CN116208326A - Data transmission method, device, system, storage medium and electronic equipment - Google Patents
Data transmission method, device, system, storage medium and electronic equipment Download PDFInfo
- Publication number
- CN116208326A CN116208326A CN202310147269.1A CN202310147269A CN116208326A CN 116208326 A CN116208326 A CN 116208326A CN 202310147269 A CN202310147269 A CN 202310147269A CN 116208326 A CN116208326 A CN 116208326A
- Authority
- CN
- China
- Prior art keywords
- data block
- plaintext
- data
- length
- ciphertext
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/065—Encryption by serially and continuously modifying data stream elements, e.g. stream cipher systems, RC4, SEAL or A5/3
- H04L9/0656—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher
- H04L9/0662—Pseudorandom key sequence combined element-for-element with data sequence, e.g. one-time-pad [OTP] or Vernam's cipher with particular pseudorandom sequence generator
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
The application provides a data transmission method, a data transmission device, a data transmission system, electronic equipment and a storage medium. The data transmission method comprises the following steps: dividing target plaintext data into a plurality of plaintext data blocks based on a preset processing unit length; converting each plaintext data block of the target plaintext data into a corresponding mapped data block, wherein the data block length of the mapped data block is maintained as the data block length of the corresponding plaintext data block; encrypting each mapping data block by using the generated first key array to obtain a corresponding ciphertext data block, wherein the first key array is associated with the number of data blocks of the plaintext data block obtained by dividing the target plaintext data, and the data block length of the ciphertext data block is kept to be the data block length of the corresponding plaintext data block; and sending all the ciphertext data blocks to a receiving end. The method can safely and efficiently transmit mass data.
Description
Technical Field
The embodiment of the disclosure relates to a data transmission method, a data transmission device, a data transmission system, a storage medium and electronic equipment.
Background
With the rapid development of the internet industry, data transmission security has been a major issue in network transmission technology.
In the related technology, encryption calculation is carried out by using traditional encryption modes DES/3DES/AES/RSA/DSA and complex algorithms such as national cipher SM series; or encrypted using fixed key encryption.
The complex encryption algorithm is used for encryption, so that the safety of data transmission is ensured, but the high calculation amount causes the problems of high resource consumption and long time consumption for data processing, namely low data transmission efficiency; encryption by using a fixed key encryption mode cannot guarantee the security of data transmission.
When massive data needs to be transmitted, the data transmission mode in the related technology cannot ensure the safety and the high efficiency of data transmission at the same time.
Disclosure of Invention
In view of the foregoing, the present application provides a data transmission method, apparatus, system, storage medium, and electronic device, which can safely and efficiently transmit mass data.
In order to solve the technical problems, the technical scheme of the application is realized as follows:
in one embodiment, a data transmission method is provided, the method comprising:
Dividing target plaintext data into a plurality of plaintext data blocks based on a preset processing unit length;
converting each plaintext data block of the target plaintext data into a corresponding mapped data block, wherein a data block length of the mapped data block is maintained as a data block length of the plaintext data block;
encrypting each mapping data block by using the generated first key array to obtain a corresponding ciphertext data block, wherein the first key array is associated with the number of data blocks of the plaintext data block obtained by dividing the target plaintext data, and the data block length of the ciphertext data block is kept to be the data block length of the plaintext data block;
and transmitting all the ciphertext data blocks to the receiving end.
Wherein generating the first key array comprises:
randomly generating a second key array and a third key array; the array length of the second key array is the preset processing unit length; the array length of the third key array is determined according to the number of data blocks of the plaintext data blocks segmented by the target plaintext data;
and carrying out logic operation on the second key array and the third key array based on a first preset logic operation to obtain the first key array.
The encrypting each mapping data block by using the generated first key array to obtain a corresponding ciphertext data block includes:
and for each mapping data block, carrying out logic operation on the mapping data block and the first key array based on a second preset logic operation, and generating a ciphertext data block corresponding to the mapping data block.
Wherein said converting each of said plaintext data blocks of said target plaintext data into a corresponding mapped data block comprises:
converting the mapping relation between the plaintext and the codebook into a corresponding mapping data block according to each plaintext data block; wherein the plaintext is an array of integers with values of 0 to 1 minus a preset processing unit length; the secret text is an array with randomly generated numerical values, the numerical values are not repeated, and the array length is the preset processing unit length; the mapping relation between the plaintext and the codebook is as follows: the plaintext corresponds to the element values corresponding to the same index number of the array corresponding to the codebook one by one.
Wherein the method further comprises:
generating a hash value based on each block of plaintext data for the target plaintext data portion;
and sending the generated hash value to the receiving end; the hash value is used for verifying whether the receiving end is tampered in the data transmission process.
In another embodiment, a data transmission method is provided, the method comprising:
acquiring a plurality of ciphertext data blocks from a transmitting end, wherein each ciphertext data block corresponds to a plaintext data block which is obtained by the transmitting end based on dividing target plaintext data according to a preset processing unit length, and the data block length of the ciphertext data block is the same as the data block length of the corresponding plaintext data block;
decrypting each ciphertext data block by using the generated first key array to obtain a corresponding mapping data block, wherein the first key array is associated with the number of data blocks of the segmented plaintext data blocks when the transmitting end generates the ciphertext data blocks, and the data block length of the mapping data block is kept as the data block length of the plaintext data blocks;
converting each mapping data block into a corresponding plaintext data block, wherein a conversion mechanism from the mapping data block to the plaintext data block is a reverse mechanism of a conversion mechanism implemented by the transmitting end on the plaintext data block;
and splicing all the plaintext data blocks according to the corresponding acquisition sequence of the ciphertext data blocks to obtain the target plaintext data.
Wherein generating the first key array comprises:
acquiring a second key array and a third key array which are sent by the sending end; the array length of the second key array is the preset processing unit length; the array length of the third key array is related to the number of the data blocks of the segmented plaintext data blocks when the sending end generates the ciphertext data blocks;
and carrying out logic operation on the second key array and the third key array based on a first preset logic operation to obtain the first key array.
The decrypting each ciphertext data block by using the generated first key array to obtain a corresponding mapping data block includes:
for each ciphertext data block, performing logic operation on the ciphertext data block and the first key array based on a third preset logic operation to obtain a mapping data block corresponding to the ciphertext data block;
wherein the third preset logic operation is an inverse operation of the second preset logic operation.
Wherein said converting each of said mapped data blocks into a corresponding one of said plaintext data blocks comprises:
converting the mapping relation between the plaintext and the codebook into a corresponding plaintext data block according to each mapping data block; the plaintext is an array of integers from 0 to 1 minus the preset processing unit length; the ciphertext book is an array with non-repeated numerical values and the array length is the preset processing unit length; the mapping relation between the plaintext and the codebook is as follows: the plaintext corresponds to the element values corresponding to the same index number of the array corresponding to the codebook one by one.
Wherein the method further comprises:
obtaining a hash value corresponding to a ciphertext data block sent by a sending end;
carrying out hash calculation on a plaintext data block corresponding to the ciphertext data block to obtain a hash value corresponding to the plaintext data block;
and determining whether the hash value corresponding to the ciphertext data block is consistent with the hash value corresponding to the plaintext data block corresponding to the ciphertext data block, and verifying whether the data is tampered in the data transmission process.
In one embodiment, there is provided a data transmission apparatus including:
a dividing unit configured to perform dividing the target plaintext data into a plurality of plaintext data blocks based on a preset processing unit length;
a conversion unit configured to perform conversion of each of the plaintext data blocks of the target plaintext data into a corresponding mapped data block, wherein a data block length of the mapped data block is maintained as a data block length of the plaintext data block;
an encryption unit configured to encrypt each of the mapped data blocks with the generated first key array to obtain a corresponding ciphertext data block, where the first key array is associated with the number of data blocks of the plaintext data block obtained by dividing the target plaintext data, and a data block length of the ciphertext data block is maintained to be the data block length of the plaintext data block;
And the sending unit is configured to send all the ciphertext data blocks to the receiving end.
In another embodiment, there is provided a transmission apparatus including:
the acquisition unit is configured to acquire a plurality of ciphertext data blocks from a transmitting end, wherein each ciphertext data block corresponds to one plaintext data block which is obtained by the transmitting end by dividing target plaintext data based on a preset processing unit length, and the data block length of the ciphertext data block is the same as the data block length of the corresponding plaintext data block;
a decryption unit configured to decrypt each ciphertext data block by using the generated first key array to obtain a corresponding mapped data block, wherein the first key array is associated with the number of data blocks of the plaintext data block divided when the sender generates the ciphertext data block, and the data block length of the mapped data block is kept to be the data block length of the plaintext data block;
a conversion unit configured to perform conversion of each of the mapped data blocks into a corresponding one of the plaintext data blocks, wherein a conversion mechanism from the mapped data block to the plaintext data block is a reverse mechanism of a conversion mechanism implemented by the transmitting end on the plaintext data block;
And the splicing unit is configured to splice all the plaintext data blocks according to the acquisition sequence of the corresponding ciphertext data blocks to obtain the target plaintext data.
In another embodiment, a data transmission system is provided, the system comprising:
the transmitting end divides the target plaintext data into a plurality of plaintext data blocks based on a preset processing unit length; converting each plaintext data block of the target plaintext data into a corresponding mapped data block, wherein a data block length of the mapped data block is maintained as a data block length of the plaintext data block; encrypting each mapping data block by using the generated first key array to obtain a corresponding ciphertext data block, wherein the first key array is associated with the number of data blocks of the plaintext data block obtained by dividing the target plaintext data, and the data block length of the ciphertext data block is kept to be the data block length of the plaintext data block; all the ciphertext data blocks are sent to a receiving end;
the method comprises the steps that a receiving end obtains a plurality of ciphertext data blocks from a sending end, wherein each ciphertext data block corresponds to a plaintext data block which is obtained by the sending end based on dividing target plaintext data according to a preset processing unit length, and the data block length of the ciphertext data block is identical to the data block length of the corresponding plaintext data block; decrypting each ciphertext data block by using the generated first key array to obtain a corresponding mapping data block; converting each mapping data block into a corresponding plaintext data block, wherein a conversion mechanism from the mapping data block to the plaintext data block is a reverse mechanism of a conversion mechanism implemented by the transmitting end on the plaintext data block; and splicing all the plaintext data blocks according to the corresponding acquisition sequence of the ciphertext data blocks to obtain the target plaintext data.
In another embodiment, an electronic device is provided that includes a memory, a processor, and a computer program stored on the memory and executable on the processor that when executed implements the steps of a data transmission method.
In another embodiment, a computer-readable storage medium is provided, on which a computer program is stored which, when executed by a processor, implements the steps of a data transmission method.
As can be seen from the above technical solution, in the above embodiment, the transmitting end divides the target plaintext data into a plurality of plaintext data blocks based on a preset processing unit length, performs data mapping on each data block to obtain mapped data blocks, encrypts the obtained mapped data blocks based on a first key array associated with the number of data blocks of the plaintext data blocks to obtain ciphertext data blocks, and transmits the ciphertext data blocks to the receiving end; after receiving the ciphertext data block, the receiving end decrypts the ciphertext data block by using the first key array to obtain a mapping data block, and then obtains a plaintext data block corresponding to the mapping data block by adopting a reverse conversion mechanism. The method divides target plaintext data into a plurality of plaintext data blocks, encrypts each data block twice, and a secret key used in the second encryption is randomly generated when encrypting the target plaintext data each time, so that the number of the data blocks of the plaintext data blocks divided by the target plaintext data is associated, and the safety of data transmission can be ensured; and the encryption key is a mapping relation and a key array, so that a complex calculation algorithm is not needed, and the high efficiency of data transmission can be improved. In the scheme, the data to be transmitted is divided into a plurality of data blocks for encryption and decryption, so that the processing burden of a sending end and a receiving end when the data encryption and decryption are executed in a preset processing unit length is lower than that of the data blocks which are not divided.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a schematic diagram of a data transmission system according to an embodiment of the present application;
fig. 2 is a schematic diagram of a data transmission flow implemented by a transmitting end in an embodiment of the present application;
fig. 3 is a schematic diagram of a data transmission flow implemented by a receiving end in an embodiment of the present application;
fig. 4 is a schematic diagram of another data transmission flow implemented by a transmitting end in the embodiment of the present application;
fig. 5 is a schematic diagram of another data transmission flow implemented by the receiving end in the embodiment of the present application;
fig. 6 is a schematic structural diagram of a data transmission device according to an embodiment of the present application;
fig. 7 is a schematic structural diagram of another data transmission device according to an embodiment of the present application;
fig. 8 is a schematic diagram of an entity structure of an electronic device according to an embodiment of the present invention.
Detailed Description
The following description of the technical solutions in the embodiments of the present application will be made clearly and completely with reference to the drawings in the embodiments of the present application, and it is apparent that the described embodiments are only some embodiments of the present application, not all embodiments. All other embodiments, which can be made by one of ordinary skill in the art without undue burden from the present disclosure, are within the scope of the present disclosure.
The terms "first," "second," "third," "fourth" and the like in the description and in the claims and in the above drawings, if any, are used for distinguishing between similar objects and not necessarily for describing a sequential or chronological order of the objects. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the invention described herein may be implemented, for example, in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprise" and "have," as well as any variations thereof, are intended to cover a non-exclusive inclusion. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those elements but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
The technical scheme of the invention is described in detail below by specific examples. The following embodiments may be combined with each other, and some embodiments may not be repeated for the same or similar concepts or processes.
With the rapid development of the internet industry, data transmission security has been a major issue in network transmission technology. Especially for mass data transmission, not only the safety of data transmission but also the high efficiency of data transmission are required to be ensured.
Based on the above requirements, the application provides a data transmission method, wherein a transmitting end divides target plaintext data into a plurality of plaintext data blocks based on a preset processing unit length, firstly performs data mapping on each data block to obtain mapped data blocks, then encrypts the obtained mapped data blocks based on a first key array associated with the number of the data blocks of the plaintext data blocks to obtain ciphertext data blocks, and transmits the ciphertext data blocks to a receiving end; after receiving the ciphertext data block, the receiving end decrypts the ciphertext data block by using the first key array to obtain a mapping data block, and then obtains a plaintext data block corresponding to the mapping data block by adopting a reverse conversion mechanism. Dividing target plaintext data into a plurality of plaintext data blocks, encrypting each data block twice, wherein a secret key used in the second encryption is randomly generated when encrypting the target plaintext data each time, and the number of the data blocks of the plaintext data blocks which are related to the segmentation of the target plaintext data, namely the encryption secret keys aiming at the target plaintext data transmitted each time are different, so that the safety of data transmission can be ensured; and the encryption key is a mapping relation and a key array, so that a complex calculation algorithm is not needed, and the high efficiency of data transmission can be improved. In the scheme, the data to be transmitted is divided into a plurality of data blocks for encryption and decryption, so that the processing burden of a sending end and a receiving end when the data encryption and decryption are executed in a preset processing unit length is lower than that of the data blocks which are not divided.
In an embodiment of the present application, referring to fig. 1, fig. 1 is a schematic diagram of a data transmission system in an embodiment of the present application. In fig. 1, a receiving end and a transmitting end are taken as examples, where the receiving end and the transmitting end are two ends for the target plaintext data transmission. The data transmission system includes: a transmitting end and a receiving end.
The transmitting end divides the target plaintext data into a plurality of plaintext data blocks based on a preset processing unit length; converting each plaintext data block of the target plaintext data into a corresponding mapped data block, wherein the data block length of the mapped data block is maintained as the data block length of the corresponding plaintext data block; encrypting each mapping data block by using the generated first key array to obtain a corresponding ciphertext data block, wherein the first key array is associated with the number of data blocks of the plaintext data block obtained by dividing the target plaintext data, and the data block length of the ciphertext data block is kept to be the data block length of the corresponding plaintext data block; and sending all the ciphertext data blocks to a receiving end.
