[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN116980184B - SDWAN network key distribution method and system based on multiple redundancy algorithm - Google Patents

SDWAN network key distribution method and system based on multiple redundancy algorithm Download PDF

Info

Publication number
CN116980184B
CN116980184B CN202310769639.5A CN202310769639A CN116980184B CN 116980184 B CN116980184 B CN 116980184B CN 202310769639 A CN202310769639 A CN 202310769639A CN 116980184 B CN116980184 B CN 116980184B
Authority
CN
China
Prior art keywords
data
end data
module
encryption
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202310769639.5A
Other languages
Chinese (zh)
Other versions
CN116980184A (en
Inventor
王晖
刘俊峰
梁劲超
李文杰
毛轶珏
焦磊明
张峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sinopec Sales Co Ltd Guangdong Petroleum Branch
Original Assignee
Sinopec Sales Co Ltd Guangdong Petroleum Branch
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sinopec Sales Co Ltd Guangdong Petroleum Branch filed Critical Sinopec Sales Co Ltd Guangdong Petroleum Branch
Priority to CN202310769639.5A priority Critical patent/CN116980184B/en
Publication of CN116980184A publication Critical patent/CN116980184A/en
Application granted granted Critical
Publication of CN116980184B publication Critical patent/CN116980184B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/045Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply hybrid encryption, i.e. combination of symmetric and asymmetric encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0478Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload applying multiple layers of encryption, e.g. nested tunnels or encrypting the content with a first key and then with at least a second key
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to the technical field of data security transmission, in particular to a SDWAN network key distribution method and system based on a multiple redundancy algorithm. The encryption method comprises the steps of encrypting plaintext, splitting a secret key of ciphertext, adding decryption codes in front-end data and back-end data, dividing the decryption codes into two parts, respectively combining the two parts with the front-end data and the back-end data, encrypting the middle-end data, performing redundancy copying on the front-end data, the encrypted middle-end data and the back-end data by adopting a multiple redundancy algorithm, combining the copied data with the ciphertext, encrypting by adopting a symmetric key encryption algorithm, and separately transmitting the encrypted data. The invention divides the secret key into the front end data, the middle end data and the rear end data, performs redundant copying and re-encryption on the middle end data, and separately transmits the front end data, the middle end data and the data after the rear end data and the ciphertext are combined, thereby improving the safety of data transmission.

