The invention provides a method for data security transmission and key exchange and relates to the technical field of information security. The method solves the problems that in the prior art, due to the fact that a mobile storage device is used for transmitting data, a file is divulged; when the data are transmitted through the internet, online supporting by a third-party CA center is needed; when the data are transmitted through a special security hardware device, cost is high and compatibility is poor. The method comprises a cleartext file encryption process, a decryption authorization process and a ciphertext file decryption process. According to the method for data security transmission and key exchange, the technical scheme that a high-intensity symmetric encryption algorithm and an asymmetric cryptographic algorithm are combined is adopted, mark extraction can be conducted, a public key and private key pair is generated and extracted, a key file is synthesized into ciphertext data, and therefore a file can be formed. Meanwhile, a reversible process can also be achieved, wherein one file is divided into the key file and the ciphertext data, and therefore the method for data security transmission and key exchange is easy and convenient to operate and high in security level.