CN110324143B

CN110324143B - Data transmission method, electronic device and storage medium

Info

Publication number: CN110324143B
Application number: CN201910442274.9A
Authority: CN
Inventors: 赵勇; 庄光雄; 及晨光; 李耀星; 邹宗慧; 李恒
Original assignee: Ping An Technology Shenzhen Co Ltd
Current assignee: Ping An Technology Shenzhen Co Ltd
Priority date: 2019-05-24
Filing date: 2019-05-24
Publication date: 2022-03-11
Anticipated expiration: 2039-05-24
Also published as: WO2020237868A1; CN110324143A

Abstract

The invention provides a data transmission method, electronic equipment and a storage medium. The data transmission method can determine whether there is a communication record with the server according to the received data transmission instruction, when there is no communication record with the server, acquiring a device fingerprint of the electronic device, and randomly extracting at least one character in the device fingerprint to generate a first key, acquiring first data to be transmitted according to the data transmission instruction, encrypting the first data to be transmitted by using the first key by adopting an advanced encryption standard to obtain a first ciphertext, sending the first ciphertext to the server, when receiving a second ciphertext fed back by the server, decrypting the second ciphertext by using the first secret key to obtain second data to be transmitted, therefore, data processing is realized, encrypted transmission of data between the electronic equipment and the server is achieved, and due to the complexity of an encryption mode, the safety of data transmission is further improved.

Description

Data transmission method, electronic device and storage medium

Technical Field

The present invention relates to the field of data processing technologies, and in particular, to a data transmission method, an electronic device, and a storage medium.

Background

At present, in network communication, a HyperText Transfer Protocol (HTTP), a HyperText Transfer Protocol over Secure Socket Layer (HTTPs), and the like are generally adopted to protect transmitted data, or to simply perform signature verification on data.

Disclosure of Invention

In view of the above, it is necessary to provide a data transmission method, an electronic device, and a storage medium, which can implement encrypted transmission of data between the electronic device and a server, and effectively avoid data being tampered during transmission due to complexity of an encryption manner, thereby further improving security of data transmission.

A data transmission method is applied to an electronic device, the electronic device is communicated with a server, and the method comprises the following steps:

when a data transmission instruction is received, determining whether a communication record exists with the server according to the data transmission instruction;

when no communication record exists with the server, acquiring a device fingerprint of the electronic device;

randomly extracting at least one bit of character in the device fingerprint to generate a first key;

acquiring first data to be transmitted according to the data transmission instruction;

encrypting the first data to be transmitted by using the first key by adopting an advanced encryption standard to obtain a first ciphertext;

sending the first ciphertext to the server;

and when a second ciphertext fed back by the server is received, decrypting the second ciphertext by using the first secret key to obtain second data to be transmitted.

According to a preferred embodiment of the present invention, said randomly extracting at least one character of the device fingerprint to generate a first key comprises:

performing a remainder operation on the at least one bit of character to obtain a first numerical value;

performing logic operation on the first numerical value and a configuration numerical value to generate a first character string;

accumulating all bits of the first character string to obtain a second numerical value;

performing a remainder operation on the second numerical value to obtain a third numerical value;

carrying out binary conversion on the third numerical value to generate a second character string;

and splicing the first character string and the second character string to obtain the first secret key.

According to a preferred embodiment of the invention, the method further comprises:

after the second ciphertext is decrypted by the first secret key, a first temporary secret key is obtained;

encrypting the first temporary key;

determining an application program corresponding to the data transmission instruction;

and storing the encrypted first temporary key in a storage directory of the application program.

According to a preferred embodiment of the present invention, when there is a communication record with the server, the method further comprises:

acquiring the device fingerprint;

randomly extracting at least one character from the device fingerprint and the first temporary key to generate a second key;

acquiring the first data to be transmitted according to the data transmission instruction;

encrypting the first data to be transmitted by using the second key by adopting an advanced encryption standard to obtain a third ciphertext;

and sending the third ciphertext to the server.

A data transmission method is applied to a server, the server is communicated with an electronic device, and the method comprises the following steps:

when a first ciphertext sent by the electronic equipment is received, acquiring the equipment fingerprint of the electronic equipment from a request header of the first ciphertext;

determining whether a communication record exists with the electronic equipment according to the equipment fingerprint;

randomly extracting at least one character of the device fingerprint to generate a first key when there is no communication record with the electronic device;

decrypting the first ciphertext by using the first key to obtain first data to be transmitted;

retrieving according to the first data to be transmitted to obtain second data to be transmitted;

randomly determining any character string and generating a first temporary key;

encrypting the first temporary key and the second data to be transmitted by using the first key by adopting an advanced encryption standard to obtain a second ciphertext;

and feeding back the second ciphertext to the electronic equipment.

According to the preferred embodiment of the present invention, after randomly determining any character string and generating the first temporary key, the method further comprises:

recording the corresponding relation between the first temporary secret key and the device fingerprint;

storing the corresponding relation into a pre-configured equipment list;

the device list is used for storing all terminal devices which have communication records with the server.

According to a preferred embodiment of the present invention, the determining whether there is a communication record with the electronic device according to the device fingerprint comprises:

matching the device fingerprint with the device list;

when the device fingerprint exists in the device list, determining that a communication record exists with the electronic device; or

Determining that there is no communication record with the electronic device when the device fingerprint does not exist in the device list.

when a communication record exists with the electronic equipment, acquiring the first temporary key corresponding to the equipment fingerprint from the equipment list;

when the second secret key is detected to be incapable of decrypting, acquiring the number of times of decryption failure within preset time;

and when the times are greater than or equal to a preset value, locking the electronic equipment.

A data transmission apparatus operable on an electronic device, the electronic device being in communication with a server, the apparatus comprising:

the determining unit is used for determining whether a communication record exists with the server according to a data transmission instruction when the data transmission instruction is received;

the acquisition unit is used for acquiring the device fingerprint of the electronic device when no communication record exists with the server;

a generating unit, configured to randomly extract at least one bit of character in the device fingerprint to generate a first key;

the acquisition unit is further used for acquiring first data to be transmitted according to the data transmission instruction;

the encryption unit is used for encrypting the first data to be transmitted by the first key by adopting an advanced encryption standard to obtain a first ciphertext;

a sending unit, configured to send the first ciphertext to the server;

and the decryption unit is used for decrypting the second ciphertext by using the first key to obtain second data to be transmitted when receiving the second ciphertext fed back by the server.

