Dynamic data encryption method and device, computer device and storage medium

By dynamically determining the communication key in UWSN, the security problem of static encryption is solved, and dynamic encryption of the ECC algorithm is realized, thereby improving the security of underwater communication.

CN116634416BActive Publication Date: 2026-07-07JILIN UNIVERSITY +1

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
JILIN UNIVERSITY
Filing Date
2023-06-09
Publication Date
2026-07-07

AI Technical Summary

Technical Problem

The existing Elliptic Cryptography (ECC) algorithm uses static encryption in underwater wireless sensor networks (UWSNs), which means that if a node is cracked, the data of the entire network may be obtained, and the security cannot meet the requirements.

Method used

By acquiring the topology information of the underwater wireless sensor network, the nodes to be deployed for communication are dynamically determined, and the corresponding communication keys are determined based on the deployment location. The communication data is encrypted using the elliptic cryptography algorithm to achieve dynamic encryption, so that nodes in different deployment locations have different communication keys.

Benefits of technology

It improves the security of communication data in UWSN, prevents data from being illegally obtained, and enhances network security.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN116634416B_ABST
    Figure CN116634416B_ABST
Patent Text Reader

Abstract

The present disclosure provides a dynamic data encryption method and device, computer equipment and a storage medium, wherein the method comprises: obtaining topology structure information of an underwater wireless sensor network, and determining a to-be-communicated deployment node based on the topology structure information, wherein the topology structure information comprises a plurality of deployment nodes for underwater acoustic communication; determining a communication key corresponding to the to-be-communicated deployment node based on the deployment position of the to-be-communicated deployment node; encrypting communication data based on the communication key to obtain an encryption result, and transmitting the encryption result between the to-be-communicated deployment nodes. In the embodiment of the present disclosure, the communication key can be associated with the deployment position of the to-be-communicated deployment node, so that the communication keys corresponding to the deployment nodes in different deployment positions are not the same, a dynamic encryption mode of the ECC algorithm is realized, so that the ECC algorithm can be applied to the underwater environment, and the security of underwater communication based on the ECC algorithm is improved.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This disclosure relates to the field of underwater acoustic network data security technology, and more specifically, to a dynamic data encryption method, apparatus, computer equipment, and storage medium. Background Technology

[0002] Oceans cover more than two-thirds of the Earth's surface. While the oceans are vital to the entire world, their development and research are currently far from sufficient. Underwater Wireless Sensor Networks (UWSNs) are a primary technology for researching underwater environmental monitoring, marine resource development, and marine disaster prediction. However, underwater communication environments differ significantly from terrestrial communication environments, exhibiting characteristics such as narrow underwater acoustic channel bandwidth, high bit error rate, and low speed, as well as challenges like charging difficulties, limited hardware resources, and inadequate CPU computing power. Currently, among encryption technologies applicable to UWSNs, elliptic curve cryptography (ECC) is a highly favored algorithm among researchers.

[0003] Existing ECC algorithms often employ static encryption, which is generally insufficient for the security requirements of UWSNs. In static encryption, all nodes in a UWSN typically use the same encryption method. Therefore, if one node is compromised, it means that all data sent by all nodes in the UWSN can be obtained, posing a significant threat to the entire UWSN.

[0004] In conclusion, there is an urgent need for a dynamic data encryption method that requires less computation, has a faster encryption speed, and offers higher security. Summary of the Invention

[0005] This disclosure provides at least one dynamic data encryption method, apparatus, computer device, and storage medium.

[0006] In a first aspect, embodiments of this disclosure provide a dynamic data encryption method, characterized in that it includes:

[0007] The topology information of an underwater wireless sensor network is acquired, and based on the topology information, the nodes to be deployed for communication are determined, wherein the topology information includes multiple deployment nodes for underwater acoustic communication.

[0008] Based on the deployment location of the node to be communicated, determine the communication key corresponding to the node to be communicated;

[0009] The communication data is encrypted using the communication key to obtain the encryption result.

[0010] The encryption result is transmitted between the nodes to be deployed for communication.

[0011] In one optional implementation, the communication deployment node includes a first deployment node and a second deployment node, wherein the first deployment node includes at least one data encryption node and the second deployment node includes at least one data decryption node;

[0012] The step of determining the communication key corresponding to the deployment node to be communicated based on the deployment location includes:

[0013] Determine the elliptic curve corresponding to the elliptic encryption algorithm;

[0014] Based on the deployment location, determine the base point coordinates of the base point corresponding to the deployment node to be communicated;

[0015] Based on the coordinates of the base point location, calculate the first key corresponding to the first deployment node, and calculate the second key corresponding to the second deployment node.

[0016] In one optional implementation, determining the base point location coordinates of the base point corresponding to the node to be deployed for communication includes:

[0017] Based on the deployment locations, the first deployment location of the first deployment node and the second deployment location of the second deployment node are determined respectively.

[0018] Map the first deployment location onto the elliptic curve to obtain the first location coordinates, and map the second deployment location onto the elliptic curve to obtain the second location coordinates;

[0019] Obtain the time function, and calculate the horizontal and vertical coordinates of the base point based on the time function, the first position coordinate, and the second position coordinate, respectively, to obtain the base point position coordinates.

[0020] In one optional implementation, the step of calculating the first key corresponding to the first deployment node and the second key corresponding to the second deployment node based on the base point location coordinates includes:

[0021] Obtain the order information of the elliptic curve, and determine the first private key corresponding to the first deployment node and the second private key corresponding to the second deployment node based on the order information;

[0022] Perform an elliptic curve product operation on the first private key and the coordinates of the base point to obtain the first public key, and calculate the product of the second private key and the coordinates of the base point to obtain the second public key;

[0023] The first key is determined based on the first private key and the first public key, and the second key is determined based on the second private key and the second public key.

[0024] In one optional implementation, encrypting the communication data based on the communication key includes:

[0025] Based on the communication key, the communication data is encrypted to obtain the first encrypted data;

[0026] Obtain the node identifier of the node to be deployed for communication, and calculate the sum of the identifiers of the node identifiers;

[0027] Calculate the product of the data length of the first encrypted data and the sum of the labels to obtain the expansion factor;

[0028] The number of bits in the first encrypted data is expanded based on the expansion factor, and the second encrypted data is truncated based on the expansion result.

[0029] In one optional implementation, the communication key includes a first key and a second key, wherein the first key includes a first private key and the second key includes a second public key;

[0030] The step of encrypting the communication data based on the communication key to obtain first encrypted data includes:

[0031] Obtain the elliptic curve corresponding to the elliptic encryption algorithm, and determine the encryption point on the elliptic curve where the product of the first private key and the second public key is mapped.

[0032] The encryption coordinates of the encryption point are determined, and the communication data is encrypted based on the encryption coordinates to obtain the first encrypted data.

[0033] In one optional implementation, the communication deployment node includes a first deployment node and a second deployment node, wherein the first deployment node includes at least one data encryption node and the second deployment node includes at least one data decryption node;

[0034] The step of transmitting data between the nodes to be deployed for communication based on the encryption result includes:

[0035] After the second deployment node receives the second encrypted data sent by the first deployment node, it calculates the second encrypted data based on the label and the data length to obtain the first encrypted data;

[0036] Based on the communication key, the first encrypted data is decrypted to obtain the communication data.

[0037] In one optional implementation, the communication key includes a first key and a second key, wherein the first key includes a first public key and the second key includes a second private key;

[0038] The step of decrypting the first encrypted data based on the communication key to obtain the communication data includes:

[0039] Obtain the elliptic curve corresponding to the elliptic encryption algorithm, and determine the decryption point on the elliptic curve where the product of the second private key and the first public key is mapped.

[0040] The decryption coordinates of the decryption point are determined, and the first encrypted data is decrypted based on the decryption coordinates to obtain the communication data.

[0041] In one optional implementation, determining the node to be deployed for communication based on the topology information includes:

[0042] The deployment node that initiates the communication request is designated as the first deployment node. Based on the topology information, the adjacent deployment nodes of the first deployment node are determined, and the adjacent deployment nodes are designated as the second deployment nodes that respond to the communication request.

[0043] The deployment node to be communicated is determined based on the first deployment node and the second deployment node.

[0044] Secondly, embodiments of this disclosure also provide a dynamic data encryption device, comprising:

[0045] An acquisition unit is used to acquire the topology information of an underwater wireless sensor network and, based on the topology information, determine the nodes to be deployed for communication, wherein the topology information includes multiple deployment nodes for underwater acoustic communication.

[0046] The determining unit is used to determine the communication key corresponding to the node to be deployed based on the deployment location of the node to be deployed.

[0047] An encryption unit is used to encrypt communication data based on the communication key to obtain an encryption result;

[0048] A transmission unit is used to transmit the encryption result between the nodes to be deployed for communication.

[0049] Thirdly, embodiments of this disclosure also provide a computer device, including: a processor, a memory, and a bus, wherein the memory stores machine-readable instructions executable by the processor, and when the computer device is running, the processor communicates with the memory via the bus, and when the machine-readable instructions are executed by the processor, the steps of the first aspect above, or any possible implementation of the first aspect, are performed.

[0050] Fourthly, embodiments of this disclosure also provide a computer-readable storage medium storing a computer program that, when executed by a processor, performs the steps of the first aspect or any possible implementation of the first aspect.

[0051] This disclosure provides a dynamic data encryption method, apparatus, computer device, and storage medium. In this embodiment, the topology information of an underwater wireless sensor network is first acquired, and the nodes to be deployed for communication are dynamically determined based on this topology information, instead of directly specifying fixed nodes as in static encryption methods. Then, a communication key corresponding to the node to be deployed is determined based on its deployment location. Communication data is then encrypted using this communication key to obtain an encryption result, which is transmitted between the nodes to be deployed. This associates the communication key with the deployment location of the node, ensuring that nodes at different locations have different communication keys. This dynamic encryption method using the ECC algorithm improves the security of underwater communication based on the ECC algorithm.

[0052] To make the above-mentioned objects, features and advantages of this disclosure more apparent and understandable, preferred embodiments are described below in detail with reference to the accompanying drawings. Attached Figure Description

[0053] To more clearly illustrate the technical solutions of the embodiments of this disclosure, the accompanying drawings used in the embodiments will be briefly described below. These drawings are incorporated in and constitute a part of this specification. They illustrate embodiments conforming to this disclosure and, together with the specification, serve to explain the technical solutions of this disclosure. It should be understood that the following drawings only show some embodiments of this disclosure and should not be considered as limiting the scope. Those skilled in the art can obtain other related drawings based on these drawings without creative effort.

[0054] Figure 1 A flowchart of a dynamic data encryption method provided by an embodiment of this disclosure is shown;

[0055] Figure 2A comparison diagram of the encryption effects of the ECC algorithm and the RSA algorithm provided in the embodiments of this disclosure is shown;

[0056] Figure 3 A schematic diagram of an elliptic curve corresponding to an ECC algorithm provided in an embodiment of this disclosure is shown;

[0057] Figure 4 A schematic diagram of the secondary encryption process provided in the embodiments of this disclosure is shown;

[0058] Figure 5 A schematic diagram of a dynamic data encryption device provided in an embodiment of this disclosure is shown;

[0059] Figure 6 A schematic diagram of a computer device provided in an embodiment of this disclosure is shown. Detailed Implementation

[0060] To make the objectives, technical solutions, and advantages of the embodiments of this disclosure clearer, the technical solutions of the embodiments of this disclosure will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only a part of the embodiments of this disclosure, and not all of them. The components of the embodiments of this disclosure described and shown in the accompanying drawings can generally be arranged and designed in various different configurations. Therefore, the following detailed description of the embodiments of this disclosure provided in the accompanying drawings is not intended to limit the scope of the claimed disclosure, but merely represents selected embodiments of this disclosure. All other embodiments obtained by those skilled in the art based on the embodiments of this disclosure without inventive effort are within the scope of protection of this disclosure.

[0061] It should be noted that similar labels and letters in the following figures indicate similar items. Therefore, once an item is defined in one figure, it does not need to be further defined and explained in subsequent figures.

[0062] In this document, the term "and / or" merely describes a relationship, indicating that three relationships can exist. For example, A and / or B can represent three cases: A alone, A and B simultaneously, and B alone. Furthermore, the term "at least one" in this document means any combination of at least two of any one or more elements. For example, including at least one of A, B, and C can mean including any one or more elements selected from the set consisting of A, B, and C.

[0063] Research has shown that when using UWSN for underwater environmental monitoring, marine resource development, and marine disaster prediction, among the encryption technologies applicable to UWSN, elliptic curve cryptography (ECC) is a highly favored encryption algorithm for many researchers.

[0064] However, the encryption method used by ECC algorithms is often static encryption, which is generally insufficient for the security requirements of UWSNs. In static encryption, all nodes in a UWSN often use the same encryption method. Therefore, if one node is compromised, it means that all data sent by all nodes in the UWSN can be obtained, thus posing a significant threat to the entire UWSN.

[0065] Based on the above research, this disclosure provides a dynamic data encryption method, apparatus, computer device, and storage medium. In the embodiments of this disclosure, the topology information of the underwater wireless sensor network can first be acquired, and the communication deployment nodes can be dynamically determined based on this topology information, instead of directly specifying fixed communication deployment nodes as in static encryption methods. Then, the communication key corresponding to the communication deployment node can be determined based on its deployment location. The communication data is then encrypted using this communication key to obtain the encryption result, which is transmitted between the communication deployment nodes. This associates the communication key with the deployment location of the communication deployment node, ensuring that the communication keys corresponding to deployment nodes at different locations are different. This achieves a dynamic encryption method using the ECC algorithm, improving the security of underwater communication based on the ECC algorithm.

[0066] To facilitate understanding of this embodiment, a dynamic data encryption method disclosed in this disclosure will first be described in detail. The executing entity of the dynamic data encryption method provided in this disclosure is generally a computer device with a certain computing power. In some possible implementations, this dynamic data encryption method can be implemented by a processor calling computer-readable instructions stored in memory.

[0067] See Figure 1 The diagram shows a flowchart of a dynamic data encryption method provided in an embodiment of this disclosure. The dynamic data encryption method is applied to an underwater wireless sensor network, which includes encryption nodes and decryption nodes. The method includes steps S101 to S107, wherein:

[0068] S101: Obtain the topology information of the underwater wireless sensor network, and determine the communication deployment nodes based on the topology information, wherein the topology information includes multiple deployment nodes for underwater acoustic communication.

[0069] In this embodiment, the Underwater Wireless Sensor Network (UWSN) is currently a major technological means for researching underwater environmental monitoring, marine resource development, and marine disaster prediction. A UWSN includes multiple underwater wireless sensors, which can be used as deployment nodes, and the topology information of the UWSN is constructed based on the deployment locations of these nodes.

[0070] In UWSNs (Underwater Wireless Sensor Networks), underwater wireless sensors typically transmit data between adjacent sensors during underwater acoustic communication. However, these sensors are affected by factors such as ocean currents and waves, causing changes in their position and corresponding latitude and longitude coordinates, thus altering the UWSN's topology. Similarly, adding or removing underwater wireless sensors can also change the UWSN's topology.

[0071] Therefore, in this embodiment of the disclosure, the nodes to be deployed for communication can be dynamically determined based on the topology information of the UWSN. In specific implementation, the deployment node A that initiated the communication request can first be detected, and then the topology information can be obtained to determine the deployment node B adjacent to the deployment node A, and deployment node A and deployment node B can be determined as the nodes to be deployed for communication.

[0072] S103: Based on the deployment location of the node to be communicated, determine the communication key corresponding to the node to be communicated.

[0073] In this embodiment of the disclosure, for the sake of communication security, the communication data can be encrypted using the Elliptic Curve Cryptography (ECC) algorithm, and the data can be transmitted based on the encrypted communication data.

[0074] Based on this, the communication key used for encrypting and decrypting communication data can first be determined. Here, a dynamic encryption method can be adopted, that is, different communication keys are assigned to different deployment nodes. Specifically, the communication key corresponding to a deployment node can be determined based on the deployment location of the deployment node. This communication key includes a public key and a private key. The specific method for determining this communication key is described below and will not be repeated here.

[0075] S105: Encrypt the communication data based on the communication key to obtain the encryption result.

[0076] S107: Transmit the encryption result between the nodes to be deployed for communication.

[0077] In this embodiment of the disclosure, the nodes to be deployed for communication include a data encryption node and a data decryption node, wherein the data encryption node corresponds to a communication key A and the data decryption node corresponds to a communication key B.

[0078] When encrypting communication data, the communication data can be encrypted based on a portion of the key in communication key A and a portion of the key in communication key B to obtain an encrypted result including ciphertext, and then the encrypted result is sent to the data decryption node.

[0079] After receiving the encryption result, the data decryption node can decrypt the ciphertext. Specifically, it can decrypt the ciphertext based on a portion of the key in communication key A and a portion of the key in communication key B to obtain the communication data, thereby completing the data transmission between the nodes to be deployed. It should be understood that the key used for decryption may be the same as or different from the key used for encryption; this disclosure does not impose specific limitations on this.

[0080] As described above, in this embodiment, the topology information of the underwater wireless sensor network can first be obtained, and the communication deployment node can be dynamically determined based on this topology information, instead of directly specifying a fixed communication deployment node as in the static encryption method. Then, the communication key corresponding to the communication deployment node can be determined based on its deployment location. The communication data is then encrypted using this communication key to obtain an encryption result, which is transmitted between the communication deployment nodes. This associates the communication key with the deployment location of the communication deployment node, ensuring that the communication keys corresponding to deployment nodes at different locations are different. This achieves a dynamic encryption method using the ECC algorithm, improving the security of underwater communication based on the ECC algorithm.

[0081] In an optional implementation, step S101 above, which determines the communication deployment node based on the topology information, specifically includes the following process:

[0082] S1011: Taking the deployment node that initiates the communication request as the first deployment node, based on the topology information, determine the adjacent deployment nodes of the first deployment node, and determine the adjacent deployment nodes as the second deployment nodes that respond to the communication request.

[0083] S1012: Determine the deployment node to be communicated based on the first deployment node and the second deployment node.

[0084] In this embodiment of the disclosure, as described above, in UWSN, underwater wireless sensors typically transmit data between adjacent underwater wireless sensors when communicating. Based on this, after determining the first deployment node initiating the communication request, the adjacent deployment nodes of the first deployment node can be determined based on the aforementioned topology information, and these adjacent deployment nodes can be identified as the second deployment node. Then, the deployment node to be communicated can be determined based on the first and second deployment nodes.

[0085] Alternatively, the first deployment node can also specify a third deployment node for communication. Here, it can be determined whether the third deployment node is an adjacent deployment node of the first deployment node based on the above topology information.

[0086] If so, the node to be deployed for communication can be determined based on the first and third deployment nodes. If not, an intermediate deployment node adjacent to the first and third deployment nodes can be determined, and communication data can be transmitted to the third deployment node through this intermediate deployment node. Therefore, the node to be deployed for communication can be determined based on the first, intermediate, and second deployment nodes.

[0087] In this embodiment of the disclosure, it is considered that the underwater wireless sensors in the UWSN are dynamic. For example, the original underwater wireless sensors may be affected by factors such as ocean currents or waves, thereby changing their position and corresponding latitude and longitude coordinates. Or, the original underwater wireless sensors may be deactivated due to power depletion, and new underwater wireless sensors may be added.

[0088] Therefore, in this embodiment of the disclosure, the topology information of the UWSN can be dynamically updated. After the first deployment node that initiates the communication request is determined, the adjacent deployment nodes can be determined in real time based on the topology information, so as to determine the adjacent deployment node as the second deployment node, thereby improving the accuracy of the determined second deployment node and reducing the occurrence of communication failure due to the second deployment node not being an adjacent deployment node.

[0089] In an optional implementation, the aforementioned communication deployment node includes a first deployment node and a second deployment node, wherein the first deployment node includes at least one data encryption node, and the second deployment node includes at least one data decryption node. Step S103 is applied to the data encryption node, wherein determining the communication key corresponding to the communication deployment node based on the deployment location specifically includes the following process:

[0090] S1031: Determine the elliptic curve corresponding to the elliptic encryption algorithm.

[0091] In this embodiment, the situation in the ocean is more complex and the environment is harsher than on land. Due to the narrow bandwidth, high error rate, and low speed of underwater acoustic channels, as well as limitations such as charging difficulties, limited hardware resources, and less-than-ideal CPU computing power, more factors need to be considered when designing UWSN encryption algorithms. Among the important indicators that need to be considered when designing UWSN communication encryption algorithms are memory overhead, computational load, computational speed, and security. A reasonable encryption algorithm can improve the stability and reliability of UWSN communication.

[0092] Therefore, the elliptic cryptography algorithm, also known as the ECC algorithm, which features short keys, complex computations, short encryption time, good encryption effect, and high security, is well-suited for the UWSN usage environment. Specifically, the encryption effect of a 160-bit key ECC algorithm is equivalent to that of a 1024-bit RSA algorithm, and the encryption effect of a 210-bit key ECC algorithm is equivalent to that of a 2048-bit RSA algorithm.

[0093] Here, as Figure 2 The image shows a comparison of the encryption performance of the ECC and RSA algorithms, displaying graphs showing the relationship between different key lengths and corresponding ciphertext lengths in both algorithms. Figure 2 It is known that in the ECC algorithm, the change in ciphertext length caused by the change in key length is relatively small. Therefore, the amount of ciphertext data encrypted using the ECC algorithm is smaller, making it more suitable for data transmission in underwater environments.

[0094] When using the ECC algorithm for data encryption, the first step is to determine the elliptic curve corresponding to that ECC algorithm. For example, Figure 3 The diagram shows an elliptic curve corresponding to this ECC algorithm. The equation of the elliptic curve is as follows: y 2 ≡x 3 +ax+b(mod p), where a, b, and p are the principal parameters of the elliptic curve equation.

[0095] Therefore, the main parameters mentioned above can be initialized first. Here, parameter p is usually a large prime number, and 0 < a, b < p, to ensure that the determined elliptic curve is smooth and non-singular. At the same time, it should satisfy formula 4a. 2 +27b 2 ≠0(mod p), where mod represents the modulo operation, and the larger the parameter p is, the higher the security of encryption based on elliptic curves. At the same time, it should be ensured that the parameter p is not too large, which would slow down the calculation speed.

[0096] After determining multiple sets of main parameter combinations that satisfy the above conditions, any set of target parameter combinations can be selected from these sets, and the elliptic curve equation can be determined based on this target parameter combination. Here, the values ​​of x and y in this elliptic curve method should satisfy the following conditions: x and y are in the interval [0, p-1], and x and y ∈ N.

[0097] S1032: Based on the deployment location, determine the base point coordinates of the base point corresponding to the base point of the node to be deployed for communication.

[0098] S1033: Based on the coordinates of the base point location, calculate the first key corresponding to the first deployment node, and calculate the second key corresponding to the second deployment node.

[0099] In this embodiment of the disclosure, considering that in the static encryption method of the ECC algorithm, the encryption method of all nodes in UWSN is often the same, that is, the same key is used, which leads to poor security when the nodes communicate with each other.

[0100] Therefore, this disclosure can determine the corresponding base point G by combining the deployment location of each node to be communicated when determining the communication key of the node to be communicated, and calculate the communication key corresponding to each node to be communicated based on the coordinates of the base point. The communication key corresponding to each node to be communicated may include a public key and a private key. Here, the communication key corresponding to each node to be communicated may be different.

[0101] Here, considering that the underwater wireless sensors in UWSN may be affected by factors such as ocean currents or waves, thus changing their position and corresponding latitude and longitude coordinates, but their initial rated position remains unchanged, the initial position of the node to be deployed for communication can be used as the aforementioned deployment position.

[0102] When determining the base point G corresponding to the node to be deployed for communication based on the above deployment location, the nodes to be deployed for communication can first be connected, and an approximate point of the base point G can be determined on the connecting line or its extension. Here, the position of this approximate point can change over time. Then, the base point G corresponding to this approximate point on the elliptic curve can be determined. In specific implementation, based on pre-determined mapping information, the base point G on the elliptic curve that has a mapping relationship with the approximate point can be determined, and the base point position coordinates (x, y, y) of the base point G can be determined. g y g ).

[0103] Here, the mapping information includes the mapping relationship between each point on the elliptic curve and the latitude and longitude range of the deployment location of the underwater wireless sensor in the UWSN. The specific method for determining this mapping information is as follows, and will not be repeated here.

[0104] After determining the base point coordinates of base point G, the first key corresponding to the first deployment node and the second key corresponding to the second deployment node can be calculated based on these coordinates. Here, the first key and the second key can be a set of keys. The specific method for determining the base point coordinates of base point G and calculating the first and second keys based on these coordinates is described below and will not be repeated here.

[0105] In this embodiment, considering that in the static encryption method of the ECC algorithm, all nodes in a UWSN often use the same encryption method, i.e., the same key, resulting in poor security when communicating between nodes. Therefore, this disclosure can determine the corresponding base point G by combining the deployment location of each node with the base point's coordinates when determining the communication key for the nodes to be deployed, and calculate the communication key corresponding to each node based on the base point's coordinates. This allows the communication key for each node to be deployed to be different, thereby realizing a dynamic encryption method of the ECC algorithm and improving the security of communication data in the UWSN.

[0106] In an optional implementation, step S1032 is applied to the data encryption node, wherein determining the base point location coordinates of the base point corresponding to the node to be deployed for communication specifically includes the following process:

[0107] (1) Based on the deployment location, determine the first deployment location of the first deployment node and the second deployment location of the second deployment node respectively;

[0108] (2) Map the first deployment position onto the elliptic curve to obtain the first position coordinates, and map the second deployment position onto the elliptic curve to obtain the second position coordinates;

[0109] (3) Obtain the time function, and calculate the horizontal and vertical coordinates of the base point based on the time function, the first position coordinate and the second position coordinate respectively, to obtain the base point position coordinates.

[0110] In this embodiment of the disclosure, the mapping relationship between each point on the elliptic curve and the latitude and longitude range of the deployment location corresponding to the underwater wireless sensor in the UWSN can first be determined. For example, the latitude and longitude range of the deployment location corresponding to the underwater wireless sensor in the UWSN is (O, N), that is, the latitude and longitude of the deployment location of the underwater wireless sensor in the UWSN are all within this latitude and longitude range.

[0111] Next, a set of multiple points can be determined in the elliptic curve, for example, point A to point E. Then, a subset of latitude and longitude ranges (O1, N1) corresponding to this set can be determined, and a mapping relationship between this subset and the set of points can be established. It should be understood that a mapping relationship between the corresponding latitude and longitude ranges can be determined for each point in the elliptic curve, and a mapping table can be established based on the determined mapping relationships.

[0112] Based on this, after determining the first and second deployment locations, a query can be performed based on the mapping table to obtain the points on the elliptic curve that have a mapping relationship with the latitude and longitude of the first deployment location, and the points on the elliptic curve that have a mapping relationship with the latitude and longitude of the second deployment location. The coordinates of the obtained points can then be determined to obtain the coordinates of the first and second locations.

[0113] For example, if the point corresponding to the first deployment position on the elliptic curve is determined to be point A, the first position coordinates of point A are (x... A y A The second deployment position corresponds to point B on the elliptic curve, and the coordinates of point B's second position are (x...). B y B Next, we can obtain the time function λ. t , where λ t It is a function of time t, and λ t ≠1.

[0114] Here, with time synchronization across all deployment nodes, λ t The value of λ can change over time, thus achieving the effect of updating over time, so that the determined base point position coordinates are updated over time. Alternatively, this λ... t It can also be set to a fixed value to reduce the amount of calculation when determining the coordinates of the base point, thereby reducing the computational load in UWSN.

[0115] When calculating the coordinates of the base point based on this time function, the formula can be used. Calculations are performed to obtain the coordinates of the base point (x). g y g ).

[0116] In this embodiment of the disclosure, when calculating the base point location coordinates, in addition to introducing the location coordinates of the node to be deployed for communication, a time function can also be introduced. The value of the time function can change with time, thereby achieving the effect of updating with time, so that the determined base point location coordinates are updated with time, thereby realizing the time-segmented encryption of the ECC algorithm and further improving the security of communication data in UWSN.

[0117] In an optional embodiment, the above step S1033 is applied to the above data encryption node. Based on the base point position coordinates, calculate the first key corresponding to the first deployment node and the second key corresponding to the second deployment node. The specific process is as follows:

[0118] (1) Obtain the order information of the elliptic curve, and determine the first private key corresponding to the first deployment node and the second private key corresponding to the second deployment node based on the order information;

[0119] (2) Perform an elliptic curve multiplication operation on the first private key and the base point position coordinates to obtain the first public key, and calculate the product of the second private key and the base point position coordinates to obtain the second public key;

[0120] (3) Determine the first key according to the first private key and the first public key, and determine the second key according to the second private key and the second public key.

[0121] In the embodiment of the present disclosure, first, the order information of the above elliptic curve can be obtained to determine the order n of the elliptic curve based on this order information, where n can be a positive integer. Then, based on the order n, the first private key K of the first deployment node A can be determined A , and the second private key K of the second deployment node B B . Here, the first private key and the second private key are the same or different, 0 < K A , K B < n, and the value ranges of K A and K B are both (0, n). At the same time, K A and K B should be integers.

[0122] After determining the above K A and K B , the product of K A and the base point position coordinates can be calculated to obtain the first public key P corresponding to the first deployment node A , that is, P A = K A G. In addition, the product of K B and the base point position coordinates can be calculated to obtain the second public key P corresponding to the second deployment node B , that is, P B = K B G. Next, the determined K A and P A can be determined as the first key corresponding to the first deployment node, and the determined K B and P BThe second key is identified as the one corresponding to the second deployment node.

[0123] In this embodiment, the public key can be determined based on the private key of the node to be deployed for communication, making the method of determining the public key simpler and saving computing resources. Meanwhile, calculating the private key from the public key requires determining the base point G, which is difficult to determine. This makes it difficult to deduce the private key from the public key, thereby further improving the security of communication data in UWSN.

[0124] In an optional implementation, step S105 is applied to the data encryption node, wherein encrypting the communication data based on the communication key specifically includes the following process:

[0125] S1051: Based on the communication key, the communication data is encrypted to obtain the first encrypted data.

[0126] S1052: Obtain the node number of the node to be deployed for communication, and calculate the sum of the node numbers.

[0127] S1053: Calculate the product of the data length of the first encrypted data and the sum of the labels to obtain the expansion factor.

[0128] S1054: Expand the number of bits of the first encrypted data based on the expansion factor, and extract the second encrypted data according to the expansion result.

[0129] In this embodiment of the disclosure, the communication data can first be encrypted based on the ECC algorithm to obtain the first encrypted data C1. Here, the communication data can be encrypted based on at least a portion of the communication key in the determined ECC algorithm. The specific encryption process is described below and will not be repeated here.

[0130] Next, the obtained C1 can be encrypted a second time to obtain the second encrypted data C2. The specific second encryption process is as follows: Figure 4 As shown. First, the node identifier (id) of the node to be deployed for communication can be obtained, and the identifier and H of the id can be calculated. Then, the first encrypted data (i.e., Figure 4 The data length L of C1 is calculated, and the product of the data length and the label is obtained to get the expansion factor HL.

[0131] After determining the above HL, the first encrypted data C1(a1, a2, ... a2) can be encrypted based on the HL. l , ..., a L Expanding a1, we get: Figure 4The expanded encrypted data is shown below. Then, the expanded encrypted data can be shifted left by H bits, and the first L bits of ciphertext can be extracted as the second encrypted data C2.

[0132] Here, during the process of cyclically shifting the expanded encrypted data to the left by H bits, each removed bit can be added to the empty position at the end of the expanded encrypted data. Before performing the cyclic shift, C1 can be converted to binary or hexadecimal for easier subsequent operations.

[0133] In this embodiment of the disclosure, after encrypting the communication data based on the ECC algorithm to obtain the first encrypted data C1, the first encrypted data C1 can be encrypted a second time to obtain the second encrypted data C2, thereby further improving the security of the communication data in UWSN.

[0134] In an optional implementation, the communication key includes a first key and a second key, wherein the first key includes a first private key and the second key includes a second public key. Step S1051 is applied to the data encryption node, wherein the communication data is encrypted based on the communication key to obtain first encrypted data, specifically including the following process:

[0135] (1) Obtain the elliptic curve corresponding to the elliptic encryption algorithm, and determine the encryption point on the elliptic curve where the product of the first private key and the second public key is mapped.

[0136] (2) Determine the encryption coordinates of the encryption point, and encrypt the communication data based on the encryption coordinates to obtain the first encrypted data.

[0137] In this embodiment of the disclosure, by Figure 3 It can be seen that the elliptic curve of the graph of the equation y=kx+d intersects at points P, Q and R. The point addition definition P+Q=R of the elliptic curve in the continuous domain always holds, and the operation process of this definition is as follows.

[0138] Let the coordinates of point P be (x, y, y). P y P The coordinates of point Q are (x, y). Q y Q Here, we can first use the formula. Calculate the slope k, where a is the main parameter mentioned above. Next, we can use the formula x... R ≡(k 2 -x P -x Q (mod p) and the formula y R ≡(k(x P -x R )-y P(mod p) calculates the coordinates of point R as (x R y R ).

[0139] Based on the definition P+Q=R above, the encryption method for encrypting communication data using the elliptic curve encryption algorithm can be determined. Specifically, firstly, any point on the elliptic curve can be designated as the encryption point, and the encryption coordinates of this point can be determined. Here, to improve the confidentiality of the encryption point, the connectivity between this encryption point and the first and second deployment nodes can be enhanced. For example, the first private key K of this encryption point... A With the second public key P B The product K A P b The point mapped onto the elliptic curve has encrypted coordinates (x...). AB y AB ).

[0140] Next, the communication data can be encrypted based on the encrypted coordinates to obtain the first encrypted data C1, where C1 satisfies the encryption formula C1 = x AB M+y AB The encryption formula is derived from the above definition P+Q=R, and the specific derivation process will not be repeated in this disclosure.

[0141] In this embodiment of the disclosure, communication data can be encrypted based on encrypted coordinates to obtain first encrypted data. Here, the encryption point corresponding to the encrypted coordinates can be the first private key K. A With the second public key P B The product K A P b The points mapped onto the elliptic curve enhance the connectivity between the encrypted point and the first and second deployment nodes, making the first encrypted data more difficult to crack.

[0142] In an optional implementation, the communication deployment nodes include a first deployment node and a second deployment node, wherein the first deployment node includes a data encryption node and the second deployment node includes a data decryption node. Step S107, which involves data transmission between the communication deployment nodes based on the encryption result and applied to the data decryption node, further includes the following process:

[0143] S1071: After the second deployment node receives the second encrypted data sent by the first deployment node, it calculates the second encrypted data based on the label and the data length to obtain the first encrypted data.

[0144] S1072: Based on the communication key, the first encrypted data is decrypted to obtain the communication data.

[0145] In this embodiment of the disclosure, when data is transmitted between nodes to be deployed for communication, after the first deployment node encrypts the communication data, the encrypted second encrypted data C2 can be transmitted to the second deployment node.

[0146] After receiving the second encrypted data C2, the second deployment node can first decrypt C2 to obtain the first encrypted data C1. Specifically, it can first obtain the expansion factor HL and expand the number of bits of C2 based on HL to obtain the expanded C2. Next, it can cyclically shift the expanded C2 to the right by H bits and extract the last L bits to obtain the first encrypted data C1.

[0147] After C1 is identified, it can be decrypted a second time to obtain the communication data, thereby completing the data transmission between the nodes to be deployed for communication. The specific decryption process is as follows, and will not be repeated here.

[0148] In this embodiment of the disclosure, the second encrypted data can be decrypted first to obtain the first encrypted data, which provides a technical basis for the subsequent second decryption of the first encrypted data.

[0149] In an optional implementation, the communication key includes a first key and a second key, wherein the first key includes a first public key and the second key includes a second private key. Step S1072 is applied to the data decryption node, wherein decrypting the first encrypted data based on the communication key to obtain the communication data specifically includes the following process:

[0150] (1) Obtain the elliptic curve corresponding to the elliptic encryption algorithm, and determine the decryption point on the elliptic curve where the product of the second private key and the first public key is mapped.

[0151] (2) Determine the decryption coordinates of the decryption point, and decrypt the first encrypted data based on the decryption coordinates to obtain the communication data.

[0152] In this embodiment of the disclosure, the decryption point can first be determined, where the communication data CK is... A P B M, and furthermore, as can be seen from the above, P A =K A G, P B =K B G. Based on this, we can deduce the following: C = K A P B M=K A (K B G)M=K B(K A G)M=K B P A M, where C is a preset constant, therefore, the decryption point is the second private key K. B With the first public key P A The product K B P A .

[0153] After determining the decryption point K B P A Then, the decryption coordinates (x, y) of the decryption point can be determined. BA y BA ), compared to based on the decryption formula Decrypting the first encrypted data yields the communication data M.

[0154] In this embodiment of the disclosure, the corresponding decryption point can be determined based on the above-mentioned encryption point, and the first encrypted data can be decrypted based on the decryption coordinates of the decryption point to obtain communication data, so as to complete the data transmission between the nodes to be deployed for communication.

[0155] In summary, in this embodiment, the topology information of the underwater wireless sensor network can first be obtained, and the communication deployment nodes can be dynamically determined based on this topology information, instead of directly specifying fixed communication deployment nodes as in static encryption methods. Then, the communication key corresponding to the communication deployment node can be determined based on its deployment location. The communication data is then encrypted using this communication key to obtain an encryption result, which is transmitted between the communication deployment nodes. This associates the communication key with the deployment location of the communication deployment node, ensuring that the communication keys corresponding to deployment nodes at different locations are different. This achieves a dynamic encryption method using the ECC algorithm, improving the security of underwater communication based on the ECC algorithm.

[0156] Those skilled in the art will understand that, in the above-described method of the specific implementation, the order in which each step is written does not imply a strict execution order and does not constitute any limitation on the implementation process. The specific execution order of each step should be determined by its function and possible internal logic.

[0157] Based on the same inventive concept, this disclosure also provides a dynamic data encryption device corresponding to the dynamic data encryption method. Since the principle of the device in this disclosure is similar to the dynamic data encryption method described above, the implementation of the device can refer to the implementation of the method, and the repeated parts will not be described again.

[0158] Reference Figure 5The diagram shown is a schematic of a dynamic data encryption device provided in an embodiment of this disclosure. The device includes: an acquisition unit 51, a determination unit 52, an encryption unit 53, and a transmission unit 54; wherein,

[0159] The acquisition unit 51 is used to acquire the topology information of the underwater wireless sensor network and determine the communication deployment nodes based on the topology information, wherein the topology information includes multiple deployment nodes for underwater acoustic communication.

[0160] The determining unit 52 is used to determine the communication key corresponding to the node to be deployed based on the deployment location of the node to be deployed.

[0161] Encryption unit 53 is used to encrypt communication data based on the communication key to obtain an encryption result;

[0162] The transmission unit 54 is used to transmit the encryption result between the nodes to be deployed for communication.

[0163] In this embodiment, the topology information of the underwater wireless sensor network is first acquired, and the nodes to be deployed for communication are dynamically determined based on this topology information, instead of directly specifying fixed nodes as in static encryption methods. Then, the communication key corresponding to the node to be deployed is determined based on its deployment location. The communication data is then encrypted using this communication key, and the encrypted result is transmitted between the nodes to be deployed. This associates the communication key with the deployment location of the node, ensuring that nodes at different locations have different communication keys. This dynamic encryption method using the ECC algorithm improves the security of underwater communication based on the ECC algorithm.

[0164] In one possible implementation, the communication deployment node includes a first deployment node and a second deployment node, wherein the first deployment node includes at least one data encryption node, the second deployment node includes at least one data decryption node, and the determining unit 52 is further configured to:

[0165] The step of determining the communication key corresponding to the deployment node to be communicated based on the deployment location includes:

[0166] Determine the elliptic curve corresponding to the elliptic encryption algorithm;

[0167] Based on the deployment location, determine the base point coordinates of the base point corresponding to the deployment node to be communicated;

[0168] Based on the coordinates of the base point location, calculate the first key corresponding to the first deployment node, and calculate the second key corresponding to the second deployment node.

[0169] In one possible implementation, the determining unit 52 is further configured to:

[0170] Based on the deployment locations, the first deployment location of the first deployment node and the second deployment location of the second deployment node are determined respectively.

[0171] Map the first deployment location onto the elliptic curve to obtain the first location coordinates, and map the second deployment location onto the elliptic curve to obtain the second location coordinates;

[0172] Obtain the time function, and calculate the horizontal and vertical coordinates of the base point based on the time function, the first position coordinate, and the second position coordinate, respectively, to obtain the base point position coordinates.

[0173] In one possible implementation, the determining unit 52 is further configured to:

[0174] Obtain the order information of the elliptic curve, and determine the first private key corresponding to the first deployment node and the second private key corresponding to the second deployment node based on the order information;

[0175] Perform an elliptic curve product operation on the first private key and the coordinates of the base point to obtain the first public key, and calculate the product of the second private key and the coordinates of the base point to obtain the second public key;

[0176] The first key is determined based on the first private key and the first public key, and the second key is determined based on the second private key and the second public key.

[0177] In one possible implementation, the encryption unit 53 is further configured to:

[0178] Based on the communication key, the communication data is encrypted to obtain the first encrypted data;

[0179] Obtain the node identifier of the node to be deployed for communication, and calculate the sum of the identifiers of the node identifiers;

[0180] Calculate the product of the data length of the first encrypted data and the sum of the labels to obtain the expansion factor;

[0181] The number of bits in the first encrypted data is expanded based on the expansion factor, and the second encrypted data is truncated based on the expansion result.

[0182] In one possible implementation, the communication key includes a first key and a second key, wherein the first key includes a first private key, the second key includes a second public key, and the encryption unit 53 is further used for:

[0183] Obtain the elliptic curve corresponding to the elliptic encryption algorithm, and determine the encryption point on the elliptic curve where the product of the first private key and the second public key is mapped.

[0184] The encryption coordinates of the encryption point are determined, and the communication data is encrypted based on the encryption coordinates to obtain the first encrypted data.

[0185] In one possible implementation, the communication deployment node includes a first deployment node and a second deployment node, wherein the first deployment node includes at least one data encryption node, the second deployment node includes at least one data decryption node, and the transmission unit 54 is further configured to:

[0186] After the second deployment node receives the second encrypted data sent by the first deployment node, it calculates the second encrypted data based on the label and the data length to obtain the first encrypted data;

[0187] Based on the communication key, the first encrypted data is decrypted to obtain the communication data.

[0188] In one possible implementation, the communication key includes a first key and a second key, wherein the first key includes a first public key, the second key includes a second private key, and the encryption unit 53 is further used for:

[0189] Obtain the elliptic curve corresponding to the elliptic encryption algorithm, and determine the decryption point on the elliptic curve where the product of the second private key and the first public key is mapped.

[0190] The decryption coordinates of the decryption point are determined, and the first encrypted data is decrypted based on the decryption coordinates to obtain the communication data.

[0191] In one possible implementation, the acquisition unit 51 is further configured to:

[0192] The deployment node that initiates the communication request is designated as the first deployment node. Based on the topology information, the adjacent deployment nodes of the first deployment node are determined, and the adjacent deployment nodes are designated as the second deployment nodes that respond to the communication request.

[0193] The deployment node to be communicated is determined based on the first deployment node and the second deployment node.

[0194] The description of the processing flow of each unit in the device and the interaction flow between each unit can be found in the relevant descriptions in the above method embodiments, and will not be detailed here.

[0195] Corresponding to Figure 1 In addition to the dynamic data encryption method in this disclosure, this embodiment also provides a computer device 600, such as... Figure 6 The diagram shown is a structural schematic of a computer device 600 provided in an embodiment of this disclosure, including:

[0196] The computer device 600 comprises a processor 61, a memory 62, and a bus 63. The memory 62 stores execution instructions and includes main memory 621 and external memory 622. Main memory 621, also called internal memory, temporarily stores computational data in the processor 61, as well as data exchanged with external memory such as a hard disk. The processor 61 exchanges data with external memory 622 through main memory 621. When the computer device 600 is running, the processor 61 communicates with the memory 62 through the bus 63, causing the processor 61 to execute the following instructions:

[0197] The topology information of an underwater wireless sensor network is acquired, and based on the topology information, the nodes to be deployed for communication are determined, wherein the topology information includes multiple deployment nodes for underwater acoustic communication.

[0198] Based on the deployment location of the node to be communicated, determine the communication key corresponding to the node to be communicated;

[0199] The communication data is encrypted using the communication key to obtain the encryption result.

[0200] The encryption result is transmitted between the nodes to be deployed for communication.

[0201] This disclosure also provides a computer-readable storage medium storing a computer program, which, when executed by a processor, performs the steps of the dynamic data encryption method described in the above-described method embodiments. The storage medium can be a volatile or non-volatile computer-readable storage medium.

[0202] This disclosure also provides a computer program product carrying program code. The program code includes instructions that can be used to execute the steps of the dynamic data encryption method described in the above method embodiments. For details, please refer to the above method embodiments, which will not be repeated here.

[0203] The aforementioned computer program product can be implemented through hardware, software, or a combination thereof. In one optional embodiment, the computer program product is specifically embodied in a computer storage medium; in another optional embodiment, the computer program product is specifically embodied in a software product, such as a software development kit (SDK), etc.

[0204] Those skilled in the art will clearly understand that, for the sake of convenience and brevity, the specific working processes of the systems and devices described above can be referred to the corresponding processes in the foregoing method embodiments, and will not be repeated here. In the several embodiments provided in this disclosure, it should be understood that the disclosed systems, devices, and methods can be implemented in other ways. The device embodiments described above are merely illustrative. For example, the division of units is only a logical functional division; in actual implementation, there may be other division methods. Furthermore, multiple units or components may be combined or integrated into another system, or some features may be ignored or not executed. Another point is that the displayed or discussed mutual coupling or direct coupling or communication connection may be through some communication interfaces; the indirect coupling or communication connection of devices or units may be electrical, mechanical, or other forms.

[0205] The units described as separate components may or may not be physically separate. The components shown as units may or may not be physical units; that is, they may be located in one place or distributed across multiple network units. Some or all of the units can be selected to achieve the purpose of this embodiment according to actual needs.

[0206] In addition, the functional units in the various embodiments of this disclosure can be integrated into one processing unit, or each unit can exist physically separately, or two or more units can be integrated into one unit.

[0207] If the aforementioned functions are implemented as software functional units and sold or used as independent products, they can be stored in a processor-executable, non-volatile, computer-readable storage medium. Based on this understanding, the technical solution of this disclosure, in essence, or the part that contributes to the prior art, or a portion of the technical solution, can be embodied in the form of a software product. This computer software product is stored in a storage medium and includes several instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of this disclosure. The aforementioned storage medium includes various media capable of storing program code, such as USB flash drives, portable hard drives, read-only memory (ROM), random access memory (RAM), magnetic disks, or optical disks.

[0208] Finally, it should be noted that the above-described embodiments are merely specific implementations of this disclosure, used to illustrate the technical solutions of this disclosure, and not to limit it. The protection scope of this disclosure is not limited thereto. Although this disclosure has been described in detail with reference to the foregoing embodiments, those skilled in the art should understand that any person skilled in the art can still modify or easily conceive of changes to the technical solutions described in the foregoing embodiments, or make equivalent substitutions for some of the technical features, within the scope of the technology disclosed in this disclosure. Such modifications, changes, or substitutions do not cause the essence of the corresponding technical solutions to deviate from the spirit and scope of the technical solutions of the embodiments of this disclosure, and should all be covered within the protection scope of this disclosure. Therefore, the protection scope of this disclosure should be determined by the protection scope of the claims.

Claims

1. A dynamic data encryption method, characterized by, include: The topology information of an underwater wireless sensor network is acquired, and based on the topology information, the nodes to be deployed for communication are determined, wherein the topology information includes multiple deployment nodes for underwater acoustic communication. Based on the deployment location of the node to be communicated, determine the communication key corresponding to the node to be communicated; The communication data is encrypted using the communication key to obtain the encryption result. The encryption result is transmitted between the nodes to be deployed for communication. The communication deployment node includes a first deployment node and a second deployment node, wherein the first deployment node includes at least one data encryption node and the second deployment node includes at least one data decryption node; The step of determining the communication key corresponding to the deployment node to be communicated based on the deployment location includes: Determine the elliptic curve corresponding to the elliptic encryption algorithm; Based on the deployment location, determine the base point coordinates of the base point corresponding to the deployment node to be communicated; Based on the coordinates of the base point location, calculate the first key corresponding to the first deployment node, and calculate the second key corresponding to the second deployment node; The step of calculating the first key corresponding to the first deployment node and the second key corresponding to the second deployment node based on the base point location coordinates includes: Obtain the order information of the elliptic curve, and determine the first private key corresponding to the first deployment node and the second private key corresponding to the second deployment node based on the order information; Perform an elliptic curve product operation on the first private key and the coordinates of the base point to obtain the first public key, and calculate the product of the second private key and the coordinates of the base point to obtain the second public key; The first key is determined based on the first private key and the first public key, and the second key is determined based on the second private key and the second public key.

2. The method according to claim 1, characterized in that, Determining the base point location coordinates of the base point corresponding to the node to be deployed for communication includes: Based on the deployment locations, the first deployment location of the first deployment node and the second deployment location of the second deployment node are determined respectively. Map the first deployment location onto the elliptic curve to obtain the first location coordinates, and map the second deployment location onto the elliptic curve to obtain the second location coordinates; Obtain the time function, and calculate the horizontal and vertical coordinates of the base point based on the time function, the first position coordinate, and the second position coordinate, respectively, to obtain the base point position coordinates.

3. The method according to claim 1, characterized in that, The encryption of communication data based on the communication key includes: Based on the communication key, the communication data is encrypted to obtain the first encrypted data; Obtain the node identifier of the node to be deployed for communication, and calculate the sum of the identifiers of the node identifiers; Calculate the product of the data length of the first encrypted data and the sum of the labels to obtain the expansion factor; The number of bits in the first encrypted data is expanded based on the expansion factor, and the second encrypted data is truncated based on the expansion result.

4. The method according to claim 3, characterized in that, The communication key includes a first key and a second key, wherein the first key includes a first private key and the second key includes a second public key; The step of encrypting the communication data based on the communication key to obtain first encrypted data includes: Obtain the elliptic curve corresponding to the elliptic encryption algorithm, and determine the encryption point on the elliptic curve where the product of the first private key and the second public key is mapped. The encryption coordinates of the encryption point are determined, and the communication data is encrypted based on the encryption coordinates to obtain the first encrypted data.

5. The method according to claim 3, characterized in that, The communication deployment node includes a first deployment node and a second deployment node, wherein the first deployment node includes at least one data encryption node and the second deployment node includes at least one data decryption node; The step of transmitting data between the nodes to be deployed for communication based on the encryption result includes: After the second deployment node receives the second encrypted data sent by the first deployment node, it calculates the second encrypted data based on the label and the data length to obtain the first encrypted data; Based on the communication key, the first encrypted data is decrypted to obtain the communication data.

6. The method according to claim 5, characterized in that, The communication key includes a first key and a second key, wherein the first key includes a first public key and the second key includes a second private key; The step of decrypting the first encrypted data based on the communication key to obtain the communication data includes: Obtain the elliptic curve corresponding to the elliptic encryption algorithm, and determine the decryption point on the elliptic curve where the product of the second private key and the first public key is mapped. The decryption coordinates of the decryption point are determined, and the first encrypted data is decrypted based on the decryption coordinates to obtain the communication data.

7. The method according to claim 1, characterized in that, The step of determining the nodes to be deployed for communication based on the topology information includes: The deployment node that initiates the communication request is designated as the first deployment node. Based on the topology information, the adjacent deployment nodes of the first deployment node are determined, and the adjacent deployment nodes are designated as the second deployment nodes that respond to the communication request. The deployment node to be communicated is determined based on the first deployment node and the second deployment node.

8. A dynamic data encryption device, characterized in that, include: An acquisition unit is used to acquire the topology information of an underwater wireless sensor network and, based on the topology information, determine the nodes to be deployed for communication, wherein the topology information includes multiple deployment nodes for underwater acoustic communication. The determining unit is used to determine the communication key corresponding to the node to be deployed based on the deployment location of the node to be deployed. An encryption unit is used to encrypt communication data based on the communication key to obtain an encryption result; A transmission unit is used to transmit the encryption result between the nodes to be deployed for communication; The communication deployment node includes a first deployment node and a second deployment node, wherein the first deployment node includes at least one data encryption node and the second deployment node includes at least one data decryption node; The step of determining the communication key corresponding to the deployment node to be communicated based on the deployment location includes: Determine the elliptic curve corresponding to the elliptic encryption algorithm; Based on the deployment location, determine the base point coordinates of the base point corresponding to the deployment node to be communicated; Based on the coordinates of the base point location, calculate the first key corresponding to the first deployment node, and calculate the second key corresponding to the second deployment node; The step of calculating the first key corresponding to the first deployment node and the second key corresponding to the second deployment node based on the base point location coordinates includes: Obtain the order information of the elliptic curve, and determine the first private key corresponding to the first deployment node and the second private key corresponding to the second deployment node based on the order information; Perform an elliptic curve product operation on the first private key and the coordinates of the base point to obtain the first public key, and calculate the product of the second private key and the coordinates of the base point to obtain the second public key; The first key is determined based on the first private key and the first public key, and the second key is determined based on the second private key and the second public key.

9. A computer device, characterized in that, include: The computer device includes a processor, a memory, and a bus. The memory stores machine-readable instructions executable by the processor. When the computer device is running, the processor communicates with the memory via the bus. When the machine-readable instructions are executed by the processor, they perform the steps of the dynamic data encryption method as described in any one of claims 1 to 7.

10. A computer-readable storage medium, characterized in that, The computer-readable storage medium stores a computer program that, when executed by a processor, performs the steps of the dynamic data encryption method as described in any one of claims 1 to 7.