CN117728974A - Encryption methods, devices, electronic equipment and storage media - Google Patents

Encryption methods, devices, electronic equipment and storage media Download PDF

Info

Publication number
CN117728974A
CN117728974A CN202311467004.6A CN202311467004A CN117728974A CN 117728974 A CN117728974 A CN 117728974A CN 202311467004 A CN202311467004 A CN 202311467004A CN 117728974 A CN117728974 A CN 117728974A
Authority
CN
China
Prior art keywords
data
encrypted
encryption
public key
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311467004.6A
Other languages
Chinese (zh)
Inventor
汤亿则
吕思达
黄红兵
林旭恺
李印宜
段玉帅
章林
刘�文
杨颖琦
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Information and Telecommunication Branch of State Grid Zhejiang Electric Power Co Ltd
Beijing Zhongdian Feihua Communication Co Ltd
Original Assignee
Information and Telecommunication Branch of State Grid Zhejiang Electric Power Co Ltd
Beijing Zhongdian Feihua Communication Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Information and Telecommunication Branch of State Grid Zhejiang Electric Power Co Ltd, Beijing Zhongdian Feihua Communication Co Ltd filed Critical Information and Telecommunication Branch of State Grid Zhejiang Electric Power Co Ltd
Priority to CN202311467004.6A priority Critical patent/CN117728974A/en
Publication of CN117728974A publication Critical patent/CN117728974A/en
Pending legal-status Critical Current

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

The disclosure provides an encryption method, an encryption device, an electronic device and a storage medium, comprising: obtaining data to be encrypted of target equipment; generating a public key of the data to be encrypted based on the device identification of the target device; determining an encryption key of the data to be encrypted based on a preset private key and the public key; and encrypting the data to be encrypted based on the encryption key to obtain an encrypted ciphertext. In the disclosure, firstly, public key information of data to be encrypted is determined based on a device identifier, then an encryption key is generated according to preset private key information and public key information, and finally, the encryption key is used for encrypting the data to be encrypted, and an encrypted ciphertext is obtained.

