CN102739406A - Method for securely transmitting equipment information - Google Patents
Method for securely transmitting equipment information Download PDFInfo
- Publication number
- CN102739406A CN102739406A CN201210248144XA CN201210248144A CN102739406A CN 102739406 A CN102739406 A CN 102739406A CN 201210248144X A CN201210248144X A CN 201210248144XA CN 201210248144 A CN201210248144 A CN 201210248144A CN 102739406 A CN102739406 A CN 102739406A
- Authority
- CN
- China
- Prior art keywords
- data
- key
- result
- facility information
- execution
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 33
- 230000005540 biological transmission Effects 0.000 claims description 19
- 230000007246 mechanism Effects 0.000 claims description 15
- 230000004044 response Effects 0.000 claims description 2
- 230000000903 blocking effect Effects 0.000 description 12
- 238000010586 diagram Methods 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 230000006399 behavior Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000008901 benefit Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
- 230000035945 sensitivity Effects 0.000 description 1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a method for securely transmitting equipment information, relating to the filed of information security. By the method, a data packet is integrally encrypted after a CPU (Central Processing Unit) card receives the data packet and an adopted encryption key is readable outside the CPU card, thereby solving the problem that the information security of the CPU card is low. The method comprises the following steps: receiving the data packet and judging whether the second byte of the data packet is equal to a fixed value by the card; carrying out corresponding operation if the second byte of the data packet is not equal to the fixed value; carrying out the first operation on the data field of the data packet to generate a first key if the second byte of the data packet is equal to the fixed value; then carrying out the second operation to generate a second key; carrying out the third operation on the second key by using the first key to generate a third key; carrying out encryption operation on the key part of the data marked in the card by using the third key; substituting the key part of the data marked in the card by using the encrypted result, wherein other parts are not changed; and then splicing with the second key in sequence to obtain result data, and sending the result data.
Description
Technical field
The present invention relates to information security field, particularly a kind of method of safe transmission facility information.
Background technology
The conventional magnetic card technique is simple, and magnetic strip information is prone to be replicated, and the case of forge magnetic stripe card, usurping magnetic strip information frequently takes place, and this has caused huge loss for holder, card sending mechanism.And CPU card technique content is higher relatively, has reduced to a great extent and has been forged the probability that duplicates.
Mobile phone uses the CPU card can do mobile payment.Mobile payment service is that mobile operator and financial department cooperation are released, through the mobile phone behavior of paying, pay the fees or the electronic transaction of consuming professional.One of means that mobile payment will be paid by mails as future, especially commercial on a large scale at 3G, smart mobile phone will become people's means of payment the most easily after popularizing, and market development has a high potential.
Handle in the process of security device information at present; The inventor finds to exist at least in the prior art following problem: behind the CPU card receiver packet; Packet is encrypted; Conventional cryptography is just encrypted data integral body, and the encryption key that is adopted is readable outside the CPU card, thereby has reduced the fail safe of CPU card information.
Summary of the invention
For addressing the deficiencies of the prior art, the invention provides a kind of method of safe transmission facility information.
The scheme that the present invention takes is: a kind of method of safe transmission facility information, may further comprise the steps,
Step S1: equipment receiving data bag;
Step S2: whether the preset byte of judging the said packet receive equals first preset value, is execution in step S3-step S8 then, otherwise execution in step S9;
Step S3: equipment is carried out first operation of making an appointment with the key of making an appointment to the data field of the said packet that receives and is obtained first operating result, and generates first key according to said first operating result;
Step S4: specific data is carried out second operation obtain second operating result, and generate second key according to said second operating result;
Step S5: carry out the 3rd operation of making an appointment according to said first key and said second key and obtain the 3rd operating result, and generate the 3rd key according to the 3rd operating result;
Step S6: utilize said the 3rd key that the key component of the facility information that prestores is carried out cryptographic operation and obtain encrypted result;
Step S7: with the key component that said encrypted result is replaced said facility information, other parts of said facility information are constant, and the splicing of the said facility information after will replacing and said second key sequence obtains result data;
Step S8: equipment outwards sends said result data, returns step S1 then;
Step S9: equipment is carried out corresponding operating and is outwards sent corresponding operating result response said packet, returns step S1 then.
Comprise before the said step S3:
Steps A 1: whether the specified bytes of judging the data head of said packet meets first preset requirement, is execution in step A2 then, otherwise returns first error code;
Steps A 2: whether the data field of judging said packet meets second preset requirement, is execution in step A3 then, otherwise returns second error code;
Steps A 3: whether the nybble of judging the data head of said packet equals second preset value, is execution in step A4 then, otherwise execution in step A5;
Steps A 4: indicate first byte in the file to save as recording mechanism data record, then execution in step A6;
Steps A 5: said nybble is saved as recording mechanism, then execution in step A6;
Steps A 6: whether the recording mechanism of judging current saved is execution in step S3 then, otherwise returns the 3rd error code in preset range.
Said steps A 1 is specially:
Steps A 1-1: whether first byte of judging said data head equals the 3rd preset value, is then to carry out next step, otherwise returns first error code;
Steps A 1-2: whether the 3rd byte judging said data head equals the 4th preset value, is then to carry out next step, otherwise returns first error code;
Steps A 1-3: whether the 5th byte judging said data head equals the 5th preset value, is execution in step A2 then, otherwise returns first error code.
Said steps A 2 is specially: judge whether last byte is the 6th preset value in the data field of said packet, be execution in step A3 then, otherwise return second error code.
What said predetermined in advance first operation, said second operation and said made an appointment the 3rd is operating as symmetric cryptography and/or asymmetric encryption and/or random number encryption and/or data Hash and/or bit arithmetic.
Specific data described in the step S4 is the data in the data field of device interior data or random number or said packet.
Generate according to said first operating result that first key is specially a part of extracting said first operating result described in the step S3 or all as said first key, generate second key according to said second operating result described in the step S3 and be specially a part of data of extracting said second operating result or total data as said second key.
Said step S5 is specially: with said first key said second key is carried out the 3rd operation and obtain the 3rd operating result, and a part of data or the total data of extracting said the 3rd operating result are as the 3rd key.
Said step S5 is specially: with said second key said first key is carried out the 3rd operation and obtain the 3rd operating result, and a part of data or the total data of extracting said the 3rd operating result are as the 3rd key.
Key component described in the step S6 is wherein a part or a plurality of partial data of said facility information, and said a plurality of parts are continuous or discrete a plurality of part.
Said step S6 replaces with: utilize said the 3rd key that the whole cryptographic operation of carrying out of the facility information that prestores is obtained encrypted result; Said step S7 replaces with: obtain result data with said encrypted result and the splicing of said second key sequence.
The said cryptographic operation of step S6 adopts symmetric cryptography and/or asymmetric encryption and/or random number encryption and/or data Hash.
The technical scheme beneficial effect that the embodiment of the invention provides is: through sensitive information in the CPU card is carried out cryptographic operation; Cipher-text information with after encrypting substitutes former cleartext information; Do not change the length of original information on this basis; In the CPU card information end series connection additional information that reads, send to outside the card then, realize the purpose of safe transmission CPU card information with this.
Description of drawings
The method flow diagram of a kind of safe transmission facility information that Fig. 1 provides for embodiment 1;
The method flow diagram of a kind of concrete processing security device information that Fig. 2 provides for embodiment 2;
A kind of method flow diagram that the security device information of embodiment 2 is deciphered that Fig. 3 provides for embodiment 3.
Embodiment
For making the object of the invention, technical scheme and advantage clearer, execution mode of the present invention is done detailed description further below in conjunction with accompanying drawing.
In the embodiment of the invention, the equipment of mentioning is the CPU card.
Embodiment 1
Referring to Fig. 1, embodiment 1 provides a kind of method of safe transmission facility information, specifically comprises:
Step 1-1: whether second byte that card receives packet and judgment data bag equals fixed value;
Be execution in step 1-2; Not, execution in step 1-8.
In the present embodiment, second byte fixed value of packet is 0XF8.
Step 1-2: card is carried out first operation to the data field of packet, and generates first key according to first operating result;
In the present embodiment, must there be the key of appointment to participate in first operation.Specifying key is the key of Ka Nei and the outer both sides' agreement of card, and card is outer not readable.First operation includes, but are not limited to symmetric cryptography, asymmetric encryption, random number encryption, data Hash, bit arithmetic and combination thereof.A part of data of first operating result or total data are as first key.