According to a preferred embodiment of the present invention, the randomly extracting at least one character of the device fingerprint by the generating unit to generate the first key comprises:

According to a preferred embodiment of the present invention, the decryption unit is further configured to obtain a first temporary key after decrypting the second ciphertext with the first key;

the encryption unit is further used for encrypting the first temporary key;

the determining unit is further configured to determine an application program corresponding to the data transmission instruction;

the device further comprises:

and the storage unit is used for storing the encrypted first temporary key in a storage directory of the application program.

According to a preferred embodiment of the present invention, the obtaining unit is further configured to obtain the device fingerprint when there is a communication record with the server;

the generating unit is further configured to randomly extract at least one character from the device fingerprint and the first temporary key to generate a second key;

the obtaining unit is further configured to obtain the first data to be transmitted according to the data transmission instruction;

the encryption unit is further configured to encrypt the first to-be-transmitted data with the second key by using an advanced encryption standard to obtain a third ciphertext;

the sending unit is further configured to send the third ciphertext to the server.

A data transmission system operating on a server in communication with an electronic device, the system comprising:

the acquisition module is used for acquiring the device fingerprint of the electronic device from the request header of the first ciphertext when receiving the first ciphertext sent by the electronic device;

the determining module is used for determining whether a communication record exists with the electronic equipment or not according to the equipment fingerprint;

the generating module is used for randomly extracting at least one character in the device fingerprint to generate a first secret key when no communication record exists between the generating module and the electronic device;

the decryption module is used for decrypting the first ciphertext by using the first secret key to obtain first data to be transmitted;

the acquisition module is further used for retrieving according to the first data to be transmitted to obtain second data to be transmitted;

the generation module is further used for randomly determining any character string and generating a first temporary key;

the encryption module is used for encrypting the first temporary secret key and the second data to be transmitted by using the first secret key by adopting an advanced encryption standard to obtain a second ciphertext;

and the feedback module is used for feeding back the second ciphertext to the electronic equipment.

According to a preferred embodiment of the invention, the system further comprises:

the recording module is used for recording the corresponding relation between a first temporary secret key and the device fingerprint after randomly determining any character string and generating the first temporary secret key;

the storage module is used for storing the corresponding relation into a pre-configured equipment list;

According to a preferred embodiment of the present invention, the determining module is specifically configured to:

matching the device fingerprint with the device list;

According to a preferred embodiment of the present invention, the obtaining module is further configured to obtain the first temporary key corresponding to the device fingerprint from the device list when there is a communication record with the electronic device;

the generation module is further configured to randomly extract at least one bit of character from the device fingerprint and the first temporary key to generate a second key;

the obtaining module is further configured to obtain the number of times of decryption failure within a preset time when it is detected that decryption cannot be performed with the second key;

the system further comprises:

and the locking module is used for locking the electronic equipment when the times are greater than or equal to a preset value.

An electronic device, the electronic device comprising:

a memory storing at least one instruction; and

a processor executing instructions stored in the memory to implement the data transfer method.

A server, the server comprising:

a storage device to store at least one instruction; and

and the processing device executes the instructions stored in the storage device to realize the data transmission method.

A computer-readable storage medium having stored therein at least one instruction, the at least one instruction being executable by a processor in an electronic device to implement the data transfer method.

A computer-readable storage medium having stored therein at least one instruction for execution by a processing device in a server to implement the data transfer method.

According to the technical scheme, the invention can determine whether a communication record exists with the server according to the received data transmission instruction, when no communication record exists with the server, the invention acquires the equipment fingerprint of the electronic equipment, randomly extracts at least one character in the equipment fingerprint to generate a first secret key, further acquires the first data to be transmitted according to the data transmission instruction, encrypts the first data to be transmitted by the first secret key by adopting the advanced encryption standard to obtain a first ciphertext so as to increase the complexity of data encryption, sends the first ciphertext to the server, and decrypts the second ciphertext by the first secret key when receiving the second ciphertext fed back by the server to obtain the second data to be transmitted, thereby realizing the encrypted transmission of the data between the electronic equipment and the server, and due to the complexity of an encryption mode, the data is effectively prevented from being tampered in the transmission process, and the safety of data transmission is further improved.

Drawings

FIG. 1 is a diagram of an application environment of a preferred embodiment of the method for implementing data transmission according to the present invention.

FIG. 2 is a flowchart illustrating a data transmission method applied to an electronic device according to a preferred embodiment of the present invention.

Fig. 3 is a flow chart of the data transmission method of the present invention applied to a server according to a preferred embodiment.

Fig. 4 is a functional block diagram of an electronic device according to a preferred embodiment of the data transmission apparatus of the present invention.

Fig. 5 is a functional block diagram of a server in a preferred embodiment of the data transmission system of the present invention.

Fig. 6 is a schematic structural diagram of an electronic device implementing a data transmission method according to a preferred embodiment of the invention.

Fig. 7 is a schematic structural diagram of a server implementing the data transmission method according to the preferred embodiment of the invention.

Description of the main elements

Electronic device	1
		Memory device	12
Processor with a memory having a plurality of memory cells	13
		Server	2
Storage device	22
		Processing apparatus	23
Data transmission device	11
		Determining unit	100
Acquisition unit	101
		Generating unit	102
Encryption unit	103
		Transmitting unit	104
Decryption unit	105
		Holding unit	106
Data transmission system	21
		Acquisition module	200
Determining module	201
		Generation module	202
Decryption module	203
		Encryption module	204
Feedback module	205
		Recording module	206
Preservation module	207
		Locking module	208

Detailed Description

In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in detail with reference to the accompanying drawings and specific embodiments.

Fig. 1 is a diagram of an application environment for implementing a data transmission method according to a preferred embodiment of the present invention. The application environment diagram comprises an electronic device 1 and a server 2. The electronic device 1 communicates with the server 2.

The electronic device 1 is configured to generate a first ciphertext.

The server 2 is configured to obtain second data to be transmitted according to the first ciphertext, generate a second ciphertext according to the second data to be transmitted, and feed back the second ciphertext to the electronic device 1.

Preferably, the data transmission method of the present invention is applied to one or more electronic devices 1 and one or more servers 2, where the electronic devices 1 and the servers 2 are devices capable of automatically performing numerical calculation and/or information processing according to preset or stored instructions, and hardware thereof includes, but is not limited to, a microprocessor, an Application Specific Integrated Circuit (ASIC), a Programmable Gate Array (FPGA), a Digital Signal Processor (DSP), an embedded device, and the like.

The electronic device 1 and the server 2 may be any electronic product capable of performing human-computer interaction with a user, such as a Personal computer, a tablet computer, a smart phone, a Personal Digital Assistant (PDA), a game machine, an Internet Protocol Television (IPTV), and a smart wearable device.

The electronic device 1 and the server 2 may further include a network device and/or a user device. The network device includes, but is not limited to, a single network server, a server group consisting of a plurality of network servers, or a Cloud Computing (Cloud Computing) based Cloud consisting of a large number of hosts or network servers.

The Network where the electronic device 1 and the server 2 are located includes, but is not limited to, the internet, a wide area Network, a metropolitan area Network, a local area Network, a Virtual Private Network (VPN), and the like.

Fig. 2 is a flow chart of a preferred embodiment of the data transmission method applied to an electronic device according to the present invention. The order of the steps in the flow chart may be changed and some steps may be omitted according to different needs.

S10, when receiving the data transmission instruction, determining whether there is a communication record with the server 2 according to the data transmission instruction.

In at least one embodiment of the present invention, when a signal that a user triggers a preset service is detected, the electronic device 1 determines that the data transmission instruction is received.

Specifically, the preset service refers to a service that needs to acquire data from the server 2, for example: search services, login services, etc.

In at least one embodiment of the present invention, the electronic device 1 determining whether there is a communication record with the server 2 according to the data transmission instruction comprises:

the electronic device 1 acquires the application program corresponding to the data transmission instruction, further determines a storage directory of the application program, and detects whether the temporary key generated by the server 2 exists in the storage directory.

Further, when the temporary key generated by the server 2 exists in the storage directory, the electronic device 1 determines that there is a communication record with the server 2, or when the temporary key generated by the server 2 does not exist in the storage directory, the electronic device 1 determines that there is no communication record with the server.

It is understood that the electronic device 1 will respond differently to whether the electronic device 1 and the server 2 have a communication record, which will be described in detail later.

S11, when there is no communication record with the server, acquiring the device fingerprint of the electronic device 1.

In at least one embodiment of the invention, the device fingerprint refers to a device feature or a unique device identification that can be used to uniquely identify the electronic device 1. The device fingerprint includes some inherent, hard to tamper, and unique device identification.

Specifically, the electronic device 1 generating the device fingerprint includes:

the electronic device 1 acquires device information of the electronic device 1, and generates the device fingerprint according to the device information.

Wherein the device information includes, but is not limited to, one or more of the following:

a serial number of the electronic device 1, a Subscriber Identity Module (SIM) card number of the electronic device 1, a manufacturer code of the electronic device 1, a model of the electronic device 1, a hardware Identification code of the electronic device 1, and the like.

With the above embodiment, the electronic device 1 generates a device fingerprint capable of uniquely identifying the electronic device 1, and the device fingerprint may be composed of a string of characters.

For example: the device fingerprint may consist of 32-bit numbers/letters.

S12, randomly extracting at least one character in the device fingerprint to generate a first key.

In at least one embodiment of the invention, the first key is used to encrypt data to be transmitted by the electronic device 1.

Specifically, the randomly extracting at least one bit of character in the device fingerprint to generate a first key comprises:

the electronic equipment 1 carries out a remainder operation on the at least one character to obtain a first numerical value, carries out a logic operation on the first numerical value and a configuration numerical value to generate a first character string, accumulates all bits of the first character string to obtain a second numerical value, carries out a remainder operation on the second numerical value to obtain a third numerical value, carries out a scale conversion on the third numerical value to generate a second character string, and splices the first character string and the second character string to obtain the first key.

For example: the electronic device 1 performs ASCII code-based operation on the at least one character to obtain 30 digits/letters, performs operation according to the obtained 30 digits/letters to generate two check bits, and further obtains a 32-digit character string, and uses the obtained 32-digit character string as the first key.

Through the above embodiment, the electronic device 1 randomly extracts at least one character in the device fingerprint to generate the first key, so that the situation that the first key is cracked due to the certainty of the device fingerprint can be avoided, and the electronic device 1 randomly extracts at least one character in the device fingerprint can include a plurality of possibilities, so that the cracking difficulty is improved.

And S13, acquiring the first data to be transmitted according to the data transmission instruction.

In at least one embodiment of the present invention, according to the data transmission instruction, the electronic device 1 may obtain user information that triggers the data transmission instruction.

Meanwhile, the electronic device 1 may further obtain, from the data transmission instruction, related data corresponding to the preset service, including the first data to be transmitted.

For example: when detecting a search service triggered by the user a, the electronic device 1 determines to acquire the data transmission instruction, and further, the electronic device 1 acquires a character B to be searched by the user a, and determines the character B as the first data to be transmitted.

And S14, encrypting the first to-be-transmitted data by the first key by adopting the advanced encryption standard to obtain a first ciphertext.

In at least one embodiment of the present invention, the Advanced Encryption Standard (AES) is a symmetric Encryption algorithm, and on the premise of ensuring data security, since the algorithm is disclosed and the calculation amount is small, the Encryption speed is high, and the Encryption efficiency is higher.

In at least one embodiment of the present invention, the first ciphertext refers to data transmitted to the server by the electronic device 1, so as to obtain data from the server 2 according to the first ciphertext.

For example: when the first data to be transmitted is the text B, the electronic device 1 transmits a first ciphertext containing the text B to the server 2, and then obtains a search result of the text B.

S15, sending the first ciphertext to the server 2.

In at least one embodiment of the present invention, the server 2 is configured to receive the first ciphertext, obtain the first to-be-transmitted data from the first ciphertext, and further determine, according to the first to-be-transmitted data, data requested to be transmitted back by the electronic device 1.

In at least one embodiment of the present invention, the electronic device 1 sends the first ciphertext to the server 2, so as to avoid that data is intercepted due to plaintext transmission, which affects the security of data in a network transmission process.

And S16, when receiving a second ciphertext fed back by the server, decrypting the second ciphertext by using the first key to obtain second data to be transmitted.

In at least one embodiment of the present invention, the second ciphertext is the data that the server 2 feeds back according to the first ciphertext.

In at least one embodiment of the present invention, the second to-be-transmitted data is data obtained by decrypting the second ciphertext by the electronic device 1, and after the second to-be-transmitted data is obtained, the electronic device 1 may complete a task of requesting data from the server 2.

For example: and when the first data to be transmitted in the first ciphertext is the text B, the second ciphertext comprises a search result of the text B.

In at least one embodiment of the invention, the method further comprises:

and after decrypting the second ciphertext by using the first key, the electronic device 1 obtains a first temporary key, encrypts the first temporary key, further, the electronic device 1 determines an application program corresponding to the data transmission instruction, and stores the encrypted first temporary key in a storage directory of the application program.

In particular, the first temporary key is a string of random data.

For example: the first temporary key may be a string of 16-bit random numbers/letters.

Furthermore, the first temporary key is encrypted by adopting any encryption algorithm, so that the encrypted storage of the first temporary key can be realized, and the security of the first temporary key is ensured.

Through the above embodiment, the electronic device 1 encrypts and stores the first temporary key into the storage directory of the application program, so as to facilitate subsequent data transmission, and directly retrieve the first temporary key from the storage directory of the application program, and synchronize the first temporary key with the application program.

In at least one embodiment of the invention, when there is a communication record with the server 2, the method further comprises:

the electronic equipment 1 acquires the equipment fingerprint, at least one character is randomly extracted from the equipment fingerprint and the first temporary secret key to generate a second secret key, the first data to be transmitted is acquired according to the data transmission instruction, furthermore, the electronic equipment 1 adopts an advanced encryption standard, the second secret key is used for encrypting the first data to be transmitted to obtain a third ciphertext, and the third ciphertext is sent to the server 2.

Through the above embodiment, when the electronic device 1 and the server 2 have a communication record, the electronic device 1 generates the second key based on the device fingerprint and the first temporary key at the same time, thereby further improving the security of data transmission.

Fig. 3 is a flow chart of the data transmission method of the present invention applied to the server 2 according to the preferred embodiment. The order of the steps in the flow chart may be changed and some steps may be omitted according to different needs.

S20, when receiving the first ciphertext sent by the electronic device 1, obtaining the device fingerprint of the electronic device 1 from the request header of the first ciphertext.

In at least one embodiment of the present invention, when sending the first ciphertext to the server 2, the electronic device 1 sends a data request to the server 2, with the device fingerprint as a request header and carrying the first ciphertext.

S21, determining whether there is a communication record with the electronic device 1 according to the device fingerprint.

In at least one embodiment of the present invention, after the server 2 has a communication record with the electronic device 1, the record related information is used as a certificate of the communication, which will be described later.

S22, randomly extracting at least one character of the device fingerprint to generate a first key when there is no communication record with the electronic device 1.

In at least one embodiment of the present invention, a manner of generating the first key according to the device fingerprint is the same as the manner of generating the first key by the electronic device 1 in the foregoing, and the details of the present invention are omitted here.

And S23, decrypting the first ciphertext by using the first key to obtain first data to be transmitted.

In at least one embodiment of the present invention, when the encryption mode of the first secret key is consistent with that of the first ciphertext, the server 2 may successfully decrypt the first ciphertext to obtain the first to-be-transmitted data.

When the encryption mode of the first key is inconsistent with that of the first ciphertext, the server 2 cannot decrypt the first ciphertext, and thus cannot acquire the first to-be-transmitted data from the first ciphertext.

Through the implementation mode, the safety of data in network transmission can be effectively ensured.

And S24, retrieving according to the first data to be transmitted to obtain second data to be transmitted.

In at least one embodiment of the invention, the server 2 is able to determine the data that the electronic device 1 wants to obtain, based on the first data to be transmitted.

For example: when the first data to be transmitted is the text B, the server determines that the electronic device 1 needs to obtain the search result of the text B, and further, the server 2 determines the search result of the text B as the second data to be transmitted.

S25, randomly determines an arbitrary character string, and generates a first temporary key.

In at least one embodiment of the invention, the first temporary key is a string of random data.

In at least one embodiment of the present invention, after randomly determining an arbitrary character string and generating the first temporary key, the method further includes:

the server 2 records a corresponding relationship between the first temporary key and the device fingerprint, and further, the server 2 stores the corresponding relationship into a pre-configured device list, where the device list is used to store all terminal devices that have a communication record with the server 2.

Through the above embodiment, the server 2 can record the corresponding relationship in the device list, so as to determine whether the electronic device 1 and the server 2 have communicated with each other according to the device list.

In at least one embodiment of the present invention, the determining whether there is a communication record with the electronic device 1 according to the device fingerprint comprises:

the server 2 matches the device fingerprint with the device list, and when the device fingerprint exists in the device list, a communication record with the electronic device is determined; or determining that there is no communication record with the electronic device when the device fingerprint does not exist in the device list.

With the above embodiment, it can be determined whether the electronic device 1 has communicated with the server 2, and further take different countermeasures.

And S26, encrypting the first temporary key and the second to-be-transmitted data by using the first key by adopting the advanced encryption standard to obtain a second ciphertext.

In at least one embodiment of the present invention, the generation of the second ciphertext is combined with the first temporary key, so as to improve the complexity of data encryption, and the randomness of the first temporary key makes the decryption of the second ciphertext more difficult, so as to ensure that the security of the second ciphertext is higher.

And S27, feeding back the second ciphertext to the electronic device.

In at least one embodiment of the present invention, the second ciphertext includes content requested by the electronic device 1.

In at least one embodiment of the present invention, when there is a communication record with the electronic device 1, the method further comprises:

the server 2 obtains the first temporary key corresponding to the device fingerprint from the device list, and randomly extracts at least one character from the device fingerprint and the first temporary key to generate a second key, further, the server 2 encrypts the second to-be-transmitted data with the second key by adopting an advanced encryption standard to obtain a fourth ciphertext, and feeds the fourth ciphertext back to the electronic device 1.

With the above embodiment, the server 2 generates the second key directly using the stored first temporary key.

Subsequently, the communication between the server 2 and the electronic device 1 will depend on the second key until a special situation occurs.

Specifically, the method further comprises:

and when detecting that any one of the electronic device 1 and the server 2 loses the first temporary key and/or the configuration service is started, regenerating and storing the first temporary key.

Specifically, the configuration services may include, but are not limited to: user login service, etc.

For example: when the application program of the first temporary key storage is uninstalled, which causes the first temporary key to be lost, the first temporary key is regenerated and saved.

With the above embodiment, on the premise of ensuring normal data communication between the server 2 and the electronic device 1, the security of data transmission can be further ensured.

In at least one embodiment of the invention, the method further comprises:

when the fact that decryption cannot be performed by the second secret key is detected, the server 2 obtains the times of decryption failure in preset time, and when the times are larger than or equal to a preset value, the electronic device 1 is locked.

Specifically, the preset value may be configured by a user, which is not limited in the present invention.

It can be understood that if the second key cannot be decrypted, it indicates that the electronic device 1 does not store the first temporary key, and therefore, considering that the data transmission between the server 2 and the electronic device 1 mainly depends on the first temporary key, it indicates that the electronic device 1 is likely to be in an abnormal situation of malicious stealing of information.

When the electronic device 1 is locked, the server 2 will not accept the requested data of the electronic device 1.

Of course, in other embodiments, the server may also be configured to reject all requests of the electronic device within a configuration time, which is not limited in the present invention.

Through the implementation mode, the situation of data stealing can be effectively avoided, the protection in the data transmission process is stronger, and information leakage is avoided.

Fig. 4 is a functional block diagram of an electronic device according to a preferred embodiment of the data transmission apparatus of the present invention. The data transmission apparatus 11 includes a determination unit 100, an acquisition unit 101, a generation unit 102, an encryption unit 103, a transmission unit 104, a decryption unit 105, and a saving unit 106. The unit referred to in the present invention refers to a series of computer program segments capable of being executed by the processor 13 and performing a fixed function, and stored in the memory 12. In the present embodiment, the functions of the units will be described in detail in the following embodiments.

When receiving a data transmission instruction, the determination unit 100 determines whether there is a communication record with the server 2 according to the data transmission instruction.

In at least one embodiment of the present invention, when a signal that a user triggers a preset service is detected, the determination unit 100 determines that the data transmission instruction is received.

In at least one embodiment of the present invention, the determining unit 100 determines whether there is a communication record with the server 2 according to the data transmission instruction includes:

the determining unit 100 acquires an application program corresponding to the data transmission instruction, further determines a storage directory of the application program, and detects whether a temporary key generated by the server exists in the storage directory.

Further, the determining unit 100 determines that there is a communication record with the server 2 when the temporary key generated by the server 2 exists in the storage directory, or the determining unit 100 determines that there is no communication record with the server when the temporary key generated by the server 2 does not exist in the storage directory.

It will be understood that the data transmission device 11 will respond differently to whether the data transmission device 11 and the server 2 have a communication record, as will be explained in detail later.

When there is no communication record with the server, the acquisition unit 101 acquires the device fingerprint of the electronic device 1.

Specifically, the generating of the device fingerprint by the obtaining unit 101 includes:

the acquisition unit 101 acquires device information of the electronic device 1, and generates the device fingerprint from the device information.

With the above embodiment, the acquiring unit 101 generates a device fingerprint capable of uniquely identifying the electronic device 1, and the device fingerprint may be composed of a string of characters.

For example: the device fingerprint may consist of 32-bit numbers/letters.

The generating unit 102 randomly extracts at least one bit of a character in the device fingerprint to generate a first key.

Specifically, the randomly extracting at least one character of the device fingerprint by the generating unit 102 to generate the first key includes:

the generating unit 102 performs a remainder operation on the at least one bit of character to obtain a first numerical value, performs a logic operation on the first numerical value and a configuration numerical value to generate a first character string, accumulates bits of the first character string to obtain a second numerical value, performs a remainder operation on the second numerical value to obtain a third numerical value, performs a binary conversion on the third numerical value to generate a second character string, and concatenates the first character string and the second character string to obtain the first key.

For example: the generating unit 102 performs an ASCII code-based operation on the at least one character to obtain a 30-digit number/letter, performs an operation according to the obtained 30-digit number/letter to generate a two-digit check bit, and further obtains a 32-digit character string, and uses the obtained 32-digit character string as the first key.

Through the implementation mode, at least one character in the device fingerprint is randomly extracted to generate the first key, so that the situation that the first key is cracked due to the certainty of the device fingerprint can be avoided, and the random extraction of the at least one character in the device fingerprint can include a plurality of possibilities, so that the cracking difficulty is improved.

The obtaining unit 101 obtains the first data to be transmitted according to the data transmission instruction.

In at least one embodiment of the present invention, according to the data transmission instruction, the obtaining unit 101 may obtain user information that triggers the data transmission instruction.

Meanwhile, the obtaining unit 101 may further obtain, from the data transmission instruction, related data corresponding to the preset service, including the first data to be transmitted.

For example: when detecting a search service triggered by the user a, the obtaining unit 101 determines to obtain the data transmission instruction, and further, the obtaining unit 101 obtains a character B to be searched by the user a, and determines the character B as the first data to be transmitted.

The encryption unit 103 encrypts the first to-be-transmitted data with the first key by using the advanced encryption standard to obtain a first ciphertext.

In at least one embodiment of the present invention, the first ciphertext refers to data transmitted to the server by the encryption unit 103, so as to obtain data from the server 2 according to the first ciphertext.

For example: when the first data to be transmitted is the text B, the encryption unit 103 transmits a first ciphertext containing the text B to the server 2, and then obtains a search result of the text B.

The transmission unit 104 transmits the first ciphertext to the server 2.

In at least one embodiment of the present invention, the sending unit 104 sends the first ciphertext to the server 2, so as to avoid that data is intercepted due to plaintext transmission, which affects the security of data in the network transmission process.

When receiving the second ciphertext fed back by the server, the decryption unit 105 decrypts the second ciphertext with the first key to obtain second to-be-transmitted data.

In at least one embodiment of the present invention, the second to-be-transmitted data is data obtained by decrypting the second ciphertext by the decryption unit 105, and after the second to-be-transmitted data is obtained, the decryption unit 105 may complete a task of requesting data from the server 2.

In at least one embodiment of the invention, the method further comprises:

the decryption unit 105 obtains a first temporary key after decrypting the second ciphertext with the first key, the encryption unit 103 encrypts the first temporary key, further, the determination unit 100 determines an application program corresponding to the data transmission instruction, and the saving unit 106 saves the encrypted first temporary key in a storage directory of the application program.

In particular, the first temporary key is a string of random data.

Through the above embodiment, the first temporary key is stored in the storage directory of the application program in an encrypted manner, so that the first temporary key can be directly called from the storage directory of the application program when data transmission is performed subsequently, and the first temporary key and the application program are synchronized at the same time.

the obtaining unit 101 obtains the device fingerprint, the generating unit 102 randomly extracts at least one character from the device fingerprint and the first temporary key to generate a second key, the obtaining unit 101 obtains the first data to be transmitted according to the data transmission instruction, further, the encrypting unit 103 adopts an advanced encryption standard, encrypts the first data to be transmitted with the second key to obtain a third ciphertext, and the sending unit 104 sends the third ciphertext to the server 2.

With the above embodiment, when there is a communication record with the server 2, the generating unit 102 generates the second key based on the device fingerprint and the first temporary key at the same time, which further improves the security of data transmission.

Fig. 5 is a functional block diagram of a server in accordance with a preferred embodiment of the data transmission system of the present invention. The data transmission system 21 includes an obtaining module 200, a determining module 201, a generating module 202, a decrypting module 203, an encrypting module 204, a feedback module 205, a recording module 206, a saving module 207, and a locking module 208. The module referred to in the present invention refers to a series of computer program segments that can be executed by the processing device 23 and that can perform a fixed function, and that are stored in the storage device 22. In the present embodiment, the functions of the modules will be described in detail in the following embodiments.

When receiving a first ciphertext sent by the electronic device 1, the module 200 is obtained from the request header of the first ciphertext to obtain the device fingerprint of the electronic device 1.

In at least one embodiment of the present invention, when sending the first ciphertext to the obtaining module 200, the electronic device 1 sends a data request to the obtaining module 200, with the device fingerprint as a request header and carrying the first ciphertext.

Based on the device fingerprint, the determination module 201 determines whether there is a communication record with the electronic device 1.

In at least one embodiment of the present invention, after the server 2 has a communication record with the electronic device 1, the record related information is used as a communication certificate, which will be described later.

When there is no communication record with the electronic device 1, the generation module 202 randomly extracts at least one character of the device fingerprint to generate a first key.

The decryption module 203 decrypts the first ciphertext with the first key to obtain the first data to be transmitted.

In at least one embodiment of the present invention, when the encryption mode of the first secret key is consistent with that of the first ciphertext, the decryption module 203 may successfully decrypt the first ciphertext to obtain the first to-be-transmitted data.

When the encryption mode of the first key is inconsistent with that of the first ciphertext, the decryption module 203 may not decrypt the first ciphertext, and may not obtain the first to-be-transmitted data from the first ciphertext.

The obtaining module 200 retrieves the first data to be transmitted to obtain second data to be transmitted.

In at least one embodiment of the present invention, the obtaining module 200 is capable of determining the data that the electronic device 1 wants to obtain, according to the first data to be transmitted.

For example: when the first data to be transmitted is the text B, the obtaining module 200 determines that the electronic device 1 needs to obtain the search result of the text B, and further, the obtaining module 200 determines the search result of the text B as the second data to be transmitted.

The generation module 202 randomly determines any character string and generates a first temporary key.

the recording module 206 records a corresponding relationship between the first temporary key and the device fingerprint, and further, the saving module 207 saves the corresponding relationship into a pre-configured device list, where the device list is used to store all terminal devices that have a communication record with the server 2.

Through the above embodiment, the corresponding relationship can be recorded in the device list, so that it is convenient to determine whether the electronic device 1 and the server 2 have communicated with each other subsequently according to the device list.

In at least one embodiment of the present invention, the determining module 201, according to the device fingerprint, determines whether there is a communication record with the electronic device 1, including:

the determining module 201 matches the device fingerprint with the device list, and determines that there is a communication record with the electronic device when the device fingerprint exists in the device list; or determining that there is no communication record with the electronic device when the device fingerprint does not exist in the device list.

The encryption module 204 encrypts the first temporary key and the second to-be-transmitted data with the first key by using the advanced encryption standard to obtain a second ciphertext.

The feedback module 205 feeds back the second ciphertext to the electronic device.

the obtaining module 200 obtains the first temporary key corresponding to the device fingerprint from the device list, the generating module 202 randomly extracts at least one character from the device fingerprint and the first temporary key to generate a second key, further, the encrypting module 204 encrypts the second to-be-transmitted data with the second key by using an advanced encryption standard to obtain a fourth ciphertext, and the feedback module 205 feeds the fourth ciphertext back to the electronic device 1.

With the above embodiment, the second key is generated directly using the stored first temporary key.

Specifically, the method further comprises:

when detecting that any one of the electronic device 1 and the server 2 loses the first temporary key and/or the configuration service is started, the saving module 207 regenerates and saves the first temporary key.

In at least one embodiment of the invention, the method further comprises:

when it is detected that the decryption cannot be performed by using the second key, the obtaining module 200 obtains the number of times of decryption failure within a preset time, and when the number of times is greater than or equal to a preset value, the locking module 208 locks the electronic device 1.

The electronic device 1 is a device capable of automatically performing numerical calculation and/or information processing according to a preset or stored instruction, and its hardware includes, but is not limited to, a microprocessor, an Application Specific Integrated Circuit (ASIC), a Programmable Gate Array (FPGA), a Digital Signal Processor (DSP), an embedded device, and the like.

The electronic device 1 may also be, but not limited to, any electronic product that can perform human-computer interaction with a user through a keyboard, a mouse, a remote controller, a touch panel, or a voice control device, for example, a Personal computer, a tablet computer, a smart phone, a Personal Digital Assistant (PDA), a game machine, an Internet Protocol Television (IPTV), an intelligent wearable device, and the like.

The electronic device 1 may also be a desktop computer, a notebook, a palm computer, a cloud server, or other computing devices.

The Network where the electronic device 1 is located includes, but is not limited to, the internet, a wide area Network, a metropolitan area Network, a local area Network, a Virtual Private Network (VPN), and the like.

In one embodiment of the present invention, the electronic device 1 includes, but is not limited to, a memory 12, a processor 13, and a computer program, such as a data transfer program, stored in the memory 12 and executable on the processor 13.

It will be appreciated by a person skilled in the art that the schematic diagram is only an example of the electronic device 1 and does not constitute a limitation of the electronic device 1, and that it may comprise more or less components than shown, or some components may be combined, or different components, e.g. the electronic device 1 may further comprise an input output device, a network access device, a bus, etc.

The Processor 13 may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component, etc. The processor 13 is an operation core and a control center of the electronic device 1, and is connected to each part of the whole electronic device 1 by various interfaces and lines, and executes an operating system of the electronic device 1 and various installed application programs, program codes, and the like.

The processor 13 executes an operating system of the electronic device 1 and various installed application programs. The processor 13 executes the application program to implement the steps in the above-mentioned data transmission method embodiments, such as steps S10, S11, S12, S13, S14, S15, and S16 shown in fig. 1.

Alternatively, the processor 13, when executing the computer program, implements the functions of the modules/units in the above device embodiments, for example: when a data transmission instruction is received, determining whether a communication record exists with the server according to the data transmission instruction; when no communication record exists with the server, acquiring a device fingerprint of the electronic device; randomly extracting at least one bit of character in the device fingerprint to generate a first key; acquiring first data to be transmitted according to the data transmission instruction; encrypting the first data to be transmitted by using the first key by adopting an advanced encryption standard to obtain a first ciphertext; sending the first ciphertext to the server; and when a second ciphertext fed back by the server is received, decrypting the second ciphertext by using the first secret key to obtain second data to be transmitted.

Illustratively, the computer program may be divided into one or more modules/units, which are stored in the memory 12 and executed by the processor 13 to accomplish the present invention. The one or more modules/units may be a series of computer program instruction segments capable of performing specific functions, which are used to describe the execution process of the computer program in the electronic device 1. For example, the computer program may be divided into a determination unit 100, an acquisition unit 101, a generation unit 102, an encryption unit 103, a transmission unit 104, a decryption unit 105, and a saving unit 106.

The memory 12 can be used for storing the computer programs and/or modules, and the processor 13 implements various functions of the electronic device 1 by running or executing the computer programs and/or modules stored in the memory 12 and calling data stored in the memory 12. The memory 12 may mainly include a program storage area and a data storage area, wherein the program storage area may store an operating system, an application program required by at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data (such as audio data, a phonebook, etc.) created according to the use of the cellular phone, and the like. Further, the memory 12 may include high speed random access memory, and may also include non-volatile memory, such as a hard disk, a memory, a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), at least one magnetic disk storage device, a Flash memory device, or other volatile solid state storage device.

The memory 12 may be an external memory and/or an internal memory of the electronic device 1. Further, the Memory 12 may be a circuit having a Memory function without any physical form In the integrated circuit, such as a RAM (Random-Access Memory), a FIFO (First In First Out), and the like. Alternatively, the memory 12 may be a memory in a physical form, such as a memory stick, a TF Card (Trans-flash Card), or the like.

The integrated modules/units of the electronic device 1 may be stored in a computer-readable storage medium if they are implemented in the form of software functional units and sold or used as separate products. Based on such understanding, all or part of the flow of the method according to the embodiments of the present invention may also be implemented by a computer program, which may be stored in a computer-readable storage medium, and when the computer program is executed by a processor, the steps of the method embodiments may be implemented.

Wherein the computer program comprises computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer-readable medium may include: any entity or device capable of carrying the computer program code, recording medium, usb disk, removable hard disk, magnetic disk, optical disk, computer Memory, Read-Only Memory (ROM), Random Access Memory (RAM), electrical carrier wave signals, telecommunications signals, software distribution medium, and the like. It should be noted that the computer readable medium may contain content that is subject to appropriate increase or decrease as required by legislation and patent practice in jurisdictions, for example, in some jurisdictions, computer readable media does not include electrical carrier signals and telecommunications signals as is required by legislation and patent practice.

In conjunction with fig. 2, the memory 12 in the electronic device 1 stores a plurality of instructions to implement a data transfer method, and the processor 13 can execute the plurality of instructions to implement: when a data transmission instruction is received, determining whether a communication record exists with the server according to the data transmission instruction; when no communication record exists with the server, acquiring a device fingerprint of the electronic device; randomly extracting at least one bit of character in the device fingerprint to generate a first key; acquiring first data to be transmitted according to the data transmission instruction; encrypting the first data to be transmitted by using the first key by adopting an advanced encryption standard to obtain a first ciphertext; sending the first ciphertext to the server; and when a second ciphertext fed back by the server is received, decrypting the second ciphertext by using the first secret key to obtain second data to be transmitted.

According to a preferred embodiment of the present invention, the processor 13 further executes a plurality of instructions including:

encrypting the first temporary key;

acquiring the device fingerprint;

and sending the third ciphertext to the server.

Specifically, the processor 13 may refer to the description of the relevant steps in the embodiment corresponding to fig. 2, and details thereof are not repeated herein.

Fig. 7 is a schematic structural diagram of a server according to a preferred embodiment of the present invention.

The server 2 is a device capable of automatically performing numerical calculation and/or information processing according to a preset or stored instruction, and hardware thereof includes, but is not limited to, a microprocessor, an Application Specific Integrated Circuit (ASIC), a Programmable Gate Array (FPGA), a Digital Signal Processor (DSP), an embedded device, and the like.

The server 2 may also be, but is not limited to, any electronic product that can perform human-computer interaction with a user through a keyboard, a mouse, a remote controller, a touch panel, or a voice control device, for example, a Personal computer, a tablet computer, a smart phone, a Personal Digital Assistant (PDA), a game machine, an Internet Protocol Television (IPTV), a smart wearable device, and the like.

The server 2 may also be a desktop computer, a notebook, a palm computer, a cloud server, or other computing devices.

The Network where the server 2 is located includes, but is not limited to, the internet, a wide area Network, a metropolitan area Network, a local area Network, a Virtual Private Network (VPN), and the like.

In one embodiment of the present invention, the server 2 includes, but is not limited to, a storage device 22, a processing device 23, and a computer program, such as a data transfer program, stored in the storage device 22 and executable on the processing device 23.

It will be appreciated by those skilled in the art that the schematic diagram is merely an example of a server 2 and does not constitute a limitation of the server 2 and may include more or less components than shown, or some components in combination, or different components, e.g. the server 2 may also include input output devices, network access devices, buses, etc.

The Processing device 23 may be a Central Processing Unit (CPU), other general purpose Processor, a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), an off-the-shelf Programmable Gate Array (FPGA) or other Programmable logic device, discrete Gate or transistor logic device, discrete hardware component, etc. The processing device 23 is an operation core and a control center of the server 2, connects various parts of the entire server 2 by various interfaces and lines, and executes an operating system of the server 2 and various installed application programs, program codes, and the like.

The processing device 23 executes the operating system of the server 2 and various types of application programs installed. The processing device 23 executes the application program to implement the steps in the above-described respective data transmission method embodiments, such as steps S20, S21, S22, S23, S24, S25, S26, S27 shown in fig. 3.

Alternatively, the processing device 23, when executing the computer program, implements the functions of the modules/units in the above device embodiments, for example: when a first ciphertext sent by the electronic equipment is received, acquiring the equipment fingerprint of the electronic equipment from a request header of the first ciphertext; determining whether a communication record exists with the electronic equipment according to the equipment fingerprint; randomly extracting at least one character of the device fingerprint to generate a first key when there is no communication record with the electronic device; decrypting the first ciphertext by using the first key to obtain first data to be transmitted; retrieving according to the first data to be transmitted to obtain second data to be transmitted; randomly determining any character string and generating a first temporary key; encrypting the first temporary key and the second data to be transmitted by using the first key by adopting an advanced encryption standard to obtain a second ciphertext; and feeding back the second ciphertext to the electronic equipment.

Illustratively, the computer program may be partitioned into one or more modules that are stored in the storage device 22 and executed by the processing device 23 to implement the present invention. The one or more modules may be a series of computer program instruction segments capable of performing specific functions, which are used to describe the execution of the computer program in the server 2. For example, the computer program may be partitioned into an acquisition module 200, a determination module 201, a generation module 202, a decryption module 203, an encryption module 204, a feedback module 205, a recording module 206, a preservation module 207, and a locking module 208.

The storage device 22 may be used to store the computer programs and/or modules, and the processing device 23 may implement various functions of the server 2 by running or executing the computer programs and/or modules stored in the storage device 22 and calling data stored in the storage device 22. The storage device 22 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required by at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data (such as audio data, a phonebook, etc.) created according to the use of the cellular phone, and the like. In addition, the storage device 22 may include high speed random access memory, and may also include non-volatile memory, such as a hard disk, a memory, a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), at least one magnetic disk storage device, a Flash memory device, or other volatile solid state storage device.

The storage device 22 may be an external memory and/or an internal memory of the server 2. Further, the storage device 22 may be a circuit with a storage function without any physical form In the integrated circuit, such as a RAM (Random-Access Memory), a FIFO (First In First Out), and the like. Alternatively, the storage device 22 may be a memory having a physical form, such as a memory stick, a TF Card (Trans-flash Card), and the like.

The modules/units integrated by the server 2 may be stored in a computer-readable storage medium if they are implemented in the form of software functional units and sold or used as separate products. Based on such understanding, all or part of the flow in the method according to the above embodiments may be implemented by a computer program, which may be stored in a computer readable storage medium and used by a processing device to implement the steps of the above embodiments of the method.

With reference to fig. 3, the storage device 22 in the server 2 stores a plurality of instructions to implement a data transmission method, and the processing device 23 can execute the plurality of instructions to implement: when a first ciphertext sent by the electronic equipment is received, acquiring the equipment fingerprint of the electronic equipment from a request header of the first ciphertext; determining whether a communication record exists with the electronic equipment according to the equipment fingerprint; randomly extracting at least one character of the device fingerprint to generate a first key when there is no communication record with the electronic device; decrypting the first ciphertext by using the first key to obtain first data to be transmitted; retrieving according to the first data to be transmitted to obtain second data to be transmitted; randomly determining any character string and generating a first temporary key; encrypting the first temporary key and the second data to be transmitted by using the first key by adopting an advanced encryption standard to obtain a second ciphertext; and feeding back the second ciphertext to the electronic equipment.

According to a preferred embodiment of the present invention, the processing device 23 further executing a plurality of instructions comprises:

storing the corresponding relation into a pre-configured equipment list;

matching the device fingerprint with the device list;

Specifically, the specific implementation method of the instruction by the processing device 23 may refer to the description of the relevant steps in the embodiment corresponding to fig. 3, which is not described herein again.

In the embodiments provided in the present invention, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the modules is only one logical functional division, and other divisions may be realized in practice.

The modules described as separate parts may or may not be physically separate, and parts displayed as modules may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment.

In addition, functional modules in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional module.

It will be evident to those skilled in the art that the invention is not limited to the details of the foregoing illustrative embodiments, and that the present invention may be embodied in other specific forms without departing from the spirit or essential attributes thereof.

The present embodiments are therefore to be considered in all respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of equivalency of the claims are therefore intended to be embraced therein. Any reference signs in the claims shall not be construed as limiting the claim concerned.

Furthermore, it is obvious that the word "comprising" does not exclude other elements or steps, and the singular does not exclude the plural. A plurality of units or means recited in the system claims may also be implemented by one unit or means in software or hardware. The terms second, etc. are used to denote names, but not any particular order.

Finally, it should be noted that the above embodiments are only for illustrating the technical solutions of the present invention and not for limiting, and although the present invention is described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications or equivalent substitutions may be made on the technical solutions of the present invention without departing from the spirit and scope of the technical solutions of the present invention.

Claims

1. A data transmission method is applied to an electronic device, the electronic device is communicated with a server, and the method is characterized by comprising the following steps:

sending the first ciphertext to the server;

2. The data transmission method of claim 1, wherein the randomly extracting at least one bit of a character in the device fingerprint to generate a first key comprises:

3. The data transmission method of claim 1, wherein the method further comprises:

encrypting the first temporary key;

4. The data transmission method of claim 3, wherein when there is a communication record with the server, the method further comprises:

acquiring the device fingerprint;

and sending the third ciphertext to the server.

5. A data transmission method applied to a server, the server being in communication with an electronic device, the method comprising:

randomly determining any character string and generating a first temporary key;

and feeding back the second ciphertext to the electronic equipment.

6. The data transmission method of claim 5, wherein after randomly determining an arbitrary character string and generating the first temporary key, the method further comprises:

storing the corresponding relation into a pre-configured equipment list;

7. The data transmission method of claim 6, wherein the determining whether there is a communication record with the electronic device based on the device fingerprint comprises:

matching the device fingerprint with the device list;

8. The data transmission method of claim 6, wherein the method further comprises:

9. An electronic device, characterized in that the electronic device comprises:

a memory storing at least one instruction; and

a processor executing instructions stored in the memory to implement the data transmission method of any one of claims 1 to 4.

10. A computer-readable storage medium characterized by: the computer-readable storage medium has stored therein at least one instruction that is executed by a processor in an electronic device to implement the data transmission method of any one of claims 1 to 4.