Description

SDWAN network key distribution method and system based on multiple redundancy algorithm
Technical Field
The invention relates to the technical field of data security transmission, in particular to a SDWAN network key distribution method and system based on a multiple redundancy algorithm.
Background
In order to ensure that data can be safely transmitted, the data can be encrypted before the data transmission, so that the safety of the data transmission is improved, but the data encrypted by a traditional single key algorithm is easy to be intercepted in the data transmission process, so that the intercepted data is decrypted to cause the conditions of data leakage and hijacking, the encrypted data is lost to cause the loss of the data, and in order to strengthen the safety of the data transmission, the decrypted key is distributed and adjusted, so that the safety of the data transmission is improved.
Disclosure of Invention
The invention aims to provide SDWAN network key distribution method and system based on multiple redundancy algorithm, so as to solve the problems in the background art.
The invention aims at providing a SDWAN network key distribution method based on a multiple redundancy algorithm, which comprises the following steps:
s1, encrypting a plaintext by using a public key in an asymmetric key encryption algorithm to form a ciphertext;
S2, splitting data of a secret key for decrypting the ciphertext, so that the secret key is divided into front-end data, middle-end data and back-end data;
s3, encrypting the middle-end data and generating a decryption code at the same time, dividing the decryption code into a front decryption code and a rear decryption code, and combining the front decryption code, the front-end data and the rear decryption code with the rear-end data;
s4, performing redundancy copying on the encrypted middle-end data, the combined front-end data and the combined back-end data by using a multiple redundancy algorithm;
s5, combining the copied data with the ciphertext, and encrypting by adopting a symmetric key encryption algorithm;
s6, the encrypted data are transmitted separately.
As a further improvement of the present technical solution, in S4, each group of data is numbered during the process of copying the front-end data, the encrypted middle-end data, and the back-end data, and the encrypted middle-end data is decoded by the decryption data having the same number.
As a further improvement of the present technical solution, in S6, when the encrypted data is transmitted separately, the encrypted middle-end data, the combined front-end data, and the back-end data are transmitted together.
The second object of the present invention is to provide a system for implementing the above-mentioned SDWAN network key distribution method based on multiple redundancy algorithm, which comprises an encryption processing unit, a data processing unit and a data transmission unit;
The encryption processing unit encrypts the transmitted plaintext data and transmits the decrypted key data to the data processing unit;
The data processing unit splits the decrypted key data transmitted by the encryption processing unit into three parts, endows the split key data with data, transmits the split key data into the encryption processing unit to encrypt the data after endowing the split key data with the data, and simultaneously performs redundancy copying on the encrypted data;
the data transmission unit transmits the data processed in the encryption processing unit.
As a further improvement of the technical scheme, the encryption processing unit comprises an asymmetric encryption module and a symmetric encryption module;
The asymmetric encryption module performs asymmetric encryption on the plaintext and transmits decrypted key data to the data processing unit; the symmetrical encryption module encrypts the data split by the data processing unit and transmits the data back to the data processing unit after encryption is completed.
As a further improvement of the technical scheme, the data processing unit comprises a data splitting module, a data giving module and a redundancy module;
the data splitting module splits the decrypted key data transmitted by the asymmetric encryption module, so that the decrypted key data is split into front-end data, middle-end data and rear-end data, and the data is transmitted to the data giving module after the data is split;
The data giving module is used for transmitting the middle-end data to the symmetrical encryption module after receiving the data transmitted by the data splitting module, encrypting the data by the symmetrical encryption module and transmitting the decryption code to the data giving module, dividing the decryption code into a front decryption code and a rear decryption code by the data giving module, and combining the front decryption code with the front-end data and combining the rear decryption code with the rear-end data;
the redundancy module performs redundancy copying on the encrypted middle-end data, the front-end data and the back-end data after combination, numbers each group of data when copying, and decodes the encrypted middle-end data by the decryption data with the same number.
As a further improvement of the technical scheme, the data transmission unit comprises a data lane module and a transmission control module;
The data channel dividing module receives the data transmitted by the symmetrical encryption module, and adopts SDWAN network to carry out transmission channel dividing setting on the middle-end data encrypted by the same number and the front-end data and the back-end data after combination;
the transmission control module transmits the data to the appointed position according to the data of the lane of the data lane module.
As a further improvement of the technical scheme, the data splitting module and the data giving module split the decrypted key data and the decrypted code respectively as follows:
S21, reading decrypted key data or a decrypted character string to obtain information of the character string;
s22, extracting characters in the character string according to the number of split required;
S23, sequencing the extracted characters according to the sequence of the original character strings, numbering after sequencing is completed, and determining the numbering sequence according to the positions of the character strings in the original character strings.
As a further improvement of the technical scheme, when the ordered character strings are numbered, the positions of the characters in the original character strings need to be identified, and the identification method adopts a K-nearest neighbor algorithm and comprises the following steps:
s31, counting word frequency, and performing word segmentation to complete preprocessing of the Doc text of the original character string;
S32, calculating a characteristic value of the word;
s33, incrementally sorting by using an insert sorting algorithm according to the characteristic values of the words, and extracting the first M words from the sorted word set to serve as characteristic words of the current document;
S34, taking out a training sample T ij in a training text set C i of a certain class;
S35, calculating the similarity between Doc and T ij;
S36, if the training samples which are not taken exist in the C i, returning to the step S33;
s37, extracting K documents with the maximum similarity, sequentially calculating the weight of each class, and if the calculated weight of each class is larger than a threshold value theta, doc belongs to the class;
S38, sequentially taking out texts in the training text set C i, calculating the similarity between the texts and the training text set C i, if T ik exists, replacing T ik;Tij with Doc to represent the jth text in the training text set, and T ik is the training text with the minimum similarity in the training text set C i.
In the step S32, the formula for calculating the word characteristic value is:
Where Q is the weight, δ is the position weighting coefficient, E is the restricted semantic weighting coefficient, L is the length of W i, T i is the frequency of occurrence in the document, S is the total number of documents, SD is the function of the number of documents that occur at least once therein, and W i is the character content of the new character string.
In S35, the formula for calculating the similarity between Doc and T ij is:
Wherein Sim (d x,dy) is the similarity between d x and d y, n is the number of feature words commonly owned by d x and d y, |d x | is the total number of feature words in document d x, |d y | is the total number of feature words in document d y, T xk is the k-th dimension value of d x, T yk is the k-th dimension value of d y, d x is the character content of Doc, and d y is the character content of T ij.
In S37, the weight formula for each class is calculated as follows:
wherein d i is a Doc feature vector, Q (d, c j) is a class weight, and y (d i,cj) is a class function;
I.e. if d i belongs to c j, the function value is 1, otherwise, 0, and the position of the new character string in the original character string is obtained by matching and comparing the characters in Doc.
Compared with the prior art, the invention has the beneficial effects that:
1. According to the SDWAN network key distribution method and system based on the multiple redundancy algorithm, the key is divided into the front-end data, the middle-end data and the rear-end data, the middle-end data is encrypted, the key for decrypting the middle-end data is divided and combined with the front-end data and the rear-end data, then the front-end data, the middle-end data, the rear-end data and the ciphertext are combined and redundant copied, encryption is carried out, and the front-end data, the middle-end data and the data combined by the rear-end data and the ciphertext are separately transmitted, so that the safety of data transmission is improved, the data in one or two channels are not lost when the data of the two channels are hijacked, and the safety of data transmission is improved.
Drawings
FIG. 1 is a block diagram of the overall steps of the present invention;
Fig. 2 is an overall block diagram of the present invention.
The meaning of each reference sign in the figure is:
1. an encryption processing unit; 11. an asymmetric encryption module; 12. symmetric encryption modules;
2. a data processing unit; 21. a data splitting module; 22. a data giving module; 23. a redundancy module;
