Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Ssh-based data security protection method and device

A technology for data security and protection devices, which is applied to secure communication devices, encryption devices with shift registers/memory, and key distribution, which can solve problems such as unreliable certification of certificates, attacks, and poor feasibility, so as to improve security High performance, easy to build, and strong reliability

Pending Publication Date: 2019-07-05
HONGQIN (BEIJING) TECHNOLOGY CO LTD
View PDF4 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Although the officially issued key certificate is used in SSH v2.0, the feasibility is not strong in the case of a local area network or a private remote host, and the certificate issued by an individual cannot be reliably authenticated, making the whole process face a problem when logging in for the first time. Risk of "Man in the middle attack"

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Ssh-based data security protection method and device
  • Ssh-based data security protection method and device
  • Ssh-based data security protection method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0036] See Figure 1-3 , The present invention provides the following technical solutions: a data security protection method based on SSH, including the following steps:

[0037] S1, establish an encrypted channel using a one-time password

[0038] S2. Use the configuration file to store the six-digit short password in the remote host in advance to generate the secret key

[0039] S3. Configure a one-time six-digit short password consisting of letters and numbers,

[0040] And use the SHA-1 value of the short password to encrypt the encrypted channel using the ECC algorithm (key encryption)

[0041] S4. Then transmit the key to the client via the encrypted channel (key transmission)

[0042] S5, deploy multiple one-time passwords (key deployment)

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention belongs to the technical field of data security and encryption, relates to an ssh-based data security protection method and device. The method comprises the following steps: establishingan encryption channel using a one-time password, storing a used six-bit short password in a remote host in advance in the form of a configuration file to generate a secret key, configuring the one-time six-bit short password, and using SHA-1 value of the short password to encrypt an encrypted channel by using an ECC algorithm, encrypting a secret key, transmitting the secret key to a client through the encrypted channel, transmitting the secret key, deploying a plurality of one-time passwords, completing the deployment of the secret key, and setting password-based ssh remote login protection; using the encryption channel to protect key exchange, so that the risk of man-in-the-middle attacks is blocked to a great extent. The encryption channel is established based on the Linux upper portforwarding function, establishment is easy and the reliability is high, the one-time key can defend password attacks based on password blasting and password guessing, and the safety of the encryptionchannel is improved.

Description

Technical field [0001] The invention belongs to the technical field of data security and encryption, and specifically relates to an SSH-based data security protection method and device. Background technique [0002] Since SSHv1.0, symmetric and asymmetric encryption algorithms including DES and RSA 256 have been used. The whole process is: [0003] (1) When the remote host receives the user's initial login request, it uses the RSA256 algorithm to generate a public key and a private key, and sends the public key to the client. [0004] (2) The user uses this public key to encrypt the login password and send it to the remote host. [0005] (3) The remote host uses its own private key to decrypt the login password and verify it. If the password is correct, it agrees to log in, and at the same time uses DES encryption to protect the subsequent communication process. [0006] (4) Identify the public key fingerprint of the remote host during the second login to prevent identity forgery and ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/06H04L9/08H04L29/06
CPCH04L9/0643H04L9/0863H04L69/16H04L69/162H04L63/30
Inventor 张涛周洋赵琨陈财森赵石钏苏绍帆
Owner HONGQIN (BEIJING) TECHNOLOGY CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products