Method, system and terminal for encrypting data by bypass audit compatible with extended main secret key

A technology for encrypting data and secret keys, which is applied in digital transmission systems, transmission systems, and key distribution. It can solve problems such as inability to audit database-related operations, inability to calculate the master key, inability to decrypt, etc., and achieve the effect of expanding audit capabilities

Pending Publication Date: 2022-06-28
北京亿赛通科技发展有限责任公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] (2) More and more standard TLS encrypted traffic uses the new method of calculating the extended master key to calculate the master key. Due to the change of the secret key calculation method, the original master key calculation method cannot calculate the master key of the extended method , so the symmetric key cannot be deduced, so the subsequent encrypted traffic cannot be decrypted, resulting in the TLS encrypte

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method, system and terminal for encrypting data by bypass audit compatible with extended main secret key
  • Method, system and terminal for encrypting data by bypass audit compatible with extended main secret key
  • Method, system and terminal for encrypting data by bypass audit compatible with extended main secret key

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0055] In order to make the above objects, features and advantages of the present invention more clearly understood, the specific embodiments of the present invention will be described in detail below with reference to the accompanying drawings. In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention. However, the present invention can be implemented in many other ways different from those described herein, and those skilled in the art can make similar improvements without departing from the connotation of the present invention. Therefore, the present invention is not limited by the specific embodiments disclosed below.

[0056] Basic Internet communication protocols are all described in detail in RFC files. The RFC5246 involved in the present invention is: TLS1.2 protocol specification standard document; RFC 7627 is: TLS extended secret key calculation method specification standard document.

...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention belongs to the technical field of data processing, and discloses a data encryption method and system compatible with a bypass audit expansion main secret key, and a terminal. And on the basis of analyzing standard TLS protocol data, calculating a main key in an extended key calculation mode, deducing a symmetric key according to the main key, and decrypting subsequent encrypted traffic by using the symmetric key. And a symmetric key derivation method in a general main key calculation mode of the TLS is integrated to realize decryption and auditing of the TLS encrypted database traffic in a non-forward security encryption suite configuration item. According to the TLS traffic decryption method under the non-forward security encryption suite, the decrypted plaintext is transmitted to the protocol analysis module, SQL statement auditing and standardized output are achieved, and the auditing capability of a database auditing system is effectively expanded.

Description

technical field [0001] The invention belongs to the technical field of data processing, and in particular relates to a method, system and terminal for encrypting data with a bypass audit compatible extended master key. Background technique [0002] At present, the database is the core information asset of the enterprise, and the database audit product has received unprecedented attention. The database audit system is a database security audit system based on database protocol analysis and SQL statement restoration technology through bypass collection of database network traffic. For security reasons, more and more client programs / Web services and other applications access the database by default using TLS encrypted connection access. Therefore, auditing the encrypted traffic accessing the database brings a new audit direction to the database auditing system. [0003] The main process of auditing the bypass mirrored database traffic in the existing database auditing system ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/08H04L9/40H04L67/06H04L69/22
CPCH04L9/0861H04L63/0435H04L63/16H04L63/0236H04L67/06H04L69/22
Inventor 朱鹤夏昆崔培升
Owner 北京亿赛通科技发展有限责任公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap