CN115603906A

CN115603906A - A data processing method, device, equipment and medium

Info

Publication number: CN115603906A
Application number: CN202211244805.1A
Authority: CN
Inventors: 刘紫千; 刘长波; 曹然; 赵勇智; 余启明; 王欣罡; 刘静; 吴同; 李阳; 张鑫
Original assignee: Tianyi Safety Technology Co Ltd
Current assignee: Tianyi Safety Technology Co Ltd
Priority date: 2022-10-12
Filing date: 2022-10-12
Publication date: 2023-01-13

Abstract

The embodiment of the present application provides a data processing method, device, equipment, and medium to solve the problem in the prior art that when generating a key, random numbers need to be generated by hardware, resulting in a small scope of application of the method for generating a key . Electronic devices process the received data through hash operations to generate corresponding random numbers. Since hash operations have strong anti-collision properties, the quality of random numbers processed by hash operations is high, so high-quality random numbers that meet the requirements can be generated. Quality random numbers, and the data in the embodiment of this application is the data sent by any sensor set in the terminal, and the data collected by the sensor comes from a physical random event, which belongs to a true random data source. By processing the data sent by the sensor, it can The quality of the generated random number is further improved, and the embodiment of the present application does not need to generate the random number through hardware, and the key is generated based on the random number, which can improve the scope of application of the key generation method.

Description

A data processing method, device, equipment and medium

技术领域technical field

本申请涉及信息安全技术领域，尤其涉及一种数据处理方法、装置、设备及介质。The present application relates to the technical field of information security, and in particular to a data processing method, device, equipment and medium.

背景技术Background technique

随着信息安全技术的不断发展，需要应用到密钥的场景越来越多，其中，国密算法中便需要应用到密钥。在生成密钥时，一般需要先生成随机数，基于生成的随机数生成对应的密钥。With the continuous development of information security technology, there are more and more scenarios that need to be applied to keys. Among them, keys need to be applied to national secret algorithms. When generating a key, it is generally necessary to generate a random number first, and then generate a corresponding key based on the generated random number.

然而由于密钥对随机数质量的高要求，现有技术中提出了通过硬件方式生成随机数，具体的，通过线性反馈移位寄存器(Linear Feedbakc Shift Register，LFSR)，利用本原多项式的性质，对寄存器中保存的数据进行移位处理，输出具有较高随机特性的m序列。此方法依赖专用集成电路实现，因此现有技术中只有安装了对应硬件的设备才可以生成满足高要求的随机数，从而基于随机数生成对应的密钥，也就是说现有技术中生成密钥的方法受到了很大的限制，影响了其适用范围。However, due to the high requirements of the key on the quality of random numbers, it is proposed in the prior art to generate random numbers through hardware. Specifically, through the Linear Feedback Shift Register (Linear Feedback Shift Register, LFSR), using the properties of primitive polynomials, Perform shift processing on the data saved in the register, and output the m-sequence with high random characteristics. This method relies on application-specific integrated circuits. Therefore, in the prior art, only devices equipped with corresponding hardware can generate random numbers that meet high requirements, thereby generating corresponding keys based on random numbers. That is to say, generating keys in the prior art The method has been greatly restricted, affecting its scope of application.

发明内容Contents of the invention

本申请实施例提供了一种数据处理方法、装置、设备及介质，用以解决现有技术中在生成密钥时，需要通过硬件方式生成随机数，导致生成密钥的方法适用范围小的问题。The embodiment of the present application provides a data processing method, device, equipment, and medium to solve the problem in the prior art that when generating a key, random numbers need to be generated by hardware, resulting in a small scope of application of the method for generating a key .

第一方面，本申请实施例提供了一种数据处理方法，所述方法包括：In the first aspect, the embodiment of the present application provides a data processing method, the method comprising:

接收终端中设置的任一传感器发送的数据；Receive data sent by any sensor set in the terminal;

通过哈希运算对所述数据进行处理，生成对应的随机数；Processing the data through a hash operation to generate a corresponding random number;

将所述随机数保存在随机数熵池中，其中，所述随机数熵池中的随机数用于生成密钥。The random number is stored in a random number entropy pool, wherein the random number in the random number entropy pool is used to generate a key.

进一步地，所述接收终端中设置的任一传感器发送的数据之后，所述通过哈希运算对所述数据进行处理之前，所述方法还包括：Further, after receiving the data sent by any sensor set in the terminal and before processing the data through hash operation, the method further includes:

获取发送所述数据的传感器发送的所述数据的上一个数据；Acquiring previous data of the data sent by the sensor sending the data;

根据所述上一个数据每一位的数值和该数据每一位数值，确定所述上一个数据与所述数据的相关度；According to the value of each bit of the last data and the value of each bit of the data, determine the correlation between the last data and the data;

判断所述相关度是否大于预设相关度；judging whether the correlation degree is greater than a preset correlation degree;

若否，则执行后续通过哈希运算对所述数据进行处理的步骤。If not, perform subsequent steps of processing the data through a hash operation.

进一步地，所述通过哈希运算对所述数据进行处理包括：Further, said processing said data through hash operation includes:

按照预设的拼接方式，拼接所述数据与接收所述数据的时间；According to the preset splicing mode, splicing the data and the time of receiving the data;

对拼接后的数据进行至少一次哈希运算。Perform at least one hash operation on the spliced data.

判断所述随机数熵池中随机数的数量是否达到预设数量；judging whether the number of random numbers in the random number entropy pool reaches a preset number;

进一步地，所述方法还包括：Further, the method also includes:

接收生成密钥的请求；Receive a request to generate a key;

在所述随机数熵池中，获取任一目标随机数；In the random number entropy pool, any target random number is obtained;

根据所述目标随机数及预先配置的生成算法，生成对应的密钥。Generate a corresponding key according to the target random number and a pre-configured generation algorithm.

进一步地，所述获取任一目标随机数之后，所述根据所述目标随机数及预先配置的生成算法，生成对应的密钥之前，所述方法还包括：Further, after acquiring any target random number, before generating a corresponding key according to the target random number and a pre-configured generation algorithm, the method further includes:

获取预先配置的目标长度；其中，所述目标长度不超过所述随机数熵池中任一随机数的长度；Obtain a pre-configured target length; wherein, the target length does not exceed the length of any random number in the random number entropy pool;

在所述目标随机数中，获取所述目标长度的子随机数；采用所述子随机数对目标随机数进行更新，并针对更新后的目标随机数，执行后续根据所述目标随机数及预先配置的生成算法，生成对应的密钥的步骤。In the target random number, obtain a sub-random number of the target length; use the sub-random number to update the target random number, and for the updated target random number, perform subsequent The configured generation algorithm, the step of generating the corresponding key.

进一步地，所述请求中携带待生成的密钥的密钥标识；所述方法还包括：Further, the request carries the key identifier of the key to be generated; the method also includes:

获取预先保存的图像中每个预设像素点的像素值；并获取所述密钥对应的预设进制的数据；其中，所述每个预设像素点的数量与所述数据的位数相同；Obtain the pixel value of each preset pixel point in the pre-saved image; and obtain the preset binary data corresponding to the key; wherein, the number of each preset pixel point is the same as the number of digits of the data same;

按照所述每个预设像素点对应的预设排序方式，依次根据所述数据中对应位的数值调整每个预设像素点的像素值；保存像素值调整后的图像与所述密钥标识的对应关系。According to the preset sorting method corresponding to each preset pixel point, adjust the pixel value of each preset pixel point in turn according to the value of the corresponding bit in the data; save the image after pixel value adjustment and the key identification corresponding relationship.

进一步地，所述方法还包括：Further, the method also includes:

若接收到携带目标密钥标识的密钥获取请求，则获取针对所述目标密钥标识对应保存的目标图像；获取所述目标图像中每个预设像素点的像素值；If a key acquisition request carrying a target key identifier is received, then acquire a target image corresponding to the target key identifier; acquire the pixel value of each preset pixel in the target image;

按照所述每个预设像素点对应的预设排序方式，将所述每个预设像素点的像素值对应的数值对应排序，将排序后组成的数值作为待获取的所述目标密钥标识的密钥对应进制的目标数值。According to the preset sorting method corresponding to each preset pixel point, the numerical values corresponding to the pixel values of each preset pixel point are correspondingly sorted, and the sorted numerical values are used as the target key identifier to be obtained The key corresponds to the target value in base.

第二方面，本申请实施例还提供了一种数据处理装置，所述装置包括：In the second aspect, the embodiment of the present application also provides a data processing device, the device comprising:

接收模块，用于接收终端中设置的任一传感器发送的数据；A receiving module, configured to receive data sent by any sensor set in the terminal;

处理模块，用于通过哈希运算对所述数据进行处理，生成对应的随机数；A processing module, configured to process the data through a hash operation to generate a corresponding random number;

保存模块，用于将所述随机数保存在随机数熵池中，其中，所述随机数熵池中的随机数用于生成密钥。A saving module, configured to save the random number in a random number entropy pool, wherein the random number in the random number entropy pool is used to generate a key.

进一步地，所述处理模块，还用于获取发送所述数据的传感器发送的所述数据的上一个数据；根据所述上一个数据每一位的数值和该数据每一位数值，确定所述上一个数据与所述数据的相关度；判断所述相关度是否大于预设相关度；若否，则执行后续通过哈希运算对所述数据进行处理的步骤。Further, the processing module is also used to obtain the last data of the data sent by the sensor sending the data; according to the value of each bit of the last data and the value of each bit of the data, determine the The degree of correlation between the previous data and the data; judging whether the degree of correlation is greater than the preset degree of correlation; if not, performing the subsequent step of processing the data through a hash operation.

进一步地，所述处理模块，具体用于按照预设的拼接方式，拼接所述数据与接收所述数据的时间；对拼接后的数据进行至少一次哈希运算。Further, the processing module is specifically configured to splice the data and the time of receiving the data according to a preset splicing manner; and perform at least one hash operation on the spliced data.

进一步地，所述处理模块，还用于判断所述随机数熵池中随机数的数量是否达到预设数量；若否，则执行后续通过哈希运算对所述数据进行处理的步骤。Further, the processing module is also used for judging whether the number of random numbers in the random number entropy pool reaches a preset number; if not, then execute the subsequent step of processing the data through a hash operation.

进一步地，所述处理模块，还用于接收生成密钥的请求；在所述随机数熵池中，获取任一目标随机数；根据所述目标随机数及预先配置的生成算法，生成对应的密钥。Further, the processing module is also configured to receive a request for generating a key; obtain any target random number in the random number entropy pool; generate a corresponding key according to the target random number and a pre-configured generation algorithm. key.

进一步地，所述处理模块，还用于获取预先配置的目标长度；其中，所述目标长度不超过所述随机数熵池中任一随机数的长度；在所述目标随机数中，获取所述目标长度的子随机数；采用所述子随机数对目标随机数进行更新，并针对更新后的目标随机数，执行后续根据所述目标随机数及预先配置的生成算法，生成对应的密钥的步骤。Further, the processing module is also used to obtain a pre-configured target length; wherein, the target length does not exceed the length of any random number in the random number entropy pool; in the target random number, obtain the A sub-random number of the target length; use the sub-random number to update the target random number, and perform subsequent generation of the corresponding key according to the target random number and a pre-configured generation algorithm for the updated target random number A step of.

进一步地，所述处理模块，还用于获取预先保存的图像中每个预设像素点的像素值；并获取所述密钥对应的预设进制的数据；其中，所述每个预设像素点的数量与所述数据的位数相同；按照所述每个预设像素点对应的预设排序方式，依次根据所述数据中对应位的数值调整每个预设像素点的像素值；保存像素值调整后的图像与所述密钥标识的对应关系；所述请求中携带待生成的密钥的密钥标识。Further, the processing module is also used to acquire the pixel value of each preset pixel point in the pre-saved image; and acquire the preset binary data corresponding to the key; wherein, each preset The number of pixels is the same as the number of digits of the data; according to the preset sorting method corresponding to each preset pixel, the pixel value of each preset pixel is adjusted sequentially according to the value of the corresponding bit in the data; The corresponding relationship between the image after pixel value adjustment and the key identifier is stored; the request carries the key identifier of the key to be generated.

进一步地，所述处理模块，还用于若接收到携带目标密钥标识的密钥获取请求，则获取针对所述目标密钥标识对应保存的目标图像；获取所述目标图像中每个预设像素点的像素值；按照所述每个预设像素点对应的预设排序方式，将所述每个预设像素点的像素值对应的数值对应排序，将排序后组成的数值作为待获取的所述目标密钥标识的密钥对应进制的目标数值。Further, the processing module is further configured to acquire a target image correspondingly stored for the target key ID if a key acquisition request carrying a target key ID is received; acquire each preset key in the target image The pixel value of the pixel point; according to the preset sorting method corresponding to each preset pixel point, the numerical value corresponding to the pixel value of each preset pixel point is correspondingly sorted, and the value formed after sorting is used as the value to be obtained The key identified by the target key corresponds to the base target value.

第三方面，本申请实施例还提供了一种电子设备，所述电子设备至少包括处理器和存储器，所述处理器用于执行存储器中存储的计算机程序时执行上述任一项所述数据处理方法的步骤。In the third aspect, the embodiment of the present application also provides an electronic device, the electronic device includes at least a processor and a memory, and the processor is used to execute any one of the data processing methods described above when executing the computer program stored in the memory A step of.

第四方面，本申请实施例还提供了一种计算机可读存储介质，其存储有计算机程序，所述计算机程序被处理器执行时执行上述任一项所述数据处理方法的步骤。In a fourth aspect, the embodiment of the present application further provides a computer-readable storage medium, which stores a computer program, and when the computer program is executed by a processor, the steps of any one of the data processing methods described above are executed.

在本申请实施例中，电子设备接收终端中设置的任一传感器发送的数据，通过哈希运算对接收到的数据进行处理，生成对应的随机数，将生成的随机数保存在随机数熵池中，其中，随机数熵池中的随机数用于生成密钥。由于在本申请实施例中，电子设备通过哈希运算对接收到的数据进行处理，生成对应的随机数，由于哈希运算具有强抗碰撞性，采用哈希运算处理后的随机数质量较高，因此可以生成符合要求的高质量随机数，并且本申请实施例中的数据为终端中设置的任一传感器发送的数据，而传感器采集的数据来自物理随机事件，属于真随机数据源，通过对传感器发送的数据进行处理，可以进一步提高生成的随机数的质量，且本申请实施例无需通过硬件方式生成随机数，基于该随机数生成密钥，可以提高密钥生成方法的适用范围。In the embodiment of the present application, the electronic device receives the data sent by any sensor set in the terminal, processes the received data through a hash operation, generates a corresponding random number, and saves the generated random number in the random number entropy pool , where random numbers in the random number entropy pool are used to generate keys. Since in the embodiment of the present application, the electronic device processes the received data through a hash operation to generate a corresponding random number, since the hash operation has strong anti-collision property, the quality of the random number processed by the hash operation is relatively high , so high-quality random numbers that meet the requirements can be generated, and the data in the embodiment of the application is the data sent by any sensor set in the terminal, and the data collected by the sensor comes from a physical random event, which belongs to a true random data source. Processing the data sent by the sensor can further improve the quality of the generated random number, and the embodiment of the present application does not need to generate a random number through hardware, and generating a key based on the random number can improve the scope of application of the key generation method.

附图说明Description of drawings

为了更清楚地说明本申请实施例中的技术方案，下面将对实施例描述中所需要使用的附图作简要介绍，显而易见地，下面描述中的附图仅仅是本申请的一些实施例，对于本领域的普通技术人员来讲，在不付出创造性劳动的前提下，还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the embodiments of the present application, the following will briefly introduce the drawings that need to be used in the description of the embodiments. Obviously, the drawings in the following description are only some embodiments of the present application. For Those of ordinary skill in the art can also obtain other drawings based on these drawings without making creative efforts.

图1为本申请实施例提供的一种数据处理过程示意图；FIG. 1 is a schematic diagram of a data processing process provided by an embodiment of the present application;

图2为本申请实施例提供的一种生成随机数的过程示意图；FIG. 2 is a schematic diagram of a process for generating random numbers provided in an embodiment of the present application;

图3为本申请实施例提供的一种密钥隐写的过程示意图；FIG. 3 is a schematic diagram of a key steganography process provided by an embodiment of the present application;

图4为本申请实施例提供的一种获取目标密钥的过程示意图；FIG. 4 is a schematic diagram of a process for obtaining a target key provided by an embodiment of the present application;

图5为本申请实施例提供的一种密钥相关过程的详细示意图；FIG. 5 is a detailed schematic diagram of a key correlation process provided by an embodiment of the present application;

图6为本申请实施例提供的一种数据处理装置结构示意图；FIG. 6 is a schematic structural diagram of a data processing device provided in an embodiment of the present application;

图7为本申请实施例提供的一种电子设备的结构示意图。FIG. 7 is a schematic structural diagram of an electronic device provided by an embodiment of the present application.

具体实施方式detailed description

下面将结合附图对本申请作进一步地详细描述，显然，所描述的实施例仅仅是本申请一部分实施例，而不是全部的实施例。基于本申请中的实施例，本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其它实施例，都属于本申请保护的范围。The application will be further described in detail below in conjunction with the accompanying drawings. Apparently, the described embodiments are only some of the embodiments of the application, not all of them. Based on the embodiments in this application, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the scope of protection of this application.

为了提高密钥生成方法的适用范围，本申请实施例提供了一种数据处理方法、装置、设备及介质。该数据处理方法包括：电子设备接收终端中设置的任一传感器发送的数据，通过哈希运算对接收到的数据进行处理，生成对应的随机数，将生成的随机数保存在随机数熵池中，其中，随机数熵池中的随机数用于生成密钥。该随机数熵池中的随机数无需通过硬件方式生成，基于该随机数熵池中的随机数生成密钥，可以提高密钥生成方法的适用范围。In order to improve the scope of application of the key generation method, embodiments of the present application provide a data processing method, device, device, and medium. The data processing method includes: the electronic device receives data sent by any sensor set in the terminal, processes the received data through a hash operation, generates a corresponding random number, and saves the generated random number in a random number entropy pool , where the random numbers in the random number entropy pool are used to generate keys. The random numbers in the random number entropy pool do not need to be generated by hardware, and keys are generated based on the random numbers in the random number entropy pool, which can improve the scope of application of the key generation method.

实施例1：Example 1:

图1为本申请实施例提供的一种数据处理过程示意图，该过程包括以下步骤：Fig. 1 is a schematic diagram of a data processing process provided by the embodiment of the present application, the process includes the following steps:

S101：接收终端中设置的任一传感器发送的数据。S101: Receive data sent by any sensor set in the terminal.

本申请实施例提供的数据处理方法应用于电子设备，该电子设备可以为终端或服务器等设备。The data processing method provided in the embodiment of the present application is applied to an electronic device, and the electronic device may be a device such as a terminal or a server.

在本申请实施例中，为了生成符合密钥的高要求的随机数，终端中设置有多个传感器，其中，终端中设置的传感器可以包括：加速度传感器、磁力传感器、方向传感器、陀螺仪传感器、光线感应传感器、压力传感器、温度传感器、接近传感器、重力传感器、线性加速度传感器、旋转矢量传感器等传感器中的多个。In this embodiment of the application, in order to generate random numbers that meet the high requirements of the key, multiple sensors are provided in the terminal, wherein the sensors provided in the terminal may include: acceleration sensors, magnetic sensors, direction sensors, gyroscope sensors, A plurality of sensors such as light sensing sensors, pressure sensors, temperature sensors, proximity sensors, gravity sensors, linear acceleration sensors, and rotation vector sensors.

若电子设备为终端，则终端可以获取自身内部设置的任一传感器发送的数据，若电子设备为服务器等非终端的设备，则终端在获取到自身内部设置的任一传感器发送的数据后，将该数据发送至服务器等非终端的设备，服务器等非终端的设备即可接收到终端中设置的任一传感器发送的数据。其中，终端还可以获取自身内部设置的多个传感器发送的数据，若获取到多个传感器发送的数据，则分别针对每个数据进行后续处理，或将每个数据发送至服务器等非终端的设备，由服务器等非终端的设备分别针对每个数据进行后续处理。在本申请实施例中，相当于可以通过该每个传感器进行源数据的采集。If the electronic device is a terminal, the terminal can obtain the data sent by any sensor installed inside itself; if the electronic device is a non-terminal device such as a server, after the terminal obtains the data sent by any sensor installed inside itself, The data is sent to a non-terminal device such as a server, and the non-terminal device such as a server can receive the data sent by any sensor set in the terminal. Among them, the terminal can also obtain the data sent by multiple sensors set inside itself. If the data sent by multiple sensors is obtained, it will perform subsequent processing on each data, or send each data to a non-terminal device such as a server. , and non-terminal devices such as servers perform subsequent processing on each data. In the embodiment of the present application, it is equivalent to collecting source data through each sensor.

S102：通过哈希运算对所述数据进行处理，生成对应的随机数。S102: Process the data through a hash operation to generate a corresponding random number.

在接收到终端中设置的任一传感器发送的数据后，电子设备可以采用哈希运算对接收到的数据进行处理，生成该数据对应的随机数。具体可采用SM3国密哈希算法对数据进行处理。其中，在本申请实施例中，电子设备可以对接收到的数据进行多次哈希运算。在本申请实施例中，通过哈希运算生成的随机数的长度为256比特(binary digit，bit)。After receiving the data sent by any sensor set in the terminal, the electronic device may process the received data by using a hash operation to generate a random number corresponding to the data. Specifically, the SM3 national secret hash algorithm can be used to process the data. Wherein, in the embodiment of the present application, the electronic device may perform multiple hash operations on the received data. In the embodiment of the present application, the length of the random number generated through the hash operation is 256 bits (binary digit, bit).

值得说明的是，哈希运算具有强抗碰撞性，能够对输入的传感器的数据进行充分混淆，生成的随机数质量较高，可以符合密钥的高要求，且无需通过硬件方式生成。It is worth noting that the hash operation has strong anti-collision, can fully confuse the input sensor data, and the generated random numbers are of high quality, which can meet the high requirements of the key, and do not need to be generated by hardware.

S103：将所述随机数保存在随机数熵池中，其中，所述随机数熵池中的随机数用于生成密钥。S103: Save the random number in a random number entropy pool, where the random number in the random number entropy pool is used to generate a key.

在本申请实施例中，在生成随机数后，电子设备可以将该随机数保存在随机数熵池中，随机数熵池中保存有多个采用本申请实施例所描述的方式生成的随机数，并且随机数熵池中的随机数用于生成密钥。后续电子设备或其他设备可以基于该随机数熵池中的随机数生成密钥。In the embodiment of the present application, after the random number is generated, the electronic device can save the random number in the random number entropy pool, and the random number entropy pool stores a plurality of random numbers generated by the method described in the embodiment of the present application , and the random numbers in the random number entropy pool are used to generate keys. Subsequent electronic devices or other devices can generate keys based on the random numbers in the random number entropy pool.

值得说明的是，现有技术中为了生成高质量的随机数，通常需要通过硬件方式生成采集的数据对应的随机数，而本申请实施例中采用哈希运算可以生成高质量的随机数，无需通过硬件方式实现。且采用本申请实施例提供的方法所生成的随机数，为符合《GM/T0005-2021随机性检验规范》要求的合格随机数，为用于产生密钥等重要算法的参数。It is worth noting that in the prior art, in order to generate high-quality random numbers, it is usually necessary to generate random numbers corresponding to the collected data through hardware, but in the embodiment of this application, hash operations can be used to generate high-quality random numbers without Realized by hardware. Moreover, the random number generated by the method provided in the embodiment of the present application is a qualified random number that meets the requirements of the "GM/T0005-2021 Randomness Inspection Specification", and is a parameter for important algorithms such as key generation.

现有技术的方式显著降低了所构建系统的移植性、可扩展性和便捷性。伴随移动互联网技术的井喷式发展，本申请实施例中所采用的数据处理方法，在生成随机数时无需硬件方式实现，对于符合随机数标准要求的商密算法具有重要意义。本申请实施例中生成的随机数可用于生成密钥，该密钥可以应用于国密算法中，其中，国密算法已广泛应用于各类信息系统中，可以保护敏感数据安全，使传递的信息具有机密性、完整性、可认证性和不可否认性。The way of the prior art significantly reduces the portability, scalability and convenience of the constructed system. With the explosive development of mobile Internet technology, the data processing method adopted in the embodiment of this application does not need hardware implementation when generating random numbers, which is of great significance for commercial secret algorithms that meet the requirements of random number standards. The random number generated in the embodiment of this application can be used to generate a key, and the key can be applied to the national secret algorithm. Among them, the national secret algorithm has been widely used in various information systems, which can protect the security of sensitive data and make the transmission Information has confidentiality, integrity, authenticity and non-repudiation.

由于在本申请实施例中，电子设备通过哈希运算对接收到的数据进行处理，生成对应的随机数，由于哈希运算具有强抗碰撞性，采用哈希运算处理后的随机数质量较高，因此可以生成符合要求的高质量随机数，并且本申请实施例中的数据为终端中设置的任一传感器发送的数据，而传感器采集的数据来自物理随机事件，属于真随机数据源，通过对传感器发送的数据进行处理，可以进一步提高生成的随机数的质量，且本申请实施例无需通过硬件方式生成随机数，基于该随机数生成密钥，可以提高密钥生成方法的适用范围。Since in the embodiment of the present application, the electronic device processes the received data through a hash operation to generate a corresponding random number, since the hash operation has strong anti-collision property, the quality of the random number processed by the hash operation is relatively high , so high-quality random numbers that meet the requirements can be generated, and the data in the embodiment of the application is the data sent by any sensor set in the terminal, and the data collected by the sensor comes from a physical random event, which belongs to a true random data source. Processing the data sent by the sensor can further improve the quality of the generated random number, and the embodiment of the present application does not need to generate a random number through hardware, and generating a key based on the random number can improve the scope of application of the key generation method.

实施例2：Example 2:

为了生成符合要求的随机数，在上述实施例的基础上，在本申请实施例中，接收终端中设置的任一传感器发送的数据之后，所述通过哈希运算对所述数据进行处理之前，所述方法还包括：In order to generate a random number that meets the requirements, on the basis of the above-mentioned embodiments, in the embodiment of the present application, after receiving the data sent by any sensor set in the terminal, before processing the data through the hash operation, The method also includes:

由于在实际应用场景中，传感器采集的数据具有较强时间相关性，同一传感器连续发送的数据可能较为接近。为保证生成的随机数的质量，电子设备在接收到连接的任一传感器发送的数据后，可以先对该数据与该传感器发送的上一个数据之间的相关度进行计算，若该数据与该传感器发送的上一个数据之间的相关度较低，则说明该数据对应的随机数较为随机，则确定生成该数据对应的随机数。Since in practical application scenarios, the data collected by sensors has a strong time correlation, the data sent continuously by the same sensor may be relatively close. In order to ensure the quality of the generated random numbers, after receiving the data sent by any connected sensor, the electronic device can first calculate the correlation between the data and the previous data sent by the sensor. If the correlation between the previous data sent by the sensors is low, it means that the random number corresponding to the data is relatively random, and it is determined to generate the random number corresponding to the data.

在本申请实施例中，电子设备在接收到终端中设置的每个传感器中的任意一个传感器发送的数据之后，可以获取发送该数据的传感器发送的该数据的上一个数据，具体的，若电子设备为终端，则终端可以根据获取到的每个传感器发送的每个数据的时间，确定发送该数据的传感器发送的该数据的上一个数据；若电子设备为服务器等非终端的设备，则终端在获取到任一传感器发送的数据后，将该传感器对应的标识及该数据发送至服务器等非终端的设备，服务器等非终端的设备可以根据接收到每个数据的时间及对应的传感器的标识，确定发送该数据的传感器发送的该数据的上一个数据。In this embodiment of the application, after the electronic device receives the data sent by any one of the sensors set in the terminal, it can obtain the previous data sent by the sensor that sent the data. Specifically, if the electronic device If the device is a terminal, the terminal can determine the last data sent by the sensor that sent the data according to the acquired time of each data sent by each sensor; if the electronic device is a non-terminal device such as a server, the terminal After obtaining the data sent by any sensor, send the corresponding identification of the sensor and the data to the server and other non-terminal devices. , to determine the previous data sent by the sensor that sent the data.

由于同一传感器发送的数据的位数相同，例如某一传感器发送的数据均为32bit的数据，因此在确定上一个数据之后，电子设备可以根据该数据每一位的数值，和上一个数据每一位的数值，确定该数据与上一个数据的相关度，具体的，电子设备可以确定该数据每一位的数值，和上一个数据对应位的数值相同的数量，并确定该数量与该数据的位数的比值为该数据与上一个数据的相关度。例如，该数据每一位的数值与上一个数据对应位的数值相同的数量为31，该数据的位数为32，则确定相关度为31/32。Since the number of bits of data sent by the same sensor is the same, for example, the data sent by a certain sensor are all 32-bit data, so after the last data is determined, the electronic device can compare the value of each bit of the data with the previous data. The value of the bit determines the correlation between the data and the previous data. Specifically, the electronic device can determine the value of each bit of the data, which is the same as the value of the corresponding bit of the previous data, and determine that the number is the same as the value of the data. The ratio of digits is the degree of correlation between the data and the previous data. For example, if the value of each bit of the data is the same as that of the corresponding bit of the previous data is 31, and the number of bits of the data is 32, then the correlation degree is determined to be 31/32.

电子设备在确定该上一个数据与该数据的相关度后，可以判断该相关度是否大于预设相关度，其中，该预设相关度可以为15/16，若该相关度不大于预设相关度，则说明该数据与该上一个数据较为接近，该数据与该上一个数据具有较强的相关性，若根据该数据生成对应的随机数则该对应的随机数不够随机，因此确定该数据无效电子设备可以删除该数据，无需执行后续通过哈希运算对该数据进行处理的步骤；若该相关度大于预设相关度，则说明该数据与上一个数据相差较大，若根据该数据生成对应的随机数则该对应的随机数较为随机，因此电子设备可以针对该数据，执行后续通过哈希运算对该数据进行处理的步骤。After determining the correlation between the previous data and the data, the electronic device can judge whether the correlation is greater than the preset correlation, wherein the preset correlation can be 15/16, if the correlation is not greater than the preset correlation degree, it means that the data is relatively close to the previous data, and the data has a strong correlation with the previous data. If the corresponding random number is generated according to the data, the corresponding random number is not random enough, so it is determined that the data Invalid electronic devices can delete the data without performing subsequent steps of processing the data through hash operations; if the correlation degree is greater than the preset correlation degree, it means that the data is quite different from the previous data The corresponding random number is relatively random, so the electronic device can perform subsequent steps of processing the data through a hash operation for the data.

由于在本申请实施例中，电子设备在同一传感器发送的相邻的数据相差较大时，对接收到的数据进行处理生成对应的随机数，并将生成的随机数加入随机数熵池中，从而使得随机数熵池中的随机数较为随机，可以准确地基于随机数熵池中的随机数生成对应的密钥。Since in the embodiment of the present application, when the adjacent data sent by the same sensor differ greatly, the electronic device processes the received data to generate a corresponding random number, and adds the generated random number to the random number entropy pool, Therefore, the random numbers in the random number entropy pool are relatively random, and the corresponding key can be accurately generated based on the random numbers in the random number entropy pool.

图2为本申请实施例提供的一种生成随机数的过程示意图。FIG. 2 is a schematic diagram of a process of generating random numbers provided by an embodiment of the present application.

由图2可知，电子设备可以接收终端中设置的任一传感器发送的数据，其中，终端中设置的传感器包括加速度传感器、陀螺仪传感器、磁场传感器等，电子设备在接收到任一传感器发送的数据之后，判断该数据是否无效，具体若发送该数据的传感器发送的该数据的上一个数据与该数据的差值在预设范围内，则确定该数据无效，并删除无效数据，若该数据有效，则电子设备对该数据进行哈希运算，生成该数据对应的随机数，并将该随机数加入随机数熵池中。It can be seen from Figure 2 that the electronic device can receive data sent by any sensor set in the terminal, wherein the sensors set in the terminal include an acceleration sensor, a gyroscope sensor, a magnetic field sensor, etc., and the electronic device receives data sent by any sensor Afterwards, it is judged whether the data is invalid. Specifically, if the difference between the previous data sent by the sensor sending the data and the data is within the preset range, the data is determined to be invalid and the invalid data is deleted. If the data is valid , the electronic device performs a hash operation on the data, generates a random number corresponding to the data, and adds the random number to the random number entropy pool.

实施例3：Example 3:

为了准确地生成随机数，在上述各实施例的基础上，在本申请实施例中，所述根据该数据，所述通过哈希运算对所述数据进行处理包括：In order to generate random numbers accurately, on the basis of the above-mentioned embodiments, in the embodiment of the present application, according to the data, processing the data through a hash operation includes:

为了进一步保证生成的随机数的随机性，在本申请实施例中，电子设备可以按照预设的拼接方式，将接收到的数据及接收该数据的时间进行拼接，并基于拼接后的数据生成对应的随机数。具体的，电子设备可以将接收到的数据在前接收该数据的时间在后，实现对数据及接收数据的时间的拼接；也可以将接收数据的时间在前接收到的数据在后，实现对数据及接收数据的时间的拼接。具体如何对接收到的数据及接收该数据的时间进行拼接在此不做限制。In order to further ensure the randomness of the generated random numbers, in the embodiment of the present application, the electronic device can splice the received data and the time of receiving the data according to the preset splicing method, and generate corresponding data based on the spliced data. of random numbers. Specifically, the electronic device can put the received data before the time of receiving the data to realize splicing of the data and the time of receiving the data; it can also put the time of receiving the data before the time of receiving the data to realize splicing The concatenation of the data and the time at which the data was received. How to splice the received data and the time of receiving the data is not limited here.

在获取到拼接后的数据之后，电子设备可以对拼接后的数据进行至少一次哈希运算，生成对应的随机数。值得说明的是，通过哈希运算对数据进行处理可以生成较为随机的数据，具体的在本申请实施例中，电子设备可以对拼接后的数据进行两次哈希运算，获得随机数，将该随机数添加到随机数熵池中，可以将该随机数称为真随机数。After acquiring the spliced data, the electronic device may perform at least one hash operation on the spliced data to generate a corresponding random number. It is worth noting that processing data through a hash operation can generate relatively random data. Specifically, in the embodiment of the present application, the electronic device can perform two hash operations on the spliced data to obtain a random number. The random number is added to the random number entropy pool, which can be called a true random number.

若传感器采集到的数据为512bit的数据，则电子设备可以将512bit的数据与接收该数据的时间拼接，并基于拼接后的数据进行至少一次哈希运算生成256bit的随机数。If the data collected by the sensor is 512-bit data, the electronic device can splice the 512-bit data with the time of receiving the data, and perform at least one hash operation based on the spliced data to generate a 256-bit random number.

实施例4：Example 4:

为了避免资源浪费，在上述各实施例的基础上，在本申请实施例中，所述接收终端中设置的任一传感器发送的数据之后，所述通过哈希运算对所述数据进行处理之前，所述方法还包括：In order to avoid waste of resources, on the basis of the above-mentioned embodiments, in the embodiment of the present application, after receiving the data sent by any sensor set in the terminal, before processing the data through the hash operation, The method also includes:

在本申请实施例中，随机数熵池中可以保存的随机数的数量是有限的，因此在本申请实施例中，电子设备中预先保存有预设数量，其中，该预设数量为随机数熵池中可以保存的随机数的最大数量。电子设备在接收到终端中设置的任一传感器发送的数据之后，可以判断随机数熵池中随机数的数量是否达到该预设数量，若随机数熵池中随机数的数量达到该预设数量，则说明随机数熵池中没有保存新生成的随机数的空间，因此无需执行后续通过哈希运算对所述数据进行处理，生成对应的随机数的步骤；若随机数熵池中随机数的数量未达到该预设数量，则说明随机数熵池中仍有继续保存新生成的随机数的空间，电子设备可以执行后续通过哈希运算对所述数据进行处理，生成对应的随机数的步骤。In the embodiment of the present application, the number of random numbers that can be stored in the random number entropy pool is limited, so in the embodiment of the present application, a preset number is pre-stored in the electronic device, wherein the preset number is a random number The maximum number of random numbers that can be kept in the entropy pool. After the electronic device receives the data sent by any sensor set in the terminal, it can judge whether the number of random numbers in the random number entropy pool reaches the preset number, if the number of random numbers in the random number entropy pool reaches the preset number , it means that there is no space for storing newly generated random numbers in the random number entropy pool, so there is no need to perform subsequent steps of processing the data through hash operations to generate corresponding random numbers; if the random number in the random number entropy pool If the number does not reach the preset number, it means that there is still space to continue to store newly generated random numbers in the random number entropy pool, and the electronic device can perform subsequent steps of processing the data through hash operations to generate corresponding random numbers .

在本申请实施例中，随机数熵池中可以保存的随机数的总的最大长度是固定的，该最大长度可以为8192bit，哈希运算后的随机数的长度为固定的，为256bit，因此该预设数量可以为32，即为8192bit/256bit。In the embodiment of the present application, the total maximum length of the random numbers that can be stored in the random number entropy pool is fixed, and the maximum length can be 8192 bits, and the length of the random numbers after the hash operation is fixed, which is 256 bits, so The preset number can be 32, that is, 8192bit/256bit.

实施例5：Example 5:

为了生成密钥，在上述各实施例的基础上，在本申请实施例中，所述方法还包括：In order to generate a key, on the basis of the above-mentioned embodiments, in the embodiment of this application, the method further includes:

接收生成密钥的请求；receive a request to generate a key;

当用户有生成密钥的需求时，用户可以操作自身使用的终端，用户所使用的终端可以识别用户操作，从而终端可以接收到生成密钥的请求。若电子设备为服务器，则终端可以将生成密钥的请求发送至服务器，服务器即可接收到生成密钥的请求。在该步骤中，用户在有生成密钥的需求时，用户可以在自身使用的终端中的预设页面点击预设按钮，例如“生成按钮”，终端即可接收到生成密钥的请求。When the user needs to generate a key, the user can operate the terminal used by the user, and the terminal used by the user can recognize the user operation, so that the terminal can receive the request to generate the key. If the electronic device is a server, the terminal can send a request for generating a key to the server, and the server can receive the request for generating a key. In this step, when the user needs to generate a key, the user can click a preset button, such as "generate button", on a preset page in the terminal used by the user, and the terminal can receive the request for generating a key.

为了生成密钥，随机数熵池中保存有多个随机数，电子设备在接收到生成密钥的请求后，可以在该随机数熵池中获取一个随机数，该随机数即为目标随机数。其中，随机数熵池中的随机数可以是随机排列的，电子设备在获取目标随机数时，电子设备可以在随机数熵池中随机获取一个随机数。其中，随机数熵池中的随机数较为随机，且随机数熵池中的随机数为满足密钥对于随机数质量的高要求的随机数。In order to generate a key, multiple random numbers are stored in the random number entropy pool. After the electronic device receives a request to generate a key, it can obtain a random number in the random number entropy pool, which is the target random number. . Wherein, the random numbers in the random number entropy pool may be randomly arranged, and when the electronic device obtains a target random number, the electronic device may randomly obtain a random number in the random number entropy pool. Wherein, the random numbers in the random number entropy pool are relatively random, and the random numbers in the random number entropy pool are random numbers that meet the key's high requirement for random number quality.

在获取到目标随机数之后，电子设备可以根据该目标随机数及预先配置的生成算法，生成对应的密钥。其中，在已知随机数及生成算法的情况下，如何生成对应的密钥为现有技术，在此不再赘述。After obtaining the target random number, the electronic device can generate a corresponding key according to the target random number and a pre-configured generation algorithm. Wherein, in the case of known random numbers and generation algorithms, how to generate corresponding keys is a prior art, and will not be repeated here.

其中，本申请实施例在生成密钥后，可以根据该密钥执行商密算法，商密算法包括SM2签名验签、SM2加密解密、SM3摘要、SM4对称加解密算法等，具体电子设备可以利用精简后的国密算法库软件(openssl)运算库，采用C或C++语言实现一种软件形式的商密算法。Among them, in the embodiment of the present application, after the key is generated, the commercial secret algorithm can be executed according to the key. The commercial secret algorithm includes SM2 signature verification, SM2 encryption and decryption, SM3 abstract, SM4 symmetric encryption and decryption algorithm, etc. The specific electronic equipment can use The streamlined National Secret Algorithm Library software (openssl) operation library uses C or C++ language to implement a commercial secret algorithm in the form of software.

实施例6：Embodiment 6:

为了准确地生成密钥，在上述实施例的基础上，在本申请实施例中，所述获取任一目标随机数之后，所述根据所述目标随机数及预先配置的生成算法，生成对应的密钥之前，所述方法还包括：In order to accurately generate keys, on the basis of the above embodiments, in the embodiments of this application, after acquiring any target random number, generate the corresponding key according to the target random number and a pre-configured generation algorithm. Before the key, the method also includes:

由于在实际应用场景中，在生成不同类型的密钥时，所需的随机数的长度可能不同，因此在本申请实施例中，电子设备在获取到目标随机数后，可以在目标随机数中获取当前所需长度的子随机数，根据该子随机数生成对应的密钥。Since in actual application scenarios, when different types of keys are generated, the required lengths of random numbers may be different. Therefore, in the embodiment of this application, after the electronic device obtains the target random number, it can Obtain the sub-random number of the current required length, and generate the corresponding key according to the sub-random number.

在本申请实施例中，电子设备中预先配置有目标长度，该目标长度即为电子设备生成密钥时所需的随机数的长度，其中，该目标长度不超过随机数熵池中任一随时数的长度，为了生成对应的密钥，电子设备在获取到目标随机数之后，可以获取预先配置的目标长度，并在获取到的目标随机数中，获取该目标长度的子随机数。本申请实施例中，电子设备可以在目标随机数中获取目标长度的子随机数，相当于可以根据实际应用需求获取相应长度的子随机数。In this embodiment of the present application, the electronic device is pre-configured with a target length, which is the length of the random number required by the electronic device to generate a key, wherein the target length does not exceed any random number in the random number entropy pool. The length of the number, in order to generate the corresponding key, after the electronic device obtains the target random number, it can obtain a pre-configured target length, and obtain a sub-random number of the target length from the obtained target random number. In the embodiment of the present application, the electronic device can obtain a sub-random number of a target length from the target random number, which is equivalent to obtaining a sub-random number of a corresponding length according to actual application requirements.

其中，电子设备可以获取目标随机数中预设长度之后该目标长度的子随机数，或者在该目标随机数中任意获取该目标长度的子随机数，值得说明的是，子随机数的长度等于目标长度，例如电子设备可以获取目标随机数10bit之后目标长度的子随机数，其中，该预设长度可以为10比特(binary digit，bit)、20bit等。Among them, the electronic device can obtain a sub-random number of the target length after the preset length in the target random number, or arbitrarily obtain a sub-random number of the target length in the target random number. It is worth noting that the length of the sub-random number is equal to The target length, for example, the electronic device may obtain a sub-random number of the target length after the target random number 10 bits, wherein the preset length may be 10 bits (binary digit, bit), 20 bits, and so on.

例如，目标随机数的长度为256bit，预先配置的目标长度为10bit，且预设长度为10bit，则电子设备可以获取目标随机数中第11bit到第20bit的子随机数。For example, if the length of the target random number is 256 bits, the pre-configured target length is 10 bits, and the preset length is 10 bits, then the electronic device can obtain sub-random numbers from the 11th bit to the 20th bit in the target random number.

在获取到子随机数后，电子设备可以采用该子随机数对目标随机数进行更新，并根据更新后的目标随机数及预先配置的生成算法，生成对应的密钥。After obtaining the sub-random number, the electronic device can use the sub-random number to update the target random number, and generate a corresponding key according to the updated target random number and a pre-configured generation algorithm.

由于在本申请实施例中，电子设备在获取到目标随机数后，根据目标随机数获取预先配置的目标长度的子随机数，并根据该子随机数及预先配置的生成算法生成对应的密钥，从而可以满足密钥的生成需求，准确地生成对应的密钥。Because in the embodiment of the present application, after the electronic device obtains the target random number, it obtains the sub-random number of the pre-configured target length according to the target random number, and generates the corresponding key according to the sub-random number and the pre-configured generation algorithm , so that the key generation requirements can be met, and the corresponding key can be accurately generated.

在本申请实施例中，在生成密钥后，密钥应用于国密算法中。业务人员针对国密算法中涉及的椭圆曲线、大数运算等操作，可以引入openssl库中的大数运算、椭圆曲线、高级加密函数(high-level cryptographic functions，EVP)封装、乘积累加(MultiplyAccumulate,MAC)运算等文件，并根据《GM/T 0002SM4分组算法》、《GM/T 0003SM2椭圆曲线公钥国密算法》、《GM/T 0004SM3密码杂凑算法》等国密算法标准，基于软件开发人员的编程工具(Visual Studio2022，VS2022)设计高效的国密算法。根据功能划分，包括SM2签名验签、SM2加密解密、SM4加密解密、SM3摘要生成等，能够提供国密算法的精简软件算法。其中，采用精简的openssl运算库，可以提高电子设备的运行效率和资源利用率。In this embodiment of the application, after the key is generated, the key is applied to the National Secret Algorithm. Business personnel can introduce large number operations, elliptic curves, high-level cryptographic functions (high-level cryptographic functions, EVP) encapsulation, MultiplyAccumulate (MultiplyAccumulate, MAC) operation and other documents, and according to national secret algorithm standards such as "GM/T 0002SM4 Grouping Algorithm", "GM/T 0003SM2 Elliptic Curve Public Key National Secret Algorithm", "GM/T 0004SM3 Cryptographic Hash Algorithm", based on software developers Advanced programming tools (Visual Studio2022, VS2022) to design efficient national secret algorithms. According to the division of functions, including SM2 signature verification, SM2 encryption and decryption, SM4 encryption and decryption, SM3 digest generation, etc., it can provide simplified software algorithms for national secret algorithms. Among them, the use of a streamlined openssl computing library can improve the operating efficiency and resource utilization of electronic equipment.

实施例7：Embodiment 7:

为了提高密钥的安全性，在上述各实施例的基础上，在本申请实施例中，所述请求中携带待生成的密钥的密钥标识；所述方法还包括：In order to improve the security of the key, on the basis of the above-mentioned embodiments, in the embodiment of the present application, the request carries the key identifier of the key to be generated; the method further includes:

按照所述每个预设像素点对应的预设排序方式，依次根据所述数据中对应位对应的数值调整每个预设像素点的像素值；保存像素值调整后的图像与所述密钥标识的对应关系。According to the preset sorting method corresponding to each preset pixel point, adjust the pixel value of each preset pixel point in turn according to the value corresponding to the corresponding bit in the data; save the image after pixel value adjustment and the key ID correspondence.

在本申请实施例中，在生成密钥之后，若直接将密钥保存在电子设备中，则该密钥的安全性较低，为了提高密钥的安全性，电子设备可以将图像中某些像素点的像素值调整为密钥对应的像素值，从而将密钥隐写在图像中，提高密钥的安全性。In the embodiment of this application, after the key is generated, if the key is directly stored in the electronic device, the security of the key is low. In order to improve the security of the key, the electronic device can store some The pixel value of the pixel point is adjusted to the pixel value corresponding to the key, so that the key is steganographically written in the image and the security of the key is improved.

在本申请实施例中，电子设备中预先保存有图像，电子设备在生成密钥之后，可以获取预先保存的图像中每个预设像素点的像素值，其中，该每个预设像素点可以为图像左下角(此处所提及的上下左右为图中的上下左右)处的预设数量个像素点，并获取生成的密钥对应的预设进制的数据，其中，该预设进制可以为二进制、四进制等，其中，该预设像素点的数量，与密钥对应的预设进制的数据的位数相同。In this embodiment of the present application, the electronic device has an image pre-stored, and after the electronic device generates a key, it can obtain the pixel value of each preset pixel in the pre-saved image, wherein each preset pixel can be is the preset number of pixels at the lower left corner of the image (the up, down, left, and right mentioned here are the up, down, left, and right in the figure), and obtain the preset binary data corresponding to the generated key, where the preset is The system can be binary, quaternary, etc., wherein the number of preset pixels is the same as the number of digits of data in the preset system corresponding to the key.

电子设备可以将该每个预设像素点的像素值调整为，上述所描述的数据对应位的数值，具体的，电子设备可以按照该每个预设像素点对应的预设排序方式，依次将该每个预设像素点的像素值调整为数据中对应位的数值。The electronic device can adjust the pixel value of each preset pixel point to the value of the corresponding bit of the data described above. Specifically, the electronic device can sequentially convert The pixel value of each preset pixel point is adjusted to the value of the corresponding bit in the data.

在本申请实施例中，电子设备也可以根据该每个预设像素点的像素值，及数据对应位的数值，确定调整后的像素值。为了使得图像中像素值被调整的幅度较小，电子设备可以将该每个预设像素点的像素值中最低有效位(the least significant bit，LSB)的值，调整为该数据中对应位的数值，例如对应位的数值为0，该预设像素点的像素值为255，该像素值中最低有效位的值为5，则电子设备可以将该像素值调整为250。具体如何获取某一像素值LSB的值为现有技术，在此不再赘述。In the embodiment of the present application, the electronic device may also determine the adjusted pixel value according to the pixel value of each preset pixel point and the value of the corresponding bit of the data. In order to make the adjustment of the pixel value in the image smaller, the electronic device can adjust the value of the least significant bit (the least significant bit, LSB) of the pixel value of each preset pixel point to the value of the corresponding bit in the data. For example, if the value of the corresponding bit is 0, the pixel value of the preset pixel point is 255, and the value of the least significant bit in the pixel value is 5, then the electronic device can adjust the pixel value to 250. How to obtain the value of the LSB of a certain pixel value in the prior art will not be repeated here.

其中，电子设备接收到的生成密钥的请求中携带有待生成的密钥的密钥标识，在此步骤中，在将密钥隐写到图像之后，即对该图像的像素值调整之后，可以保存像素值调整后的图像与该请求中携带的密钥标识的对应关系，便于获取密钥时，获取对应的图像。具体的，用户在有生成密钥的需求时，可以在自身使用的终端的预设页面选择密钥标识，并点击预设按钮，终端即可接收到生成密钥的请求，并且该生成密钥的请求中携带有待生成的密钥的密钥标识。若电子设备为服务器，则终端可以将该携带有待生成的密钥的密钥标识的生成密钥的请求发送至电子设备。Wherein, the key generation request received by the electronic device carries the key identification of the key to be generated. In this step, after the key is steganographically written into the image, that is, after the pixel value of the image is adjusted, the The corresponding relationship between the image after pixel value adjustment and the key identifier carried in the request is saved, so as to obtain the corresponding image when obtaining the key. Specifically, when a user needs to generate a key, he can select the key ID on the preset page of the terminal he uses, and click the preset button, the terminal can receive the request for generating a key, and the generated key The request carries the key ID of the key to be generated. If the electronic device is a server, the terminal may send the key generation request carrying the key identifier of the key to be generated to the electronic device.

在本申请实施例中，为了将密钥隐写在图像中，电子设备可以判断保存的图像是否为位图(Bitmap，BMP)格式的图像，若保存的图像并非BMP格式的图像，则将图像转换为BMP格式的图像，并基于转换格式后的图像中每个预设像素点的像素值进行上述所描述的调整。In the embodiment of the present application, in order to steganographically hide the key in the image, the electronic device can determine whether the saved image is an image in bitmap (Bitmap, BMP) format, and if the saved image is not an image in BMP format, the image Convert to an image in BMP format, and perform the adjustment described above based on the pixel value of each preset pixel in the converted image.

由于在本申请实施例中，电子设备将密钥隐写在预先保存的图像中，从而可以保证密钥的安全性，实现对密钥的安全存储。其中，该预先保存的图像可以为访问权限最高的图像，也就是说电子设备可以将密钥隐写在访问权限最高的图像中，能有效防止敌手的窃听攻击，避免其他进程接触到敏感数据即本申请实施例所提及的密钥，从而保证密钥的安全性。其中，该密钥可以为国密算法中的对称密钥、公钥对中的私钥等敏感信息。In the embodiment of the present application, the electronic device steganographically stores the key in the pre-saved image, thereby ensuring the security of the key and realizing safe storage of the key. Wherein, the pre-saved image can be the image with the highest access authority, that is to say, the electronic device can hide the key in the image with the highest access authority, which can effectively prevent the eavesdropping attack of the opponent and prevent other processes from accessing sensitive data. The key mentioned in the embodiment of this application, so as to ensure the security of the key. Wherein, the key may be sensitive information such as a symmetric key in a national secret algorithm, a private key in a public key pair, etc.

图3为本申请实施例提供的一种密钥隐写的过程示意图。FIG. 3 is a schematic diagram of a key steganography process provided by an embodiment of the present application.

电子设备可以先获取本地保存的图像，判断该图像是否为BMP格式的图像，若该图像并非BMP格式的图像，则将该图像转换为BMP格式的图像。并针对BMP格式的图像，获取该图像中每个预设像素点的像素值，获取密钥对应的预设进制的数据，按照每个预设像素点对应的预设排序方式，依次将每个预设像素点的像素值调整为获取到的数据中对应位对应的数值。并保存调整像素值之后的图像。The electronic device may first acquire a locally stored image, determine whether the image is an image in BMP format, and if the image is not in BMP format, convert the image into an image in BMP format. And for the image in BMP format, obtain the pixel value of each preset pixel in the image, obtain the data of the preset binary system corresponding to the key, and sequentially sort each preset pixel according to the preset sorting method corresponding to each preset pixel. The pixel values of preset pixel points are adjusted to the values corresponding to the corresponding bits in the acquired data. And save the image after adjusting the pixel value.

在本申请实施例中，openssl运算库用于实现具体的国密算法，其中所需的密钥通过隐写算法嵌入到预定的图像中，并可以利用密码库加密存储，从而解决了密钥安全的问题。In the embodiment of this application, the openssl operation library is used to implement a specific national secret algorithm, in which the required key is embedded into a predetermined image through a steganographic algorithm, and can be encrypted and stored using a cryptographic library, thereby solving the problem of key security The problem.

实施例8：Embodiment 8:

为了获取对应的密钥，在上述各实施例的基础上，在本申请实施例中，所述方法还包括：In order to obtain the corresponding key, on the basis of the above-mentioned embodiments, in the embodiment of this application, the method further includes:

在该步骤中，终端可以识别用户的操作，从而确定接收到携带目标密钥标识的密钥获取请求，若电子设备为服务器，则终端可以将密钥获取请求发送至电子设备。具体的，当用户有获取密钥的请求时，用户可以通过自身使用的终端的预设页面选择目标密钥标识，并点击预设按钮，例如“获取按钮”，此时终端即可接收到携带目标密钥标识的密钥获取请求，若电子设备为服务器，则终端可以将携带目标密钥标识的密钥获取请求发送至服务器，服务器即可接收到携带目标密钥标识的密钥获取请求。In this step, the terminal can identify the user's operation to determine that the key acquisition request carrying the target key identifier has been received, and if the electronic device is a server, the terminal can send the key acquisition request to the electronic device. Specifically, when the user has a request to obtain the key, the user can select the target key identifier through the preset page of the terminal used by the user, and click the preset button, such as "acquire button", at this time the terminal can receive the portable key. For the key acquisition request of the target key identifier, if the electronic device is a server, the terminal can send the key acquisition request carrying the target key identifier to the server, and the server can receive the key acquisition request carrying the target key identifier.

为了获取目标密钥，电子设备在接收到携带目标密钥标识的密钥获取请求之后，可以根据预先保存的密钥标识与图像的对应关系，确定该目标密钥标识对应的目标图像，该目标图像即为隐写该目标密钥标识对应的目标密钥的图像，电子设备可以基于该目标图像中像素点的像素值确定对应的目标密钥。电子设备可以获取该目标图像中每个预设像素点的像素值，并在获取到该每个预设像素点的像素值之后，可以按照每个预设像素点对应的预设排序方式，将该每个预设像素点的像素值对应的数值对应排序，电子设备可以获取排序后组成的数值，并将该数值作为待获取的目标密钥标识对应进制的目标数值。In order to obtain the target key, after the electronic device receives the key acquisition request carrying the target key ID, it can determine the target image corresponding to the target key ID according to the pre-stored correspondence between the key ID and the image. The image is the image that steganographically identifies the target key corresponding to the target key, and the electronic device can determine the corresponding target key based on the pixel values of the pixel points in the target image. The electronic device can acquire the pixel value of each preset pixel in the target image, and after acquiring the pixel value of each preset pixel, can sort the The numerical values corresponding to the pixel values of each preset pixel point are sorted accordingly, and the electronic device can obtain the numerical values formed after sorting, and use the numerical values as the target numerical values corresponding to the binary system of the target key to be obtained.

在上述实施例中，若在将密钥隐写到图像中时，是将每个预设像素点的像素值，调整为获取到的预设进制的数据中对应位的数值，则针对每个预设像素点，该预设像素点的像素值对应的数值，即为该预设像素点的像素值；若在将密钥隐写到图像中时，是将每个预设像素点的像素值中LSB的值，调整为获取到的预设进制的数据中对应位的数值，则针对每个预设像素点，该预设像素点的像素值对应的数值，即为该预设像素点的像素值中LSB的值，电子设备在此步骤中，在生成密钥时，可以获取该每个预设像素点的像素值中LSB的值，并按照每个预设像素点对应的预设排序方式，将该每个预设像素点的像素值中LSB的值对应排序，电子设备可以获取排序后组成的数值，并将该数值作为待获取的目标密钥标识对应进制的目标数值。In the above-mentioned embodiment, if the pixel value of each preset pixel is adjusted to the value of the corresponding bit in the obtained preset data when the key is steganographically written into the image, then for each preset pixel, the value corresponding to the pixel value of the preset pixel is the pixel value of the preset pixel; if the key is steganographically written into the image, the value of each preset pixel is The value of LSB in the pixel value is adjusted to the value of the corresponding bit in the obtained preset data, then for each preset pixel, the value corresponding to the pixel value of the preset pixel is the preset The value of the LSB in the pixel value of the pixel. In this step, when the electronic device generates the key, the value of the LSB in the pixel value of each preset pixel can be obtained, and according to the value corresponding to each preset pixel The preset sorting method is to sort the LSB value of the pixel value of each preset pixel point correspondingly, and the electronic device can obtain the value composed after sorting, and use this value as the target key to be obtained to identify the target of the corresponding base value.

其中，在本申请实施例中，若在将密钥隐写到图像中时，是将十进制转换为二进制，则在此步骤中，电子设备在获取到该数值后，将该数值进行二进制到十进制的转换，转换后的数值即为目标密钥标识对应的密钥。Among them, in the embodiment of the present application, if the key is converted from decimal to binary when the key is steganographically written into the image, then in this step, after the electronic device obtains the value, convert the value from binary to decimal The converted value is the key corresponding to the target key identifier.

图4为本申请实施例提供的一种获取目标密钥的过程示意图。FIG. 4 is a schematic diagram of a process for obtaining a target key provided by an embodiment of the present application.

由图4可知，电子设备在接收到携带目标密钥标识的密钥获取请求后，获取针对该目标密钥标识对应保存的目标图像，若存在对应的目标图像，则获取目标图像中每个预设像素点的像素值，并按照每个预设像素点对应的预设排序方式，将每个预设像素点的像素值对应的数值对应排序，将排序后组成的数值作为待获取的所述目标密钥标识的密钥对应进制的目标数值。从而从目标图像中提取出目标密钥。It can be seen from Fig. 4 that after the electronic device receives the key acquisition request carrying the target key identifier, it acquires the target image correspondingly saved for the target key identifier, and if there is a corresponding target image, it acquires each preset key in the target image. Set the pixel value of the pixel point, and sort the numerical value corresponding to the pixel value of each preset pixel point according to the preset sorting method corresponding to each preset pixel point, and use the sorted numerical value as the to-be-obtained The key identified by the target key corresponds to the target value in base. The target key is thus extracted from the target image.

在本申请实施例中当需要使用目标密钥时，可以利用上述实施例所描述的方式从图像中恢复密钥，确保密钥安全。In the embodiment of this application, when the target key needs to be used, the key can be recovered from the image in the manner described in the above embodiment to ensure key security.

图像中预设像素点可以为业务人员预设的纹理较为复杂、边缘较为明显的区域的像素点，从而使电子设备可以采用上述实施例所描述的隐写方法，将密钥隐写在图像中纹理较为复杂边缘较为明显的区域，充分考虑图像的纹理特性。采用本申请实施例的好处在于：既能保持图像外在呈现出来的图像信息，保留视觉上的完整性，又降低了专用隐写分析算法的分析准确率，具有较强的抗分析能力。The preset pixels in the image can be the pixels in areas with complex textures and obvious edges preset by business personnel, so that the electronic device can use the steganography method described in the above embodiments to steganographically hide the key in the image For areas with more complex textures and more obvious edges, fully consider the texture characteristics of the image. The advantage of adopting the embodiment of the present application is that it can not only keep the image information presented externally of the image, retain the visual integrity, but also reduce the analysis accuracy of the special steganalysis algorithm, and has a strong anti-analysis ability.

图5为本申请实施例提供的一种密钥相关过程的详细示意图。FIG. 5 is a detailed schematic diagram of a key correlation process provided by an embodiment of the present application.

由图5可知，电子设备可以在随机数熵池中获取随机数，基于随机数生成密钥，并可以将密钥隐写在预先保存的图像中，该图像可以为最高访问权限图像，在有应用密钥的需求时，可以在图像中提取密钥。该密钥可以应用于国密算法中，其中，在实现国密算法时可采用openssl运算库进行。It can be seen from Figure 5 that electronic devices can obtain random numbers from the random number entropy pool, generate keys based on random numbers, and steganographically hide the keys in pre-saved images, which can be images with the highest access authority. The key can be extracted in the image when the need for the key is applied. The key can be applied to the national secret algorithm, wherein the openssl computing library can be used to implement the national secret algorithm.

为了准确地生成密钥，在上述各实施例的基础上，在本申请实施例中，所述方法还包括：In order to accurately generate the key, on the basis of the above-mentioned embodiments, in the embodiment of the present application, the method further includes:

将所述目标随机数从随机数熵池中删除。The target random number is deleted from the random number entropy pool.

在本申请实施例中，在根据获取到的目标随机数及预先配置的算法生成密钥后，电子设备可以将该目标随机数从随机数熵池中删除，从而使得随机数熵池中的随机数未被使用过，进一步增加随机数熵池中随机数的随机性。In this embodiment of the application, after the key is generated according to the obtained target random number and the pre-configured algorithm, the electronic device can delete the target random number from the random number entropy pool, so that the random number in the random number entropy pool The number has not been used, further increasing the randomness of the random number in the random number entropy pool.

为进一步提高随机数的生成速率，在本申请实施例中，电子设备中还可以保存有传感器数据池，传感器发送的数据在未被处理前被保存在该传感器数据池中，电子设备可以采用线程并发机制对连接的传感器数据进行处理，生产者进程将每个传感器发生的数据都写入到传感器数据池中，直到传感器数据池满；消费者进程持续消耗传感器数据池中的数据，利用两次哈希运算产生随机数，直到存储随机数的随机数熵池为满。In order to further increase the generation rate of random numbers, in the embodiment of the present application, a sensor data pool may also be stored in the electronic device, and the data sent by the sensor is stored in the sensor data pool before being processed, and the electronic device may use a thread The concurrency mechanism processes the connected sensor data, and the producer process writes the data generated by each sensor into the sensor data pool until the sensor data pool is full; the consumer process continues to consume the data in the sensor data pool, using twice The hash operation generates random numbers until the random number entropy pool where the random numbers are stored is full.

实施例9：Embodiment 9:

图6为本申请实施例提供的一种数据处理装置结构示意图，该装置包括：Fig. 6 is a schematic structural diagram of a data processing device provided in an embodiment of the present application, the device comprising:

接收模块601，用于接收终端中设置的任一传感器发送的数据；A receiving module 601, configured to receive data sent by any sensor set in the terminal;

处理模块602，用于通过哈希运算对所述数据进行处理，生成对应的随机数；A processing module 602, configured to process the data through a hash operation to generate a corresponding random number;

保存模块603，用于将所述随机数保存在随机数熵池中，其中，所述随机数熵池中的随机数用于生成密钥。The saving module 603 is configured to save the random number in a random number entropy pool, wherein the random number in the random number entropy pool is used to generate a key.

在一种可能的实施方式中，所述处理模块602，还用于获取发送所述数据的传感器发送的所述数据的上一个数据；根据所述上一个数据每一位的数值和该数据每一位数值，确定所述上一个数据与所述数据的相关度；判断所述相关度是否大于预设相关度；若否，则执行后续通过哈希运算对所述数据进行处理的步骤。In a possible implementation manner, the processing module 602 is further configured to obtain the last data of the data sent by the sensor sending the data; A one-bit value to determine the degree of correlation between the last data and the data; judge whether the degree of correlation is greater than a preset degree of correlation; if not, execute the subsequent step of processing the data through a hash operation.

在一种可能的实施方式中，所述处理模块602，具体用于按照预设的拼接方式，拼接所述数据与接收所述数据的时间；对拼接后的数据进行至少一次哈希运算。In a possible implementation manner, the processing module 602 is specifically configured to splice the data and the time of receiving the data according to a preset splicing manner; and perform at least one hash operation on the spliced data.

在一种可能的实施方式中，所述处理模块602，还用于判断所述随机数熵池中随机数的数量是否达到预设数量；若否，则执行后续通过哈希运算对所述数据进行处理的步骤。In a possible implementation manner, the processing module 602 is also used to judge whether the number of random numbers in the random number entropy pool reaches a preset number; Steps for processing.

在一种可能的实施方式中，所述处理模块602，还用于接收生成密钥的请求；在所述随机数熵池中，获取任一目标随机数；根据所述目标随机数及预先配置的生成算法，生成对应的密钥。In a possible implementation manner, the processing module 602 is further configured to receive a request for generating a key; obtain any target random number from the random number entropy pool; The generation algorithm to generate the corresponding key.

在一种可能的实施方式中，所述处理模块602，还用于获取预先配置的目标长度；其中，所述目标长度不超过所述随机数熵池中任一随机数的长度；在所述目标随机数中，获取所述目标长度的子随机数；采用所述子随机数对目标随机数进行更新，并针对更新后的目标随机数，执行后续根据所述目标随机数及预先配置的生成算法，生成对应的密钥的步骤。In a possible implementation manner, the processing module 602 is further configured to acquire a pre-configured target length; wherein, the target length does not exceed the length of any random number in the random number entropy pool; In the target random number, obtain a sub-random number of the target length; use the sub-random number to update the target random number, and perform subsequent generation according to the target random number and pre-configuration for the updated target random number Algorithm, the step of generating the corresponding key.

在一种可能的实施方式中，所述处理模块602，还用于获取预先保存的图像中每个预设像素点的像素值；并获取所述密钥对应的预设进制的数据；其中，所述每个预设像素点的数量与所述数据的位数相同；按照所述每个预设像素点对应的预设排序方式，依次根据所述数据中对应位的数值调整每个预设像素点的像素值；保存像素值调整后的图像与所述密钥标识的对应关系；所述请求中携带待生成的密钥的密钥标识。In a possible implementation manner, the processing module 602 is further configured to acquire the pixel value of each preset pixel in the pre-saved image; and acquire the preset binary data corresponding to the key; wherein , the number of each preset pixel is the same as the number of digits of the data; according to the preset sorting method corresponding to each preset pixel, each preset is sequentially adjusted according to the value of the corresponding bit in the data Set the pixel value of the pixel point; save the corresponding relationship between the image after pixel value adjustment and the key identifier; the request carries the key identifier of the key to be generated.

在一种可能的实施方式中，所述处理模块602，还用于若接收到携带目标密钥标识的密钥获取请求，则获取针对所述目标密钥标识对应保存的目标图像；获取所述目标图像中每个预设像素点的像素值；按照所述每个预设像素点对应的预设排序方式，将所述每个预设像素点的像素值对应的数值对应排序，将排序后组成的数值作为待获取的所述目标密钥标识的密钥对应进制的目标数值。In a possible implementation manner, the processing module 602 is further configured to, if a key acquisition request carrying a target key identifier is received, acquire a target image corresponding to the target key identifier; acquire the The pixel value of each preset pixel point in the target image; according to the preset sorting method corresponding to each preset pixel point, the numerical value corresponding to the pixel value of each preset pixel point is correspondingly sorted, and the sorted The composed value is used as the target value in the base corresponding to the key identified by the target key to be obtained.

实施例10：Example 10:

在上述各实施例的基础上，图7为本申请实施例提供的一种电子设备的结构示意图，如图7所示，包括：处理器701、通信接口702、存储器703和通信总线704，其中，处理器701，通信接口702，存储器703通过通信总线704完成相互间的通信。On the basis of the above-mentioned embodiments, FIG. 7 is a schematic structural diagram of an electronic device provided by the embodiment of the present application, as shown in FIG. 7, including: a processor 701, a communication interface 702, a memory 703, and a communication bus 704, wherein , the processor 701 , the communication interface 702 , and the memory 703 communicate with each other through the communication bus 704 .

所述存储器703中存储有计算机程序，当所述程序被所述处理器701执行时，使得所述处理器701执行如下步骤：A computer program is stored in the memory 703, and when the program is executed by the processor 701, the processor 701 is made to perform the following steps:

进一步地，所述处理器701，还用于获取发送所述数据的传感器发送的所述数据的上一个数据；Further, the processor 701 is further configured to acquire the last data of the data sent by the sensor sending the data;

进一步地，所述处理器701，具体用于按照预设的拼接方式，拼接所述数据与接收所述数据的时间；Further, the processor 701 is specifically configured to splice the data and the time of receiving the data according to a preset splicing manner;

进一步地，所述处理器701，还用于判断所述随机数熵池中随机数的数量是否达到预设数量；Further, the processor 701 is further configured to determine whether the number of random numbers in the random number entropy pool reaches a preset number;

进一步地，所述处理器701，还用于接收生成密钥的请求；Further, the processor 701 is also configured to receive a request for generating a key;

进一步地，所述处理器701，还用于获取预先配置的目标长度；其中，所述目标长度不超过所述随机数熵池中任一随机数的长度；Further, the processor 701 is also configured to acquire a pre-configured target length; wherein, the target length does not exceed the length of any random number in the random number entropy pool;

进一步地，所述处理器701，还用于获取预先保存的图像中每个预设像素点的像素值；并获取所述密钥对应的预设进制的数据；其中，所述每个预设像素点的数量与所述数据的位数相同；Further, the processor 701 is also configured to acquire the pixel value of each preset pixel in the pre-saved image; and acquire the preset binary data corresponding to the key; wherein, each preset Assume that the number of pixels is the same as the number of bits of the data;

按照所述每个预设像素点对应的预设排序方式，依次根据所述数据中对应位的数值调整每个预设像素点的像素值；保存像素值调整后的图像与所述密钥标识的对应关系；所述请求中携带待生成的密钥的密钥标识。According to the preset sorting method corresponding to each preset pixel point, adjust the pixel value of each preset pixel point in turn according to the value of the corresponding bit in the data; save the image after pixel value adjustment and the key identification The corresponding relationship; the request carries the key identifier of the key to be generated.

进一步地，所述处理器701，还用于若接收到携带目标密钥标识的密钥获取请求，则获取针对所述目标密钥标识对应保存的目标图像；获取所述目标图像中每个预设像素点的像素值；Further, the processor 701 is further configured to, if a key acquisition request carrying a target key identifier is received, acquire a target image correspondingly stored for the target key identifier; acquire each preset key in the target image Set the pixel value of the pixel point;

上述服务器提到的通信总线可以是外设部件互连标准(Peripheral ComponentInterconnect，PCI)总线或扩展工业标准结构(Extended Industry StandardArchitecture，EISA)总线等。该通信总线可以分为地址总线、数据总线、控制总线等。为便于表示，图中仅用一条粗线表示，但并不表示仅有一根总线或一种类型的总线。The communication bus mentioned in the above server may be a Peripheral Component Interconnect (PCI) bus or an Extended Industry Standard Architecture (Extended Industry Standard Architecture, EISA) bus or the like. The communication bus can be divided into an address bus, a data bus, a control bus, and the like. For ease of representation, only one thick line is used in the figure, but it does not mean that there is only one bus or one type of bus.

通信接口702用于上述电子设备与其他设备之间的通信。The communication interface 702 is used for communication between the above-mentioned electronic devices and other devices.

存储器可以包括随机存取存储器(Random Access Memory，RAM)，也可以包括非易失性存储器(Non-Volatile Memory，NVM)，例如至少一个磁盘存储器。可选地，存储器还可以是至少一个位于远离前述处理器的存储装置。The memory may include a random access memory (Random Access Memory, RAM), and may also include a non-volatile memory (Non-Volatile Memory, NVM), such as at least one disk memory. Optionally, the memory may also be at least one storage device located away from the aforementioned processor.

上述处理器可以是通用处理器，包括中央处理器、网络处理器(NetworkProcessor，NP)等；还可以是数字指令处理器(Digital Signal Processing，DSP)、专用集成电路、现场可编程门陈列或者其他可编程逻辑器件、分立门或者晶体管逻辑器件、分立硬件组件等。Above-mentioned processor can be general-purpose processor, comprises central processing unit, network processor (NetworkProcessor, NP) etc.; Programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc.

实施例11：Example 11:

在上述各实施例的基础上，本申请实施例还提供了一种计算机可读存储介质，所述计算机可读存储介质内存储有可由电子设备执行的计算机程序，当所述程序在所述电子设备上运行时，使得所述电子设备执行时实现如下步骤：On the basis of the above-mentioned embodiments, the embodiment of the present application also provides a computer-readable storage medium, the computer-readable storage medium stores a computer program executable by the electronic device, when the program is stored in the electronic When running on the device, the electronic device implements the following steps when executing:

所述存储器中存储有计算机程序，当所述程序被所述处理器执行时，使得所述处理器执行如下步骤：A computer program is stored in the memory, and when the program is executed by the processor, the processor is made to perform the following steps:

在一种可能的实施方式中，所述接收终端中设置的任一传感器发送的数据之后，所述通过哈希运算对所述数据进行处理之前，所述方法还包括：In a possible implementation manner, after receiving the data sent by any sensor set in the terminal and before processing the data through a hash operation, the method further includes:

在一种可能的实施方式中，所述通过哈希运算对所述数据进行处理包括：In a possible implementation manner, the processing the data through a hash operation includes:

在一种可能的实施方式中，所述方法还包括：In a possible implementation manner, the method also includes:

接收生成密钥的请求；Receive a request to generate a key;

在一种可能的实施方式中，所述获取任一目标随机数之后，所述根据所述目标随机数及预先配置的生成算法，生成对应的密钥之前，所述方法还包括：In a possible implementation manner, after acquiring any target random number and before generating a corresponding key according to the target random number and a pre-configured generation algorithm, the method further includes:

在一种可能的实施方式中，所述请求中携带待生成的密钥的密钥标识；所述方法还包括：In a possible implementation manner, the request carries a key identifier of the key to be generated; the method further includes:

本领域内的技术人员应明白，本申请的实施例可提供为方法、系统、或计算机程序产品。因此，本申请可采用完全硬件实施例、完全软件实施例、或结合软件和硬件方面的实施例的形式。而且，本申请可采用在一个或多个其中包含有计算机可用程序代码的计算机可用存储介质(包括但不限于磁盘存储器、CD-ROM、光学存储器等)上实施的计算机程序产品的形式。Those skilled in the art should understand that the embodiments of the present application may be provided as methods, systems, or computer program products. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) having computer-usable program code embodied therein.

本申请是参照根据本申请的方法、设备(系统)、和计算机程序产品的流程图和/或方框图来描述的。应理解可由计算机程序指令实现流程图和/或方框图中的每一流程和/或方框、以及流程图和/或方框图中的流程和/或方框的结合。可提供这些计算机程序指令到通用计算机、专用计算机、嵌入式处理机或其他可编程数据处理设备的处理器以产生一个机器，使得通过计算机或其他可编程数据处理设备的处理器执行的指令产生用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的装置。The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to the present application. It should be understood that each procedure and/or block in the flowchart and/or block diagram, and a combination of procedures and/or blocks in the flowchart and/or block diagram can be realized by computer program instructions. These computer program instructions may be provided to a general purpose computer, special purpose computer, embedded processor, or processor of other programmable data processing equipment to produce a machine such that the instructions executed by the processor of the computer or other programmable data processing equipment produce a An apparatus for realizing the functions specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram.

这些计算机程序指令也可存储在能引导计算机或其他可编程数据处理设备以特定方式工作的计算机可读存储器中，使得存储在该计算机可读存储器中的指令产生包括指令装置的制造品，该指令装置实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能。These computer program instructions may also be stored in a computer-readable memory capable of directing a computer or other programmable data processing apparatus to operate in a specific manner, such that the instructions stored in the computer-readable memory produce an article of manufacture comprising instruction means, the instructions The device realizes the function specified in one or more procedures of the flowchart and/or one or more blocks of the block diagram.

这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上，使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理，从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions can also be loaded onto a computer or other programmable data processing device, causing a series of operational steps to be performed on the computer or other programmable device to produce a computer-implemented process, thereby The instructions provide steps for implementing the functions specified in the flow chart or blocks of the flowchart and/or the block or blocks of the block diagrams.

显然，本领域的技术人员可以对本申请进行各种改动和变型而不脱离本申请的精神和范围。这样，倘若本申请的这些修改和变型属于本申请权利要求及其等同技术的范围之内，则本申请也意图包含这些改动和变型在内。Obviously, those skilled in the art can make various changes and modifications to the application without departing from the spirit and scope of the application. In this way, if these modifications and variations of the present application fall within the scope of the claims of the present application and their equivalent technologies, the present application is also intended to include these modifications and variations.

Claims

1. A data processing method, characterized in that the method comprises:

Receive data sent by any sensor set in the terminal;

Processing the data through a hash operation to generate a corresponding random number;

The random number is stored in a random number entropy pool, wherein the random number in the random number entropy pool is used to generate a key.

2. The method according to claim 1, characterized in that, after the data sent by any sensor provided in the receiving terminal, before the data is processed by the hash operation, the method further comprises:

Acquiring previous data of the data sent by the sensor sending the data;

According to the value of each bit of the last data and the value of each bit of the data, determine the correlation between the last data and the data;

judging whether the correlation degree is greater than a preset correlation degree;

If not, perform subsequent steps of processing the data through a hash operation.

3. The method according to claim 1, wherein said processing said data through a hash operation comprises:

According to the preset splicing mode, splicing the data and the time of receiving the data;

Perform at least one hash operation on the spliced data.

4. The method according to claim 1, characterized in that, after the data sent by any sensor provided in the receiving terminal, before the data is processed by hash operation, the method further comprises:

judging whether the number of random numbers in the random number entropy pool reaches a preset number;

5. The method according to any one of claims 1-4, characterized in that the method further comprises:

Receive a request to generate a key;

In the random number entropy pool, any target random number is obtained;

Generate a corresponding key according to the target random number and a pre-configured generation algorithm.

6. The method according to claim 5, characterized in that, after the acquisition of any target random number, before generating a corresponding key according to the target random number and a pre-configured generation algorithm, the method Also includes:

Obtain a pre-configured target length; wherein, the target length does not exceed the length of any random number in the random number entropy pool;

In the target random number, obtain a sub-random number of the target length; use the sub-random number to update the target random number, and for the updated target random number, perform subsequent The configured generation algorithm, the step of generating the corresponding key.

7. The method according to claim 5, wherein the request carries the key identifier of the key to be generated; the method further comprises:

Obtain the pixel value of each preset pixel point in the pre-saved image; and obtain the preset binary data corresponding to the key; wherein, the number of each preset pixel point is the same as the number of digits of the data same;

According to the preset sorting method corresponding to each preset pixel point, adjust the pixel value of each preset pixel point in turn according to the value of the corresponding bit in the data; save the image after pixel value adjustment and the key identification corresponding relationship.

8. The method according to claim 7, further comprising:

If a key acquisition request carrying a target key identifier is received, then acquire a target image corresponding to the target key identifier; acquire the pixel value of each preset pixel in the target image;

According to the preset sorting method corresponding to each preset pixel point, the numerical values corresponding to the pixel values of each preset pixel point are correspondingly sorted, and the sorted numerical values are used as the target key identifier to be obtained The key corresponds to the target value in base.

9. A data processing device, characterized in that the device comprises:

A receiving module, configured to receive data sent by any sensor set in the terminal;

A processing module, configured to process the data through a hash operation to generate a corresponding random number;

A saving module, configured to save the random number in a random number entropy pool, wherein the random number in the random number entropy pool is used to generate a key.

10. An electronic device comprising a memory, a processor, and a computer program stored on the memory and operable on the processor, wherein the processor according to claim 1 is implemented when executing the program. - the step of the data processing method described in any one of 8.

11. A computer-readable storage medium, on which a computer program is stored, wherein when the program is executed by a processor, the steps in the data processing method according to any one of claims 1-8 are implemented.