Be preferably: card is with specifying key that data field is carried out Hash operation or bit arithmetic, and with a part of data of operation result or total data as first key;
Can also for: card with specifying key that data field is carried out asymmetric encryption, and with a part of data of encrypted result or total data as first key;
Can also for: card with specifying key that data field is carried out Hash operation, get hash result and carry out asymmetric encryption again, and with a part of data of asymmetric encryption result or total data as first key;
Can also for: card with specifying key that data field is carried out symmetric cryptography; The result carries out asymmetric encryption again, and then operation result is carried out Hash, and with a part of data of hash result or total data as first key; Other modes can also be arranged, repeat no more at this.
Step 1-3: card is carried out second operation to specific data, and generates second key according to second operating result;
In the present embodiment, specific data comprises specifies key and/or data field and/or random number.Second operation includes, but are not limited to symmetric cryptography, asymmetric encryption, random number encryption, data Hash, bit arithmetic and combination thereof.Second operation can be identical with first operation.A part of data of second operating result or total data are as second key.
Be example specifically not specify key to participate in:
Be preferably: card is carried out symmetric cryptography to packet, and with a part of data of encrypted result or total data as second key;
Can also for: card is carried out asymmetric encryption to packet, and encrypted result is carried out Hash operation, and with a part of data of hash result or total data as second key;
Can also for: card is carried out random number encryption to packet; Encrypted result is carried out symmetric cryptography, then the symmetric cryptography result is carried out the data Hash again, and with a part of data of hash result or total data as second key; Other modes can also be arranged, repeat no more at this.
Step 1-4: card is carried out the 3rd operation with first key to second key, and generates the 3rd key according to the 3rd operating result;
This step also can for: card is carried out the 3rd operation with second key to first key, and generates the 3rd key according to the 3rd operating result.
The 3rd operation includes but not limited to symmetric cryptography, asymmetric encryption, random number encryption, data Hash, bit arithmetic and combination thereof.A part of data of the 3rd operating result or total data are as the 3rd key.
Step 1-5: card is carried out cryptographic operation with the 3rd key to the key component of the data that are labeled in blocking;
In the present embodiment, the storage that is labeled in the said card is the memory location of making an appointment in card, and perhaps card is confirmed recording mechanism according to the packet that receives, the memory location of the data of confirming according to recording mechanism to be labeled in the card.
The data that will be labeled in preferably will blocking are divided into several parts of preset number, with the 3rd key key component are wherein carried out cryptographic operation.For example, be labeled data in will blocking and be divided into three parts, from a high position to the low level, be followed successively by first, second portion, third part, said key component is the part or all of of first and/or second portion and/or third part.
Encryption operation method includes, but are not limited to symmetric cryptography, asymmetric encryption, random number encryption, data Hash and combination thereof.
Step 1-6: the key component of the data that will be labeled in will blocking is with the result's replacement after encrypting, and other parts are constant, and then splices in order with second key and to obtain result data;
When said key component was first and second portion and third part whole, step 1-5 replaced with: card is carried out cryptographic operations with the 3rd key to all data that are labeled in blocking; Step 1-6 replaces with: the data that will be labeled in will blocking substitute with the result after encrypting, and obtain result data with the splicing of second key sequence then.
Step 1-7: send result data, return step 1-1.
Step 1-8: card is carried out corresponding operating, returns step 1-1.
Embodiment 2
Referring to Fig. 2, embodiment 2 provides a kind of method of concrete processing security device information, specifically comprises:
Step 201: whether second byte that card receives packet and judgment data bag equals fixed value;
Be execution in step 202; Not, execution in step 218.
In the present embodiment, second byte fixed value of packet is 0XF8.
Concrete, if second byte of the packet that receives is 0XF8, then this packet is made up of data head and data field, and wherein the first five byte of high order end is a data head, and rest parts is a data field.
For example: the packet that receives is: 80F80201082012040917375080, wherein data head is: 80F8020108, data field is: 2012040917375080.
Step 202: whether the preset byte of the data head of judgment data bag meets first preset requirement, be, execution in step 204, not, execution in step 203;
The concrete operations step is following:
Steps A: whether first byte of judgment data head equals 0X80;
Be execution in step B; Not, execution in step 203.
Step B: whether the 3rd byte of judgment data head equals 0X02;
Be execution in step C; Not, execution in step 203.
Step C: whether the 5th byte of judgment data head equals 0X08;
Be execution in step 204; Not, execution in step 203.