Description

Encryption method, encryption device, electronic equipment and storage medium
Technical Field
The present invention relates to the field of communications technologies, and in particular, to an encryption method, an encryption device, an electronic device, and a storage medium.
Background
In recent years, with the continuous development of integration of the network, the electric power emergency communication service gradually goes into the field of view of people. The power emergency communication service is carried based on a satellite network, and has higher security compared with other ground networks, but is also exposed to hacking risks. Therefore, how to ensure the safety of the power emergency communication service becomes a problem to be solved.
In the prior art, a password encryption method is generally used to ensure the safety of the power emergency communication service. Which generates a public key through a certificate Public Key Infrastructure (PKI) and then combines with a verification private key to generate an encrypted password. However, because the power emergency communication network has diversity and specificity requirements, the traditional PKI encryption method cannot realize more targeted encryption.
Disclosure of Invention
In view of the above, the present disclosure is directed to an encryption method, an encryption device, an electronic device, and a storage medium.
As one aspect of the present disclosure, there is provided an encryption method including:
obtaining data to be encrypted of target equipment;
generating a public key of the data to be encrypted based on the device identification of the target device;
determining an encryption key of the data to be encrypted based on a preset private key and the public key;
and encrypting the data to be encrypted based on the encryption key to obtain an encrypted ciphertext.
Optionally, after the obtaining the data to be encrypted of the target device, the method further includes:
determining a transmission channel of the data to be encrypted;
generating header data of the data to be encrypted based on the transmission channel;
and performing splicing processing on the header data and the data to be encrypted to obtain a data message.
Optionally, the generating the public key of the data to be encrypted based on the device identifier of the target device includes:
determining a device identification of the target device and an accompanying public key based on signature information of the target device;
determining a message authentication code of the data to be encrypted based on the device identification and the accompanying public key;
and generating a public key of the data to be encrypted based on the message authentication code.
Optionally, the generating the public key of the data to be encrypted based on the message authentication code includes:
grouping the message authentication codes and obtaining grouped message authentication codes;
generating a public key selection set based on the grouped message authentication code and a preset public key matrix;
traversing the public key selection set and determining a number of alternative public keys;
and adding the public keys and the accompanying public keys to obtain the public key of the data to be encrypted.
Optionally, the encrypting the data to be encrypted based on the encryption key and obtaining an encrypted ciphertext includes:
encrypting the message to be data based on the encryption key to obtain an encrypted ciphertext;
after the encrypted ciphertext is obtained, the method further comprises the following steps:
generating a time stamp of the encrypted ciphertext based on a preset private key, and generating a data packet based on the encrypted ciphertext and the time stamp;
and sending the data packet to a target terminal.
Optionally, the sending the data packet to the target terminal includes:
determining header information of the data packet;
modifying the header information based on the position information of the target terminal to obtain modified header information;
carrying out recombination processing on the data packet based on the modified header information to obtain a recombined data packet;
and sending the recombined data packet to the target terminal.
Optionally, the sending the reassembled data packet to the target terminal includes:
determining the time stamp information of the reorganized data packet;
and transmitting the reorganized data packet to the target terminal in response to the fact that the time stamp information is smaller than a preset value.
As a second aspect of the present disclosure, the present disclosure also provides an encryption apparatus including:
a data acquisition module configured to: obtaining data to be encrypted of target equipment;
a public key generation module configured to: generating a public key of the data to be encrypted based on the device identification of the target device;
a key generation module configured to: determining an encryption key of the data to be encrypted based on a preset private key and the public key;
an encryption processing module configured to: and encrypting the data to be encrypted based on the encryption key to obtain an encrypted ciphertext.
As a third aspect of the disclosure, the disclosure further provides an electronic device, including a memory, a processor, and a computer program stored on the memory and executable on the processor, the processor implementing the encryption method provided by the disclosure when the program is executed.
As a fourth aspect of the disclosure, the disclosure also provides a non-transitory computer-readable storage medium storing computer instructions for causing a computer to perform the method of any one of the above.
As described above, in the present disclosure, first, public key information of data to be encrypted is determined based on a device identifier, then an encryption key is generated according to preset private key information and public key information, and finally, the data to be encrypted is encrypted using the encryption key, and an encrypted ciphertext is obtained.
Drawings
In order to more clearly illustrate the technical solutions of the present disclosure or related art, the drawings required for the embodiments or related art description will be briefly described below, and it is apparent that the drawings in the following description are only embodiments of the present disclosure, and other drawings may be obtained according to these drawings without inventive effort to those of ordinary skill in the art.
Fig. 1A is a schematic diagram of an encryption method according to an embodiment of the disclosure.
Fig. 1B is a schematic diagram of a method for generating a public key according to an embodiment of the disclosure.
Fig. 1C is a schematic diagram of a method for generating a public key based on a message authentication code according to an embodiment of the disclosure.
Fig. 2 is a schematic structural diagram of an encryption device according to an embodiment of the disclosure.
Fig. 3 is a schematic structural diagram of an electronic device according to an embodiment of the present disclosure.
Detailed Description
For the purposes of promoting an understanding of the principles and advantages of the disclosure, reference will now be made to the embodiments illustrated in the drawings and specific language will be used to describe the same.
It should be noted that unless otherwise defined, technical or scientific terms used in the embodiments of the present disclosure should be given the ordinary meaning as understood by one of ordinary skill in the art to which the present disclosure pertains. The terms "first," "second," and the like, as used in embodiments of the present disclosure, do not denote any order, quantity, or importance, but rather are used to distinguish one element from another. The word "comprising" or "comprises", and the like, means that elements or items preceding the word are included in the element or item listed after the word and equivalents thereof, but does not exclude other elements or items. The terms "connected" or "connected," and the like, are not limited to physical or mechanical connections, but may include electrical connections, whether direct or indirect. "upper", "lower", "left", "right", etc. are used merely to indicate relative positional relationships, which may also be changed when the absolute position of the object to be described is changed.
In recent years, with the continuous development of integration of the network, the electric power emergency communication service gradually goes into the field of view of people. The power emergency communication service is carried based on a satellite network, and has higher security compared with other ground networks, but is also exposed to hacking risks. Therefore, how to ensure the safety of the power emergency communication service becomes a problem to be solved.
In the prior art, a password encryption method is generally used to ensure the safety of the power emergency communication service. Which generates a public key through a certificate Public Key Infrastructure (PKI) and then combines with a verification private key to generate an encrypted password. However, because the power emergency communication network has diversity and specificity requirements, the traditional PKI encryption method cannot realize more targeted encryption.
In order to solve the above problems, the present disclosure provides an encryption method, an encryption device, an electronic apparatus, and a storage medium. Through the method, public key information of the data to be encrypted is determined firstly based on the equipment identifier, then an encryption key is generated according to preset private key information and public key information, and finally the data to be encrypted is encrypted by using the encryption key, so that an encrypted ciphertext is obtained.
In the present disclosure, since the public key of its key is generated based on the device identification of the target device, it can directly determine the source of the data to be encrypted, and the receiving terminal of the data to be encrypted, based on the public key. And further, the power consumption and time delay of the electric power emergency communication service when encrypting the data to be encrypted can be reduced, and finally, the more targeted encryption process of the data to be encrypted can be realized.
Having described the basic principles of the present disclosure, various non-limiting embodiments of the present disclosure are specifically described below.
Fig. 1A is a schematic diagram of an encryption method according to an embodiment of the disclosure.
The encryption method shown in fig. 1A further includes the steps of:
step S10: and obtaining the data to be encrypted of the target equipment.
In some alternative embodiments, the encryption methods in the present disclosure may be implemented by an encryption model. Specifically, the encryption model may first determine data to be encrypted in the target device. The target device may be any device that needs to encrypt the data resource, and in this embodiment, the power device is taken as an example for illustration. Similarly, the data to be encrypted may be any data having encryption requirements, and in this embodiment, power data is taken as an example for illustration.
In some optional embodiments, the process of obtaining, by the encryption model, the data to be encrypted in the target device may further include determining, by the encryption model, a data storage unit in the power device for storing the data, then performing security verification on the power data in the data storage unit by the encryption model based on a preset security level, and finally using, by the encryption model, the power data with the security level reaching the preset value as the data to be encrypted.
In some alternative embodiments, the process of securely verifying the power data in the data storage unit by the encryption model based on the preset security level may be understood as that the foregoing data storage unit typically stores a plurality of power data. In general, in order to save encryption resources and simplify the data reading process, encryption processing is not required for all power data. Therefore, in the present disclosure, the method for verifying the security level determines the power data to be encrypted, that is, the data to be encrypted, from the plurality of power data.
In some optional embodiments, the security level verification method in the present disclosure may be specifically understood that the encryption model may first obtain importance degrees of a plurality of pieces of power data, then may classify the plurality of pieces of power data based on the importance degrees, then the encryption model may classify the classified plurality of pieces of power data into security levels, and finally, the encryption model may select the pieces of power data that need to be encrypted based on different security levels.
In some alternative embodiments, the aforementioned security level verification method may also be interpreted in that the encryption model first obtains the importance level of several power data uploaded via the responsible person. For example, the responsible person uploads "power data a-importance level 1; the electric power data B-importance degree 2; power data C-importance 3".
In some alternative embodiments, the encryption model may then classify the number of power data based on their importance. For example, the power data class having an importance level of 1 is "most important", the power data class having an importance level of 2 is "secondary", the power data class having an importance level of 3 is "unimportant", and the like.
In some alternative embodiments, the encryption model may then classify the classified power data for a security level. For example, the security level of the power data of which the importance degree is the "most important" is determined as "one level", the security level of the power data of which the importance degree is the "less important" is determined as "two level", and the security level of the power data of which the importance degree is the "less important" is determined as "three level".
In some alternative embodiments, the final encryption model may select the power data that needs to be encrypted based on different security levels. For example, the encryption model obtains the security level of the data to be encrypted from the responsible person in priority as "two or more". And the encryption model takes the determined electric power data with the security level of 'primary' and 'secondary' as the data to be encrypted in the encryption process.
In some alternative embodiments, after step S10, the method further comprises:
s101: and determining a transmission channel of the data to be encrypted.
S102: and generating header data of the data to be encrypted based on the transmission channel.
S103: and performing splicing processing on the header data and the data to be encrypted to obtain a data message.
In some alternative embodiments, the data to be encrypted may be a representation of the data in any format. For example, the data to be encrypted may be binary data or the like. However, since the encryption model has a fixed input format, if the format of the data to be encrypted does not match the input format of the encryption system, the encryption model cannot encrypt the data to be encrypted. In addition, the data to be encrypted also needs to be transmitted after encryption, so that a transmission channel of the data to be encrypted also needs to be defined before the data to be encrypted is encrypted, so that the data to be encrypted can be smoothly transmitted to a data receiving terminal.
