Data transmission method and device, computer device and storage medium

CN115567925BActive Publication Date: 2026-06-23PURPLE MOUNTAIN LAB

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
PURPLE MOUNTAIN LAB
Filing Date
2022-09-05
Publication Date
2026-06-23

Smart Images

  • Figure CN115567925B_ABST
    Figure CN115567925B_ABST
Patent Text Reader

Abstract

The application relates to a data transmission method and device, computer equipment and a storage medium. The data transmission method comprises the following steps: receiving a data transmission request; determining a first channel key between a sender and a receiver corresponding to the data transmission request according to random number information carried by a first communication object; encrypting to-be-transmitted data by using the first channel key to obtain encrypted data; and transmitting the encrypted data from the sender to the receiver. By using the method, when actual transmission is needed, a physical layer key can be generated by using an existing communication connection relationship in a communication structure of a communication party, which saves the cost of channel connection and key calculation, saves channel resources, and ensures the safety of each data transmission.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application relates to the field of communication encryption technology, and in particular to a data transmission method, apparatus, computer equipment, and storage medium. Background Technology

[0002] Physical layer keys based on channel physical characteristics can achieve the distribution and updating of physical layer keys without the need for traditional cryptographic schemes by utilizing the characteristics of wireless communication devices, channels, and noise. This ensures the confidentiality of secure wireless communication. As a supplement to traditional secure wireless communication methods, the theory and technology of secure wireless transmission based on physical characteristics have broad application prospects.

[0003] However, due to limitations in the physical layer key generation mechanism, secure wireless transmission currently achieved via physical layer keys is limited to the two users generating the physical layer key. If two users do not have direct communication capabilities, secure wireless communication cannot be achieved using physical layer keys. This means that when multiple users exist, each pair of users needs to communicate continuously to generate and update the physical layer key in order to achieve secure communication. This results in significant channel and computational overhead. Furthermore, frequent signal propagation also affects the physical layer key generation rate. This limitation objectively impacts the practical application of physical layer keys.

[0004] Furthermore, secure wireless communication cannot be achieved through physical layer keys if there is no direct communication between two users. Therefore, when the distance between the communicating parties is far, exceeding the effective communication distance, a relay device is needed to ensure stable communication. How to achieve secure communication between any two users when there is no direct communication between multiple users is also a problem that urgently needs to be solved. Summary of the Invention

[0005] Therefore, it is necessary to provide a data transmission method, apparatus, computer equipment, and storage medium that can ensure stable communication between the two parties even when there is no direct communication between them, in order to address the above-mentioned technical problems.

[0006] Firstly, this application provides a data transmission method, the method comprising:

[0007] Receive data transmission requests;

[0008] Based on the random number information carried by the first communication object, a first channel key between the sender and receiver corresponding to the data transmission request is determined; wherein, the random number information includes at least one random number corresponding to each of a plurality of second communication objects, and the second communication objects and the sender are communicatively connected to the first communication object;

[0009] The first channel key is used to encrypt the data to be transmitted, resulting in encrypted data.

[0010] The encrypted data is transmitted from the sender to the receiver.

[0011] In one embodiment, prior to receiving the data transmission request, the process includes:

[0012] Establish a communication connection between the first communication object and the second communication object.

[0013] In one embodiment, establishing a communication connection between the first communication object and the second communication object includes:

[0014] In response to a key generation request, a target random vector is obtained; wherein the target random vector is generated based on channel state information obtained from channel probing between the first communication object and any of the second communication objects;

[0015] The initial key is determined based on the preset vector, the current value of the counter, and the target random vector;

[0016] A second channel key is generated between the first communication object and the current second communication object based on the initial key.

[0017] In one embodiment, generating a second channel key between the first communication object and the current second communication object based on the initial key further includes:

[0018] After generating the second channel key corresponding to the current key generation request, the value of the counter is updated according to a preset step size. In response to the new key generation request, a new target random vector is obtained. Based on the new target random vector, the preset vector, the updated value of the counter, and the second channel key corresponding to the current key generation request, the second channel key corresponding to the new key generation request is generated.

[0019] Specifically, after determining the initial key corresponding to the current key generation request, the value of the counter is updated according to a preset step size.

[0020] In one embodiment, before determining the first channel key between the sender and receiver corresponding to the data transmission request based on the random number information carried by the first communication object, the process includes:

[0021] Generate random number information carried by the first communication object.

[0022] In one embodiment, generating the random number information carried by the first communication object includes:

[0023] For each of the second communication objects, generate a preset number of random numbers;

[0024] Store all random numbers corresponding to the second communication objects as random number information carried by the first communication object.

[0025] In one embodiment, determining the first channel key between the sender and receiver corresponding to the data transmission request based on the random number information carried by the first communication object includes:

[0026] Obtain the random number corresponding to the sender and the random number corresponding to the receiver from the random number information;

[0027] The first XOR result corresponding to the sender and the second XOR result corresponding to the receiver are obtained by processing the random number corresponding to the sender and the random number corresponding to the receiver.

[0028] The first channel key is obtained by XORing the random number corresponding to the sender with the first XOR result and XORing the random number corresponding to the receiver with the second XOR result.

[0029] In one embodiment, before obtaining the random number corresponding to the sender and the random number corresponding to the receiver from the random number information, the method further includes:

[0030] The sender and the receiver are matched with the random number information;

[0031] When the random number information does not contain the random number corresponding to the sender, the sender is prompted to disconnect from the first communication object;

[0032] If the random number information does not contain the random number corresponding to the receiver, the receiver is prompted that no connection has been established with the first communication object.

[0033] In one embodiment, the step of processing the random number corresponding to the sender and the random number corresponding to the receiver to obtain the first XOR result corresponding to the sender and the second XOR result corresponding to the receiver includes:

[0034] When there is a common random number between the random number corresponding to the sender and the random number corresponding to the receiver, select any common random number and XOR it with the random number corresponding to the sender and the random number corresponding to the receiver respectively to obtain the first XOR result and the second XOR result;

[0035] When there is no identical random number between the random number corresponding to the sender and the random number corresponding to the receiver, a random number is arbitrarily selected from the random number corresponding to the sender and the random number corresponding to the receiver, and the selected random number is XORed with the random number corresponding to the sender and the random number corresponding to the receiver respectively to obtain the first XOR result and the second XOR result.

[0036] Secondly, this application also provides a data transmission apparatus, comprising:

[0037] The receiving module is used to receive communication connection requests;

[0038] The determining module is used to determine a first channel key between two second communication objects corresponding to the data transmission request based on the random number information carried by the first communication object; wherein the first communication object and the second communication object are communicatively connected.

[0039] The transmission module is used to perform data transmission between the two second communication objects corresponding to the data transmission request using the first channel key.

[0040] Thirdly, this application also provides a computer device, including a memory and a processor, wherein the memory stores a computer program, and the processor executes the computer program to implement the steps of the method in any of the above embodiments.

[0041] Fourthly, this application also provides a computer-readable storage medium. The computer-readable storage medium stores a computer program thereon, which, when executed by a processor, implements the steps of the method or data transmission method in any of the above embodiments.

[0042] The aforementioned data transmission method, apparatus, computer equipment, and storage medium enable any two communicating parties to generate a physical layer key based on their existing communication connection when actual data transmission is required, even when no direct connection exists between multiple users. This allows for secure wireless communication using this physical layer key, significantly reducing channel connection and key computation costs and conserving channel resources, while also ensuring the security of each data transmission. Furthermore, it improves the efficiency of data interaction between different communicating parties, eliminating the need for establishing a communication connection before data exchange, accelerating data transmission rates, and guaranteeing real-time data delivery. Moreover, this invention can also achieve secure data transmission when no direct communication conditions exist between the communicating parties. Attached Figure Description

[0043] Figure 1 This is an application environment diagram of a data transmission method in one embodiment;

[0044] Figure 2 This is a flowchart illustrating a data transmission method in one embodiment;

[0045] Figure 3 This is a schematic diagram of the process for establishing a communication connection between a first communication object and a second communication object in a data transmission method in another embodiment.

[0046] Figure 4 This is a flowchart illustrating step 204 of the data transmission method in one embodiment;

[0047] Figure 5 This is a structural block diagram of a data transmission device in one embodiment;

[0048] Figure 6 This is a structural block diagram of the data transmission device in yet another embodiment;

[0049] Figure 7 This is a structural block diagram of a determining module in a data transmission device in one embodiment;

[0050] Figure 8 This is an internal structural diagram of a computer device in one embodiment. Detailed Implementation

[0051] To make the objectives, technical solutions, and advantages of this application clearer, the following detailed description is provided in conjunction with the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative and not intended to limit the scope of this application.

[0052] The data transmission method provided in this application embodiment can be applied to, for example... Figure 1 In the application environment shown, terminal 104 can connect to server 102. Terminal 104 can be, but is not limited to, various personal computers, laptops, smartphones, tablets, IoT devices, and portable wearable devices. IoT devices can include smart speakers, smart TVs, smart air conditioners, smart in-vehicle devices, etc. Portable wearable devices can include smartwatches, smart bracelets, head-mounted devices, etc. Server 102 can be implemented using a standalone server or a server cluster consisting of multiple servers. Server 102 can connect to a data storage system, which can store data that server 102 needs to encrypt. The data storage system can be integrated onto server 102 or located in the cloud or on other network servers.

[0053] For example, the data transmission method is applied to terminal 104. After receiving a data transmission request, terminal 104 determines a first channel key between the two second communication objects corresponding to the data transmission request based on the random number information carried by the first communication object. Then, terminal 104 sends the generated first channel key to the two second communication objects corresponding to the data transmission request. The second communication object sending the data uses the first channel key to encrypt the data to be transmitted, obtaining encrypted data. The encrypted data is then transmitted to the second communication object receiving the data. The first channel key generated by terminal 104 can, for example, be transmitted to a memory for storage. This memory can be an independent storage device, or it can be built into server 102, or it can be located on another terminal 104.

[0054] For example, in a data transmission method applied to server 102, after receiving a data transmission request, server 102 determines a first channel key between the two second communication objects corresponding to the data transmission request based on the random number information carried by the first communication object. Then, server 102 sends the generated first channel key to the two second communication objects corresponding to the data transmission request. The second communication object sending the data uses the first channel key to encrypt the data to be transmitted, obtaining encrypted data, and then transmits the encrypted data to the second communication object receiving the data. The first channel key generated by server 102 can, for example, be transmitted to a memory for storage. This memory can be a separate storage device or built into server 102.

[0055] In one embodiment, a data transmission method is provided. This embodiment illustrates this data transmission method by applying it to a processor. It is understood that the processor may be located on a terminal or a server. Figure 2 As shown, the data transmission method includes:

[0056] Step 202: Receive data transmission request.

[0057] A data transmission request refers to a request to send data. This data transmission request includes the identification information of the communication party sending the data and the identification information of the communication party receiving the data.

[0058] In this embodiment, when a communicating party wants to establish a communication connection with another communicating party and transmit data, it sends a data transmission request to the server. The server receives the data transmission request and obtains the identities of the two communicating parties corresponding to the data transmission request.

[0059] Step 204: Determine the first channel key between the sender and receiver corresponding to the data transmission request based on the random number information carried by the first communication object; wherein, the random number information includes at least one random number corresponding to each of the multiple second communication objects, and the second communication objects and the sender are connected to the first communication object.

[0060] As an example, the first communication object can be the master communication party, and the second communication object can be the slave communication party connected to the master communication party. In this embodiment, the sender can be understood as a slave communication party, and the first communication object is the master communication party of the sender.

[0061] Specifically, in this embodiment, the number of the first communication objects is at least one.

[0062] When the sender and receiver corresponding to the data transmission request have the same first communication object, the first channel key between the sender and receiver is determined from the random number information carried by the first communication object.

[0063] When the sender and receiver corresponding to the data transmission request do not have the same first communication object, but the main communication party corresponding to the sender and the main communication party corresponding to the receiver are connected, it can be understood that the sender has a corresponding first communication object and the receiver also has a corresponding first communication object. When the first communication object corresponding to the sender and the first communication object corresponding to the receiver are connected, the first channel key between the sender and the receiver is determined based on the random number information carried by the first communication object corresponding to the sender and the random number information carried by the first communication object corresponding to the receiver.

[0064] The sender and receiver of a data transmission request may not have the conditions for direct communication. That is, the sender and the requester are two slave communication parties that cannot communicate with each other but are connected to the same master communication party, or slave communication parties that cannot communicate with each other but are connected to each other's master communication parties. For example, the sender and the receiver may be two second communication objects that are both connected to the first communication object.

[0065] Random number information refers to the random number corresponding to the second communication object that is connected to the first communication object. The first communication object establishes a mapping relationship between each second communication object and at least one random number, and stores these mapping relationships as random number information.

[0066] In this embodiment, the processor determines the first channel key for data transmission between the sender and receiver based on the mapping relationship between all second communication objects and random numbers.

[0067] Step 206: Use the first channel key to encrypt the data to be transmitted to obtain the encrypted data.

[0068] In this embodiment, the processor uses the first channel key generated in step 204 to encrypt the data to be transmitted from the sender to the receiver, thus obtaining encrypted data.

[0069] Step 208: Transmit the encrypted data from the sender to the receiver.

[0070] In this embodiment, the processor transmits the encrypted data from the sender to the receiver, completing the data transmission.

[0071] In the aforementioned data transmission method, when two communicating parties without direct communication conditions need to transmit data, the processor, based on the received data transmission request, obtains the random number information carried by the sender and generates a first channel key based on the random number information, enabling the sender and receiver to transmit data using the first channel key. This data transmission method is applicable to any two users among multiple users transmitting data. The secondary communicating parties among these users can generate a physical layer key through a common primary communicating party and directly use this physical layer key for secure wireless communication, significantly reducing the cost of channel connection and key calculation. Through this setup, any two communicating parties can generate a temporary channel key to complete data transmission when actual transmission is needed, based on their existing communication connection in the communication structure. This not only saves channel resources but also ensures the security of each data transmission. Furthermore, since the communicating parties can directly generate a physical layer key through a common primary communicating party, even communicating parties without a direct communication relationship can transmit data using the data transmission method in this embodiment.

[0072] In some optional embodiments, before receiving a data transmission request, the following steps are included:

[0073] Establish a communication connection between the first communication object and the second communication object.

[0074] like Figure 3 As shown, the steps for establishing a communication connection between the first communication object and the second communication object include:

[0075] Step 302: In response to the key generation request, obtain the target random vector; wherein the target random vector is generated based on the channel state information obtained by channel probing between the first communication object and any second communication object;

[0076] Step 304: Determine the initial key based on the preset vector, the current value of the counter, and the target random vector;

[0077] Step 306: Generate a second channel key between the first communication object and the current second communication object based on the initial key; wherein, after generating the second channel key corresponding to the current key generation request, the value of the counter is updated according to the preset step size, and in response to the new key generation request, a new target random vector is obtained, and the second channel key corresponding to the new key generation request is generated based on the new target random vector, the preset vector, the updated value of the counter and the second channel key corresponding to the current key generation request.

[0078] A key generation request refers to a signal instruction received directly by the processor from the user. Alternatively, it can be a signal instruction automatically generated by the processor when it detects a data transmission request from the user to either the first or second communication partner that meets preset conditions. Or, it can be a signal instruction continuously generated by the processor at a preset first generation frequency when it detects a data transmission request from the user to either the first or second communication partner that meets preset conditions. These preset conditions can be that either party in the data transmission request sends encrypted data to the other; that is, when both communicating parties need to encrypt the transmitted data, the processor automatically generates a key generation request.

[0079] The first and second communication objects can perform channel detection by sending pilot signals to each other to obtain channel state information. The channel state information includes, but is not limited to, the average signal energy of the channel, steady-state channel state information (CSI), and transient CSI, which can be used to describe the channel characteristics.

[0080] The generation process of the target random vector includes: First, the processor detects the connection channel between the first and second communication objects. The processor controls the transmitter to send a pilot signal to the receiver. The receiver performs channel probing based on the pilot signal to obtain the corresponding channel state information. The processor quantizes the channel state information to generate a first detection vector of a preset length in bits. Further, the processor controls the receiver to send a pilot signal to the transmitter. The transmitter performs channel probing based on the pilot signal to obtain the channel state information. The processor quantizes the channel state information to generate a second detection vector of a preset length in bits. Then, harmonic error correction processing is performed. The processor receives the harmonic error correction information and the integrity check code (e.g., MD5 code) of the second detection vector sent by the transmitter. The processor performs harmonic error correction on the first detection vector using the harmonic error correction information and calculates the integrity check code on the corrected result. The algorithms used in the harmonic error correction process include harmonic algorithms and error correction algorithms, such as Low Density Parity Check Code (LDPC), polar codes, Bose Chaudhuri Hocquenghem codes (BCH), and the BBBSS protocol. The processor then compares the integrity check code of the corrected first detection vector with the integrity check code of the corrected second detection vector to obtain the comparison result. If the comparison result indicates that the integrity check codes of the first and second detection vectors are inconsistent, the processor stops generating the target random vector and issues an alarm to indicate an abnormal channel state between the sender and receiver. If the comparison result indicates that the integrity check codes of the first and second detection vectors are consistent, the processor further uses a hash function library pre-set by both communicating parties to perform privacy amplification processing on the first or second detection vector. In this process, the first and second communication objects use the same hash function related parameters through channel negotiation. These related parameters can be understood as a preset matrix. Multiplying this preset matrix with the first or second detection vector yields a fixed-length vector, which is the newly generated target random vector. This fixed length can be 128 bits.

[0081] When communicating parties need to encrypt transmitted data, the processor continuously generates a target random vector at a preset second generation frequency. When the processor receives a key generation request at a first generation frequency, it retrieves the latest generated target random vector in response to each key generation request. The first and second generation frequencies can be different; that is, the generation process of the target random vector and the generation process of the key generation request are independent of each other.

[0082] Furthermore, after the processor obtains the target random vector, when the key generation request is the first key generation request, the initial key is determined based on the initial random vector, the preset vector, the current value of the counter, and the target random vector; the initial random vector is generated after the first key generation request based on the channel state information obtained by channel probing between the first communication object and the second communication object;

[0083] When the key generation request is not the first key generation request, the initial key is determined based on the second channel key generated in the previous key generation request, the preset vector, the current value of the counter, and the target random vector; wherein, after determining the initial key corresponding to the key generation request, the value of the counter is updated according to the preset step size.

[0084] The initial random vector generation process includes: before receiving the initial key generation request from both communicating parties, for example, when the two parties have just established a communication connection, the processor controls both parties to perform a channel probe to obtain channel state information, and further processes the channel state information such as feature extraction, quantization, harmonic error correction, and privacy amplification to obtain the initial random vector. Specifically, the initial random vector generation process is the same as the target random vector generation process, and will not be described in detail here.

[0085] The counter value is updated according to a preset step size, either by incrementing or decrementing it sequentially. The length of the value remains constant throughout the counter's change. For example, when the key generation request is the first key generation request, the processor initializes the counter, setting its value to 0 and fixing its length. The counter can be set within the first communication object, built into the processor, or connected to the processor.

[0086] In this embodiment, in response to each key generation request, an initial key corresponding to the current key generation request is generated. Then, the processor further generates a second channel key corresponding to the current key generation request based on the initial key.

[0087] Furthermore, by generating a second channel key between the first communication object and the current second communication object based on the initial key, the communication connection between the first communication object and the current second communication object can be considered complete. The length of the preset vector does not exceed 128 bits. The length of the current value of the counter also does not exceed 128 bits. Preferably, the combined length of the preset vector and the current value of the counter is 128 bits.

[0088] Specifically, the steps for determining the initial key based on the initial random vector, the preset vector, the current value of the counter, and the target random vector include:

[0089] The reference vector is determined based on the current value of the preset vector and the counter; the initial random vector is obfuscated and encrypted to obtain the obfuscated result; the obfuscated result is XORed with the reference vector and the target random vector to obtain the initial key.

[0090] As an example, the reference vector can be obtained by combining a preset vector and the current value of a counter.

[0091] For example, the initial random vector is obfuscated using byte substitution (SubBytes), row shifting (ShiftRows), and column mixing (MixColumns) to obtain an obfuscated result, which can be considered as an obfuscated vector. The obfuscated vector is then XORed with the reference vector and the target random vector bitwise to obtain an XOR result, which is used as the initial key.

[0092] The obfuscation process includes, for example, sorting the initial random vector by bytes, splitting the initial random vector according to a preset byte value, and performing byte substitution, row shifting and column obfuscation on the multiple byte sequences obtained after splitting, respectively, to obtain the obfuscated and encrypted byte sequence. Finally, the obfuscated byte sequence is recombined in order to obtain the obfuscation result mentioned above.

[0093] Specifically, the steps for determining the initial key based on the second channel key generated during the previous key generation request (excluding the initial key generation request), the preset vector, the current value of the counter, and the target random vector include:

[0094] The reference vector is determined based on the current value of the preset vector and the counter; the target random vector is XORed with the reference vector and the second channel key generated during the previous key generation request (not the first key generation request) to obtain the initial key.

[0095] As an example, the reference vector can be obtained by combining a preset vector and the current value of a counter.

[0096] Specifically, the steps for generating a second channel key between the first communication object and the current second communication object based on the initial key include:

[0097] The initial key is obfuscated and encrypted to obtain the second channel key.

[0098] The obfuscation encryption process includes, for example, sorting the initial key by bytes, splitting the initial key according to a preset byte value, and performing byte substitution, row shifting and column obfuscation on the multiple byte sequences obtained after splitting, respectively, to obtain the obfuscated byte sequence. Finally, the obfuscated byte sequence is recombined in order to obtain the second channel key corresponding to the current key generation request.

[0099] In this embodiment, the processor can generate a second channel key based on the channel state information between the first communication object and the second communication object, and iteratively generate new second channel keys based on the current second channel key and the latest channel state information. Through the continuously generated second channel keys, a stable communication connection between the first communication object and the second communication object can be achieved.

[0100] In some optional embodiments, before determining the first channel key between the sender and receiver corresponding to the data transmission request based on the random number information carried by the first communication object, the process includes:

[0101] Generate random number information carried by the first communication object.

[0102] After the first communication object and the second communication object establish a communication connection, the first communication object generates random number information based on all the second communication objects.

[0103] In this embodiment, for the first communication object, the processor generates random number information of the first communication object based on all the second communication objects that are connected to the first communication object, and stores it.

[0104] In some optional embodiments, generating random number information carried by the first communication object includes:

[0105] For each second communication object, generate a preset number of random numbers;

[0106] Store the random numbers corresponding to all second communication objects as random number information carried by the first communication object.

[0107] In this embodiment, for each second communication object that is connected to the first communication object, the processor can generate multiple random numbers according to a preset number set by the user. The preset number corresponding to different second communication objects can be different. The processor establishes a mapping relationship between each second communication object and the preset number of random numbers, and stores these mapping relationships as random number information of the first communication object.

[0108] like Figure 4 As shown, in some optional embodiments, step 204 includes:

[0109] Step 402: Obtain the random number corresponding to the sender and the random number corresponding to the receiver from the random number information;

[0110] Step 404: Based on the random number corresponding to the sender and the random number corresponding to the receiver, process them to obtain the first XOR result corresponding to the sender and the second XOR result corresponding to the receiver;

[0111] Step 406: Perform an XOR operation between the random number corresponding to the sender and the first XOR result, and perform an XOR operation between the random number corresponding to the receiver and the second XOR result to obtain the first channel key.

[0112] As an example, the data transmission request may carry identification information corresponding to the sender and the receiver. The identification information may be information formed by letters, numbers, strings, etc., and is used as a tag to uniquely identify the corresponding communication object. When the processor generates random number information, for example, in the mapping relationship between each second communication object and a preset number of random numbers, the identification information of the second communication object is attached to the mapping relationship corresponding to each second communication object. Then, in step 402, the corresponding mapping relationship can be matched according to the identification information corresponding to the sender and the identification information corresponding to the receiver, and the corresponding random number can be extracted from the matched mapping relationship.

[0113] Furthermore, the first XOR result corresponding to the sender is determined based on all the random numbers corresponding to the sender, and the second XOR result corresponding to the receiver is determined based on all the random numbers corresponding to the receiver.

[0114] Furthermore, the root performs an XOR operation on the random number corresponding to the sender and the first XOR result, and performs an XOR operation on the random number corresponding to the receiver and the second XOR result; and the result of XORing the first XOR result with all the random numbers corresponding to the sender and the result of XORing the second XOR result with all the random numbers corresponding to the receiver are used as the first channel key.

[0115] In this embodiment, the processor matches the sender's random number and the receiver's random number from the stored mapping relationship between the second communication object and a preset number of random numbers. Based on the sender's and receiver's random numbers, it determines the receiver's first XOR result and second XOR result. Then, it XORs the sender's random number with the first XOR result to obtain the sender's security key, and XORs the receiver's random number with the second XOR result to obtain the receiver's security key. These two security keys constitute the first channel key. This configuration allows the processor to obtain the security keys used by the sender and receiver during data transmission, improving the security of data transmission and achieving secure communication between the two parties.

[0116] In some optional embodiments, step 404 includes:

[0117] When there is a common random number between the random number corresponding to the sender and the random number corresponding to the receiver, select any common random number and XOR it with the random number corresponding to the sender and the random number corresponding to the receiver respectively to obtain the first XOR result and the second XOR result.

[0118] When there are no identical random numbers between the sender's and receiver's random numbers, an arbitrary random number is selected from the sender's and receiver's random numbers. The selected random number is then XORed with both the sender's and receiver's random numbers to obtain the first XOR result and the second XOR result.

[0119] Specifically, the processor matches the random number corresponding to the sender and the random number corresponding to the receiver. When there are identical random numbers, the processor first randomly selects one from the identical random numbers of the sender and receiver, and then performs an XOR operation on the selected identical random number with all the random numbers corresponding to the sender to obtain the first XOR result. The processor then performs an XOR operation on the selected identical random number with all the random numbers corresponding to the receiver to obtain the second XOR result. When there are no identical random numbers, the processor randomly selects one random number from all the extracted random numbers, and performs an XOR operation on the selected random number with all the random numbers corresponding to the sender to obtain the first XOR result. The processor then performs an XOR operation on the selected random number with all the random numbers corresponding to the receiver to obtain the second XOR result.

[0120] In this embodiment, the processor divides the generation process of the first XOR result and the second XOR result into two cases based on the random number corresponding to the sender and the random number corresponding to the receiver, which further improves the security of the finally generated first channel key.

[0121] In some optional embodiments, prior to step 402, the following steps are also included:

[0122] Match the sender and receiver with random number information;

[0123] When a matching random number is found, obtain the random number corresponding to the sender and the random number corresponding to the receiver.

[0124] If the random number information does not contain a random number corresponding to the receiver, a message will be displayed indicating that the receiver has not established a connection with the first communication object.

[0125] As an example, in a real communication connection, the processor, under user control, will disconnect the communication connection between the first and second communication objects. At this time, the processor will delete the disconnected second communication object and its corresponding preset number of random numbers from the random number information carried by the first communication object. If, after receiving a data transmission request from the sender, the user controls the processor to disconnect the communication connection between the sender and the first communication object, and the processor cannot match the corresponding mapping relationship from the random number information based on the sender's identification information included in the data transmission request, the processor can issue an alarm to prompt the sender to disconnect the communication connection with the first communication object.

[0126] Alternatively, if the receiver to which the sender requests data transmission does not have a communication connection with the first communication object, the processor cannot match the corresponding mapping relationship of the receiver from the random number information based on the identifier information of the receiver contained in the data transmission request. In this case, the sender cannot establish a wireless connection with the receiver through the first communication object, and the processor can issue an alarm to indicate that the receiver has not established a communication connection with the first communication object.

[0127] The processor can only obtain the random number corresponding to the sender and the random number corresponding to the receiver from the random number information when both the sender and the receiver have a communication connection with the first communication object. For example, when the sender is connected to one first communication object and the receiver is connected to another, if these two first communication objects can communicate, or can communicate through at least one other first communication object, the random number information contained in all the first communication objects between the sender and the receiver can be considered as a set of random number information. The processor then matches the sender and receiver with the random number information from this set. With this setting, regardless of whether multiple users have a communication connection with each other, as long as the two parties needing to transmit data can connect through at least one first communication object, a first channel key can be directly generated for both parties. Based on this first channel key, the two parties can directly interact with data without needing to establish additional communication connections between multiple users. This not only enables data transmission between multiple users who do not have a direct communication connection but also saves channel resources, resulting in a faster data transmission rate.

[0128] It should be understood that although the steps in the flowcharts of the embodiments described above are shown sequentially according to the arrows, these steps are not necessarily executed in the order indicated by the arrows. Unless explicitly stated herein, there is no strict order restriction on the execution of these steps, and they can be executed in other orders. Moreover, at least some steps in the flowcharts of the embodiments described above may include multiple steps or multiple stages. These steps or stages are not necessarily completed at the same time, but can be executed at different times. The execution order of these steps or stages is not necessarily sequential, but can be performed alternately or in turn with other steps or at least some of the steps or stages of other steps.

[0129] Based on the same inventive concept, this application also provides a data transmission apparatus for implementing the data transmission method described above. The solution provided by this apparatus is similar to the implementation described in the above method; therefore, specific limitations in one or more data transmission apparatus embodiments provided below can be found in the limitations of the data transmission method described above, and will not be repeated here.

[0130] In one embodiment, such as Figure 5 As shown, a data transmission device 500 is provided, including a receiving module 502, a determining module 504, and a transmitting module 506:

[0131] The receiving module 502 is used to receive communication connection requests;

[0132] The determining module 504 is used to determine the first channel key between two second communication objects corresponding to the data transmission request based on the random number information carried by the first communication object; wherein the first communication object and the second communication object are in a communication connection.

[0133] The transmission module 506 is used to transmit data between two second communication objects corresponding to a data transmission request using a first channel key.

[0134] In some embodiments, the data transmission device 500 is further configured to:

[0135] Establish a communication connection between the first communication object and the second communication object.

[0136] In some embodiments, the data transmission device 500 is further configured to:

[0137] In response to a key generation request, a target random vector is obtained; wherein the target random vector is generated based on channel state information obtained from channel probing between the first communication object and any second communication object;

[0138] The initial key is determined based on the preset vector, the current value of the counter, and the target random vector;

[0139] A second channel key is generated between the first communication object and the current second communication object based on the initial key; wherein, after generating the second channel key corresponding to the current key generation request, the value of the counter is updated according to the preset step size, and in response to the new key generation request, a new target random vector is obtained, and a second channel key corresponding to the new key generation request is generated based on the new target random vector, the preset vector, the updated value of the counter and the second channel key corresponding to the current key generation request.

[0140] like Figure 6 As shown, in some embodiments, the data transmission device 500 further includes a generation module 501 for generating random number information carried by the first communication object.

[0141] In some embodiments, the generation module 501 is further configured to:

[0142] For each second communication object, generate a preset number of random numbers;

[0143] Store the random numbers corresponding to all second communication objects as random number information carried by the first communication object.

[0144] like Figure 7 As shown, in some embodiments, the determining module 504 includes an acquisition unit 5041, a first processing unit 5042, and a second processing unit 5043:

[0145] The acquisition unit 5041 is used to acquire the random number corresponding to the sender and the random number corresponding to the receiver from the random number information;

[0146] The first processing unit 5042 is used to process the random number corresponding to the sender and the random number corresponding to the receiver to obtain the first XOR result corresponding to the sender and the second XOR result corresponding to the receiver.

[0147] The second processing unit 5043 is used to perform XOR processing on the random number corresponding to the sender and the first XOR result, and to perform XOR processing on the random number corresponding to the receiver and the second XOR result to obtain the first channel key.

[0148] In some embodiments, the first processing unit 5042 is configured to:

[0149] When there is a common random number between the random number corresponding to the sender and the random number corresponding to the receiver, select any common random number and XOR it with the random number corresponding to the sender and the random number corresponding to the receiver respectively to obtain the first XOR result and the second XOR result.

[0150] When there are no identical random numbers between the sender's and receiver's random numbers, an arbitrary random number is selected from the sender's and receiver's random numbers. The selected random number is then XORed with both the sender's and receiver's random numbers to obtain the first XOR result and the second XOR result.

[0151] In some embodiments, the determining module 504 is further configured to:

[0152] The sender and the receiver are matched with random number information;

[0153] When a matching random number is found, obtain the random number corresponding to the sender and the random number corresponding to the receiver.

[0154] When the random number information does not contain a random number corresponding to the sender, the sender is prompted to disconnect from the first communication object;

[0155] If the random number information does not contain a random number corresponding to the receiver, a message will be displayed indicating that the receiver has not established a connection with the first communication object.

[0156] In one embodiment, a computer device is provided, including a memory and a processor, the memory storing a computer program, and the processor executing the computer program to implement the various steps of the data transmission generation method described above.

[0157] The computer device can be a terminal, and its internal structure diagram can be as follows: Figure 8 As shown, the computer device includes a processor, memory, communication interface, display screen, and input devices connected via a system bus. The processor provides computing and control capabilities. The memory includes non-volatile storage media and internal memory. The non-volatile storage media stores the operating system and computer programs. The internal memory provides an environment for the operation of the operating system and computer programs stored in the non-volatile storage media. The communication interface is used for wired or wireless communication with external terminals; wireless communication can be achieved through Wi-Fi, mobile cellular networks, NFC (Near Field Communication), or other technologies. When the computer program is executed by the processor, it implements a memory data access method. The display screen can be an LCD screen or an e-ink screen. The input devices can be a touch layer covering the display screen, buttons, a trackball, or a touchpad mounted on the computer device casing, or an external keyboard, touchpad, or mouse.

[0158] Those skilled in the art will understand that Figure 8The structure shown is merely a block diagram of a portion of the structure related to the present application and does not constitute a limitation on the computer device to which the present application is applied. Specific computer devices may include more or fewer components than those shown in the figure, or combine certain components, or have different component arrangements.

[0159] In one embodiment, a computer-readable storage medium is provided having a computer program stored thereon, which, when executed by a processor, implements the various steps of the data transmission method described above.

[0160] Those skilled in the art will understand that all or part of the processes in the methods of the above embodiments can be implemented by a computer program instructing related hardware. The computer program can be stored in a non-volatile computer-readable storage medium, and when executed, it can include the processes of the embodiments of the above methods. Any references to memory, databases, or other media used in the embodiments provided in this application can include at least one of non-volatile and volatile memory. Non-volatile memory can include read-only memory (ROM), magnetic tape, floppy disk, flash memory, optical memory, high-density embedded non-volatile memory, resistive random access memory (ReRAM), magnetic random access memory (MRAM), ferroelectric random access memory (FRAM), phase change memory (PCM), graphene memory, etc. Volatile memory can include random access memory (RAM) or external cache memory, etc. By way of illustration and not limitation, RAM can take many forms, such as Static Random Access Memory (SRAM) or Dynamic Random Access Memory (DRAM). The databases involved in the embodiments provided in this application may include at least one type of relational database and non-relational database. Non-relational databases may include, but are not limited to, blockchain-based distributed databases. The processors involved in the embodiments provided in this application may be general-purpose processors, central processing units, graphics processing units, digital signal processors, programmable logic devices, quantum computing-based data processing logic devices, etc., and are not limited to these.

[0161] The technical features of the above embodiments can be combined in any way. For the sake of brevity, not all possible combinations of the technical features in the above embodiments are described. However, as long as there is no contradiction in the combination of these technical features, they should be considered to be within the scope of this specification.

[0162] The embodiments described above are merely illustrative of several implementation methods of this application, and while the descriptions are specific and detailed, they should not be construed as limiting the scope of this patent application. It should be noted that those skilled in the art can make various modifications and improvements without departing from the concept of this application, and these all fall within the protection scope of this application. Therefore, the protection scope of this application should be determined by the appended claims.

Claims

1. A data transmission method, characterized in that, The method includes: Receive data transmission requests; Based on the random number information carried by the first communication object, a first channel key is determined between the sender and receiver corresponding to the data transmission request; wherein, the random number information includes at least one random number corresponding to each of the multiple second communication objects; the first communication object is the master communication party, and the second communication objects are the slave communication parties communicating with the master communication party; the sender and the receiver are both the slave communication parties; The first channel key is used to encrypt the data to be transmitted, resulting in encrypted data. The encrypted data is transmitted from the sender to the receiver; The step of determining the first channel key between the sender and receiver corresponding to the data transmission request based on the random number information carried by the first communication object includes: Obtain the random number corresponding to the sender and the random number corresponding to the receiver from the random number information; The first XOR result corresponding to the sender and the second XOR result corresponding to the receiver are obtained by processing the random number corresponding to the sender and the random number corresponding to the receiver. The first channel key is obtained by XORing the random number corresponding to the sender with the first XOR result and XORing the random number corresponding to the receiver with the second XOR result.

2. The method according to claim 1, characterized in that, Before receiving the data transmission request, the following is included: Establish a communication connection between the first communication object and the second communication object.

3. The method according to claim 2, characterized in that, Establishing a communication connection between the first communication object and the second communication object includes: In response to a key generation request, a target random vector is obtained; wherein the target random vector is generated based on channel state information obtained from channel probing between the first communication object and any of the second communication objects; The initial key is determined based on the preset vector, the current value of the counter, and the target random vector; A second channel key is generated between the first communication object and the current second communication object based on the initial key.

4. The method according to claim 3, characterized in that, The step of generating a second channel key between the first communication object and the current second communication object based on the initial key further includes: After generating the second channel key corresponding to the current key generation request, the value of the counter is updated according to a preset step size. In response to the new key generation request, a new target random vector is obtained. Based on the new target random vector, the preset vector, the updated value of the counter, and the second channel key corresponding to the current key generation request, the second channel key corresponding to the new key generation request is generated. Specifically, after determining the initial key corresponding to the current key generation request, the value of the counter is updated according to a preset step size.

5. The method according to claim 1, characterized in that, Before determining the first channel key between the sender and receiver corresponding to the data transmission request based on the random number information carried by the first communication object, the process includes: Generate random number information carried by the first communication object.

6. The method according to claim 5, characterized in that, The generation of the random number information carried by the first communication object includes: For each of the second communication objects, generate a preset number of random numbers; Store all random numbers corresponding to the second communication objects as random number information carried by the first communication object.

7. The method according to claim 1, characterized in that, Before obtaining the random number corresponding to the sender and the random number corresponding to the receiver from the random number information, the method further includes: The sender and the receiver are matched with the random number information; When the random number information does not contain the random number corresponding to the sender, the sender is prompted to disconnect from the first communication object; If the random number information does not contain the random number corresponding to the receiver, the receiver is prompted that no connection has been established with the first communication object.

8. The method according to claim 1, characterized in that, The step of processing the random number corresponding to the sender and the random number corresponding to the receiver to obtain the first XOR result corresponding to the sender and the second XOR result corresponding to the receiver includes: When there is a common random number between the random number corresponding to the sender and the random number corresponding to the receiver, select any common random number and XOR it with the random number corresponding to the sender and the random number corresponding to the receiver respectively to obtain the first XOR result and the second XOR result; When there is no identical random number between the random number corresponding to the sender and the random number corresponding to the receiver, a random number is arbitrarily selected from the random number corresponding to the sender and the random number corresponding to the receiver, and the selected random number is XORed with the random number corresponding to the sender and the random number corresponding to the receiver respectively to obtain the first XOR result and the second XOR result.

9. A data transmission device, characterized in that, include: The receiving module is used to receive data transmission requests; A determining module is configured to determine a first channel key between two second communication objects corresponding to the data transmission request based on random number information carried by the first communication object; wherein the first communication object and the second communication object are communicatively connected; the first communication object is the master communication party, and the second communication object is the slave communication party communicatively connected to the master communication party; both the sender and the receiver are slave communication parties; specifically, the determining module is configured to obtain a random number corresponding to the sender and a random number corresponding to the receiver from the random number information; process the random number corresponding to the sender and the random number corresponding to the receiver to obtain a first XOR result corresponding to the sender and a second XOR result corresponding to the receiver; perform XOR processing on the random number corresponding to the sender and the first XOR result, and perform XOR processing on the random number corresponding to the receiver and the second XOR result to obtain the first channel key; The transmission module is used to perform data transmission between the two second communication objects corresponding to the data transmission request using the first channel key.

10. A computer device comprising a memory and a processor, wherein the memory stores a computer program, characterized in that, When the processor executes the computer program, it implements the steps of the method according to any one of claims 1 to 8.

11. A computer-readable storage medium having a computer program stored thereon, characterized in that, When the computer program is executed by a processor, it implements the steps of the method according to any one of claims 1 to 8.