CN118972038B - An encryption management system and method based on communication security - Google Patents

Abstract

The invention discloses an encryption management system and method based on communication security, and relates to the technical field of communication security. The method comprises the steps of collecting agricultural record data in historical transmission, collecting agricultural record data to be transmitted currently, establishing an agricultural transmission database, obtaining key factors influencing information entropy of the transmission data through statistical analysis results, training an information entropy calculation model according to the key factors, collecting key factor data values in the current agricultural data in real time, inputting the collected data into the information entropy calculation model to calculate the information entropy of the transmission data, calculating encryption key length according to the transmission data, calculating theoretical key length, selecting key length according to the information entropy, encrypting and transmitting the data to be transmitted, and recording and updating database information. The invention reasonably selects the key length, and avoids the user burden caused by the waste of computing resources and the complex encryption.

Description

Encryption management system and method based on communication security

Technical Field

The invention relates to the technical field of communication security, in particular to an encryption management system and method based on communication security.

Background

Communication security (Communication Security, COMSEC) refers to ensuring confidentiality, integrity, availability, and repudiation of information during communication by various techniques and management means. The goal of communication security is to prevent unauthorized access, tampering, theft or destruction of information.

Encryption management refers to the management of operations such as encryption and decryption processes of data, generation, distribution, storage, use, destruction, and the like of related keys. Its purpose is to protect the confidentiality, integrity and authenticity of data, and to ensure that the data is protected from unauthorized access, tampering or loss during transmission and storage.

With the development of technologies such as the internet, cloud computing, internet of things (IoT) and the like, the data volume grows exponentially, and information security faces more and more complex challenges. Encryption technology is a central means of protecting sensitive information (e.g., financial transaction data, personal privacy data, and corporate confidential data) from potential threats. Encryption management is thus a critical area in information security.

Although encryption management has made significant progress in data protection, in practical applications, key management is a very challenging task in large-scale distributed systems, key life cycle management involves many steps (such as backup, recovery, revocation, update, etc.), these operations are prone to human errors or are utilized by attackers, computing resources are consumed greatly, and powerful encryption algorithms (such as RSA-2048, AES-256) have high demands on computing resources, particularly in situations where large amounts of data are processed or real-time responses are required (such as internet of things devices, real-time video transmission), system performance and user experience are significantly affected, encryption complexity increases user burden, excessive encryption and security measures may cause user experience to be degraded, and even normal operation of services is affected.

Disclosure of Invention

The invention aims to provide an encryption management system and method based on communication security, which are used for solving the problems in the prior art.

In order to achieve the above purpose, the invention provides a communication security-based encryption management method, which comprises the following steps:

step S1, collecting agricultural record data in historical transmission, collecting the agricultural record data to be transmitted currently, establishing an agricultural transmission database, and updating the database in stages;

S2, carrying out statistical analysis on the agricultural record data, and obtaining key factors influencing the information entropy of the transmission data through a statistical analysis result;

s3, training an information entropy calculation model by using key factor data;

S4, acquiring key factor data values in current agricultural record data in real time, inputting the acquired data into an information entropy calculation model, and calculating transmission data information entropy;

step S5, dynamically adjusting the encryption key length of the current transmission data according to the transmission data information entropy;

Step S6, defining a multi-objective function, calculating the theoretical key length, selecting the key length according to the information entropy, encrypting the data to be transmitted and transmitting the data;

step S7, backing up the real-time collected agricultural record data and the calculation process data of dynamic key adjustment, inputting the agricultural record data and the calculation process data into an agricultural transmission database, and updating database information;

The agricultural transmission database comprises agricultural record data and key dynamic adjustment data.

The key dynamic adjustment data comprises all calculation data in the process of predicting the key length;

in step S1, the agricultural record data includes communication content data, data distribution characteristics, security threat data, and encryption algorithm performance data;

The communication content data includes text data { T1, T2, & gt, tn }, wherein T1, T2, & gt, tn represent text data samples, image data { I1, I2, & gt, in } occurring 1,2, & gt, n times, respectively, wherein I1, I2, & gt, in represents 1,2, & gt, n types of image data samples, and audio data { A1, A2, & gt, an }, wherein A1, A2, & gt, an represents audio data sampled 1,2, n times, respectively, and wherein the data is a sample of real-time communication traffic or a history communication record.

The data distribution features include a character frequency distribution { f (c 1), f (c 2),., f (ck) }, where f (c 1), f (c 2),., f (ck) represents character frequency distribution, byte distribution, and packet length distribution for the 1 st, 2 nd, k th time windows, respectively;

the security threat data comprises known attack modes, threat models and attack success rate information of different encryption algorithms;

The encryption algorithm performance data is calculation performance data of different encryption algorithms under different key lengths, and comprises encryption/decryption time, CPU/GPU consumption and memory occupation.

The representation matrix of the encryption/decryption time is:

wherein, L_K1, L_K2 and L_Km respectively represent keys with m different lengths, K represents encryption algorithm types, t_enc (L_K1), t_enc (L_K2), t_enc (L_Km) respectively represent encryption time with corresponding key lengths of L_K1, L_K2 and L_Km, t_dec (L_K1), t_dec (L_K2) and t_dec (L_Km) respectively represent decryption time with corresponding key lengths of L_K1, L_K2 and L_Km;

The CPU/GPU consumption representation matrix is as follows:

Wherein, K_1, K_2 and K_r respectively represent r different encryption algorithms, C_cpu (K_1), C_cpu (K_2) and C_cpu (K_r) respectively represent CPU occupancy rates of the corresponding encryption algorithms K_1, K_2 and K_r, C_cpu (K_1), C_cpu (K_2) and C_gpu (K_r) respectively represent GPU occupancy rates of the corresponding encryption algorithms K_1, K_2 and K_r.

In step S2, the step of performing statistical analysis on the agricultural record data, and obtaining key factors influencing the entropy of the transmitted data information through the statistical analysis result includes the following specific steps:

Step S2-1, extracting, by the agricultural transmission database, characteristic factors { [ te1_1, te1_2,.., te1_i ], [ te2_1, te2_2,., te2_i ],., [ tez _1, tez _2,., tez _i ] }, wherein te1, te2,., tez respectively represent the 1 st, 2 nd., the third and z characteristic factors affecting the entropy of the transmission data information, te1_1, te1_2,., te1_i respectively represent i sample values of the characteristic factor te1, te2_1, te2_2,., te2_i respectively represent i sample values of the characteristic factor 2, tez _1, tez _2,., tez _i respectively represent i sample values of the characteristic factor tez;

characteristic factors influencing the entropy of transmitted data information include the size of a data file, the type and quantity of the data information, the probability distribution of a data source, the complexity and change rate of data content, the sampling rate and resolution of the data, and the like;

S2-2, constructing a coordinate pair which takes a sample value of each characteristic factor as an abscissa and takes the entropy of transmission data information as an ordinate, carrying out dotting in a plane rectangular coordinate system, and connecting by using a smooth curve to form a characteristic information entropy curve;

Step S2-3, calculating the average change rate of the characteristic information entropy curve,

Wherein ch represents the average change rate of the characteristic information entropy curve, h (u) represents the entropy of the transmission data information of the sample u, u is marked by the sample, te_u represents the characteristic factor value of the sample u, i represents the total number of the samples, and u is more than or equal to 2 and less than or equal to i+1;

Step S2-4, calculating in sequence to obtain { ch_1, ch_2, & gt and ch_z }, wherein ch_1, ch_2, & gt and ch_z respectively represent the average change rate of the characteristic information entropy curves corresponding to the characteristic factors te1, te2, & gt and tez, marking the characteristic factors of which the average change rate exceeds a change rate threshold as key factors, and the change rate threshold has a calculation formula as follows:

wherein re represents a change rate threshold value, ch_1, ch_2, and ch_z represent average change rates of characteristic information entropy curves corresponding to characteristic factors te1, te2, and tez, respectively, and z represents the number of the characteristic factors.

In step S3, the specific steps of training the information entropy calculation model using the key factor data are as follows:

S3-1, recording data values of key factors in transmission data through an agricultural transmission database, and counting the number of sample values of each key factor;

Step S3-2, calculating the occurrence frequency of each key factor sample value according to the number of each key factor sample value,

Wherein p (x_j) represents the occurrence frequency of the sample value x_j of the key factor, count (x_j) represents the occurrence number of the sample value x_j of the key factor, and count (total) represents the number of all sample values in the key factor;

Step S3-3, calculating information entropy,

H(X)=-∑_sp(x_j)log₂p(x_j)

Wherein H (X) represents the information entropy of the transmission data X, s represents the number of key factors, and p (x_j) represents the occurrence frequency of the sample value x_j of the key factors.

To ensure that the choice of key length L is closely related to the data information entropy H (X), an exponential mapping function is designed to ensure security and minimize cost:

in step S5, the specific formula for dynamically adjusting the encryption key length of the current transmission data according to the transmission data information entropy is as follows:

Wherein L represents the key length of the encrypted transmission data, L_min represents the minimum key length, alpha is a regulating parameter for controlling the sensitivity of the key length to the change of the entropy of the data information, and H_min represents the minimum value of the entropy of the historical data information.

Under such a mapping relationship, when the entropy value increases slightly, the key length also increases rapidly, especially in the interval of higher entropy values, which helps to resist stronger attacks.

We want to strike a balance between security and computational cost, so we can define a multi-objective optimization function to optimize the choice of encryption key length;

In step S6, a multi-objective function is defined, and the theoretical key length is calculated by a multi-objective function formula:

sg(L)=w*log₂L

cc(L)=m*L²

Wherein,The method comprises the steps of expressing function values of multiple objective functions, expressing security gain of key length L by sg (L), carrying out different selections according to different encryption algorithms by w, expressing computing resource consumption by cc (L), expressing computing complexity constant by m, expressing balance coefficient by mu, and expressing the security gain of key length L by sg (L);

the theoretical key length calculation formula is:

wherein L^* represents a theoretical key length;

When the key length L is less than or equal to L^*, L^* is used as the key length of the current data to be transmitted, and when the key length L is more than L^*, L is continuously used as the key length of the current data to be transmitted.

In step S7, the specific steps are:

s7-1, backing up the current agricultural record data and the calculation process data dynamically adjusted by the secret key;

and S7-2, importing the backed-up data into an agricultural transmission database, and updating the database data.

An encryption management system based on communication safety comprises a data acquisition module, an agricultural transmission database module, a data analysis module, an information entropy calculation model training module, an information entropy calculation module, a key length dynamic adjustment module, an encryption and transmission module and a data recording and updating module;

the data acquisition module is used for collecting agricultural data, comprising historical transmission record data and current real-time data, wherein the historical data is used for establishing a basic database, and the real-time data is used for carrying out information entropy calculation before encryption;

the agricultural transmission database module is used for storing and managing all historical data and current data, and is used as a data base of a system to provide data support for training of an information entropy calculation model and dynamic key adjustment;

The data analysis module is used for carrying out statistical analysis on the data in the agricultural transmission database and identifying key factors influencing the entropy of the transmission data information;

The information entropy calculation model training module is based on key factors identified by the data analysis module and trains an information entropy calculation model by using a large amount of agricultural transmission data;

the information entropy calculation module is used for calculating the information entropy of the current data according to the agricultural data collected in real time and the trained model;

the key length dynamic adjustment module is used for dynamically adjusting the encryption key length required by data transmission according to the calculation result of the information entropy;

The encryption and transmission module is used for encrypting and transmitting data, so that the data safety is ensured;

The data recording and updating module is used for recording the decision process and result of data transmission and key length adjustment in the running process of the system and updating the agricultural transmission database.

Compared with the prior art, the method has the beneficial effects that the method draws an information entropy curve according to the historical transmission data and the historical transmission information entropy to obtain key factors influencing the information entropy, trains an information entropy calculation model according to the key factors, calculates the information entropy of the data to be transmitted at present in real time, calculates the encryption key length according to the information entropy, reasonably selects the key length, avoids the user burden caused by the waste of calculation resources and encryption complexity, and further ensures the safety of the encrypted data by calculating the theoretical key length.

Drawings

FIG. 1 is a flow chart of an encryption management method based on communication security according to the present invention;

Fig. 2 is a characteristic information entropy curve of an encryption management method based on communication security.

Detailed Description

The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.

1-2, The invention provides a technical scheme, namely an encryption management method based on communication security, which comprises the following steps:

step S1, collecting agricultural record data in historical transmission, collecting the agricultural record data to be transmitted currently, establishing an agricultural transmission database, and updating the database in stages;

The agricultural transmission database comprises agricultural record data and key dynamic adjustment data.

In step S1, the agricultural record data includes communication content data, data distribution characteristics, security threat data, and encryption algorithm performance data;

The communication content data includes text data { T1, T2, & gt, tn }, wherein T1, T2, & gt, tn represent text data samples, image data { I1, I2, & gt, in } occurring 1,2, & gt, n times, respectively, wherein I1, I2, & gt, in represents 1,2, & gt, n types of image data samples, and audio data { A1, A2, & gt, an }, wherein A1, A2, & gt, an represents audio data sampled 1,2, n times, respectively, and wherein the data is a sample of real-time communication traffic or a history communication record.

The data distribution features include a character frequency distribution { f (c 1), f (c 2),., f (ck) }, where f (c 1), f (c 2),., f (ck) represents character frequency distribution, byte distribution, and packet length distribution for the 1 st, 2 nd, k th time windows, respectively;

the security threat data comprises known attack modes, threat models and attack success rate information of different encryption algorithms;

The encryption algorithm performance data is calculation performance data of different encryption algorithms under different key lengths, and comprises encryption/decryption time, CPU/GPU consumption and memory occupation.

The representation matrix of the encryption/decryption time is:

wherein, L_K1, L_K2 and L_Km respectively represent keys with m different lengths, K represents encryption algorithm types, t_enc (L_K1), t_enc (L_K2), t_enc (L_Km) respectively represent encryption time with corresponding key lengths of L_K1, L_K2 and L_Km, t_dec (L_K1), t_dec (L_K2) and t_dec (L_Km) respectively represent decryption time with corresponding key lengths of L_K1, L_K2 and L_Km;

The CPU/GPU consumption representation matrix is as follows:

Wherein, K_1, K_2 and K_r respectively represent r different encryption algorithms, C_cpu (K_1), C_cpu (K_2) and C_cpu (K_r) respectively represent CPU occupancy rates of the corresponding encryption algorithms K_1, K_2 and K_r, C_cpu (K_1), C_cpu (K_2) and C_gpu (K_r) respectively represent GPU occupancy rates of the corresponding encryption algorithms K_1, K_2 and K_r.

S2, carrying out statistical analysis on the agricultural record data, and obtaining key factors influencing the information entropy of the transmission data through a statistical analysis result;

In step S2, the step of performing statistical analysis on the agricultural record data, and obtaining key factors affecting the entropy of the transmitted data information through the statistical analysis result specifically includes:

Step S2-1, extracting, by the agricultural transmission database, characteristic factors { [ te1_1, te1_2,.., te1_i ], [ te2_1, te2_2,., te2_i ],., [ tez _1, tez _2,., tez _i ] }, wherein te1, te2,., tez respectively represent the 1 st, 2 nd., the third and z characteristic factors affecting the entropy of the transmission data information, te1_1, te1_2,., te1_i respectively represent i sample values of the characteristic factor te1, te2_1, te2_2,., te2_i respectively represent i sample values of the characteristic factor 2, tez _1, tez _2,., tez _i respectively represent i sample values of the characteristic factor tez;

characteristic factors influencing the entropy of transmitted data information include the size of a data file, the type and quantity of the data information, the probability distribution of a data source, the complexity and change rate of data content, the sampling rate and resolution of the data, and the like;

Characteristic factor sample data:

data file size (KB) [100,200,300,400,500];

The type and number (type number) of the data information are [3,5,7,9,11];

the probability distribution of the data source is [0.1,0.2,0.3,0.15,0.25];

data content complexity and rate of change (rate of change per unit) [1,1.5,2,2.5,3];

Data sampling rate and resolution (sampling rate Hz) [10,20,30,40,50];

Input data for information entropy calculation:

Frequency of occurrence of characteristic factors:

The length of the data sequence is [40,10,50,30,35];

The type and the number of the data information are [10,12,6,8,14];

Data sampling frequency, [2,4,3,4,4];

as shown in fig. 2, a characteristic information entropy curve is plotted:

S2-2, constructing a coordinate pair which takes a sample value of each characteristic factor as an abscissa and takes the entropy of transmission data information as an ordinate, carrying out dotting in a plane rectangular coordinate system, and connecting by using a smooth curve to form a characteristic information entropy curve;

Step S2-3, calculating the average change rate of the characteristic information entropy curve,

Wherein ch represents the average change rate of the characteristic information entropy curve, h (u) represents the entropy of the transmission data information of the sample u, u is marked by the sample, te_u represents the characteristic factor value of the sample u, i represents the total number of the samples, and u is more than or equal to 2 and less than or equal to i+1;

Step S2-4, calculating in sequence to obtain { ch_1, ch_2, & gt and ch_z }, wherein ch_1, ch_2, & gt and ch_z respectively represent the average change rate of the characteristic information entropy curves corresponding to the characteristic factors te1, te2, & gt and tez, marking the characteristic factors of which the average change rate exceeds a change rate threshold as key factors, and the change rate threshold has a calculation formula as follows:

wherein re represents a change rate threshold value, ch_1, ch_2, and ch_z represent average change rates of characteristic information entropy curves corresponding to characteristic factors te1, te2, and tez, respectively, and z represents the number of the characteristic factors.

S3, training an information entropy calculation model by using key factor data;

In step S3, the training the information entropy calculation model using the key factor data specifically includes the following steps:

S3-1, recording data values of key factors in transmission data through an agricultural transmission database, and counting the number of sample values of each key factor;

Step S3-2, calculating the occurrence frequency of each key factor sample value according to the number of each key factor sample value,

Wherein p (x_j) represents the occurrence frequency of the sample value x_j of the key factor, count (x_j) represents the occurrence number of the sample value x_j of the key factor, and count (total) represents the number of all sample values in the key factor;

Step S3-3, calculating information entropy,

H(X)=-∑_sp(x_j)log₂p(x_j)

Wherein H (X) represents the information entropy of the transmission data X, s represents the number of key factors, and p (x_j) represents the occurrence frequency of the sample value x_j of the key factors.

To ensure that the choice of key length L is closely related to the data information entropy H (X), an exponential mapping function is designed to ensure security and minimize cost:

S4, acquiring key factor data values in current agricultural record data in real time, inputting the acquired data into an information entropy calculation model, and calculating transmission data information entropy;

step S5, dynamically adjusting the encryption key length of the current transmission data according to the transmission data information entropy;

in step S5, the specific formula for dynamically adjusting the encryption key length of the current transmission data according to the transmission data information entropy is as follows:

Wherein L represents the key length of the encrypted transmission data, L_min represents the minimum key length, alpha is a regulating parameter for controlling the sensitivity of the key length to the change of the entropy of the data information, and H_min represents the minimum value of the entropy of the historical data information.

Historical data information entropy H_min＝1.5,H_max =4.5;

Key length adjustment parameters:

minimum key length, L_min =128;

Frequency of occurrence for file sequence length:

H(size)＝-[0.2*log₂(40)+0.15*log₂(40)+0.25*log₂(50)+0.1*log₂(30)+0.3*

log₂(35)]

Frequency of occurrence for data information category and number:

H(type)＝-[0.18log₂(2)+0.2*log₂(4)+0.3*log₂(3)+0.2*log₂(4)+0.2*log₂](4)

information entropy of data file size:

H(size):2.23;

information entropy of data information type and quantity

H(type):2.25;

A key length H (size) of H (size) based on information entropy of the data file size is about 221 bits;

Based on the information entropy of the type and the number of the data information, the key length H (type) of H (type) is about 224 bits;

Under such a mapping relationship, when the entropy value increases slightly, the key length also increases rapidly, especially in the interval of higher entropy values, which helps to resist stronger attacks.

We want to strike a balance between security and computational cost, so we can define a multi-objective optimization function to optimize the choice of encryption key length;

Step S6, defining a multi-objective function, calculating the theoretical key length, selecting the key length according to the information entropy, encrypting the data to be transmitted and transmitting the data;

In step S6, a multi-objective function is defined, and the theoretical key length is calculated by a multi-objective function formula:

sg(L)=w*log₂L

cc(L)=m*L²

Wherein,The method comprises the steps of expressing function values of multiple objective functions, expressing security gain of key length L by sg (L), carrying out different selections according to different encryption algorithms by w, expressing computing resource consumption by cc (L), expressing computing complexity constant by m, expressing balance coefficient by mu, and expressing the security gain of key length L by sg (L);

adjusting parameter α=256;

optimizing function weights:

security constant w=0.7;

Calculating a complexity constant of m=2;

Balance coefficient μ=0.5;

the theoretical key length calculation formula is:

wherein L^* represents a theoretical key length;

When the key length L is less than or equal to L^*, L^* is used as the key length of the current data to be transmitted, and when the key length L is more than L^*, L is continuously used as the key length of the current data to be transmitted.

Step S7, backing up the real-time collected agricultural record data and the calculation process data of dynamic key adjustment, inputting the agricultural record data and the calculation process data into an agricultural transmission database, and updating database information;

In step S7, the specific steps are:

s7-1, backing up the current agricultural record data and the calculation process data dynamically adjusted by the secret key;

and S7-2, importing the backed-up data into an agricultural transmission database, and updating the database data.

An encryption management system based on communication safety comprises a data acquisition module, an agricultural transmission database module, a data analysis module, an information entropy calculation model training module, an information entropy calculation module, a key length dynamic adjustment module, an encryption and transmission module and a data recording and updating module;

the data acquisition module is used for collecting agricultural data, comprising historical transmission record data and current real-time data, wherein the historical data is used for establishing a basic database, and the real-time data is used for carrying out information entropy calculation before encryption;

the agricultural transmission database module is used for storing and managing all historical data and current data, and is used as a data base of a system to provide data support for training of an information entropy calculation model and dynamic key adjustment;

The data analysis module is used for carrying out statistical analysis on the data in the agricultural transmission database and identifying key factors influencing the entropy of the transmission data information;

The information entropy calculation model training module is based on key factors identified by the data analysis module and trains an information entropy calculation model by using a large amount of agricultural transmission data;

the information entropy calculation module is used for calculating the information entropy of the current data according to the agricultural data collected in real time and the trained model;

the key length dynamic adjustment module is used for dynamically adjusting the encryption key length required by data transmission according to the calculation result of the information entropy;

The encryption and transmission module is used for encrypting and transmitting data, so that the data safety is ensured;

The data recording and updating module is used for recording the decision process and result of data transmission and key length adjustment in the running process of the system and updating the agricultural transmission database.

It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential characteristics thereof. The present embodiments are, therefore, to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference sign in a claim should not be construed as limiting the claim concerned.

Claims (6)

1. The encryption management method based on communication security is characterized by comprising the following steps:

step S1, collecting agricultural record data in historical transmission, collecting the agricultural record data to be transmitted currently, establishing an agricultural transmission database, and updating the database in stages;

S2, carrying out statistical analysis on the agricultural record data, and obtaining key factors influencing the information entropy of the transmission data through a statistical analysis result;

In step S2, the step of performing statistical analysis on the agricultural record data, and obtaining key factors influencing the entropy of the transmitted data information through the statistical analysis result includes the following specific steps:

Step S2-1, extracting, by the agricultural transmission database, characteristic factors { [ te1_1, te1_2,.., te1_i ], [ te2_1, te2_2,., te2_i ],., [ tez _1, tez _2,., tez _i ] }, wherein te1, te2,., tez respectively represent the 1 st, 2 nd., the third and z characteristic factors affecting the entropy of the transmission data information, te1_1, te1_2,., te1_i respectively represent i sample values of the characteristic factor te1, te2_1, te2_2,., te2_i respectively represent i sample values of the characteristic factor 2, tez _1, tez _2,., tez _i respectively represent i sample values of the characteristic factor tez;

S2-2, constructing a coordinate pair which takes a sample value of each characteristic factor as an abscissa and takes the entropy of transmission data information as an ordinate, carrying out dotting in a plane rectangular coordinate system, and connecting by using a smooth curve to form a characteristic information entropy curve;

Step S2-3, calculating the average change rate of the characteristic information entropy curve,

Wherein ch represents the average change rate of the characteristic information entropy curve, h (u) represents the entropy of the transmission data information of the sample u, u is marked by the sample, te_u represents the characteristic factor value of the sample u, i represents the total number of the samples, and u is more than or equal to 2 and less than or equal to i+1;

Step S2-4, calculating in sequence to obtain { ch_1, ch_2, & gt and ch_z }, wherein ch_1, ch_2, & gt and ch_z respectively represent the average change rate of the characteristic information entropy curves corresponding to the characteristic factors te1, te2, & gt and tez, marking the characteristic factors of which the average change rate exceeds a change rate threshold as key factors, and the change rate threshold has a calculation formula as follows:

wherein re represents a change rate threshold value, ch_1, ch_2, and ch_z represent average change rates of characteristic information entropy curves corresponding to characteristic factors te1, te2, and tez, respectively;

s3, training an information entropy calculation model by using key factor data;

in step S3, the specific steps of training the information entropy calculation model using the key factor data are as follows:

S3-1, extracting data values of key factors in transmission data through an agricultural transmission database, and counting the number of sample values of each key factor;

Step S3-2, calculating the occurrence frequency of each key factor sample value according to the number of each key factor sample value,

Wherein p (x_j) represents the occurrence frequency of the sample value x_j of the key factor, count (x_j) represents the occurrence number of the sample value x_j of the key factor, and count (total) represents the number of all sample values in the key factor;

Step S3-3, calculating information entropy,

H(x)=-∑_sp(x_j)log₂p(x_j)

Wherein, H (X) represents the information entropy of the transmission data X, s represents the number of key factors, and p (x_j) represents the occurrence frequency of the sample value x_j of the key factors;

S4, acquiring key factor data values in current agricultural record data in real time, inputting the acquired data into an information entropy calculation model, and calculating transmission data information entropy;

step S5, dynamically adjusting the encryption key length of the current transmission data according to the transmission data information entropy;

in step S5, the specific formula for dynamically adjusting the encryption key length of the current transmission data according to the transmission data information entropy is as follows:

wherein L represents the key length of the encrypted transmission data, L_min represents the minimum key length, alpha is an adjustment parameter for controlling the sensitivity of the key length to the change of the entropy of the data information, and H_min represents the minimum value of the entropy of the historical data information;

Step S6, defining a multi-objective function, calculating the theoretical key length, selecting the key length according to the information entropy, encrypting the data to be transmitted and transmitting the data;

step S7, backing up the real-time collected agricultural record data and the calculation process data of dynamic key adjustment, inputting the agricultural record data and the calculation process data into an agricultural transmission database, and updating database information;

The agricultural transmission database comprises agricultural record data and key dynamic adjustment data.

2. The method for encryption management based on communication security according to claim 1, wherein in step S1, the agricultural record data includes communication content data, data distribution characteristics, security threat data, and encryption algorithm performance data;

The communication content data includes text data { T1, T2, & gt, tn }, wherein T1, T2, & gt, tn represent text data samples appearing 1,2, & gt, n times, respectively, & gt, image data { I1, I2, & gt, in }, wherein I1, I2, & gt, in represents 1,2, & gt, n types of image data samples, respectively, and audio data { A1, A2, & gt, an }, wherein A1, A2, & gt, an represents audio data sampled 1,2, & gt, respectively;

The data distribution features include a character frequency distribution { f (c 1), f (c 2),., f (ck) }, where f (c 1), f (c 2),., f (ck) represents character frequency distribution, byte distribution, and packet length distribution for the 1 st, 2 nd, k th time windows, respectively;

the security threat data comprises known attack modes, threat models and attack success rate information of different encryption algorithms;

The encryption algorithm performance data is calculation performance data of different encryption algorithms under different key lengths, and comprises encryption/decryption time, CPU/GPU consumption and memory occupation.

3. The method for communication security-based encryption management according to claim 2, wherein the encryption/decryption time representation matrix is:

wherein, L_K1, L_K2 and L_Km respectively represent keys with m different lengths, K represents encryption algorithm types, t_enc (L_K1), t_enc (L_K2), t_enc (L_Km) respectively represent encryption time with corresponding key lengths of L_K1, L_K2 and L_Km, t_dec (L_K1), t_dec (L_K2) and t_dec (L_Km) respectively represent decryption time with corresponding key lengths of L_K1, L_K2 and L_Km;

The CPU/GPU consumption representation matrix is as follows:

Wherein, K_1, K_2 and K_r respectively represent r different encryption algorithms, C_cpu (K_1), C_cpu (K_2) and C_cpu (K_r) respectively represent CPU occupancy rates of the corresponding encryption algorithms K_1, K_2 and K_r, C_cpu (K_1), C_cpu (K_2) and C_gpu (K_r) respectively represent GPU occupancy rates of the corresponding encryption algorithms K_1, K_2 and K_r.

4. The method for encryption management based on communication security according to claim 3, wherein in step S6, a multi-objective function is defined, and the calculation of the theoretical key length is specifically performed by a multi-objective function formula:

sg(L)=w*log₂L

cc(L)=m*L²

Wherein,The method comprises the steps of expressing function values of multiple objective functions, expressing security gain of key length L by sg (L), carrying out different selections according to different encryption algorithms by w, expressing computing resource consumption by cc (L), expressing computing complexity constant by m, expressing balance coefficient by mu, and expressing the security gain of key length L by sg (L);

the theoretical key length calculation formula is:

wherein L^* represents a theoretical key length;

When the key length L is less than or equal to L^*, L^* is used as the key length of the current data to be transmitted, and when the key length L is more than L^*, L is continuously used as the key length of the current data to be transmitted.

5. The method for communication security-based encryption management according to claim 4, wherein in step S7, the specific steps are:

s7-1, backing up the current agricultural record data and the calculation process data dynamically adjusted by the secret key;

and S7-2, importing the backed-up data into an agricultural transmission database, and updating the database data.

6. An encryption management system based on communication security, which applies the encryption management method based on communication security as set forth in any one of claims 1-5, and is characterized in that the encryption management system comprises a data acquisition module, an agricultural transmission database module, a data analysis module, an information entropy calculation model training module, an information entropy calculation module, a key length dynamic adjustment module, an encryption and transmission module and a data recording and updating module;

the data acquisition module is used for collecting agricultural data, comprising historical transmission record data and current real-time data, wherein the historical data is used for establishing a basic database, and the real-time data is used for carrying out information entropy calculation before encryption;

the agricultural transmission database module is used for storing and managing all historical data and current data, and is used as a data base of a system to provide data support for training of an information entropy calculation model and dynamic key adjustment;

The data analysis module is used for carrying out statistical analysis on the data in the agricultural transmission database and identifying key factors influencing the entropy of the transmission data information;

The information entropy calculation model training module is based on key factors identified by the data analysis module and trains an information entropy calculation model by using a large amount of agricultural transmission data;

the information entropy calculation module is used for calculating the information entropy of the current data according to the agricultural data collected in real time and the trained model;

the key length dynamic adjustment module is used for dynamically adjusting the encryption key length required by data transmission according to the calculation result of the information entropy;

The encryption and transmission module is used for encrypting and transmitting data, so that the data safety is ensured;

The data recording and updating module is used for recording the decision process and result of data transmission and key length adjustment in the running process of the system and updating the agricultural transmission database.