In some alternative embodiments, based on the above-mentioned problems, after the encryption model obtains the data to be encrypted, the format and the transmission channel of the data to be encrypted need to be determined, so as to generate the data packet in the disclosure. Specifically, the encryption model may first process the format of the data to be encrypted. For example, the encryption model may first determine that the format requirement of its own input port is "hex". Then, the encryption model performs formatting processing on the data to be encrypted, so that the data to be encrypted is converted into a hexagram data form, and the formatted data to be encrypted is obtained.
In some optional embodiments, after the encryption model obtains the formatted data to be encrypted, a transmission channel of the formatted data to be encrypted may be determined, then header data of the formatted data to be encrypted is generated based on information of the transmission channel, and finally the encryption model may perform data splicing processing on the header data and the formatted data to be encrypted, so as to obtain a data packet.
In some optional embodiments, the data to be encrypted may conform to the format requirement of the input port of the encryption model in the present disclosure by converting the format of the data to be encrypted. Meanwhile, the method and the device also determine the transmission channel of the data to be encrypted, and generate the data message based on the data header generated by the transmission channel and the formatted data to be encrypted, so that the encryption model in the method and the device can directly determine the position of the receiving terminal based on the header information in the data message of the data to be encrypted, and further the transmission process of the data to be encrypted in the method and the device is convenient.
Step S20: generating a public key of the data to be encrypted based on the device identification of the target device.
Fig. 1B is a schematic diagram of a method for generating a public key according to an embodiment of the disclosure.
In some alternative embodiments, as shown in fig. 1B, step S20 further includes:
s201: a device identification of the target device and an accompanying public key are determined based on the signature information of the target device.
S202: a message authentication code for the data to be encrypted is determined based on the device identification and the accompanying public key.
S203: and generating a public key of the data to be encrypted based on the message authentication code.
Fig. 1C is a schematic diagram of a method for generating a public key based on a message authentication code according to an embodiment of the disclosure.
In some alternative embodiments, as shown in fig. 1C, step S203 further includes:
s2031: and carrying out grouping processing on the message authentication code and obtaining the grouped message authentication code.
S2032: and generating a public key selection set based on the grouped message authentication code and a preset public key matrix.
S2033: the public key selection set is traversed and a number of alternative public keys are determined.
S2034: and adding the public keys and the accompanying public keys to obtain the public key of the data to be encrypted.
In some alternative embodiments, the encryption model may also determine the device identification of the target device and accompanying public key information based on the signature information of the target device after generating the data message. Specifically, each target device has its own device identifier, so as to determine information such as a category and an attribute of the target device. For example, the target device in the present disclosure is a power device, and the device identifier of this power device may include "power generation amount 500W, power" or the like.
In some alternative embodiments, after determining the device identifier of the target device, the encryption model may use the information of the device identifier as data to determine a message authentication code of the data to be encrypted of the target device along with the public key as a key. The foregoing process of calculating the message authentication code may be implemented by a hash calculation method. It can be understood that the foregoing calculation process of the message authentication code may be implemented by other calculation methods, and in this embodiment, only a hash calculation is described as an example.
In some alternative embodiments, after obtaining the message authentication code of the data to be encrypted, the encryption model may perform packet processing on the message authentication code based on the type of the message authentication code, so as to divide the message authentication codes with the same type into the same group. The encryption model may then generate a public key selection set based on the packetized message authentication code and a pre-set public key matrix.
In some alternative embodiments, the encryption model, after deriving the public key selection set, may traverse the public key selection set and randomly determine a number of alternative public keys in the public key selection set. Finally, the encryption model may add the plurality of public keys and the foregoing accompanying public keys, so as to obtain the public key of the data to be encrypted in the disclosure.
Step S30: and determining an encryption key of the data to be encrypted based on a preset private key and the public key.
In some alternative embodiments, after obtaining the public key of the data to be encrypted, the encryption model may determine the encryption key of the data to be encrypted based on the preset private key and the public key. Specifically, the encryption model may first obtain an encryption key of the data to be encrypted through a key generation algorithm based on a preset private key and the public key.
In some alternative embodiments, the encryption model, after obtaining the encryption key for the data to be encrypted, may then conduct key agreement based on the encryption key. Specifically, the data transmission process of the data to be encrypted may be a data transmitting end and a data receiving terminal. For example, in the present disclosure the data to be encrypted may be sent to the enterprise user via the power device. That is, the transmitting end is the power equipment, and the receiving terminal is the enterprise user.
In some alternative embodiments, the encryption model may be located at the power device. I.e. at the transmitting end. After the data to be encrypted is encrypted at the transmitting end, the encrypted data can be further transmitted to the receiving end based on the encryption model. In order to enable the receiving end to smoothly read the encrypted data after receiving the encrypted data, the receiving end needs to know the encryption key of the encrypted data, and then the receiving end can decrypt the encrypted data based on the encryption key.
In some alternative embodiments, the process of knowing the encryption key of the encrypted data by the receiving end may be implemented by a key negotiation method. Specifically, after the encryption model in the transmitting end generates the encryption key of the data to be encrypted, the transmitting end may send the encryption key to the receiving end for negotiation. If the receiving end agrees to use the encryption key, the negotiation is successful, and the receiving end knows the specific content of the encryption key, so that the encrypted data can be decrypted based on the encryption key.
Step S40: and encrypting the data to be encrypted based on the encryption key to obtain an encrypted ciphertext.
In some alternative embodiments, step S40 further comprises:
s401: and encrypting the message to be data based on the encryption key to obtain an encrypted ciphertext.
In some alternative embodiments, after the encryption model generates the encryption key and performs key negotiation with the receiving terminal, the encryption model may encrypt the foregoing data packet based on the encryption key, so as to obtain the encrypted ciphertext.
In some alternative embodiments, after step S40, the method further comprises:
s50: and generating a time stamp of the encrypted ciphertext based on a preset private key, and generating a data packet based on the encrypted ciphertext and the time stamp.
S60: and sending the data packet to a target terminal.
In some alternative embodiments, step S60 further comprises:
s601: header information of the data packet is determined.
S602: and modifying the header information based on the position information of the target terminal to obtain modified header information.
S603: and carrying out recombination processing on the data packet based on the modified header information to obtain a recombined data packet.
S604: and sending the recombined data packet to the target terminal.
In some alternative embodiments, step S604 further comprises:
s6041: and determining the time stamp information of the reorganized data packet.
S6042: and transmitting the reorganized data packet to the target terminal in response to the fact that the time stamp information is smaller than a preset value.
In some alternative embodiments, after the encryption model generates the encrypted ciphertext, the encrypted ciphertext may be sent to the receiving terminal, so that the receiving terminal may decrypt the encrypted ciphertext based on the encryption key, and may further obtain unencrypted power data.
In some alternative embodiments, since the transmission process of the encrypted data needs to be implemented on the internet of things, the receiving terminal and the encrypted data may be attacked and affected by a hacker during the transmission process. For example, a hacker may intercept the encrypted ciphertext such that the receiving terminal cannot receive the important encrypted ciphertext. Or, the network hacker can repeatedly send the intercepted encrypted ciphertext to the receiving terminal for a plurality of times within a certain time, so as to consume the network computing power of the receiving terminal to a great extent, and further cause the network of the receiving terminal to crash. Or, the hacker may acquire the location information of the receiving terminal based on the header information of the encrypted ciphertext, and then attack the location information of the receiving terminal.
In some alternative embodiments, to avoid this, it also uses a time-stamped manner to transfer data to the encrypted ciphertext in this disclosure. Specifically, after the encryption model generates the encrypted ciphertext, the encryption model may also generate the timestamp of the data to be encrypted based on the preset private key, further generate a data packet based on the encrypted ciphertext and the timestamp, and finally send the data packet to the target terminal, that is, the receiving terminal.
In some alternative embodiments, the process of sending the foregoing data packet to the target terminal may be specifically that the encryption model may first determine header information of the foregoing data packet, and then modify (e.g. hide, etc.) this header information based on the location information of the foregoing target terminal, so as to obtain modified header information. Finally, the encryption model can reorganize the data packet based on the modified header information, so as to obtain the reorganized data packet. The encryption model may then send the reassembled packet to the destination terminal.
In some optional embodiments, the header information is modified according to the location information of the target terminal, so that the location information of the target terminal is not displayed in the data header information of the data packet, and further, the situation that a hacker initiates an attack on the target terminal after obtaining the location information of the target terminal can be avoided.
In some alternative embodiments, the process of the encryption model sending the reassembled packet to the destination terminal may be specifically that the encryption model may first determine the timestamp information of the reassembled packet. And then, when the time stamp information is smaller than a preset value, the recombined data packet is sent to the target terminal. It is understood that the foregoing preset value may be any time set via a person.
In some alternative embodiments, the foregoing time stamp verification process may be understood as sending the encrypted ciphertext to the target terminal if the time information of the foregoing time stamp is "3s" and the preset value is "4s", and enabling the receiving terminal to receive the encrypted ciphertext. If the time information of the time stamp is "3s" and the preset value is "2s", the encrypted ciphertext is not sent to the target terminal, so that the receiving terminal does not accept the encrypted ciphertext.
In some optional embodiments, by setting the timestamp in the present disclosure, the encrypted ciphertext in the present disclosure may be received by the target (receiving) terminal only when the timestamp information is smaller than a preset value, so as to avoid replay attack of a hacker. Namely, the situation that a network hacker sends the encrypted ciphertext to the receiving terminal for a plurality of times within a certain time is avoided.
By the method, public key information of the data to be encrypted is determined based on the equipment identifier, then an encryption key is generated according to preset private key information and public key information, and finally the data to be encrypted is encrypted by using the encryption key, so that an encrypted ciphertext is obtained.
In the present disclosure, since the public key of its key is generated based on the device identification of the target device, it can directly determine the source of the data to be encrypted, and the receiving terminal of the data to be encrypted, based on the public key. And further, the power consumption and time delay of the electric power emergency communication service when encrypting the data to be encrypted can be reduced, and finally, the more targeted encryption process of the data to be encrypted can be realized.
Based on the same technical concept, the present disclosure also provides an encryption device corresponding to the method of any embodiment, where the encryption device provided by the present disclosure can implement the encryption method of any embodiment.
Fig. 2 is a schematic structural diagram of an encryption device according to an embodiment of the disclosure.
The encryption device shown in fig. 2 further includes the following modules:
a data acquisition module 10, a public key generation module 20, a key generation module 30, and an encryption processing module 40;
wherein the data acquisition module 10 is configured to: and obtaining the data to be encrypted of the target equipment. The method specifically comprises the following steps:
determining a transmission channel of the data to be encrypted;
generating header data of the data to be encrypted based on the transmission channel;
and performing splicing processing on the header data and the data to be encrypted to obtain a data message.
The public key generation module 20 is configured to: generating a public key of the data to be encrypted based on the device identification of the target device. The method specifically comprises the following steps:
determining a device identification of the target device and an accompanying public key based on signature information of the target device;
determining a message authentication code of the data to be encrypted based on the device identification and the accompanying public key;
generating a public key of the data to be encrypted based on the message authentication code, including:
grouping the message authentication codes and obtaining grouped message authentication codes;
generating a public key selection set based on the grouped message authentication code and a preset public key matrix;
traversing the public key selection set and determining a number of alternative public keys;
and adding the public keys and the accompanying public keys to obtain the public key of the data to be encrypted.
The key generation module 30 is configured to: and determining an encryption key of the data to be encrypted based on a preset private key and the public key.
The encryption processing module 40 is configured to: and encrypting the data to be encrypted based on the encryption key to obtain an encrypted ciphertext. The method specifically comprises the following steps:
encrypting the message to be data based on the encryption key to obtain an encrypted ciphertext;
after the encrypted ciphertext is obtained, the method further comprises the following steps:
generating a time stamp of the encrypted ciphertext based on a preset private key, and generating a data packet based on the encrypted ciphertext and the time stamp;
and transmitting the data packet to a target terminal, including:
determining header information of the data packet;
modifying the header information based on the position information of the target terminal to obtain modified header information;
carrying out recombination processing on the data packet based on the modified header information to obtain a recombined data packet;
and sending the reorganized data packet to the target terminal, including:
determining the time stamp information of the reorganized data packet;
and transmitting the reorganized data packet to the target terminal in response to the fact that the time stamp information is smaller than a preset value.
Based on the same technical concept, the present disclosure also provides an electronic device corresponding to the method of any embodiment, which includes a memory, a processor, and a computer program stored on the memory and capable of running on the processor, where the processor implements the encryption method of any embodiment when executing the program.
Fig. 3 shows a more specific hardware architecture of an electronic device according to this embodiment, where the device may include: a processor 1010, a memory 1020, an input/output interface 1030, a communication interface 1040, and a bus 1050. Wherein processor 1010, memory 1020, input/output interface 1030, and communication interface 1040 implement communication connections therebetween within the device via a bus 1050.
The processor 1010 may be implemented by a general-purpose CPU (Central Processing Unit ), microprocessor, application specific integrated circuit (Application Specific Integrated Circuit, ASIC), or one or more integrated circuits, etc. for executing relevant programs to implement the technical solutions provided in the embodiments of the present disclosure.
The Memory 1020 may be implemented in the form of ROM (Read Only Memory), RAM (Random Access Memory ), static storage device, dynamic storage device, or the like. Memory 1020 may store an operating system and other application programs, and when the embodiments of the present specification are implemented in software or firmware, the associated program code is stored in memory 1020 and executed by processor 1010.
The input/output interface 1030 is used to connect with an input/output module for inputting and outputting information. The input/output module may be configured as a component in a device (not shown) or may be external to the device to provide corresponding functionality. Wherein the input devices may include a keyboard, mouse, touch screen, microphone, various types of sensors, etc., and the output devices may include a display, speaker, vibrator, indicator lights, etc.
Communication interface 1040 is used to connect communication modules (not shown) to enable communication interactions of the present device with other devices. The communication module may implement communication through a wired manner (such as USB, network cable, etc.), or may implement communication through a wireless manner (such as mobile network, WIFI, bluetooth, etc.).
Bus 1050 includes a path for transferring information between components of the device (e.g., processor 1010, memory 1020, input/output interface 1030, and communication interface 1040).
It should be noted that although the above-described device only shows processor 1010, memory 1020, input/output interface 1030, communication interface 1040, and bus 1050, in an implementation, the device may include other components necessary to achieve proper operation. Furthermore, it will be understood by those skilled in the art that the above-described apparatus may include only the components necessary to implement the embodiments of the present description, and not all the components shown in the drawings.
The electronic device of the foregoing embodiment is configured to implement the corresponding encryption method in any of the foregoing embodiments, and has the beneficial effects of the corresponding method embodiment, which is not described herein.
Based on the same technical concept, the present disclosure also provides a non-transitory computer-readable storage medium storing computer instructions for causing the computer to perform the encryption method according to any of the above embodiments, corresponding to the method of any of the above embodiments.
The computer readable media of the present embodiments, including both permanent and non-permanent, removable and non-removable media, may be used to implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device.
The storage medium of the above embodiment stores computer instructions for causing the computer to perform the encryption method according to any one of the above embodiments, and has the advantages of the corresponding method embodiments, which are not described herein.
Those of ordinary skill in the art will appreciate that: the discussion of any of the embodiments above is merely exemplary and is not intended to suggest that the scope of the disclosure, including the claims, is limited to these examples; the technical features of the above embodiments or in the different embodiments may also be combined under the idea of the present disclosure, the steps may be implemented in any order, and there are many other variations of the different aspects of the embodiments of the present disclosure as described above, which are not provided in details for the sake of brevity.
Additionally, well-known power/ground connections to Integrated Circuit (IC) chips and other components may or may not be shown within the provided figures, in order to simplify the illustration and discussion, and so as not to obscure the embodiments of the present disclosure. Furthermore, the devices may be shown in block diagram form in order to avoid obscuring the embodiments of the present disclosure, and this also accounts for the fact that specifics with respect to implementation of such block diagram devices are highly dependent upon the platform on which the embodiments of the present disclosure are to be implemented (i.e., such specifics should be well within purview of one skilled in the art). Where specific details (e.g., circuits) are set forth in order to describe example embodiments of the disclosure, it should be apparent to one skilled in the art that embodiments of the disclosure can be practiced without, or with variation of, these specific details. Accordingly, the description is to be regarded as illustrative in nature and not as restrictive.
While the present disclosure has been described in conjunction with specific embodiments thereof, many alternatives, modifications, and variations of those embodiments will be apparent to those skilled in the art in light of the foregoing description. For example, other memory architectures (e.g., dynamic RAM (DRAM)) may use the embodiments discussed.
The disclosed embodiments are intended to embrace all such alternatives, modifications and variances which fall within the broad scope of the appended claims. Accordingly, any omissions, modifications, equivalents, improvements, and the like, which are within the spirit and principles of the embodiments of the disclosure, are intended to be included within the scope of the disclosure.

Claims (10)

1. An encryption method, comprising:
obtaining data to be encrypted of target equipment;
generating a public key of the data to be encrypted based on the device identification of the target device;
determining an encryption key of the data to be encrypted based on a preset private key and the public key;
and encrypting the data to be encrypted based on the encryption key to obtain an encrypted ciphertext.
2. The method of claim 1, wherein after the obtaining the data to be encrypted of the target device, the method further comprises:
determining a transmission channel of the data to be encrypted;
generating header data of the data to be encrypted based on the transmission channel;
and performing splicing processing on the header data and the data to be encrypted to obtain a data message.
3. The method of claim 2, wherein the generating the public key of the data to be encrypted based on the device identification of the target device comprises:
determining a device identification of the target device and an accompanying public key based on signature information of the target device;
determining a message authentication code of the data to be encrypted based on the device identification and the accompanying public key;
and generating a public key of the data to be encrypted based on the message authentication code.
4. A method according to claim 3, wherein said generating a public key of said data to be encrypted based on said message authentication code comprises:
grouping the message authentication codes and obtaining grouped message authentication codes;
generating a public key selection set based on the grouped message authentication code and a preset public key matrix;
traversing the public key selection set and determining a number of alternative public keys;
and adding the public keys and the accompanying public keys to obtain the public key of the data to be encrypted.
5. The method of claim 4, wherein encrypting the data to be encrypted based on the encryption key and obtaining an encrypted ciphertext comprises:
encrypting the message to be data based on the encryption key to obtain an encrypted ciphertext;
after the encrypted ciphertext is obtained, the method further comprises the following steps:
generating a time stamp of the encrypted ciphertext based on a preset private key, and generating a data packet based on the encrypted ciphertext and the time stamp;
and sending the data packet to a target terminal.
6. The method of claim 5, wherein the sending the data packet to the target terminal comprises:
determining header information of the data packet;
modifying the header information based on the position information of the target terminal to obtain modified header information;
carrying out recombination processing on the data packet based on the modified header information to obtain a recombined data packet;
and sending the recombined data packet to the target terminal.
7. The method of claim 6, wherein the sending the reassembled packet to the destination terminal includes:
determining the time stamp information of the reorganized data packet;
and transmitting the reorganized data packet to the target terminal in response to the fact that the time stamp information is smaller than a preset value.
8. An encryption apparatus, comprising:
a data acquisition module configured to: obtaining data to be encrypted of target equipment;
a public key generation module configured to: generating a public key of the data to be encrypted based on the device identification of the target device;
a key generation module configured to: determining an encryption key of the data to be encrypted based on a preset private key and the public key;
an encryption processing module configured to: and encrypting the data to be encrypted based on the encryption key to obtain an encrypted ciphertext.
9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any one of claims 1 to 7 when the program is executed by the processor.
10. A non-transitory computer readable storage medium storing computer instructions for causing a computer to perform the method of any one of claims 1 to 7.
CN202311467004.6A 2023-11-06 2023-11-06 Encryption methods, devices, electronic equipment and storage media Pending CN117728974A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311467004.6A CN117728974A (en) 2023-11-06 2023-11-06 Encryption methods, devices, electronic equipment and storage media

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311467004.6A CN117728974A (en) 2023-11-06 2023-11-06 Encryption methods, devices, electronic equipment and storage media

Publications (1)

Publication Number Publication Date
CN117728974A true CN117728974A (en) 2024-03-19

Family

ID=90206045

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311467004.6A Pending CN117728974A (en) 2023-11-06 2023-11-06 Encryption methods, devices, electronic equipment and storage media

Country Status (1)

Country Link
CN (1) CN117728974A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN120856932A (en) * 2025-09-16 2025-10-28 上海创米数联智能科技发展股份有限公司 Video data encryption storage method and device, encrypted video playback method and device, and camera device

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN120856932A (en) * 2025-09-16 2025-10-28 上海创米数联智能科技发展股份有限公司 Video data encryption storage method and device, encrypted video playback method and device, and camera device

Similar Documents

Publication Publication Date Title
CN112291190B (en) Identity authentication method, terminal and server
JP7717915B2 (en) Systems and methods for distributed online identity verification
US12381728B2 (en) Accessory assisted account recovery
CN114553590B (en) Data transmission method and related equipment
CN103235906B (en) A kind of application program encryption, decryption method and encryption, decryption device
CN113742709B (en) Information processing method and device, readable medium and electronic equipment
CN107342861B (en) Data processing method, device and system
CN105099673A (en) Authorization method, method and device for requesting authorization
CN110858249A (en) A kind of database file encryption method, decryption method and related device
CN114338247B (en) Data transmission method and apparatus, electronic device, storage medium, and program product
CN114124440B (en) Secure transmission methods, devices, computer equipment and storage media
CN111010283B (en) Method and apparatus for generating information
CN117728974A (en) Encryption methods, devices, electronic equipment and storage media
CN105681256A (en) Audio communication method and audio communication application device
CN111885510B (en) Attendance checking method, attendance checking client and attendance checking system
CN118133355B (en) Federated learning method and related equipment based on identity-based homomorphic signature
CN114553438A (en) Data transmission method and device, electronic equipment and storage medium
CN114338156A (en) Data processing method, device and storage medium
CN116170144B (en) Smart power grid anonymous authentication method, electronic equipment and storage medium
CN117768181A (en) Data secure transmission methods, related equipment and vehicles
CN118612483B (en) Live broadcast permission creation method and device and electronic equipment
CN120128393B (en) Data encryption methods, devices, equipment, storage media and products
CN115935379A (en) Business processing method, device, device, and computer-readable storage medium
US20260128875A1 (en) Data transmission method and related device
CN116545672B (en) Node authentication methods, devices, electronic devices and storage media

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination