Method for switching encryption safety data among peer-to-peer user nodes in P2P network

Abstract

The invention provides a method for switching encryption safety data among peer-to-peer user nodes in a P2P (peer-to-peer) network. Two arbitrary peer-to-peer user nodes in the network, namely, a user node A and a user node B, log in the network to obtain a public key certificate through an authentication server; the user node A has a self-provided random number NA and a random number NB sent from the user node B; the user node B has a self-provided random number NB and a random number NA sent from the user node A; and the encryption algorithm is applied to enable the user node A and the user node B to form an encryption channel for data encryption transmission. In the invention, safety communication can be set simply, the interaction frequency is low, and except the first-time certificate transmitting of explicit message, other information interaction is achieved under the condition of encrypted message, so that a better security is ensured.

Description

technical field [0001] The invention relates to an internet data exchange method, in particular to a safe encrypted communication method between peer user nodes in a P2P network. Background technique [0002] P2P (Peer to Peer, peer-to-peer) network is also called a peer-to-peer network. Compared with the S / C (server / client) mode that is common on the Internet today, each node in the network can freely join or exit the network. The relationship between nodes is equal, and resources can be better shared between nodes. P2P network has broad application prospects in direct communication between users, file exchange and distributed computing. [0003] However, the P2P network is a decentralized network, with convenient data exchange between nodes and frequent resource sharing. Each node can join or exit freely. Viruses and Trojan horses are easy to spread through the network, so user data encounters eavesdropping, Tampering, replay, man-in-the-middle and other attacks. In ord...

AI Technical Summary

Problems solved by technology

Existing encrypted communication methods such as SSL / TLS and IKE are too large and complex for P2P network transmission, and SSL / TLS and IKE themselves have security flaws, which are vulnerable to man-in-the-middle attacks

Specifically, SSL / TLS protocol certificates are completely transmitted in plain text, and the identity of each household node is easily eavesdropped. The nonce random number of IKE is also sent in plain text, which is easy to be intercepted by an intermediary. Therefore, a solution is urgently needed to protect end-to-end data transmission

[0005] At present, a practical method has been proposed for the authentication of P2P network user nodes. The authentication server issues digital certificates to users, and exchanges certificates during authentication to achieve authentication. However, the secure transmission of authenticated data is not considered.

Images