Steps A in the present embodiment, B, three steps of C do not have fixing execution sequence;
Step 203: return first error code, execution in step 201 then;
In the present embodiment, if first byte of data head is not equal to 0X80, first error code that then returns is 6E00;
If the 3rd byte of data head is not equal to 0X02, first error code that then returns is 6B00;
If the 5th byte of data head is not equal to 0X08, first error code that then returns is 6700;
Step 204: whether the data field of judgment data bag meets second preset requirement;
Be execution in step 206; Not, execution in step 205.
In the present embodiment, if last byte of data field is 0X80, data field meets preset requirement so.
Step 205: return second error code, return step 201;
In the present embodiment, second error code is specially 6A80.
Step 206: whether the nybble of the data head of judgment data bag equals preset value;
Be execution in step 208; Not, execution in step 207.
In the present embodiment, whether the nybble of the data head of concrete judgment data bag equals 0X00.
Step 207: the nybble of the data head of packet is saved as recording mechanism, and execution in step 209 then;
In the present embodiment, packet is: 80F80201082012040917375080, the recording mechanism of preservation is 01.
Step 208: indicate first byte data in the file to save as recording mechanism, execution in step 209 data record;
In the present embodiment, first byte in the concrete data record indication file is 0X03, so recording mechanism is 03.
Step 209: whether the recording mechanism of judging current saved is in preset range;
Be, execution in step 211, not, execution in step 210.
In the present embodiment, if recording mechanism in the 0X01-0X10 scope, then declare record is number in preset range.
Step 210: return the 3rd error code, return step 201.
In the present embodiment, the 3rd concrete error code is 6A83.
Step 211: card is carried out first operation to the data field of packet, and generates first key according to first operating result;
In the present embodiment, must there be the key of appointment to participate in first operation.
Specifying key is the key of Ka Nei and the outer both sides' agreement of card, and card is outer not readable, is specially: D636CDB97E6796D2A9E934E82D05CD0D.
First operation includes, but are not limited to symmetric cryptography, asymmetric encryption, random number encryption, data Hash, bit arithmetic and combination thereof.A part of data of first operating result or total data are as first key.
Be preferably: card is with specifying key that data field is carried out Hash operation or bit arithmetic, and with a part of data of operation result or total data as first key;
Can also for: card with specifying key that data field is carried out asymmetric encryption, and with a part of data of encrypted result or total data as first key;
Can also for: card with specifying key that data field is carried out Hash operation, get hash result and carry out asymmetric encryption again, and with a part of data of asymmetric encryption result or total data as first key;
Can also for: card with specifying key that data field is carried out symmetric cryptography; Again encrypted result is carried out asymmetric encryption, again operation result is carried out Hash, and with a part of data of hash result or total data as first key; Other modes can also be arranged, repeat no more at this.
In the present embodiment, card is with specifying key to adopt the 3des-ecb pattern to carry out symmetric cryptography to data field, and first key of generation is: 68A4565641058AA8.
Step 212: card is carried out second operation to specific data, and generates second key according to second operating result;
In the present embodiment, specific data comprises specifies key and/or data field and/or random number.Second operation includes, but are not limited to symmetric cryptography, asymmetric encryption, random number encryption, data Hash, bit arithmetic and combination thereof.Second operation can be identical with first operation, also can be different.A part of data of second operating result or total data are as second key.
Be example specifically not specify key to participate in:
Be preferably: card is carried out symmetric cryptography to packet, and with a part of data of encrypted result or total data as second key;
Can also for: card is carried out asymmetric encryption to data field, again encrypted result is carried out Hash, and with a part of data of hash result or total data as second key;
Can also for: card is carried out random number encryption to data field; Again encrypted result is carried out symmetric cryptography, the symmetric cryptography result carries out Hash operation more then, and with a part of data of hash result or total data as second key; Other modes can also be arranged, repeat no more at this.
In the present embodiment, the process of second key that obtains is specially:
Card disperses with specifying key that data field is carried out, and second key of generation is: B0D6D68C11987977.
Step 213: card is carried out the 3rd operation with first key to second key, and generates the 3rd key according to the 3rd operating result;
This step also can for: card is carried out the 3rd operation with second key to first key, and generates the 3rd key according to the 3rd operating result.
The 3rd operation includes but not limited to symmetric cryptography, asymmetric encryption, random number encryption, data Hash, bit arithmetic and combination thereof.A part of data of the 3rd operating result or total data are as the 3rd key.
In the present embodiment, generate the 3rd key processes and be specially:
Card is with the symmetric cryptography of first key to second key execution des-ecb pattern, and the 3rd key of generation is specially: C193FF60389A817B.
Step 214: read the interior data of card of current record labelled notation, and obtain the key component of data in the card;
In the present embodiment, current record number is 0X01, reads the interior data of card of current record labelled notation, and data are divided quinquepartite in will blocking by sensitivity, are numbered 1,2,3,4,5 respectively, and are specific as follows:
1:6963626320636172642020202020202020202020900758403049921820FF35
2:FAC90162E1113F78AD705FB995DDFBFC
3:237FFF0075
4:3AFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
5:231234454545454545454545454545454545FFFF1012FFFF
Wherein the 2nd, 4 partial words joint numbers are respectively the integral multiple of 8 bytes, and the key component of then obtaining is part 2 and/or the 4th part.
Further; When the discontented foot of part 2 and/or the 4th partial words joint number 8 byte integer times; Then the front or rear adjacent part from part 2 and/or the 4th part begins data intercept until its satisfied 8 byte integer doubly, and the key component of then obtaining is the data of forming behind the data intercept.
Step 215: card is carried out cryptographic operation with the 3rd key to the key component of data in blocking;
In the present embodiment, cryptographic operation includes but not limited to symmetric cryptography, asymmetric encryption, random number encryption, data Hash, bit arithmetic and combination thereof.
Concrete cryptographic operation is following:
Card is carried out the des-ecb pattern respectively and is encrypted with the 3rd key 2,4 two parts to the data that are labeled in blocking, and the corresponding encrypted result that obtains is respectively:
2’:DF1F4AE18C1E5F7EEED7449D59D76618
4’:D5C88B918020303F4FE0DA9380CED691E7405183A10FBD61E7405183A10FBD61
In the present embodiment, preferably 2,4 parts of the data that are labeled in blocking are carried out cryptographic operation, other, also can carry out cryptographic operation to other part of the data that are labeled in blocking.
Step 216: the key component of the data that will be labeled in will blocking is with the result's replacement after encrypting, and other parts are constant, and then splices in order with second key and to obtain result data;
In the present embodiment, concrete usefulness encrypted result 2', 4' substitute 2,4 parts in the original data, obtain new data by 1,2', 3,4', 5, this five part is formed.The new data and second key are spliced in order, obtain result data, specific as follows:
6963626320636172642020202020202020202020900758403049921820FF35DF1F4AE18C1E5F7EEED7449D59D76618237FFF0075D5C88B918020303F4FE0DA9380CED691E7405183A10FBD61E7405183A10FBD61231234454545454545454545454545454545FFFF1012FFFFB0D6D68C11987977;
Further, step 214-step 216 can also replace with following operation:
Step 214 ': the interior data of card that read the current record labelled notation;
Step 215 ': card is carried out cryptographic operation with the 3rd key to data in the card that reads;
Step 216 ': cryptographic operation result and the splicing of second key sequence are formed result data;
Step 217: send result data, execution in step 201 then;
In the present embodiment, the result data that step 216 is obtained sends to outside the CPU card.
Step 218: card is carried out corresponding operating, returns step 201.
In the present embodiment, after step 209 judges that current record number is in preset range, can execution in step 214, and then order execution in step 211 is to step 213, at last again execution in step 215 to step 217.
Embodiment 3
Referring to Fig. 3, embodiment 3 provides a kind of method that the security device information of embodiment 2 is deciphered, and specifically comprises:
Step 301: the reception result data, and, obtain the data and second key in the encrypted card to its parsing;
In the present embodiment, the concrete result data that receives is:
6963626320636172642020202020202020202020900758403049921820FF35DF1F4AE18C1E5F7EEED7449D59D76618237FFF0075D5C88B918020303F4FE0DA9380CED691E7405183A10FBD61E7405183A10FBD61231234454545454545454545454545454545FFFF1012FFFFB0D6D68C11987977
After the parsing, obtain that data are in the encrypted card:
6963626320636172642020202020202020202020900758403049921820FF35DF1F4AE18C1E5F7EEED7449D59D76618237FFF0075D5C88B918020303F4FE0DA9380CED691E7405183A10FBD61E7405183A10FBD61231234454545454545454545454545454545FFFF1012FFFF
Second key is: B0D6D68C11987977
Step 302: with specifying key that the data field of the packet that issues is carried out first operation, and generate first key according to first operating result;
In the present embodiment, specifying key is the key of Ka Nei and the outer both sides' agreement of card.Be specially: D636CDB97E6796D2A9E934E82D05CD0D
The data field of the packet that issues is specially: 2012040917375080.
In the present embodiment, use and specify key to be: 68A4565641058AA8 first key that data field adopts the 3des-ecb pattern to carry out the symmetric cryptography generation.
Step 303: with first key second key is carried out the 3rd operation, and generate the 3rd key according to the 3rd operating result;
In the present embodiment, with the symmetric cryptography of first key to second key execution des-ecb pattern, the 3rd key of generation is specially: C193FF60389A817B.
Step 304: the key component of making an appointment of data in the encrypted card is carried out decryption oprerations with the 3rd key;
In the present embodiment, concrete according to making an appointment data in the encrypted card to be divided into 5 parts following:
1:6963626320636172642020202020202020202020900758403049921820FF35
2:DF1F4AE18C1E5F7EEED7449D59D76618
3:237FFF0075
4:D5C88B918020303F4FE0DA9380CED691E7405183A10FBD61E7405183A10FBD61
5:231234454545454545454545454545454545FFFF1012FFFF
Adopting the des-ecb pattern to carry out deciphering respectively to 2,4 parts of making an appointment then obtains:
2’:FAC90162E1113F78AD705FB995DDFBFC
4’:3AFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Step 305: the key component of making an appointment of data in the encrypted card is substituted with the result after deciphering, and other parts are constant, obtain the interior data of card;
In the present embodiment, data are following in the concrete card:
6963626320636172642020202020202020202020900758403049921820FF35FAC90162E1113F78AD705FB995DDFBFC237FFF00753AFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF231234454545454545454545454545454545FFFF1012FFFF。
The above; Be merely embodiment of the present invention, but protection scope of the present invention is not limited thereto, any technical staff who is familiar with the present technique field is in the technical scope that the present invention discloses; Can expect easily changing or replacement, all should be encompassed within protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion by said protection range with claim.
Claims (12)
1. the method for a safe transmission facility information is characterized in that, comprising:
Step S1: equipment receiving data bag;
Step S2: whether the preset byte of judging the said packet receive equals first preset value, is execution in step S3 then, otherwise execution in step S9;
Step S3: equipment is carried out first operation of making an appointment with the key of making an appointment to the data field of the said packet that receives and is obtained first operating result, and generates first key according to said first operating result;
Step S4: specific data is carried out second operation obtain second operating result, and generate second key according to said second operating result;
Step S5: carry out the 3rd operation of making an appointment according to said first key and said second key and obtain the 3rd operating result, and generate the 3rd key according to the 3rd operating result;
Step S6: utilize said the 3rd key that the key component of the facility information that prestores is carried out cryptographic operation and obtain encrypted result;
Step S7: with the key component that said encrypted result is replaced said facility information, other parts of said facility information are constant, and the splicing of the said facility information after will replacing and said second key sequence obtains result data;
Step S8: equipment outwards sends said result data, returns step S1 then;
Step S9: equipment is carried out corresponding operating and is outwards sent corresponding operating result response said packet, returns step S1.
2. the method for a kind of safe transmission facility information according to claim 1 is characterized in that, comprises before the said step S3:
Steps A 1: whether the specified bytes of judging the data head of said packet meets first preset requirement, is execution in step A2 then, otherwise returns first error code;
Steps A 2: whether the data field of judging said packet meets second preset requirement, is execution in step A3 then, otherwise returns second error code;
Steps A 3: whether the nybble of judging the data head of said packet equals second preset value, is execution in step A4 then, otherwise execution in step A5;
Steps A 4: indicate first byte data in the file to save as recording mechanism, execution in step A6 data record;
Steps A 5: said nybble is saved as recording mechanism, execution in step A6;
Steps A 6: whether the recording mechanism of judge preserving is execution in step S3 then, otherwise returns the 3rd error code in preset range.
3. the method for a kind of safe transmission facility information according to claim 2 is characterized in that, said steps A 1 is specially:
Steps A 1-1: whether first byte of judging said data head equals the 3rd preset value, is then to carry out next step, otherwise returns first error code;
Steps A 1-2: whether the 3rd byte judging said data head equals the 4th preset value, is then to carry out next step, otherwise returns first error code;
Steps A 1-3: whether the 5th byte judging said data head equals the 5th preset value, is then to carry out next step, otherwise returns first error code.
4. the method for a kind of safe transmission facility information according to claim 2; It is characterized in that; Said steps A 2 is specially: judge whether last byte is the 6th preset value in the data field of said packet, be execution in step A3 then, otherwise return second error code.
5. the method for a kind of safe transmission facility information according to claim 1; It is characterized in that what said predetermined in advance first operation, said second operation and said made an appointment the 3rd is operating as symmetric cryptography and/or asymmetric encryption and/or random number encryption and/or data Hash and/or bit arithmetic.
6. the method for a kind of safe transmission facility information according to claim 1 is characterized in that, specific data described in the step S4 is the data in the data field of device interior data or random number or said packet.
7. the method for a kind of safe transmission facility information according to claim 1; It is characterized in that; Generate according to said first operating result that first key is specially a part of extracting said first operating result described in the step S3 or all as said first key, generate second key according to said second operating result described in the step S3 and be specially a part of data of extracting said second operating result or total data as said second key.
8. the method for a kind of safe transmission facility information according to claim 1; It is characterized in that; Said step S5 is specially: with said first key said second key is carried out the 3rd operation and obtain the 3rd operating result, and a part of data or the total data of extracting said the 3rd operating result are as the 3rd key.
9. the method for a kind of safe transmission facility information according to claim 1; It is characterized in that; Said step S5 is specially: with said second key said first key is carried out the 3rd operation and obtain the 3rd operating result, and a part of data or the total data of extracting said the 3rd operating result are as the 3rd key.
10. the method for a kind of safe transmission facility information according to claim 1 is characterized in that, key component described in the step S6 is wherein a part or a plurality of partial data of said facility information, and said a plurality of parts are continuous or discrete a plurality of part.
11. the method for a kind of safe transmission facility information according to claim 1 is characterized in that, said step S6 replaces with: utilize said the 3rd key that all devices information and executing cryptographic operation that prestores is obtained encrypted result; Said step S7 replaces with: obtain result data with said encrypted result and the splicing of said second key sequence.
12. the method according to claim 1 or 11 described a kind of safe transmission facility informations is characterized in that, the said cryptographic operation of step S6 adopts symmetric cryptography and/or asymmetric encryption and/or random number encryption and/or data Hash.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210248144.XA CN102739406B (en) | 2012-07-17 | 2012-07-17 | Method for securely transmitting equipment information |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210248144.XA CN102739406B (en) | 2012-07-17 | 2012-07-17 | Method for securely transmitting equipment information |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102739406A true CN102739406A (en) | 2012-10-17 |
| CN102739406B CN102739406B (en) | 2014-12-10 |
Family
ID=46994250
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210248144.XA Expired - Fee Related CN102739406B (en) | 2012-07-17 | 2012-07-17 | Method for securely transmitting equipment information |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102739406B (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103281299A (en) * | 2013-04-26 | 2013-09-04 | 天地融科技股份有限公司 | Encryption and decryption devices and information processing method and system |
| CN105611573A (en) * | 2015-12-21 | 2016-05-25 | 飞天诚信科技股份有限公司 | Method and apparatus for implementing Bluetooth retransmission prevention |
| CN105635131A (en) * | 2015-12-25 | 2016-06-01 | 东软集团股份有限公司 | Data transmission method and device and server |
| CN105897748A (en) * | 2016-05-27 | 2016-08-24 | 飞天诚信科技股份有限公司 | Symmetric secrete key transmission method and device |
| CN106790250A (en) * | 2017-01-24 | 2017-05-31 | 郝孟 | Data processing, encryption, integrity checking method and authentication identifying method and system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101577022A (en) * | 2009-03-13 | 2009-11-11 | 深圳德诚信用咭制造有限公司 | Method for encrypting and decrypting CPU card data |
| CN102063598A (en) * | 2009-11-17 | 2011-05-18 | 北大方正集团有限公司 | Data encryption and decryption methods and devices |
| WO2012071725A1 (en) * | 2010-11-29 | 2012-06-07 | 北京卓微天成科技咨询有限公司 | Method and apparatus for data selective encryption and decryption |
-
2012
- 2012-07-17 CN CN201210248144.XA patent/CN102739406B/en not_active Expired - Fee Related
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101577022A (en) * | 2009-03-13 | 2009-11-11 | 深圳德诚信用咭制造有限公司 | Method for encrypting and decrypting CPU card data |
| CN102063598A (en) * | 2009-11-17 | 2011-05-18 | 北大方正集团有限公司 | Data encryption and decryption methods and devices |
| WO2012071725A1 (en) * | 2010-11-29 | 2012-06-07 | 北京卓微天成科技咨询有限公司 | Method and apparatus for data selective encryption and decryption |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103281299A (en) * | 2013-04-26 | 2013-09-04 | 天地融科技股份有限公司 | Encryption and decryption devices and information processing method and system |
| CN103281299B (en) * | 2013-04-26 | 2016-12-28 | 天地融科技股份有限公司 | A kind of ciphering and deciphering device and information processing method and system |
| CN105611573A (en) * | 2015-12-21 | 2016-05-25 | 飞天诚信科技股份有限公司 | Method and apparatus for implementing Bluetooth retransmission prevention |
| CN105611573B (en) * | 2015-12-21 | 2018-11-20 | 飞天诚信科技股份有限公司 | A kind of implementation method and device of bluetooth anti-replay |
| CN105635131A (en) * | 2015-12-25 | 2016-06-01 | 东软集团股份有限公司 | Data transmission method and device and server |
| CN105635131B (en) * | 2015-12-25 | 2019-06-25 | 东软集团股份有限公司 | Transmit data method, device and server |
| CN105897748A (en) * | 2016-05-27 | 2016-08-24 | 飞天诚信科技股份有限公司 | Symmetric secrete key transmission method and device |
| CN105897748B (en) * | 2016-05-27 | 2019-05-10 | 飞天诚信科技股份有限公司 | A kind of transmission method and equipment of symmetric key |
| CN106790250A (en) * | 2017-01-24 | 2017-05-31 | 郝孟 | Data processing, encryption, integrity checking method and authentication identifying method and system |
| CN106790250B (en) * | 2017-01-24 | 2020-03-31 | 郝孟一 | Data processing, encryption, integrity verification method and identity authentication method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102739406B (en) | 2014-12-10 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US12051064B2 (en) | Transaction messaging | |
| US8789210B2 (en) | Key usage policies for cryptographic keys | |
| CN102739406B (en) | Method for securely transmitting equipment information | |
| CN104506504B (en) | A kind of storage method and safety device of card-free terminal classified information | |
| US20160189126A1 (en) | Method and system for safely transmitting transaction sensitive data based on cloud pos | |
| CN109981682A (en) | Data verification method, the apparatus and system of internet of things equipment | |
| CN102970676B (en) | A kind of method handled initial data, Internet of things system and terminal | |
| WO2017162164A1 (en) | Electronic signature device transaction method | |
| CN104050431A (en) | Self-signing method and self-signing device for RFID chips | |
| US8755527B2 (en) | Key management policies for cryptographic keys | |
| EP2950229B1 (en) | Method for facilitating transactions, computer program product and mobile device | |
| CN110942301B (en) | Data processing method and device based on block chain, computer and storage medium | |
| US11356427B1 (en) | Signcrypted envelope message | |
| CN207070088U (en) | A kind of identity card cloud identifies Verification System | |
| CN111739190B (en) | Vehicle diagnostic file encryption method, device, equipment and storage medium | |
| CN104935783A (en) | Safe and active image tampering detection method and device | |
| CN101331768B (en) | Method for delivering conditional access content | |
| CN112866296B (en) | Application online verification method, device, equipment and storage medium | |
| CN115225365B (en) | Data security transmission method, platform and system based on cryptographic algorithm | |
| CN104778422A (en) | Privacy protection method for object with identification information in use and analysis | |
| CN105976008B (en) | A kind of intelligent card data encryption method and system | |
| CN111030804A (en) | Fault information transmission method, device, system, equipment and storage medium | |
| ITMI20131824A1 (en) | METHOD OF IDENTIFYING A MESSAGE COMPLIANT WITH THE OTA STANDARD (OVER THE AIR) AND AFFECTED BY ERROR | |
| CA2603253A1 (en) | Method and apparatus for encryption and pass-through handling of confidential information in software applications | |
| CN107193510B (en) | Parameter setting method and system for image forming apparatus |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20141210 |