3. A data transmission unit; 31. a data lane dividing module; 32. and a transmission control module.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Example 1
Referring to fig. 1, the embodiment provides a SDWAN network key distribution method based on a multiple redundancy algorithm, which includes the following steps:
s1, encrypting a plaintext by using a public key in an asymmetric key encryption algorithm to form a ciphertext;
S2, splitting data of a secret key for decrypting the ciphertext, so that the secret key is divided into front-end data, middle-end data and back-end data;
s3, encrypting the middle-end data and generating a decryption code at the same time, dividing the decryption code into a front decryption code and a rear decryption code, and combining the front decryption code, the front-end data and the rear decryption code with the rear-end data;
s4, performing redundancy copying on the encrypted middle-end data, the combined front-end data and the combined back-end data by using a multiple redundancy algorithm;
Numbering each group of data in the process of copying the front-end data, the encrypted middle-end data and the back-end data, and decoding the encrypted middle-end data by the decryption data with the same number;
s5, combining the copied data with the ciphertext, and encrypting by adopting a symmetric key encryption algorithm;
s6, carrying out separate transmission on the encrypted data;
The key is divided into front end data, middle end data and rear end data, encryption is carried out on the middle end data, meanwhile, the key for decrypting the middle end data is split and combined with the front end data and the rear end data, then the front end data, the middle end data, the rear end data and ciphertext are combined and redundant copied, encryption is carried out, and the front end data, the middle end data and the data after the rear end data and ciphertext are combined are split and transmitted, so that the safety of data transmission is improved, the data in one or two channels is not lost when being hijacked, and the safety of data transmission is improved.
Example 2
Referring to fig. 2, the present embodiment provides a system for implementing the above-mentioned SDWAN network key distribution method based on multiple redundancy algorithm, including an encryption processing unit 1, a data processing unit 2, and a data transmission unit 3;
the encryption processing unit 1 encrypts the transmitted plaintext data and transmits the decrypted key data to the data processing unit 2;
The data processing unit 2 splits the decrypted key data transmitted from the encryption processing unit 1 into three parts, endows the split key data with data, transmits the data to the encryption processing unit 1 after endowing the data with the data, and simultaneously performs redundancy copying on the encrypted data;
The data transmission unit 3 transmits the data processed in the encryption processing unit 1.
The encryption processing unit 1 includes an asymmetric encryption module 11 and a symmetric encryption module 12;
The asymmetric encryption module 11 performs asymmetric encryption on the plaintext and transmits the decrypted key data to the data processing unit 2; the symmetric encryption module 12 encrypts the data split by the data processing unit 2, and transmits the encrypted data back to the data processing unit 2.
The data processing unit 2 includes a data splitting module 21, a data giving module 22, and a redundancy module 23;
The data splitting module 21 splits the decrypted key data transmitted from the asymmetric encryption module 11, so that the decrypted key data is split into front-end data, middle-end data and back-end data, and transmits the data to the data giving module 22 after the data is split;
The data giving module 22 transmits the middle-end data to the symmetric encryption module 12 after receiving the data transmitted from the data splitting module 21, encrypts the data by the symmetric encryption module 12 and transmits the decryption code to the data giving module 22, and the data giving module 22 divides the decryption code into a front decryption code and a rear decryption code and combines the front decryption code, the front-end data and the rear decryption code with the rear-end data;
the redundancy module 23 performs redundancy copying on the encrypted middle-end data and the combined front-end data and back-end data, and numbers each group of data at the time of copying, and decodes the encrypted middle-end data by the decryption data having the same number.
The data splitting module 21 and the data giving module 22 split the decrypted key data and the decrypted code, respectively, as follows:
S21, reading decrypted key data or a decrypted character string to obtain information of the character string;
s22, extracting characters in the character string according to the number of split required;
S23, sequencing the extracted characters according to the sequence of the original character strings, numbering after sequencing is completed, and determining the numbering sequence according to the positions of the character strings in the original character strings.
When numbering the ordered character strings, the position of the character in the original character string needs to be identified, and the identification method adopts a K-nearest neighbor algorithm and comprises the following steps:
s31, counting word frequency, and performing word segmentation to complete preprocessing of the Doc text of the original character string;
S32, calculating a characteristic value of the word;
s33, incrementally sorting by using an insert sorting algorithm according to the characteristic values of the words, and extracting the first M words from the sorted word set to serve as characteristic words of the current document;
S34, taking out a training sample T ij in a training text set C i of a certain class;
S35, calculating the similarity between Doc and T ij;
S36, if the training samples which are not taken exist in the C i, returning to the step S33;
s37, extracting K documents with the maximum similarity, sequentially calculating the weight of each class, and if the calculated weight of each class is larger than a threshold value theta, doc belongs to the class;
S38, sequentially taking out texts in the training text set C i, calculating the similarity between the texts and the training text set C i, if T ik exists, replacing T ik;Tij with Doc to represent the jth text in the training text set, and T ik is the training text with the minimum similarity in the training text set C i.
In the step S32, the formula for calculating the word characteristic value is:
Where Q is the weight, δ is the position weighting coefficient, E is the restricted semantic weighting coefficient, L is the length of W i, T i is the frequency of occurrence in the document, S is the total number of documents, SD is the function of the number of documents that occur at least once therein, and W i is the character content of the new character string.
In S35, the formula for calculating the similarity between Doc and T ij is:
Wherein Sim (d x,dy) is the similarity between d x and d y, n is the number of feature words commonly owned by d x and d y, |d x | is the total number of feature words in document d x, |d y | is the total number of feature words in document d y, T xk is the k-th dimension value of d x, T yk is the k-th dimension value of d y, d x is the character content of Doc, and d y is the character content of T ij.
In S37, the weight formula for each class is calculated as follows:
wherein d i is a Doc feature vector, Q (d, c j) is a class weight, and y (d i,cj) is a class function;
I.e. if d i belongs to c j, the function value is 1, otherwise, 0, and the position of the new character string in the original character string is obtained by matching and comparing the characters in Doc.
The data transmission unit 3 includes a data lane module 31 and a transmission control module 32;
the data lane module 31 receives the data transmitted by the symmetric encryption module 12, and adopts SDWAN network to transmit and lane the middle-end data encrypted by the same number, the front-end data and the back-end data after combination;
the transmission control module 32 transmits data to a designated position according to the data of the lane of the data lane module 31.
The working flow is as follows:
The plaintext is input into the asymmetric encryption module 11, the asymmetric encryption module 11 performs asymmetric encryption on the plaintext to form ciphertext, meanwhile, the asymmetric encryption module 11 transmits a secret key for decoding the ciphertext to the data splitting module 21, the data splitting module 21 splits the received secret key to enable the secret key to be divided into front end data, middle end data and rear end data, at the moment, the front end data, the middle end data and the rear end data are all transmitted into the data giving module 22, the data giving module 22 transmits the middle end data to the symmetric encryption module 12 to encrypt, the data giving module 22 splits the secret key for decoding the middle end data, and combines the split two parts with the front end data and the rear end data, the combined front end data, the rear end data and the encrypted middle end data and the ciphertext are transmitted into the redundancy module 23, the redundancy module 23 performs redundancy copying on the encrypted middle end data and the combined front end data, the encrypted rear end data, numbers on each group of data when the front end data, the middle end data and the rear end data are copied, the data channel and the data channel of the two parts are not shared by the data channel or the two channels are lost when the two parts are transmitted.
The foregoing has shown and described the basic principles, principal features and advantages of the invention. It will be understood by those skilled in the art that the present invention is not limited to the above-described embodiments, and that the above-described embodiments and descriptions are only preferred embodiments of the present invention, and are not intended to limit the invention, and that various changes and modifications may be made therein without departing from the spirit and scope of the invention as claimed. The scope of the invention is defined by the appended claims and equivalents thereof.

Claims (9)

1. A SDWAN network key distribution method based on a multiple redundancy algorithm is characterized by comprising the following steps:
s1, encrypting a plaintext by using a public key in an asymmetric key encryption algorithm to form a ciphertext;
S2, splitting data of a secret key for decrypting the ciphertext, so that the secret key is divided into front-end data, middle-end data and back-end data;
s3, encrypting the middle-end data and generating a decryption code at the same time, dividing the decryption code into a front decryption code and a rear decryption code, and combining the front decryption code, the front-end data and the rear decryption code with the rear-end data;
s4, performing redundancy copying on the encrypted middle-end data, the combined front-end data and the combined back-end data by using a multiple redundancy algorithm;
s5, combining the copied data with the ciphertext, and encrypting by adopting a symmetric key encryption algorithm;
s6, the encrypted data are transmitted separately.
2. The SDWAN network key allocation method according to claim 1, wherein the method comprises the steps of: in S4, each group of data is numbered during the process of copying the front-end data, the encrypted middle-end data and the back-end data, and the encrypted middle-end data is decoded by the decryption data with the same number.
3. The SDWAN network key allocation method according to claim 2, wherein the method comprises the steps of: in the step S6, when the encrypted data is transmitted separately, the encrypted middle-end data, the combined front-end data and the combined back-end data are transmitted together.
4. A system for implementing a SDWAN network key distribution method including a multiple redundancy algorithm according to any one of claims 1 to 3, characterized by: comprises an encryption processing unit (1), a data processing unit (2) and a data transmission unit (3);
The encryption processing unit (1) encrypts the transmitted plaintext data and transmits the decrypted key data to the data processing unit (2);
the data processing unit (2) splits the decrypted key data transmitted by the encryption processing unit (1) into three parts, endows the split key data with data, transmits the split key data to the encryption processing unit (1) for data encryption after endowing the split key data with data, and performs redundancy copying on the encrypted data;
The data transmission unit (3) transmits the data processed in the encryption processing unit (1).
5. The multiple redundancy algorithm based SDWAN network key distribution system as defined in claim 4, wherein: the encryption processing unit (1) comprises an asymmetric encryption module (11) and a symmetric encryption module (12);
The asymmetric encryption module (11) performs asymmetric encryption on the plaintext and transmits decrypted key data to the data processing unit (2); the symmetric encryption module (12) encrypts the data split by the data processing unit (2) and transmits the data back to the data processing unit (2) after encryption is completed.
6. The multiple redundancy algorithm based SDWAN network key distribution system as defined in claim 5, wherein: the data processing unit (2) comprises a data splitting module (21), a data endowing module (22) and a redundancy module (23);
the data splitting module (21) splits the decrypted key data transmitted by the asymmetric encryption module (11) to enable the decrypted key data to be split into front-end data, middle-end data and rear-end data, and transmits the data to the data giving module (22) after the data is split;
The data giving module (22) transmits the middle-end data to the symmetrical encryption module (12) after receiving the data transmitted by the data splitting module (21), the symmetrical encryption module (12) encrypts the data and transmits the decryption code to the data giving module (22), and the data giving module (22) divides the decryption code into a front decryption code and a rear decryption code and combines the front decryption code, the front-end data and the rear decryption code with the rear-end data;
the redundancy module (23) performs redundancy copying on the encrypted middle-end data, the front-end data and the back-end data after combination, numbers each group of data during copying, and decodes the encrypted middle-end data by the decryption data with the same number.
7. The multiple redundancy algorithm based SDWAN network key distribution system as defined in claim 6, wherein: the data transmission unit (3) comprises a data channel dividing module (31) and a transmission control module (32);
The data channel dividing module (31) receives the data transmitted by the symmetrical encryption module (12), and adopts SDWAN networks to carry out transmission channel dividing setting on the middle-end data encrypted by the same number and the front-end data and the back-end data after combination;
the transmission control module (32) transmits data to a designated position according to the data of the lane of the data lane module (31).
8. The multiple redundancy algorithm based SDWAN network key distribution system as defined in claim 7, wherein: the data splitting module (21) and the data giving module (22) split the decrypted key data and the decrypted code respectively as follows:
S21, reading decrypted key data or a decrypted character string to obtain information of the character string;
s22, extracting characters in the character string according to the number of split required;
S23, sequencing the extracted characters according to the sequence of the original character strings, numbering after sequencing is completed, and determining the numbering sequence according to the positions of the character strings in the original character strings.
9. The multiple redundancy algorithm based SDWAN network key distribution system as defined in claim 8, wherein: when numbering the ordered character strings, the position of the character in the original character string needs to be identified, and the identification method adopts a K-nearest neighbor algorithm and comprises the following steps:
s31, counting word frequency, and performing word segmentation to complete preprocessing of the Doc text of the original character string;
S32, calculating a characteristic value of the word;
s33, incrementally sorting by using an insert sorting algorithm according to the characteristic values of the words, and extracting the first M words from the sorted word set to serve as characteristic words of the current document;
S34, taking out a training sample T ij in a training text set C i of a certain class;
S35, calculating the similarity between Doc and T ij;
S36, if the training samples which are not taken exist in the C i, returning to the step S33;
s37, extracting K documents with the maximum similarity, sequentially calculating the weight of each class, and if the calculated weight of each class is larger than a threshold value theta, doc belongs to the class;
S38, sequentially taking out texts in the training text set C i, calculating the similarity between the texts and the training text set C i, if T ik exists, replacing T ik;Tij with Doc to represent the jth text in the training text set, and representing T ik as one training text with the minimum similarity in the training text set C i;
in the step S32, the formula for calculating the word characteristic value is:
Wherein Q is weight, delta is position weighting coefficient, E is limited semantic weighting coefficient, L is length of W i, T i is frequency of occurrence in the document, S is total document number, SD is document number function of occurrence at least once, W i is character content of new character string;
In S35, the formula for calculating the similarity between Doc and T ij is:
Wherein Sim (d x,dy) is the similarity between d x and d y, n is the number of feature words commonly owned by d x and d y, |d x | is the total number of feature words in document d x, |d y | is the total number of feature words in document d y, T xk is the k-th dimension value of d x, T yk is the k-th dimension value of d y, d x is the character content of Doc, and d y is the character content of T ij;
in S37, the weight formula for each class is calculated as follows:
Where d i is the eigenvector of Doc, Q (d, c j) is the class weight, and y (d i,cj) is the class function.
CN202310769639.5A 2023-06-28 2023-06-28 SDWAN network key distribution method and system based on multiple redundancy algorithm Active CN116980184B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310769639.5A CN116980184B (en) 2023-06-28 2023-06-28 SDWAN network key distribution method and system based on multiple redundancy algorithm

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310769639.5A CN116980184B (en) 2023-06-28 2023-06-28 SDWAN network key distribution method and system based on multiple redundancy algorithm

Publications (2)

Publication Number Publication Date
CN116980184A CN116980184A (en) 2023-10-31
CN116980184B true CN116980184B (en) 2024-08-13

Family

ID=88484035

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310769639.5A Active CN116980184B (en) 2023-06-28 2023-06-28 SDWAN network key distribution method and system based on multiple redundancy algorithm

Country Status (1)

Country Link
CN (1) CN116980184B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103636160A (en) * 2011-03-07 2014-03-12 安全第一公司 Secure file sharing method and system
CN106100832A (en) * 2016-06-12 2016-11-09 广东工业大学 Key management method based on convergent encryption in a kind of cloud storage data deduplication

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU2002220056A1 (en) * 2000-10-23 2002-12-03 Sun Microsystems, Inc. Method and apparatus for secure distributed cipher key storage
CN103959302A (en) * 2011-06-01 2014-07-30 安全第一公司 Systems and methods for secure distributed storage
US9547774B2 (en) * 2012-07-18 2017-01-17 Nexenta Systems, Inc. System and method for distributed deduplication of encrypted chunks
CN115170883B (en) * 2022-07-19 2023-03-14 哈尔滨市科佳通用机电股份有限公司 Brake cylinder piston push rod opening pin loss fault detection method
CN116208420B (en) * 2023-03-08 2024-03-12 武汉维高凡科技有限公司 Monitoring information safety transmission method, system, equipment and storage medium

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103636160A (en) * 2011-03-07 2014-03-12 安全第一公司 Secure file sharing method and system
CN106100832A (en) * 2016-06-12 2016-11-09 广东工业大学 Key management method based on convergent encryption in a kind of cloud storage data deduplication

Also Published As

Publication number Publication date
CN116980184A (en) 2023-10-31

Similar Documents

Publication Publication Date Title
CN104917747B (en) A kind of secret communication method
CN109840425B (en) File encryption method and device
CN106610995B (en) Method, device and system for creating ciphertext index
CN1279791A (en) Method and system for securely transferring data set in a data communications system
CN111797409B (en) Carrier-free information hiding method for big data Chinese text
CN106254074A (en) A kind of such poems of the Song Dynasty carrier Text information hiding technology based on Hybrid Encryption
CN102412963B (en) Random sequence based encryption method with misleading function
CN108173640A (en) The character string symmetric cryptography and decryption method of a kind of high security
CN113255007A (en) Safe hidden three-factor query method
CN102447558B (en) Encryption method using random sequence on-demand and having misleading function
CN111628858A (en) Encryption and decryption system and encryption and decryption method of network security algorithm
CN111027081B (en) Text carrierless information hiding method based on feature mapping
CN111556072B (en) Improved index encryption algorithm and system
CN106357608A (en) Method for encrypting and decrypting private data for personal healthcare data
CN116980184B (en) SDWAN network key distribution method and system based on multiple redundancy algorithm
Tang et al. Design and implementation of information hiding system based on RGB
Torvi et al. An unique data security using text steganography
Sathiaraj et al. Secure Transfer of Image-Acquired Text Using a Combination of Cryptography and Steganography
CN106357662A (en) MAC (media access control) address-based data encryption method
Gong Plaintext recovery attack on 3DES algorithm with different byte keys
CN111371751B (en) File stream byte group data encryption and network transmission method
Dandekar et al. Improved secret information hiding using SHA-256 and invisible ASCII character replacement technology
Maniyath et al. DNA coding and RDH scheme hybrid encryption algorithm using SVM
Pan Encryption scheme classification: a deep learning approach
Wu et al. Text coverless information hiding method based on hybrid tags

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant