CN118300799A - Multiple authentication method, device and system based on dynamic data encryption - Google Patents
Multiple authentication method, device and system based on dynamic data encryption Download PDFInfo
- Publication number
- CN118300799A CN118300799A CN202410468313.3A CN202410468313A CN118300799A CN 118300799 A CN118300799 A CN 118300799A CN 202410468313 A CN202410468313 A CN 202410468313A CN 118300799 A CN118300799 A CN 118300799A
- Authority
- CN
- China
- Prior art keywords
- encryption
- information
- exclusive
- source data
- value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 96
- 238000012795 verification Methods 0.000 claims abstract description 87
- 238000004590 computer program Methods 0.000 claims description 21
- 230000008569 process Effects 0.000 claims description 19
- 238000003860 storage Methods 0.000 claims description 13
- 238000006243 chemical reaction Methods 0.000 claims description 7
- 230000005540 biological transmission Effects 0.000 abstract description 27
- 238000012545 processing Methods 0.000 abstract description 15
- 238000004422 calculation algorithm Methods 0.000 description 26
- 238000004891 communication Methods 0.000 description 16
- 230000006870 function Effects 0.000 description 14
- 238000010586 diagram Methods 0.000 description 11
- 238000004364 calculation method Methods 0.000 description 10
- 238000005336 cracking Methods 0.000 description 6
- 150000003839 salts Chemical class 0.000 description 6
- 239000000872 buffer Substances 0.000 description 4
- 230000003993 interaction Effects 0.000 description 4
- 239000000243 solution Substances 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 230000001965 increasing effect Effects 0.000 description 3
- 230000002708 enhancing effect Effects 0.000 description 2
- 230000002452 interceptive effect Effects 0.000 description 2
- 238000009938 salting Methods 0.000 description 2
- 238000013475 authorization Methods 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 238000007796 conventional method Methods 0.000 description 1
- 239000011521 glass Substances 0.000 description 1
- 238000002347 injection Methods 0.000 description 1
- 239000007924 injection Substances 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the application provides a multiple authentication method, device and system based on dynamic data encryption, which relate to the field of data processing and can also be applied to the field of finance, wherein the method comprises the following steps: receiving source data to be transmitted, and generating a zeroed ASCII code according to the source data; obtaining an MD5 encryption value according to the sum value of the ASCII codes; generating a random character string according to the original MD5 value of the source data, and carrying out exclusive-or operation on the least common multiple of the ASCII code and the random character string to obtain a corresponding exclusive-or operation result; and splicing the MD5 encryption value, the random character string and the exclusive-or operation result to generate encryption information, and sending the encryption information to a verification terminal, so that the verification terminal performs comparison authentication according to the verification information of the local source data and the encryption information, multiple identity authentication of important information is realized, and the security of data transmission is improved.
Description
Technical Field
The application relates to the field of data processing and also can be applied to the field of finance, in particular to a multiple authentication method, device and system based on dynamic data encryption.
Background
In current banking systems or other scenarios involving information interaction, data is typically transmitted over dedicated lines or the internet.
Dedicated line transmission is a common data transmission mode, and banks or other institutions exchange data with a cooperation platform through a dedicated physical line. In some special scenarios, it may be necessary to complete the data transfer via the internet. While the internet provides a wider range of connectivity and convenience, data may be intercepted by third parties during transmission, resulting in leakage of sensitive information.
In order to protect data security, encryption technology is generally used to encrypt transmitted data, so that even if the data is intercepted, a third party cannot easily interpret the data content. However, since many encryption algorithms are public, an attacker can learn the working principle of the algorithm in detail, looking for a method of hacking, and since the security of encryption depends largely on the security of the key. Once the key is stolen, the security of the data is compromised even if the encryption algorithm itself is strong.
In addition, when the current client (client is abbreviated as C) and the server are in data interaction, generally adopted encryption is symmetric encryption and asymmetric encryption, such as AES, RSA and the like, the AES has high encryption speed, but both key interaction sides adopt one key and are easy to steal, both RSA interaction sides only exchange respective public keys and encrypt by respective private keys, so that certain security of the keys is ensured, however, man-in-the-middle attack exists, and both CS sides cannot know whether the key is a true party or not.
In the process of data exchange, it is also very important to verify the authenticity and integrity of information of both parties, and if the verification mechanism is not strong enough, the data may be tampered in the transmission process, so that the receiving party obtains the wrong or forged information.
Disclosure of Invention
Aiming at the problems in the prior art, the application provides a multiple authentication method, device and system based on dynamic data encryption, which can solve the problem of the publicity of a public encryption algorithm, realize multiple identity authentication of important information and improve the security of data transmission.
In order to solve at least one of the problems, the application provides the following technical scheme:
According to a first aspect of an embodiment of the present application, the present application provides a multiple authentication method based on dynamic data encryption, applied to an encryption end, including:
Receiving source data to be transmitted, and generating a zeroed ASCII code according to the source data;
Performing random iteration and MD5 encryption of dynamic salification according to the sum value of the ASCII codes to obtain an MD5 encryption value;
Generating a random character string according to the original MD5 value of the source data, and carrying out exclusive-or operation on the least common multiple of the ASCII code and the random character string to obtain a corresponding exclusive-or operation result;
And splicing the MD5 encryption value, the random character string and the exclusive-or operation result to generate encryption information, and sending the encryption information to a verification terminal so that the verification terminal can compare the verification information according to the local source data with the encryption information, and determining that the authentication is successful under the condition that the comparison result is consistent.
According to any embodiment of the present application, the performing random iteration and dynamic salification MD5 encryption according to the sum of the ASCII codes to obtain an MD5 encrypted value includes:
Determining random iteration times and dynamic salification parameters according to the sum value of ASCII codes corresponding to the source data length and the source data length;
and carrying out MD5 encryption according to the random iteration times and the dynamic salification parameters to obtain the MD5 encryption value.
According to any embodiment of the present application, the xoring the least common multiple of the ASCII code with the random string includes:
Calculating the least common multiple of the ASCII code corresponding to the length of the source data, and generating a least common multiple array key array;
and performing exclusive-or operation on the key array and the random character string, and converting the obtained exclusive-or data into an encoded character string.
According to any embodiment of the present application, when generating the least common multiple array key array, the method further includes:
And splitting the least common multiple of the ASCII code by taking units and tens as splitting objects, and removing zeros in the splitting process.
According to a second aspect of the embodiments of the present application, the present application provides a multiple authentication method based on dynamic data encryption, applied to a verification terminal, including:
Receiving encryption information sent by an encryption end, wherein the encryption end generates an ASCII code with zero removal according to source data to be transmitted, performs random iteration and MD5 encryption with dynamic salification according to a summation value of the ASCII code to obtain an MD5 encryption value, generates a random character string according to an original MD5 value of the source data, performs exclusive-OR operation on the least common multiple of the ASCII code and the random character string to obtain a corresponding exclusive-OR operation result, and splices the MD5 encryption value, the random character string and the exclusive-OR operation result to generate encryption information;
And comparing the verification information of the local source data with the encryption information, and determining that the authentication is successful under the condition that the comparison result is consistent.
According to any embodiment of the present application, the comparing the verification information according to the local source data with the encryption information, and determining that the authentication is successful if the comparison result is consistent, includes:
generating a zero-removed local ASCII code according to the length of the local source data, and carrying out random iteration and dynamic salted MD5 encryption according to the summation value of the local ASCII code to obtain a local MD5 encryption value;
Comparing the MD5 encryption value of the local source data with the MD5 encryption value in the encryption information, and determining that the authentication is successful under the condition that the comparison results are consistent.
According to any embodiment of the present application, the comparing the verification information according to the local source data with the encryption information, and determining that the authentication is successful if the comparison result is consistent, includes:
Generating a zero-removed local ASCII code according to the length of the local source data, generating a key array according to the least common multiple of the local ASCII code, and performing exclusive-or operation with a random string to obtain a local exclusive-or operation result;
Comparing the local exclusive-or operation result with the exclusive-or operation result in the encrypted information, and determining that the authentication is successful under the condition that the comparison result is consistent.
According to any embodiment of the present application, the comparing the verification information according to the local source data with the encryption information, and determining that the authentication is successful if the comparison result is consistent, includes:
generating a zero-removed local ASCII code according to the length of the local source data, and carrying out random iteration and dynamic salted MD5 encryption according to the summation value of the local ASCII code to obtain a local MD5 encryption value;
Generating a key array according to the least common multiple of the local ASCII codes, and performing exclusive-or operation with the random character strings to obtain a local exclusive-or operation result;
Comparing the MD5 encryption value of the local source data with the MD5 encryption value in the encryption information;
And responding to the consistency of the comparison result, comparing the local exclusive-or operation result with the exclusive-or operation result in the encrypted information, and determining that the authentication is successful under the condition that the comparison result is consistent.
According to a third aspect of the embodiments of the present application, the present application provides a multiple authentication device based on dynamic data encryption, applied to an encryption end, including:
The data conversion module is used for: receiving source data to be transmitted, and generating a zeroed ASCII code according to the source data;
A data encryption module for: performing random iteration and MD5 encryption of dynamic salification according to the sum value of the ASCII codes to obtain an MD5 encryption value;
The exclusive OR operation module is used for: generating a random character string according to the original MD5 value of the source data, and performing exclusive-or operation on the least common multiple of the ASCII code and the random character string to obtain a corresponding exclusive-or operation result
An information generating module for: and splicing the MD5 encryption value, the random character string and the exclusive-or operation result to generate encryption information, and sending the encryption information to a verification terminal so that the verification terminal can compare the verification information according to the local source data with the encryption information, and determining that the authentication is successful under the condition that the comparison result is consistent.
According to any embodiment of the present application, the data encryption module includes:
A parameter determination unit configured to: determining random iteration times and dynamic salification parameters according to the sum value of ASCII codes corresponding to the source data length and the source data length;
Dynamic encryption unit for: and carrying out MD5 encryption according to the random iteration times and the dynamic salification parameters to obtain the MD5 encryption value.
According to any embodiment of the present application, the exclusive-or operation module includes:
a key generation unit for: calculating the least common multiple of the ASCII code corresponding to the length of the source data, and generating a least common multiple array key array;
An exclusive or calculating unit configured to: and performing exclusive-or operation on the key array and the random character string, and converting the obtained exclusive-or data into an encoded character string.
According to any embodiment of the present application, when generating the least common multiple array key array, the splitting module is further configured to:
And splitting the least common multiple of the ASCII code by taking units and tens as splitting objects, and removing zeros in the splitting process.
According to a fourth aspect of the embodiments of the present application, the present application provides a multiple authentication device based on dynamic data encryption, applied to a verification terminal, including:
An information receiving module for: receiving encryption information sent by an encryption end, wherein the encryption end generates an ASCII code with zero removal according to source data to be transmitted, performs random iteration and MD5 encryption with dynamic salification according to a summation value of the ASCII code to obtain an MD5 encryption value, generates a random character string according to an original MD5 value of the source data, performs exclusive-OR operation on the least common multiple of the ASCII code and the random character string to obtain a corresponding exclusive-OR operation result, and splices the MD5 encryption value, the random character string and the exclusive-OR operation result to generate encryption information;
the information authentication module is used for: and comparing the verification information of the local source data with the encryption information, and determining that the authentication is successful under the condition that the comparison result is consistent.
According to any embodiment of the present application, the information authentication module includes:
A local encryption unit configured to: generating a zero-removed local ASCII code according to the length of the local source data, and carrying out random iteration and dynamic salted MD5 encryption according to the summation value of the local ASCII code to obtain a local MD5 encryption value;
An encryption comparison unit for: comparing the MD5 encryption value of the local source data with the MD5 encryption value in the encryption information, and determining that the authentication is successful under the condition that the comparison results are consistent.
According to any embodiment of the present application, the information authentication module includes:
A local calculation unit, configured to: generating a zero-removed local ASCII code according to the length of the local source data, generating a key array according to the least common multiple of the local ASCII code, and performing exclusive-or operation with a random string to obtain a local exclusive-or operation result;
The calculation comparison unit is used for: comparing the local exclusive-or operation result with the exclusive-or operation result in the encrypted information, and determining that the authentication is successful under the condition that the comparison result is consistent.
According to any embodiment of the present application, the information authentication module includes:
A local encryption unit configured to: generating a zero-removed local ASCII code according to the length of the local source data, and carrying out random iteration and dynamic salted MD5 encryption according to the summation value of the local ASCII code to obtain a local MD5 encryption value;
A local calculation unit, configured to: generating a key array according to the least common multiple of the local ASCII codes, and performing exclusive-or operation with the random character strings to obtain a local exclusive-or operation result;
An encryption comparison unit for: comparing the MD5 encryption value of the local source data with the MD5 encryption value in the encryption information;
the calculation comparison unit is used for: and responding to the consistency of the comparison result, comparing the local exclusive-or operation result with the exclusive-or operation result in the encrypted information, and determining that the authentication is successful under the condition that the comparison result is consistent.
According to a fifth aspect of the embodiments of the present application, the present application provides a multiple authentication system based on dynamic data encryption, including an encryption end and a verification end;
the encryption terminal comprises:
The data conversion module is used for: receiving source data to be transmitted, and generating a zeroed ASCII code according to the source data;
A data encryption module for: performing random iteration and MD5 encryption of dynamic salification according to the sum value of the ASCII codes to obtain an MD5 encryption value;
The exclusive OR operation module is used for: generating a random character string according to the original MD5 value of the source data, and performing exclusive-or operation on the least common multiple of the ASCII code and the random character string to obtain a corresponding exclusive-or operation result
An information generating module for: splicing the MD5 encryption value, the random character string and the exclusive-or operation result to generate encryption information, and sending the encryption information to a verification terminal;
The verification terminal comprises:
An information receiving module for: receiving encryption information sent by an encryption terminal;
the information authentication module is used for: and comparing the verification information of the local source data with the encryption information, and determining that the authentication is successful under the condition that the comparison result is consistent.
According to a sixth aspect of the embodiments of the present application, there is provided an electronic device including a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the steps of the dynamic data encryption-based multiple authentication method when executing the program.
According to a seventh aspect of embodiments of the present application, there is provided a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the dynamic data encryption based multiple authentication method.
According to an eighth aspect of embodiments of the present application, there is provided a computer program product comprising computer programs/instructions which, when executed by a processor, implement the steps of the dynamic data encryption based multiple authentication method.
As can be seen from the above technical solution, the present application provides a multiple authentication method, apparatus and system based on dynamic data encryption, which receives source data to be transmitted, and generates a zeroed ASCII code according to the source data; performing random iteration and MD5 encryption of dynamic salification according to the sum value of the ASCII codes to obtain an MD5 encryption value; generating a random character string according to the original MD5 value of the source data, and carrying out exclusive-or operation on the least common multiple of the ASCII code and the random character string to obtain a corresponding exclusive-or operation result; splicing the MD5 encryption value, the random character string and the exclusive-or operation result to generate encryption information, and sending the encryption information to a verification terminal, so that the verification terminal compares the verification information according to local source data with the encryption information, and determines that the authentication is successful under the condition that the comparison result is consistent; the public encryption algorithm can be solved, multiple identity authentication of important information is realized, and the safety of data transmission is improved.
Drawings
In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, and it is obvious that the drawings in the following description are some embodiments of the present application, and other drawings may be obtained according to the drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a multiple authentication method based on dynamic data encryption according to an embodiment of the present application;
FIG. 2 is a second flow chart of a multiple authentication method based on dynamic data encryption according to an embodiment of the application;
FIG. 3 is a third flow chart of a multiple authentication method based on dynamic data encryption according to an embodiment of the application;
FIG. 4 is a flow chart of a multiple authentication method based on dynamic data encryption according to an embodiment of the present application;
FIG. 5 is a flow chart of a multiple authentication method based on dynamic data encryption according to an embodiment of the present application;
FIG. 6 is a flowchart of a multiple authentication method based on dynamic data encryption according to an embodiment of the present application;
FIG. 7 is a flow chart of a multiple authentication method based on dynamic data encryption according to an embodiment of the present application;
FIG. 8 is a diagram showing one of the construction of a multiple authentication device based on dynamic data encryption in an embodiment of the present application;
FIG. 9 is a second block diagram of a multiple authentication device based on dynamic data encryption in an embodiment of the present application;
FIG. 10 is a block diagram of a multiple authentication system based on dynamic data encryption in an embodiment of the present application;
fig. 11 is a schematic structural diagram of an electronic device in an embodiment of the application.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present application more apparent, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments of the present application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
The information acquired by the application is information and data which are authorized by a user or fully authorized by all parties, and the processing of the related data such as collection, storage, use, processing, transmission, provision, disclosure, application and the like all conform to the related laws and regulations and standards of related countries and regions, necessary security measures are adopted, the public order is not violated, and corresponding operation entrance is provided for the user to select authorization or rejection.
Considering that the current popular encryption mode is reliable, but has transparent algorithm, and the risk of tampering exists in the verification of information of both parties, once the secret key is stolen, the risk of revealing sensitive information exists, the application provides a multiple authentication method, device and system based on dynamic data encryption, which can solve the public of the public encryption algorithm, realize multiple identity authentication of important information and improve the security of data transmission.
In order to solve the problem of public encryption algorithm disclosure and realize multiple identity authentication of important information and improve data transmission safety, the application provides an embodiment of a multiple authentication method based on dynamic data encryption, which is applied to an encryption end, and referring to fig. 1, the multiple authentication method based on dynamic data encryption specifically comprises the following contents:
step S101: and receiving source data to be transmitted, and generating a zeroed ASCII code according to the source data.
First, the encryption end receives source data that needs to be transmitted in an encrypted manner, where the source data may be in text, digital, or other formats.
The length of the source data is then converted to the corresponding ASCII code. In the conversion process, if the ASCII code contains a number of 0, the 0 is removed to simplify the calculation in the subsequent encryption step, and reduce the potential security risks.
Step S102: and carrying out random iteration and MD5 encryption of dynamic salification according to the sum value of the ASCII codes to obtain an MD5 encryption value.
First, the zero-removed ASCII codes generated in the previous step are summed to obtain a sum value. The source data is then MD5 encrypted using the sum as a random number of iterations. Meanwhile, in order to enhance security of encryption, a salt value may be dynamically added according to the length of source data. The MD5 encryption method with random iteration and dynamic salification can effectively improve encryption strength, so that even if an attacker obtains encrypted data, the encrypted data is difficult to be broken through a conventional method.
Wherein MD5, is collectively referred to as "Message-Digest Algorithm 5", "Message Digest Algorithm". Any length of data can be passed through a hashing algorithm to generate a fixed length hash value. The output length of the MD5 algorithm is 128 bits, typically represented by 32 16 bins. But the MD5 algorithm can find the hash value identical to the original data by means of brute force cracking or rainbow table attack and the like, so that the data is cracked.
Step S103: and generating a random character string according to the original MD5 value of the source data, and carrying out exclusive-or operation on the least common multiple of the ASCII code and the random character string to obtain a corresponding exclusive-or operation result.
First, standard MD5 encryption is performed on the source data to obtain the original MD5 value. The value will be an integral part of the subsequent encryption process. And generating a random character string, wherein the length and the content of the character string are random, and the character string is used for increasing uncertainty in the encryption process. The introduction of the random character string enables the encryption information generated each time to be different even if the same source data is encrypted for a plurality of times, thereby increasing the difficulty of cracking.
And carrying out mathematical treatment on the zero removal ASCII codes, and calculating the least common multiple of each number. And then carrying out exclusive OR operation on the obtained least common multiple and the random character string generated in the previous step so as to compare the two input bits, outputting 0 if the two input bits are the same, and outputting 1 if the two input bits are different. And adding a layer of protection to the final encrypted information through the unique encryption result generated by the exclusive OR operation.
Step S104: and splicing the MD5 encryption value, the random character string and the exclusive-or operation result to generate encryption information, and sending the encryption information to a verification terminal so that the verification terminal can compare the verification information according to the local source data with the encryption information, and determining that the authentication is successful under the condition that the comparison result is consistent.
And splicing the MD5 encryption value, the random character string and the exclusive OR operation result to form final encryption information. The encryption information contains an encrypted representation of the source data and additional information for authentication. And then the encrypted information is sent to the verification terminal. The verification terminal generates corresponding verification information according to the local source data, and then compares the corresponding verification information with the received encryption information to carry out encryption authentication.
As can be seen from the above description, the multiple authentication method based on dynamic data encryption provided by the embodiment of the application can solve the public of the public encryption algorithm, realize multiple identity authentication of important information and improve the security of data transmission.
In an embodiment of the multiple authentication method based on dynamic data encryption of the present application, referring to fig. 2, the MD5 encryption of random iteration and dynamic salification is performed according to the sum value of the ASCII codes to obtain an MD5 encrypted value, which may further specifically include the following:
Step S102A: and respectively determining random iteration times and dynamic salification parameters according to the sum value of the ASCII codes corresponding to the source data length and the source data length.
Firstly, calculating a summation value of ASCII codes corresponding to the length of source data, wherein the summation value is taken as the basis of random iteration times. And the random iteration characterizes repeated encryption of data in the MD5 encryption process, and the complexity of encryption is increased due to the randomness of iteration times, so that cracking becomes more difficult. Meanwhile, the dynamic salting parameter can be determined according to the length of the source data. The salting means adding some random data in the encryption process to prevent the same source data from generating the same encryption result, thereby enhancing the security.
Step S102B: and carrying out MD5 encryption according to the random iteration times and the dynamic salification parameters to obtain the MD5 encryption value.
The source data is MD5 encrypted using the random iteration number and dynamic salification parameters determined in the previous step, and any length of data is converted into an encrypted string of fixed length (typically 128 bits). The application not only uses the standard MD5 encryption process, but also combines the random iteration and the dynamic salt adding technology, so that the encryption process is more complex and safer.
In an embodiment of the multiple authentication method based on dynamic data encryption of the present application, referring to fig. 3, the exclusive or operation is performed on the least common multiple of the ASCII code and the random string, and may further specifically include the following:
Step S103A: and calculating the least common multiple of the ASCII code corresponding to the length of the source data, and generating a least common multiple group key array.
Firstly, carrying out mathematical treatment on ASCII codes corresponding to the length of source data, and calculating the least common multiple of each number, wherein the calculation of the least common multiple is used for providing a unique numerical base in the subsequent exclusive OR operation, thereby enhancing the complexity and the security of encryption. The calculated least common multiple will be used to generate an array of keys, each element of the array being based on a different variation of the least common multiple. The key array will be used as an important component of the exclusive-or operation for operation with the random string.
Step S103B: and performing exclusive-or operation on the key array and the random character string, and converting the obtained exclusive-or data into an encoded character string.
And performing exclusive OR operation on the key array generated in the previous step and the random character string. The exclusive-or operation is a basic binary operation, and outputs 0 if the two input bits are the same, and outputs 1 if the two input bits are different, so as to mix the information of the key array and the random string together to generate new exclusive-or data.
And then, in order to facilitate subsequent transmission and processing, the exclusive or data is converted into an encoded character string, and the encoded character string is obtained by encoding with Base64 generally, and the information of the active data and the random character string is contained in the encrypted character string.
In an embodiment of the multiple authentication method based on dynamic data encryption of the present application, when generating the least common multiple group key array, the method further includes:
And splitting the least common multiple of the ASCII code by taking units and tens as splitting objects, and removing zeros in the splitting process.
Preferably, to ensure the irreversibility of the key set, each digit in the least common multiple of ASCII codes may be split in units of bits and tens of bits. For example, if one number is 23, it is split into two numbers of 2 and 3. The splitting mode can increase the element number and the diversity of the key array, thereby improving the complexity and the security of the key.
In the splitting process, if the split number contains 0, since 0 does not play a role in exclusive or operation, reserving 0 reduces the validity of the key, and by going to 0, it can be ensured that each element in the key array has a practical contribution to the encryption process.
In order to further explain the scheme, the application also provides a specific application example of implementing the multiple authentication method based on dynamic data encryption by applying the multiple authentication device based on dynamic data encryption, which is applied to an encryption end and specifically comprises the following contents:
in the early-stage convention, the interactive two parties need to agree on the coding format, and the application example agrees with utf-8.
The source data to be transmitted or the identity authentication information data agreed by both parties are known by both parties.
Step 1, converting the data length dataLen (39) into ASCII code and splitting the array lenDAsc with zero (such as ASCII:50 split into 5 and 51 split into 5, 1).
Step 2, summing lenDAsc gives dataAscSum, the application 18.
Step 3, obtaining a MD5 value HASHSALTMD of random iteration and dynamic salification: 902301e850f33e667fa031c555ccc375. This step differs from MD5 in that a random number of iterations and a dynamic salt (the temporarily contracted number of iterations in the present application is dataAscSum and the salt is dataLen) are added. The number of iterations and the salt described above are also dynamic changes for changes in different data lengths. And can be dynamically set according to the situation. Finally, the possibility of brute force cracking by adopting a rainbow table and the like is zero.
Step 4, obtaining original MD5 data db95d670f74e542502fbddfc351856ba of data, obtaining a random character string var_code, and enabling the length to be agreed with both sides C, S, wherein the length is agreed to be 8, and the actual application can be dynamically adjusted randomly or based on other rules, so that the application is not explained in detail. getRandomString method data Source is original MD5: the character string pool changes due to the difference of db95d670f74e542502fbddfc351856ba and data, and the character string obtained randomly from the source pool also changes dynamically.
Step 5, calculating the least common multiple of lenDAsc, generating a least common multiple array key array minM, then xoring with var_code to obtain xorData, and encoding by base64 to obtain xorData: EBwQE0dHR m=.
The encryption and decryption of the data are realized according to the reversibility of the exclusive OR operation. The application takes A as an original text, key as a secret Key and C as a ciphertext, but single exclusive OR can obtain the secret Key K by breaking if the plaintext and the ciphertext are acquired by a middleman, so the secret Key Key is not an independent number but a group of dynamically generated secret keys: { Key1, key2, key3.. Keyn }, and the Factor that generates the Key set may be simply encrypted or plaintext transmitted at the time of data transmission.
Encryption algorithm:
Decryption algorithm:
In order to ensure the irreversibility of the key set, when the array minM is obtained by splitting lenDAsc, adopting unit and ten-bit splitting, removing 0 and calculating the least common multiple.
Step 6, HASHSALTMD5+var_code+ xorData are spliced to generate final identity verification information IDVERIFYMES:
902301e850f33e667fa031c555ccc3755956bbbfEBwQE0dHR0M=
in order to solve the problem of public encryption algorithm disclosure and realize multiple identity authentication of important information and improve data transmission security, the application provides an embodiment of a multiple authentication method based on dynamic data encryption, which is applied to a verification end, and referring to fig. 4, the multiple authentication method based on dynamic data encryption specifically comprises the following contents:
Step S201: and receiving encryption information sent by an encryption terminal, wherein the encryption terminal generates an ASCII code with zero removal according to source data to be transmitted, performs random iteration and MD5 encryption with dynamic salification according to a summation value of the ASCII code to obtain an MD5 encryption value, generates a random character string according to an original MD5 value of the source data, performs exclusive-OR operation on the least common multiple of the ASCII code and the random character string to obtain a corresponding exclusive-OR operation result, and splices the MD5 encryption value, the random character string and the exclusive-OR operation result to generate encryption information.
Step S202: and comparing the verification information of the local source data with the encryption information, and determining that the authentication is successful under the condition that the comparison result is consistent.
In an embodiment of the multiple authentication method based on dynamic data encryption of the present application, referring to fig. 5, the verification information according to the local source data is compared with the encryption information, and the authentication success is determined under the condition that the comparison result is consistent, and the method may further specifically include the following:
step S202A: and generating a zero-removed local ASCII code according to the length of the local source data, and carrying out random iteration and dynamic salted MD5 encryption according to the summation value of the local ASCII code to obtain a local MD5 encryption value.
Step S202B: comparing the MD5 encryption value of the local source data with the MD5 encryption value in the encryption information, and determining that the authentication is successful under the condition that the comparison results are consistent.
The verification terminal generates a zeroed ASCII code array according to the length of the locally stored source data. The procedure is similar to the one done by the encryption side at the time of encryption, in order to ensure that the authentication side and the encryption side use the same rules to process the data. And then, the verification end performs random iteration and dynamic salted MD5 encryption according to the sum value of the ASCII code array to obtain a local MD5 encryption value. The encryption value is to be used for comparison with the MD5 encryption value in the received encryption information to verify the authenticity and integrity of the encryption information.
In an embodiment of the multiple authentication method based on dynamic data encryption of the present application, referring to fig. 6, the verification information according to the local source data is compared with the encryption information, and the authentication success is determined under the condition that the comparison result is consistent, and the method may further specifically include the following:
Step S202C: and generating a zero-removed local ASCII code according to the length of the local source data, generating a key array according to the least common multiple of the local ASCII code, and performing exclusive-or operation with the random character string to obtain a local exclusive-or operation result.
Step S202D: comparing the local exclusive-or operation result with the exclusive-or operation result in the encrypted information, and determining that the authentication is successful under the condition that the comparison result is consistent.
The verification terminal generates a zeroed ASCII code array according to the length of the local source data, which is similar to the operation of the encryption terminal in the encryption process, and ensures that the verification terminal and the encryption terminal adopt the same rule when processing the data. And then, the verification terminal generates a key array according to the least common multiple of the ASCII code array, wherein the key array is used for carrying out exclusive-or operation with a random character string used in the encryption process, so that a local exclusive-or operation result is obtained.
And comparing the obtained local exclusive-or operation result with the exclusive-or operation result in the received encrypted information. If the two exclusive or operation results are the same, the random character string and the key array in the encrypted information are matched with the random character string and the key array generated by the verification end, so that the sender of the encrypted information is legal, and the data is not tampered in the transmission process.
In an embodiment of the multiple authentication method based on dynamic data encryption of the present application, referring to fig. 7, the verification information according to the local source data is compared with the encryption information, and the authentication success is determined if the comparison result is consistent, and the method may further specifically include the following:
Step S202E: generating a zero-removed local ASCII code according to the length of the local source data, and carrying out random iteration and dynamic salted MD5 encryption according to the summation value of the local ASCII code to obtain a local MD5 encryption value;
Step S202F: generating a key array according to the least common multiple of the local ASCII codes, and performing exclusive-or operation with the random character strings to obtain a local exclusive-or operation result;
step S202G: comparing the MD5 encryption value of the local source data with the MD5 encryption value in the encryption information;
Step S202H: and responding to the consistency of the comparison result, comparing the local exclusive-or operation result with the exclusive-or operation result in the encrypted information, and determining that the authentication is successful under the condition that the comparison result is consistent.
The verification terminal compares the obtained local MD5 encryption value with the MD5 encryption value in the received encryption information. If the two are consistent, the encrypted information is not tampered in the transmission process, and the source data in the encrypted information is consistent with the local source data of the verification terminal.
If the comparison result is consistent, the verification end continuously compares the obtained local exclusive-or operation result with the exclusive-or operation result in the encrypted information. If the two exclusive or operation results are consistent, the authentication success can be determined, namely the verification end confirms that the sender of the encrypted information is legal, and the integrity and the security of the data are ensured.
As can be seen from the above description, the multiple authentication method based on dynamic data encryption provided by the embodiment of the application can solve the public of the public encryption algorithm, realize multiple identity authentication of important information and improve the security of data transmission.
In order to further explain the scheme, the application also provides a specific application example of implementing the multiple authentication method based on dynamic data encryption by applying the multiple authentication device based on dynamic data encryption, which is applied to a verification end and specifically comprises the following contents:
The verification is to confirm whether the original information data is sent from a real interactive partner.
In the verification method 1, the verification end intercepts the var_code in IDVERIFYMES, calculates an array lenDAscLocal of the Local source data dataLocal by referring to the encryption end, calculates a least common multiple array key array minMLocal of lenDAscLocal by referring to the encryption end, obtains xorDataLocal by exclusive-or with the var_code, obtains xorData Local after encoding by base64, and compares xorData Local with xorData64 whether the Local is consistent or not.
The first 32 bits in IDVERIFYMES are intercepted to obtain HASHSALTMD5_v, the length dataLenLocal of local source data dataLocal is calculated, lenDAscLocal array values and dataAscSumLocal are calculated by referring to an encryption end, and the same method is called to obtain dynamic salted MD5 data: HASHSALTMD5Local, and then comparing HASHSALTMD.
In the method 1, even if the data length is 1, the Key minMLocal is in { Key1, key2, key3}, the number of combinations (calculated by positive number) is (2 ζ -1) ×2 ζ -1, the order of magnitude is extremely large, and the probability of brute force cracking is extremely low. The method obtains source data data (dataLocal) even if SQL injection is performed, and the unknown random iteration times and dynamic salt have extremely low cracking probability. Simultaneous verification using method 1 and method 2 will promote higher security level protection.
In order to solve the problem of public disclosure of a public encryption algorithm, realize multiple identity authentication of important information and improve the security of data transmission, the present application provides an embodiment of a multiple authentication device based on dynamic data encryption for implementing all or part of the contents of the multiple authentication method based on dynamic data encryption, referring to fig. 8, the multiple authentication device based on dynamic data encryption is applied to an encryption end, and specifically includes the following contents:
A data conversion module 1101 for: receiving source data to be transmitted, and generating a zeroed ASCII code according to the source data;
A data encryption module 1102, configured to: performing random iteration and MD5 encryption of dynamic salification according to the sum value of the ASCII codes to obtain an MD5 encryption value;
An exclusive-or operation module 1103 for: generating a random character string according to the original MD5 value of the source data, and carrying out exclusive-or operation on the least common multiple of the ASCII code and the random character string to obtain a corresponding exclusive-or operation result;
An information generation module 1104 for: and splicing the MD5 encryption value, the random character string and the exclusive-or operation result to generate encryption information, and sending the encryption information to a verification terminal so that the verification terminal can compare the verification information according to the local source data with the encryption information, and determining that the authentication is successful under the condition that the comparison result is consistent.
According to any embodiment of the present application, the data encryption module includes:
A parameter determination unit configured to: determining random iteration times and dynamic salification parameters according to the sum value of ASCII codes corresponding to the source data length and the source data length;
Dynamic encryption unit for: and carrying out MD5 encryption according to the random iteration times and the dynamic salification parameters to obtain the MD5 encryption value.
According to any embodiment of the present application, the exclusive-or operation module includes:
a key generation unit for: calculating the least common multiple of the ASCII code corresponding to the length of the source data, and generating a least common multiple array key array;
An exclusive or calculating unit configured to: and performing exclusive-or operation on the key array and the random character string, and converting the obtained exclusive-or data into an encoded character string.
According to any embodiment of the present application, when generating the least common multiple array key array, the splitting module is further configured to:
And splitting the least common multiple of the ASCII code by taking units and tens as splitting objects, and removing zeros in the splitting process.
In order to solve the problem of public disclosure of a public encryption algorithm, realize multiple identity authentication of important information and improve the security of data transmission, the application provides an embodiment of a multiple authentication device based on dynamic data encryption for realizing all or part of the contents of the multiple authentication method based on dynamic data encryption, referring to fig. 9, the multiple authentication device based on dynamic data encryption is applied to a verification end and specifically comprises the following contents:
An information receiving module 2201 for: receiving encryption information sent by an encryption end, wherein the encryption end generates an ASCII code with zero removal according to source data to be transmitted, performs random iteration and MD5 encryption with dynamic salification according to a summation value of the ASCII code to obtain an MD5 encryption value, generates a random character string according to an original MD5 value of the source data, performs exclusive-OR operation on the least common multiple of the ASCII code and the random character string to obtain a corresponding exclusive-OR operation result, and splices the MD5 encryption value, the random character string and the exclusive-OR operation result to generate encryption information;
an information authentication module 2202 for: and comparing the verification information of the local source data with the encryption information, and determining that the authentication is successful under the condition that the comparison result is consistent.
According to any embodiment of the present application, the information authentication module includes:
A local encryption unit configured to: generating a zero-removed local ASCII code according to the length of the local source data, and carrying out random iteration and dynamic salted MD5 encryption according to the summation value of the local ASCII code to obtain a local MD5 encryption value;
An encryption comparison unit for: comparing the MD5 encryption value of the local source data with the MD5 encryption value in the encryption information, and determining that the authentication is successful under the condition that the comparison results are consistent.
According to any embodiment of the present application, the information authentication module includes:
A local calculation unit, configured to: generating a zero-removed local ASCII code according to the length of the local source data, generating a key array according to the least common multiple of the local ASCII code, and performing exclusive-or operation with a random string to obtain a local exclusive-or operation result;
The calculation comparison unit is used for: comparing the local exclusive-or operation result with the exclusive-or operation result in the encrypted information, and determining that the authentication is successful under the condition that the comparison result is consistent.
According to any embodiment of the present application, the information authentication module includes:
A local encryption unit configured to: generating a zero-removed local ASCII code according to the length of the local source data, and carrying out random iteration and dynamic salted MD5 encryption according to the summation value of the local ASCII code to obtain a local MD5 encryption value;
A local calculation unit, configured to: generating a key array according to the least common multiple of the local ASCII codes, and performing exclusive-or operation with the random character strings to obtain a local exclusive-or operation result;
An encryption comparison unit for: comparing the MD5 encryption value of the local source data with the MD5 encryption value in the encryption information;
the calculation comparison unit is used for: and responding to the consistency of the comparison result, comparing the local exclusive-or operation result with the exclusive-or operation result in the encrypted information, and determining that the authentication is successful under the condition that the comparison result is consistent.
In order to solve the public of the public encryption algorithm, realize the multiple identity authentication of the important information, raise the security of data transmission, the application provides an embodiment of multiple authentication device based on dynamic data encryption used for realizing all or some content of multiple authentication method based on dynamic data encryption, see FIG. 10, the multiple authentication system based on dynamic data encryption, including encrypting end and verifying end;
the encryption terminal comprises:
A data conversion module 1101 for: receiving source data to be transmitted, and generating a zeroed ASCII code according to the source data;
A data encryption module 1102, configured to: performing random iteration and MD5 encryption of dynamic salification according to the sum value of the ASCII codes to obtain an MD5 encryption value;
An exclusive-or operation module 1103 for: generating a random character string according to the original MD5 value of the source data, and performing exclusive-or operation on the least common multiple of the ASCII code and the random character string to obtain a corresponding exclusive-or operation result
An information generation module 1104 for: splicing the MD5 encryption value, the random character string and the exclusive-or operation result to generate encryption information, and sending the encryption information to a verification terminal;
The verification terminal comprises:
an information receiving module 2201 for: receiving encryption information sent by an encryption terminal;
an information authentication module 2202 for: and comparing the verification information of the local source data with the encryption information, and determining that the authentication is successful under the condition that the comparison result is consistent.
As can be seen from the above description, the multiple authentication device based on dynamic data encryption provided by the embodiment of the application can solve the public of the public encryption algorithm, realize multiple identity authentication of important information, and improve the security of data transmission.
In order to solve the public of public encryption algorithm and realize multiple identity authentication of important information and improve the security of data transmission from the hardware level, the application provides an embodiment of an electronic device for realizing all or part of contents in the multiple authentication method based on dynamic data encryption, wherein the electronic device specifically comprises the following contents:
A processor (processor), a memory (memory), a communication interface (Communications Interface), and a bus; the processor, the memory and the communication interface complete communication with each other through the bus; the communication interface is used for realizing information transmission between the multiple authentication device based on dynamic data encryption and related equipment such as a core service system, a user terminal, a related database and the like; the logic controller may be a desktop computer, a tablet computer, a mobile terminal, etc., and the embodiment is not limited thereto. In this embodiment, the logic controller may refer to the embodiment of the multiple authentication method based on dynamic data encryption and the embodiment of the multiple authentication device based on dynamic data encryption, and the contents thereof are incorporated herein and are not repeated here.
It is understood that the user terminal may include a smart phone, a tablet electronic device, a network set top box, a portable computer, a desktop computer, a Personal Digital Assistant (PDA), a vehicle-mounted device, a smart wearable device, etc. Wherein, intelligent wearing equipment can include intelligent glasses, intelligent wrist-watch, intelligent bracelet etc..
In practical applications, part of the multiple authentication method based on dynamic data encryption may be performed on the electronic device side as described above, or all operations may be performed in the client device. Specifically, the selection may be made according to the processing capability of the client device, and restrictions of the use scenario of the user. The application is not limited in this regard. If all operations are performed in the client device, the client device may further include a processor.
The client device may have a communication module (i.e. a communication unit) and may be connected to a remote server in a communication manner, so as to implement data transmission with the server. The server may include a server on the side of the task scheduling center, and in other implementations may include a server of an intermediate platform, such as a server of a third party server platform having a communication link with the task scheduling center server. The server may include a single computer device, a server cluster formed by a plurality of servers, or a server structure of a distributed device.
Fig. 11 is a schematic block diagram of a system configuration of an electronic device 9600 according to an embodiment of the present application. As shown in fig. 11, the electronic device 9600 may include a central processor 9100 and a memory 9140; the memory 9140 is coupled to the central processor 9100. Notably, this fig. 11 is exemplary; other types of structures may also be used in addition to or in place of the structures to implement telecommunications functions or other functions.
In one embodiment, multiple authentication method functions based on dynamic data encryption may be integrated into the central processor 9100. The central processor 9100 may be configured to perform the following control:
Step S101: receiving source data to be transmitted, and generating a zeroed ASCII code according to the source data;
step S102: performing random iteration and MD5 encryption of dynamic salification according to the sum value of the ASCII codes to obtain an MD5 encryption value;
step S103: generating a random character string according to the original MD5 value of the source data, and carrying out exclusive-or operation on the least common multiple of the ASCII code and the random character string to obtain a corresponding exclusive-or operation result;
Step S104: and splicing the MD5 encryption value, the random character string and the exclusive-or operation result to generate encryption information, and sending the encryption information to a verification terminal so that the verification terminal can compare the verification information according to the local source data with the encryption information, and determining that the authentication is successful under the condition that the comparison result is consistent.
As can be seen from the above description, the electronic device provided by the embodiment of the application can solve the public of the public encryption algorithm, realize multiple identity authentication of important information, and improve the security of data transmission.
In another embodiment, the multiple authentication device based on dynamic data encryption may be configured separately from the central processing unit 9100, for example, the multiple authentication device based on dynamic data encryption may be configured as a chip connected to the central processing unit 9100, and the multiple authentication method function based on dynamic data encryption is implemented by control of the central processing unit.
As shown in fig. 11, the electronic device 9600 may further include: a communication module 9110, an input unit 9120, an audio processor 9130, a display 9160, and a power supply 9170. It is noted that the electronic device 9600 need not include all of the components shown in fig. 11; in addition, the electronic device 9600 may further include components not shown in fig. 11, and reference may be made to the related art.
As shown in fig. 11, the central processor 9100, sometimes referred to as a controller or operational control, may include a microprocessor or other processor device and/or logic device, which central processor 9100 receives inputs and controls the operation of the various components of the electronic device 9600.
The memory 9140 may be, for example, one or more of a buffer, a flash memory, a hard drive, a removable media, a volatile memory, a non-volatile memory, or other suitable device. The information about failure may be stored, and a program for executing the information may be stored. And the central processor 9100 can execute the program stored in the memory 9140 to realize information storage or processing, and the like.
The input unit 9120 provides input to the central processor 9100. The input unit 9120 is, for example, a key or a touch input device. The power supply 9170 is used to provide power to the electronic device 9600. The display 9160 is used for displaying display objects such as images and characters. The display may be, for example, but not limited to, an LCD display.
The memory 9140 may be a solid state memory such as Read Only Memory (ROM), random Access Memory (RAM), SIM card, etc. But also a memory which holds information even when powered down, can be selectively erased and provided with further data, an example of which is sometimes referred to as EPROM or the like. The memory 9140 may also be some other type of device. The memory 9140 includes a buffer memory 9141 (sometimes referred to as a buffer). The memory 9140 may include an application/function storage portion 9142, the application/function storage portion 9142 storing application programs and function programs or a flow for executing operations of the electronic device 9600 by the central processor 9100.
The memory 9140 may also include a data store 9143, the data store 9143 for storing data, such as contacts, digital data, pictures, sounds, and/or any other data used by an electronic device. The driver storage portion 9144 of the memory 9140 may include various drivers of the electronic device for communication functions and/or for performing other functions of the electronic device (e.g., messaging applications, address book applications, etc.).
The communication module 9110 is a transmitter/receiver 9110 that transmits and receives signals via an antenna 9111. A communication module (transmitter/receiver) 9110 is coupled to the central processor 9100 to provide input signals and receive output signals, as in the case of conventional mobile communication terminals.
Based on different communication technologies, a plurality of communication modules 9110, such as a cellular network module, a bluetooth module, and/or a wireless local area network module, etc., may be provided in the same electronic device. The communication module (transmitter/receiver) 9110 is also coupled to a speaker 9131 and a microphone 9132 via an audio processor 9130 to provide audio output via the speaker 9131 and to receive audio input from the microphone 9132 to implement usual telecommunications functions. The audio processor 9130 can include any suitable buffers, decoders, amplifiers and so forth. In addition, the audio processor 9130 is also coupled to the central processor 9100 so that sound can be recorded locally through the microphone 9132 and sound stored locally can be played through the speaker 9131.
An embodiment of the present application also provides a computer-readable storage medium capable of implementing all steps in the dynamic data encryption-based multiple authentication method in which an execution subject is a server or a client, the computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements all steps in the dynamic data encryption-based multiple authentication method in which an execution subject is a server or a client, for example, the processor implements the steps of:
Step S101: receiving source data to be transmitted, and generating a zeroed ASCII code according to the source data;
step S102: performing random iteration and MD5 encryption of dynamic salification according to the sum value of the ASCII codes to obtain an MD5 encryption value;
step S103: generating a random character string according to the original MD5 value of the source data, and carrying out exclusive-or operation on the least common multiple of the ASCII code and the random character string to obtain a corresponding exclusive-or operation result;
Step S104: and splicing the MD5 encryption value, the random character string and the exclusive-or operation result to generate encryption information, and sending the encryption information to a verification terminal so that the verification terminal can compare the verification information according to the local source data with the encryption information, and determining that the authentication is successful under the condition that the comparison result is consistent.
As can be seen from the above description, the computer readable storage medium provided by the embodiments of the present application can solve the public of the public encryption algorithm, implement multiple identity authentication of important information, and improve the security of data transmission.
The embodiment of the present application further provides a computer program product capable of implementing all the steps in the multiple authentication method based on dynamic data encryption in which the execution subject is a server or a client, and the steps of the multiple authentication method based on dynamic data encryption are implemented when the computer program/instructions are executed by a processor, for example, the computer program/instructions implement the steps of:
Step S101: receiving source data to be transmitted, and generating a zeroed ASCII code according to the source data;
step S102: performing random iteration and MD5 encryption of dynamic salification according to the sum value of the ASCII codes to obtain an MD5 encryption value;
step S103: generating a random character string according to the original MD5 value of the source data, and carrying out exclusive-or operation on the least common multiple of the ASCII code and the random character string to obtain a corresponding exclusive-or operation result;
Step S104: and splicing the MD5 encryption value, the random character string and the exclusive-or operation result to generate encryption information, and sending the encryption information to a verification terminal so that the verification terminal can compare the verification information according to the local source data with the encryption information, and determining that the authentication is successful under the condition that the comparison result is consistent.
As can be seen from the above description, the computer program product provided by the embodiment of the present application can solve the public of the public encryption algorithm, realize multiple identity authentication of important information, and improve the security of data transmission.
It will be apparent to those skilled in the art that embodiments of the present invention may be provided as a method, apparatus, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (devices), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. The computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
The computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The principles and embodiments of the present invention have been described in detail with reference to specific examples, which are provided to facilitate understanding of the method and core ideas of the present invention; meanwhile, as those skilled in the art will have variations in the specific embodiments and application scope in accordance with the ideas of the present invention, the present description should not be construed as limiting the present invention in view of the above.
Claims (14)
1. A multiple authentication method based on dynamic data encryption, characterized in that it is applied to an encryption end, the method comprising:
Receiving source data to be transmitted, and generating a zeroed ASCII code according to the source data;
Performing random iteration and MD5 encryption of dynamic salification according to the sum value of the ASCII codes to obtain an MD5 encryption value;
Generating a random character string according to the original MD5 value of the source data, and carrying out exclusive-or operation on the least common multiple of the ASCII code and the random character string to obtain a corresponding exclusive-or operation result;
And splicing the MD5 encryption value, the random character string and the exclusive-or operation result to generate encryption information, and sending the encryption information to a verification terminal so that the verification terminal can compare the verification information according to the local source data with the encryption information, and determining that the authentication is successful under the condition that the comparison result is consistent.
2. The multiple authentication method based on dynamic data encryption according to claim 1, wherein the performing random iteration and dynamic salification MD5 encryption according to the sum of ASCII codes to obtain an MD5 encrypted value comprises:
Determining random iteration times and dynamic salification parameters according to the sum value of ASCII codes corresponding to the source data length and the source data length;
and carrying out MD5 encryption according to the random iteration times and the dynamic salification parameters to obtain the MD5 encryption value.
3. The multiple authentication method based on dynamic data encryption according to claim 1, wherein xoring the least common multiple of the ASCII code with the random string comprises:
Calculating the least common multiple of the ASCII code corresponding to the length of the source data, and generating a least common multiple array key array;
and performing exclusive-or operation on the key array and the random character string, and converting the obtained exclusive-or data into an encoded character string.
4. The multiple authentication method based on dynamic data encryption according to claim 3, further comprising, when generating the least common multiple array key array:
And splitting the least common multiple of the ASCII code by taking units and tens as splitting objects, and removing zeros in the splitting process.
5. A multiple authentication method based on dynamic data encryption, applied to a verification end, the method comprising:
Receiving encryption information sent by an encryption end, wherein the encryption end generates an ASCII code with zero removal according to source data to be transmitted, performs random iteration and MD5 encryption with dynamic salification according to a summation value of the ASCII code to obtain an MD5 encryption value, generates a random character string according to an original MD5 value of the source data, performs exclusive-OR operation on the least common multiple of the ASCII code and the random character string to obtain a corresponding exclusive-OR operation result, and splices the MD5 encryption value, the random character string and the exclusive-OR operation result to generate encryption information;
And comparing the verification information of the local source data with the encryption information, and determining that the authentication is successful under the condition that the comparison result is consistent.
6. The multiple authentication method based on dynamic data encryption according to claim 5, wherein the comparing the verification information according to the local source data with the encryption information, and determining that authentication is successful if the comparison result is consistent, comprises:
generating a zero-removed local ASCII code according to the length of the local source data, and carrying out random iteration and dynamic salted MD5 encryption according to the summation value of the local ASCII code to obtain a local MD5 encryption value;
Comparing the MD5 encryption value of the local source data with the MD5 encryption value in the encryption information, and determining that the authentication is successful under the condition that the comparison results are consistent.
7. The multiple authentication method based on dynamic data encryption according to claim 5, wherein the comparing the verification information according to the local source data with the encryption information, and determining that authentication is successful if the comparison result is consistent, comprises:
Generating a zero-removed local ASCII code according to the length of the local source data, generating a key array according to the least common multiple of the local ASCII code, and performing exclusive-or operation with a random string to obtain a local exclusive-or operation result;
Comparing the local exclusive-or operation result with the exclusive-or operation result in the encrypted information, and determining that the authentication is successful under the condition that the comparison result is consistent.
8. The multiple authentication method based on dynamic data encryption according to claim 5, wherein the comparing the verification information according to the local source data with the encryption information, and determining that authentication is successful if the comparison result is consistent, comprises:
generating a zero-removed local ASCII code according to the length of the local source data, and carrying out random iteration and dynamic salted MD5 encryption according to the summation value of the local ASCII code to obtain a local MD5 encryption value;
Generating a key array according to the least common multiple of the local ASCII codes, and performing exclusive-or operation with the random character strings to obtain a local exclusive-or operation result;
Comparing the MD5 encryption value of the local source data with the MD5 encryption value in the encryption information;
And responding to the consistency of the comparison result, comparing the local exclusive-or operation result with the exclusive-or operation result in the encrypted information, and determining that the authentication is successful under the condition that the comparison result is consistent.
9. A multiple authentication device based on dynamic data encryption, applied to an encryption end, the device comprising:
The data conversion module is used for: receiving source data to be transmitted, and generating a zeroed ASCII code according to the source data;
A data encryption module for: performing random iteration and MD5 encryption of dynamic salification according to the sum value of the ASCII codes to obtain an MD5 encryption value;
the exclusive OR operation module is used for: generating a random character string according to the original MD5 value of the source data, and carrying out exclusive-or operation on the least common multiple of the ASCII code and the random character string to obtain a corresponding exclusive-or operation result;
an information generating module for: and splicing the MD5 encryption value, the random character string and the exclusive-or operation result to generate encryption information, and sending the encryption information to a verification terminal so that the verification terminal can compare the verification information according to the local source data with the encryption information, and determining that the authentication is successful under the condition that the comparison result is consistent.
10. A multiple authentication device based on dynamic data encryption, applied to a verification end, the device comprising:
An information receiving module for: receiving encryption information sent by an encryption end, wherein the encryption end generates an ASCII code with zero removal according to source data to be transmitted, performs random iteration and MD5 encryption with dynamic salification according to a summation value of the ASCII code to obtain an MD5 encryption value, generates a random character string according to an original MD5 value of the source data, performs exclusive-OR operation on the least common multiple of the ASCII code and the random character string to obtain a corresponding exclusive-OR operation result, and splices the MD5 encryption value, the random character string and the exclusive-OR operation result to generate encryption information;
the information authentication module is used for: and comparing the verification information of the local source data with the encryption information, and determining that the authentication is successful under the condition that the comparison result is consistent.
11. The multiple authentication system based on dynamic data encryption is characterized by comprising an encryption end and a verification end;
the encryption terminal comprises:
The data conversion module is used for: receiving source data to be transmitted, and generating a zeroed ASCII code according to the source data;
A data encryption module for: performing random iteration and MD5 encryption of dynamic salification according to the sum value of the ASCII codes to obtain an MD5 encryption value;
The exclusive OR operation module is used for: generating a random character string according to the original MD5 value of the source data, and performing exclusive-or operation on the least common multiple of the ASCII code and the random character string to obtain a corresponding exclusive-or operation result
An information generating module for: splicing the MD5 encryption value, the random character string and the exclusive-or operation result to generate encryption information, and sending the encryption information to a verification terminal;
The verification terminal comprises:
An information receiving module for: receiving encryption information sent by an encryption terminal;
the information authentication module is used for: and comparing the verification information of the local source data with the encryption information, and determining that the authentication is successful under the condition that the comparison result is consistent.
12. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor implements the steps of the dynamic data encryption based multiple authentication method according to any one of claims 1 to 8 when the program is executed.
13. A computer readable storage medium having stored thereon a computer program, characterized in that the computer program when executed by a processor implements the steps of the dynamic data encryption based multiple authentication method according to any one of claims 1 to 8.
14. A computer program product comprising computer programs/instructions which, when executed by a processor, implement the steps of the dynamic data encryption based multiple authentication method according to any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410468313.3A CN118300799A (en) | 2024-04-18 | 2024-04-18 | Multiple authentication method, device and system based on dynamic data encryption |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410468313.3A CN118300799A (en) | 2024-04-18 | 2024-04-18 | Multiple authentication method, device and system based on dynamic data encryption |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN118300799A true CN118300799A (en) | 2024-07-05 |
Family
ID=91680603
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410468313.3A Pending CN118300799A (en) | 2024-04-18 | 2024-04-18 | Multiple authentication method, device and system based on dynamic data encryption |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN118300799A (en) |
-
2024
- 2024-04-18 CN CN202410468313.3A patent/CN118300799A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111130803B (en) | Method, system and device for digital signature | |
| CN101647228B (en) | System and method for distribution of credentials | |
| CN111931209B (en) | Contract information verification method and device based on zero knowledge proof | |
| CN113743939A (en) | Identity authentication method, device and system based on block chain | |
| CN116866029B (en) | Random number encryption data transmission method, device, computer equipment and storage medium | |
| CN110855667B (en) | Block chain encryption method, device and system | |
| CN108599926A (en) | A kind of HTTP-Digest modified AKA identity authorization systems and method based on pool of symmetric keys | |
| CN116707778A (en) | Data mixed encrypted transmission method, device and electronic equipment | |
| CN116090009A (en) | Data processing method, device, electronic equipment and readable storage medium | |
| US20130031373A1 (en) | Product authentication based upon a hyperelliptic curve equation and a curve pairing function | |
| CN113055184B (en) | Data encryption and decryption method and device | |
| CN113630238A (en) | User request permission method and device based on password confusion | |
| CN110213056A (en) | Anti- quantum calculation energy-saving communication method and system and computer equipment based on online static signature | |
| CN105592431A (en) | Short message encryption method based on iOS system mobile terminal | |
| CN119299233B (en) | Dynamic encryption verification method and device based on time network protocol | |
| CN108718237A (en) | A kind of modified AKA identity authorization systems and method based on pool of symmetric keys | |
| CN104868994A (en) | Collaboration secret key management method, device and system | |
| CN117134904B (en) | Method based on identity recognition and dynamic encryption and decryption communication | |
| CN118300799A (en) | Multiple authentication method, device and system based on dynamic data encryption | |
| CN111212058A (en) | Method, device and system for logging in mobile phone verification code | |
| CN111541810B (en) | Online address book information protection method | |
| CN114186998A (en) | Privacy communication method based on block chain | |
| CN113762958A (en) | A method and apparatus for generating an electronic certificate | |
| CN110166226B (en) | Method and device for generating secret key | |
| CN112713987A (en) | System and method for establishing session key between CA and TA |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |