Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Encryption-decryption method and terminal of data pack based on network transmission

A network transmission and data packet technology, which is applied in the encryption and decryption method of data packets and the terminal field, can solve problems such as potential safety hazards, increased network communication traffic, and loss of synchronization of key tables, so as to achieve high security and avoid network communication traffic. Effect

Active Publication Date: 2014-03-26
PEKING UNIV SHENZHEN GRADUATE SCHOOL
View PDF8 Cites 29 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The disadvantage of this method is that both parties need to establish a fixed key table in advance, and the key table should be large enough to ensure the randomness of the key, which consumes a lot of memory resources, especially for mobile terminal equipment. ;This method increases the data transmitted in the network in order to ensure the encryption and decryption keys are synchronized, and additionally adds random numbers and random data of the remainder length; in addition, this method is difficult to effectively define the random number and the random data of the added remainder length
The disadvantage of this method is that simply connecting both parties to a synchronization signal source to achieve key synchronization is difficult to achieve in reality, and large-scale system expansion cannot be performed; adding a fixed constant bit to determine whether synchronization brings new Security risks
The disadvantage of this method is that it is difficult to fully guarantee that the keys distributed by the first network entity can be received by the second network entity in practical applications. When some keys distributed by the first communication entity cannot be received by the second communication entity , the key tables of both communication parties will be out of synchronization, and this method will not be implemented correctly, so this method does not really realize the key synchronization function; additional network traffic
The disadvantage of this method is that both parties need to establish a fixed key mapping table in advance, which also faces a huge resource consumption problem; both parties need to always maintain a secure clock for synchronization, which is often difficult to achieve in practical applications ; This method needs to periodically send a synchronous control frame containing a key index, which increases additional network communication traffic

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Encryption-decryption method and terminal of data pack based on network transmission
  • Encryption-decryption method and terminal of data pack based on network transmission
  • Encryption-decryption method and terminal of data pack based on network transmission

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0045] A specific implementation of the method for encrypting and decrypting data packets based on network transmission in the present invention can be referred to Figure 1-a and Figure 1-b , the specific steps include:

[0046] M001. Determine session key SK and random initialization vector IV.

[0047] The communication parties negotiate the session key SK and the 256-bit random initialization vector IV based on a specific security mechanism during the session initialization phase. The so-called session key SK and random initialization vector IV are commonly used by both communication parties to establish their respective communication password tables. Therefore, before the communication parties establish voice communication, they need to negotiate the relevant parameters of the call. It is easy to understand that since both communication parties have the same session key SK and random initialization vector IV, any one of the communication parties can determine the sessio...

Embodiment 2

[0101] Due to unavoidable factors such as the network, in the communication process, it is inevitable that some data packets will not be received by the receiving end, which is called packet loss in this application. Due to the occurrence of packet loss, not only the lost data will be lost, but also the second update cannot match the first update. This is because the password table at the sender is updated every time a data packet is encrypted, so that the subsequent decryption does not match the encryption at the sender, causing errors in subsequent communications.

[0102] The method provided in this embodiment can effectively synchronize the second update when packet loss occurs. Please refer to figure 2 The difference between this embodiment and Embodiment 1 is that in the decryption process at the receiving end, after receiving the encrypted data packet, the receiving end also performs a packet loss synchronization processing flow M20, which specifically includes the fo...

Embodiment 3

[0119] A specific implementation of the encryption and decryption terminal suitable for VoIP media transmission in the present invention can be referred to image 3 , the encryption and decryption terminal in this embodiment can be used to execute the encryption and decryption methods involved in the above embodiments. The specific structure includes:

[0120] A key and initial vector acquisition unit 301, configured to determine a commonly used session key SK and a random initial vector IV when both communicating parties initiate a session;

[0121] A password table generating unit 302, configured to generate password tables P and Q according to the session key SK and the random initialization vector IV;

[0122] A data packet obtaining unit 311, configured to obtain an original data packet, the so-called original data packet is an unencrypted data packet;

[0123] The starting point extracting unit 312 extracts the first starting point according to the header information s...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses an encryption-decryption method and terminal of a data pack based on network transmission. A terminal-to-terminal real-time encryption method based on a stream cipher algorithm is used, both sides of communication carry out negotiation on session parameters at an initial session stage, and cipher tables are established respectively. A sending side extracts data pack head information, a key stream starting point is generated, and according to the cipher tables and the starting point, a section of key stream is generated to encrypt data pack load. A receiving side judges whether network pack loss exists according to the data pack head information, when network pack loss exists, the receiving side completes cipher table synchronization at first, and then based on the updated cipher tables and the starting point, a synchronous key is generated to decrypt data pack load. On the basis that extra network communication flow is not increased and the key stream is generated on line in real time, the real-time encryption technology with key self-synchronizing function under the network condition that pack loss exists is achieved.

Description

technical field [0001] The present application relates to the field of secure network communication, in particular to a method for encrypting and decrypting data packets based on network transmission and a terminal. Background technique [0002] The Internet network has been widely used in the communication field because of its simplicity, cheapness and openness. For example, VoIP (Voice over Internet Protocol) is a new communication technology that uses the Internet to spread voice packets. However, due to the openness of the Internet and its own insecurity, network transmission data has more insecure factors than traditional technologies such as voice communication based on circuit switching. In order to ensure the security of voice, video, image and / or text transmission in an open network, the most common technology is to encrypt the transmission of data packets. However, encrypting the data packets additionally increases the communication delay, which is especially a gr...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/32
Inventor 雷凯袁杰
Owner PEKING UNIV SHENZHEN GRADUATE SCHOOL
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com