Disclosure of Invention
The invention aims to provide a data transmission method, a data transmission device, data transmission equipment and a data transmission system, so as to improve the data security in the data transmission process.
In order to achieve the purpose, the invention provides the following technical scheme:
a data transmission method is applied to a client and comprises the following steps:
sending client identity information to a server through a block chain network link so that the server verifies the client identity information, and if the verification is passed, returning the server identity information;
verifying the identity information of the server, and if the identity information passes the verification, sending a client MAC address and a randomly generated key to the server through the block chain network link so that the server returns a confirmation message of receiving the client MAC address and the key;
and sending the encrypted data to the server so that the server decrypts the encrypted data by using the key to obtain original data, wherein the encrypted data is obtained by encrypting the key.
Preferably, the sending the client identity information to the server through the blockchain network link is performed so that the server verifies the client identity information, and if the verification is passed, the returning of the server identity information includes:
and sending client identity information containing a client public key to a server through a block chain network link so that the server can store the client public key and verify the client identity information, and if the verification is passed, returning the server identity information containing the server public key.
Preferably, the verifying the identity information of the server, and if the verification is passed, sending a client MAC address and a randomly generated key to the server through the blockchain network link, so that the server returns a confirmation message that the client MAC address and the key have been received, includes:
storing the server public key, verifying the server identity information, if the verification is passed, randomly generating the secret key, encrypting the client MAC address and the secret key by using the server public key to obtain an encrypted message, sending the encrypted message to the server through the block chain network link, so that the server decrypts the encrypted message by using a server private key to obtain the client MAC address and the secret key, generating a confirmation message of receiving the client MAC address and the secret key, encrypting the confirmation message by using the client public key, and returning the encrypted confirmation message.
Preferably, the sending the encrypted data to the server so that the server decrypts the encrypted data by using the key to obtain the original data includes:
and decrypting the confirmation message by using a client private key, and sending encrypted data to the server so that the server decrypts the encrypted data by using the key to obtain original data.
Preferably, the sending the encrypted data to the server includes:
and sending the encrypted data to the server through a public network link.
A data transmission method is applied to a server and comprises the following steps:
receiving client identity information sent by a client through a block chain network link, verifying the client identity information, if the client identity information passes the verification, returning server identity information to the client so that the client can verify the server identity information, and if the client identity information passes the verification, sending a client MAC address and a randomly generated key through the block chain network link;
returning a confirmation message of receiving the MAC address of the client and the secret key to the client so that the client can send encrypted data, wherein the encrypted data is obtained by encrypting the secret key;
and decrypting the encrypted data by using the key to obtain original data.
A data transmission device is applied to a client and comprises:
the system comprises a sending module, a receiving module and a sending module, wherein the sending module is used for sending client identity information to a server through a block chain network link so that the server can verify the client identity information, and if the verification is passed, the server returns the server identity information;
the execution module is used for verifying the identity information of the server, and if the identity information of the server passes the verification, a client MAC address and a randomly generated key are sent to the server through the block chain network link, so that the server returns a confirmation message of receiving the client MAC address and the key;
and the transmission module is used for sending the encrypted data to the server so that the server can decrypt the encrypted data by using the key to obtain the original data, and the encrypted data is obtained by encrypting the key.
A data transmission device is applied to a server and comprises:
the receiving module is used for receiving client identity information sent by a client through a block chain network link, verifying the client identity information, if the client identity information passes the verification, returning server identity information to the client so that the client can verify the server identity information, and if the client identity information passes the verification, sending a client MAC address and a randomly generated key through the block chain network link;
a return module, configured to return a confirmation message that the MAC address and the secret key of the client have been received to the client, so that the client sends encrypted data, where the encrypted data is obtained by encrypting the secret key;
and the decryption module is used for decrypting the encrypted data by using the secret key to obtain the original data.
A data transmission device comprising:
a memory for storing a computer program;
a processor for implementing the steps of the data transmission method of any one of the above when executing the computer program.
A data transmission system comprising: client and server, wherein:
the client sends client identity information to the server through the blockchain network link so that the server can verify the client identity information, and if the verification is passed, the server returns the server identity information; the client verifies the identity information of the server, and if the verification is passed, the client sends the client MAC address and the randomly generated key to the server through the block chain network link so that the server returns a confirmation message of the received client MAC address and key; the client sends the encrypted data to the server so that the server can decrypt the encrypted data by using the key to obtain original data, and the encrypted data is obtained by encrypting the key.
According to the scheme, the invention provides a data transmission method which is applied to a client and comprises the following steps: sending client identity information to a server through a block chain network link so that the server verifies the client identity information, and if the verification is passed, returning the server identity information; verifying the identity information of the server, and if the identity information passes the verification, sending a client MAC address and a randomly generated key to the server through the block chain network link so that the server returns a confirmation message of receiving the client MAC address and the key; and sending the encrypted data to the server so that the server decrypts the encrypted data by using the key to obtain original data, wherein the encrypted data is obtained by encrypting the key.
The invention also provides a data transmission method, which is applied to the server and comprises the following steps: receiving client identity information sent by a client through a block chain network link, verifying the client identity information, if the client identity information passes the verification, returning server identity information to the client so that the client can verify the server identity information, and if the client identity information passes the verification, sending a client MAC address and a randomly generated key through the block chain network link; returning a confirmation message of receiving the MAC address of the client and the secret key to the client so that the client can send encrypted data, wherein the encrypted data is obtained by encrypting the secret key; and decrypting the encrypted data by using the key to obtain original data.
Therefore, the method checks the identity information of the client and the server through the block chain network link, so that a malicious tamperer can be prevented from stealing the identity information of the client and the server and a key for encrypting data; that is to say, the client and the server are both nodes in the blockchain network, and the blockchain network has higher security and a tamper-proof mechanism, so that the identity information of the client and the server and a key for encrypting data are protected higher safely, and the data security is improved; meanwhile, the key for encrypting data is randomly generated by the client, namely: the key used for encrypting data can be changed randomly, so that the data security in the data transmission process is further improved.
Correspondingly, the data transmission device, the equipment and the system provided by the invention also have the technical effects.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
The embodiment of the invention discloses a data transmission method, a data transmission device, data transmission equipment and a data transmission system, which are used for improving data security in a data transmission process.
Referring to fig. 1, a first data transmission method provided in the embodiment of the present invention is applied to a client, and includes:
s101, sending client identity information to a server through a block chain network link so that the server can verify the client identity information, and if the verification is passed, returning the server identity information;
it should be noted that, the sending of the client identity information to the server via the blockchain network link is convenient for the server to verify the client identity information, and if the verification is passed, the returning of the server identity information includes: and sending the client identity information containing the client public key to the server through the block chain network link so that the server can store the client public key and verify the client identity information, and if the verification is passed, returning the server identity information containing the server public key.
Specifically, when the client sends the client identity information, the client carries the client public key, so that the server can store the client public key and verify the client identity information; and if the server side verifies that the client side identity information passes, returning the server side identity information containing the self public key to the client side so that the client side can store the server side public key and verify the server side identity information. Therefore, the client and the server exchange public keys with each other through the blockchain network link and verify the identity of the other party. Because the public key exchange is transmitted through the block chain network link, the public keys of the two parties can be ensured not to be stolen.
S102, verifying the identity information of the server, and if the identity information passes the verification, sending the MAC address of the client and the randomly generated key to the server through the block chain network link so that the server can return a confirmation message of the received MAC address and the key of the client;
it should be noted that, verifying the identity information of the server, and if the verification is passed, sending the MAC address of the client and the randomly generated key to the server through the blockchain network link, so that the server returns a confirmation message of the received MAC address and key of the client, includes: storing a server public key, verifying the server identity information, if the verification is passed, randomly generating a secret key, encrypting the client MAC address and the secret key by using the server public key to obtain an encrypted message, sending the encrypted message to the server through a block chain network link so that the server decrypts the encrypted message by using a server private key to obtain the client MAC address and the secret key, generating a confirmation message of the received client MAC address and the secret key, encrypting the confirmation message by using the client public key, and returning the encrypted confirmation message.
Specifically, if the client verifies that the identity information of the server passes, the client MAC address and the randomly generated key are sent to the server through the blockchain network link, so that the server can obtain the client MAC address and the key for encrypting data, and the preparation before data transmission is completed. The client is ready to send the data to be transmitted.
S103, sending the encrypted data to the server side so that the server side can decrypt the encrypted data by using the key to obtain original data, wherein the encrypted data is obtained by encrypting the key.
It should be noted that, sending the encrypted data to the server, so that the server decrypts the encrypted data by using the key to obtain the original data, includes: and decrypting the confirmation message by using the client private key, and sending the encrypted data to the server so that the server decrypts the encrypted data by using the key to obtain the original data.
When the client receives the confirmation message returned by the server, the client indicates that the server is ready to receive data, so that the client sends the encrypted data to the server, and the server can decrypt the encrypted data by using the previously obtained key to obtain the original data, thereby completing data transmission.
After the server decrypts the original data, a confirmation message that the data has been received is returned to the client.
It should be noted that, sending the encrypted data to the server includes: and sending the encrypted data to the server through the public network link.
It should be noted that the client and the server are both nodes in the blockchain network, and both establish communication connection through the blockchain network link. The block chain network has higher security and a tamper-proof mechanism, so that the data transmission security of the client and the server is powerfully guaranteed. Therefore, since the identity information of the client and the server, the public key of the client, the public key of the server and the key for encrypting data are all safely guaranteed and can be prevented from being stolen, data can be transmitted through a public network link, and the data transmission cost can be saved.
That is, the client and the server establish communication connection through the blockchain network link and also establish communication connection through the public network link. The block chain network link is used for exchanging important information such as identity information of a client and a server, a client public key, a server public key, a key for encrypting data and the like; the public network link is used for transmitting data to be transmitted.
The method checks and signs the identity information of the client and the server through the blockchain network link, so that a malicious tamperer can be prevented from stealing the identity information of the client and the server and a key for encrypting data; that is to say, the client and the server are both nodes in the blockchain network, and the blockchain network has higher security and a tamper-proof mechanism, so that the identity information of the client and the server and a key for encrypting data are protected higher safely, and the data security is improved; meanwhile, the key for encrypting data is randomly generated by the client, namely: the key used for encrypting data can be changed randomly, so that the data security in the data transmission process is further improved.
The embodiment of the invention discloses a second data transmission method, and compared with the previous embodiment, the embodiment further explains and optimizes the technical scheme.
Referring to fig. 2, a second data transmission method provided in the embodiment of the present invention is applied to a server, and includes:
s201, receiving client identity information sent by a client through a block chain network link, verifying the client identity information, if the client identity information passes the verification, returning server identity information to the client so that the client can verify the server identity information, and if the client identity information passes the verification, sending a client MAC address and a randomly generated key through the block chain network link;
s202, returning a confirmation message of the received MAC address and the key of the client to the client so that the client can send encrypted data, wherein the encrypted data is obtained by encrypting the key;
s203, the encrypted data is decrypted by using the key to obtain the original data.
It should be noted that, in the embodiment, the data transmission process is described based on the server, and the specific flow is similar to that in the above embodiment, so that the detailed description is omitted here.
As can be seen, the second data transmission method is provided in this embodiment, in the method, the identity information of the client and the identity information of the server are checked and signed through the blockchain network link, so that a malicious falsifier can be prevented from stealing the identity information of the client and the identity information of the server and a key used for encrypting data; that is to say, the client and the server are both nodes in the blockchain network, and the blockchain network has higher security and a tamper-proof mechanism, so that the identity information of the client and the server and a key for encrypting data are protected higher safely, and the data security is improved; meanwhile, the key for encrypting data is randomly generated by the client, namely: the key used for encrypting data can be changed randomly, so that the data security in the data transmission process is further improved.
The embodiment of the invention discloses a third data transmission method, and compared with the previous embodiment, the embodiment further explains and optimizes the technical scheme.
Referring to fig. 3, a third data transmission method provided in the embodiment of the present invention includes:
s301, the client sends client identity information to the server through the block chain network link;
s302, the server side verifies the identity information of the client side, and if the verification is passed, the server side identity information is returned to the client side;
s303, the client verifies the identity information of the server, and if the verification is passed, the client sends the MAC address and the randomly generated key to the server through the block chain network link;
s304, the server side returns the received confirmation message of the MAC address and the key of the client side to the client side;
s305, the client sends encrypted data obtained through secret key encryption to the server;
s306, the server decrypts the encrypted data by using the key to obtain the original data.
It should be noted that, in this embodiment, the data transmission process is described based on the client and the server, and the specific flow thereof may refer to any one of the above embodiments, so that the details of this embodiment are not described herein again.
As can be seen, the present embodiment provides a third data transmission method, where the method performs signature verification on the identity information of the client and the server through a blockchain network link, so that a malicious tamperer can be prevented from stealing the identity information of the client and the server and a key used for encrypting data; that is to say, the client and the server are both nodes in the blockchain network, and the blockchain network has higher security and a tamper-proof mechanism, so that the identity information of the client and the server and a key for encrypting data are protected higher safely, and the data security is improved; meanwhile, the key for encrypting data is randomly generated by the client, namely: the key used for encrypting data can be changed randomly, so that the data security in the data transmission process is further improved.
Based on any of the above embodiments, it should be noted that, when the server acquires the original data, the server performs corresponding processing on the original data, and after the processing is completed, the processing result is fed back to the client. Before the processing result is fed back, the processing result is encrypted through the public key of the client, so that the safety of the processing result can be guaranteed.
Based on any of the above embodiments, it should be noted that, in the present invention, the specific verification process for verifying the identity information of the client by the server and the specific verification process for verifying the identity information of the server by the client may refer to the process of verifying the identity of the block link point in the existing block link network, and therefore, the description of this specification is omitted. The process of randomly generating the key and encrypting and decrypting by using the key at the client can also refer to the prior art, so the description is not repeated.
In the following, the first data transmission apparatus provided by the embodiment of the present invention is introduced, and the first data transmission apparatus described below and the first data transmission method described above may be referred to each other.
Referring to fig. 4, an embodiment of the present invention provides a first data transmission apparatus, which is applied to a client, and includes:
a sending module 401, configured to send client identity information to a server through a blockchain network link, so that the server verifies the client identity information, and if the verification passes, returns the server identity information;
an execution module 402, configured to verify the identity information of the server, and if the verification passes, send the client MAC address and the randomly generated key to the server through the blockchain network link, so that the server returns a confirmation message of the received client MAC address and key;
the transmission module 403 is configured to send the encrypted data to the server, so that the server decrypts the encrypted data by using the key to obtain original data, and the encrypted data is obtained by encrypting the key.
Preferably, the sending module is specifically configured to:
and sending the client identity information containing the client public key to the server through the block chain network link so that the server can store the client public key and verify the client identity information, and if the verification is passed, returning the server identity information containing the server public key.
Preferably, the execution module is specifically configured to:
storing a server public key, verifying the server identity information, if the verification is passed, randomly generating a secret key, encrypting the client MAC address and the secret key by using the server public key to obtain an encrypted message, sending the encrypted message to the server through a block chain network link so that the server decrypts the encrypted message by using a server private key to obtain the client MAC address and the secret key, generating a confirmation message of the received client MAC address and the secret key, encrypting the confirmation message by using the client public key, and returning the encrypted confirmation message.
Preferably, the transmission module is specifically configured to:
and decrypting the confirmation message by using the client private key, and sending the encrypted data to the server so that the server decrypts the encrypted data by using the key to obtain the original data.
Preferably, the transmission module is specifically configured to:
and sending the encrypted data to the server through the public network link.
The present embodiment provides a first data transmission apparatus, including: the device comprises a sending module, an execution module and a transmission module. Firstly, a sending module sends client identity information to a server through a block chain network link so that the server can verify the client identity information, and if the verification is passed, the server returns the server identity information; then the execution module verifies the identity information of the server, and if the verification is passed, the execution module sends the client MAC address and the randomly generated key to the server through the block chain network link so that the server can return a confirmation message of the received client MAC address and key; and finally, the transmission module sends the encrypted data to the server so that the server can decrypt the encrypted data by using the key to obtain the original data, and the encrypted data is obtained by encrypting the key. Therefore, all modules are in work and cooperation and each plays its own role, so that identity information of the client and the server is prevented from being stolen by a falsifier, a random key for encrypting data is prevented, and the data security is improved.
In the following, the second data transmission apparatus provided by the embodiment of the present invention is introduced, and the second data transmission apparatus described below and the second data transmission method described above may be referred to each other.
Referring to fig. 5, an embodiment of the present invention provides a second data transmission apparatus, applied to a server, including:
the receiving module 501 is configured to receive client identity information sent by a client through a blockchain network link, verify the client identity information, return server identity information to the client if the client identity information passes the verification, so that the client verifies the server identity information, and send a client MAC address and a randomly generated key through the blockchain network link if the client identity information passes the verification;
a returning module 502, configured to return a confirmation message of the received MAC address and the key of the client to the client, so that the client sends encrypted data, where the encrypted data is obtained by encrypting the key;
and a decryption module 503, configured to decrypt the encrypted data with the key to obtain the original data.
Preferably, the receiving module is specifically configured to:
the method comprises the steps of receiving client identity information which is sent by a client and contains a client public key through a block chain network link, storing the client public key, verifying the client identity information, returning server identity information containing the server public key to the client if the client identity information passes verification, so that the client verifies the server identity information, randomly generating a secret key if the client identity information passes verification, encrypting a client MAC address and the secret key by using the server public key to obtain an encrypted message, and sending the encrypted message through the block chain network link.
Preferably, the return module is specifically configured to:
and decrypting the encrypted message by using the server private key to obtain the client MAC address and the key, generating a confirmation message of the received client MAC address and the key, encrypting the confirmation message by using the client public key, and returning the encrypted confirmation message to the client so that the client can send the encrypted data.
Preferably, the decryption module is specifically configured to:
and decrypting the encrypted data by using the key to obtain the original data.
As can be seen, the present embodiment provides a second data transmission apparatus, including: the device comprises a receiving module, a returning module and a decrypting module. Firstly, a receiving module receives client identity information sent by a client through a block chain network link, verifies the client identity information, if the verification is passed, returns server identity information to the client so that the client can verify the server identity information, and if the verification is passed, sends a client MAC address and a randomly generated key through the block chain network link; then the return module returns the confirmation message of the received client MAC address and the key to the client so that the client can send the encrypted data, and the encrypted data is obtained by encrypting the key; and finally, the decryption module decrypts the encrypted data by using the key to obtain the original data. Therefore, all modules are in work and cooperation and each plays its own role, so that identity information of the client and the server is prevented from being stolen by a falsifier, a random key for encrypting data is prevented, and the data security is improved.
In the following, a data transmission device provided in an embodiment of the present invention is introduced, and a data transmission device described below and a data transmission method and apparatus described above may refer to each other.
Referring to fig. 6, a data transmission device provided in an embodiment of the present invention includes:
a memory 61 for storing a computer program;
a processor 62 for implementing the steps of the data transmission method according to any of the above embodiments when executing the computer program.
Wherein the memory may be any readable storage medium.
In the following, a system provided by an embodiment of the present invention is introduced, and a system described below and a data transmission method, an apparatus, and a device described above may be referred to each other.
A data transmission system comprising: client and server, wherein:
the client sends client identity information to the server through the blockchain network link so that the server can verify the client identity information, and if the verification is passed, the server returns the server identity information; the client verifies the identity information of the server, and if the verification is passed, the client sends the client MAC address and the randomly generated key to the server through the block chain network link so that the server returns a confirmation message of the received client MAC address and key; the client sends the encrypted data to the server so that the server can decrypt the encrypted data by using the key to obtain original data, and the encrypted data is obtained by encrypting the key.
The embodiments in the present description are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other.
Those of skill would further appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, computer software, or combinations of both, and that the various illustrative components and steps have been described above generally in terms of their functionality in order to clearly illustrate this interchangeability of hardware and software. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present invention.
The steps of a method or algorithm described in connection with the embodiments disclosed herein may be embodied directly in hardware, in a software module executed by a processor, or in a combination of the two. A software module may reside in Random Access Memory (RAM), memory, Read Only Memory (ROM), electrically programmable ROM, electrically erasable programmable ROM, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
The previous description of the disclosed embodiments is provided to enable any person skilled in the art to make or use the present invention. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the spirit or scope of the invention. Thus, the present invention is not intended to be limited to the embodiments shown herein but is to be accorded the widest scope consistent with the principles and novel features disclosed herein.