CN111756532A - Data transmission method and device - Google Patents

Data transmission method and device Download PDF

Info

Publication number
CN111756532A
CN111756532A CN202010515479.8A CN202010515479A CN111756532A CN 111756532 A CN111756532 A CN 111756532A CN 202010515479 A CN202010515479 A CN 202010515479A CN 111756532 A CN111756532 A CN 111756532A
Authority
CN
China
Prior art keywords
data
hardware
authentication terminal
security authentication
target security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010515479.8A
Other languages
Chinese (zh)
Other versions
CN111756532B (en
Inventor
张志勇
范志刚
卢涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Xian Wanxiang Electronics Technology Co Ltd
Original Assignee
Xian Wanxiang Electronics Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Xian Wanxiang Electronics Technology Co Ltd filed Critical Xian Wanxiang Electronics Technology Co Ltd
Priority to CN202010515479.8A priority Critical patent/CN111756532B/en
Publication of CN111756532A publication Critical patent/CN111756532A/en
Application granted granted Critical
Publication of CN111756532B publication Critical patent/CN111756532B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0877Generation of secret information including derivation or calculation of cryptographic keys or passwords using additional device, e.g. trusted platform module [TPM], smartcard, USB or hardware security module [HSM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Small-Scale Networks (AREA)
  • Information Transfer Systems (AREA)

Abstract

The disclosure provides a data transmission method and a data transmission device, relates to the field of data processing, and can solve the problem that remote transmission of data cannot be realized in the conventional hardware encryption mode. The specific technical scheme is as follows: carrying out hardware encryption on data through a target security authentication terminal inserted into a USB interface to obtain hardware encrypted data; acquiring equipment description information of a target security authentication terminal; and sending the device description information and the hardware encryption data of the target security authentication terminal to the data receiving device through the network. The data sending equipment can utilize the target security authentication terminal to perform hardware encryption on data, and meanwhile, the equipment description information of the target security authentication terminal can be sent to the data receiving equipment, so that the USB bus in the data receiving equipment can perform hardware decryption on the hardware encrypted data received from the data sending equipment based on the target security authentication terminal, and hardware encryption and hardware decryption in the data remote transmission process are achieved.

Description

Data transmission method and device
Technical Field
The present disclosure relates to the field of data processing, and in particular, to a data transmission method and apparatus.
Background
At present, in the field of communication, there are many application scenarios for data transmission, especially in a remote data transmission scenario, and when data transmission is very important, security of data transmission needs to be ensured. Compared with a software encryption mode, the hardware mode has higher safety. However, most of the existing hardware encryption methods, for example, the encryption method based on the security authentication terminal (english: USB Key, abbreviated as "UKey"), encrypt data by using the UKey connected to the local device, and then decrypt the data by using the same UKey when the data needs to be used. Obviously, this approach does not enable remote transmission of data due to the limitations of the physical UKey.
Disclosure of Invention
The embodiment of the disclosure provides a data transmission method and device, which can solve the problem that remote transmission of data cannot be realized in the conventional hardware encryption mode. The technical scheme is as follows:
according to a first aspect of the embodiments of the present disclosure, there is provided a data transmission method, which is applied to a data transmission device, and the method includes:
carrying out hardware encryption on data through a target security authentication terminal inserted into a USB interface to obtain hardware encrypted data;
acquiring equipment description information of the target security authentication terminal;
and sending the equipment description information of the target security authentication terminal and the hardware encryption data to data receiving equipment through a network, so that the data receiving equipment determines that a local target USB bus is accessed to the target security authentication terminal according to the equipment description information of the target security authentication terminal.
The data transmission method provided by the embodiment of the disclosure comprises the following steps: carrying out hardware encryption on data through a target security authentication terminal inserted into a USB interface to obtain hardware encrypted data; acquiring equipment description information of a target security authentication terminal; and sending the equipment description information and the hardware encryption data of the target security authentication terminal to the data receiving equipment through the network so that the data receiving equipment determines that the local target USB bus is accessed to the target security authentication terminal according to the equipment description information of the target security authentication terminal. The data sending equipment can utilize the target security authentication terminal to perform hardware encryption on data, and meanwhile, the equipment description information of the target security authentication terminal can be sent to the data receiving equipment, so that the USBbus in the data receiving equipment can perform hardware decryption on the hardware encrypted data received from the data sending equipment based on the target security authentication terminal, and hardware encryption and hardware decryption in the data remote transmission process are achieved.
In one embodiment, the hardware encryption of data by the target secure authenticated terminal inserted into the USB interface to obtain hardware encrypted data includes:
and carrying out hardware encryption on the data through a data encryption interface of the target security authentication terminal to obtain hardware encrypted data.
In one embodiment, the method further comprises:
receiving hardware decryption algorithm acquisition information;
and sending the hardware decryption algorithm corresponding to the target security authentication terminal to the data receiving equipment through a network.
In one embodiment, before the obtaining of the device description information of the target secure authentication terminal, the method further includes:
encrypting the hardware encrypted data by a preset algorithm to obtain a first encrypted value;
transmitting the first encrypted value and the hardware encrypted data to the data receiving apparatus through a network;
receiving a data integrity verification success message sent by the data receiving equipment;
the sending the device description information of the target security authentication terminal and the hardware encryption data to a data receiving device through a network includes:
and sending the device description information of the target security authentication terminal to data receiving equipment through a network.
According to a second aspect of the embodiments of the present disclosure, there is provided a data transmission method, which is applied to a data receiving device, the method including:
receiving hardware encryption data and equipment description information and hardware encryption data of a target security authentication terminal through a network;
determining that a local target USB bus is accessed into the target security authentication terminal according to the equipment description information of the target security authentication terminal;
and carrying out hardware decryption on the hardware encrypted data according to the target security authentication terminal to obtain data.
The data transmission method provided by the embodiment of the disclosure comprises the following steps: receiving hardware encryption data and equipment description information and hardware encryption data of a target security authentication terminal through a network; determining a local target USB bus to access a target security authentication terminal according to the equipment description information of the target security authentication terminal; and carrying out hardware decryption on the hardware encrypted data according to the target security authentication terminal to obtain the data. The data sending equipment can utilize the target security authentication terminal to perform hardware encryption on data, and meanwhile, the equipment description information of the target security authentication terminal can be sent to the data receiving equipment, so that the USB bus in the data receiving equipment can perform hardware decryption on the hardware encrypted data received from the data sending equipment based on the target security authentication terminal, and hardware encryption and hardware decryption in the data remote transmission process are achieved.
In one embodiment, the receiving, via the network, the hardware encryption data and the device description information and the hardware encryption data of the target secure authentication terminal includes:
receiving a first cryptographic value and the hardware cryptographic data over a network;
encrypting the hardware encrypted data by a preset algorithm to obtain a second encrypted value;
when the first encryption value and the second encryption value are detected to be the same, sending a data integrity verification success message to the data sending equipment;
and receiving the equipment description information of the target security authentication terminal through a network.
In one embodiment, the hardware decryption of the hardware encrypted data according to the target secure authenticated terminal includes:
controlling a data decryption interface of the target security authentication terminal to generate hardware decryption algorithm acquisition information;
sending the hardware decryption algorithm acquisition information to the data sending equipment;
receiving hardware decryption algorithm information;
and carrying out hardware decryption on the hardware encrypted data according to the hardware decryption algorithm information.
According to a third aspect of the embodiments of the present disclosure, there is provided a data transmission apparatus applied to a data transmission device, the apparatus including:
the first encryption module is used for carrying out hardware encryption on data through a target security authentication terminal inserted into the USB interface to obtain hardware encrypted data;
the acquisition module is used for acquiring the equipment description information of the target security authentication terminal;
the first sending module is used for sending the equipment description information of the target security authentication terminal and the hardware encryption data to data receiving equipment through a network so that the data receiving equipment can determine that a local target USB bus is accessed to the target security authentication terminal according to the equipment description information of the target security authentication terminal.
In one embodiment, the first encryption module includes:
and the encryption submodule is used for carrying out hardware encryption on the data through a data encryption interface of the target security authentication terminal to obtain hardware encryption data.
In one embodiment, the apparatus further comprises:
the first receiving module is used for receiving the information obtained by the hardware decryption algorithm;
and the second sending module is used for sending the hardware decryption algorithm corresponding to the target security authentication terminal to the data receiving equipment through a network.
In one embodiment, the apparatus further comprises: a second encryption module, a third sending module and a second receiving module, wherein the first sending module comprises: a first sending submodule;
the second encryption module is used for encrypting the hardware encryption data by a preset algorithm to obtain a first encryption value before the acquisition module acquires the device description information of the target security authentication terminal;
the third sending module is further configured to send the first encrypted value and the hardware encrypted data to the data receiving device through a network;
the second receiving module is further configured to receive a data integrity verification success message sent by the data receiving device;
and the first sending submodule is used for sending the equipment description information of the target security authentication terminal to data receiving equipment through a network.
Based on the data transmission method described in the embodiment corresponding to fig. 3, the following is an embodiment of the apparatus of the present disclosure, which may be used to execute the embodiment of the method of the present disclosure.
According to a fourth aspect of the embodiments of the present disclosure, there is provided a data transmission apparatus applied to a data receiving device, the apparatus including:
the third receiving module is used for receiving the hardware encrypted data and the equipment description information and the hardware encrypted data of the target security authentication terminal through the network;
the determining module is used for determining that the target security authentication terminal is accessed into a local target USB bus according to the equipment description information of the target security authentication terminal;
and the decryption module is used for carrying out hardware decryption on the hardware encrypted data according to the target security authentication terminal to obtain data.
In one embodiment, the third receiving module includes:
a first receiving submodule, configured to receive a first encrypted value and the hardware encrypted data through a network;
the calculation submodule is used for carrying out preset algorithm encryption on the hardware encryption data to obtain a second encryption value;
the second sending submodule is used for sending a data integrity verification success message to the data sending equipment when the first encryption value and the second encryption value are detected to be the same;
and the second receiving submodule is used for receiving the equipment description information of the target security authentication terminal through a network.
In one embodiment, the decryption module includes:
the control submodule is used for controlling a data decryption interface of the target security authentication terminal to generate hardware decryption algorithm acquisition information;
the third sending submodule is used for sending the hardware decryption algorithm acquisition information to the data sending equipment;
the second receiving submodule is used for receiving the hardware decryption algorithm information;
and the decryption submodule is used for carrying out hardware decryption on the hardware encrypted data according to the hardware decryption algorithm information.
According to a fifth aspect of the embodiments of the present disclosure, there is provided a data transmission system including: a data transmitting device and a data receiving device;
the data sending equipment is used for carrying out hardware encryption on data through a target security authentication terminal inserted into the USB interface to obtain hardware encrypted data;
the data sending device is also used for acquiring the device description information of the target security authentication terminal;
the data sending device is further configured to send device description information of the target security authentication terminal and the hardware encrypted data to a data receiving device through a network, so that the data receiving device determines that a local target USB bus is accessed to the target security authentication terminal according to the device description information of the target security authentication terminal;
the data receiving device is used for receiving the hardware encrypted data and the device description information and the hardware encrypted data of the target security authentication terminal through a network;
the data receiving equipment is also used for determining that the local target USB bus is accessed into the target security authentication terminal according to the equipment description information of the target security authentication terminal;
and the data receiving equipment is also used for carrying out hardware decryption on the hardware encrypted data according to the target security authentication terminal to obtain data.
In an embodiment, the data sending device is further configured to perform hardware encryption on the data through a data encryption interface of the target security authentication terminal to obtain hardware encrypted data.
In one embodiment, the data receiving device is further configured to control a data decryption interface of the target security authentication terminal to generate hardware decryption algorithm acquisition information;
the data receiving equipment is also used for sending the hardware decryption algorithm acquisition information to the data sending equipment;
the data sending equipment is also used for receiving the hardware decryption algorithm acquisition information;
the data sending equipment is also used for sending a hardware decryption algorithm corresponding to the target security authentication terminal to the data receiving equipment through a network;
the data receiving equipment is also used for receiving hardware decryption algorithm information;
and the data receiving equipment is also used for carrying out hardware decryption on the hardware encrypted data according to the hardware decryption algorithm information.
In an embodiment, the data sending device is further configured to encrypt the hardware encrypted data by using a preset algorithm to obtain a first encrypted value;
the data sending device is further configured to send the first encrypted value and the hardware encrypted data to the data receiving device through a network;
the data receiving device is further configured to receive a first encrypted value and the hardware encrypted data through a network;
the data receiving equipment is also used for encrypting the hardware encrypted data by a preset algorithm to obtain a second encrypted value;
the data receiving device is further configured to send a data integrity verification success message to the data sending device when detecting that the first encrypted value and the second encrypted value are the same;
the data sending device is further configured to receive a data integrity verification success message sent by the data receiving device;
the data sending equipment is also used for sending the equipment description information of the target security authentication terminal to the data receiving equipment through a network;
the data receiving device is further configured to receive device description information of the target security authentication terminal through a network.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and together with the description, serve to explain the principles of the disclosure.
Fig. 1 is a flowchart of a data transmission method provided by an embodiment of the present disclosure;
fig. 2 is a flowchart of a data transmission method provided by an embodiment of the present disclosure;
fig. 3 is a flowchart of a data transmission method provided by an embodiment of the present disclosure;
fig. 4 is a flowchart of a data transmission method provided by an embodiment of the present disclosure;
FIG. 5 is a block diagram of a USB system provided by an embodiment of the present disclosure;
FIG. 6 is a block diagram of the communication between a USB device and a USB bus provided by the disclosed embodiments;
FIG. 7 is a communication schematic block diagram of a device replication segment provided by an embodiment of the present disclosure;
fig. 8 is a communication schematic block diagram of USB space division multiplexing provided by an embodiment of the present disclosure;
fig. 9 is an interaction diagram of a data transmission method provided by an embodiment of the present disclosure;
fig. 10 is a schematic diagram of a data transmission system provided by an embodiment of the present disclosure;
fig. 11 is a block diagram of a data transmission apparatus according to an embodiment of the present disclosure;
fig. 12 is a structural diagram of a first encryption module in a data transmission device according to an embodiment of the disclosure;
fig. 13 is a block diagram of a data transmission apparatus according to an embodiment of the present disclosure;
fig. 14 is a block diagram of a data transmission apparatus provided in an embodiment of the present disclosure;
fig. 15 is a block diagram of a data transmission apparatus according to an embodiment of the present disclosure;
fig. 16 is a structural diagram of a third receiving module in a data transmission device according to an embodiment of the present disclosure;
fig. 17 is a structural diagram of a decryption module in a data transmission device according to an embodiment of the present disclosure.
Detailed Description
Reference will now be made in detail to the exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, like numbers in different drawings represent the same or similar elements unless otherwise indicated. The implementations described in the exemplary embodiments below are not intended to represent all implementations consistent with the present disclosure. Rather, they are merely examples of apparatus and methods consistent with certain aspects of the present disclosure, as detailed in the appended claims.
An embodiment of the present disclosure provides a data transmission method, as shown in fig. 1, where the method is applied to a data sending device, and the data transmission method includes the following steps:
101. and carrying out hardware encryption on the data through a target security authentication terminal inserted into the USB interface to obtain hardware encrypted data.
In this step, the data sending device notifies a local USB bus (english: USB bus) to perform hardware encryption on the transmitted data through a local target security authentication terminal.
For example, the target security authentication terminal may be a target UKey.
Specifically, the user inserts the target security authentication terminal into the USB interface of the data transmission device, so that the transmitted data is encrypted by the target security authentication terminal through hardware.
102. And acquiring the equipment description information of the target security authentication terminal.
After the data encryption is completed, the USB bus in the data transmission device receives the device description information of the target security authentication terminal.
After the USB bus in the data transmission device receives the device description information of the target security authentication terminal, it is known that a USB device accesses the local USB bus, and thus a corresponding USB device (the target security authentication terminal) is identified.
It is to be noted that the device description information of the target security authentication terminal herein is in the form of a URB Request Block (URB) packet.
103. And sending the equipment description information and the hardware encryption data of the target security authentication terminal to the data receiving equipment through the network so that the data receiving equipment determines that the local target USB bus is accessed to the target security authentication terminal according to the equipment description information of the target security authentication terminal.
After the data sending equipment acquires the equipment description information of the target security authentication terminal, the USB bus in the data sending equipment copies the acquired equipment description information of the target security authentication terminal and sends the copied information to the USB bus in the data receiving equipment; after receiving the device description information of the target security authentication terminal sent by the data sending device, the USB bus in the data receiving device considers that there is a USB device accessing the local USB bus and can identify the USB device (target security authentication terminal) having the corresponding device description information.
At this time, the local data transmitting device or the remote data receiving device will display the same USB device (target security authentication terminal).
According to the data sending equipment and the data receiving equipment, the data sending equipment can perform hardware encryption on data by using the target security authentication terminal, and meanwhile, the equipment description information of the target security authentication terminal can be sent to the data receiving equipment, so that the USB bus in the data receiving equipment can perform hardware decryption on the hardware encrypted data received from the data sending equipment based on the target security authentication terminal.
The method can realize hardware encryption and hardware decryption in the data remote transmission process based on the same target security authentication terminal, and can greatly improve the security of data transmission.
Before data transmission, the data sending device establishes a communication connection with the data receiving device.
The data transmission method provided by the embodiment of the disclosure comprises the following steps: carrying out hardware encryption on data through a target security authentication terminal inserted into a USB interface to obtain hardware encrypted data; acquiring equipment description information of a target security authentication terminal; and sending the equipment description information and the hardware encryption data of the target security authentication terminal to the data receiving equipment through the network so that the data receiving equipment determines that the local target USB bus is accessed to the target security authentication terminal according to the equipment description information of the target security authentication terminal. The data sending equipment can utilize the target security authentication terminal to perform hardware encryption on data, and meanwhile, the equipment description information of the target security authentication terminal can be sent to the data receiving equipment, so that the USBbus in the data receiving equipment can perform hardware decryption on the hardware encrypted data received from the data sending equipment based on the target security authentication terminal, and hardware encryption and hardware decryption in the data remote transmission process are achieved.
The target security authentication terminal comprises two interfaces, one is a data encryption interface, and the other is a data decryption interface.
Specifically, the step 101 includes the following sub-steps:
and carrying out hardware encryption on the data through a data encryption interface of the target security authentication terminal to obtain hardware encrypted data.
The data encryption interface and the data decryption interface which are included by the target security authentication terminal are respectively used for the two devices, so that the data sending device can utilize the data encryption interface of the target security authentication terminal to carry out hardware encryption on the transmission data, and the data receiving device can utilize the data decryption interface of the target security authentication terminal to decrypt the hardware encryption data, thereby realizing hardware encryption and hardware decryption in the process of data remote transmission.
In one embodiment, the above method further comprises the substeps of:
receiving hardware decryption algorithm acquisition information;
and sending the hardware decryption algorithm corresponding to the target security authentication terminal to the data receiving equipment through the network.
And after receiving the hardware decryption algorithm acquisition information sent by the data receiving equipment, sending the hardware decryption algorithm corresponding to the target security authentication terminal to the data receiving equipment through the network so as to enable the data receiving equipment to decrypt the hardware encrypted data based on the hardware decryption algorithm.
In one embodiment, as shown in fig. 2, before the step 102, the following steps are further included:
104. encrypting the hardware encrypted data by a preset algorithm to obtain a first encrypted value;
105. transmitting the first encryption value and the hardware encryption data to data receiving equipment through a network;
106. receiving a data integrity verification success message sent by data receiving equipment;
in this case, the step 103 includes the following substeps:
1031. and sending the device description information of the target security authentication terminal to the data receiving device through the network.
In order to ensure the integrity of the hardware encrypted data decrypted by the data receiving equipment, in the disclosure, the hardware encrypted data is encrypted through a preset algorithm to obtain a first encrypted value, the first encrypted value and the hardware encrypted data are further sent to the data receiving equipment through a network, after a data integrity verification success message sent by the data receiving equipment is received, the integrity of the hardware encrypted data decrypted by the data receiving equipment is indicated, and at the moment, the data sending equipment sends equipment description information of a target security authentication terminal to the data receiving equipment through the network.
The preset algorithm may include, among other things, MD5 encryption.
An embodiment of the present disclosure provides a data transmission method, as shown in fig. 3, where the method is applied to a data receiving device, and the data transmission method includes the following steps:
201. and receiving the hardware encryption data and the device description information and the hardware encryption data of the target security authentication terminal through the network.
202. And determining that the local target USB bus is accessed into the target security authentication terminal according to the equipment description information of the target security authentication terminal.
203. And carrying out hardware decryption on the hardware encrypted data according to the target security authentication terminal to obtain the data.
When the data receiving device receives the device description information of the target security authentication terminal sent by the data sending device, the target security authentication terminal can be accessed into the local target USB bus according to the device description information of the target security authentication terminal, that is, the USB device (the target security authentication terminal) is inserted into the local USB interface, and at this time, the hardware encrypted data can be decrypted by the hardware according to the target security authentication terminal, so that the data is obtained.
The data transmission method provided by the embodiment of the disclosure comprises the following steps: receiving hardware encryption data and equipment description information and hardware encryption data of a target security authentication terminal through a network; determining a local target USB bus to access a target security authentication terminal according to the equipment description information of the target security authentication terminal; and carrying out hardware decryption on the hardware encrypted data according to the target security authentication terminal to obtain the data. The data sending equipment can utilize the target security authentication terminal to perform hardware encryption on data, and meanwhile, the equipment description information of the target security authentication terminal can be sent to the data receiving equipment, so that the USB bus in the data receiving equipment can perform hardware decryption on the hardware encrypted data received from the data sending equipment based on the target security authentication terminal, and hardware encryption and hardware decryption in the data remote transmission process are achieved.
In one embodiment, as shown in fig. 4, the step 201 includes the following sub-steps:
2011. receiving a first cryptographic value and hardware cryptographic data over a network;
2012. encrypting the hardware encrypted data by a preset algorithm to obtain a second encrypted value;
2013. when the first encryption value and the second encryption value are detected to be the same, a data integrity verification success message is sent to the data sending equipment;
2014. and receiving the device description information of the target security authentication terminal through the network.
In order to ensure the integrity of the hardware encrypted data decrypted by the data receiving device, in the disclosure, the data receiving device not only receives the hardware encrypted data sent by the data sending device, but also receives a first encrypted value obtained by encrypting the hardware encrypted data by the data sending device through a preset algorithm, after the hardware encrypted data and the first encrypted value are received, the data receiving device encrypts the hardware encrypted data according to the preset algorithm to obtain a second encrypted value, then compares the first encrypted value with the second encrypted value, determines that the received hardware encrypted data is complete when the first encrypted value and the second encrypted value are the same, and sends a data integrity verification success message to the data sending device.
The preset algorithm may include, among other things, MD5 encryption.
In one embodiment, the step 203 comprises the following sub-steps:
a1, generating hardware decryption algorithm acquisition information by a data decryption interface of the control target security authentication terminal;
a2, sending the hardware decryption algorithm acquisition information to the data sending equipment;
a3, receiving hardware decryption algorithm information;
and A4, carrying out hardware decryption on the hardware encrypted data according to the hardware decryption algorithm information.
The data encryption interface included by the target security authentication terminal is used by the data sending equipment, and the data decryption interface included by the target security authentication terminal is used by the data receiving equipment, so that the data receiving equipment can control the data decryption interface of the target security authentication terminal to generate hardware decryption algorithm acquisition information, then the hardware decryption algorithm acquisition information is sent to the data sending equipment, the data sending equipment sends the hardware decryption algorithm information to the data receiving equipment, and after the data receiving equipment receives the hardware decryption algorithm information, hardware decryption is carried out on hardware encryption data according to the hardware decryption algorithm information.
The method of the present disclosure is described in detail by the following embodiments, in the following embodiments, the target security authentication terminal may be a target UKey, and the preset algorithm is: and the MD5 algorithm, wherein the corresponding encryption value is an MD5 value.
According to the specification of the USB protocol, each physical USB device has only one USB device descriptor, but each physical device may have multiple configurations, each configuration may include multiple interfaces therein, and each interface includes multiple endpoints. The USB protocol specifies that each interface represents a function, i.e. when a USB device has multiple interfaces, it can perform multiple functions, and different interfaces use different drivers, such as most commonly a USB camera, and not only the camera function but also the audio function, which is achieved in this way. The invention also realizes two interfaces for UKEY, one is a data encryption interface, the other is a data decryption interface, and provides a space division multiplexing mode of the target UKey, and the so-called space division multiplexing refers to that the encryption and data decryption interfaces on the same physical UKey are respectively used for two devices.
Specifically, as shown in fig. 5, in the USB system, each USB device corresponds to only one descriptor of the USB device, but each descriptor of the USB device may include a plurality of configurations, each configuration further includes a plurality of interfaces, and each interface further includes a plurality of endpoints; wherein,
USB device descriptor: for describing a USB;
configuration: each USB device descriptor may include a plurality of different configurations, each configuration representing a set of a class of functions;
interface: each configuration can contain a plurality of interfaces, each interface represents a function, and in the USB bus, each interface corresponds to a driver; in the UKEY encryption system, two INTERFACEs are also used to implement the functions of the data encryption INTERFACE (INTERFACE1) and the data decryption INTERFACE (INTERFACE2), respectively, and it can be understood that different INTERFACEs are different spaces.
End point: an endpoint is an interface for data interaction and communication by USB devices.
In the prior art, reference may be made to fig. 6 for a schematic block diagram of communication between a USB device and a USB bus, as shown in fig. 6, after the USB device is plugged into a USB Port, a hub (Root hub) sends related information of the USB device to a USB controller, and the USB device and the USB controller communicate with each other in a URB packet manner. And the USB controller sends the URB packet to the endpoint of the USB equipment through the drive of the USB controller through the local USB bus, so that the communication with the USB equipment is realized. The USB device in fig. 6 is, for example, a UKEY, so there are also a UKEY data encryption interface driver that controls the data encryption interface, and a UKEY data decryption interface driver that controls the data decryption interface.
In the invention, the space division multiplexing of the target UKey comprises two stages, wherein the first stage is an equipment copying stage; the second stage is the spatial multiplexing stage.
The basic schematic diagram of the first stage of the equipment replication section can be seen in fig. 7, and the main purpose of the section is to: the data sending device and the remote data receiving device share the same USB device (target UKey). Therefore, the data sending device and the data receiving device need to simultaneously identify the target UKey, and the specific identification steps are as follows:
step 1, inserting a target UKEY into a USB interface of data transmission equipment;
and 2, Roothub in the data sending equipment sends the equipment description information of the target UKey to a USB bus on the data sending equipment through the USB controller and the USB controller drive thereof in the form of a URB packet, and meanwhile, the USB bus on the data sending equipment copies the received URB packet to the USB bus on the data receiving equipment through the Internet.
Through the steps, no matter the USB bus of the local data sending equipment or the USBbus of the remote data receiving equipment receives the URB packet containing the USB equipment information, the USB equipment is considered to be accessed to the USB bus, meanwhile, the USB equipment with the corresponding equipment description information can be identified, namely, the target UKey can be identified, and therefore the target UKey is called to realize encryption and/or decryption of data.
In the first stage, because the USB bus on the data transmitting device copies the received URB packet to the USB bus on the data receiving device via the Internet, the USB bus on both the data transmitting device and the data receiving device has the capability of identifying the target UKey, so that the target UKey can be used at the same time.
In the USB space division multiplexing stage, the data sending device encrypts data through the target UKey according to the following flow:
step 3, the data transmission equipment generates a URB packet for controlling the target UKY to execute encryption processing by using a data encryption interface drive of the target UKEY;
step 4, the data encryption interface driver sends the generated URB packet to a local USB bus;
and 5, the local USB bus sends the URB packet to a USB controller driver, and then a target UKEY data encryption interface is controlled to encrypt data.
The data receiving equipment performs the data decryption process through the target UKey as follows:
step 6, the data receiving equipment generates a URB packet for controlling a target UKey to carry out decryption processing by using a local UKEY data decryption interface drive;
step 7, the data decryption interface driver sends the generated URB packet to a USB bus of the data sending equipment;
and 8, the USB bus of the data sending equipment forwards the URB packet containing the decryption algorithm information to the USB bus on the data receiving equipment through the Internet, and the USB bus decrypts the data according to the corresponding decryption algorithm.
The data transmission equipment can utilize the target UKey to perform hardware encryption on transmission data, and meanwhile, the data transmission equipment can be controlled to realize space division multiplexing of the data receiving equipment on the target UKey, so that the USB bus in the data receiving equipment can perform hardware decryption on the hardware encrypted data received from the data transmission equipment based on the target UKey. The mode can realize hardware encryption and hardware decryption in the process of data remote transmission based on space division multiplexing of the same UKey, and can greatly improve the security of data transmission.
Based on the data transmission method provided by the embodiments corresponding to fig. 1 to fig. 4, another embodiment of the present disclosure further provides a data transmission method, as shown in fig. 9, the method includes the following sub-steps:
301. and the data sending equipment performs hardware encryption on the data through a target security authentication terminal inserted into the USB interface to obtain hardware encrypted data.
Specifically, the data sending device performs hardware encryption on the data through a data encryption interface of the target security authentication terminal to obtain hardware encrypted data.
302. The data sending equipment encrypts the hardware encrypted data by a preset algorithm to obtain a first encrypted value.
303. The data transmitting apparatus transmits the first encrypted value and the hardware encrypted data to the data receiving apparatus via the network.
304. And the data receiving equipment receives the first encryption value and the hardware encryption data through the network, and encrypts the hardware encryption data through a preset algorithm to obtain a second encryption value.
305. And when detecting that the first encryption value is the same as the second encryption value, the data receiving equipment sends a data integrity verification success message to the data sending equipment.
306. And after the data sending equipment receives the data integrity verification success message sent by the data receiving equipment, acquiring the equipment description information of the target security authentication terminal.
307. And the data sending equipment sends the equipment description information of the target security authentication terminal to the data receiving equipment through the network.
308. The data receiving device receives device description information and hardware encryption data of a target security authentication terminal through a network.
309. And the data receiving equipment determines that the local target USB bus is accessed into the target security authentication terminal according to the equipment description information of the target security authentication terminal, and performs hardware decryption on the hardware encrypted data according to the target security authentication terminal to obtain the data.
Specifically, the data receiving device controls a data decryption interface of the target security authentication terminal to generate hardware decryption algorithm acquisition information;
the data receiving equipment sends the hardware decryption algorithm acquisition information to the data sending equipment;
and after the data sending equipment receives the hardware decryption algorithm acquisition information, sending the hardware decryption algorithm corresponding to the target security authentication terminal to the data receiving equipment through the network.
And the data receiving equipment receives the hardware decryption algorithm information and carries out hardware decryption on the hardware encrypted data according to the hardware decryption algorithm information.
Based on the data transmission method provided by the embodiments corresponding to fig. 1 to 4, another embodiment of the present disclosure provides a data transmission system, as shown in fig. 10, where the data transmission system includes: a data transmitting device and a data receiving device;
the data sending equipment is used for carrying out hardware encryption on data through a target security authentication terminal inserted into the USB interface to obtain hardware encrypted data;
the data sending device is also used for acquiring the device description information of the target security authentication terminal;
the data sending device is further configured to send device description information of the target security authentication terminal and the hardware encrypted data to a data receiving device through a network, so that the data receiving device determines that a local target USB bus is accessed to the target security authentication terminal according to the device description information of the target security authentication terminal;
the data receiving device is used for receiving the hardware encrypted data and the device description information and the hardware encrypted data of the target security authentication terminal through a network;
the data receiving equipment is also used for determining that the local target USB bus is accessed into the target security authentication terminal according to the equipment description information of the target security authentication terminal;
and the data receiving equipment is also used for carrying out hardware decryption on the hardware encrypted data according to the target security authentication terminal to obtain data.
In an embodiment, the data sending device is further configured to perform hardware encryption on the data through a data encryption interface of the target security authentication terminal to obtain hardware encrypted data.
In one embodiment, the data receiving device is further configured to control a data decryption interface of the target security authentication terminal to generate hardware decryption algorithm acquisition information;
the data receiving equipment is also used for sending the hardware decryption algorithm acquisition information to the data sending equipment;
the data sending equipment is also used for receiving the hardware decryption algorithm acquisition information;
the data sending equipment is also used for sending a hardware decryption algorithm corresponding to the target security authentication terminal to the data receiving equipment through a network;
the data receiving equipment is also used for receiving hardware decryption algorithm information;
and the data receiving equipment is also used for carrying out hardware decryption on the hardware encrypted data according to the hardware decryption algorithm information.
In an embodiment, the data sending device is further configured to encrypt the hardware encrypted data by using a preset algorithm to obtain a first encrypted value;
the data sending device is further configured to send the first encrypted value and the hardware encrypted data to the data receiving device through a network;
the data receiving device is further configured to receive a first encrypted value and the hardware encrypted data through a network;
the data receiving equipment is also used for encrypting the hardware encrypted data by a preset algorithm to obtain a second encrypted value;
the data receiving device is further configured to send a data integrity verification success message to the data sending device when detecting that the first encrypted value and the second encrypted value are the same;
the data sending device is further configured to receive a data integrity verification success message sent by the data receiving device;
the data sending equipment is also used for sending the equipment description information of the target security authentication terminal to the data receiving equipment through a network;
the data receiving device is further configured to receive device description information of the target security authentication terminal through a network.
Based on the data transmission method described in the embodiment corresponding to fig. 1, the following is an embodiment of the apparatus of the present disclosure, which may be used to execute the embodiment of the method of the present disclosure.
The disclosed embodiment provides a data transmission apparatus, as shown in fig. 11, the data transmission apparatus is applied to a data transmission device, and the apparatus includes:
the first encryption module 11 is used for performing hardware encryption on data through a target security authentication terminal inserted into the USB interface to obtain hardware encrypted data;
an obtaining module 12, configured to obtain device description information of the target security authentication terminal;
a first sending module 13, configured to send the device description information of the target security authentication terminal and the hardware encrypted data to a data receiving device through a network, so that the data receiving device determines, according to the device description information of the target security authentication terminal, that a local target USB bus is accessed to the target security authentication terminal.
In one embodiment, as shown in fig. 12, the first encryption module 11 includes:
and the encryption submodule 111 is configured to perform hardware encryption on the data through the data encryption interface of the target security authentication terminal to obtain hardware encrypted data.
In one embodiment, as shown in fig. 13, the apparatus further comprises:
the first receiving module 14 is configured to receive the hardware decryption algorithm acquisition information;
and the second sending module 15 is configured to send the hardware decryption algorithm corresponding to the target security authentication terminal to the data receiving device through a network.
In one embodiment, as shown in fig. 14, the apparatus further comprises: a second encryption module 16, a third sending module 17 and a second receiving module 18, wherein the first sending module 13 includes: a first sending submodule 131;
the second encryption module 16 is configured to perform preset algorithm encryption on the hardware encryption data to obtain a first encryption value before the obtaining module obtains the device description information of the target security authentication terminal;
the third sending module 17 is further configured to send the first encrypted value and the hardware encrypted data to the data receiving apparatus through a network;
the second receiving module 18 is further configured to receive a data integrity verification success message sent by the data receiving device;
the first sending sub-module 131 is configured to send the device description information of the target security authentication terminal to a data receiving device through a network.
Based on the data transmission method described in the embodiment corresponding to fig. 3, the following is an embodiment of the apparatus of the present disclosure, which may be used to execute the embodiment of the method of the present disclosure.
The disclosed embodiment provides a data transmission apparatus, as shown in fig. 15, the data transmission apparatus is applied to a data receiving device, and the apparatus includes:
a third receiving module 21, configured to receive the hardware encrypted data and the device description information and the hardware encrypted data of the target security authentication terminal via a network;
the determining module 22 is configured to determine, according to the device description information of the target security authentication terminal, that the target security authentication terminal is accessed to the local target USB bus;
and the decryption module 23 is configured to perform hardware decryption on the hardware encrypted data according to the target security authentication terminal to obtain data.
In one embodiment, as shown in fig. 16, the third receiving module 21 includes:
a first receiving submodule 211, configured to receive the first encrypted value and the hardware encrypted data through a network;
the calculation submodule 212 is configured to perform preset algorithm encryption on the hardware encrypted data to obtain a second encrypted value;
a second sending submodule 213, configured to send a data integrity verification success message to the data sending device when it is detected that the first encrypted value is the same as the second encrypted value;
and a second receiving sub-module 214, configured to receive the device description information of the target security authentication terminal through a network.
In one embodiment, as shown in fig. 17, the decryption module 23 includes:
the control submodule 231 is configured to control the data decryption interface of the target security authentication terminal to generate hardware decryption algorithm acquisition information;
a third sending submodule 232, configured to send the hardware decryption algorithm obtaining information to the data sending device;
a second receiving submodule 233, configured to receive hardware decryption algorithm information;
and the decryption submodule 234 is configured to perform hardware decryption on the hardware encrypted data according to the hardware decryption algorithm information.
Based on the data transmission method described in the embodiment corresponding to fig. 1, an embodiment of the present disclosure further provides a computer-readable storage medium, for example, the non-transitory computer-readable storage medium may be a Read Only Memory (ROM), a Random Access Memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like. The storage medium stores computer instructions for executing the data transmission method described in the embodiment corresponding to fig. 1, which is not described herein again.
Based on the data transmission method described in the embodiment corresponding to fig. 3, an embodiment of the present disclosure further provides a computer-readable storage medium, for example, the non-transitory computer-readable storage medium may be a Read Only Memory (ROM), a Random Access Memory (RAM), a CD-ROM, a magnetic tape, a floppy disk, an optical data storage device, and the like. The storage medium stores computer instructions for executing the data transmission method described in the embodiment corresponding to fig. 3, which is not described herein again.
Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.
It will be understood that the present disclosure is not limited to the precise arrangements described above and shown in the drawings and that various modifications and changes may be made without departing from the scope thereof. The scope of the present disclosure is limited only by the appended claims.

Claims (10)

1. A data transmission method, applied to a data transmission apparatus, the method comprising:
carrying out hardware encryption on data through a target security authentication terminal inserted into a USB interface to obtain hardware encrypted data;
acquiring equipment description information of the target security authentication terminal;
and sending the equipment description information of the target security authentication terminal and the hardware encryption data to data receiving equipment through a network, so that the data receiving equipment determines that a local target USB bus is accessed to the target security authentication terminal according to the equipment description information of the target security authentication terminal.
2. The method according to claim 1, wherein the hardware encryption of the data by the target secure authenticated terminal inserted into the USB interface to obtain hardware encrypted data comprises:
and carrying out hardware encryption on the data through a data encryption interface of the target security authentication terminal to obtain hardware encrypted data.
3. The method of claim 1, further comprising:
receiving hardware decryption algorithm acquisition information;
and sending the hardware decryption algorithm corresponding to the target security authentication terminal to the data receiving equipment through a network.
4. The method according to claim 1, wherein before the obtaining of the device description information of the target secure authentication terminal, the method further comprises:
encrypting the hardware encrypted data by a preset algorithm to obtain a first encrypted value;
transmitting the first encrypted value and the hardware encrypted data to the data receiving apparatus through a network;
receiving a data integrity verification success message sent by the data receiving equipment;
the sending the device description information of the target security authentication terminal and the hardware encryption data to a data receiving device through a network includes:
and sending the device description information of the target security authentication terminal to data receiving equipment through a network.
5. A data transmission method applied to a data receiving device, the method comprising:
receiving hardware encryption data and equipment description information and hardware encryption data of a target security authentication terminal through a network;
determining that a local target USB bus is accessed into the target security authentication terminal according to the equipment description information of the target security authentication terminal;
and carrying out hardware decryption on the hardware encrypted data according to the target security authentication terminal to obtain data.
6. The method according to claim 5, wherein the receiving the hardware encryption data and the device description information and the hardware encryption data of the target security authentication terminal via the network comprises:
receiving a first cryptographic value and the hardware cryptographic data over a network;
encrypting the hardware encrypted data by a preset algorithm to obtain a second encrypted value;
when the first encryption value and the second encryption value are detected to be the same, sending a data integrity verification success message to the data sending equipment;
and receiving the equipment description information of the target security authentication terminal through a network.
7. The method of claim 5, wherein the hardware decrypting the hardware encrypted data according to the target secure authenticated terminal comprises:
controlling a data decryption interface of the target security authentication terminal to generate hardware decryption algorithm acquisition information;
sending the hardware decryption algorithm acquisition information to the data sending equipment;
receiving hardware decryption algorithm information;
and carrying out hardware decryption on the hardware encrypted data according to the hardware decryption algorithm information.
8. A data transmission apparatus, wherein the data transmission apparatus is applied to a data transmission device, the apparatus comprising:
the first encryption module is used for carrying out hardware encryption on data through a target security authentication terminal inserted into the USB interface to obtain hardware encrypted data;
the acquisition module is used for acquiring the equipment description information of the target security authentication terminal;
the first sending module is used for sending the equipment description information of the target security authentication terminal and the hardware encryption data to data receiving equipment through a network so that the data receiving equipment can determine that a local target USB bus is accessed to the target security authentication terminal according to the equipment description information of the target security authentication terminal.
9. A data transmission apparatus, wherein the data transmission apparatus is applied to a data receiving device, the apparatus comprising:
the third receiving module is used for receiving the hardware encrypted data and the equipment description information and the hardware encrypted data of the target security authentication terminal through the network;
the determining module is used for determining that the target security authentication terminal is accessed into a local target USB bus according to the equipment description information of the target security authentication terminal;
and the decryption module is used for carrying out hardware decryption on the hardware encrypted data according to the target security authentication terminal to obtain data.
10. A data transmission system, characterized in that the data transmission system comprises: a data transmitting device and a data receiving device;
the data sending equipment is used for carrying out hardware encryption on data through a target security authentication terminal inserted into the USB interface to obtain hardware encrypted data;
the data sending device is also used for acquiring the device description information of the target security authentication terminal;
the data sending device is further configured to send device description information of the target security authentication terminal and the hardware encrypted data to a data receiving device through a network, so that the data receiving device determines that a local target USB bus is accessed to the target security authentication terminal according to the device description information of the target security authentication terminal;
the data receiving device is used for receiving the hardware encrypted data and the device description information and the hardware encrypted data of the target security authentication terminal through a network;
the data receiving equipment is also used for determining that the local target USB bus is accessed into the target security authentication terminal according to the equipment description information of the target security authentication terminal;
and the data receiving equipment is also used for carrying out hardware decryption on the hardware encrypted data according to the target security authentication terminal to obtain data.
CN202010515479.8A 2020-06-08 2020-06-08 Data transmission method and device Active CN111756532B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010515479.8A CN111756532B (en) 2020-06-08 2020-06-08 Data transmission method and device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010515479.8A CN111756532B (en) 2020-06-08 2020-06-08 Data transmission method and device

Publications (2)

Publication Number Publication Date
CN111756532A true CN111756532A (en) 2020-10-09
CN111756532B CN111756532B (en) 2024-06-07

Family

ID=72676480

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010515479.8A Active CN111756532B (en) 2020-06-08 2020-06-08 Data transmission method and device

Country Status (1)

Country Link
CN (1) CN111756532B (en)

Citations (29)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20040196979A1 (en) * 2003-04-03 2004-10-07 Sheng-Yuan Cheng Encryption/decryption device and method for a wireless local area network
US20050114663A1 (en) * 2003-11-21 2005-05-26 Finisar Corporation Secure network access devices with data encryption
US20050149745A1 (en) * 2003-12-11 2005-07-07 Buffalo Inc. Encryption/decryption system, encryption/decryption equipment, and encryption/decryption method
US6922785B1 (en) * 2000-05-11 2005-07-26 International Business Machines Corporation Apparatus and a method for secure communications for network computers
CN201160005Y (en) * 2008-03-12 2008-12-03 高志敏 U disk for encryption
WO2011120421A1 (en) * 2010-03-31 2011-10-06 北京飞天诚信科技有限公司 Method for implementing encryption engine
CN102238135A (en) * 2010-04-26 2011-11-09 许丰 Security authentication server
CN103152157A (en) * 2013-02-04 2013-06-12 快车科技有限公司 Secure encrypted method and relevant device
US20130331063A1 (en) * 2012-06-11 2013-12-12 Research In Motion Limited Enabling multiple authentication applications
WO2014117429A1 (en) * 2013-02-04 2014-08-07 快车科技有限公司 Security information interaction method and related device
CN104219234A (en) * 2014-08-28 2014-12-17 杭州华澜微科技有限公司 Security method of personal data in cloud storage
KR101535622B1 (en) * 2014-01-27 2015-07-09 동서대학교산학협력단 Common use printer security system using indivisual authentication, encryption and decryption, and common use printer security method using the same
WO2015117333A1 (en) * 2014-07-16 2015-08-13 中兴通讯股份有限公司 Information processing method and apparatus, encryption device and computer storage medium
US20150242602A1 (en) * 2014-02-24 2015-08-27 Keypasco Ab Network authentication method for secure user identity verification using user positioning information
US20150339250A1 (en) * 2012-10-29 2015-11-26 Qualcomm Incorporated Ethernet over usb interfaces with full-duplex differential pairs
CN105426732A (en) * 2015-11-11 2016-03-23 北京市国路安信息技术股份有限公司 Network based USBKey multiplexing method and network remote end
CN106302482A (en) * 2016-08-22 2017-01-04 浙江省数字安全证书管理有限公司 A kind of browser-cross uses hardware encryption medium data safe transmission system and method
CN106506085A (en) * 2015-09-07 2017-03-15 哈尔滨卓晋科技有限公司 A kind of remote USB wavelength-division multiplex optical transceiver module
CN106992978A (en) * 2017-03-28 2017-07-28 联想(北京)有限公司 Network safety managing method and server
WO2017128707A1 (en) * 2016-01-29 2017-08-03 努比亚技术有限公司 Dual-channel mobile terminal for reusing usb port and information processing method
CN107146120A (en) * 2017-04-25 2017-09-08 大象慧云信息技术有限公司 The generation method and generating means of electronic invoice
CN107466030A (en) * 2017-07-31 2017-12-12 努比亚技术有限公司 Data transmission system, method, external equipment and mobile terminal
KR20180026230A (en) * 2016-09-02 2018-03-12 한전케이디엔주식회사 Security gateway that implements multiple communication cryptographic operation parallelism
CN108256339A (en) * 2016-12-28 2018-07-06 航天信息股份有限公司 A kind of method and system protected based on Quick Response Code to electronic invoice information
CN108763917A (en) * 2018-06-05 2018-11-06 北京华大智宝电子***有限公司 A kind of data encryption/decryption method and device
CN109362077A (en) * 2018-12-24 2019-02-19 成都三零瑞通移动通信有限公司 A kind of mobile intelligent terminal packet data encrypted transmission method and device
CN109614789A (en) * 2018-11-07 2019-04-12 平安科技(深圳)有限公司 A kind of verification method and equipment of terminal device
CN110661814A (en) * 2019-10-14 2020-01-07 江苏国泰新点软件有限公司 Bidding file encryption and decryption method, device, equipment and medium
CN110830395A (en) * 2018-08-14 2020-02-21 上海诺基亚贝尔股份有限公司 Method, apparatus, and computer storage medium for data detection in a communication system

Patent Citations (30)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6922785B1 (en) * 2000-05-11 2005-07-26 International Business Machines Corporation Apparatus and a method for secure communications for network computers
US20040196979A1 (en) * 2003-04-03 2004-10-07 Sheng-Yuan Cheng Encryption/decryption device and method for a wireless local area network
US20050114663A1 (en) * 2003-11-21 2005-05-26 Finisar Corporation Secure network access devices with data encryption
US20050149745A1 (en) * 2003-12-11 2005-07-07 Buffalo Inc. Encryption/decryption system, encryption/decryption equipment, and encryption/decryption method
CN201160005Y (en) * 2008-03-12 2008-12-03 高志敏 U disk for encryption
WO2011120421A1 (en) * 2010-03-31 2011-10-06 北京飞天诚信科技有限公司 Method for implementing encryption engine
CN102238135A (en) * 2010-04-26 2011-11-09 许丰 Security authentication server
US20130331063A1 (en) * 2012-06-11 2013-12-12 Research In Motion Limited Enabling multiple authentication applications
US20150339250A1 (en) * 2012-10-29 2015-11-26 Qualcomm Incorporated Ethernet over usb interfaces with full-duplex differential pairs
CN103152157A (en) * 2013-02-04 2013-06-12 快车科技有限公司 Secure encrypted method and relevant device
WO2014117429A1 (en) * 2013-02-04 2014-08-07 快车科技有限公司 Security information interaction method and related device
US20150235054A1 (en) * 2013-02-04 2015-08-20 I-Patrol Technology Limited Methods and apparatuses for encryption and decryption
KR101535622B1 (en) * 2014-01-27 2015-07-09 동서대학교산학협력단 Common use printer security system using indivisual authentication, encryption and decryption, and common use printer security method using the same
US20150242602A1 (en) * 2014-02-24 2015-08-27 Keypasco Ab Network authentication method for secure user identity verification using user positioning information
WO2015117333A1 (en) * 2014-07-16 2015-08-13 中兴通讯股份有限公司 Information processing method and apparatus, encryption device and computer storage medium
CN104219234A (en) * 2014-08-28 2014-12-17 杭州华澜微科技有限公司 Security method of personal data in cloud storage
CN106506085A (en) * 2015-09-07 2017-03-15 哈尔滨卓晋科技有限公司 A kind of remote USB wavelength-division multiplex optical transceiver module
CN105426732A (en) * 2015-11-11 2016-03-23 北京市国路安信息技术股份有限公司 Network based USBKey multiplexing method and network remote end
WO2017128707A1 (en) * 2016-01-29 2017-08-03 努比亚技术有限公司 Dual-channel mobile terminal for reusing usb port and information processing method
CN106302482A (en) * 2016-08-22 2017-01-04 浙江省数字安全证书管理有限公司 A kind of browser-cross uses hardware encryption medium data safe transmission system and method
KR20180026230A (en) * 2016-09-02 2018-03-12 한전케이디엔주식회사 Security gateway that implements multiple communication cryptographic operation parallelism
CN108256339A (en) * 2016-12-28 2018-07-06 航天信息股份有限公司 A kind of method and system protected based on Quick Response Code to electronic invoice information
CN106992978A (en) * 2017-03-28 2017-07-28 联想(北京)有限公司 Network safety managing method and server
CN107146120A (en) * 2017-04-25 2017-09-08 大象慧云信息技术有限公司 The generation method and generating means of electronic invoice
CN107466030A (en) * 2017-07-31 2017-12-12 努比亚技术有限公司 Data transmission system, method, external equipment and mobile terminal
CN108763917A (en) * 2018-06-05 2018-11-06 北京华大智宝电子***有限公司 A kind of data encryption/decryption method and device
CN110830395A (en) * 2018-08-14 2020-02-21 上海诺基亚贝尔股份有限公司 Method, apparatus, and computer storage medium for data detection in a communication system
CN109614789A (en) * 2018-11-07 2019-04-12 平安科技(深圳)有限公司 A kind of verification method and equipment of terminal device
CN109362077A (en) * 2018-12-24 2019-02-19 成都三零瑞通移动通信有限公司 A kind of mobile intelligent terminal packet data encrypted transmission method and device
CN110661814A (en) * 2019-10-14 2020-01-07 江苏国泰新点软件有限公司 Bidding file encryption and decryption method, device, equipment and medium

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
冯卓明 , 刘卫忠 , 郑立新 , 刘屹: "基于USB接口的DVB-C数据广播接入终端", 有线电视技术, no. 05, 10 May 2004 (2004-05-10), pages 95 - 99 *
施明泰;: "基于USBKey认证技术的文档安全防护***", 电力信息化, no. 09, 15 September 2011 (2011-09-15), pages 90 - 94 *
胡伟;慕德俊;刘航;李美峰;戴冠中;: "移动硬盘硬件加密的设计与实现", 计算机工程与应用, no. 22, 1 August 2010 (2010-08-01), pages 66 - 68 *
谢知非: "无驱动USB认证模块在电子商务中的应用", 单片机与嵌入式***应用, no. 02, 1 February 2003 (2003-02-01), pages 58 - 60 *

Also Published As

Publication number Publication date
CN111756532B (en) 2024-06-07

Similar Documents

Publication Publication Date Title
CN113545006B (en) Remote authorized access locked data storage device
EP3255832B1 (en) Dynamic encryption method, terminal and server
EP1201070B1 (en) Methods for maintaining and distributing personal security devices
CN110049016B (en) Data query method, device, system, equipment and storage medium of block chain
US8238554B2 (en) Method for transmission/reception of contents usage right information in encrypted form, and device thereof
US20160147979A1 (en) Information processing system, reading apparatus, information processing apparatus, and information processing method
US9769654B2 (en) Method of implementing a right over a content
US20080097923A1 (en) Method and apparatus for providing digital rights management content and license, and method and apparatus for using digital rights management content
KR20060045440A (en) A method and system for recovering password protected private data via a communication network without exposing the private data
JP2005102163A (en) Equipment authentication system, server, method and program, terminal and storage medium
CN111310213A (en) Service data protection method, device, equipment and readable storage medium
CN103546289A (en) USB (universal serial bus) Key based secure data transmission method and system
US8363835B2 (en) Method for transmission/reception of contents usage right information in encrypted form, and device thereof
CN112861148B (en) Data processing method, server, client and encryption machine
US20200089867A1 (en) System and method for authentication
WO2020102974A1 (en) Data access method, data access apparatus, and mobile terminal
EP4064084A1 (en) Password management method and related device
WO2012075904A1 (en) Method, device and system for verifying binding data card and mobile host
US20230291548A1 (en) Authorization requests from a data storage device to multiple manager devices
US20230289456A1 (en) Certificates in data storage devices
CN104104650A (en) Data file visit method and terminal equipment
JPH10242957A (en) User authentication method, system therefor and storage medium for user authentication
EP4016921A1 (en) Certificate management method and apparatus
CN117041956A (en) Communication authentication method, device, computer equipment and storage medium
CN110912857B (en) Method and storage medium for sharing login between mobile applications

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant