CN109150499B

Movatterモバイル変換

Info

Publication number: CN109150499B
Application number: CN201810995538.9A
Authority: CN
Inventors: 谢晓勇
Original assignee: Shenzhen Miniwan Technology Co ltd
Current assignee: Shenzhen Miniwan Technology Co ltd
Priority date: 2018-08-29
Filing date: 2018-08-29
Publication date: 2021-06-08
Anticipated expiration: 2038-08-29
Also published as: CN109150499A

Abstract

The invention discloses a method, a device, computer equipment and a storage medium for dynamically encrypting data, wherein the method comprises the following steps: acquiring and storing a random character string serving as an encryption key source; performing specified abstract operation on specified characteristic information about data packet transmission with a server; determining an initial character of an encryption key selected from the random character string according to the result of the specified abstract operation; obtaining an encryption key in the random character string starting from the starting character; encrypting a data packet to be transmitted by using the encryption key according to a preset encryption algorithm; and sending the encrypted data packet to be sent. The method improves the security of data encryption.

Description

Method and device for dynamically encrypting data, computer equipment and storage medium

Technical Field

The present invention relates to the field of internet information encryption, and in particular, to a method, an apparatus, a computer device, and a storage medium for dynamically encrypting data.

Background

Today, people perform various operations on the internet every day as the internet permeates into every corner of life. In these operations, the actions of mail exchange, online transaction, etc. that require data security have absolute requirements on the reliability and security of data encryption. Therefore, encryption technology of data is becoming an important ring in the development of internet technology today.

In the existing data encryption technology applied to the internet, a client and a server establish connection for communication, and an encryption key and a decryption key used in the whole communication process are fixed as a key pair generated and distributed at the beginning of communication. Once the key is intercepted by an attacker, all data in the communication process can be cracked and acquired, so that important information is leaked.

Disclosure of Invention

Based on this, in order to solve the technical problem faced by how to encrypt data more safely and reliably from the technical aspect in the related art, the invention provides a method, an apparatus, a computer device and a storage medium for dynamically encrypting data.

In a first aspect, a method for dynamically encrypting data is provided, including:

acquiring and storing a random character string serving as an encryption key source;

performing specified abstract operation on specified characteristic information about data packet transmission with a server;

determining an initial character of an encryption key selected from the random character string according to the result of the specified abstract operation;

obtaining an encryption key in the random character string starting from the starting character;

encrypting a data packet to be transmitted by using the encryption key according to a preset encryption algorithm;

and sending the encrypted data packet to be sent.

In an exemplary embodiment of the present disclosure, acquiring and storing a random string as a source of an encryption key includes:

sending a random character string acquisition request to a server;

receiving a random character string generated after the server passes the verification;

and storing the random character string.

In an exemplary embodiment of the present disclosure, the specific characteristic information about the packet transmission with the server includes: and sending the data of the preset position in the last data packet to the server before the data packet to be sent.

In an exemplary embodiment of the present disclosure, the specific characteristic information about the packet transmission with the server includes: and sending the last data packet to the server before the data packet to be sent.

In an exemplary embodiment of the disclosure, determining a starting character of an encryption key selected from the random string according to a result of the specified digest operation includes:

converting the result of the digest operation into a number;

performing modular operation on the preset length of the number pair, which is less than or equal to the length of the random character string, to obtain a modular operation result;

and determining the character on the random character string corresponding to the modular operation result as the initial character of the encryption key.

In an exemplary embodiment of the disclosure, obtaining an encryption key in the random string starting from the start character comprises:

in the random character string, starting from the starting character, taking one character every predetermined number of characters until a predetermined number of characters are taken;

and combining the extracted characters according to the extracted sequence to be used as the encryption key.

In an exemplary embodiment of the present disclosure, in the random character string, taking one character every predetermined number of characters from the start character until a predetermined number of characters are taken, includes: if the character number of the interval between the character acquired when the character is acquired every predetermined number of characters and the last character of the random character string is less than or equal to the predetermined number, all the characters of the random character string are sequentially added behind the last character, the character is acquired every predetermined number of characters from the initial character again for the obtained new random character string, and the predetermined number of characters is acquired until the predetermined number of characters is acquired.

According to a second aspect of the present disclosure, there is provided an apparatus for dynamically encrypting data, comprising:

the first acquisition module is used for acquiring the random character string;

the operation module is used for carrying out specified abstract operation on the specified characteristic information transmitted by the data packet;

a second obtaining module, configured to obtain the encryption key;

an encryption module for encrypting the data packet;

and the sending module is used for sending the encrypted data packet to be sent.

According to a third aspect of the present disclosure, there is provided an electronic device for dynamically encrypting data, comprising:

a receiver configured to receive the random string;

a processor configured to perform any of the methods described above;

and the transmitter is configured to transmit the encrypted data packet to be transmitted.

According to a fourth aspect of the present disclosure, there is provided a computer readable program medium storing computer program instructions which, when executed by a computer, cause the computer to perform the method described above.

According to a fifth aspect of the present disclosure, there is provided a method of dynamically decrypting data, comprising:

receiving an encrypted data packet from a client;

acquiring and storing a random character string as a decryption key source, wherein the random character string as the decryption key source is the same as a random character string from an encryption key used for encrypting the encrypted data packet;

performing specified summary operation on specified characteristic information about data packet transmission with the client;

determining to select an initial character of a decryption key from the random character string according to the result of the specified abstract operation;

starting from the initial character, acquiring a decryption key in the random character string;

and decrypting the encrypted data packet by using the decryption algorithm according to a preset decryption algorithm, wherein the decryption algorithm corresponds to the encryption algorithm adopted by the encryption of the encrypted data packet.

According to a sixth aspect of the present disclosure, there is provided an apparatus for dynamically decrypting data, comprising:

the receiving module is used for receiving the encrypted data packet from the client;

the first acquisition module is used for acquiring the random character string;

a second obtaining module, configured to obtain the decryption key;

and the decryption module is used for decrypting the encrypted data packet.

According to a seventh aspect of the present disclosure, there is provided an electronic device for dynamically decrypting data, comprising:

a transmitter configured to transmit the random string to a client;

a receiver configured to receive the encrypted data packet from the client;

a processor configured to perform the method of dynamically decrypting data.

According to an eighth aspect of the present disclosure, there is provided a computer readable program medium storing computer program instructions which, when executed by a computer, cause the computer to perform a method of dynamically decrypting data.

Compared with the conventional technology in which the key pair used for data encryption and decryption is fixed, the embodiment of the disclosure obtains the dynamically changing encryption and decryption key by dynamically processing the random character string, applies the dynamically changing encryption and decryption key to data transmission, and improves the security of data transmission.

Additional features and advantages of the disclosure will be set forth in the detailed description which follows, or in part will be obvious from the description, or may be learned by practice of the disclosure.

It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the disclosure.

Drawings

Fig. 1 shows a flow diagram of a method of dynamically encrypting data according to an example embodiment of the present disclosure.

Fig. 2 illustrates a block diagram of an apparatus for dynamically encrypting data according to an example embodiment of the present disclosure.

Fig. 3 shows a block diagram of an apparatus for dynamically decrypting data according to an example embodiment of the present disclosure.

Fig. 4 shows a detailed flowchart of acquiring and storing a random string as a source of an encryption key according to an example embodiment of the present disclosure.

Fig. 5 shows a detailed flowchart for determining a starting character for selecting an encryption key from the random string according to a result of the specified digest operation according to an example embodiment of the present disclosure.

Fig. 6 shows a detailed flow chart for obtaining an encryption key in the random string starting from the start character according to an example embodiment of the present disclosure.

FIG. 7 shows a flow diagram for dynamically decrypting data according to an example embodiment of the present disclosure.

Fig. 8 illustrates an electronic device diagram of a dynamic encryption data device according to an example embodiment of the present disclosure.

FIG. 9 illustrates a computer-readable storage medium diagram of a dynamic encryption data system according to an example embodiment of the present disclosure.

FIG. 10 shows an electronic device diagram of a dynamic decryption data device, according to an example embodiment of the present disclosure.

FIG. 11 illustrates a computer-readable storage medium diagram of a dynamic decryption data system, according to an example embodiment of the present disclosure.

Detailed Description

Example embodiments will now be described more fully with reference to the accompanying drawings. Example embodiments may, however, be embodied in many different forms and should not be construed as limited to the examples set forth herein; rather, these embodiments are provided so that this disclosure will be thorough and complete, and will fully convey the concept of example embodiments to those skilled in the art. The described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the following description, numerous specific details are provided to give a thorough understanding of embodiments of the disclosure. One skilled in the relevant art will recognize, however, that the subject matter of the present disclosure can be practiced without one or more of the specific details, or with other methods, components, devices, steps, and the like. In other instances, well-known technical solutions have not been shown or described in detail to avoid obscuring aspects of the present disclosure.

Furthermore, the drawings are merely schematic illustrations of the present disclosure and are not necessarily drawn to scale. The same reference numerals in the drawings denote the same or similar parts, and thus their repetitive description will be omitted. Some of the block diagrams shown in the figures are functional entities and do not necessarily correspond to physically or logically separate entities. These functional entities may be implemented in the form of software, or in one or more hardware modules or integrated circuits, or in different networks and/or processor devices and/or microcontroller devices.

The purpose of the present disclosure is to realize dynamic data encryption from the technical aspect and improve the security of data encryption. The method for dynamically encrypting data according to one embodiment of the present disclosure includes: acquiring and storing a random character string serving as an encryption key source; performing specified abstract operation on specified characteristic information about data packet transmission with a server; determining an initial character of an encryption key selected from the random character string according to the result of the specified abstract operation; obtaining an encryption key in the random character string starting from the starting character; encrypting a data packet to be transmitted by using the encryption key according to a preset encryption algorithm; and sending the encrypted data packet to be sent. Compared with the conventional technology in which the key pair used for data encryption and decryption is fixed, the embodiment of the disclosure obtains the dynamically changing encryption and decryption key by dynamically processing the random character string, applies the dynamically changing encryption and decryption key to data transmission, and improves the security of data transmission.

It should be understood that, as an exemplary illustration, the "characters" described in this embodiment are encoded using ASCII code, but do not represent that the method protected by the present invention is limited to ASCII code encoded characters.

Fig. 1 shows a flow diagram of a method of dynamically encrypting data according to an example embodiment of the present disclosure:

step S100: acquiring and storing a random character string serving as an encryption key source;

step S110: performing specified abstract operation on specified characteristic information about data packet transmission with a server;

step S120: determining the initial character of the encryption key selected from the random character string according to the result of the specified abstract;

step S130: obtaining an encryption key in the random character string starting from the starting character;

step S140: encrypting a data packet to be transmitted by using the encryption key according to a preset encryption algorithm;

step S150: and sending the encrypted data packet to be sent.

Hereinafter, each step of the above-described dynamic encryption data in the present exemplary embodiment will be explained and explained in detail with reference to the drawings.

In step S100, a random string that is the source of the encryption key is acquired and stored.

A random string refers to a string of random characters generated by a server, which is used to obtain an encryption key therefrom.

In one embodiment, as shown in fig. 4, step S100 includes:

step S1001: sending a random character string acquisition request to a server;

step S1002: receiving a random character string generated after the server passes the verification;

step S1003: and storing the random character string.

By acquiring and storing the random character string as the encryption key, the consistency of the random character string stored and used by the client and the server is ensured, so that the server can acquire the encryption key used by the client for encrypting the data packet according to the random character string in the subsequent process.

In one embodiment, a client sends a login request and a random string acquisition request to a server. The server verifies the identity of the client, responds to a login request and a random character string acquisition request sent by the client after the client passes the verification, generates a string of random character strings by using a random character string generator, stores the string of random character strings in a database of the server and sends the string of random character strings to the client. And the client receives the random character string and stores the random character string into a client database. In this way, both the client and the server store the same random string.

In step S110, a specific digest operation is performed on specific characteristic information about packet transmission with the server.

The specific characteristic information is information included in a predetermined specific part associated with the packet.

The digest operation is an operation performed using a digest algorithm. The digest algorithm is also called hash algorithm or hash algorithm. The abstract algorithm has the following three algorithms: MD, SHA, MAC.

Because the characteristic information changes with different data packets to be sent, the result obtained by performing summary operation on the characteristic information also changes dynamically. The dynamically changing digest operation result is to be used to determine an encryption key, and thus the dynamic change of the digest operation result is a precondition for implementing dynamic encryption. By the method, the purpose of obtaining the dynamically changed abstract operation result is achieved.

In one embodiment, the specific characteristic information about the data packet transmission with the server includes: and sending the data of the preset position in the last data packet to the server before the data packet to be sent. For example: and taking the last 10 bytes of the last data packet sent to the server before the data packet to be sent as the designated characteristic information, and performing MD5 operation on the last 10 bytes of the last data packet. And for the first data packet to be sent, performing MD5 operation by taking the last 10 bytes of the random character string as the specified characteristic information. If the random string is less than 10 bytes, a number of characters "0" are successively added in front of the random string until the random string has 10 bytes. And taking the random character string with 10 bytes added with the character "0" as the specified characteristic information of the first data packet to be sent.

In one embodiment, the specific characteristic information about the data packet transmission with the server includes: and sending the last data packet to the server before the data packet to be sent. And taking the last data packet sent to the server as the characteristic information of the data packet to be sent. And regarding the first data packet to be sent, taking the random character string as the characteristic information of the first data packet.

In step S120, according to the result of the specified digest operation, determining a starting character of an encryption key selected from the random string, as shown in fig. 5, includes:

step S1201: converting the result of the digest operation into a number;

step S1202: performing modular operation on the preset length of the number pair, which is less than or equal to the length of the random character string, to obtain a modular operation result;

step S1203: and determining the character on the random character string corresponding to the modular operation result as the initial character of the encryption key.

Since the result of the digest operation is dynamically changed, by this method, the purpose is achieved that the starting character of the encryption key determined by the result of the digest operation is also dynamically changed.

In one embodiment, the result of the summarization operation is expressed in 16-ary, and is expressed in 10-ary, and the result of the summarization operation is converted into 10-ary numbers in uniform with the length of the random character string expressed in 10-ary. For example, the result of the digest operation is 3000000007 after being converted into 10-ary. The length of the random string is 20 bytes, and the predetermined length needs to be determined as a number less than or equal to 20. The predetermined length is determined to be 15, and the result of modulo operation is 7 by performing modulo operation on 15 using 3000000007. The 7 th character on the litigation random string is determined to be the starting character of the encryption key. The predetermined length is determined to be less than or equal to the length of the random character string, so that the length of the random character string is not exceeded by a modular operation result, and the condition that the initial character cannot be selected is avoided.

In step S130, starting from the starting character, an encryption key is obtained in the random string, as shown in fig. 6, including:

step S1301: in the random character string, starting from the starting character, taking one character every predetermined number of characters until a predetermined number of characters are taken;

step S1302: and combining the extracted characters according to the extracted sequence to be used as the encryption key.

The purpose of obtaining the encryption key is achieved by selecting characters from the random character string and sequentially combining the characters.

In one embodiment, the random string is "aFk 980dhb254YVjP 1", 5 characters are predetermined to be fetched, the starting character is "9", and the determined predetermined number of spaces is 2, i.e., one character is fetched every two characters. The 5 characters taken out in order are "9", "d", "2", "Y", "P", and the character string thus composed is "9 d2 YP". The character string "9 d2 YP" is used as the encryption key.

In one embodiment, in the random string, taking one character every predetermined number of characters from the start character until a predetermined number of characters are taken, includes: if the character number of the interval between the character acquired when the character is acquired every predetermined number of characters and the last character of the random character string is less than or equal to the predetermined number, all the characters of the random character string are sequentially added behind the last character, the character is acquired every predetermined number of characters from the initial character again for the obtained new random character string, and the predetermined number of characters is acquired until the predetermined number of characters is acquired. For example, the random character string is "aFk 980dhb254YVjP 1", 7 characters are predetermined to be fetched, the start character is "9", and the determined predetermined number of intervals is 3, i.e., one character is fetched every three characters. The characters extracted in this order are "9", "h", "4" and "P", and when the character "P" is extracted, the number of characters spaced from the last character is 0. And sequentially adding all the characters of the random character string after the last character to obtain a new random character string 'aFk 980dhb254YVjP1aFk980dhb254YVjP 1'. Starting with the starting character, in this example, every third character, starting with the first character "9". The characters extracted in this order are "9", "h", "4", "P", "k", "d" and "5", and the character string thus composed is "9 h4Pkd 5". The character string "9 h4Pkd 5" is used as the encryption key.

In step S140, the data packet to be transmitted is encrypted using the encryption key according to a predetermined encryption algorithm.

The predetermined encryption algorithm is an encryption algorithm agreed by both parties in a communication protocol established when the client establishes a connection with the server.

In this way, encryption of the data packet is achieved.

In one embodiment, the communication protocol established when the two parties establish a connection agrees to encrypt data using the DES symmetric encryption algorithm. An encryption key of 8-bit characters is obtained from the random string and the data packet is encrypted using the encryption key.

In step S150, the encrypted data packet to be transmitted is transmitted.

By the method, the transmission of the encrypted data packet to be transmitted is realized.

FIG. 7 shows a flow diagram for dynamically decrypting data, according to an example embodiment of the present disclosure:

step S200: receiving an encrypted data packet from a client;

step S210: acquiring and storing a random character string as a decryption key source, wherein the random character string as the decryption key source is the same as a random character string from an encryption key used for encrypting the encrypted data packet;

step S220: performing a specified digest operation on specified characteristic information about packet transmission with the client

Step S230: determining to select an initial character of a decryption key from the random character string according to the result of the specified abstract operation;

step S240: starting from the initial character, acquiring a decryption key in the random character string;

step S250: and decrypting the encrypted data packet by using the decryption algorithm according to a preset decryption algorithm, wherein the decryption algorithm corresponds to the encryption algorithm adopted by the encryption of the encrypted data packet.

In an embodiment, after the server establishes connection with the client, the server stores the generated random character string and sends the random character string to the client. In the communication protocol used for establishing connection between the two, appointed characteristic information, an appointed digest algorithm, a specific mode for determining a key and an algorithm for encryption and decryption are agreed. And after receiving the encrypted data packet from the client, the server performs summary operation on the specified characteristic information, and the obtained summary operation result is consistent with the summary operation result obtained by the client. The server converts the result of the digest operation into 10-system digits, performs a modular operation on a preset length which is less than or equal to the length of the random character string by using the digits, and determines a character on the random character string corresponding to the modular operation result as a starting character of the decryption key.

In step S240, a decryption key is obtained in the random string starting from the start character.

In one embodiment, the DES is used as an encryption and decryption algorithm in the communication protocol agreed by the server and the client, so that the encryption key is the same as the decryption key. The random character string is "aFk 980dhb254YVjP 1", 5 characters are predetermined to be taken out, the start character is "9", and the determined predetermined number of intervals is 2, i.e., one character is taken out every two characters. The 5 characters taken out in order are "9", "d", "2", "Y", "P", and the character string thus composed is "9 d2 YP". The character string "9 d2 YP" is used as the decryption key.

In another embodiment, the DES is used as an encryption and decryption algorithm in the communication protocol agreed by the server and the client, so that the encryption key is the same as the decryption key. The random character string is "aFk 980dhb254YVjP 1", 7 characters are predetermined to be taken out, the start character is "9", and the determined number of predetermined intervals is 3. The characters thus extracted in this order are "9", "h", "4" and "P", and when the character "P" is extracted, the number of characters spaced from the last character is 0. And sequentially adding all the characters of the random character string to the back of the last character to obtain a new random character string 'aFk 980dhb254YVjP1aFk980dhb254YVjP 1'. Starting with the starting character, in this example, every third character, starting with the first character "9". The characters extracted in this order are "9", "h", "4", "P", "k", "d" and "5", and the character string thus composed is "9 h4Pkd 5". The character string "9 h4Pkd 5" is used as the decryption key.

In step S250, the encrypted data packet is decrypted by using the decryption algorithm according to a predetermined decryption algorithm, where the decryption algorithm corresponds to the encryption algorithm used by the encrypted data packet.

In one embodiment, DES is used as an encryption and decryption algorithm in the communication protocol agreed by the server and the client. And after the server acquires the decryption key, the DES decryption algorithm is applied, and the received encrypted data packet is decrypted by using the decryption key.

As shown in fig. 2, in an embodiment, an apparatus for dynamically encrypting data is provided, which specifically includes: a first obtainingmodule 310, anoperation module 320, a second obtainingmodule 330, anencryption module 340, and a sendingmodule 350.

A first obtainingmodule 310, configured to obtain the random character string;

theoperation module 320 is configured to perform specified abstract operation on the specified feature information transmitted by the data packet;

a second obtainingmodule 330, configured to obtain the encryption key;

anencryption module 340 for encrypting the data packet;

a sendingmodule 350, configured to send the encrypted data packet to be sent.

The implementation process of the functions and actions of each module in the above device is specifically described in the implementation process of the corresponding step in the above method for dynamically encrypting data, and is not described herein again.

As shown in fig. 3, in an embodiment, an apparatus for dynamically decrypting data is provided, which specifically includes: the device comprises a receivingmodule 410, a first obtainingmodule 420, anoperation module 430, a second obtainingmodule 440 and adecryption module 450.

A receivingmodule 410, configured to receive an encrypted data packet from a client;

a first obtainingmodule 420, configured to obtain the random character string;

theoperation module 430 is configured to perform specified abstract operation on the specified feature information transmitted by the data packet;

a second obtainingmodule 440, configured to obtain the decryption key;

and adecryption module 450, configured to decrypt the encrypted data packet.

The implementation process of the functions and actions of each module in the above device is specifically described in the implementation process of the corresponding step in the above method for dynamically decrypting data, and is not described herein again.

It should be noted that although in the above detailed description several modules or units of the device for action execution are mentioned, such a division is not mandatory. Indeed, the features and functionality of two or more modules or units described above may be embodied in one module or unit, according to embodiments of the present disclosure. Conversely, the features and functions of one module or unit described above may be further divided into embodiments by a plurality of modules or units.

Moreover, although the steps of the methods of the present disclosure are depicted in the drawings in a particular order, this does not require or imply that the steps must be performed in this particular order, or that all of the depicted steps must be performed, to achieve desirable results. Additionally or alternatively, certain steps may be omitted, multiple steps combined into one step execution, and/or one step broken down into multiple step executions, etc.

Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which may be a personal computer, a server, a mobile terminal, or a network device, etc.) to execute the method according to the embodiments of the present disclosure.

Anelectronic device 500 according to this embodiment of the invention is described below with reference to fig. 8. Theelectronic device 500 shown in fig. 8 is only an example, and should not bring any limitation to the functions and the scope of use of the embodiments of the present invention.

As shown in fig. 8, theelectronic device 500 is embodied in the form of a general purpose computing device. The components of theelectronic device 500 may include, but are not limited to: the at least oneprocessing unit 510, the at least onememory unit 520, and abus 530 that couples various system components including thememory unit 520 and theprocessing unit 510.

Wherein the storage unit stores program code that is executable by theprocessing unit 510 to cause theprocessing unit 510 to perform steps according to various exemplary embodiments of the present invention as described in the above section "exemplary methods" of the present specification. For example, theprocessing unit 510 may perform step S100 as shown in fig. 1: acquiring and storing a random character string serving as an encryption key source; step S110: performing specified abstract operation on specified characteristic information about data packet transmission with a server; step S120: determining an initial character of an encryption key selected from the random character string according to the result of the specified abstract operation; step S130: obtaining an encryption key in the random character string starting from the starting character; step S140: encrypting a data packet to be transmitted by using the encryption key according to a preset encryption algorithm; step S150: and sending the encrypted data packet to be sent.

Thememory unit 520 may include a readable medium in the form of a volatile memory unit, such as a random access memory unit (RAM)5201 and/or acache memory unit 5202, and may further include a read only memory unit (ROM) 5203.

Storage unit 520 may also include a program/utility 5204 having a set (at least one) ofprogram modules 5205,such program modules 5205 including, but not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.

Bus 530 may be one or more of any of several types of bus structures including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or a local bus using any of a variety of bus architectures.

Theelectronic device 500 may also communicate with one or more external devices 700 (e.g., keyboard, pointing device, bluetooth device, etc.), with one or more devices that enable a user to interact with theelectronic device 500, and/or with any devices (e.g., router, modem, etc.) that enable theelectronic device 500 to communicate with one or more other computing devices. Such communication may occur via input/output (I/O) interfaces 550. Also, theelectronic device 500 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the internet) via thenetwork adapter 560. As shown, thenetwork adapter 560 communicates with the other modules of theelectronic device 500 over thebus 530. It should be appreciated that although not shown in the figures, other hardware and/or software modules may be used in conjunction with theelectronic device 500, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.

An electronic device 500' according to this embodiment of the invention is described below with reference to fig. 10. The electronic device 500' shown in fig. 8 is only an example and should not bring any limitation to the functions and the scope of use of the embodiments of the present invention.

As shown in fig. 10, the electronic device 500' is embodied in the form of a general purpose computing device. The components of the electronic device 500' may include, but are not limited to: the at least one processing unit 510 ', the at least one memory unit 520 ', and a bus 530 ' connecting the various system components (including the memory unit 520 ' and the processing unit 510 ').

Wherein the storage unit stores program code that is executable by the processing unit 510 'to cause the processing unit 510' to perform steps according to various exemplary embodiments of the present invention as described in the above section "exemplary methods" of the present specification. For example, the processing unit 510' may perform step S200 as shown in fig. 7: receiving an encrypted data packet from a client; step S210: acquiring and storing a random character string as a decryption key source, wherein the random character string as the decryption key source is the same as a random character string from an encryption key used for encrypting the encrypted data packet; step S220: performing specified summary operation on specified characteristic information about data packet transmission with the client; step S230: determining to select an initial character of a decryption key from the random character string according to the result of the specified abstract operation; step S240: starting from the initial character, acquiring a decryption key in the random character string; step S250: and decrypting the encrypted data packet by using the decryption algorithm according to a preset decryption algorithm, wherein the decryption algorithm corresponds to the encryption algorithm adopted by the encryption of the encrypted data packet.

The storage unit 520 'may include a readable medium in the form of a volatile storage unit, such as a random access memory unit (RAM) 5201' and/or a cache memory unit 5202 ', and may further include a read only memory unit (ROM) 5203'.

Storage unit 520 'may also include a program/utility 5204' having a set (at least one) of program modules 5205 ', such program modules 5205' include, but are not limited to: an operating system, one or more application programs, other program modules, and program data, each of which, or some combination thereof, may comprise an implementation of a network environment.

Bus 530' may be a local bus representing one or more of several types of bus structures, including a memory unit bus or memory unit controller, a peripheral bus, an accelerated graphics port, a processing unit, or any of a variety of bus architectures.

The electronic device 500 'may also communicate with one or more external devices 700' (e.g., keyboard, pointing device, bluetooth device, etc.), with one or more devices that enable a user to interact with the electronic device 500 ', and/or with any devices (e.g., router, modem, etc.) that enable the electronic device 500' to communicate with one or more other computing devices. Such communication may occur via input/output (I/O) interfaces 550'. Also, the electronic device 500 'may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the internet) via the network adapter 560'. As shown, the network adapter 560 ' communicates with the other modules of the electronic device 500 ' via the bus 530 '. It should be appreciated that although not shown in the figures, other hardware and/or software modules may be used in conjunction with the electronic device 500', including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.

Through the above description of the embodiments, those skilled in the art will readily understand that the exemplary embodiments described herein may be implemented by software, or by software in combination with necessary hardware. Therefore, the technical solution according to the embodiments of the present disclosure may be embodied in the form of a software product, which may be stored in a non-volatile storage medium (which may be a CD-ROM, a usb disk, a removable hard disk, etc.) or on a network, and includes several instructions to enable a computing device (which may be a personal computer, a server, a terminal device, or a network device, etc.) to execute the method according to the embodiments of the present disclosure.

In an exemplary embodiment of the present disclosure, there is also provided a computer-readable storage medium having stored thereon a program product capable of implementing the above-described method of the present specification. In some possible embodiments, aspects of the invention may also be implemented in the form of a program product comprising program code means for causing a terminal device to carry out the steps according to various exemplary embodiments of the invention described in the above section "exemplary methods" of the present description, when said program product is run on the terminal device.

Referring to fig. 9, aprogram product 600 for implementing the above method according to an embodiment of the present invention is described, which may employ a portable compact disc read only memory (CD-ROM) and include program code, and may be run on a terminal device, such as a personal computer. However, the program product of the present invention is not limited in this regard and, in the present document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.

Referring to fig. 11, a program product 600' for implementing the above method according to an embodiment of the present invention is described, which may employ a portable compact disc read only memory (CD-ROM) and include program code, and may be run on a terminal device, such as a personal computer. However, the program product of the present invention is not limited in this regard and, in the present document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.

The program product may employ any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.

A computer readable signal medium may include a propagated data signal with readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.

Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.

Program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server. In the case of a remote computing device, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., through the internet using an internet service provider).

Furthermore, the above-described figures are merely schematic illustrations of processes involved in methods according to exemplary embodiments of the invention, and are not intended to be limiting. It will be readily understood that the processes shown in the above figures are not intended to indicate or limit the chronological order of the processes. In addition, it is also readily understood that these processes may be performed synchronously or asynchronously, e.g., in multiple modules.

Other embodiments of the disclosure will be apparent to those skilled in the art from consideration of the specification and practice of the disclosure disclosed herein. This application is intended to cover any variations, uses, or adaptations of the disclosure following, in general, the principles of the disclosure and including such departures from the present disclosure as come within known or customary practice within the art to which the disclosure pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the disclosure being indicated by the following claims.

Claims

1. A method for dynamically encrypting data, comprising:

and sending the encrypted data packet to be sent.

2. The method of claim 1, wherein obtaining and storing the random string as a source of the encryption key comprises:

sending a random character string acquisition request to a server;

and storing the random character string.

3. The method of claim 1, wherein the specific characteristic information regarding the transmission of the data packet with the server comprises: and sending the data of the preset position in the last data packet to the server before the data packet to be sent.

4. The method of claim 1, wherein the specific characteristic information regarding the transmission of the data packet with the server comprises: and sending the last data packet to the server before the data packet to be sent.

5. The method of claim 1, wherein determining a starting character for selecting an encryption key from said random string based on a result of said prescribed digest operation comprises:

converting the result of the digest operation into a number;

6. The method of claim 1, wherein obtaining an encryption key in the random string starting at the starting character comprises:

7. The method of claim 6, wherein taking a character every predetermined number of characters from the starting character until a predetermined number of characters are taken in the random string comprises: if the character number of the interval between the character acquired when the character is acquired every predetermined number of characters and the last character of the random character string is less than or equal to the predetermined number, all the characters of the random character string are sequentially added behind the last character, the character is acquired every predetermined number of characters from the initial character again for the obtained new random character string, and the predetermined number of characters is acquired until the predetermined number of characters is acquired.

8. A method for dynamically decrypting data, comprising:

receiving an encrypted data packet from a client;

9. An apparatus for dynamically encrypting data, comprising:

the first acquisition module is used for acquiring and storing the random character string as the source of the encryption key;

the operation module is used for carrying out specified abstract operation on specified characteristic information about data packet transmission with the server;

the determining module is used for determining the initial character of the encryption key selected from the random character string according to the result of the specified abstract operation;

a second obtaining module, configured to obtain an encryption key in the random string starting from the start character;

the encryption module is used for encrypting the data packet to be sent by using the encryption key according to a preset encryption algorithm;

10. An electronic device for dynamically encrypting data, comprising:

a memory storing computer readable instructions;

a processor reading computer readable instructions stored by the memory to perform the method of any of claims 1-7.

11. A computer-readable program medium storing computer program instructions which, when executed by a computer, cause the computer to perform the method according to any one of claims 1 to 7.

12. An apparatus for dynamically decrypting data, comprising:

the first acquisition module is used for acquiring and storing a random character string as a decryption key source, wherein the random character string as the decryption key source is the same as a random character string from an encryption key used for encrypting the encrypted data packet;

the operation module is used for carrying out specified abstract operation on specified characteristic information about data packet transmission with the client;

the determining module is used for determining the initial character of the decryption key selected from the random character string according to the result of the specified abstract operation;

a second obtaining module, configured to obtain, from the starting character, a decryption key in the random character string;

and the decryption module is used for decrypting the encrypted data packet by using the decryption algorithm according to a preset decryption algorithm, wherein the decryption algorithm corresponds to the encryption algorithm adopted by the encryption of the encrypted data packet.

13. An electronic device for dynamically decrypting data, comprising:

a memory storing computer readable instructions;

a processor that reads computer readable instructions stored by the memory to perform the method recited in claim 8.

14. A computer-readable program medium storing computer program instructions which, when executed by a computer, cause the computer to perform the method of claim 8.