CN115883181A - Encryption method, device, equipment and computer readable storage medium - Google Patents

Encryption method, device, equipment and computer readable storage medium Download PDF

Info

Publication number
CN115883181A
CN115883181A CN202211503767.7A CN202211503767A CN115883181A CN 115883181 A CN115883181 A CN 115883181A CN 202211503767 A CN202211503767 A CN 202211503767A CN 115883181 A CN115883181 A CN 115883181A
Authority
CN
China
Prior art keywords
request
encryption
random number
encrypted string
string
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211503767.7A
Other languages
Chinese (zh)
Inventor
李良斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing SoundAI Technology Co Ltd
Original Assignee
Beijing SoundAI Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing SoundAI Technology Co Ltd filed Critical Beijing SoundAI Technology Co Ltd
Priority to CN202211503767.7A priority Critical patent/CN115883181A/en
Publication of CN115883181A publication Critical patent/CN115883181A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Storage Device Security (AREA)

Abstract

The present disclosure relates to an encryption method, apparatus, device, and computer-readable storage medium, the method comprising: responding to a server request, and determining request parameter information and a time stamp of the request; acquiring data information corresponding to the request; encrypting the data information based on an authentication token, the request parameter information and the timestamp to generate an encryption string; and sending the encrypted string to the server. According to the method and the device, the confidentiality problem of the data in the network transmission process is solved by encrypting the data transmission, and the data security is improved.

Description

Encryption method, device, equipment and computer readable storage medium
Technical Field
The present disclosure relates to the field of computer technologies, and in particular, to an encryption method, apparatus, device, and computer readable storage medium.
Background
With the increasing popularization of network application and the increasing frequency of network data transmission, the security problem in the network data transmission process is more and more prominent, and becomes a problem which is increasingly concerned by users.
In the prior art, encryption protection is mainly performed on memory data, and when the data is transmitted in a network, the data is easily subjected to packet capture, so that data leakage is caused, and the security of the data is low.
Disclosure of Invention
In order to solve the technical problem or at least partially solve the technical problem, the present disclosure provides an encryption method, apparatus, device and computer-readable storage medium to improve security of data information.
In a first aspect, an embodiment of the present disclosure provides an encryption method, including:
responding to a server request, and determining request parameter information and a time stamp of the request;
acquiring data information corresponding to the request;
encrypting the data information based on an authentication token, the request parameter information and the timestamp to generate an encrypted string;
and sending the encrypted string to the server.
In some embodiments, the request parameter information includes a plurality of request parameters, and the timestamp is a time when the server requests the data information;
wherein the encrypting the data information based on the authentication token, the request parameter information, and the timestamp to generate an encrypted string comprises:
processing the plurality of request parameters to obtain target request parameter information;
and encrypting the data information through a symmetric encryption algorithm according to the authentication token, the target request parameter information and the timestamp to generate an encryption string.
In some embodiments, the processing the multiple request parameters to obtain target request parameter information includes:
screening the plurality of request parameters to obtain at least one non-empty request parameter;
and sequencing the at least one non-empty request parameter to obtain target request parameter information.
In some embodiments, after responding to the server request, the method further comprises:
and determining a first random number of the data information requested by the server, and storing the first random number in a database.
In a second aspect, an embodiment of the present disclosure provides a decryption method, including:
receiving the encrypted string and determining time information for receiving the encrypted string;
acquiring a second random number of the encrypted string;
judging whether the encrypted string can be decrypted or not according to the first random number, the second random number, the time information and the timestamp;
and if the encrypted string can be decrypted, decrypting the encrypted string through a symmetric decryption algorithm to obtain the data information.
In some embodiments, said determining whether the encrypted string can be decrypted based on the first random number, the second random number, the time information, and the timestamp comprises:
determining whether the first random number and the second random number are the same;
if so, determining a difference value between the time information and the timestamp, and judging whether the difference value is smaller than or equal to a preset threshold value;
if so, determining that the encrypted string can be decrypted.
In a third aspect, an embodiment of the present disclosure provides an encryption apparatus, including:
the determining module is used for responding to a server request and determining request parameter information and a time stamp of the request;
the first acquisition module is used for acquiring data information corresponding to the request;
the encryption module is used for encrypting the data information based on the authentication token, the request parameter information and the timestamp to generate an encryption string;
and the sending module is used for sending the encrypted string to the server.
In a fourth aspect, an embodiment of the present disclosure provides a decryption apparatus, including:
the receiving module is used for receiving the encryption string and determining the time information for receiving the encryption string;
a second obtaining module, configured to obtain a second random number of the encrypted string;
a judging module, configured to judge whether the encrypted string can be decrypted according to the first random number, the second random number, the time information, and the timestamp;
and the decryption module is used for decrypting the encrypted string through a symmetric decryption algorithm to obtain the data information if the encrypted string can be decrypted.
In a fifth aspect, an embodiment of the present disclosure provides an electronic device, including:
a memory;
a processor; and
a computer program;
wherein the computer program is stored in the memory and configured to be executed by the processor to implement the method of the first aspect.
In a sixth aspect, the disclosed embodiments provide a computer-readable storage medium having a computer program stored thereon, the computer program being executed by a processor to implement the method of the first aspect.
In a seventh aspect, the disclosed embodiments also provide a computer program product, which includes a computer program or instructions, and when the computer program or instructions are executed by a processor, the method of the first aspect is implemented.
The encryption method, the encryption device, the encryption equipment and the computer-readable storage medium provided by the embodiment of the disclosure are used for determining request parameter information and a time stamp of a request by responding to the request of a server; acquiring data information corresponding to the request; encrypting the data information based on the authentication token, the request parameter information and the timestamp to generate an encrypted string; the encryption string is sent to the server side, and through encrypting the transmission of the data, compared with the encryption protection of the memory data in the prior art, the confidentiality problem of the data in the network transmission process is solved, the data leakage caused by packet capturing of the data in the transmission process is avoided, and the data security is improved.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present disclosure and, together with the description, serve to explain the principles of the disclosure.
In order to more clearly illustrate the embodiments or technical solutions in the prior art of the present disclosure, the drawings used in the description of the embodiments or prior art will be briefly described below, and it is obvious for those skilled in the art that other drawings can be obtained according to the drawings without inventive exercise.
Fig. 1 is a flowchart of an encryption method provided by an embodiment of the present disclosure;
fig. 2 is a schematic diagram of an application scenario provided by the embodiment of the present disclosure;
FIG. 3 is a flowchart of a decryption method provided by an embodiment of the present disclosure;
fig. 4 is a schematic structural diagram of an encryption apparatus provided in an embodiment of the present disclosure;
fig. 5 is a schematic structural diagram of a decryption apparatus according to an embodiment of the disclosure;
fig. 6 is a schematic structural diagram of an electronic device provided in an embodiment of the present disclosure;
fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present disclosure.
Detailed Description
In order that the above objects, features and advantages of the present disclosure may be more clearly understood, aspects of the present disclosure will be further described below. It should be noted that the embodiments and features of the embodiments of the present disclosure may be combined with each other without conflict.
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present disclosure, but the present disclosure may be practiced in other ways than those described herein; it is to be understood that the embodiments disclosed in the specification are only a few embodiments of the present disclosure, and not all embodiments.
With the increasing popularization of network applications, network data transmission is more frequent, and the security problem in the network data transmission process is more prominent, which becomes a problem that users are increasingly concerned about.
In the prior art, encryption protection is mainly performed on memory data, and when the data is transmitted in a network, the data is easily subjected to packet capture, so that data leakage is caused, and the security of the data is low. To address this problem, embodiments of the present disclosure provide an encryption method, which is described below with reference to specific embodiments.
Fig. 1 is a flowchart of an encryption method provided in an embodiment of the present disclosure. The method may be executed by an encryption device, where the encryption device may be implemented in software and/or hardware, and the encryption device may be configured in an electronic device, such as a server or a client, where the client specifically includes a mobile phone, a computer, or a tablet computer. In addition, the method may be applied to the application scenario shown in fig. 2, which includes the server 21 and the client 22. It is understood that the encryption method provided by the embodiment of the present disclosure may also be applied in other scenarios.
The encryption method shown in fig. 1 is described below with reference to the application scenario shown in fig. 2, for example, the client in fig. 2 may execute the method. The method comprises the following specific steps:
s101, responding to a server request, and determining request parameter information and a time stamp of the request.
The client 22, which may also be referred to as a user side, is corresponding to a service side and provides local services for users. Service 21 refers to a computer system in a network that can provide certain services to other machines.
The client 22 responds to the request of the server 21, and obtains request parameter information, time information and a time stamp corresponding to the request. The request parameter information specifically includes a request mode, a request address, a data length, a data type, a data format, and the like.
And S102, acquiring data information corresponding to the request.
The client 22 obtains data information corresponding to the request, specifically, the data information may be personal information of the user in the client 22, or may be information such as other encrypted documents, taking the personal information of the user as an example, where the personal information of the user at least includes a user name and a user identification card, and the personal information of the users is encrypted and then displayed in a manner of hiding part of data, for example, the personal information of three pages is encrypted and then displayed as three, 1. The user can check the complete user information without encryption after the client 22 logs in through password verification, short message verification, fingerprint verification, face recognition verification and the like. It is understood that the personal information of the user also includes a contact address of the user, a home address of the user, unit information of the user, and the like.
S103, encrypting the data information based on the authentication token, the request parameter information and the time stamp to generate an encryption string.
The authentication Token (Token) means a Token (temporary) in computer authentication and means a Token in lexical analysis. Generally, the system is used as an invitation and login system. Token may also be called a secret number, and before data transmission, a check of the secret number is performed, and different secret numbers are authorized for different data operations.
The authentication mechanism of the token flows as follows: the client 22 sends credentials (e.g., username and password) to the server 21; the server 21 verifies whether the certificate is valid and generates a token; the server 21 stores the token together with the user information and the token validity period; the server 21 sends the generated token to the client 22; in each subsequent request, the server 21 sends a token to the client 22; the client 22 will take the token from the request and perform an authentication operation based on the token-i.e. if the token is valid, the client 22 accepts the request. If the token is invalid, client 22 denies the request and server 21 may also refresh the expired token.
The client 22 encrypts the data information based on the authentication token, the request parameter information, and the time stamp to generate an encrypted string including the authentication token, the request parameter information, the time stamp, the content of the data information, or an address storing the data information.
And S104, sending the encrypted string to the server.
The client 22 sends the encrypted string to the server 21.
The embodiment of the disclosure determines request parameter information and a timestamp of a request by responding to a server request; acquiring data information corresponding to the request; encrypting the data information based on the authentication token, the request parameter information and the timestamp to generate an encryption string; the encryption string is sent to the server side, and through encrypting the transmission of the data, compared with the encryption protection of the memory data in the prior art, the confidentiality problem of the data in the network transmission process is solved, the data leakage caused by packet capturing of the data in the transmission process is avoided, and the data security is improved.
In some embodiments, the request parameter information includes a plurality of request parameters, and the timestamp is a time when the server requests the data information;
the request parameter information includes a plurality of request parameters, the request parameters are divided into null request parameters and non-null request parameters, and the timestamp is the time when the server 21 requests the data information.
Optionally, the encrypting the data information based on the authentication token, the request parameter information, and the timestamp to generate an encryption string includes: processing the plurality of request parameters to obtain target request parameter information; and encrypting the data information through a symmetric encryption algorithm according to the authentication token, the target request parameter information and the timestamp to generate an encryption string.
Symmetric encryption algorithms are those that apply earlier encryption algorithms. In the symmetric encryption algorithm, a data sender processes a plaintext (original data) and an encryption key together through a special encryption algorithm, and then the plaintext and the encryption key are changed into a complex encryption ciphertext to be sent out. After the receiver receives the ciphertext, if the receiver wants to decode the original text, the receiver needs to decrypt the ciphertext by using the key used for encryption and the inverse algorithm of the same algorithm so as to recover the ciphertext into readable plaintext. In the symmetric encryption algorithm, only one key is used, and both the sender and the receiver use the key to encrypt and decrypt data, so that the encryption key must be known by a secret party in advance. The symmetric encryption algorithm comprises a block encryption algorithm and a stream encryption algorithm, wherein the block encryption algorithm comprises an AES algorithm, a DES algorithm, a Blowfish algorithm, a CAST algorithm, an IDEA algorithm, an RC2 algorithm and an RC5 algorithm, and the stream encryption algorithm comprises an RC4 algorithm.
Specifically, the client 22 processes the plurality of request parameters to obtain target request parameter information, and encrypts the data information by using a symmetric encryption algorithm according to the authentication token, the target request parameter information, and the timestamp to obtain an encryption string, where the encryption string is target request parameter information + authentication token + timestamp.
Optionally, the symmetric encryption algorithm used in this embodiment is an AES algorithm, and the algorithm has short key establishment time, good sensitivity, and low memory requirement. It is understood that in other embodiments, other algorithms may be used for encryption, and the encryption is not limited to a symmetric encryption algorithm, for example, an asymmetric encryption algorithm such as DH algorithm, RSA algorithm, DSA algorithm, and elliptic curve algorithm (EC algorithm) may also be used, and the embodiment is not limited in particular.
Optionally, the processing the multiple request parameters to obtain target request parameter information includes: screening the plurality of request parameters to obtain at least one non-empty request parameter; and sequencing the at least one non-empty request parameter to obtain target request parameter information.
Specifically, the multiple request parameters are screened to obtain at least one non-empty request parameter, and the at least one non-empty request parameter is sorted, where a specific sorting manner may be ascending sorting of the non-empty request parameters, descending sorting of the non-empty request parameters, or other sorting manners.
The embodiment of the disclosure performs double encryption on the data information by specifically describing the formation of the encryption string, so that the data information is encrypted and protected in a local memory and also encrypted and protected in a transmission process, and the security of the data is improved.
In some embodiments, after responding to the server request, the method further comprises: and determining a first random number of the data information requested by the server, and storing the first random number in a database.
When the server 21 requests the data information, the server 21 generates a first random number corresponding to the request, the first random number is generated randomly, and the first random number is stored in the database after the first random number is generated.
According to the data information processing method and device, the first random number of the data information requested by the server is determined, and the first random number is stored in the database, so that the server can conveniently confirm the data information corresponding to the request according to the random number.
Fig. 3 is a flowchart of a decryption method according to an embodiment of the disclosure, and as shown in fig. 3, the method includes the following steps:
s301, receiving the encryption string and determining time information for receiving the encryption string.
The server 21 receives the encrypted string and records time information of the received encrypted string.
S302, obtaining a second random number of the encryption string.
The server 21 obtains the second random number of the data information corresponding to the request
S303, judging whether the encrypted string can be decrypted or not according to the first random number, the second random number, the time information and the time stamp.
The server 21 determines whether the encrypted string can be decrypted according to the first random number, the second random number, the time information, and the time stamp.
S304, if the encrypted string can be decrypted, decrypting the encrypted string through a symmetric decryption algorithm to obtain the data information.
The symmetric decryption algorithm is an inverse operation of the symmetric encryption algorithm, for example, if the encryption process uses the AES algorithm for encryption, the decryption process of this embodiment should use the inverse operation of the AES algorithm for decryption. It will be appreciated that encryption is performed using an algorithm, and decryption is performed using the inverse of the algorithm, with encryption and decryption being one-to-one.
If the encrypted string can be decrypted, the server 21 decrypts the encrypted string by using a symmetric decryption algorithm to obtain the data information.
The embodiment of the disclosure specifies how to decrypt after obtaining the data information, so as to define the decryption process corresponding to encryption, know that decryption is the inverse operation of encryption, and improve the flexibility of the encryption method.
In some embodiments, said determining whether the encrypted string can be decrypted based on the first random number, the second random number, the time information, and the timestamp comprises: determining whether the first random number and the second random number are the same; if so, determining a difference value between the time information and the timestamp, and judging whether the difference value is smaller than or equal to a preset threshold value; if so, determining that the encrypted string can be decrypted.
The server 21 determines whether the first random number and the second random number are the same, specifically, the first random number is generated randomly when the server sends a request, and the second random number is obtained after generating an encryption string of data information corresponding to the request. If the first random number and the second random number are the same, the difference between the time information and the time stamp is calculated, and in general, the time information is larger than the time stamp, and therefore, the difference = time information — time stamp. Judging whether the difference value is smaller than or equal to a preset threshold value; and if the difference value is less than or equal to the preset threshold value, determining that the encryption string can be decrypted, and decrypting the encryption string by using a symmetric decryption algorithm corresponding to the symmetric encryption algorithm.
Optionally, if the first random number is different from the second random number, it is determined that the encrypted string cannot be decrypted.
Specifically, when the first random number is different from the second random number, the requested data information is inconsistent with the received data information, for example, the requested data information is a user name, the received data information is a user gender, and the two data information are inconsistent, so the encrypted string cannot be decrypted and the requested data information cannot be obtained.
Optionally, if the difference between the time information and the timestamp is greater than a preset threshold, it is determined that the encrypted string cannot be decrypted.
Specifically, when the difference between the time information and the timestamp is greater than the preset threshold, the request is overtime, the encrypted string cannot be decrypted, and the server needs to initiate the request again.
Correspondingly, after the server side obtains the data information corresponding to the request, if the cloud side has the pre-stored data information corresponding to the request, the data information can be compared with the pre-stored data information of the cloud side, and whether the obtained information is correct or not is confirmed again.
It can be understood that, when the server initiates a request to the client, the data information of the client is encrypted into an encryption string and transmitted to the server, and the server decrypts the encryption string to obtain the data information; similarly, when the client initiates a request to the server, the data information of the server is encrypted into an encrypted string and transmitted to the client, and the client decrypts the encrypted string to obtain the data information, which is a bidirectional transmission.
The embodiment of the disclosure provides a decryption mode for the encryption method by specifically describing what conditions can be decrypted and how to decrypt, thereby further improving the flexibility of the encryption method.
Fig. 4 is a schematic structural diagram of an encryption device according to an embodiment of the present disclosure. The encryption device may be a client as described in the above embodiments, or the encryption device may be a component or assembly in the client. The encryption device provided in the embodiment of the present disclosure may execute the processing flow provided in the embodiment of the encryption method, as shown in fig. 4, the encryption device 40 includes: a determining module 41, a first obtaining module 42, an encrypting module 43, and a sending module 44; the determining module 41 is configured to determine, in response to a server request, request parameter information and a timestamp of the request; a first obtaining module 42, configured to obtain data information corresponding to the request; an encryption module 43, configured to encrypt the data information based on the authentication token, the request parameter information, and the timestamp, so as to generate an encrypted string; and a sending module 44, configured to send the encrypted string to the server.
Optionally, the request parameter information includes a plurality of request parameters, and the timestamp is a time when the server requests the data information; the encryption module 43 is further configured to process the multiple request parameters to obtain target request parameter information; and encrypting the data information through a symmetric encryption algorithm according to the authentication token, the target request parameter information and the timestamp to generate an encryption string.
Optionally, the encryption module 43 is further configured to filter the plurality of request parameters to obtain at least one non-empty request parameter; and sequencing the at least one non-empty request parameter to obtain target request parameter information.
Optionally, the determining module 41 is further configured to determine a first random number of the data information requested by the server, and store the first random number in a database.
The encryption apparatus in the embodiment shown in fig. 4 can be used to implement the technical solution of the above encryption method embodiment, and the implementation principle and technical effect are similar, which are not described herein again.
Fig. 5 is a schematic structural diagram of a decryption device according to an embodiment of the present disclosure. The decryption device may be a server as described in the above embodiments, or the decryption device may be a component or assembly in the server. The decryption apparatus provided in the embodiment of the present disclosure may execute the processing flow provided in the embodiment of the decryption method, as shown in fig. 5, the decryption apparatus 50 includes: a receiving module 51, a second obtaining module 52, a judging module 53 and a decrypting module 54; the receiving module 51 is configured to receive the encrypted string and determine time information for receiving the encrypted string; a second obtaining module 52, configured to obtain a second random number of the encrypted string; a determining module 53, configured to determine whether the encrypted string can be decrypted according to the first random number, the second random number, the time information, and the timestamp; and a decryption module 54, configured to decrypt the encrypted string through a symmetric decryption algorithm if the encrypted string can be decrypted, so as to obtain the data information.
Optionally, the determining module 53 is further configured to determine whether the first random number and the second random number are the same; if so, determining a difference value between the time information and the timestamp, and judging whether the difference value is smaller than or equal to a preset threshold value; if so, determining that the encrypted string can be decrypted.
Optionally, the determining module 53 is further configured to determine that the encrypted string cannot be decrypted if the first random number is different from the second random number.
Optionally, the determining module 53 is further configured to determine that the encrypted string cannot be decrypted if a difference between the time information and the timestamp is greater than a preset threshold.
Optionally, the decryption module 54 is further configured to, if the encrypted string cannot be decrypted, not obtain the data information.
The decryption apparatus in the embodiment shown in fig. 5 may be used to implement the technical solution of the embodiment of the decryption method, and the implementation principle and the technical effect are similar, which are not described herein again.
Fig. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present disclosure. The electronic device may be a client as described in the above embodiments. The electronic device provided in the embodiment of the present disclosure may execute the processing flow provided in the embodiment of the encryption method, as shown in fig. 6, the electronic device 60 includes: memory 61, processor 62, computer programs and communication interface 63; wherein the computer program is stored in the memory 61 and is configured to be executed by the processor 762 in an encryption method as described above.
Fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present disclosure. The electronic device may be a server as described in the above embodiments. The electronic device provided in the embodiment of the present disclosure may execute the processing flow provided in the embodiment of the decryption method, as shown in fig. 7, the electronic device 70 includes: memory 71, processor 72, computer programs and communication interface 73; wherein the computer program is stored in the memory 71 and is configured to be executed by the processor 72 for the decryption method as described above.
In addition, the disclosed embodiments also provide a computer-readable storage medium, on which a computer program is stored, the computer program being executed by a processor to implement the encryption method described in the above embodiments.
In addition, the embodiment of the present disclosure also provides a computer readable storage medium, on which a computer program is stored, where the computer program is executed by a processor to implement the decryption method described in the above embodiment.
Furthermore, the disclosed embodiments also provide a computer program product comprising a computer program or instructions which, when executed by a processor, implement the encryption method as described above.
Furthermore, the embodiments of the present disclosure also provide a computer program product, which includes a computer program or instructions, and when the computer program or instructions are executed by a processor, the computer program or instructions implement the decryption method as described above.
It should be noted that the computer readable medium in the present disclosure can be a computer readable signal medium or a computer readable storage medium or any combination of the two. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples of the computer readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the present disclosure, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In contrast, in the present disclosure, a computer readable signal medium may comprise a propagated data signal with computer readable program code embodied therein, either in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: electrical wires, optical cables, RF (radio frequency), etc., or any suitable combination of the foregoing.
In some embodiments, the clients, servers may communicate using any currently known or future developed network Protocol, such as HTTP (HyperText Transfer Protocol), and may interconnect with any form or medium of digital data communication (e.g., a communications network). Examples of communication networks include a local area network ("LAN"), a wide area network ("WAN"), the Internet (e.g., the Internet), and peer-to-peer networks (e.g., ad hoc peer-to-peer networks), as well as any currently known or future developed network.
The computer readable medium may be embodied in the electronic device; or may be separate and not incorporated into the electronic device.
The computer readable medium carries one or more programs which, when executed by the electronic device, cause the electronic device to:
responding to a server request, and determining request parameter information and a time stamp of the request;
acquiring data information corresponding to the request;
encrypting the data information based on an authentication token, the request parameter information and the timestamp to generate an encryption string;
and sending the encrypted string to the server.
In addition, the electronic device may also perform other steps in the encryption method as described above.
Computer program code for carrying out operations for the present disclosure may be written in any combination of one or more programming languages, including but not limited to an object oriented programming language such as Java, smalltalk, C + +, and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units described in the embodiments of the present disclosure may be implemented by software or hardware. Wherein the name of an element does not in some cases constitute a limitation on the element itself.
The functions described herein above may be performed, at least in part, by one or more hardware logic components. For example, without limitation, exemplary types of hardware logic components that may be used include: field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), system on a chip (SOCs), complex Programmable Logic Devices (CPLDs), and the like.
In the context of this disclosure, a machine-readable medium may be a tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. The machine-readable medium may be a machine-readable signal medium or a machine-readable storage medium. A machine-readable medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
It is noted that, in this document, relational terms such as "first" and "second," and the like, may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising a," "8230," "8230," or "comprising" does not exclude the presence of additional like elements in a process, method, article, or apparatus that comprises the element.
The foregoing are merely exemplary embodiments of the present disclosure, which enable those skilled in the art to understand or practice the present disclosure. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the disclosure. Thus, the present disclosure is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.

Claims (10)

1. A method of encryption, the method comprising:
responding to a server request, and determining request parameter information and a time stamp of the request;
acquiring data information corresponding to the request;
encrypting the data information based on an authentication token, the request parameter information and the timestamp to generate an encrypted string;
and sending the encrypted string to the server.
2. The method according to claim 1, wherein the request parameter information includes a plurality of request parameters, and the timestamp is a time when the server requests the data information;
wherein the encrypting the data information based on the authentication token, the request parameter information, and the timestamp to generate an encrypted string comprises:
processing the plurality of request parameters to obtain target request parameter information;
and encrypting the data information through a symmetric encryption algorithm according to the authentication token, the target request parameter information and the timestamp to generate an encryption string.
3. The method of claim 2, wherein the processing the plurality of request parameters to obtain target request parameter information comprises:
screening the plurality of request parameters to obtain at least one non-empty request parameter;
and sequencing the at least one non-empty request parameter to obtain target request parameter information.
4. The method of claim 1, wherein after responding to a server request, the method further comprises:
and determining a first random number of the data information requested by the server, and storing the first random number in a database.
5. A method of decryption, the method comprising:
receiving the encrypted string and determining time information for receiving the encrypted string;
acquiring a second random number of the encrypted string;
judging whether the encrypted string can be decrypted or not according to the first random number, the second random number, the time information and the timestamp;
and if the encrypted string can be decrypted, decrypting the encrypted string through a symmetric decryption algorithm to obtain the data information.
6. The method of claim 5, wherein said determining whether the encrypted string can be decrypted based on the first random number, the second random number, the time information, and the timestamp comprises:
determining whether the first random number and the second random number are the same;
if so, determining a difference value between the time information and the timestamp, and judging whether the difference value is smaller than or equal to a preset threshold value;
if so, determining that the encrypted string can be decrypted.
7. An encryption apparatus, characterized in that the apparatus comprises:
the determining module is used for responding to a server request and determining request parameter information and a time stamp of the request;
the first acquisition module is used for acquiring data information corresponding to the request;
the encryption module is used for encrypting the data information based on the authentication token, the request parameter information and the timestamp to generate an encryption string;
and the sending module is used for sending the encrypted string to the server.
8. A decryption apparatus, characterized in that the apparatus comprises:
the receiving module is used for receiving the encryption string and determining the time information for receiving the encryption string;
a second obtaining module, configured to obtain a second random number of the encrypted string;
a judging module, configured to judge whether the encrypted string can be decrypted according to the first random number, the second random number, the time information, and the timestamp;
and the decryption module is used for decrypting the encrypted string through a symmetric decryption algorithm to obtain the data information if the encrypted string can be decrypted.
9. An electronic device, comprising:
a memory;
a processor; and
a computer program;
wherein the computer program is stored in the memory and configured to be executed by the processor to implement the method of any one of claims 1-6.
10. A computer-readable storage medium, on which a computer program is stored, which, when being executed by a processor, carries out the method according to any one of claims 1-6.
CN202211503767.7A 2022-11-28 2022-11-28 Encryption method, device, equipment and computer readable storage medium Pending CN115883181A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211503767.7A CN115883181A (en) 2022-11-28 2022-11-28 Encryption method, device, equipment and computer readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211503767.7A CN115883181A (en) 2022-11-28 2022-11-28 Encryption method, device, equipment and computer readable storage medium

Publications (1)

Publication Number Publication Date
CN115883181A true CN115883181A (en) 2023-03-31

Family

ID=85764388

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211503767.7A Pending CN115883181A (en) 2022-11-28 2022-11-28 Encryption method, device, equipment and computer readable storage medium

Country Status (1)

Country Link
CN (1) CN115883181A (en)

Similar Documents

Publication Publication Date Title
CN111079128B (en) Data processing method and device, electronic equipment and storage medium
US10999257B2 (en) Secure delivery and storage of content
EP3090520B1 (en) System and method for securing machine-to-machine communications
US9197420B2 (en) Using information in a digital certificate to authenticate a network of a wireless access point
EP3205048B1 (en) Generating a symmetric encryption key
KR101508497B1 (en) Data certification and acquisition method for vehicle
US10291596B2 (en) Installation of a terminal in a secure system
CN108111497B (en) Mutual authentication method and device for camera and server
CN109510802B (en) Authentication method, device and system
EP3299990A1 (en) Electronic device server and method for communicating with server
CN112823503B (en) Data access method, data access device and mobile terminal
US10356090B2 (en) Method and system for establishing a secure communication channel
CN113225352B (en) Data transmission method and device, electronic equipment and storage medium
CN106998316B (en) Authentication method, application client and gateway equipment
CN114338247B (en) Data transmission method and apparatus, electronic device, storage medium, and program product
CN114143082B (en) Encryption communication method, system and device
EP3205051A1 (en) Mutual authentication
EP3204885A1 (en) Improved security through authentication tokens
CN110035035B (en) Secondary authentication method and system for single sign-on
CN112927026A (en) Coupon processing method and device, electronic equipment and computer storage medium
CN115883181A (en) Encryption method, device, equipment and computer readable storage medium
CN110691068A (en) Cloud server login system, method and device
CN112738067B (en) Face recognition method, device and equipment
KR101737925B1 (en) Method and system for authenticating user based on challenge-response
CN114760500A (en) Audio and video data encryption method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination