Search

CN-122027340-A - Data transmission method, device, equipment and medium based on differential encryption

CN122027340ACN 122027340 ACN122027340 ACN 122027340ACN-122027340-A

Abstract

The application discloses a data transmission method, device, equipment and medium based on differential encryption, which relate to the technical field of financial transaction and are applied to a data transmitting end corresponding to financial transaction business, and comprise the steps of dividing financial transaction data to be transmitted at the current moment into sensitive data and non-sensitive data by adopting a keyword matching mode; the method comprises the steps of encrypting sensitive data by utilizing a quantum key corresponding to the current moment, encrypting non-sensitive data by utilizing a preset mixed encryption scheme, wherein the preset mixed encryption scheme is an encryption scheme constructed based on a post quantum cryptography algorithm and a national encryption block cryptography algorithm, and splicing and transmitting the encrypted data to a data receiving end corresponding to a financial transaction service so that the data receiving end can decrypt the data to obtain financial transaction data. Therefore, the application adopts a quantum key and a mixed encryption mode to encrypt the data in combination with the data sensitivity, can dynamically and efficiently realize the data encryption, is compatible with a national encryption algorithm encryption system, and ensures the data security.

Inventors

  • LU ZEGANG
  • WANG MAOYU

Assignees

  • 重庆银行股份有限公司

Dates

Publication Date
20260512
Application Date
20260325

Claims (10)

  1. 1. The data transmission method based on differential encryption is characterized by being applied to a data transmitting end corresponding to a financial transaction service and comprising the following steps: Dividing financial transaction data which needs to be transmitted by a financial institution at the current moment into sensitive data and non-sensitive data by adopting a keyword matching mode; encrypting the sensitive data by using a quantum key corresponding to the current moment, and encrypting the non-sensitive data by using a preset mixed encryption scheme, wherein the preset mixed encryption scheme is an encryption scheme constructed based on a post quantum cryptography algorithm and a national cipher block cryptography algorithm; And splicing the encrypted sensitive data and the encrypted non-sensitive data, and sending the corresponding spliced data to a data receiving end corresponding to the financial transaction service, so that the data receiving end decrypts the spliced data to obtain the financial transaction data.
  2. 2. The data transmission method based on differential encryption according to claim 1, wherein the quantum key generation process comprises: The quantum key is generated by combining a quantum random number generator by utilizing a quantum key distribution technology based on a tri-base vector.
  3. 3. The differential encryption-based data transmission method according to claim 2, further comprising: and updating the quantum key based on a preset key life cycle and the transaction frequency of the financial transaction service.
  4. 4. The differential encryption-based data transmission method according to claim 1, wherein encrypting the non-sensitive data using a preset hybrid encryption scheme comprises: And carrying out serial encryption on the non-sensitive data by using a first cryptographic algorithm and a second cryptographic algorithm, wherein the first cryptographic algorithm is any one algorithm of a post quantum cryptographic algorithm and a national cipher block cryptographic algorithm, and the second cryptographic algorithm is the other algorithm of the post quantum cryptographic algorithm and the national cipher block cryptographic algorithm.
  5. 5. The data transmission method based on differential encryption according to claim 1, wherein the sending the corresponding spliced data to the data receiving end corresponding to the financial transaction service includes: generating a transaction check code corresponding to the spliced data based on a preset check code formula; Adding the transaction verification code to the spliced data to obtain data to be sent; And sending the data to be sent to a data receiving end corresponding to the financial transaction service.
  6. 6. The differential encryption-based data transmission method according to any one of claims 1 to 5, wherein in the process of sending the corresponding spliced data to the data receiving end corresponding to the financial transaction service, the method further comprises: determining whether a data leakage risk exists or not based on the magnitude relation between the monitored quantum channel error rate and a preset threshold value; if the risk of data leakage exists, the spliced data is stopped, and service data related to the financial transaction service are uploaded to a financial security management platform so as to analyze the service data, wherein the service data comprise time, quantum channel error rate and financial transaction data.
  7. 7. The differential encryption-based data transmission method according to claim 6, wherein the determining whether there is a data leakage risk based on the magnitude relation between the monitored quantum channel error rate and the preset threshold value includes: If the monitored quantum channel error rate is not greater than a first preset threshold value, judging that the data leakage risk does not exist in the transmission process of the spliced data; If the monitored quantum channel error rate is larger than a first preset threshold value and is not larger than a second preset threshold value, judging that suspected leakage risk exists in the transmission process of the spliced data, and triggering the updating operation of the quantum key; if the monitored quantum channel error rate is larger than a second preset threshold value, judging that the data leakage risk exists in the transmission process of the spliced data.
  8. 8. The data transmission device based on differential encryption is characterized by being applied to a data transmitting end corresponding to a financial transaction service, and comprising: the data dividing module is used for dividing financial transaction data which needs to be transmitted by a financial institution at the current moment into sensitive data and non-sensitive data in a keyword matching mode; The data encryption module is used for encrypting the sensitive data by utilizing a quantum key corresponding to the current moment and encrypting the non-sensitive data by utilizing a preset mixed encryption scheme, wherein the preset mixed encryption scheme is an encryption scheme constructed based on a post quantum cryptographic algorithm and a national cipher block cryptographic algorithm; the data sending module is used for splicing the encrypted sensitive data and the encrypted non-sensitive data and sending the corresponding spliced data to the data receiving end corresponding to the financial transaction service so that the data receiving end can decrypt the spliced data to obtain the financial transaction data.
  9. 9. An electronic device, comprising: A memory for storing a computer program; A processor for executing the computer program to implement the differential encryption-based data transmission method as claimed in any one of claims 1 to 7.
  10. 10. A computer readable storage medium for storing a computer program which, when executed by a processor, implements the differential encryption based data transmission method according to any one of claims 1 to 7.

Description

Data transmission method, device, equipment and medium based on differential encryption Technical Field The present invention relates to the field of financial transactions, and in particular, to a data transmission method, apparatus, device, and medium based on differential encryption. Background At present, the financial field is widely applied to the national encryption algorithm to realize encryption protection, and the traditional non-national encryption technology is based on mathematical computation complexity such as large number decomposition, elliptic curve discrete logarithm and the like. However, the breakthrough of the quantum algorithm makes the traditional encryption system face a fundamental cracking risk, for example, the Shor (quality factor for decomposing large integers) algorithm can crack large-number decomposition and elliptic curve related problems in polynomial time, directly threaten the security of SM2 (based on elliptic curve discrete logarithm), RSA (an asymmetric encryption algorithm) and ECC (elliptic curve encryption), and the Grover (for searching an element in an unordered database) algorithm can reduce the violence cracking complexity of symmetric encryption to a square root level, so that the key security intensity of symmetric encryption algorithms such as SM4 (block cipher algorithm) is greatly attenuated. Although the current quantum key distribution (quantum key distribution, QKD) technology relies on quantum unclonable theorem and inaccurate measurement principle to realize unconditional security of 'eavesdrop just found', the problem of discomfort exists in data transmission under a financial transaction scene, such as short-time high concurrency of financial transaction, data fragmentation and the like, the problems of key waste, transmission interruption and the like are easy to occur, and the security requirement of high-frequency financial transaction cannot be met. It can be seen that how to optimize the security of data transmission of financial transactions in combination with quantum keys is a problem to be solved in the art. Disclosure of Invention In view of the above, the invention aims to provide a data transmission method, a device, equipment and a medium based on differential encryption, which combine the data sensitivity to encrypt data by adopting a quantum key and hybrid encryption mode, so that the data encryption can be dynamically and efficiently realized, the encryption system of a national encryption algorithm is compatible, and the data security is ensured. The specific scheme is as follows: in a first aspect, the present application provides a data transmission method based on differential encryption, applied to a data transmitting end corresponding to a financial transaction service, including: Dividing financial transaction data which needs to be transmitted by a financial institution at the current moment into sensitive data and non-sensitive data by adopting a keyword matching mode; encrypting the sensitive data by using a quantum key corresponding to the current moment, and encrypting the non-sensitive data by using a preset mixed encryption scheme, wherein the preset mixed encryption scheme is an encryption scheme constructed based on a post quantum cryptography algorithm and a national cipher block cryptography algorithm; And splicing the encrypted sensitive data and the encrypted non-sensitive data, and sending the corresponding spliced data to a data receiving end corresponding to the financial transaction service, so that the data receiving end decrypts the spliced data to obtain the financial transaction data. Optionally, the quantum key generation process includes: The quantum key is generated by combining a quantum random number generator by utilizing a quantum key distribution technology based on a tri-base vector. Optionally, the method further comprises: and updating the quantum key based on a preset key life cycle and the transaction frequency of the financial transaction service. Optionally, the encrypting the non-sensitive data by using a preset hybrid encryption scheme includes: And carrying out serial encryption on the non-sensitive data by using a first cryptographic algorithm and a second cryptographic algorithm, wherein the first cryptographic algorithm is any one algorithm of a post quantum cryptographic algorithm and a national cipher block cryptographic algorithm, and the second cryptographic algorithm is the other algorithm of the post quantum cryptographic algorithm and the national cipher block cryptographic algorithm. Optionally, the sending the corresponding spliced data to the data receiving end corresponding to the financial transaction service includes: generating a transaction check code corresponding to the spliced data based on a preset check code formula; Adding the transaction verification code to the spliced data to obtain data to be sent; And sending the data to be sent to a data receiving end corresp