[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN114844640A - Encryption and decryption method based on RSA algorithm - Google Patents

Encryption and decryption method based on RSA algorithm Download PDF

Info

Publication number
CN114844640A
CN114844640A CN202110137486.3A CN202110137486A CN114844640A CN 114844640 A CN114844640 A CN 114844640A CN 202110137486 A CN202110137486 A CN 202110137486A CN 114844640 A CN114844640 A CN 114844640A
Authority
CN
China
Prior art keywords
authorization
file
private key
key
service system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110137486.3A
Other languages
Chinese (zh)
Inventor
程磊
孙超
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong Chinasoft Goldencis Software Co ltd
Original Assignee
Shandong Chinasoft Goldencis Software Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong Chinasoft Goldencis Software Co ltd filed Critical Shandong Chinasoft Goldencis Software Co ltd
Priority to CN202110137486.3A priority Critical patent/CN114844640A/en
Publication of CN114844640A publication Critical patent/CN114844640A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3006Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
    • H04L9/302Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the integer factorization problem, e.g. RSA or quadratic sieve [QS] schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • H04L9/3249Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures using RSA or related signature schemes, e.g. Rabin scheme

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides an encryption and decryption method based on an RSA algorithm, which comprises the following steps: the authorized party generates a public and private key, the authorized party stores the private key, and the public key is placed in the service system; step two: the authorization party encrypts the authorization information through a private key; step three: generating an authorization file from the encrypted ciphertext; step four: uploading the authorization file to a service system; step five: verifying and decrypting the authorization file through a public key in a service system; step six: obtaining authorization information in an authorization file; step seven: and performing service logic control according to the authorization information. The invention adopts an asymmetric encryption mode, increases the security and the non-tamper property of the authorization file, reduces the risk of disclosure by a public key mode and a private key mode, and meets the requirements of the security and the uniqueness of the authorization file.

Description

Encryption and decryption method based on RSA algorithm
Technical Field
The invention relates to an encryption and decryption method based on an RSA algorithm, and belongs to the technical field of information security.
Background
At present, symmetric encryption algorithms such as DES and AES are used for encrypting and decrypting the authorization file. However, as the risk of information leakage gradually increases, the traditional symmetric encryption algorithm encrypts the authorization file, and if any end leaks the secret key, the authorization file becomes no longer secure. The prior art implementation is as follows:
encryption by an authorized party: get to a symmetric encryption key such as AES. And encrypting the authorization information to obtain a ciphertext, writing the ciphertext into the authorization file, and generating the authorization file.
And (3) decryption by the service system side: and the application system receives the authorization file, decrypts the ciphertext through the secret key, receives the decrypted authorization information and verifies the authorization information.
In any party of the method, the authorization information can be revealed or the authorization file can be imitated when the secret key is scattered or spread, and the safety cannot be guaranteed.
Disclosure of Invention
In order to solve the above problems, the present invention provides an encryption and decryption method based on RSA algorithm, the specific technical scheme is as follows,
an encryption and decryption method based on RSA algorithm comprises the following steps:
the method comprises the following steps: the authorized party generates a public and private key, the authorized party stores the private key, and the public key is placed in the service system;
step two: the authorization party encrypts the authorization information through a private key;
step three: generating an authorization file from the encrypted ciphertext;
step four: uploading the authorization file to a service system;
step five: verifying and decrypting the authorization file through a public key in a service system;
step six: obtaining authorization information in an authorization file;
step seven: and performing service logic control according to the authorization information.
Preferably, the specific method for the authorizer to generate the authorization file is as follows: loading the content of a private key file through FileInputStream in jdk1.8, generating an RSAPrivateKey object through the private key, then generating a Cipher object through a Cipher.
Further, the specific method for the service system to obtain the authorization information is as follows: key, and load to the memory of the business system, obtain the ciphertext content of the authorization file, load the public key file content through FileInputStream type in jdk1.8, generate RSAPublic Key object through the public key, then generate Cipher object through Cipher.
The invention uses RSA encryption mode to encrypt the authorization file, the RSA encryption is divided into public key and private key, the authorized party generates public and private key pair, the private key is held by the authorized file generating party. The public key is a public key as the name implies, and is generally placed in a service system without special confidentiality. The private key is used for encrypting the signature of the authorization file to ensure the source uniqueness of the authorization file, the public key is put into a business system, and the public and private keys are pairing keys. When the authorization file is signed with the private key, only the public key can be verified. The security and the uniqueness of the authorization file can be ensured as long as the private key is ensured not to be leaked. The asymmetric encryption mode increases the security and the non-tamper property of the authorization file, reduces the risk of disclosure by a public key mode and a private key mode, and meets the requirements of the security and the uniqueness of the authorization file.
Drawings
Fig. 1 is a flowchart of the encryption and decryption method based on RSA algorithm according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Abbreviations and key term definitions:
RSA: an asymmetric encryption algorithm. The RSA asymmetric encryption is divided into a public key and a private key, the private key is kept at an authorizer, and the public key is placed in a business system.
DES, AES: a symmetric encryption algorithm.
As shown in fig. 1, an encryption and decryption method based on RSA algorithm includes the following steps:
the method comprises the following steps: the authorization party generates a public and private key, the authorization party stores a private key, and the public key is placed in the service system;
step two: the authorization party encrypts the authorization information through a private key;
step three: generating an authorization file from the encrypted ciphertext;
step four: uploading the authorization file to a service system;
step five: verifying and decrypting the authorization file through a public key in a service system;
step six: obtaining authorization information in an authorization file;
step seven: and performing service logic control according to the authorization information.
The specific method for the authorization party to generate the authorization file comprises the following steps: loading the content of a private key file through FileInputStream in jdk1.8, generating an RSAPrivateKey object through the private key, then generating a Cipher object through a Cipher.
The specific method for the service system to obtain the authorization information comprises the following steps: key, and load to the memory of the business system, obtain the ciphertext content of the authorization file, load the public key file content through FileInputStream type in jdk1.8, generate RSAPublic Key object through the public key, then generate Cipher object through Cipher. And converting the authorization information into an authorization object, and performing logic processing of service authorization.
Specific examples are as follows: when a certain service system is deployed to a client site, a manufacturer is required to authorize the service system. The manufacturer firstly generates an RSA public and private key pair, a public key is placed in a service system, and a private key is stored in the manufacturer. After the service system is deployed, the service system can normally operate only if authorization is required. At this time, the manufacturer signs and encrypts the authorization information according to the private key of the manufacturer, writes the ciphertext into the authorization file, and sends the authorization file to the client. After the client receives the authorization file, the authorization file is uploaded to a service system, the service system receives the ciphertext in the authorization file, and verification and decryption are performed according to a public key in the service system, so that authorization information is obtained. And then the service system finds the conformity according to the authorization information, the service system can normally operate, otherwise, the service system does not normally operate.
In the process of generating the authorization file of the authorization party, the private key is used for carrying out signature encryption on the authorization file, in the process of authorization verification of the service system party, the public key is used for carrying out verification decryption, if the verification is passed, the authorization file is proved to be valid, and then service logic processing is carried out. The asymmetric encryption mode increases the security and the non-tamper property of the authorization file, reduces the risk of disclosure by a public key mode and a private key mode, and meets the requirements of the security and the uniqueness of the authorization file.
Although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that modifications may be made to the embodiments described in the foregoing embodiments, or equivalents may be substituted for elements thereof.

Claims (3)

1. An encryption and decryption method based on RSA algorithm is characterized in that: the method comprises the following steps:
the method comprises the following steps: the authorized party generates a public and private key, the authorized party stores the private key, and the public key is placed in the service system;
step two: the authorization party encrypts the authorization information through a private key;
step three: generating an authorization file from the encrypted ciphertext;
step four: uploading the authorization file to a service system;
step five: verifying and decrypting the authorization file through a public key in a service system;
step six: obtaining authorization information in an authorization file;
step seven: and performing service logic control according to the authorization information.
2. An RSA algorithm based encryption and decryption method according to claim 1, characterized in that: the specific method for the authorization party to generate the authorization file comprises the following steps: loading the content of a private key file through FileInputStream in jdk1.8, generating an RSAPrivateKey object through the private key, then generating a Cipher object through a Cipher.
3. An RSA algorithm-based encryption and decryption method according to claim 2, characterized in that: the specific method for the service system to acquire the authorization information comprises the following steps: key, and load to the memory of the business system, obtain the ciphertext content of the authorization file, load the public key file content through FileInputStream type in jdk1.8, generate RSAPublic Key object through the public key, then generate Cipher object through Cipher.
CN202110137486.3A 2021-02-01 2021-02-01 Encryption and decryption method based on RSA algorithm Pending CN114844640A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110137486.3A CN114844640A (en) 2021-02-01 2021-02-01 Encryption and decryption method based on RSA algorithm

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110137486.3A CN114844640A (en) 2021-02-01 2021-02-01 Encryption and decryption method based on RSA algorithm

Publications (1)

Publication Number Publication Date
CN114844640A true CN114844640A (en) 2022-08-02

Family

ID=82560886

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110137486.3A Pending CN114844640A (en) 2021-02-01 2021-02-01 Encryption and decryption method based on RSA algorithm

Country Status (1)

Country Link
CN (1) CN114844640A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116506188A (en) * 2023-05-04 2023-07-28 北京众谊越泰科技有限公司 Operation method and system of asymmetric encryption algorithm based on B/S architecture

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116506188A (en) * 2023-05-04 2023-07-28 北京众谊越泰科技有限公司 Operation method and system of asymmetric encryption algorithm based on B/S architecture
CN116506188B (en) * 2023-05-04 2024-03-29 北京众谊越泰科技有限公司 Operation method and system of asymmetric encryption algorithm based on B/S architecture

Similar Documents

Publication Publication Date Title
CN101651543B (en) Creditable calculation platform key migration system and key migration method thereof
CN109510708B (en) Public key password calculation method and system based on Intel SGX mechanism
JP4673890B2 (en) How to transfer a certification private key directly to a device using an online service
US6769060B1 (en) Method of bilateral identity authentication
CN110958219B (en) SM2 proxy re-encryption method and device for medical cloud shared data
CN104796265A (en) Internet-of-things identity authentication method based on Bluetooth communication access
US6718468B1 (en) Method for associating a password with a secured public/private key pair
CN104268447A (en) Encryption method of embedded software
US6704868B1 (en) Method for associating a pass phase with a secured public/private key pair
US11870904B2 (en) Method for encrypting and decrypting data across domains based on privacy computing
CN101651538A (en) Method for safe transmission of data based on creditable password module
CN110233729A (en) A kind of encryption solid-state disk key management method based on PUF
CN108551391B (en) Authentication method based on USB-key
CN114844640A (en) Encryption and decryption method based on RSA algorithm
KR101262844B1 (en) Apparatus for relaying remote meter data for controlling network access and method thereof
Keleman et al. Secure firmware update in embedded systems
CN106953917A (en) Method of data synchronization and system
EP3185504A1 (en) Security management system for securing a communication between a remote server and an electronic device
EP4142214A1 (en) Method for securely provisioning a device incorporating an integrated circuit without using a secure environment
CN113114458A (en) Encryption certificate generation method, decryption method, encryption certificate generation device, decryption device and encryption certificate system
JPH11231776A (en) Method and device for issuing certificate
US11928247B2 (en) Methods and devices for AI model integrity and secrecy protection
CN118036097B (en) Consumable anti-counterfeiting authentication implementation method based on PUF
JP4000899B2 (en) Cryptographic method with authentication, decryption method and device with authentication, program, and computer-readable recording medium
CN116680710A (en) Cipher key authentication method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination