[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN104205117A - Device file encryption and decryption method and device - Google Patents

Device file encryption and decryption method and device Download PDF

Info

Publication number
CN104205117A
CN104205117A CN201480000612.9A CN201480000612A CN104205117A CN 104205117 A CN104205117 A CN 104205117A CN 201480000612 A CN201480000612 A CN 201480000612A CN 104205117 A CN104205117 A CN 104205117A
Authority
CN
China
Prior art keywords
files
blocks
device file
encryption
cryptographic algorithm
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201480000612.9A
Other languages
Chinese (zh)
Other versions
CN104205117B (en
Inventor
宋卓
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Publication of CN104205117A publication Critical patent/CN104205117A/en
Application granted granted Critical
Publication of CN104205117B publication Critical patent/CN104205117B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/14Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using a plurality of keys or algorithms
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • General Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Storage Device Security (AREA)
  • Information Retrieval, Db Structures And Fs Structures Therefor (AREA)

Abstract

The embodiment of the present invention provides a device file encryption and decryption method and device. The device file encryption and decryption method comprises dividing a device file into a first portion and a second portion, the first portion and the second portion individually comprising at least one file block; encrypting the first portion and the second portion individually, the encryption algorithm corresponding to the file block in the first portion being a first encryption algorithm while the encryption algorithm corresponding to the file block in the second portion being a second encryption algorithm, and the first encryption algorithm being different from the second encryption algorithm; and storing the encrypted device file. With adoption of the device file encryption and decryption method and device provided by the utility model, the device file can be encrypted, and security and processing speed are also considered.

Description

The encipher-decipher method of device file and device
Technical field
The embodiment of the present invention relates to field of computer technology, relates in particular to a kind of encipher-decipher method and device of device file.
Background technology
In current various communication, electronics, mechanical production devices, generally all adopt software mode to control the various functions of equipment, the software of realizing various functions in equipment is referred to as device software.Device software is as a part for equipment, be a part for equipment manufacturers' intellecture property, in order to ensure that device software is not cracked leakage by modes such as dis-assemblings, and increase the complexity that device software is tampered simultaneously, need to be encrypted storage to device software, in the time of operation, just be decrypted.
Usually, the software package file of device software is larger, and the system overhead that the large file in device software is encrypted or is deciphered is larger, consuming time long.In the time of device start, need first the software package file in device software to be decrypted, therefore the deciphering time becomes a key factor that affects the device start time.In the time that device software is carried out edition upgrading, need the software package of the device software to downloading to be encrypted rear storage, software package is encrypted to the processor expense that can take equipment, if the excessive operation that can affect regular traffic of expense.
Prior art generally includes two kinds to the encryption method of large file in device software, the first is to adopt weak encryption algorithm to be encrypted large file in device software, conventionally only to the software in device software, configuration file is encrypted, large file in device software (for example software package) is not encrypted, although encryption time and the deciphering time of weak encryption algorithm are shorter, but security is lower, after weak encryption algorithm is cracked, can cause the leakage of equipment vendors' key message assets by decompiling, the attack that simultaneously undertaken by the mode of code analysis leak by hacker.Another kind is to adopt strong cipher algorithms to be encrypted the software in device software, configuration file and large file, although this method is safe, the time of encryption and decryption is longer, high to device handler resource requirement, expense is large, can increase equipment cost.
In sum, prior art is not taken into account security and processing speed to the encipher-decipher method of large file in device software simultaneously.
Summary of the invention
The invention provides a kind of encipher-decipher method and device of device file, can, in the time that device file is carried out to encryption and decryption, take into account security and processing speed simultaneously.
First aspect provides a kind of encryption method of device file, comprising:
Described device file is divided into Part I and Part II, and wherein, described Part I and described Part II comprise respectively at least one blocks of files;
Described Part I and described Part II are encrypted respectively, cryptographic algorithm corresponding to blocks of files in wherein said Part I is the first cryptographic algorithm, cryptographic algorithm corresponding to blocks of files in described Part II is the second cryptographic algorithm, and described the first cryptographic algorithm is different from described the second cryptographic algorithm;
The device file of storage encryption.
In the possible implementation of first aspect the first, describedly described device file is divided into Part I and Part II comprises:
Described device file is divided into at least two blocks of files;
Described at least two blocks of files are combined as to described Part I and described Part II, and wherein said Part I and described Part II comprise respectively at least one blocks of files.
In conjunction with the possible implementation of first aspect the first, in the possible implementation of the second, described described device file is divided into at least two blocks of files, comprising:
Described device file is divided into at least two blocks of files, and wherein, the start address of each blocks of files and length are determined according to preset strategy;
Described described at least two blocks of files are combined as to described Part I and described Part II, comprise:
Described at least two blocks of files are combined as to described Part I and described Part II, and wherein, the position of the included blocks of files of described Part I and described Part II and quantity are determined according to described strategy respectively;
Described described Part I and described Part II are encrypted respectively before, also comprise:
Determine described the second cryptographic algorithm corresponding to blocks of files in blocks of files in described Part I corresponding the first cryptographic algorithm and described Part II according to described strategy.
In conjunction with the possible implementation of first aspect the second, in the third possible implementation, described strategy comprises: cryptographic algorithm corresponding to blocks of files in the position of blocks of files and quantity, described Part I and described Part II in the start address of blocks of files and length, described Part I and described Part II while cutting apart for described device file.
In the 4th kind of possible implementation of first aspect, the importance of the data in the blocks of files that described Part I comprises is greater than the importance of the data in the blocks of files that described Part II comprises; Described the first cryptographic algorithm safe in the security of described the second cryptographic algorithm.
In conjunction with the 4th kind of possible implementation of first aspect, in the 5th kind of possible implementation, describedly described device file is divided into Part I and Part II comprises:
Described device file is divided into at least two blocks of files;
The blocks of files that the importance of the data in described at least two blocks of files is exceeded to predetermined threshold value is combined as described Part I;
The blocks of files that the importance of the data in described at least two blocks of files is not exceeded to predetermined threshold value is combined as described Part II.
In the 6th kind of possible implementation of first aspect, the ratio that the capacity of the blocks of files in described Part I accounts for described device file total volume is the first ratio.
In conjunction with the 6th kind of possible implementation of first aspect, in the 7th kind of possible implementation, describedly described device file is divided into Part I and Part II comprises:
Described device file is divided into at least two blocks of files,
A part of blocks of files in described at least two blocks of files is combined as to described Part I, and the ratio that the capacity of described a part of blocks of files accounts for described device file total volume is described the first ratio;
Another part blocks of files except a described part in described at least two blocks of files is combined as to described Part II.
In conjunction with the 6th kind of first aspect or the 7th kind of possible implementation, in the 8th kind of possible implementation, described the first cryptographic algorithm safe in the security of described the second cryptographic algorithm; Described the first ratio is less than 50%.
In conjunction with first aspect the second or the 8th kind of any possible implementation of possible implementation kind, in the 9th kind of possible implementation, described method also comprises:
Information generated table, blocks of files in the position of the start address of each blocks of files and the included blocks of files of length, described Part I and described Part II and quantity, described Part I and the corresponding relation of the first cryptographic algorithm at least two blocks of files described in described information table comprises, the corresponding relation of the blocks of files in described Part II and described the second cryptographic algorithm;
Described information table is stored in to the predeterminable area of the device file of described encryption, or described information table is stored as to the first file of the device file that is independent of described encryption.
In conjunction with the 9th kind of possible implementation of first aspect, in the tenth kind of possible implementation, after described information generated table, also comprise:
Described information table is encrypted, and the cryptographic algorithm that described information table is corresponding is described the first cryptographic algorithm;
The described predeterminable area that described information table is stored in to the device file of described encryption, or described information table is stored as to the first file of the device file that is independent of described encryption, comprising:
The information table of described encryption is stored in to the predeterminable area of the device file of described encryption, or the information table of described encryption is stored as to the first file of the device file that is independent of described encryption.
Second aspect provides a kind of decryption method of device file, comprising:
The device file of encryption is divided into Part I and Part II, and wherein said Part I and described Part II comprise respectively at least one blocks of files;
Described Part I and described Part II are decrypted respectively, decipherment algorithm corresponding to blocks of files in wherein said Part I is the first decipherment algorithm, decipherment algorithm corresponding to blocks of files in described Part II is the second decipherment algorithm, and described the first decipherment algorithm is different from described the second decipherment algorithm;
The device file of store decrypted.
In the possible implementation of second aspect the first, the described device file by encryption is divided into Part I and Part II, comprising:
The device file of described encryption is divided into described Part I and described Part II, wherein, the position of the included blocks of files of described Part I and described Part II and quantity determines according to preset strategy respectively, and start address and the length of the included blocks of files of described Part I and described Part II are determined according to described strategy respectively;
Described described Part I and described Part II are decrypted respectively before, also comprise:
Determine described the second decipherment algorithm corresponding to blocks of files in blocks of files in described Part I corresponding described the first decipherment algorithm and described Part II according to described strategy.
In conjunction with the possible implementation of second aspect the first, in the possible implementation of the second, described strategy comprises: decipherment algorithm corresponding to blocks of files in the position of blocks of files and quantity, described Part I and described Part II in the start address of blocks of files and length, described Part I and described Part II in described Part I and described Part II.
In the third possible implementation of second aspect, the described device file by encryption also comprises before being divided into Part I and Part II:
From the device file of described encryption or be independent of the information table that obtains the device file of described encryption in first file of device file of described encryption, described information table comprises described the second cryptographic algorithm corresponding to blocks of files in the blocks of files in the position of the start address of blocks of files in described Part I and described Part II and the included blocks of files of length, described Part I and described Part II and quantity, described Part I corresponding described the first cryptographic algorithm and described Part II;
The described device file by encryption is divided into Part I and Part II, comprising:
According to position and the quantity of the start address of blocks of files in Part I described in described information table and described Part II and the included blocks of files of length, described Part I and described Part II, the device file of described encryption is divided into described Part I and described Part II;
Described described Part I and described Part II are decrypted respectively before, also comprise:
According to described the second cryptographic algorithm corresponding to blocks of files in the blocks of files in Part I described in described information table corresponding described the first cryptographic algorithm and described Part II, determine described the second decipherment algorithm corresponding to blocks of files in blocks of files in described Part I corresponding described the first decipherment algorithm and described Part II, described the first decipherment algorithm and described the first cryptographic algorithm are reciprocal, and described the second decipherment algorithm and described the second cryptographic algorithm are reciprocal.
In conjunction with the third possible implementation of second aspect, in the 4th kind of possible implementation, if described information table is the information table of encrypting, described from the device file of described encryption or after being independent of and obtaining the information table of device file of described encryption in first file of device file of described encryption, also comprise:
Information table to described encryption is decrypted.
The third aspect provides a kind of encryption device of device file, comprising:
Cutting unit, for described device file is divided into Part I and Part II, wherein, described Part I and described Part II comprise respectively at least one blocks of files;
Ciphering unit, for described Part I and described Part II are encrypted respectively, cryptographic algorithm corresponding to blocks of files in wherein said Part I is the first cryptographic algorithm, cryptographic algorithm corresponding to blocks of files in described Part II is the second cryptographic algorithm, and described the first cryptographic algorithm is different from described the second cryptographic algorithm;
Storage unit, for the device file of storage encryption.
In the possible implementation of third aspect the first, described cutting unit, comprising:
Cut apart subelement, for described device file is divided into at least two blocks of files;
Combination subelement, for described at least two blocks of files are combined as to described Part I and described Part II, wherein said Part I and described Part II comprise respectively at least one blocks of files.
In conjunction with the possible implementation of third aspect the first, in the possible implementation of the second, described in cut apart subelement, specifically for described device file is divided into at least two blocks of files, wherein, the start address of each blocks of files and length are determined according to preset strategy;
Described combination subelement, specifically for described at least two blocks of files are combined as to described Part I and described Part II, wherein, the position of the included blocks of files of described Part I and described Part II and quantity are determined according to described strategy respectively;
The encryption device of described device file, also comprises:
Determining unit, for determining described the second cryptographic algorithm corresponding to blocks of files in the blocks of files of described Part I corresponding the first cryptographic algorithm and described Part II according to described strategy.
In conjunction with the possible implementation of third aspect the second, in the third possible implementation, described strategy comprises: cryptographic algorithm corresponding to blocks of files in the position of blocks of files and quantity, described Part I and described Part II in the start address of blocks of files and length, described Part I and described Part II while cutting apart for described device file.
In the 4th kind of possible implementation of the third aspect, the importance of the data in the blocks of files that described Part I comprises is greater than the importance of the data in the blocks of files that described Part II comprises; Described the first cryptographic algorithm safe in the security of described the second cryptographic algorithm.
In conjunction with the 4th kind of possible implementation of the third aspect, in the 5th kind of possible implementation, described in cut apart subelement, specifically for described device file is divided into at least two blocks of files;
Described combination subelement, is also combined as described Part I for the blocks of files that the importance of the data of described at least two blocks of files is exceeded to predetermined threshold value; The blocks of files that the importance of the data in described at least two blocks of files is not exceeded to predetermined threshold value is combined as described Part II.
In the 6th kind of possible implementation of the third aspect, the ratio that the capacity of the blocks of files in described Part I accounts for described device file total volume is the first ratio.
In conjunction with the 6th kind of possible implementation of the third aspect, in the 7th kind of possible implementation, described in cut apart subelement, also for described device file is divided into at least two blocks of files;
Described combination subelement, also for a part of blocks of files of described at least two blocks of files is combined as to described Part I, the ratio that the capacity of described a part of blocks of files accounts for described device file total volume is described the first ratio; Another part blocks of files except a described part in described at least two blocks of files is combined as to described Part II.
In conjunction with the 6th kind of the third aspect or the 7th kind of possible implementation, in the 8th kind of possible implementation, described the first cryptographic algorithm safe in the security of described the second cryptographic algorithm; Described the first ratio is less than 50%.
In conjunction with third aspect the second or the 8th kind of any possible implementation of possible implementation kind, in the 9th kind of possible implementation, the encryption device of described device file also comprises:
Generation unit, for information generated table, blocks of files in the position of the start address of each blocks of files and the included blocks of files of length, described Part I and described Part II and quantity, described Part I and the corresponding relation of the first cryptographic algorithm at least two blocks of files described in described information table comprises, the corresponding relation of the blocks of files in described Part II and described the second cryptographic algorithm;
Described storage unit, also for described information table being stored in to the predeterminable area of the device file of described encryption, or is stored as described information table the first file of the device file that is independent of described encryption.
In conjunction with the 9th kind of possible implementation of the third aspect, in the tenth kind of possible implementation, described ciphering unit, also for described information table is encrypted, the cryptographic algorithm that described information table is corresponding is described the first cryptographic algorithm;
Described storage unit, also for the information table of encryption being stored in to the predeterminable area of the device file of described encryption, or is stored as the information table of encryption the first file of the device file that is independent of described encryption.
Fourth aspect provides a kind of decryption device of device file, comprising:
Cutting unit, for the device file of encryption is divided into Part I and Part II, wherein said Part I and described Part II comprise respectively at least one blocks of files;
Decryption unit, for described Part I and described Part II are decrypted respectively, decipherment algorithm corresponding to blocks of files in wherein said Part I is the first decipherment algorithm, decipherment algorithm corresponding to blocks of files in described Part II is the second decipherment algorithm, and described the first decipherment algorithm is different from described the second decipherment algorithm;
Storage unit, for the device file of store decrypted.
In the possible implementation of fourth aspect the first, described cutting unit, specifically for the device file of described encryption being divided into described Part I and described Part II, wherein, the position of the included blocks of files of described Part I and described Part II and quantity determines according to preset strategy respectively, and start address and the length of the included blocks of files of described Part I and described Part II are determined according to described strategy respectively;
The decryption device of described device file, also comprises:
Determining unit, for determining described the second decipherment algorithm corresponding to blocks of files in the blocks of files of described Part I corresponding described the first decipherment algorithm and described Part II according to described strategy.
In conjunction with the possible implementation of fourth aspect the first, in the possible implementation of the second, described strategy comprises: decipherment algorithm corresponding to blocks of files in the position of blocks of files and quantity, described Part I and described Part II in the start address of blocks of files and length, described Part I and described Part II in described Part I and described Part II.
In the third possible implementation of fourth aspect, the decryption device of described device file also comprises:
Acquiring unit, for from the device file of described encryption or be independent of the information table that obtains the device file of described encryption first file of device file of described encryption, described information table comprises described the second cryptographic algorithm corresponding to blocks of files in the blocks of files in the position of the start address of blocks of files in described Part I and described Part II and the included blocks of files of length, described Part I and described Part II and quantity, described Part I corresponding described the first cryptographic algorithm and described Part II;
Described cutting unit, also, for according to position and the quantity of the start address of Part I described in described information table and described Part II blocks of files and the included blocks of files of length, described Part I and described Part II, the device file of described encryption is divided into described Part I and described Part II;
Described determining unit, also for according to described the second cryptographic algorithm corresponding to blocks of files in the blocks of files of Part I described in described information table corresponding described the first cryptographic algorithm and described Part II, determine described the second decipherment algorithm corresponding to blocks of files in blocks of files in described Part I corresponding described the first decipherment algorithm and described Part II, described the first decipherment algorithm and described the first cryptographic algorithm are reciprocal, and described the second decipherment algorithm and described the second cryptographic algorithm are reciprocal.
In conjunction with the third possible implementation of fourth aspect, in the 4th kind of possible implementation, described decryption unit, also for, if described information table be encrypt information table time, the information table of described encryption is decrypted.
The encipher-decipher method of the device file that the embodiment of the present invention provides and device, by device file being divided into Part I and Part II, and use the first different cryptographic algorithm and the second cryptographic algorithm to be encrypted the blocks of files in Part I and Part II, then the device file of storage encryption, makes the device file of encrypting take into account security and the processing speed of encryption and decryption.
Brief description of the drawings
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, to the accompanying drawing of required use in embodiment or description of the Prior Art be briefly described below, apparently, accompanying drawing in the following describes is some embodiments of the present invention, for those of ordinary skill in the art, do not paying under the prerequisite of creative work, can also obtain according to these accompanying drawings other accompanying drawing.
The process flow diagram of the encryption method embodiment mono-of the device file that Fig. 1 provides for the embodiment of the present invention;
The process flow diagram of the encryption method embodiment bis-of the device file that Fig. 2 provides for the embodiment of the present invention;
The process flow diagram of the encryption method embodiment tri-of the device file that Fig. 3 provides for the embodiment of the present invention;
The process flow diagram of the encryption method embodiment tetra-of the device file that Fig. 4 provides for the embodiment of the present invention;
The process flow diagram of the decryption method embodiment mono-of the device file that Fig. 5 provides for the embodiment of the present invention;
The process flow diagram of the decryption method embodiment bis-of the device file that Fig. 6 provides for the embodiment of the present invention;
The process flow diagram of the decryption method embodiment tri-of the device file that Fig. 7 provides for the embodiment of the present invention;
The structural representation of the encryption device embodiment mono-of the device file that Fig. 8 provides for the embodiment of the present invention;
The structural representation of the encryption device embodiment bis-of the device file that Fig. 9 provides for the embodiment of the present invention;
The structural representation of the encryption device embodiment tri-of the device file that Figure 10 provides for the embodiment of the present invention;
The structural representation of the encryption device embodiment tetra-of the device file that Figure 11 provides for the embodiment of the present invention;
The structural representation of the decryption device embodiment mono-of the device file that Figure 12 provides for the embodiment of the present invention;
The structural representation of the decryption device embodiment bis-of the device file that Figure 13 provides for the embodiment of the present invention;
The structural representation of the decryption device embodiment tri-of the device file that Figure 14 provides for the embodiment of the present invention;
The structural representation of the encryption device embodiment five of the device file that Figure 15 provides for the embodiment of the present invention;
The structural representation of the decryption device embodiment tetra-of the device file that Figure 16 provides for the embodiment of the present invention.
Embodiment
For making object, technical scheme and the advantage of the embodiment of the present invention clearer, below in conjunction with the accompanying drawing in the embodiment of the present invention, technical scheme in the embodiment of the present invention is clearly and completely described, obviously, described embodiment is the present invention's part embodiment, instead of whole embodiment.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtaining under creative work prerequisite, belong to the scope of protection of the invention.
In prior art, while carrying out encryption and decryption for the file in device software, can choice for use strong cipher algorithms or weak encryption algorithm, wherein, strong cipher algorithms safe in the security of weak encryption algorithm.File in device software is called to device file, usually, the computational complexity of strong cipher algorithms is higher than weak encryption algorithm, therefore adopts the processing speed of the device file encryption and decryption that strong cipher algorithms is encrypted slower than the processing speed of the device file encryption and decryption that adopts weak encryption algorithm to be encrypted.Therefore in prior art or select strong cipher algorithms to be encrypted device file, ensure the security of device file, but sacrifice the processing speed of device file being carried out to encryption and decryption; Or select weak encryption algorithm to be encrypted device file, improve the processing speed of device file being carried out to encryption and decryption, but sacrifice the security of device file.In a word, the method that prior art is carried out encryption and decryption to device file is not taken into account security and processing speed simultaneously.
Wherein, strong cipher algorithms has multiple, for example 3DES, AES, RSA 1024Bit scheduling algorithm, wherein, 3DES algorithm refers to and uses two length (16 byte) key K=(KL||KR) 8 byte block of plaintext data are carried out to 3 des encryption/deciphering, and AES is that the NIST of American National Standard technical institute is intended to the encryption standard of the 21 century that replaces DES; RSA public-key encryptosystem is exactly to use different encryption key and decruption key, can be simultaneously for encrypting and the algorithm of digital signature, 1024 of RSA refer to that PKI and private key are respectively 1024bit, namely 1024/8=128 Bytes, is equivalent to the intensity of symmetric encipherment algorithm 80bit key.
Weak encryption algorithm has multiple, for example AES 256-SHA1, RC4-MD5 scheduling algorithm, wherein, AES-256: key length is Advanced Encryption Standard (Advanced Encryption Standard, the AES) SHA-1 of 256: a kind of Secure Hash Algorithm (Secure Hash Algorithm).
In view of the problem of prior art, the embodiment of the present invention provides a kind of encipher-decipher method and device of device file, by device file to be encrypted is divided into at least two parts, adopt different cryptographic algorithm to be encrypted for every part, thereby obtain the device file that adopts different cryptographic algorithm to be encrypted.In the time that the device file of encrypting is decrypted, equally the device file of encryption is divided into at least two parts, adopt respectively corresponding decipherment algorithm to be decrypted for the part that adopts different cryptographic algorithm, obtain original device file.The enciphering and deciphering algorithm of the device file providing due to the embodiment of the present invention has adopted at least two kinds of different cryptographic algorithm to be encrypted to device file, increase the complexity that device file is encrypted, simultaneously because security and the processing speed of every kind of cryptographic algorithm are all different, thereby processing speed is fast during than cryptographic algorithm that only safety in utilization is the highest, and safe when only using the fastest cryptographic algorithm of processing speed.Security and processing speed when the encipher-decipher method that is to say the device file that the embodiment of the present invention provides has been taken into account device file encryption and decryption simultaneously, ensureing, under the prerequisite of device file security, to have saved system resource.
For the ease of statement, in the following each embodiment of the present invention, by encrypt device file referred to as encrypt file.
The process flow diagram of the encryption method embodiment mono-of the device file that Fig. 1 provides for the embodiment of the present invention, as shown in Figure 1, the method for the present embodiment comprises:
Step S101, is divided into Part I and Part II by device file, and wherein, Part I and Part II comprise respectively at least one blocks of files.
For example, in the method that the present embodiment provides, device file is divided into Part I and Part II, wherein every part adopts respectively different cryptographic algorithm to be encrypted.When device file is divided into Part I and Part II, what in Part I and Part II, generally comprise is not continuous data, therefore each section of continuous data that Part I and Part II comprised are called a blocks of files, in the time determining that Part I and Part II are distinguished corresponding cryptographic algorithm, to use a kind of cryptographic algorithm to be encrypted for each blocks of files, after that is to say device file being cut apart, the encryption granularity of cryptographic algorithm is blocks of files.
Step S102, Part I and Part II are encrypted respectively, wherein cryptographic algorithm corresponding to the blocks of files in Part I is the first cryptographic algorithm, and cryptographic algorithm corresponding to blocks of files in Part II is the second cryptographic algorithm, and the first cryptographic algorithm is different from the second cryptographic algorithm.
For example, after device file is cut apart, respectively Part I and Part II are encrypted, wherein, use different cryptographic algorithm to be encrypted the blocks of files in Part I and Part II.Cryptographic algorithm corresponding blocks of files in Part I is called to the first cryptographic algorithm, cryptographic algorithm corresponding blocks of files in Part II is called to the second cryptographic algorithm, wherein the first cryptographic algorithm is different from the second cryptographic algorithm.The first cryptographic algorithm is different from the second cryptographic algorithm, the security that means the first cryptographic algorithm and the second cryptographic algorithm there are differences, and the processing speed of the first cryptographic algorithm and the second cryptographic algorithm is also different, the processing speed that the file that uses the first cryptographic algorithm and the second cryptographic algorithm to encrypt is decrypted is also different.Therefore the device file that uses this step to encrypt has the security higher than the device file that only uses separately the first cryptographic algorithm or the second cryptographic algorithm to encrypt or processing speed faster.Therefore the device file encryption method that adopts the embodiment of the present invention to provide, size and the first cryptographic algorithm and second cryptographic algorithm of the Part I of device file being cut apart by adjustment and Part II, can in the time that device file is encrypted, take into account security and processing speed, make the device file of encrypting not only ensure certain security but also there is processing speed faster.
Step S103, the device file of storage encryption.
For example, after device file being encrypted in step S102, store device file into corresponding position, need to read this device file in the time of operational outfit software time, first the device file of this encryption will be read, then to can read unencrypted original device file after the device file deciphering of encrypting.
It should be noted that, in the present embodiment, device file is divided into two parts as example, the encryption method of the device file that the present embodiment is provided describes, but the encryption method of device file provided by the invention is not as limit.As long as device file being divided into at least two parts; every part comprises at least one blocks of files; and adopt respectively different cryptographic algorithm to be encrypted to the blocks of files in every part, obtain the technical scheme of the device file of encrypting all within protection scope of the present invention.
The present embodiment is by being divided into device file Part I and Part II, and use the first different cryptographic algorithm and the second cryptographic algorithm to be encrypted the blocks of files in Part I and Part II, then the device file of storage encryption, makes the device file of encrypting take into account security and the processing speed of encryption and decryption.
Further, in the embodiment shown in fig. 1, step S101 specifically comprises: described device file is divided into at least two blocks of files; Described at least two blocks of files are combined as to described Part I and described Part II, and wherein said Part I and described Part II comprise respectively at least one blocks of files.
For example, because the encryption granularity of device file is blocks of files, while therefore in fact device file being divided into Part I and Part II, first device file can be divided into at least two blocks of files.Each blocks of files is here the one piece of data that can use a cryptographic algorithm to be encrypted.And then according to the corresponding cryptographic algorithm of each blocks of files, need to use the blocks of files of identical cryptographic algorithm to be combined as same part, generate Part I and the Part II of device file.Wherein in Part I and Part II, at least comprise a blocks of files.
Because the encryption granularity that device file is encrypted is blocks of files, therefore the blocks of files in Part I and the Part II of if desired cutting apart is continuous, can be according to the method for step S101, directly device file is divided into Part I and Part II, makes to comprise respectively in Part I and Part II at least one blocks of files.And if blocks of files in Part I and the Part II that need to cut apart is not Coutinuous store, so just needs first device file is divided into at least one blocks of files, and then at least one blocks of files is combined as to Part I and Part II.In addition, in the time that the blocks of files in Part I and Part II is encrypted, also there are two kinds of concrete methods, can first use corresponding cryptographic algorithm to be encrypted to the blocks of files in Part I and Part II, then the blocks of files after encrypting is reassembled into Part I and the Part II after encryption; Or first the blocks of files in Part I and Part II is combined, then used corresponding cryptographic algorithm to be encrypted Part I or Part II unification.
Similarly, when device file is divided into plural part by needs, and while adopting different cryptographic algorithm to be encrypted the blocks of files in every part, also be first device file to be divided into multiple blocks of files, and multiple blocks of files are combined as to multiple parts, and ensure that every part comprises at least one blocks of files.
The process flow diagram of the encryption method embodiment bis-of the device file that Fig. 2 provides for the embodiment of the present invention, as shown in Figure 2, the method for the present embodiment comprises:
Step S201, is divided at least two blocks of files by device file, and wherein, the start address of each blocks of files and length are determined according to preset strategy.
For example, the present embodiment, on basis embodiment illustrated in fig. 1, provides a kind of concrete device file encryption method further.In the present embodiment, by device file be divided at least two blocks of files according to being the strategy of presetting, this preset strategy is pre-configured in system.A device file can be regarded the data of storing in one section of continuous address in storer as, in the time that device file is cut apart, only need to determine start address and the length of a blocks of files, can determine a blocks of files.Therefore, in this step, according to the start address of each blocks of files in preset strategy and length, just device file can be divided into at least two blocks of files.
Step S202, is combined as Part I and Part II by described at least two blocks of files, and wherein, the position of the included blocks of files of Part I and Part II and quantity are determined according to described strategy respectively.
For example, according to preset strategy, device file is being divided into after at least two blocks of files, still according to preset strategy, at least two blocks of files is being combined as to Part I and the Part II of this device file.Because the length of each blocks of files is determined, therefore in the time that at least two blocks of files are combined as to Part I and Part II, only the position of blocks of files included in every part and quantity need to be determined, just can determine concrete data included in Part I and Part II.
Step S203, determines the second cryptographic algorithm corresponding to blocks of files in blocks of files in Part I corresponding the first cryptographic algorithm and Part II according to described strategy, and the first cryptographic algorithm is different from the second cryptographic algorithm.
For example, device file is being divided into after Part I and Part II, or is determining that according to default strategy in Part I and Part II, blocks of files is distinguished corresponding cryptographic algorithm.That is to say in the present embodiment how device file is cut apart, every part of the device file after cutting apart respectively corresponding which kind of cryptographic algorithm is encrypted all definite according to preset strategy.
Step S204, is encrypted respectively Part I and Part II, and wherein cryptographic algorithm corresponding to the blocks of files in Part I is the first cryptographic algorithm, and cryptographic algorithm corresponding to blocks of files in Part II is the second cryptographic algorithm.
For example, this step is identical with step S102.In the present embodiment, in the time that device file is encrypted, cryptographic algorithm corresponding to each several part after device file is cut apart and cut apart all determined according to preset strategy, therefore in the time that the device file of encrypting is decrypted, can be decrypted the device file of this encryption according to preset strategy, thereby obtain original device file.
Step S205, the device file of storage encryption.
In the encryption method of the device file that the present embodiment provides, according to preset strategy, device file cut apart and encrypted, thereby in the time that the device file of encrypting is decrypted, can be decrypted according to preset strategy equally, a kind of concrete grammar that device file is encrypted is provided.
Further, in embodiment illustrated in fig. 2, this default strategy comprises: cryptographic algorithm corresponding to blocks of files in the position of blocks of files and quantity, described Part I and described Part II in the start address of blocks of files and length, described Part I and described Part II while cutting apart for described device file.
For example, this default strategy can be based on experience value or historical data determine, or this default strategy can be set by user oneself.This strategy comprises the content of device file being cut apart and determined used cryptographic algorithm, specifically comprise start address and the length of each blocks of files when device file is divided into at least two blocks of files, and position and the quantity of the Chinese part piece of every part when at least two blocks of files are merged into Part I and Part II, device file can be divided into Part I and Part II according to above-mentioned two parts content.In this strategy, also comprise cryptographic algorithm corresponding to blocks of files in Part I and Part II, so just can be encrypted device file according to default strategy.
It should be noted that, in embodiment illustrated in fig. 2, device file is divided into two parts as example, the encryption method of the device file that the present embodiment is provided describes, but the encryption method of device file provided by the invention is not as limit.For example can first device file be divided into at least two blocks of files, wherein, the start address of each blocks of files and size are determined according to default strategy; Then described at least two blocks of files are combined as at least two parts of device file, wherein, the position of the included blocks of files of every part and quantity determines according to described strategy respectively, and every part comprises at least one blocks of files; Next determine cryptographic algorithm corresponding to blocks of files in every part at least two parts of device file, wherein cryptographic algorithm difference corresponding to the blocks of files in every part according to described strategy.At least two parts after finally device file being cut apart are encrypted, and obtain the device file of encrypting.
The encryption method embodiment tri-of the device file that the embodiment of the present invention provides provides another kind of concrete device file encryption method, in the present embodiment, device file being cut apart and when definite cryptographic algorithm, the importance of the data in the blocks of files that Part I comprises is greater than the importance of the data in the blocks of files that Part II comprises; The first cryptographic algorithm safe in the security of the second cryptographic algorithm.That is to say, in the present embodiment, be according to the importance of the data of storage, device file to be cut apart, and determine corresponding cryptographic algorithm, cryptographic algorithm corresponding to part that wherein importance of the data of storing is high.
The process flow diagram of the encryption method embodiment tri-of the device file that Fig. 3 provides for the embodiment of the present invention, as shown in Figure 3, the method for the present embodiment comprises:
Step S301, is divided at least two blocks of files by device file.
For example, in the present embodiment, can randomly device file be divided into at least two blocks of files, also can device file be divided into at least two blocks of files according to the importance of the data of storing in device file.In device file, in the various data of storage, there are some important data, such as key algorithm, crucial processing policy etc., be just equivalent to whole device file leakage once these important data are revealed; Even and if for example database data are revealed, do not having under the support of key algorithm and processing policy, cannot obtain whole device file yet.For the different pieces of information of storing in device file, can corresponding importance rate be set to it, for example the data of the safety effects maximum to device file for stored key algorithm, crucial processing policy etc., can be set to limit priority; For the data such as general algorithm, general processing policy of device file, can be set to high medium priority; And for database on security substantially without impact data, can be set to low priority.In addition, the importance rate of device file can also be divided more meticulously, for example, be divided into 5 grades, 7 grades etc.In the present embodiment, when device file is divided into at least two blocks of files, can be according to the importance of stored data, the part that importance is exceeded to the part of predetermined threshold value and do not exceed predetermined threshold value separates, make the importance of the data of storing in some blocks of files in the blocks of files after cutting apart exceed predetermined threshold value, and the importance of the data of storing in other blocks of files does not exceed predetermined threshold value.Even at random device file is cut apart, also need the importance of the data in each blocks of files to judge.When device file is cut apart, as the importance threshold value of cutting apart foundation can be based on experience value or system processing power default, for example importance rate is divided into 5 grades, its middle grade 1 represents that importance is the highest, class 5 represents that importance is minimum, default importance threshold value can be 3, and in the time that the importance of the data of storing in blocks of files in device file is 1 or 2, judgement exceedes predetermined threshold value; In the time that the importance of the data of storing in blocks of files in device file is 3,4,5, judgement does not exceed predetermined threshold value.
Step S302, the blocks of files that the importance of the data in described at least two blocks of files is exceeded to predetermined threshold value is combined as Part I.
Step S303, the blocks of files that the importance of the data in described at least two blocks of files is not exceeded to predetermined threshold value is combined as Part II.
For example, in step S302 and S303, the cutting apart device file based on step S301, the blocks of files that the importance of stored data is exceeded to predetermined threshold value is combined, as the Part I of described device file, and the blocks of files that the importance of stored data does not exceed predetermined threshold value is combined, as the Part II of described device file.So just according to the importance of stored data, device file is cut apart for Part I and Part II.
Step S304, Part I and Part II are encrypted respectively, wherein cryptographic algorithm corresponding to the blocks of files in Part I is the first cryptographic algorithm, cryptographic algorithm corresponding to blocks of files in Part II is the second cryptographic algorithm, the first cryptographic algorithm safe in the security of the second cryptographic algorithm.
For example, in the time that the Part I of the device file to after cutting apart and Part II are encrypted, because the importance of the data of storing in Part I exceedes predetermined threshold value, therefore the blocks of files in Part I being encrypted to the security of the first used cryptographic algorithm also can be higher; Just can be lower than the security of the first cryptographic algorithm and the blocks of files in Part II is encrypted to the security of the second used cryptographic algorithm.Ensure the security of the significant data of storing in device file, be just equivalent to ensure the security of whole device file; And the second relatively low cryptographic algorithm of safety in utilization is encrypted the lower data of importance, the processing speed of encryption and decryption can be very fast.Therefore the device file encryption method that the present embodiment provides both can ensure the security of device file, had improved again the processing speed of encryption and decryption.
In the present embodiment, as long as the first cryptographic algorithm is safe in the security of the second cryptographic algorithm, the security of the security meeting of the device file of encrypting when only using the second cryptographic algorithm, and the processing speed that processing speed can be when only being used the first cryptographic algorithm.And the security of the device file of encrypting gap when only using the first cryptographic algorithm to be encrypted is little.
Step S305, the device file of storage encryption.
In the encryption method of the device file that the present embodiment provides, according to the importance of stored data, device file cut apart and encrypted, thereby a kind of concrete grammar more reasonably device file being encrypted is provided.
Further, in the embodiment shown in fig. 3, before the device file of step S305 storage encryption, also comprise: information generated table, blocks of files in the position of the start address of each blocks of files and the included blocks of files of length, described Part I and described Part II and quantity, described Part I and the corresponding relation of the first cryptographic algorithm at least two blocks of files described in described information table comprises, the corresponding relation of the blocks of files in described Part II and described the second cryptographic algorithm; Information table is stored in to the predeterminable area of the device file of encryption, or information table is stored as to the first file that is independent of device file.
For example, in the embodiment shown in fig. 3, can cut apart device file according to the importance of the data of storing in device file, or at random device file be cut apart, and distribute corresponding cryptographic algorithm for the device file after cutting apart.But in the time that the device file of encrypting is decrypted, need to know which kind of cryptographic algorithm is which part of the device file to encrypting used, could use corresponding decipherment algorithm to be decrypted processing.Therefore on the basis in implementing shown in Fig. 3, all right information generated table, this information table comprises the various information that device file is cut apart and encrypted, for example, described in described information table the comprises blocks of files in the position of the start address of each blocks of files and the included blocks of files of length, described Part I and described Part II and quantity, described Part I and the corresponding relation of the first cryptographic algorithm at least two blocks of files, the corresponding relation of the blocks of files in described Part II and described the second cryptographic algorithm.According to above-mentioned information, in the time that the device file of encrypting is decrypted, just can use the decipherment algorithm corresponding with corresponding cryptographic algorithm to be decrypted to corresponding blocks of files, finally obtain original device file.In addition, the information table generating can be stored in the device file of encryption, a for example reserved default big or small storage area in the device file of encrypting, the information table of generation is stored in this region, in the time need to being decrypted the device file of encrypting, first from default region, read this information table; Or information table can be stored as the first file that is independent of device file, that is to say and can store information table as file independently, and set up the contact of the device file of the first file and encryption, in the time need to being decrypted the device file of encrypting, first read this first file, then just according to the information table in the first file, the device file of encrypting is decrypted.
Further, due to the information table storage of device file be the relevant information for deciphering this device file, can decipher this device file if obtain this information table.Therefore this information table also can be encrypted storage, can ensure the security of the device file of encrypting, so after information generated table, also comprise: information table is encrypted, and the cryptographic algorithm that information table is corresponding is the first cryptographic algorithm.Information table is stored in to the predeterminable area of the device file of encryption, or information table is stored as to the first file of the device file that is independent of encryption, comprise: the information table of encryption is stored in to the predeterminable area of the device file of encryption, or described information table is stored as to the first file of the device file that is independent of described encryption.Because the safety effects of the device file of the data of storing in information table to this encryption is larger, therefore can be thought that importance exceedes the data of predetermined threshold value, the cryptographic algorithm that therefore information table is encrypted to use is the first cryptographic algorithm.
It should be noted that, in the embodiment shown in fig. 3, device file is divided into two parts as example, the encryption method of the device file that the present embodiment is provided describes, but the encryption method of device file provided by the invention is not as limit.For example can first device file be divided into at least two blocks of files, wherein, the importance of the data at least one blocks of files exceedes predetermined threshold value; At least two blocks of files are combined as at least two parts of device file, wherein, the importance of the data of storing in the included blocks of files of at least one part exceedes predetermined threshold value; At least two of described device file parts are encrypted respectively, wherein, the importance of the data of storing in included blocks of files exceedes the corresponding first cryptographic algorithm group of part of predetermined threshold value, the importance of the data of storing in included blocks of files does not exceed the corresponding second cryptographic algorithm group of part of predetermined threshold value, the first cryptographic algorithm group and the second cryptographic algorithm group comprise respectively at least one cryptographic algorithm, the security of the safe cryptographic algorithm in the second cryptographic algorithm group of the cryptographic algorithm in the first cryptographic algorithm group.That is to say, no matter device file is divided into several parts, as long as ensure that the data importance of storing exceedes the safe cryptographic algorithm that does not exceed the part correspondence of predetermined threshold value in stored data importance of the cryptographic algorithm of the part correspondence of predetermined threshold value.If before the device file of storage encryption, also generate information table, information table is encrypted to arbitrary cryptographic algorithm that can use in the first cryptographic algorithm group, or uses the highest cryptographic algorithm of security in the first cryptographic algorithm group.
The encryption method embodiment tetra-of the device file that the embodiment of the present invention provides provides another concrete device file encryption method, in the present embodiment, in the time that device file is cut apart, according to the default ration of division, device file is divided into Part I and Part II, and the capacity of the blocks of files that wherein Part I and Part II comprise accounts for the ratio of device file total volume and determines according to preset ratio.And be the higher cryptographic algorithm of blocks of files configuration security in the part that proportion is less, and be the lower cryptographic algorithm of blocks of files configuration security in the part that proportion is larger.
The process flow diagram of the encryption method embodiment tetra-of the device file that Fig. 4 provides for the embodiment of the present invention, as shown in Figure 4, the method for the present embodiment comprises:
Step S401, is divided at least two blocks of files by device file.
For example, in the present embodiment, total thinking is at random device file to be divided into at least two blocks of files, in the time that at least two blocks of files are combined as to Part I and Part II, according to default ratio, control data in blocks of files included in Part I and the Part II ratio in device file.For the part that ratio is less is distributed the higher cryptographic algorithm of security, for the part of large percentage is distributed the lower cryptographic algorithm of security, can, on the basis of security that ensures the device file of encrypting, reduce the processing speed of encryption and decryption equally.Therefore, in this step, first can randomly device file be divided into at least two blocks of files.
Step S402, is combined as Part I by a part of blocks of files in described at least two blocks of files, and the ratio that the capacity of described a part of blocks of files accounts for device file total volume is the first ratio, and the first ratio is less than 50%.
For example, in the time that at least two blocks of files are combined as to Part I, can combine randomly equally, as long as ensure that the ratio that the total volume of included blocks of files in the Part I after combination accounts for device file total volume is the first ratio.In addition, for on the basis of security that ensures the device file of encrypting, reduce the processing speed of encryption and decryption as far as possible, therefore as long as the less higher cryptographic algorithm of a part of safety in utilization of capacity is encrypted, so in the present embodiment, if determine and need to be encrypted the higher cryptographic algorithm of Part I safety in utilization, this first ratio can be less than 50%.
Step S403, is combined as Part II by another part blocks of files except a described part in described at least two blocks of files.
For example, having determined after blocks of files included in Part I, remaining blocks of files is combined into the Part II of device file.
Step S404, Part I and Part II are encrypted respectively, wherein cryptographic algorithm corresponding to the blocks of files in Part I is the first cryptographic algorithm, cryptographic algorithm corresponding to blocks of files in Part II is the second cryptographic algorithm, the first cryptographic algorithm safe in the security of the second cryptographic algorithm.
For example, in the time that the Part I of the device file to after cutting apart and Part II are encrypted, because the shared ratio of Part I is the first ratio, and the first ratio is less than 50%, therefore in order to reduce encryption and decryption processing speed, the security that the blocks of files in Part I is encrypted to the first used cryptographic algorithm also can be higher; Just can be lower than the security of the first cryptographic algorithm and the blocks of files in Part II is encrypted to the security of the second used cryptographic algorithm.
Step S405, the device file of storage encryption.
In the encryption method of the device file that the present embodiment provides, according to preset ratio, device file is cut apart, and the less part of comparative example adopts strong cipher algorithms to be encrypted, thereby provide the another kind of concrete grammar reasonably device file being encrypted.
Further, in the embodiment shown in fig. 4, before the device file of step S405 storage encryption, also comprise: information generated table, blocks of files in the position of the start address of each blocks of files and the included blocks of files of length, described Part I and described Part II and quantity, described Part I and the corresponding relation of the first cryptographic algorithm at least two blocks of files described in described information table comprises, the corresponding relation of the blocks of files in described Part II and described the second cryptographic algorithm; Information table is stored in to the predeterminable area of the device file of encryption, or information table is stored as to the first file of the device file that is independent of encryption.
For example, in the embodiment shown in fig. 4, according to default ratio, device file is cut apart, and distributed corresponding cryptographic algorithm for the device file after cutting apart.But in the time that the device file of encrypting is decrypted, need to know which kind of cryptographic algorithm is which part of the device file to encrypting used, could use corresponding decipherment algorithm to be decrypted processing.Therefore on the basis in implementing shown in Fig. 4, all right information generated table, this information table comprises the various information that device file is cut apart and encrypted, for example, described in described information table the comprises blocks of files in the position of the start address of each blocks of files and the included blocks of files of length, described Part I and described Part II and quantity, described Part I and the corresponding relation of the first cryptographic algorithm at least two blocks of files, the corresponding relation of the blocks of files in described Part II and described the second cryptographic algorithm.According to above-mentioned information, in the time that the device file of encrypting is decrypted, just can use the decipherment algorithm corresponding with corresponding cryptographic algorithm to be decrypted to corresponding blocks of files, finally obtain original device file.In addition, the information table generating can be stored in the device file of encryption, a for example reserved default big or small storage area in the device file of encrypting, the information table of generation is stored in this region, in the time need to being decrypted the device file of encrypting, first from default region, read this information table; Or information table can be stored as the first file of the device file that is independent of encryption, that is to say and can store information table as file independently, and set up the contact of the device file of the first file and encryption, in the time need to being decrypted the device file of encrypting, first read this first file, then just according to the information table in the first file, the device file of encrypting is decrypted.
Further, due to the information table storage of device file be the relevant information for deciphering this device file, can decipher this device file if obtain this information table.Therefore this information table also can be encrypted storage, can ensure the security of the device file of encrypting, so after information generated table, also comprise: information table is encrypted, and the cryptographic algorithm that information table is corresponding is the first cryptographic algorithm.Information table is stored in to the predeterminable area of the device file of encryption, or information table is stored as to the first file of the device file that is independent of encryption, comprise: the information table of encryption is stored in to the predeterminable area of the device file of encryption, or described information table is stored as to the first file of the device file that is independent of described encryption.Because the safety effects of the device file of the data of storing in information table to this encryption is larger, therefore can be thought the data of outbalance, and therefore safe in the second cryptographic algorithm due to the first cryptographic algorithm be the first cryptographic algorithm to the cryptographic algorithm that information table is encrypted use.
It should be noted that, in the embodiment shown in fig. 4, device file is divided into two parts as example, the encryption method of the device file that the present embodiment is provided describes, but the encryption method of device file provided by the invention is not as limit.For example can first device file be divided into at least two blocks of files; Then at least two blocks of files are combined as at least two parts of device file, the ratio that wherein capacity of the blocks of files in every part accounts for device file total volume is preset ratio; At least two of described device file parts are encrypted respectively, and wherein, the ratio that the capacity of included blocks of files accounts for device file total volume is less, and the security of the corresponding cryptographic algorithm of this part is higher.That is to say, no matter device file is divided into several parts, as long as the lower higher cryptographic algorithm of the corresponding security of part of capacity proportion.If before the device file of storage encryption, also generate information table, information table being encrypted can the highest cryptographic algorithm of safety in utilization.
In addition, in embodiment illustrated in fig. 2, only show and according to default strategy, device file cut apart and encrypted, in the time that the device file of encrypting is decrypted, is also situation about being decrypted according to this default strategy.But the encryption method of the device file that the embodiment of the present invention provides is not limited to this, for example, can also be according to preset strategy, device file cut apart and encrypted, but in the time of the device file deciphering to encrypting, be not to be decrypted according to default strategy.But with Fig. 3 and similarly embodiment illustrated in fig. 4, after device file being cut apart according to preset strategy and being encrypted, generate the information table of this device file, and this information table is stored in to the predeterminable area of the device file of encryption, or information table is stored in to the first file of the device file that is independent of encryption.In the time need to being decrypted the device file of this encryption, first read this information table, then according to the information in information table, the device file of encrypting is decrypted.Information table shown in this information table and Fig. 3 and Fig. 4 is similar, repeats no more herein.
The process flow diagram of the decryption method embodiment mono-of the device file that Fig. 5 provides for the embodiment of the present invention, as shown in Figure 5, the method for the present embodiment comprises:
Step S501, is divided into Part I and Part II by the device file of encryption, and wherein Part I and Part II comprise respectively at least one blocks of files.
For example, the present embodiment provides a kind of decryption method of device file, is decrypted for the device file that the encryption method that the device file that provides of the embodiment of the present invention is provided is encrypted.The encryption method of the device file providing due to the embodiment of the present invention is that device file is divided into after two parts, then adopts different cryptographic algorithm to be encrypted to different piece.Therefore in the present embodiment, first the device file of encryption is divided into Part I and Part II, wherein, cutting apart taking blocks of files as granularity of this Part I and Part II, comprises respectively at least one blocks of files in Part I and Part II.For the device file of encrypting is decrypted, to cutting apart of Part I and Part II can be corresponding when device file is encrypted.According to the concrete grammar that device file is encrypted, in the time that the device file of encrypting is decrypted, can cut apart the device file of encrypting according to default strategy, also can cut apart device file according to information table.
Step S502, Part I and Part II are decrypted respectively, wherein decipherment algorithm corresponding to the blocks of files in Part I is the first decipherment algorithm, and decipherment algorithm corresponding to blocks of files in Part II is the second decipherment algorithm, and the first decipherment algorithm is different from the second decipherment algorithm.
For example, obtaining after the Part I and Part II of the device file of encrypting, the blocks of files respectively Part I and Part II being comprised is used corresponding decipherment algorithm to be decrypted, wherein corresponding the first decipherment algorithm of the blocks of files in Part I, corresponding the first cryptographic algorithm of blocks of files in Part II.Be a reciprocal process due to file is encrypted and is deciphered, therefore in the process that the blocks of files in Part I is decrypted, the first cryptographic algorithm that the first decipherment algorithm using need to use when this blocks of files is encrypted is reciprocal; Similarly, in the process that the blocks of files in Part II is decrypted, the second decipherment algorithm using need to use when this blocks of files is encrypted the and cryptographic algorithm is reciprocal.According to the concrete grammar that device file is encrypted, in the time that the device file of encrypting is decrypted, corresponding the first decipherment algorithm of Part I and Part II and the second decipherment algorithm can be determined according to default strategy, also can determine according to information table.
Step S503, the device file of store decrypted.
It should be noted that, in the present embodiment, device file is divided into two parts as example, the decryption method of the device file that the present embodiment is provided describes, but the encryption method of device file provided by the invention is not as limit.As long as device file being divided into at least two parts; every part comprises at least one blocks of files; and adopt respectively different decipherment algorithms to be decrypted to the blocks of files in every part, obtain the technical scheme of the device file after deciphering all within protection scope of the present invention.
The present embodiment is by being divided into Part I and Part II by the device file of encryption, and use the first different decipherment algorithms and the second decipherment algorithm to be decrypted the blocks of files in Part I and Part II, then the device file after store decrypted, provides a kind of method that the device file of encrypting is decrypted to processing.
The process flow diagram of the decryption method embodiment bis-of the device file that Fig. 6 provides for the embodiment of the present invention, as shown in Figure 6, the method for the present embodiment comprises:
Step S601, the device file of encryption is divided into Part I and Part II, wherein, the position of the included blocks of files of Part I and Part II and quantity determines according to preset strategy respectively, and start address and the length of the included blocks of files of Part I and Part II are determined according to described strategy respectively.
The decryption method of the device file that for example, the present embodiment provides is for using preset strategy device file to be cut apart and the method proposition of encrypting.If therefore will be decrypted the device file of encrypting, first just can the device file of encryption be divided into Part I and Part II according to preset strategy.Because the granularity of device file being carried out to encryption and decryption is blocks of files, therefore, in the time that the device file of encryption is divided into Part I and Part II, specifically need to determine which blocks of files is every part comprise.Just can determine in Part I and Part II, all to comprise which blocks of files according to the position of blocks of files in preset strategy and quantity, and just can determine according to the start address of blocks of files in this strategy and length the concrete data that each blocks of files comprises.In the time determining decipherment algorithm corresponding to blocks of files in Part I and Part II, just can specifically determine the decipherment algorithm that every one piece of data uses like this.
Step S602, determines the second decipherment algorithm corresponding to blocks of files in blocks of files in Part I corresponding the first decipherment algorithm and Part II according to described strategy.
For example, determining after the Part I and Part II of the device file of encrypting, also needing to determine in Part I and Part II, which kind of decipherment algorithm is each blocks of files used be respectively decrypted.In the present embodiment, still determine decipherment algorithm corresponding to the Chinese part piece of every part by preset strategy.Due in the time that device file is encrypted, if that carries out according to preset strategy cuts apart and encrypts, the corresponding cryptographic algorithm of the Chinese part piece of so every part is included in preset strategy, and because cryptographic algorithm and decipherment algorithm are reciprocal algorithm, therefore can be according to the determined cryptographic algorithm of preset strategy, decipherment algorithm corresponding to blocks of files in the Part I of the device file of definite encryption of cutting apart according to preset strategy and Part II.Or in preset strategy, directly comprise decipherment algorithm corresponding to blocks of files in the Part I of device file of the encryption after cutting apart and Part II.
Step S603, Part I and Part II are decrypted respectively, wherein decipherment algorithm corresponding to the blocks of files in Part I is the first decipherment algorithm, and decipherment algorithm corresponding to blocks of files in Part II is the second decipherment algorithm, and the first decipherment algorithm is different from the second decipherment algorithm.
For example, obtaining after the Part I and Part II of the device file of encrypting, the blocks of files respectively Part I and Part II being comprised is used corresponding decipherment algorithm to be decrypted, wherein corresponding the first decipherment algorithm of the blocks of files in Part I, corresponding the first cryptographic algorithm of blocks of files in Part II.Be a reciprocal process due to file is encrypted and is deciphered, therefore in the process that the blocks of files in Part I is decrypted, the first cryptographic algorithm that the first decipherment algorithm using need to use when this blocks of files is encrypted is reciprocal; Similarly, in the process that the blocks of files in Part II is decrypted, the second decipherment algorithm using need to use when this blocks of files is encrypted the and cryptographic algorithm is reciprocal.
Step S604, the device file of store decrypted.
In the decryption method of the device file that the present embodiment provides, according to preset strategy, device file cut apart and deciphered, a kind of concrete grammar that the device file being encrypted according to preset strategy is decrypted is provided.
Further, in the embodiment shown in fig. 6, described strategy comprises: decipherment algorithm corresponding to blocks of files in the position of blocks of files and quantity, described Part I and described Part II in the start address of blocks of files and length, described Part I and described Part II in described Part I and described Part II.
For example, this default strategy can be based on experience value or historical data determine, or this default strategy can be set by user oneself.In the time that device file is encrypted, be also the encryption of carrying out according to this strategy, could use this strategy to be decrypted the device file of encrypting.This strategy comprises the content of the device file of encryption being cut apart and determined used cryptographic algorithm, specifically comprise when the device file of encryption is divided into Part I and Part II, the position of blocks of files and quantity in Part I and Part II, and not with start address and the length of blocks of files, the device file of encryption can be divided into Part I and Part II according to above-mentioned two parts content.In this strategy, also comprise decipherment algorithm corresponding to blocks of files in Part I and Part II.Or in this strategy, can also comprise when this device file is encrypted that cryptographic algorithm corresponding to blocks of files in Part I and Part II also can determine according to cryptographic algorithm and the reciprocal principle of decipherment algorithm the decipherment algorithm that each blocks of files is corresponding.
It should be noted that, in the embodiment shown in fig. 6, device file is divided into two parts as example, the decryption method of the device file that the present embodiment is provided describes, but the decryption method of device file provided by the invention is not as limit.For example can first the device file of encryption be divided into at least two parts, wherein, the position of the included blocks of files of every part and quantity are determined according to default strategy respectively; According to decipherment algorithm corresponding to blocks of files in every part at least two parts of the definite device file of encrypting of described strategy.Wherein decipherment algorithm difference corresponding to the blocks of files in every part.Finally at least two parts of the device file of encrypting are decrypted, obtain original device file.
The process flow diagram of the decryption method embodiment tri-of the device file that Fig. 7 provides for the embodiment of the present invention, as shown in Figure 7, the method for the present embodiment comprises:
Step S701, from the device file of encrypting or be independent of the information table that obtains the device file of encryption in first file of device file of encryption, described information table comprises the second cryptographic algorithm corresponding to blocks of files in the blocks of files in the position of the start address of blocks of files in Part I and Part II and the included blocks of files of length, Part I and Part II and quantity, Part I corresponding the first cryptographic algorithm and Part II.
For example, the decryption method of the device file that the present embodiment provides is in the time that device file is encrypted, and has generated the corresponding decryption method of the encryption method proposition of information table.In the present embodiment, first can obtain the information table of the device file of encryption.This information table is stored in the predeterminable area of the device file of encryption, or this information table is stored in the first file of the device file that is independent of encryption, and the particular location that information table is stored is generally makes an appointment.In this information table, be included in the corresponding cryptographic algorithm of every part after how device file being cut apart and to be cut apart when device file being encrypted.For example this information table comprises the second cryptographic algorithm corresponding to blocks of files in the blocks of files in the position of the start address of blocks of files in the Part I of device file of encryption and Part II and the included blocks of files of length, Part I and Part II and quantity, Part I corresponding the first cryptographic algorithm and Part II.
Step S702, according to position and the quantity of the start address of blocks of files in Part I in information table and Part II and the included blocks of files of length, Part I and Part II, is divided into Part I and Part II by the device file of encryption.
For example, because the granularity of device file being carried out to encryption and decryption is blocks of files, therefore, in the time that the device file of encryption is divided into Part I and Part II, specifically need to determine which blocks of files is every part comprise.Just can determine in Part I and Part II, all to comprise which blocks of files according to the position of blocks of files in information table and quantity, and just can determine according to the start address of blocks of files in this information table and length the concrete data that each blocks of files comprises.In the time determining decipherment algorithm corresponding to blocks of files in Part I and Part II, just can specifically determine the decipherment algorithm that every one piece of data uses like this.
Step S703, according to the second cryptographic algorithm corresponding to blocks of files in the blocks of files in Part I in information table corresponding the first cryptographic algorithm and Part II, determine the second decipherment algorithm corresponding to blocks of files in blocks of files in Part I corresponding the first decipherment algorithm and Part II, the first decipherment algorithm and the first cryptographic algorithm are reciprocal, and the second decipherment algorithm and the second cryptographic algorithm are reciprocal.
For example, determining after the Part I and Part II of the device file of encrypting, also needing to determine in Part I and Part II, which kind of decipherment algorithm is each blocks of files used be respectively decrypted.In the present embodiment, the information table that step S701 obtains comprises the second cryptographic algorithm corresponding to blocks of files in the first cryptographic algorithm and the Part II that the blocks of files in Part I is corresponding, because cryptographic algorithm and decipherment algorithm are reciprocal algorithm, therefore the second cryptographic algorithm corresponding to blocks of files in the first cryptographic algorithm and Part II that can be corresponding according to the blocks of files in Part I in information table, determines the second decipherment algorithm corresponding to blocks of files in blocks of files in Part I corresponding the first decipherment algorithm and Part II.
Step S704, Part I and Part II are decrypted respectively, wherein decipherment algorithm corresponding to the blocks of files in Part I is the first decipherment algorithm, and decipherment algorithm corresponding to blocks of files in Part II is the second decipherment algorithm, and the first decipherment algorithm is different from the second decipherment algorithm.
For example, obtaining after the Part I and Part II of the device file of encrypting, the blocks of files respectively Part I and Part II being comprised is used corresponding decipherment algorithm to be decrypted, wherein corresponding the first decipherment algorithm of the blocks of files in Part I, corresponding the first cryptographic algorithm of blocks of files in Part II.Be a reciprocal process due to file is encrypted and is deciphered, therefore in the process that the blocks of files in Part I is decrypted, the first cryptographic algorithm that the first decipherment algorithm using need to use when this blocks of files is encrypted is reciprocal; Similarly, in the process that the blocks of files in Part II is decrypted, the second decipherment algorithm using need to use when this blocks of files is encrypted the and cryptographic algorithm is reciprocal.
Step S705, the device file of store decrypted.
In the decryption method of the device file that the present embodiment provides, first obtain the information table of the device file of encryption, and according to this information table, device file cut apart and deciphered, a kind of concrete grammar being decrypted generated the device file of information table in the time encrypting is provided.
Further, in the embodiment shown in fig. 7, step S701, from the device file of encrypting or after being independent of and obtaining the information table of device file of encryption in first file of device file of encryption, also comprises: described information table is decrypted.
For example, known according to Fig. 3 or Fig. 4 embodiment, if in the process that device file is encrypted, generated information table, further, can also be encrypted this information table.Therefore in the embodiment shown in fig. 7, if in the time that device file is encrypted, information table is encrypted simultaneously, in the time that device file is decrypted, the information table getting is the information table of encrypting, and is obtaining after the information table of this encryption, also needs the information table of this encryption to be decrypted, information in ability obtaining information table, thus the device file of encrypting is decrypted.Before the information table of encrypting is decrypted, the cryptographic algorithm that also needs the information table of determining this encryption of encryption to use.When information table is encrypted, the general the highest cryptographic algorithm of safety in utilization, therefore in the time that the information table of encrypting is decrypted, decipherment algorithm corresponding to cryptographic algorithm that still safety in utilization is the highest.
It should be noted that, in the embodiment shown in fig. 7, device file is divided into two parts as example, the decryption method of the device file that the present embodiment is provided describes, but the decryption method of device file provided by the invention is not as limit.The information table for example obtaining comprises position and the quantity of blocks of files at least two parts, and cryptographic algorithm corresponding to the Chinese part piece of every part, can first the device file of encryption be divided into at least two parts, wherein, the position of the included blocks of files of every part and quantity are determined according to information table respectively; According to decipherment algorithm corresponding to blocks of files in every part at least two parts of the definite device file of encrypting of information table.Wherein decipherment algorithm difference corresponding to the blocks of files in every part.Finally at least two parts of the device file of encrypting are decrypted, obtain original device file.
The structural representation of the encryption device embodiment mono-of the device file that Fig. 8 provides for the embodiment of the present invention, as shown in Figure 8, the encryption device of the device file of the present embodiment, comprising:
Cutting unit 81, for described device file is divided into Part I and Part II, wherein, described Part I and described Part II comprise respectively at least one blocks of files.
Ciphering unit 82, for described Part I and described Part II are encrypted respectively, cryptographic algorithm corresponding to blocks of files in wherein said Part I is the first cryptographic algorithm, cryptographic algorithm corresponding to blocks of files in described Part II is the second cryptographic algorithm, and described the first cryptographic algorithm is different from described the second cryptographic algorithm.
Storage unit 83, for the device file of storage encryption.
The encryption device of the device file of the present embodiment is for the technical scheme of embodiment of the method shown in execution graph 1, and it realizes principle and technique effect is similar, repeats no more herein.
The structural representation of the encryption device embodiment bis-of the device file that Fig. 9 provides for the embodiment of the present invention, as shown in Figure 9, the encryption device of the device file of the present embodiment is on the basis of Fig. 8, and cutting unit 81, comprising:
Cut apart subelement 91, for described device file is divided into at least two blocks of files.
Combination subelement 92, for described at least two blocks of files are combined as to described Part I and described Part II, wherein said Part I and described Part II comprise respectively at least one blocks of files.
The structural representation of the encryption device embodiment tri-of the device file that Figure 10 provides for the embodiment of the present invention, as shown in figure 10, the encryption device of the device file of the present embodiment, on the basis of Fig. 9, also comprises:
Determining unit 84, for determining described the second cryptographic algorithm corresponding to blocks of files in the blocks of files of described Part I corresponding the first cryptographic algorithm and described Part II according to described strategy.
Cut apart subelement 91, specifically for described device file is divided into at least two blocks of files, wherein, the start address of each blocks of files and length are determined according to preset strategy.
Combination subelement 92, specifically for described at least two blocks of files are combined as to described Part I and described Part II, wherein, the position of the included blocks of files of described Part I and described Part II and quantity are definite according to described strategy respectively.
The encryption device of the device file of the present embodiment is for the technical scheme of embodiment of the method shown in execution graph 2, and it realizes principle and technique effect is similar, repeats no more herein.
Further, in embodiment illustrated in fig. 10, described strategy comprises: cryptographic algorithm corresponding to blocks of files in the position of blocks of files and quantity, described Part I and described Part II in the start address of blocks of files and length, described Part I and described Part II while cutting apart for described device file.
Further, in the embodiment shown in fig. 9, the importance of the data in the blocks of files that described Part I comprises is greater than the importance of the data in the blocks of files that described Part II comprises; Described the first cryptographic algorithm safe in the security of described the second cryptographic algorithm.Cut apart subelement 91, specifically for described device file is divided into at least two blocks of files; Combination subelement 92, is also combined as described Part I for the blocks of files that the importance of the data of described at least two blocks of files is exceeded to predetermined threshold value; The blocks of files that the importance of the data in described at least two blocks of files is not exceeded to predetermined threshold value is combined as described Part II.
Further, in the embodiment shown in fig. 9, the ratio that the capacity of the blocks of files in described Part I accounts for described device file total volume is the first ratio.Cut apart subelement 91, also for described device file is divided into at least two blocks of files; Combination subelement 92, also for a part of blocks of files of described at least two blocks of files is combined as to described Part I, the ratio that the capacity of described a part of blocks of files accounts for described device file total volume is described the first ratio; Another part blocks of files except a described part in described at least two blocks of files is combined as to described Part II.Described the first cryptographic algorithm safe in the security of described the second cryptographic algorithm; Described the first ratio is less than 50%.
The structural representation of the encryption device embodiment tetra-of the device file that Figure 11 provides for the embodiment of the present invention, as shown in figure 11, the encryption device of the device file of the present embodiment, on the basis of Fig. 9, also comprises:
Generation unit 85, for information generated table, blocks of files in the position of the start address of each blocks of files and the included blocks of files of length, described Part I and described Part II and quantity, described Part I and the corresponding relation of the first cryptographic algorithm at least two blocks of files described in described information table comprises, the corresponding relation of the blocks of files in described Part II and described the second cryptographic algorithm.
Storage unit 83, also for described information table being stored in to the predeterminable area of the device file of described encryption, or is stored as described information table the first file of the device file that is independent of described encryption.
It should be noted that, on the basis of the embodiment of Figure 10 institute, also can comprise generation unit 85.
Further, in the embodiment shown in fig. 11, ciphering unit 82, also for described information table is encrypted, the cryptographic algorithm that described information table is corresponding is described the first cryptographic algorithm; Storage unit 83, also for the information table of encryption being stored in to the predeterminable area of the device file of described encryption, or is stored as the information table of encryption the first file of the device file that is independent of described encryption.
The structural representation of the decryption device embodiment mono-of the device file that Figure 12 provides for the embodiment of the present invention, as shown in figure 12, the decryption device of the device file of the present embodiment comprises:
Cutting unit 121, for the device file of encryption is divided into Part I and Part II, wherein said Part I and described Part II comprise respectively at least one blocks of files.
Decryption unit 122, for described Part I and described Part II are decrypted respectively, decipherment algorithm corresponding to blocks of files in wherein said Part I is the first decipherment algorithm, decipherment algorithm corresponding to blocks of files in described Part II is the second decipherment algorithm, and described the first decipherment algorithm is different from described the second decipherment algorithm.
Storage unit 123, for the device file of store decrypted.
The decryption device of the device file of the present embodiment is for the technical scheme of embodiment of the method shown in execution graph 5, and it realizes principle and technique effect is similar, repeats no more herein.
The structural representation of the decryption device embodiment bis-of the device file that Figure 13 provides for the embodiment of the present invention, as shown in figure 13, the decryption device of the device file of the present embodiment, on the basis of Figure 12, also comprises:
Determining unit 124, for determining described the second decipherment algorithm corresponding to blocks of files in the blocks of files of described Part I corresponding described the first decipherment algorithm and described Part II according to described strategy.
Cutting unit 121, specifically for the device file of described encryption being divided into described Part I and described Part II, wherein, the position of the included blocks of files of described Part I and described Part II and quantity determines according to preset strategy respectively, and start address and the length of the included blocks of files of described Part I and described Part II are determined according to described strategy respectively.
The decryption device of the device file of the present embodiment is for the technical scheme of embodiment of the method shown in execution graph 6, and it realizes principle and technique effect is similar, repeats no more herein.
Further, in embodiment illustrated in fig. 13, described strategy comprises: decipherment algorithm corresponding to blocks of files in the position of blocks of files and quantity, described Part I and described Part II in the start address of blocks of files and length, described Part I and described Part II in described Part I and described Part II.
The structural representation of the decryption device embodiment tri-of the device file that Figure 14 provides for the embodiment of the present invention, as shown in figure 14, the decryption device of the device file of the present embodiment, on the basis of Figure 13, also comprises:
Acquiring unit 125, for from the device file of described encryption or be independent of the information table that obtains the device file of described encryption first file of device file of described encryption, described information table comprises described the second cryptographic algorithm corresponding to blocks of files in the blocks of files in the position of the start address of blocks of files in described Part I and described Part II and the included blocks of files of length, described Part I and described Part II and quantity, described Part I corresponding described the first cryptographic algorithm and described Part II.
Cutting unit 121, also, for according to position and the quantity of the start address of Part I described in described information table and described Part II blocks of files and the included blocks of files of length, described Part I and described Part II, the device file of described encryption is divided into described Part I and described Part II.
Determining unit 124, also for according to described the second cryptographic algorithm corresponding to blocks of files in the blocks of files of Part I described in described information table corresponding described the first cryptographic algorithm and described Part II, determine described the second decipherment algorithm corresponding to blocks of files in blocks of files in described Part I corresponding described the first decipherment algorithm and described Part II, described the first decipherment algorithm and described the first cryptographic algorithm are reciprocal, and described the second decipherment algorithm and described the second cryptographic algorithm are reciprocal.
The decryption device of the device file of the present embodiment is for the technical scheme of embodiment of the method shown in execution graph 7, and it realizes principle and technique effect is similar, repeats no more herein.
Further, embodiment illustrated in fig. 14 in, decryption unit 122, also for, if described information table be encrypt information table time, the information table of described encryption is decrypted.
The structural representation of the encryption device embodiment five of the device file that Figure 15 provides for the embodiment of the present invention, as shown in figure 15, the encryption device of the device file of the present embodiment comprises: processor 151, storer 152.Wherein, processor 151 can be connected by system bus or other modes with storer 152, in Figure 15, is connected to example with system bus; System bus can be industrial standard architectures (Industrial Standard Architecture, ISA) bus, interconnected (the Peripheral Component Interconnect of external unit, PCI) bus or EISA (Extended Industrial Standard Architecture, EISA) bus etc.Described system bus can be divided into address bus, data bus, control bus etc.For ease of representing, in Figure 15, only represent with a line, but do not represent only to have the bus of a bus or a type.
Processor 151, for described device file is divided into Part I and Part II, wherein, described Part I and described Part II comprise respectively at least one blocks of files; Described Part I and described Part II are encrypted respectively, cryptographic algorithm corresponding to blocks of files in wherein said Part I is the first cryptographic algorithm, cryptographic algorithm corresponding to blocks of files in described Part II is the second cryptographic algorithm, and described the first cryptographic algorithm is different from described the second cryptographic algorithm.
Storer 152, for the device file of storage encryption.
The encryption device of the device file of the present embodiment is for realizing the technical scheme of embodiment of the method shown in Fig. 1, and it realizes principle and technique effect is similar, repeats no more herein.
Further, embodiment illustrated in fig. 15 in, processor 151, specifically for being divided at least two blocks of files by described device file; Described at least two blocks of files are combined as to described Part I and described Part II, and wherein said Part I and described Part II comprise respectively at least one blocks of files.
Further, embodiment illustrated in fig. 15 in, processor 151, specifically for described device file is divided into at least two blocks of files, wherein, the start address of each blocks of files and length according to preset strategy determine; Described at least two blocks of files are combined as to described Part I and described Part II, and wherein, the position of the included blocks of files of described Part I and described Part II and quantity are determined according to described strategy respectively; Determine described the second cryptographic algorithm corresponding to blocks of files in blocks of files in described Part I corresponding the first cryptographic algorithm and described Part II according to described strategy.
Further, in embodiment illustrated in fig. 15, described strategy comprises: cryptographic algorithm corresponding to blocks of files in the position of blocks of files and quantity, described Part I and described Part II in the start address of blocks of files and length, described Part I and described Part II while cutting apart for described device file.
Further, embodiment illustrated in fig. 15 in, the importance of the data in the blocks of files that described Part I comprises is greater than the importance of the data in the blocks of files that described Part II comprises; Described the first cryptographic algorithm safe in the security of described the second cryptographic algorithm.
Further, embodiment illustrated in fig. 15 in, processor 151, specifically for being divided at least two blocks of files by described device file; The blocks of files that the importance of the data in described at least two blocks of files is exceeded to predetermined threshold value is combined as described Part I; The blocks of files that the importance of the data in described at least two blocks of files is not exceeded to predetermined threshold value is combined as described Part II.
Further, embodiment illustrated in fig. 15 in, the ratio that the capacity of the blocks of files in described Part I accounts for described device file total volume is the first ratio.
Further, embodiment illustrated in fig. 15 in, processor 151, also for being divided at least two blocks of files by described device file; A part of blocks of files in described at least two blocks of files is combined as to described Part I, and the ratio that the capacity of described a part of blocks of files accounts for described device file total volume is described the first ratio; Another part blocks of files except a described part in described at least two blocks of files is combined as to described Part II.
Further, embodiment illustrated in fig. 15 in, described the first cryptographic algorithm safe in the security of described the second cryptographic algorithm; Described the first ratio is less than 50%.
Further, in embodiment illustrated in fig. 15, processor 151, also for information generated table, blocks of files in the position of the start address of each blocks of files and the included blocks of files of length, described Part I and described Part II and quantity, described Part I and the corresponding relation of the first cryptographic algorithm at least two blocks of files described in described information table comprises, the corresponding relation of the blocks of files in described Part II and described the second cryptographic algorithm.
Storer 152, also for described information table being stored in to the predeterminable area of the device file of described encryption, or is stored as described information table the first file of the device file that is independent of described encryption.
Further, embodiment illustrated in fig. 15 in, processor 151, also for described information table is encrypted, the cryptographic algorithm that described information table is corresponding is described the first cryptographic algorithm; Storer 152, also for the information table of encryption being stored in to the predeterminable area of the device file of described encryption, or is stored as the information table of encryption the first file of the device file that is independent of described encryption.
The structural representation of the decryption device embodiment tetra-of the device file that Figure 16 provides for the embodiment of the present invention, as shown in figure 16, the decryption device of the device file of the present embodiment comprises: processor 161, storer 162.Wherein, processor 161 can be connected by system bus or other modes with storer 162, in Figure 16, is connected to example with system bus; System bus can be isa bus, pci bus or eisa bus etc.Described system bus can be divided into address bus, data bus, control bus etc.For ease of representing, in Figure 16, only represent with a line, but do not represent only to have the bus of a bus or a type.
Processor 161, for the device file of encryption is divided into Part I and Part II, wherein said Part I and described Part II comprise respectively at least one blocks of files; Described Part I and described Part II are decrypted respectively, decipherment algorithm corresponding to blocks of files in wherein said Part I is the first decipherment algorithm, decipherment algorithm corresponding to blocks of files in described Part II is the second decipherment algorithm, and described the first decipherment algorithm is different from described the second decipherment algorithm;
Storer 162, for the device file of store decrypted.
The decryption device of the device file of the present embodiment is for realizing the technical scheme of embodiment of the method shown in Fig. 5, and it realizes principle and technique effect is similar, repeats no more herein.
Further, in embodiment illustrated in fig. 16, processor 161, specifically for the device file of described encryption being divided into described Part I and described Part II, wherein, the position of the included blocks of files of described Part I and described Part II and quantity determines according to preset strategy respectively, and start address and the length of the included blocks of files of described Part I and described Part II are determined according to described strategy respectively; Determine described the second decipherment algorithm corresponding to blocks of files in blocks of files in described Part I corresponding described the first decipherment algorithm and described Part II according to described strategy.
Further, in embodiment illustrated in fig. 16, described strategy comprises: decipherment algorithm corresponding to blocks of files in the position of blocks of files and quantity, described Part I and described Part II in the start address of blocks of files and length, described Part I and described Part II in described Part I and described Part II.
Further, in embodiment illustrated in fig. 16, processor 161, also for from the device file of described encryption or be independent of the information table that obtains the device file of described encryption first file of device file of described encryption, described information table comprises start address and the length of blocks of files in described Part I and described Part II, position and the quantity of the included blocks of files of described Part I and described Part II, described the second cryptographic algorithm corresponding to blocks of files in corresponding described the first cryptographic algorithm and the described Part II of blocks of files in described Part I is according to start address and the length of blocks of files in Part I described in described information table and described Part II, position and the quantity of the included blocks of files of described Part I and described Part II, the device file of described encryption is divided into described Part I and described Part II, according to described the second cryptographic algorithm corresponding to blocks of files in the blocks of files in Part I described in described information table corresponding described the first cryptographic algorithm and described Part II, determine described the second decipherment algorithm corresponding to blocks of files in blocks of files in described Part I corresponding described the first decipherment algorithm and described Part II, described the first decipherment algorithm and described the first cryptographic algorithm are reciprocal, and described the second decipherment algorithm and described the second cryptographic algorithm are reciprocal.
Further, embodiment illustrated in fig. 16 in, processor 161, also for, if described information table be encrypt information table time, the information table of described encryption is decrypted.
One of ordinary skill in the art will appreciate that: all or part of step that realizes above-mentioned each embodiment of the method can complete by the relevant hardware of programmed instruction.Aforesaid program can be stored in a computer read/write memory medium.This program, in the time carrying out, is carried out the step that comprises above-mentioned each embodiment of the method; And aforesaid storage medium comprises: various media that can be program code stored such as ROM, RAM, magnetic disc or CDs.
Finally it should be noted that: above embodiment only, in order to technical scheme of the present invention to be described, is not intended to limit; Although the present invention is had been described in detail with reference to previous embodiment, those of ordinary skill in the art is to be understood that: its technical scheme that still can record aforementioned each embodiment is modified, or part technical characterictic is wherein equal to replacement; And these amendments or replacement do not make the essence of appropriate technical solution depart from the protection domain of various embodiments of the present invention technical scheme.

Claims (32)

1. an encryption method for device file, is characterized in that, comprising:
Described device file is divided into Part I and Part II, and wherein, described Part I and described Part II comprise respectively at least one blocks of files;
Described Part I and described Part II are encrypted respectively, cryptographic algorithm corresponding to blocks of files in wherein said Part I is the first cryptographic algorithm, cryptographic algorithm corresponding to blocks of files in described Part II is the second cryptographic algorithm, and described the first cryptographic algorithm is different from described the second cryptographic algorithm;
The device file of storage encryption.
2. method according to claim 1, is characterized in that, describedly described device file is divided into Part I and Part II comprises:
Described device file is divided into at least two blocks of files;
Described at least two blocks of files are combined as to described Part I and described Part II, and wherein said Part I and described Part II comprise respectively at least one blocks of files.
3. method according to claim 2, is characterized in that, described described device file is divided into at least two blocks of files, comprising:
Described device file is divided into at least two blocks of files, and wherein, the start address of each blocks of files and length are determined according to preset strategy;
Described described at least two blocks of files are combined as to described Part I and described Part II, comprise:
Described at least two blocks of files are combined as to described Part I and described Part II, and wherein, the position of the included blocks of files of described Part I and described Part II and quantity are determined according to described strategy respectively;
Described described Part I and described Part II are encrypted respectively before, also comprise:
Determine described the second cryptographic algorithm corresponding to blocks of files in blocks of files in described Part I corresponding the first cryptographic algorithm and described Part II according to described strategy.
4. method according to claim 3, it is characterized in that, described strategy comprises: cryptographic algorithm corresponding to blocks of files in the position of blocks of files and quantity, described Part I and described Part II in the start address of blocks of files and length, described Part I and described Part II while cutting apart for described device file.
5. method according to claim 1, is characterized in that, the importance of the data in the blocks of files that described Part I comprises is greater than the importance of the data in the blocks of files that described Part II comprises; Described the first cryptographic algorithm safe in the security of described the second cryptographic algorithm.
6. method according to claim 5, is characterized in that, describedly described device file is divided into Part I and Part II comprises:
Described device file is divided into at least two blocks of files;
The blocks of files that the importance of the data in described at least two blocks of files is exceeded to predetermined threshold value is combined as described Part I;
The blocks of files that the importance of the data in described at least two blocks of files is not exceeded to predetermined threshold value is combined as described Part II.
7. method according to claim 1, is characterized in that, the ratio that the capacity of the blocks of files in described Part I accounts for described device file total volume is the first ratio.
8. method according to claim 7, is characterized in that, describedly described device file is divided into Part I and Part II comprises:
Described device file is divided into at least two blocks of files,
A part of blocks of files in described at least two blocks of files is combined as to described Part I, and the ratio that the capacity of described a part of blocks of files accounts for described device file total volume is described the first ratio;
Another part blocks of files except a described part in described at least two blocks of files is combined as to described Part II.
9. according to the method described in claim 7 or 8, it is characterized in that described the first cryptographic algorithm safe in the security of described the second cryptographic algorithm; Described the first ratio is less than 50%.
10. according to the method described in claim 3~9 any one, it is characterized in that, described method also comprises:
Information generated table, blocks of files in the position of the start address of each blocks of files and the included blocks of files of length, described Part I and described Part II and quantity, described Part I and the corresponding relation of the first cryptographic algorithm at least two blocks of files described in described information table comprises, the corresponding relation of the blocks of files in described Part II and described the second cryptographic algorithm;
Described information table is stored in to the predeterminable area of the device file of described encryption, or described information table is stored as to the first file of the device file that is independent of described encryption.
11. methods according to claim 10, is characterized in that, after described information generated table, also comprise:
Described information table is encrypted, and the cryptographic algorithm that described information table is corresponding is described the first cryptographic algorithm;
The described predeterminable area that described information table is stored in to the device file of described encryption, or described information table is stored as to the first file of the device file that is independent of described encryption, comprising:
The information table of described encryption is stored in to the predeterminable area of the device file of described encryption, or the information table of described encryption is stored as to the first file of the device file that is independent of described encryption.
The decryption method of 12. 1 kinds of device files, is characterized in that, comprising:
The device file of encryption is divided into Part I and Part II, and wherein said Part I and described Part II comprise respectively at least one blocks of files;
Described Part I and described Part II are decrypted respectively, decipherment algorithm corresponding to blocks of files in wherein said Part I is the first decipherment algorithm, decipherment algorithm corresponding to blocks of files in described Part II is the second decipherment algorithm, and described the first decipherment algorithm is different from described the second decipherment algorithm;
The device file of store decrypted.
13. methods according to claim 12, is characterized in that, the described device file by encryption is divided into Part I and Part II, comprising:
The device file of described encryption is divided into described Part I and described Part II, wherein, the position of the included blocks of files of described Part I and described Part II and quantity determines according to preset strategy respectively, and start address and the length of the included blocks of files of described Part I and described Part II are determined according to described strategy respectively;
Described described Part I and described Part II are decrypted respectively before, also comprise:
Determine described the second decipherment algorithm corresponding to blocks of files in blocks of files in described Part I corresponding described the first decipherment algorithm and described Part II according to described strategy.
14. methods according to claim 13, it is characterized in that, described strategy comprises: decipherment algorithm corresponding to blocks of files in the position of blocks of files and quantity, described Part I and described Part II in the start address of blocks of files and length, described Part I and described Part II in described Part I and described Part II.
15. methods according to claim 12, is characterized in that, the described device file by encryption also comprises before being divided into Part I and Part II:
From the device file of described encryption or be independent of the information table that obtains the device file of described encryption in first file of device file of described encryption, described information table comprises described the second cryptographic algorithm corresponding to blocks of files in the blocks of files in the position of the start address of blocks of files in described Part I and described Part II and the included blocks of files of length, described Part I and described Part II and quantity, described Part I corresponding described the first cryptographic algorithm and described Part II;
The described device file by encryption is divided into Part I and Part II, comprising:
According to position and the quantity of the start address of blocks of files in Part I described in described information table and described Part II and the included blocks of files of length, described Part I and described Part II, the device file of described encryption is divided into described Part I and described Part II;
Described described Part I and described Part II are decrypted respectively before, also comprise:
According to described the second cryptographic algorithm corresponding to blocks of files in the blocks of files in Part I described in described information table corresponding described the first cryptographic algorithm and described Part II, determine described the second decipherment algorithm corresponding to blocks of files in blocks of files in described Part I corresponding described the first decipherment algorithm and described Part II, described the first decipherment algorithm and described the first cryptographic algorithm are reciprocal, and described the second decipherment algorithm and described the second cryptographic algorithm are reciprocal.
16. methods according to claim 15, it is characterized in that, if described information table is the information table of encrypting, described from the device file of described encryption or after being independent of and obtaining the information table of device file of described encryption in first file of device file of described encryption, also comprise:
Information table to described encryption is decrypted.
The encryption device of 17. 1 kinds of device files, is characterized in that, comprising:
Cutting unit, for described device file is divided into Part I and Part II, wherein, described Part I and described Part II comprise respectively at least one blocks of files;
Ciphering unit, for described Part I and described Part II are encrypted respectively, cryptographic algorithm corresponding to blocks of files in wherein said Part I is the first cryptographic algorithm, cryptographic algorithm corresponding to blocks of files in described Part II is the second cryptographic algorithm, and described the first cryptographic algorithm is different from described the second cryptographic algorithm;
Storage unit, for the device file of storage encryption.
The encryption device of 18. device files according to claim 17, is characterized in that, described cutting unit, comprising:
Cut apart subelement, for described device file is divided into at least two blocks of files;
Combination subelement, for described at least two blocks of files are combined as to described Part I and described Part II, wherein said Part I and described Part II comprise respectively at least one blocks of files.
The encryption device of 19. device files according to claim 18, it is characterized in that, described in cut apart subelement, specifically for described device file is divided into at least two blocks of files, wherein, the start address of each blocks of files and length are determined according to preset strategy;
Described combination subelement, specifically for described at least two blocks of files are combined as to described Part I and described Part II, wherein, the position of the included blocks of files of described Part I and described Part II and quantity are determined according to described strategy respectively;
The encryption device of described device file, also comprises:
Determining unit, for determining described the second cryptographic algorithm corresponding to blocks of files in the blocks of files of described Part I corresponding the first cryptographic algorithm and described Part II according to described strategy.
The encryption device of 20. device files according to claim 19, it is characterized in that, described strategy comprises: cryptographic algorithm corresponding to blocks of files in the position of blocks of files and quantity, described Part I and described Part II in the start address of blocks of files and length, described Part I and described Part II while cutting apart for described device file.
The encryption device of 21. device files according to claim 17, is characterized in that, the importance of the data in the blocks of files that described Part I comprises is greater than the importance of the data in the blocks of files that described Part II comprises; Described the first cryptographic algorithm safe in the security of described the second cryptographic algorithm.
The encryption device of 22. device files according to claim 21, is characterized in that, described in cut apart subelement, specifically for described device file is divided into at least two blocks of files;
Described combination subelement, is also combined as described Part I for the blocks of files that the importance of the data of described at least two blocks of files is exceeded to predetermined threshold value; The blocks of files that the importance of the data in described at least two blocks of files is not exceeded to predetermined threshold value is combined as described Part II.
23. according to the encryption device of device file described in claim 17, it is characterized in that, the ratio that the capacity of the blocks of files in described Part I accounts for described device file total volume is the first ratio.
24. according to the encryption device of device file described in claim 23, it is characterized in that, described in cut apart subelement, also for described device file is divided into at least two blocks of files;
Described combination subelement, also for a part of blocks of files of described at least two blocks of files is combined as to described Part I, the ratio that the capacity of described a part of blocks of files accounts for described device file total volume is described the first ratio; Another part blocks of files except a described part in described at least two blocks of files is combined as to described Part II.
25. according to the encryption device of the device file described in claim 23 or 24, it is characterized in that described the first cryptographic algorithm safe in the security of described the second cryptographic algorithm; Described the first ratio is less than 50%.
26. according to the encryption device of the device file described in claim 19~25 any one, it is characterized in that, also comprises:
Generation unit, for information generated table, blocks of files in the position of the start address of each blocks of files and the included blocks of files of length, described Part I and described Part II and quantity, described Part I and the corresponding relation of the first cryptographic algorithm at least two blocks of files described in described information table comprises, the corresponding relation of the blocks of files in described Part II and described the second cryptographic algorithm;
Described storage unit, also for described information table being stored in to the predeterminable area of the device file of described encryption, or is stored as described information table the first file of the device file that is independent of described encryption.
The encryption device of 27. device files according to claim 26, is characterized in that, described ciphering unit, and also for described information table is encrypted, the cryptographic algorithm that described information table is corresponding is described the first cryptographic algorithm;
Described storage unit, also for the information table of encryption being stored in to the predeterminable area of the device file of described encryption, or is stored as the information table of encryption the first file of the device file that is independent of described encryption.
The decryption device of 28. 1 kinds of device files, is characterized in that, comprising:
Cutting unit, for the device file of encryption is divided into Part I and Part II, wherein said Part I and described Part II comprise respectively at least one blocks of files;
Decryption unit, for described Part I and described Part II are decrypted respectively, decipherment algorithm corresponding to blocks of files in wherein said Part I is the first decipherment algorithm, decipherment algorithm corresponding to blocks of files in described Part II is the second decipherment algorithm, and described the first decipherment algorithm is different from described the second decipherment algorithm;
Storage unit, for the device file of store decrypted.
The decryption device of 29. device files according to claim 28, it is characterized in that, described cutting unit, specifically for the device file of described encryption being divided into described Part I and described Part II, wherein, the position of the included blocks of files of described Part I and described Part II and quantity determines according to preset strategy respectively, and start address and the length of the included blocks of files of described Part I and described Part II are determined according to described strategy respectively;
The decryption device of described device file, also comprises:
Determining unit, for determining described the second decipherment algorithm corresponding to blocks of files in the blocks of files of described Part I corresponding described the first decipherment algorithm and described Part II according to described strategy.
The decryption device of 30. device files according to claim 29, it is characterized in that, described strategy comprises: decipherment algorithm corresponding to blocks of files in the position of blocks of files and quantity, described Part I and described Part II in the start address of blocks of files and length, described Part I and described Part II in described Part I and described Part II.
The decryption device of 31. device files according to claim 28, is characterized in that, also comprises:
Acquiring unit, for from the device file of described encryption or be independent of the information table that obtains the device file of described encryption first file of device file of described encryption, described information table comprises described the second cryptographic algorithm corresponding to blocks of files in the blocks of files in the position of the start address of blocks of files in described Part I and described Part II and the included blocks of files of length, described Part I and described Part II and quantity, described Part I corresponding described the first cryptographic algorithm and described Part II;
Described cutting unit, also, for according to position and the quantity of the start address of Part I described in described information table and described Part II blocks of files and the included blocks of files of length, described Part I and described Part II, the device file of described encryption is divided into described Part I and described Part II;
Described determining unit, also for according to described the second cryptographic algorithm corresponding to blocks of files in the blocks of files of Part I described in described information table corresponding described the first cryptographic algorithm and described Part II, determine described the second decipherment algorithm corresponding to blocks of files in blocks of files in described Part I corresponding described the first decipherment algorithm and described Part II, described the first decipherment algorithm and described the first cryptographic algorithm are reciprocal, and described the second decipherment algorithm and described the second cryptographic algorithm are reciprocal.
The decryption device of 32. device files according to claim 31, is characterized in that, described decryption unit, also for, if described information table be encrypt information table time, the information table of described encryption is decrypted.
CN201480000612.9A 2014-04-10 2014-04-10 device file encryption and decryption method and device Active CN104205117B (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2014/075102 WO2015154285A1 (en) 2014-04-10 2014-04-10 Device file encryption and decryption method and device

Publications (2)

Publication Number Publication Date
CN104205117A true CN104205117A (en) 2014-12-10
CN104205117B CN104205117B (en) 2017-04-26

Family

ID=52088180

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201480000612.9A Active CN104205117B (en) 2014-04-10 2014-04-10 device file encryption and decryption method and device

Country Status (2)

Country Link
CN (1) CN104205117B (en)
WO (1) WO2015154285A1 (en)

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105069365A (en) * 2015-06-30 2015-11-18 广东欧珀移动通信有限公司 Data processing method and mobile terminal
CN105260668A (en) * 2015-10-10 2016-01-20 北京搜狗科技发展有限公司 File encryption method and electronic device
CN105306479A (en) * 2015-11-11 2016-02-03 江苏中威科技软件系统有限公司 Computer data embedding method, computer data displaying method and computer data embedding and displaying device
CN105335643A (en) * 2015-10-28 2016-02-17 广东欧珀移动通信有限公司 Processing method and processing system of files
CN105893857A (en) * 2016-03-31 2016-08-24 北京金山安全软件有限公司 File encryption method, device and equipment
CN106250770A (en) * 2015-06-03 2016-12-21 三星电子株式会社 For to the electronic equipment of content-encrypt and method
CN106326767A (en) * 2016-08-19 2017-01-11 北京奇虎科技有限公司 File encryption method, file decryption method and devices
CN107204986A (en) * 2017-06-27 2017-09-26 四川捷云信通信息技术有限公司 High in the clouds storage encryption method, decryption method and high in the clouds storage encryption device
CN107908931A (en) * 2017-11-16 2018-04-13 四川长虹电器股份有限公司 Digital television software mixing verification encryption method
CN109740308A (en) * 2018-12-28 2019-05-10 厦门吉比特网络技术股份有限公司 A kind of guard method and system of server end version
CN113098843A (en) * 2021-03-08 2021-07-09 中国地质大学(武汉) High-speed random sampling encryption method for geological and geographical big data
CN113132107A (en) * 2019-12-31 2021-07-16 奇安信科技集团股份有限公司 License encryption method and device, license decryption method and device and equipment
CN113221149A (en) * 2021-05-27 2021-08-06 深圳市共进电子股份有限公司 Firmware encryption method and device, firmware decryption method and computer equipment
CN113315844A (en) * 2021-06-17 2021-08-27 中国农业银行股份有限公司 File encryption transmission method, device, equipment and computer readable storage medium
CN115277158A (en) * 2022-07-21 2022-11-01 温瑾 Data exchange system for data sharing
CN115378590A (en) * 2022-10-27 2022-11-22 国网浙江义乌市供电有限公司 Energy data safe storage method and system based on block chain

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110768783A (en) * 2019-09-30 2020-02-07 北京你财富计算机科技有限公司 Method for improving XRsa encryption of PHP, electronic equipment and computer readable medium
US11483147B2 (en) * 2020-01-23 2022-10-25 Bank Of America Corporation Intelligent encryption based on user and data properties

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1744523A (en) * 2005-08-26 2006-03-08 南京邮电大学 Safety protection method facing to mobile agent network management
US20070028099A1 (en) * 2003-09-11 2007-02-01 Bamboo Mediacasting Ltd. Secure multicast transmission
CN101930521A (en) * 2010-05-11 2010-12-29 湖州信安科技有限公司 File protecting method and device thereof
CN202110552U (en) * 2011-04-18 2012-01-11 江苏技术师范学院 Software protection device based on multi-body interleaved storage technology
CN102567687A (en) * 2010-12-15 2012-07-11 成都科创知识产权研究所 Data encryption method and system
CN103095452A (en) * 2011-11-01 2013-05-08 刘海云 Random encryption method needing to adopt exhaustion method for deciphering

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070028099A1 (en) * 2003-09-11 2007-02-01 Bamboo Mediacasting Ltd. Secure multicast transmission
CN1744523A (en) * 2005-08-26 2006-03-08 南京邮电大学 Safety protection method facing to mobile agent network management
CN101930521A (en) * 2010-05-11 2010-12-29 湖州信安科技有限公司 File protecting method and device thereof
CN102567687A (en) * 2010-12-15 2012-07-11 成都科创知识产权研究所 Data encryption method and system
CN202110552U (en) * 2011-04-18 2012-01-11 江苏技术师范学院 Software protection device based on multi-body interleaved storage technology
CN103095452A (en) * 2011-11-01 2013-05-08 刘海云 Random encryption method needing to adopt exhaustion method for deciphering

Cited By (23)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN106250770A (en) * 2015-06-03 2016-12-21 三星电子株式会社 For to the electronic equipment of content-encrypt and method
CN106250770B (en) * 2015-06-03 2021-07-20 三星电子株式会社 Electronic device and method for encrypting content
CN105069365A (en) * 2015-06-30 2015-11-18 广东欧珀移动通信有限公司 Data processing method and mobile terminal
CN105260668B (en) * 2015-10-10 2018-07-24 北京搜狗科技发展有限公司 A kind of file encrypting method and electronic equipment
CN105260668A (en) * 2015-10-10 2016-01-20 北京搜狗科技发展有限公司 File encryption method and electronic device
CN105335643A (en) * 2015-10-28 2016-02-17 广东欧珀移动通信有限公司 Processing method and processing system of files
CN105306479A (en) * 2015-11-11 2016-02-03 江苏中威科技软件系统有限公司 Computer data embedding method, computer data displaying method and computer data embedding and displaying device
WO2017166856A1 (en) * 2016-03-31 2017-10-05 北京金山安全软件有限公司 Method, device and equipment for file encryption
CN105893857A (en) * 2016-03-31 2016-08-24 北京金山安全软件有限公司 File encryption method, device and equipment
CN106326767A (en) * 2016-08-19 2017-01-11 北京奇虎科技有限公司 File encryption method, file decryption method and devices
CN107204986A (en) * 2017-06-27 2017-09-26 四川捷云信通信息技术有限公司 High in the clouds storage encryption method, decryption method and high in the clouds storage encryption device
CN107204986B (en) * 2017-06-27 2019-10-18 四川捷云信通信息技术有限公司 Cloud stores encryption method, decryption method and cloud and stores encryption device
CN107908931A (en) * 2017-11-16 2018-04-13 四川长虹电器股份有限公司 Digital television software mixing verification encryption method
CN107908931B (en) * 2017-11-16 2021-01-26 四川长虹电器股份有限公司 Digital television software mixed check encryption method
CN109740308A (en) * 2018-12-28 2019-05-10 厦门吉比特网络技术股份有限公司 A kind of guard method and system of server end version
CN113132107A (en) * 2019-12-31 2021-07-16 奇安信科技集团股份有限公司 License encryption method and device, license decryption method and device and equipment
CN113098843A (en) * 2021-03-08 2021-07-09 中国地质大学(武汉) High-speed random sampling encryption method for geological and geographical big data
CN113098843B (en) * 2021-03-08 2022-06-14 中国地质大学(武汉) High-speed random sampling encryption method for geological and geographical big data
CN113221149A (en) * 2021-05-27 2021-08-06 深圳市共进电子股份有限公司 Firmware encryption method and device, firmware decryption method and computer equipment
CN113221149B (en) * 2021-05-27 2024-02-09 深圳市共进电子股份有限公司 Firmware encryption method, device, firmware decryption method and computer equipment
CN113315844A (en) * 2021-06-17 2021-08-27 中国农业银行股份有限公司 File encryption transmission method, device, equipment and computer readable storage medium
CN115277158A (en) * 2022-07-21 2022-11-01 温瑾 Data exchange system for data sharing
CN115378590A (en) * 2022-10-27 2022-11-22 国网浙江义乌市供电有限公司 Energy data safe storage method and system based on block chain

Also Published As

Publication number Publication date
WO2015154285A1 (en) 2015-10-15
CN104205117B (en) 2017-04-26

Similar Documents

Publication Publication Date Title
CN104205117A (en) Device file encryption and decryption method and device
US11184164B2 (en) Secure crypto system attributes
CN107086915B (en) Data transmission method, data sending end and data receiving end
US9086819B2 (en) System and method for combining deduplication and encryption of data
US10594472B2 (en) Hybrid fully homomorphic encryption (F.H.E.) systems
US10108557B2 (en) Technologies for memory confidentiality, integrity, and replay protection
EP2817916B1 (en) Cryptographic transmission system using key encryption key
CN107317677B (en) Secret key storage and equipment identity authentication method and device
US20180139041A1 (en) Data encryption apparatus and method, and data decryption apparatus and method
CN103414682A (en) Method for cloud storage of data and system
KR20150122513A (en) Encryption apparatus, method for encryption and computer-readable recording medium
CN110650010A (en) Method, device and equipment for generating and using private key in asymmetric key
CN102377564A (en) Method and device for encrypting private key
CN110661748B (en) Log encryption method, log decryption method and log encryption device
CN107534558B (en) Method for protecting the information security of data transmitted via a data bus and data bus system
EP3311320A1 (en) Accelerated encryption and decryption of files with shared secret and method therefor
CN115499118A (en) Message key generation method, message key generation device, file encryption method, message key decryption method, file encryption device, file decryption device and medium
CN104866784A (en) BIOS encryption-based safety hard disk, and data encryption and decryption method
US20230139104A1 (en) Authenticated encryption apparatus, authenticated decryption apparatus, authenticated encryption system, method, and computer readable medium
CN113326518A (en) Data processing method and device
CN108256346A (en) Guard method, encipherment protection device and the embedded system device of critical data
US10257176B2 (en) Replacing keys in a computer system
CN105681027A (en) HSM encrypted information synchronization method, device and system
CN107483387A (en) A kind of method of controlling security and device
KR101595056B1 (en) System and method for data sharing of intercloud enviroment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant