key, and calling symmetric encipherment algorithm to bright time cipher key sections, space cipher key sections, fixed key section Literary composition is encrypted, or ciphertext is decrypted;
Described correction verification module, for generating time check code and space check code, and to present system time and terminal warp Latitude data is verified.
As optimizing further, the current time precision that described time cipher key sections generation module is intercepted is 1000ms, that is, The time cipher key sections being generated in current time to the time period delay 1000ms are identical.
As optimizing further, the space cipher key sections generation module of described server end is previously according to the current institute of each terminal The longitude of place position and latitude generate space cipher key sections, and are saved in the corresponding number of space cipher key sections generation module place server According in storehouse, and correspond associated storage with space check code.
As optimizing further, described time check code is:Terminal by sha256 encryption is carried out to present system time, Take the check value acquired in first 45 of ciphertext after encryption;
Described space check code is:The longitude and latitude of its present position of terminal-pair takes 2 after arithmetic point, is carried out with " & " symbol Connect, then carry out sha256 encryption, take the check value acquired in first 45 of ciphertext after encryption.
As optimizing further, described present system time is verified, refer to:
Server, after receiving the incoming time check code of terminal, carries out sha256 to server present system time and adds Close, take front 45 acquisition check values of ciphertext after encryption, the time check code incoming with terminal is compared, if unanimously, enters Enter the follow-up process of deciphering, if inconsistent, cannot be carried out deciphering, and prompt terminal.
As optimizing further, described terminal longitude and latitude degrees of data is verified, refer to:
Server, after receiving the incoming space check code of terminal, takes according to this terminal corresponding longitude and latitude degrees of data of storage 2 after arithmetic point, it is attached with " & " symbol, then carries out sha256 encryption, take front 45 acquisition check values of ciphertext after encryption The space check code incoming with terminal is compared, if unanimously, obtains corresponding space cipher key sections according to space check code.
Additionally, present invention also offers a kind of symmetrical encipher-decipher method based on the storage of key space-time fragmentation, it includes Implemented below step:
The information that A, terminal will send is combined by prescribed form, the plaintext after combination is encrypted, encryption side Formula is:Space cipher key sections generation module is called to generate space cipher key sections first, when recalling the generation of time cipher key sections generation module Between cipher key sections, call correction verification module to generate space check code and time check code simultaneously;Fixed key section is finally called to generate mould Block generates fixed key section, and general space cipher key sections and time cipher key sections generate symmetric key, calls algorithm by plain text encryption Become ciphertext, and send jointly to server together with time check code and space check code;
After B, server receive the request of terminal transmission, first time check code is verified, if time check code is not Correct then not decipher, and prompt terminal adjustment time and server sync, if correctly, verify terminal longitude and latitude degrees of data, school Test by rear, carry out subsequent decryption flow process, deciphering flow process is:When the time cipher key sections generation module of invoking server first generates Between cipher key sections, then corresponding space cipher key sections are extracted according to space check code, are finally generated by fixed key section generation module Fixed key section, and integrating time cipher key sections and space cipher key sections generate symmetric key, call algorithm that ciphertext is decrypted, obtain Take in plain text;
After the completion of C, server are processed according to the plaintext that deciphering obtains, response message is combined into response report by prescribed form Literary composition, and response message is encrypted, cipher mode is:Allocating time cipher key sections generation module generates the time according to current time Cipher key sections, then the space cipher key sections with using when deciphering before, and generated after fixed key section by fixed key section generation module Time cipher key sections, space cipher key sections and fixed key section are carried out integrating and generates symmetric key, call algorithm that response message is entered Row is encrypted and is fed back to terminal;
After D, the terminal response message after receiving encryption, message is decrypted, manner of decryption is:First according to current System time allocating time cipher key sections generation module generates time cipher key sections;Longitude and latitude is obtained according to residing geographical position, calls Space cipher key sections generation module generates space key;After the last generation fixed key section by fixed key section generation module, integrate Time cipher key sections, space cipher key sections and fixed key section generate counterpart keys, call algorithm that the response message after encryption is carried out Deciphering.
The invention has the beneficial effects as follows:
By the way of space-time fragmentation, store symmetric cryptographic key at terminal server end:Symmetric cryptographic key is eventually End takes fragmentation to be divided into some sections, and one section is based on current time and generates through special algorithm, and one section is warp based on geographical position Latitude scope generates through special algorithm, along with other fixed fields, is algorithmically combined into encryption key.
Server end takes the mode synchronous with terminal time to be based on the corresponding key segments of time generation, is simultaneously based on end The geographical position at end generates corresponding key segments, along with fixed field corresponding with terminal, algorithmically synthesis and terminal one Straight key.This ensure that symmetric cryptographic key is dynamically generated, terminal does not carry out key persistence simultaneously, and decompiling cannot Direct access;Time key segments and space key segments and other secret agreement segment are put by server end with distributed mode Put in different server, prevent individual server from being led to whole Key Exposure by attack.It is ensured that key from terminal to server Safety.
Brief description
Fig. 1 encrypts for terminal to server end and sends request message, the flow process deciphered by server;
Fig. 2 is that server end sends response message to terminal encryption, by the flow process of terminal deciphering.
Specific embodiment
It is contemplated that proposing a kind of symmetrical encryption and decryption method and system based on the storage of key space-time fragmentation, ensure close The safety of key, thus improve the safety of data transfer.
The symmetrical encrypting and deciphering system based on the storage of key space-time fragmentation in the present invention, it includes terminal server End;
Described terminal includes:Time cipher key sections generation module, space cipher key sections generation module, fixed key section generation module And correction verification module;
Described server end includes and terminal identical time cipher key sections generation module, space cipher key sections generation module, solid Determine cipher key sections generation module and correction verification module, wherein, time cipher key sections generation module, space cipher key sections generation module, fixation are close Key section generation module adopts distributed arrangement in different server;
The function declaration of modules is as follows:
First, the cipher key sections generation module function phase of the time cipher key sections generation module server of terminal is same.Terminal or clothes After business device triggered time cipher key sections generation module, the generation current time in system is truncated to the precision of 1000 Milliseconds.Obtain when Between as parameter, be converted into 20 cipher key sections being made up of letter, numeral and spcial character through algorithm.This cipher key sections is as right Claim the Zeitigung attribute of encryption key.The precision of 1000 Milliseconds, that is, delaying the time cipher key sections generating in 1000 milliseconds is phase With.
2nd, the space cipher key sections generation module function phase of the space cipher key sections generation module server of terminal is same.Terminal After the cipher key sections generation module of triggering space, terminal obtains longitude and the latitude being presently in position.Using longitude and latitude as ginseng Number, is converted into 32 cipher key sections being made up of letter, numeral and spcial character through algorithm.The cipher key sections generating are by longitude and latitude Area generation, that is, in one section of big minizone, it is identical that latitude generates space cipher key sections in one section of big minizone to the longitude of terminal. The space cipher key sections being similarly in this interval different terminals generation are identical.Interval division is less, and the space cipher key sections of generation are just More.
The space cipher key sections of server end are generated in the way of same with terminal, that is, using longitude and latitude as parameter, warp Cross 32 cipher key sections that algorithm is converted into being made up of letter, numeral and spcial character.The cipher key sections generating are by longitude and latitude region Generate, that is, in one section of big minizone, it is identical that latitude generates space cipher key sections in one section of big minizone to the longitude of terminal.Key Duan Tiqian generates the lane database being saved in space key server, with space check code associated storage.Space key database Store all regions cipher key sections that service need to be provided, cipher key sections are according to business and demand for security zoning, by divide Region longitude and latitude generates each cipher key sections.
These cipher key sections are as the spatialization attribute of symmetric cryptographic key.
3rd, the fixed key section generation module function phase of the fixed key section generation module server of terminal is same.Terminal Server end preserves identical cipher key sections, and cipher key sections are 8 character string compositions with service attribute.This module has assembling The function of key, by time cipher key sections, space cipher key sections, fixed key section composition key, and calls symmetric encipherment algorithm to bright Literary composition is encrypted, and ciphertext is decrypted.
4th, the correction verification module function phase of the correction verification module server of terminal is same.Correction verification module to present system time and Longitude dimension is verified.Concrete effect has:
1st, sha256 encryption is carried out to present system time, take first 45 of ciphertext as check value service device.With Server present system time carries out sha256 and encrypts and take first 45 of ciphertext to be contrasted, identical to ensure terminal and service The time of device section always, otherwise prompt time inconsistent it is impossible to encryption and decryption.
2nd, terminal-pair longitude and latitude takes 2 after arithmetic point, is attached with " & " symbol, then carries out sha256 encryption.Take ciphertext 45 before first 45 sha256 being connected with " & " symbol as space check code service device, server storage correspondence longitude and latitude Position ciphertext storehouse.Contrast success with server storage, obtains the space cipher key sections in counterpart keys storehouse.
3rd, sha256 encrypted cipher text length is 128, and for improving contrast, search efficiency takes first 45 to be held as check code Longization.After tested, first 45 of the sha256 ciphertext of system time and longitude and latitude is not in identical situation.
The symmetrical encipher-decipher method being stored based on key space-time fragmentation based on said system, the present invention, is walked including following Suddenly:
The information that A, terminal will send is combined by prescribed form (such as xml, j son etc.), to the plaintext after combination It is encrypted, cipher mode is:Call space cipher key sections generation module to generate space cipher key sections first, recall time cipher key sections Generation module generates time cipher key sections, calls correction verification module to generate space check code and time check code simultaneously;Finally call solid Determine cipher key sections generation module and generate fixed key section, and general space cipher key sections and time cipher key sections generate symmetric key, call Plain text encryption is become ciphertext by algorithm, and sends jointly to server together with time check code and space check code;
After B, server receive the request of terminal transmission, first time check code is verified, if time check code is not Correct then not decipher, and prompt terminal adjustment time and server sync, if correctly, verify terminal longitude and latitude degrees of data, school Test by rear, carry out subsequent decryption flow process, deciphering flow process is:When the time cipher key sections generation module of invoking server first generates Between cipher key sections, then corresponding space cipher key sections are extracted according to space check code, are finally generated by fixed key section generation module Fixed key section, and integrating time cipher key sections and space cipher key sections generate symmetric key, call algorithm that ciphertext is decrypted, obtain Take in plain text;
After the completion of C, server are processed according to the plaintext that deciphering obtains, response message is pressed prescribed form (such as xml, j son Deng) it is combined into response message, and response message is encrypted, cipher mode is:Allocating time cipher key sections generation module according to Current time generates time cipher key sections, then the space cipher key sections with using when deciphering before, and by fixed key section generation module After generating fixed key section, time cipher key sections, space cipher key sections and fixed key section are carried out integrating and generate symmetric key, call Algorithm is encrypted to response message and feeds back to terminal;
After D, the terminal response message after receiving encryption, message is decrypted, manner of decryption is:First according to current System time allocating time cipher key sections generation module generates time cipher key sections;Longitude and latitude is obtained according to residing geographical position, calls Space cipher key sections generation module generates space key;After the last generation fixed key section by fixed key section generation module, integrate Time cipher key sections, space cipher key sections and fixed key section generate counterpart keys, call algorithm that the response message after encryption is carried out Deciphering.
In such scheme, wherein step A and step B are encrypted for terminal to server end and are sent request message, by server The flow process of deciphering, referring to Fig. 1, step C and step D are that server end sends response message to terminal encryption, by end to implementation steps The flow process of end deciphering, implementation steps are referring to Fig. 2.

Claims (7)

1. the symmetrical encrypting and deciphering system based on the storage of key space-time fragmentation is it is characterised in that include terminal server end;
Described terminal includes:Time cipher key sections generation module, space cipher key sections generation module, fixed key section generation module and school Test module;
Described server end includes close with terminal identical time cipher key sections generation module, space cipher key sections generation module, fixation Key section generation module and correction verification module, wherein, time cipher key sections generation module, space cipher key sections generation module, fixed key section Generation module adopts distributed arrangement in different server;
Described time cipher key sections generation module, for intercepting current time as parameter, is converted into by alphabetical, digital through algorithm With spcial character composition 20 time cipher key sections, using this cipher key sections as symmetric cryptographic key Zeitigung attribute;
Described space cipher key sections generation module, for terminal being presently in the longitude of position and latitude as parameter, through calculating Method is converted into 32 bit space cipher key sections being made up of letter, numeral and spcial character, using this cipher key sections as symmetric cryptographic key Spatialization attribute;
Described fixed key section generation module, for generating the fixed key section being made up of 8 character strings with service attribute, And for time cipher key sections, space cipher key sections, fixed key section are formed key, and call symmetric encipherment algorithm that plaintext is carried out Encryption, or ciphertext is decrypted;
Described correction verification module, for generating time check code and space check code, and to present system time and terminal longitude and latitude Data is verified.
2. the symmetrical encrypting and deciphering system based on the storage of key space-time fragmentation as claimed in claim 1 is it is characterised in that described The current time precision that time cipher key sections generation module is intercepted is 1000ms, that is, in current time to the time delaying 1000ms The time cipher key sections being generated in section are identical.
3. the symmetrical encrypting and deciphering system based on the storage of key space-time fragmentation as claimed in claim 1 is it is characterised in that described The space cipher key sections generation module of server end is presently in the longitude of position previously according to each terminal and latitude generates space Cipher key sections, and it is saved in the corresponding lane database of space cipher key sections generation module place server, and with space check code one by one Corresponding associated storage.
4. the symmetrical encrypting and deciphering system based on the storage of key space-time fragmentation as claimed in claim 1 is it is characterised in that described Time check code is:Terminal by carrying out sha256 encryption to present system time, takes acquired in first 45 of ciphertext after encryption Check value;
Described space check code is:The longitude and latitude of its present position of terminal-pair takes 2 after arithmetic point, is attached with " & " symbol, Carry out sha256 encryption again, take the check value acquired in first 45 of ciphertext after encryption.
5. the symmetrical encrypting and deciphering system based on the storage of key space-time fragmentation as claimed in claim 4 is it is characterised in that described Present system time is verified, refers to:
Server, after receiving the incoming time check code of terminal, carries out sha256 encryption to server present system time, takes Front 45 acquisition check values of ciphertext after encryption, the time check code incoming with terminal is compared, if unanimously, enters deciphering Follow-up process, if inconsistent, cannot be carried out deciphering, and prompt terminal.
6. the symmetrical encrypting and deciphering system based on the storage of key space-time fragmentation as claimed in claim 4 is it is characterised in that described Terminal longitude and latitude degrees of data is verified, refers to:
Server, after receiving the incoming space check code of terminal, takes decimal according to this terminal corresponding longitude and latitude degrees of data of storage 2 after point, it is attached with " & " symbol, then carries out sha256 encryption, after taking encryption, first 45 of ciphertext obtain check value and end Hold incoming space check code to compare, if unanimously, corresponding space cipher key sections are obtained according to space check code.
7. the symmetrical encipher-decipher method based on the storage of key space-time fragmentation is it is characterised in that comprise the following steps:
The information that A, terminal will send is combined by prescribed form, the plaintext after combination is encrypted, cipher mode is: Call space cipher key sections generation module to generate space cipher key sections first, recall time cipher key sections generation module and generate time key Section, calls correction verification module to generate space check code and time check code simultaneously;Fixed key section generation module is finally called to generate Fixed key section, and general space cipher key sections and time cipher key sections generate symmetric key, call algorithm that plain text encryption is become ciphertext, And send jointly to server together with time check code and space check code;
After B, server receive the request of terminal transmission, first time check code is verified, if time check code is incorrect Then not decipher, and prompt terminal adjustment time and server sync, if correctly, verify terminal longitude and latitude degrees of data, verification is logical Later, carry out subsequent decryption flow process, deciphering flow process is:It is close that the time cipher key sections generation module of invoking server first generates the time Key section, then extracts corresponding space cipher key sections according to space check code, is finally generated by fixed key section generation module and fixes Cipher key sections, and integrating time cipher key sections and space cipher key sections generate symmetric key, call algorithm that ciphertext is decrypted, and obtain bright Literary composition;
After the completion of C, server are processed according to the plaintext that deciphering obtains, response message is combined into response message by prescribed form, And response message is encrypted, cipher mode is:It is close that allocating time cipher key sections generation module generates the time according to current time Key section, then the space cipher key sections with using when deciphering before, and incited somebody to action by after fixed key section generation module generation fixed key section Time cipher key sections, space cipher key sections and fixed key section carry out integrating generation symmetric key, call algorithm that response message is carried out Encrypt and feed back to terminal;
After D, the terminal response message after receiving encryption, message is decrypted, manner of decryption is:First according to current system Time allocating time cipher key sections generation module generates time cipher key sections;Longitude and latitude is obtained according to residing geographical position, calls space Cipher key sections generation module generates space key;After the last generation fixed key section by fixed key section generation module, integrating time Cipher key sections, space cipher key sections and fixed key section generate counterpart keys, call algorithm that the response message after encryption is decrypted.
CN201611144255.0A 2016-12-13 2016-12-13 Symmetric encryption and decryption method and system based on key space-time fragmented storage Active CN106453426B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201611144255.0A CN106453426B (en) 2016-12-13 2016-12-13 Symmetric encryption and decryption method and system based on key space-time fragmented storage

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201611144255.0A CN106453426B (en) 2016-12-13 2016-12-13 Symmetric encryption and decryption method and system based on key space-time fragmented storage

Publications (2)

Publication Number Publication Date
CN106453426A true CN106453426A (en) 2017-02-22
CN106453426B CN106453426B (en) 2020-02-04

Family

ID=58217767

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201611144255.0A Active CN106453426B (en) 2016-12-13 2016-12-13 Symmetric encryption and decryption method and system based on key space-time fragmented storage

Country Status (1)

Country Link
CN (1) CN106453426B (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108667605A (en) * 2018-04-25 2018-10-16 拉扎斯网络科技(上海)有限公司 Data encryption and decryption method and device
CN109462475A (en) * 2018-11-15 2019-03-12 泰康保险集团股份有限公司 Data ciphering method, decryption method and relevant apparatus
CN112770320A (en) * 2020-12-27 2021-05-07 常熟开关制造有限公司(原常熟开关厂) Circuit breaker communication method and device based on dynamic secret key
CN113794700A (en) * 2021-08-30 2021-12-14 合肥致存微电子有限责任公司 Remote USB (universal serial bus) flash disk data communication encryption method and device
CN113852462A (en) * 2021-09-27 2021-12-28 王健庭 Method and system for creating symmetric key without distribution and management

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101466144A (en) * 2009-01-15 2009-06-24 山东大学 Three-dimensional space-time combined encrypt communication apparatus based on GNSS and communication method thereof
CN105809070A (en) * 2016-03-14 2016-07-27 贵州大学 USB flash disk fingerprint authentication encryption method

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101466144A (en) * 2009-01-15 2009-06-24 山东大学 Three-dimensional space-time combined encrypt communication apparatus based on GNSS and communication method thereof
CN105809070A (en) * 2016-03-14 2016-07-27 贵州大学 USB flash disk fingerprint authentication encryption method

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108667605A (en) * 2018-04-25 2018-10-16 拉扎斯网络科技(上海)有限公司 Data encryption and decryption method and device
CN108667605B (en) * 2018-04-25 2021-02-23 拉扎斯网络科技(上海)有限公司 Data encryption and decryption method and device
CN109462475A (en) * 2018-11-15 2019-03-12 泰康保险集团股份有限公司 Data ciphering method, decryption method and relevant apparatus
CN109462475B (en) * 2018-11-15 2021-08-13 泰康保险集团股份有限公司 Data encryption method, data decryption method and related devices
CN112770320A (en) * 2020-12-27 2021-05-07 常熟开关制造有限公司(原常熟开关厂) Circuit breaker communication method and device based on dynamic secret key
CN113794700A (en) * 2021-08-30 2021-12-14 合肥致存微电子有限责任公司 Remote USB (universal serial bus) flash disk data communication encryption method and device
CN113852462A (en) * 2021-09-27 2021-12-28 王健庭 Method and system for creating symmetric key without distribution and management

Also Published As

Publication number Publication date
CN106453426B (en) 2020-02-04

Similar Documents

Publication Publication Date Title
CN106453426A (en) Symmetric encryption and decryption method and system based on key space-time fragmentation storage
CN110868301B (en) Identity authentication system and method based on state cryptographic algorithm
EP1750389B1 (en) System and method for updating keys used for public key cryptography
US6996712B1 (en) Data authentication system employing encrypted integrity blocks
CN107257350B (en) Offline authentication or payment method of wearable equipment
CN110401615B (en) Identity authentication method, device, equipment, system and readable storage medium
CN111526023B (en) Block chain uplink data security authentication method and system based on IPK
CN103684794A (en) Communication data encryption and decryption method based on DES (Data Encryption Standard), RSA and SHA-1 (Secure Hash Algorithm) encryption algorithms
CN108009440A (en) Date storage method, querying method, device, storage medium and computer equipment
CN108259407B (en) Symmetric encryption method and system based on timestamp
CN103731270B (en) Communication data encryption and decryption method based on BBS, RSA and SHA-1 encryption algorithm
CN101789865A (en) Dedicated server used for encryption and encryption method
CN111586076A (en) Remote control and telemetry information tamper-proof encryption and decryption method and system based on mixed password
EP2117200A1 (en) Method and apparatus for broadcast authentication
CN105681470A (en) Communication method, server and terminal based on hypertext transfer protocol
CN111767559B (en) Field level encryption blockchain data
CN108090370A (en) Instant messaging encryption method and system based on index
CN106788991A (en) A kind of method and device of data transfer
CN112653719A (en) Automobile information safety storage method and device, electronic equipment and storage medium
WO2023160420A1 (en) Group message encryption method and apparatus, device and storage medium
CN102598575B (en) Method and system for the accelerated decryption of cryptographically protected user data units
CN106385313A (en) Random cryptograph system based on grouping encryption algorithm and realization method thereof
CN111586023B (en) Authentication method, authentication equipment and storage medium
US10530581B2 (en) Authenticated broadcast encryption
CN100431297C (en) Method for preventing user's pin from illegal use by double verification protocol

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant