Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Encryption and decryption method and terminal based on network transmission data packet

A network transmission and data packet technology, which is applied to the encryption and decryption method of data packets and the terminal field, can solve the problems of hidden dangers, increase network communication flow, difficult to achieve, etc., achieve high security, and avoid the effect of network communication flow

Active Publication Date: 2018-01-16
PEKING UNIV SHENZHEN GRADUATE SCHOOL
View PDF8 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The disadvantage of this method is that both parties need to establish a fixed key table in advance, and the key table should be large enough to ensure the randomness of the key, which consumes a lot of memory resources, especially for mobile terminal equipment. ;This method increases the data transmitted in the network in order to ensure the encryption and decryption keys are synchronized, and additionally adds random numbers and random data of the remainder length; in addition, this method is difficult to effectively define the random number and the random data of the added remainder length
The disadvantage of this method is that simply connecting both parties to a synchronization signal source to achieve key synchronization is difficult to achieve in reality, and large-scale system expansion cannot be performed; adding a fixed constant bit to determine whether synchronization brings new Security risks
The disadvantage of this method is that it is difficult to fully guarantee that the keys distributed by the first network entity can be received by the second network entity in practical applications. When some keys distributed by the first communication entity cannot be received by the second communication entity , the key tables of both communication parties will be out of synchronization, and this method will not be implemented correctly, so this method does not really realize the key synchronization function; additional network traffic
The disadvantage of this method is that both parties need to establish a fixed key mapping table in advance, which also faces a huge resource consumption problem; both parties need to always maintain a secure clock for synchronization, which is often difficult to achieve in practical applications ; This method needs to periodically send a synchronous control frame containing a key index, which increases additional network communication traffic

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Encryption and decryption method and terminal based on network transmission data packet
  • Encryption and decryption method and terminal based on network transmission data packet
  • Encryption and decryption method and terminal based on network transmission data packet

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0045] A specific implementation of the method for encrypting and decrypting data packets based on network transmission in the present invention can be referred to Figure 1-a and Figure 1-b , the specific steps include:

[0046] M001. Determine session key SK and random initialization vector IV.

[0047] The communication parties negotiate the session key SK and the 256-bit random initialization vector IV based on a specific security mechanism during the session initialization phase. The so-called session key SK and random initialization vector IV are commonly used by both communication parties to establish their respective communication password tables. Therefore, before the communication parties establish voice communication, they need to negotiate the relevant parameters of the call. It is easy to understand that since both communication parties have the same session key SK and random initialization vector IV, any one of the communication parties can determine the sessio...

Embodiment 2

[0101] Due to unavoidable factors such as the network, in the communication process, it is inevitable that some data packets will not be received by the receiving end, which is called packet loss in this application. Due to the occurrence of packet loss, not only the lost data will be lost, but also the second update cannot match the first update. This is because the password table at the sender is updated every time a data packet is encrypted, so that the subsequent decryption does not match the encryption at the sender, causing errors in subsequent communications.

[0102] The method provided in this embodiment can effectively synchronize the second update when packet loss occurs. Please refer to figure 2 The difference between this embodiment and Embodiment 1 is that in the decryption process at the receiving end, after receiving the encrypted data packet, the receiving end also performs a packet loss synchronization processing flow M20, which specifically includes the fo...

Embodiment 3

[0119] A specific implementation of the encryption and decryption terminal suitable for VoIP media transmission in the present invention can be referred to image 3 , the encryption and decryption terminal in this embodiment can be used to execute the encryption and decryption methods involved in the above embodiments. The specific structure includes:

[0120] A key and initial vector acquisition unit 301, configured to determine a commonly used session key SK and a random initial vector IV when both communicating parties initiate a session;

[0121] A password table generating unit 302, configured to generate password tables P and Q according to the session key SK and the random initialization vector IV;

[0122] A data packet obtaining unit 311, configured to obtain an original data packet, the so-called original data packet is an unencrypted data packet;

[0123] The starting point extracting unit 312 extracts the first starting point according to the header information s...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present application discloses a method for encrypting and decrypting data packets based on network transmission and a terminal. Using the end-to-end real-time encryption method based on the stream cipher algorithm, the communication parties negotiate the session parameters and establish the password table respectively in the session initialization phase. The sender extracts the header information of the data packet to generate the starting point of the key stream, and generates a section of the key stream according to the cipher table and the starting point to XOR the encrypted data packet payload. The receiver judges whether there is a network packet loss based on the header information of the data packet. When there is a packet loss, the receiver first completes the synchronization of the password table, and then generates a synchronized key based on the updated password table and the starting point to decrypt the data packet payload. This application realizes the real-time encryption technology with key self-synchronization function under the network condition of packet loss without additional increase of network communication traffic and online real-time key stream generation.

Description

technical field [0001] The present application relates to the field of secure network communication, in particular to a method for encrypting and decrypting data packets based on network transmission and a terminal. Background technique [0002] The Internet network has been widely used in the communication field because of its simplicity, cheapness and openness. For example, VoIP (Voice over Internet Protocol) is a new communication technology that uses the Internet to spread voice packets. However, due to the openness of the Internet and its own insecurity, network transmission data has more insecure factors than traditional technologies such as voice communication based on circuit switching. In order to ensure the security of voice, video, image and / or text transmission in an open network, the most common technology is to encrypt the transmission of data packets. However, encrypting the data packets additionally increases the communication delay, which is especially a gr...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): H04L9/32
Inventor 雷凯袁杰
Owner PEKING UNIV SHENZHEN GRADUATE SCHOOL
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com