The method comprises the steps that a receiving end obtains a plurality of ciphertext data blocks from a sending end, wherein each ciphertext data block corresponds to a plaintext data block which is obtained by the sending end based on the segmentation of target plaintext data in a preset processing unit length, and the data block length of the ciphertext data block is identical to the data block length of the corresponding plaintext data block; decrypting each ciphertext data block by using the generated first key array to obtain a corresponding mapping data block, wherein the first key array is associated with the number of data blocks of the segmented plaintext data blocks when the ciphertext data block is generated by the transmitting end, and the data block length of the mapping data block is kept to be the data block length of the corresponding plaintext data block; converting each mapping data block into a corresponding plaintext data block, wherein the conversion mechanism from the mapping data block to the plaintext data block is a reverse mechanism of the conversion mechanism implemented by the transmitting end on the plaintext data block; and splicing all the plaintext data blocks according to the acquisition sequence of the corresponding ciphertext data blocks to obtain the target plaintext data.
When the transmitting end divides the target plaintext data into plaintext data blocks based on the preset processing unit length, the data block length of the last plaintext data block may be the preset processing unit length or may be smaller than the preset processing unit length.
The preset processing unit length here is a data block length which is easy to be processed by a computer, such as 256.
If the target plaintext data with the length of 1000 is transmitted, the length of 256 is taken as the length, and the length of the last block is 232, so that the padding is not required to reach 256.
In another embodiment, as a transmitting end and a receiving end of data transmission, the transmitting end and the transmitting end need to store the same mapping relationship between plaintext and codebook before transmitting data, and the transmitting end is used for generating a second key array of the first key array;
in specific implementation, the configuration of the receiving end and the sending end can be consistent, or the configuration of the sending end can be completed and then synchronized to the receiving end.
The mapping relation between the plaintext and the codebook is specifically:
the plaintext is used for sequentially generating an array of integers with the numerical value of 0 to the preset processing unit length minus 1; the secret text is an array with randomly generated numerical values, the numerical values are not repeated, and the array length is the preset processing unit length; the mapping relation between the plaintext and the codebook is as follows: the plaintext corresponds to the element values corresponding to the same index number of the array corresponding to the codebook one by one, namely, the first numerical value in the array corresponding to the plaintext corresponds to the first numerical value in the array corresponding to the codebook, and the last numerical value in the array corresponding to the plaintext corresponds to the last numerical value in the array corresponding to the codebook.
In a specific implementation, for easy processing of a computer, the non-repeated numerical value in the secret text may be an integer from 0 to 1 minus the preset processing unit length, but the numerical sequence of the secret text is different from that of the clear text, or may naturally be an integer from 0 to 1 minus the preset processing unit length, which is not limited in the embodiment of the present application.
The transmitting end converts each plaintext data block of the target plaintext data into a corresponding mapped data block, and specifically comprises the following steps:
for each plaintext data block, a mapping relationship based on plaintext and codebook is converted into a corresponding mapped data block.
The method comprises the steps of finding a corresponding numerical value in a plaintext, determining an index number corresponding to the numerical value in an array, finding the numerical value corresponding to the index number in a codebook, and performing mapping replacement to convert the plaintext into a mapping data block.
The receiving end converts each mapping data block into a corresponding plaintext data block, and specifically comprises the following steps:
for each mapping data block, converting the mapping relation based on the plaintext and the codebook into a corresponding plaintext data block.
The method comprises the steps of finding a corresponding value of each byte data in the mapping data block in a codebook, determining a corresponding index number of the value in an array, finding the corresponding value of the index number in a plaintext, and performing mapping replacement to convert the mapping data block into a plaintext data block.
The sending end encrypts each mapping data block by using the generated first key array to obtain a corresponding ciphertext data block, and specifically comprises the following steps:
and for each mapping data block, carrying out logic operation on the mapping data block and the first key array based on a second preset logic operation, and generating a ciphertext data block corresponding to the mapping data block.
The sending end generates a first key array, which specifically comprises the following steps:
randomly generating a second key array and a third key array; and carrying out logic operation on the second key array and the third key array based on the first preset logic operation to obtain a first key array.
The second key array is generated in advance, namely, the transmitting end and the receiving end are generated before preparing to transmit the target plaintext data, and the array length of the array is the preset processing unit length; the array length of the third key array is determined according to the number of data blocks of the plaintext data blocks of the target plaintext data portion.
The receiving end decrypts each ciphertext data block by using the generated first key array to obtain a corresponding mapping data block, and the method specifically comprises the following steps:
and carrying out logic operation on the ciphertext data blocks and the first key array based on a third preset logic operation for each ciphertext data block to obtain a mapping data block corresponding to the ciphertext data block, wherein the third preset logic operation is inverse operation of the second preset logic operation.
The receiving end generates a first key array, which specifically includes:
acquiring a second key array and a third key array which are sent by a sending end; performing logic operation on the second key array and the third key array based on the first preset logic operation to obtain a first key array; the array length of the second key array is a preset processing unit length, and the array length of the third key array is related to the number of data blocks of the plaintext data blocks divided by the sending end when the ciphertext data blocks are generated.
The second key array is synchronized by the sender to the receiver before the sender and the receiver transmit.
After the transmitting end divides the target plaintext data into a plurality of plaintext data blocks, the transmitting end determines the array length of the third key array according to the number of the data blocks of the divided plaintext data blocks and randomly generates the third key array.
After generating the third key array, the transmitting end synchronizes the third key array to the receiving end before transmitting the ciphertext data block to the receiving end.
The method comprises the steps of determining the array length of a third key array according to the number of data blocks of the segmented plaintext data blocks, and specifically realizing:
the first step, the number of the plaintext data blocks is determined, and the method concretely comprises the following steps:
Calculating the ratio of the length of a data block of the target plaintext data to the length of a preset processing unit, and rounding upwards;
if the value obtained by rounding upwards is not greater than the ratio of the preset byte length, the number of the plaintext data blocks is the preset processing unit length;
if the value obtained by rounding up is larger than the ratio of the preset byte length, the number of the plaintext data blocks is the value obtained by rounding up.
The target plaintext data length is denoted by Plan, and the number of data blocks of the plaintext data blocks into which the target plaintext data is divided is
The second step, determining the array length of the third key array according to the number of the plaintext data blocks, specifically:
the array length of the third key array is denoted as Rlen, and rlen=256 when the number n of data blocks of the block of the plaintext data into which the target plaintext data is divided is not more than 256; when n >256, rlen=n.
In this embodiment of the present application, in a specific implementation, the first preset logic operation and the second preset logic operation may be the same or different.
In a further embodiment of the present invention,
generating a hash value by the transmitting end based on each plaintext data block of the target plaintext data portion; and sending the generated hash value to a receiving end; the hash value is used for verifying whether the data transmission process is tampered or not by the receiving end.
The receiving end obtains a hash value corresponding to the ciphertext data block sent by the sending end; carrying out hash calculation on a plaintext data block corresponding to the ciphertext data block to obtain a hash value corresponding to the plaintext data block;
and determining whether the hash value corresponding to the ciphertext data block is consistent with the hash value corresponding to the plaintext data block corresponding to the ciphertext data block, and verifying whether the data is tampered in the data transmission process.
The following describes the data transmission process in the embodiment of the present application in detail with reference to the accompanying drawings.
Referring to fig. 2, fig. 2 is a schematic diagram of a flow chart of implementing data transmission by a transmitting end in an embodiment of the present application. The method comprises the following specific steps:
in step 201, the target plaintext data is divided into a plurality of plaintext data blocks based on a predetermined processing unit length.
When the target plaintext data is divided into plaintext data blocks based on the preset processing unit length, the data block length of the last plaintext data block may be the preset processing unit length or may be smaller than the preset processing unit length, and in this embodiment of the present application, when the length does not reach the preset processing unit length, the length does not need to be filled to reach the preset processing unit length, and the length is just used as the data block length of the current plaintext data block, and when the subsequent mapping and the related calculation are performed with the secret key, how long the calculation is needed.
The preset processing unit length here is a data block length which is easy to be processed by a computer, such as 256.
If the target plaintext data with the length of 1000 is transmitted, the length of 256 is taken as the length, and the length of the last block is 232, so that the padding is not required to reach 256.
When the target plaintext data is divided into plaintext data blocks, determining the number of data blocks of the divided plaintext data blocks, specifically as follows:
calculating the ratio of the length of a data block of the target plaintext data to the length of a preset processing unit, and rounding upwards;
if the value obtained by rounding upwards is not greater than the ratio of the preset byte length, the number of the plaintext data blocks is the preset processing unit length;
if the value obtained by rounding up is larger than the ratio of the preset byte length, the number of the plaintext data blocks is the value obtained by rounding up.
Step 202 may be considered as encrypting the block of plaintext data for the first time, and step 203 encrypts the block of mapped data, which corresponds to further encryption of the block of plaintext data, by which two steps a two-layer encryption is achieved, in particular the keys for the secondary encryption are dynamically randomly generated based on the target plaintext data for each transmission, resulting in a more secure data transmission.
And step 204, transmitting all the ciphertext data blocks to a receiving end.
In this embodiment, the transmitting end divides the target plaintext data into a plurality of plaintext data blocks based on a preset processing unit length, performs data mapping on each data block to obtain mapped data blocks, encrypts the obtained mapped data blocks based on a first key array associated with the number of data blocks of the plaintext data blocks to obtain ciphertext data blocks, and transmits the ciphertext data blocks to the receiving end. The method divides target plaintext data into a plurality of plaintext data blocks, encrypts each data block twice, and associates the number of the data blocks of the plaintext data blocks during the second encryption, namely dynamically randomly generates a secret key based on the target plaintext data transmitted each time, so that the safety of data transmission can be ensured; and the encryption key is a mapping relation and a key array, so that a complex calculation algorithm is not needed, and the high efficiency of data transmission can be improved. In the scheme, the data to be transmitted is divided into a plurality of data blocks for encryption and decryption, so that the processing burden of a sending end and a receiving end when the data encryption and decryption are executed in a preset processing unit length is lower than that of the data blocks which are not divided.
Referring to fig. 3, fig. 3 is a schematic diagram of a flow chart of implementing data transmission by a receiving end in an embodiment of the present application. The method comprises the following specific steps:
In particular implementations, after the first key array is generated, the received ciphertext data blocks may be decrypted, and not all received ciphertext data blocks may be decrypted.
The first key array is generated according to the related information and is not directly transmitted by the transmitting end.
And step 304, splicing all the plaintext data blocks according to the acquisition sequence of the corresponding ciphertext data blocks to obtain the target plaintext data.
In this embodiment, after a receiving end receives a ciphertext data block, the ciphertext data block is decrypted by using a first key array to obtain a mapping data block, and then a reverse conversion mechanism is adopted to obtain a plaintext data block corresponding to the mapping data block; the first key array is determined according to the synchronous information of the sending end. The method is based on the synchronous information of the sending end, can quickly decrypt the ciphertext data block of the sending end, and can decrypt one of the ciphertext data blocks without receiving all the ciphertext blocks corresponding to the target plaintext data, so that the processing burden of the receiving end when the receiving end executes data decryption in a preset processing unit length is lower than that of the receiving end when the receiving end does not divide the data block.
Referring to fig. 4, a schematic diagram of another data transmission flow implemented by a transmitting end in an embodiment of the present application is shown. The method comprises the following specific steps:
in step 401, the target plaintext data is divided into a plurality of plaintext data blocks based on a predetermined processing unit length.
When the target plaintext data is divided into plaintext data blocks based on the preset processing unit length, the data block length of the last plaintext data block may be the preset processing unit length or may be smaller than the preset processing unit length, and in this embodiment of the present application, when the length does not reach the preset processing unit length, the length does not need to be filled to reach the preset processing unit length, and the length is just used as the data block length of the current plaintext data block, and when the subsequent mapping and the related calculation are performed with the secret key, how long the calculation is needed.
The preset processing unit length here is a data block length which is easy to be processed by a computer, such as 256.
If the target plaintext data with the length of 1000 is transmitted, the length of 256 is taken as the length, and the length of the last block is 232, so that the padding is not required to reach 256.
When the target plaintext data is divided into plaintext data blocks, the number of the plaintext data blocks is determined as follows:
calculating the ratio of the length of a data block of the target plaintext data to the length of a preset processing unit, and rounding upwards;
if the value obtained by rounding upwards is not greater than the ratio of the preset byte length, the number of the plaintext data blocks is the preset processing unit length;
if the value obtained by rounding up is larger than the ratio of the preset byte length, the number of the plaintext data blocks is the value obtained by rounding up.
The data block length of each plaintext data block is equal to the preset processing unit length when the receiving end executes data decryption, so as to ensure normal decryption.
The target plaintext data length is denoted by Plen, and the number of plaintext data blocks into which the target plaintext data is divided is
The blocks of the target plaintext data P are represented as { P1, P2, P3, & gt, pn }, each block of which can be represented as follows:
P1={P1[0],P1[1],P1[2],...,P1[255]}
P2={P2[0],P2[1],P2[2],...,P2[255]}
Pi={Pi[0],Pi[1],Pi[2],...,Pi[255]}
Pn={Pn[0],Pn[1],Pn[2],...,Pn[255]}
The mapping relation between the plaintext and the codebook in the step is pre-generated and stored for the transmitting end.
Sequentially generating an array of integers with the numerical value of 0 to the preset processing unit length-1 by using the plaintext; the secret text is an array with random generation length being the length of a preset processing unit and the numerical value not being repeated; the mapping relation between the plaintext and the codebook is as follows: the plaintext corresponds to the element values corresponding to the same index number of the array corresponding to the codebook one by one, namely, the first numerical value in the array corresponding to the plaintext corresponds to the first numerical value in the array corresponding to the codebook, and the last numerical value in the array corresponding to the plaintext corresponds to the last numerical value in the array corresponding to the codebook.
The preset processing unit length is the unit length which is easy to process by a computer, 256 is taken as an example of the preset processing unit length, an array of 256 values is sequentially generated from 0 to 255 to form a plaintext PA, and an array with 256 lengths and non-repeated values is randomly generated to form a codebook T; defining an array with 256 lengths in concrete implementation, randomly generating 256 non-repeated numerical values, and randomly filling the non-repeated numerical values into the defined empty array to form a codebook; taking the example that the non-repeated numerical value in the secret text is an integer from 0 to 1 minus the preset processing unit length, but the numerical value arrangement sequence of the non-repeated numerical value is different from that of the plaintext, the specific plaintext and the password are as follows:
Plaintext PA [0x00,0x01,0x 02..0 xff ]
Codebook T [0xb7,0x18,0xf3, ], 0x3c ]
The mapping relation between the plaintext PA and the codebook T is as follows:
the element values corresponding to the same index number of the array corresponding to the codebook are in one-to-one correspondence, namely, 0x00 in the plaintext with the index number of 1 corresponds to 0xb7 in the ciphertext, … …, and 0xff in the plaintext with the index number of 256 corresponds to 0x3c in the codebook.
Each byte data in the plaintext text finds its corresponding value in the plaintext PA, whereby the index value of this value in the PA corresponds to the ciphertext value of the same index value in the codebook T, and mapping substitution is performed.
The mapping process is expressed as: PA [ i ] - > Ti wherein i has a value range of 0,1,2, 255, plain text one-to-one mapping is replaced with cipher text, denoted CT
The whole encryption and decryption process is presented herein by taking one block of plaintext data 0x02,0xff two-byte data as an example.
Plaintext PA [0x00,0x01,0x 02..0 xff ]
Codebook T [0xb7,0x18,0xf3, ], 0x3c ]
The value '0 x 02' has an index number of 2 in the plaintext PA and corresponds to the value '0 xf 3' with the index number of 2 in the codebook T; the value "0xff" has an index number of 255 in the plaintext PA, and corresponds to the value "0x3c" having an index number of 255 in the codebook T.
Mapping data block CT {0xf3,0x3c }, corresponding to this example
P->CT。
The second key array is generated before processing the target plaintext data, and the array length of the array is a preset processing unit length; directly obtaining.
Taking 256 preset processing unit lengths as an example, the second key array generating process is as follows:
defining a null array with length of 256, randomly generating 256 values, filling the null array, and forming a second key array, namely IV:
IV:[0xf8,0x3a,0xb2,...,0x67]。
and synchronizing the mapping relation between the plaintext and the codebook and the second key array to the corresponding receiving end, and transmitting the mapping relation and the second key array to the receiving end through a safe network transmission protocol during synchronization.
After the target plaintext data is divided into plaintext data blocks, third key data may be generated, and the specific generating process includes:
the third key array is a randomly generated key array, and the array length of the array is determined according to the number of data blocks of the plaintext data blocks;
first, the number of plaintext data blocks is determined, specifically as follows:
Calculating the ratio of the length of a data block of the target plaintext data to the length of a preset processing unit, and rounding upwards;
if the value obtained by rounding upwards is not greater than the ratio of the preset byte length, the number of the plaintext data blocks is the preset processing unit length;
if the value obtained by rounding up is larger than the ratio of the preset byte length, the number of the plaintext data blocks is the value obtained by rounding up.
The target plaintext data length is denoted by Plan, and the number of data blocks of the plaintext data blocks into which the target plaintext data is divided is
Secondly, determining the array length of the third key array according to the number of the plaintext data blocks, wherein the array length is specifically as follows:
the array length of the third key array is denoted as Rlen, and rlen=256 when the number n of data blocks of the block of the plaintext data into which the target plaintext data is divided is not more than 256; when n >256, rlen=n.
And finally, carrying out logic operation on the second key array and the third key array based on the first preset logic operation to obtain a first key array.
The first preset logic operation may be an exclusive or, an unequal logic operation.
In this embodiment, the first preset logic operation takes exclusive or as an example, and a specific logic operation process is given:
performing exclusive-or calculation on the second key data and the third key array to generate a 1 st exclusive-or result;
Performing exclusive-or calculation on the value in the third key array and the 1 st exclusive-or result after shifting the value to obtain the 2 nd exclusive-or result;
shifting the shifted third key array again, performing exclusive-or calculation with the 2 nd exclusive-or result, and obtaining the 3 rd exclusive-or result;
and so on until the n-1 th exclusive-or result is obtained as a first key array;
wherein the key array is shifted one bit forward by one bit per value, e.g. except for the first value, and the first value is shifted to the last value.
In specific implementations, the last shift to the first position may also be shifted backward, which is not limited in the embodiments of the present application.
Still taking 256 preset unit lengths as an example, the generation of the first key array specifically includes:
the second key array is represented by K0, each numerical value in the K0 and the numerical value corresponding to the same index number in the third key array R1 are subjected to exclusive OR operation to generate K1
The R1 array is transformed into a new array R2 in the following way:
R2[R1[1],R1[2],R1[3],...,R1[0]]
then exclusive OR operation is carried out on each numerical value in K1 and the numerical value of the same index value in R2 to generate K2
Ki generation mode:
Ri+1[Ri[1],Ri[2],Ri[3],...,Ri[0]]
i ranges of values 1,2,3,
performing exclusive OR operation on each value in Ki-1 and the same index value in Ri to generate Ki
Ki=Ki-1[j]⊕Ri[j]
i ranges of values 1,2,3,
j ranges 0,1,2, 255
R generation mode example
R1[0x3d,0x81,0xa0,...,0xc6]
R2[0x81,0xa0,0x8d,...,0x3d]
R3[0xa0,0x8d,0x51,...,0x81]
Rn[0xc6,0x3d,0x81,...,0x75]
If the array length of the third key array is 256, the exclusive-or operation is directly performed once.
Taking the example of transmitting 2-byte long data,
only R1 is needed to participate in the operation, namely, shift processing is not needed:
K0[0xf8,0x3a,0xb2,...,0x67]
R1[0x3d,0x81,0xa0,...,0xc6]
K1=K0[j]⊕R1[j]
K1[0xc5,0xbb,0x12,...,0xa1]。
in step 404, for each mapping data block, a logic operation is performed on the mapping data block and the first key array based on a second preset logic operation, so as to generate a ciphertext data block corresponding to the mapping data block.
The second preset logic operation may be the same as or different from the first preset logic operation. Taking the same example as the following, the second preset logic operation is taken as an exclusive or operation as an example:
exclusive-or operation is performed on the mapping data block generated in step 404 and the first key array, that is, the array corresponding to the mapping data block and the numerical value of the same index number in the first key array are exclusive-or operated to generate a ciphertext data block, where the ciphertext data block is denoted as C
Ci[j]=CTi[j]⊕Ki[j]
i=1,2,3,...,n
j=0,1,2,...,255
CT{0xf3,0x3c}
K1[0xc5,0xbb,0x12,...,0xa1]
C1[j]=CT1[j]⊕K1[j]
Example C {0x36,0x87}
Generating a transmission ciphertext CT- > C by mapping ciphertext encryption
Step 402 may be considered as encrypting a block of plaintext data for the first time, and step 404 encrypts a block of mapped data, which corresponds to further encryption of a block of plaintext data, by which two steps a two-layer encryption is achieved, making the data transfer more secure.
And step 405, transmitting all ciphertext data blocks to a receiving end.
In this embodiment, the transmitting end divides the target plaintext data into a plurality of plaintext data blocks based on a preset processing unit length, obtains a mapping data block corresponding to each plaintext data block based on a mapping relationship between a plaintext and a codebook, performs a logic operation on the mapping data block and the dynamically generated first key data based on a second preset logic operation, obtains a ciphertext data block, and transmits the ciphertext data block to the receiving end; according to the scheme, the target plaintext data is divided into a plurality of plaintext data blocks, each data block is encrypted twice, and the number of the data blocks of the plaintext data block is also related during the second encryption, so that the safety of data transmission can be ensured; and the data transmission efficiency can be improved by using a mapping mode and a logic operation to encrypt without complex calculation algorithm.
Referring to fig. 5, a schematic diagram of another data transmission flow implemented by a receiving end in an embodiment of the present application is shown. The method comprises the following specific steps:
The first preset logic operation may be an exclusive or, an unequal logic operation.
In this embodiment, the first preset logic operation takes exclusive or as an example, and a specific logic operation process is given:
performing exclusive-or calculation on the second key data and the third key array to generate a 1 st exclusive-or result;
performing exclusive-or calculation on the value in the third key array and the 1 st exclusive-or result after shifting the value to obtain the 2 nd exclusive-or result;
shifting the shifted third key array again, performing exclusive-or calculation with the 2 nd exclusive-or result, and obtaining the 3 rd exclusive-or result;
and so on until the n-1 th exclusive-or result is obtained as a first key array;
wherein the key array is shifted one bit forward by one bit per value except for the first value and the first value is shifted to the last value.
Still taking 256 preset unit lengths as an example, the generation of the first key array specifically includes:
The second key array is represented by K0, each numerical value in the K0 and the numerical value corresponding to the same index number in the third key array R1 are subjected to exclusive OR operation to generate K1
The R1 array is transformed into a new array R2 in the following way:
R2[R1[1],R1[2],R1[3],...,R1[0]]
then exclusive OR operation is carried out on each numerical value in K1 and the numerical value of the same index value in R2 to generate K2
Ki generation mode:
Ri+1[Ri[1],Ri[2],Ri[3],...,Ri[0]]
i ranges of values 1,2,3,
performing exclusive OR operation on each value in Ki-1 and the same index value in Ri to generate Ki
Ki=Ki-1[j]⊕Ri[j]
i ranges of values 1,2,3,
j ranges 0,1,2, 255
R generation mode example
R1[0x3d,0x81,0xa0,...,0xc6]
R2[0x81,0xa0,0x8d,...,0x3d]
R3[0xa0,0x8d,0x51,...,0x81]
Rn[0xc6,0x3d,0x81,...,0x75]
If the array length of the third key array is 256, the exclusive-or operation is directly performed once.
Taking the example of transmitting 2-byte long data,
only R1 is needed to participate in the operation, namely, shift processing is not needed:
K0[0xf8,0x3a,0xb2,...,0x67]
R1[0x3d,0x81,0xa0,...,0xc6]
K1=K0[j]⊕R1[j]
K1[0xc5,0xbb,0x12,...,0xa1]
in step 503, for each ciphertext data block, performing a logic operation on the ciphertext data block and the first key array based on a third preset logic operation, to obtain a mapped data block, where the third preset logic operation is an inverse operation of the second logic operation.
If the inverse operation of the logic operation can be implemented by the same logic operation, the third preset logic operation is the same as the second preset logic operation, such as the logic operation: exclusive or.
Exclusive-or operation is carried out on each numerical value in each block Ci of the received ciphertext and the numerical value of the same index value in the first key array Ki, and the decrypted mapping data block is expressed as CT'
CT′i[j]=Ci[j]⊕Ki[j]
i=1,2,3,...,n
j=0,1,2,...,255
Received C {0x36,0x87}
K1[0xc5,0xbb,0x12,...,0xa1]
CT' {0xf3,0x3c }, in this example
Decrypting the received ciphertext data block to obtain a mapped data block: c- > CT'.
Acquiring a mapping relation between a plaintext and a ciphertext which are synchronous at a transmitting end; the specific mapping relation is as follows:
the plaintext is an array of integers from 0 to a preset processing unit length-1; the text is an array with the length being the length of a preset processing unit and the numerical value not being repeated; the mapping relation between the plaintext and the codebook is as follows: the plaintext corresponds to the element values corresponding to the same index number of the array corresponding to the codebook one by one, namely, the first numerical value in the array corresponding to the plaintext corresponds to the first numerical value in the array corresponding to the codebook, and the last numerical value in the array corresponding to the plaintext corresponds to the last numerical value in the array corresponding to the codebook.
The preset processing unit length is the unit length which is easy to process by a computer, 256 is taken as an example of the preset processing unit length, and the plaintext is an array formed by 256 numerical sequences in total from 0 to 255; the codebook T is an array with 256 length and non-repeated values, and takes the non-repeated values in the ciphertext as an integer from 0 to the preset processing unit length minus 1, which is different from the numerical sequence of the plaintext, for example, as follows:
plaintext PA [0x00,0x01,0x 02..0 xff ]
Codebook T [0xb7,0x18,0xf3, ], 0x3c ]
The mapping relation between the plaintext PA and the codebook T is as follows:
the element values corresponding to the same index number of the array corresponding to the codebook are in one-to-one correspondence, namely, 0x00 in the plaintext with the index number of 1 corresponds to 0xb7 in the ciphertext, … …, and 0xff in the plaintext with the index number of 256 corresponds to 0x3c in the codebook.
The index number of the numerical value 0xf3 in the mapping data block is 2 in the codebook PA, and the numerical value 0x02 corresponding to the index number 2 of the plaintext T; the data value "0x3c" has an index number of 255 in the codebook PA, and corresponds to the value "0xff" having an index number of 255 in the plaintext T.
The map-reduce process by reverse mechanism is expressed as: t [ i ] - > PA [ i ]; wherein i ranges of values 0,1,2, 255, ciphertext is restored to plaintext in one-to-one mapping, denoted as P'.
This example P' {0x02,0xff }
The mapped data block is restored to plaintext CT '- > P'.
And 505, splicing all the plaintext data blocks according to the acquisition sequence of the corresponding ciphertext data blocks to obtain the target plaintext data.
In this embodiment, after receiving the ciphertext data block, the receiving end decrypts the ciphertext data block based on the logical operation using the dynamically generated first key array to obtain a mapped data block, and then obtains a plaintext data block corresponding to the mapped data block by using a reverse conversion mechanism. In the scheme, the data to be transmitted is divided into a plurality of data blocks for encryption and decryption, so that the processing burden of a sending end and a receiving end when the encryption and decryption of the data are executed in a preset processing unit length is lower than that of the data blocks which are not divided; the decryption is carried out based on the dynamic first key array, so that the safety of data transmission can be ensured; compared with the decryption method in the related art, the decryption method in the data mapping mode and the logic operation mode does not need complex calculation, and is higher in efficiency.
In this embodiment of the present application, the transmitted data may be verified by using a hash value, which is specifically as follows:
generating a hash value by the transmitting end based on each plaintext data block of the target plaintext data portion; and sending the generated hash value to a receiving end; the hash value is used for verifying whether the data transmission process is tampered or not by the receiving end.
The receiving end obtains a hash value corresponding to the ciphertext data block sent by the sending end; carrying out hash calculation on a plaintext data block corresponding to the ciphertext data block to obtain a hash value corresponding to the plaintext data block;
and determining whether the hash value corresponding to the ciphertext data block is consistent with the hash value corresponding to the plaintext data block corresponding to the ciphertext data block, and verifying whether the data is tampered in the data transmission process.
In the embodiment of the present application, the generation of the first key array used by the transmitting end and the receiving end is performed once for a target plaintext data, and does not need to be performed once for each data block.
Compared with a data processing mode which uses power modulus logarithm and the like to occupy higher resources, the data processing method can improve the data processing efficiency by using a logic operation mode; in the encryption and decryption process, the first key array is dynamically generated for encryption, and the security of data transmission can be ensured because the first key array is not transmitted.
Any combination of the above-mentioned optional solutions may be adopted to form an optional embodiment of the present disclosure, which is not described herein in detail.
Based on the same inventive concept, the embodiment of the application also provides a data transmission device. Referring to fig. 6, fig. 6 is a schematic structural diagram of a data transmission device in an embodiment of the present application. The data transmission device includes:
A dividing unit 601 configured to perform dividing the target plaintext data into a plurality of plaintext data blocks based on a preset unit length of processing;
a conversion unit 602 configured to perform conversion of each of the plaintext data blocks of the target plaintext data into a corresponding mapped data block, wherein a data block length of the mapped data block is maintained as a data block length of the plaintext data block;
an encryption unit 603 configured to perform encryption on each of the mapped data blocks using the generated first key array to obtain a corresponding ciphertext data block, where the first key array is associated with the number of data blocks of the plaintext data block obtained by dividing the target plaintext data, and a data block length of the ciphertext data block is maintained to be the data block length of the plaintext data block;
a transmitting unit 604 configured to perform transmission of all the ciphertext data blocks to the receiving end.
In a further embodiment of the present invention,
an encryption unit 603 configured to perform random generation of the second key array, and the third key array; the array length of the second key array is the preset processing unit length; the array length of the third key array is determined according to the number of data blocks of the plaintext data blocks segmented by the target plaintext data; and carrying out logic operation on the second key array and the third key array based on a first preset logic operation to obtain the first key array.
In a further embodiment of the present invention,
and an encryption unit 603 configured to perform a logic operation on the mapping data block and the first key array based on a second preset logic operation for each mapping data block, and generate a ciphertext data block corresponding to the mapping data block.
In a further embodiment of the present invention,
a conversion unit 604 configured to perform conversion into a corresponding mapped data block based on a mapping relationship between plaintext and codebook for each of the plaintext data blocks; wherein the plaintext is an array of integers with values of 0 to 1 minus a preset processing unit length; the secret text is an array with randomly generated numerical values, the numerical values are not repeated, and the array length is the preset processing unit length; the mapping relation between the plaintext and the codebook is as follows: the plaintext corresponds to the element values corresponding to the same index number of the array corresponding to the codebook one by one.
The embodiment of the application also provides another data transmission device. Referring to fig. 7, fig. 7 is a schematic structural diagram of another data transmission device in an embodiment of the present application. The data transmission device includes:
an obtaining unit 701, configured to perform obtaining a plurality of ciphertext data blocks from a sending end, where each ciphertext data block corresponds to a plaintext data block that is obtained by the sending end by dividing from target plaintext data based on a preset processing unit length, and a data block length of the ciphertext data block is the same as a data block length of the corresponding plaintext data block;
A decryption unit 702, configured to perform decryption on each ciphertext data block by using the generated first key array to obtain a corresponding mapped data block, where the first key array is associated with the number of data blocks of the plaintext data block that are split when the sender generates the ciphertext data block, and the data block length of the mapped data block is kept to be the data block length of the plaintext data block;
a conversion unit 703 configured to perform conversion of each of the mapped data blocks into a corresponding one of the plaintext data blocks, wherein a conversion scheme from the mapped data block to the plaintext data block is a reverse scheme of a conversion scheme implemented by the transmitting end on the plaintext data block;
and a stitching unit 704 configured to perform stitching of all the plaintext data blocks according to an acquisition order of the ciphertext data blocks, to obtain the target plaintext data.
In a further embodiment of the present invention,
a decryption unit 702 configured to perform obtaining a second key array and a third key array sent by the sender; the array length of the second key array is the preset processing unit length; the array length of the third key array is related to the number of the data blocks of the segmented plaintext data blocks when the sending end generates the ciphertext data blocks; and carrying out logic operation on the second key array and the third key array based on a first preset logic operation to obtain the first key array.
In a further embodiment of the present invention,
a decryption unit 702, configured to perform a logic operation on the ciphertext data block and the first key array based on a third preset logic operation for each ciphertext data block, to obtain a mapping data block corresponding to the ciphertext data block; wherein the third preset logic operation is an inverse operation of the second preset logic operation.
In a further embodiment of the present invention,
a conversion unit 703 configured to perform conversion into a corresponding plaintext data block based on a mapping relationship between plaintext and codebook, for each of the mapped data blocks; wherein the plaintext is an array of integers with values of 0 to 1 minus a preset processing unit length; the secret text is an array with randomly generated numerical values, the numerical values are not repeated, and the array length is the preset processing unit length; the mapping relation between the plaintext and the codebook is as follows: the plaintext corresponds to the element values corresponding to the same index number of the array corresponding to the codebook one by one.
The units of the above embodiments may be integrated or may be separately deployed; can be combined into one unit or further split into a plurality of sub-units.
In another embodiment, an electronic device is provided that includes a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing the steps of the data transmission method when the program is executed.
In another embodiment, a computer readable storage medium having stored thereon computer instructions which when executed by a processor perform steps in a data transmission method is also provided.
Fig. 8 is a schematic diagram of an entity structure of an electronic device according to an embodiment of the present invention. As shown in fig. 8, the electronic device may include: processor 810, communication interface (Communications Interface) 820, memory 830, and communication bus 840, wherein Processor 810, communication interface 820, memory 830 accomplish communication with each other through communication bus 840. The processor 810 may call logic instructions in the memory 830 to perform the following method:
dividing target plaintext data into a plurality of plaintext data blocks based on a preset processing unit length;
converting each plaintext data block of the target plaintext data into a corresponding mapped data block, wherein the data block length of the mapped data block is maintained as the data block length of the corresponding plaintext data block;
encrypting each mapping data block by using the generated first key array to obtain a corresponding ciphertext data block, wherein the first key array is associated with the number of data blocks of the plaintext data block obtained by dividing the target plaintext data, and the data block length of the ciphertext data block is kept to be the data block length of the corresponding plaintext data block;
And sending all the ciphertext data blocks to a receiving end.
Or alternatively, the first and second heat exchangers may be,
acquiring a plurality of ciphertext data blocks from a transmitting end, wherein each ciphertext data block corresponds to a plaintext data block which is obtained by dividing target plaintext data based on a preset processing unit length by the transmitting end, and the data block length of the ciphertext data block is the same as the data block length of the corresponding plaintext data block;
decrypting each ciphertext data block by using the generated first key array to obtain a corresponding mapping data block, wherein the first key array is associated with the number of data blocks of the segmented plaintext data blocks when the ciphertext data block is generated by the transmitting end, and the data block length of the mapping data block is kept to be the data block length of the corresponding plaintext data block;
converting each mapping data block into a corresponding plaintext data block, wherein the conversion mechanism from the mapping data block to the plaintext data block is a reverse mechanism of the conversion mechanism implemented by the transmitting end on the plaintext data block;
and splicing all the plaintext data blocks according to the acquisition sequence of the corresponding ciphertext data blocks to obtain the target plaintext data.
Further, the logic instructions in the memory 830 described above may be implemented in the form of software functional units and may be stored in a computer-readable storage medium when sold or used as a stand-alone product. Based on this understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method of the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
The apparatus embodiments described above are merely illustrative, wherein the elements illustrated as separate elements may or may not be physically separate, and the elements shown as elements may or may not be physical elements, may be located in one place, or may be distributed over a plurality of network elements. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of this embodiment. Those of ordinary skill in the art will understand and implement the present invention without undue burden.
From the above description of the embodiments, it will be apparent to those skilled in the art that the embodiments may be implemented by means of software plus necessary general hardware platforms, or of course may be implemented by means of hardware. Based on this understanding, the foregoing technical solution may be embodied essentially or in a part contributing to the prior art in the form of a software product, which may be stored in a computer readable storage medium, such as ROM/RAM, a magnetic disk, an optical disk, etc., including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method described in the respective embodiments or some parts of the embodiments.
The flowcharts and block diagrams in the figures of the present application illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams or flowchart illustration, and combinations of blocks in the block diagrams or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
Those skilled in the art will appreciate that the features recited in the various embodiments and/or claims disclosed herein may be combined in various combinations and/or combinations, even if such combinations or combinations are not explicitly recited in the present application. In particular, the features recited in the various embodiments and/or claims of the present application may be combined in various combinations and/or combinations without departing from the spirit and teachings of the application, all of which are within the scope of the disclosure.
The principles and embodiments of the present invention have been described herein with reference to specific examples, which are intended to be included herein for purposes of illustration only and not to be limiting of the invention. It will be apparent to those skilled in the art that variations can be made in the present embodiments and in the scope of the application in accordance with the spirit and principles of the present invention, and any modifications, equivalent substitutions, improvements, etc. are intended to be included within the scope of the present application.
Claims (15)
1. A method of data transmission, the method comprising:
dividing target plaintext data into a plurality of plaintext data blocks based on a preset processing unit length;
converting each plaintext data block of the target plaintext data into a corresponding mapped data block, wherein a data block length of the mapped data block is maintained as a data block length of the plaintext data block;
encrypting each mapping data block by using the generated first key array to obtain a corresponding ciphertext data block, wherein the first key array is associated with the number of data blocks of the plaintext data block obtained by dividing the target plaintext data, and the data block length of the ciphertext data block is kept to be the data block length of the plaintext data block;
And transmitting all the ciphertext data blocks to the receiving end.
2. The method of claim 1, wherein generating the first key array comprises:
randomly generating a second key array and a third key array; the array length of the second key array is the preset processing unit length; the array length of the third key array is determined according to the number of data blocks of the plaintext data blocks segmented by the target plaintext data;
and carrying out logic operation on the second key array and the third key array based on a first preset logic operation to obtain the first key array.
3. The method of claim 1, wherein encrypting each of the mapped data blocks with the generated first key array to obtain a corresponding ciphertext data block comprises:
and for each mapping data block, carrying out logic operation on the mapping data block and the first key array based on a second preset logic operation, and generating a ciphertext data block corresponding to the mapping data block.
4. The method of claim 1, wherein said converting each of said plaintext data blocks of said target plaintext data into a corresponding mapped data block comprises:
Converting the mapping relation between the plaintext and the codebook into a corresponding mapping data block according to each plaintext data block; wherein the plaintext is an array of integers with values of 0 to 1 minus a preset processing unit length; the secret text is an array with randomly generated numerical values, the numerical values are not repeated, and the array length is the preset processing unit length; the mapping relation between the plaintext and the codebook is as follows: the plaintext corresponds to the element values corresponding to the same index number of the array corresponding to the codebook one by one.
5. The method according to any one of claims 1-4, wherein the method further comprises:
generating a hash value based on each block of plaintext data for the target plaintext data portion;
and sending the generated hash value to the receiving end; the hash value is used for verifying whether the receiving end is tampered in the data transmission process.
6. A method of data transmission, the method comprising:
acquiring a plurality of ciphertext data blocks from a transmitting end, wherein each ciphertext data block corresponds to a plaintext data block which is obtained by the transmitting end based on dividing target plaintext data according to a preset processing unit length, and the data block length of the ciphertext data block is the same as the data block length of the corresponding plaintext data block;
Decrypting each ciphertext data block by using the generated first key array to obtain a corresponding mapping data block, wherein the first key array is associated with the number of data blocks of the plaintext data blocks divided when the ciphertext data block is generated by the transmitting end, and the data block length of the mapping data block is kept as the data block length of the ciphertext data block;
converting each mapping data block into a corresponding plaintext data block, wherein a conversion mechanism from the mapping data block to the plaintext data block is a reverse mechanism of a conversion mechanism implemented by the transmitting end on the plaintext data block;
and splicing all the plaintext data blocks according to the corresponding acquisition sequence of the ciphertext data blocks to obtain the target plaintext data.
7. The method of claim 6, wherein generating the first key array comprises:
acquiring a second key array and a third key array which are sent by the sending end; the array length of the second key array is the preset processing unit length; the array length of the third key array is related to the number of the data blocks of the segmented plaintext data blocks when the sending end generates the ciphertext data blocks;
And carrying out logic operation on the second key array and the third key array based on a first preset logic operation to obtain the first key array.
8. The method of claim 6, wherein decrypting each of the ciphertext data blocks using the generated first key array to obtain a corresponding mapped data block comprises:
for each ciphertext data block, performing logic operation on the ciphertext data block and the first key array based on a third preset logic operation to obtain a mapping data block corresponding to the ciphertext data block;
wherein the third preset logic operation is an inverse operation of the second preset logic operation.
9. The method of claim 6, wherein said converting each of said mapped data blocks into a corresponding one of said plaintext data blocks comprises:
converting the mapping relation between the plaintext and the codebook into a corresponding plaintext data block according to each mapping data block; the plaintext is an array of integers from 0 to 1 minus the preset processing unit length; the ciphertext book is an array with non-repeated numerical values and the array length is the preset processing unit length; the mapping relation between the plaintext and the codebook is as follows: the plaintext corresponds to the element values corresponding to the same index number of the array corresponding to the codebook one by one.
10. The method according to any one of claims 6-9, wherein the method further comprises:
obtaining a hash value corresponding to a ciphertext data block sent by a sending end;
carrying out hash calculation on a plaintext data block corresponding to the ciphertext data block to obtain a hash value corresponding to the plaintext data block;
and determining whether the hash value corresponding to the ciphertext data block is consistent with the hash value corresponding to the plaintext data block corresponding to the ciphertext data block, and verifying whether the data is tampered in the data transmission process.
11. A data transmission apparatus, the apparatus comprising:
a dividing unit configured to perform dividing the target plaintext data into a plurality of plaintext data blocks based on a preset processing unit length;
a conversion unit configured to perform conversion of each of the plaintext data blocks of the target plaintext data into a corresponding mapped data block, wherein a data block length of the mapped data block is maintained as a data block length of the plaintext data block;
an encryption unit configured to encrypt each of the mapped data blocks with the generated first key array to obtain a corresponding ciphertext data block, where the first key array is associated with the number of data blocks of the plaintext data block obtained by dividing the target plaintext data, and a data block length of the ciphertext data block is maintained to be the data block length of the plaintext data block;
And the sending unit is configured to send all the ciphertext data blocks to the receiving end.
12. A data transmission apparatus, the apparatus comprising:
the acquisition unit is configured to acquire a plurality of ciphertext data blocks from a transmitting end, wherein each ciphertext data block corresponds to one plaintext data block which is obtained by the transmitting end by dividing target plaintext data based on a preset processing unit length, and the data block length of the ciphertext data block is the same as the data block length of the corresponding plaintext data block;
a decryption unit configured to decrypt each ciphertext data block by using the generated first key array to obtain a corresponding mapped data block, wherein the first key array is associated with the number of data blocks of the plaintext data block divided when the sender generates the ciphertext data block, and the data block length of the mapped data block is kept to be the data block length of the plaintext data block;
a conversion unit configured to perform conversion of each of the mapped data blocks into a corresponding one of the plaintext data blocks, wherein a conversion mechanism from the mapped data block to the plaintext data block is a reverse mechanism of a conversion mechanism implemented by the transmitting end on the plaintext data block;
And the splicing unit is configured to splice all the plaintext data blocks according to the acquisition sequence of the corresponding ciphertext data blocks to obtain the target plaintext data.
13. A data transmission system, the system comprising:
the transmitting end divides the target plaintext data into a plurality of plaintext data blocks based on a preset processing unit length; converting each plaintext data block of the target plaintext data into a corresponding mapped data block, wherein a data block length of the mapped data block is maintained as a data block length of the plaintext data block; encrypting each mapping data block by using the generated first key array to obtain a corresponding ciphertext data block, wherein the first key array is associated with the number of data blocks of the plaintext data block obtained by dividing the target plaintext data, and the data block length of the ciphertext data block is kept to be the data block length of the plaintext data block; all the ciphertext data blocks are sent to a receiving end;
the method comprises the steps that a receiving end obtains a plurality of ciphertext data blocks from a sending end, wherein each ciphertext data block corresponds to a plaintext data block which is obtained by the sending end based on dividing target plaintext data according to a preset processing unit length, and the data block length of the ciphertext data block is identical to the data block length of the corresponding plaintext data block; decrypting each ciphertext data block by using the generated first key array to obtain a corresponding mapping data block; converting each mapping data block into a corresponding plaintext data block, wherein a conversion mechanism from the mapping data block to the plaintext data block is a reverse mechanism of a conversion mechanism implemented by the transmitting end on the plaintext data block; and splicing all the plaintext data blocks according to the corresponding acquisition sequence of the ciphertext data blocks to obtain the target plaintext data.
14. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any of claims 1-5 or 6-10 when the program is executed.
15. A computer readable storage medium, on which a computer program is stored, characterized in that the program, when being executed by a processor, implements the method of any of claims 1-5 or 6-10.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310147269.1A CN116208326A (en) | 2023-02-21 | 2023-02-21 | Data transmission method, device, system, storage medium and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310147269.1A CN116208326A (en) | 2023-02-21 | 2023-02-21 | Data transmission method, device, system, storage medium and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116208326A true CN116208326A (en) | 2023-06-02 |
Family
ID=86518709
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310147269.1A Pending CN116208326A (en) | 2023-02-21 | 2023-02-21 | Data transmission method, device, system, storage medium and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116208326A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117675320A (en) * | 2023-11-30 | 2024-03-08 | 黑塔之契科技(上海)有限公司 | Data encryption and decryption method, electronic equipment and medium |
-
2023
- 2023-02-21 CN CN202310147269.1A patent/CN116208326A/en active Pending
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117675320A (en) * | 2023-11-30 | 2024-03-08 | 黑塔之契科技(上海)有限公司 | Data encryption and decryption method, electronic equipment and medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9172529B2 (en) | Hybrid encryption schemes | |
| US8942371B2 (en) | Method and system for a symmetric block cipher using a plurality of symmetric algorithms | |
| JP6067932B2 (en) | Key sharing device and method | |
| US8345861B2 (en) | Sharing a secret using polynomial division over GF(Q) | |
| KR100930577B1 (en) | Message authentication code generation method using stream cipher, authentication encryption method using stream cipher, and authentication decryption method using stream cipher | |
| US8107620B2 (en) | Simple and efficient one-pass authenticated encryption scheme | |
| CN110011995B (en) | Encryption and decryption method and device in multicast communication | |
| JP2018502320A (en) | Public key encryption system | |
| US11463235B2 (en) | Encryption device, encryption method, program, decryption device, and decryption method | |
| Koko et al. | Comparison of Various Encryption Algorithms and Techniques for improving secured data Communication | |
| CN111585759A (en) | Efficient online-offline encryption method based on SM9 public key encryption algorithm | |
| CN113726725A (en) | Data encryption and decryption method and device, electronic equipment and storage medium | |
| CN110784314A (en) | Certificateless encrypted information processing method | |
| CN112948867A (en) | Method and device for generating and decrypting encrypted message and electronic equipment | |
| CN116846556A (en) | SM 9-based data condition proxy re-encryption method, system and equipment | |
| CN116208326A (en) | Data transmission method, device, system, storage medium and electronic equipment | |
| CN117254897B (en) | Identity base matrix homomorphic encryption method based on fault-tolerant learning | |
| US11057193B2 (en) | Enhanced randomness for digital systems | |
| JP2009088641A (en) | Transmission reception method, communication system and transmitter | |
| US20140294176A1 (en) | Generating device, encryption device, decryption device, generating method, encryption method, decryption method, and computer program product | |
| EP2571192A1 (en) | Hybrid encryption schemes | |
| CN115632765A (en) | Encryption method, decryption device, electronic equipment and storage medium | |
| Abutaha et al. | New one way hash algorithm using non-invertible matrix | |
| EP1456997B1 (en) | System and method for symmetrical cryptography | |
| KR100388059B1 (en) | Data encryption system and its method using asymmetric key encryption algorithm |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |