CN103457723B - A kind of encryption method and the encryption device based on it - Google Patents
A kind of encryption method and the encryption device based on it Download PDFInfo
- Publication number
- CN103457723B CN103457723B CN201310407089.9A CN201310407089A CN103457723B CN 103457723 B CN103457723 B CN 103457723B CN 201310407089 A CN201310407089 A CN 201310407089A CN 103457723 B CN103457723 B CN 103457723B
- Authority
- CN
- China
- Prior art keywords
- encryption
- module
- data stream
- plain text
- encryption device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Abstract
The invention provides a kind of encryption method and the encryption device based on it, encryption method: input is in plain text;Data stream will be resolved in plain text;Data stream is formed encrypting traffic by serial port protocol, and encrypting traffic is obtained ciphertext by serial ports output;Complete encryption.Encryption device: include interface, encrypting module, ciphertext interface and power module in plain text.The encryption method of the present invention is to be stored through a data stream by file, is not document storage system under an operating system, it is not necessary to key;The encryption device of the present invention is to have independent current source and the hardware encryption device of independent operation outside computer, not by the computing capability of computer, ciphering process completes in encryption device, separate with computer operating system, not monitored by computer, its ciphering process and generation password etc. have strict shielding to computer itself, even if computer is thoroughly monitored by hacker, the file encrypted by native system, is still that safe.
Description
Technical field
The present invention relates to a kind of encryption method and the encryption device based on it.
Background technology
Existing encryption method is all based on encryption key, in the case of getting encryption key, holds very much
Easily encryption file is decrypted, thus causes file to be read by malicious persons, reduce encryption file
Safety.
Meanwhile, existing secrecy system, is all that the user to file authorizes, and the authority of such as website is divided
Level, password, U-shield etc..Once hacker pretends to be validated user success, or legal secret key is lost, or hacker
Being directed across shielding harness to enter inside file system, all of file is all can be read, revise and answer
System.
Present secrecy system, basic ideas are all to arrange inspection critical point on network path, with sides such as passwords
Formula, it is ensured that incomer is legal.This protection is not the protection to file itself.Therefore, once hacker enters
File storage area, classified papers do not have oneself protective own.
Present secrecy system, its document storage mode, is all document storage system under an operating system.
Identical storage mode so that the success rate that illegal person attempts breaking through existing secrecy system greatly improves.
Present secrecy system, is all with under computer interconnection, by the computing capability of computer, carries out
The work such as encryption.The most necessarily monitored by computer by computer, its ciphering process and password etc., right
Computer itself does not has shielding.Once computer is thoroughly monitored by hacker, by computer information security
System, does not all have secret.
Summary of the invention
For drawbacks described above and the problem of prior art, the present invention provides a kind of encryption method and based on it
Encryption device, encryption method is not required to use key can realize being in plain text encrypted protection, encryption sets
Getting everything ready independent power supply and computing capability, ciphering process completes in encryption device, with computer operation system
System separates, and improves the safety of ciphering process.
In order to achieve the above object, the invention provides a kind of encryption method, through the following steps that realize:
Step one, input is in plain text;
Step 2, will resolve to data stream in plain text;
Step 3, forms encrypting traffic by data stream by serial port protocol, and by encrypting traffic by string
Mouth output obtains ciphertext;Complete encryption;
Described encryption method is applied at the encryption device presented in portable small device, hardware board
On, and this encryption device has independent current source.
Further, step 2 will resolve to the data stream of 8 binary codes in plain text.
Further, serial port protocol described in step 3 is 232 agreements, 485 agreements or MODBUS agreement
One of, it is also possible to carried out self-defined by user.
Present invention also offers the encryption device based on more than one encryption methods stated, including:
Interface in plain text, for input in plain text or output;
Encrypting module, for obtaining data stream after resolving in plain text;
Ciphertext interface, described ciphertext interface uses serial ports pattern, for being formed by serial port protocol by data stream
Encrypting traffic, and encrypting traffic output is obtained ciphertext;Or ciphertext is obtained encryption data through serial ports
Stream, then encrypting traffic is formed data stream back through serial port protocol;
Power module, is used for providing power supply;
Described plaintext interface, ciphertext interface and power module are connected with encrypting module respectively.
Further, described encryption device also includes logging modle, authorization module, human-computer interaction module, remote
Several modules in range monitoring module and servo programe module, described several be a kind of, two kinds, three kinds, four
Kind or one of five kinds, described logging modle, remote monitoring module and servo programe module respectively with encryption mould
Block connects.
Specifically, described logging modle is used for recording operating process, preserves the identity of operator, operating time
And the mode of operation to file.
Described authorization module is for confirming operator, and described authorization module can be mandate U-shield, refer to
One of stricture of vagina identification or identity card identification, or other can be owing to carrying out the mode of identification.
Described human-computer interaction module realizes operator with the man-machine interaction of encryption device, may refer to show lamp and/or
The modes such as liquid crystal display screen.
Described remote monitoring module realizes monitoring in real time and the remotely operation of the mode of operation to encryption equipment.
Described servo programe module realizes automatically being encrypted servo file or decryption oprerations, and to operation
Process carries out record.
Further, described encryption device can be presented in portable small device, hardware board.
A kind of encryption method of the present invention is based oneself upon and is encrypted file itself, makes each file little by one
Condom protects, and the most protected file can be by normal transmission such as networks, it is also possible to fully
Use currently all existing secrecy licensing scheme.
The encryption method of the present invention, is to be stored through a data stream by file, is not under an operating system
Document storage system, it is not necessary to key.This encryption mode different from existing file storage system,
The encryption method that illegal person will be stoped to crack the present invention.
The encryption method of the present invention, is the protection to classified papers itself, and it is existing to make full use of client
The inspection critical point arranged on network path.Even if the ciphertext obtained through the encryption method of the present invention is non-by the external world
Method obtains, and file content also will not leak out, and then the interests of protection user.
Encryption device based on the encryption method of the present invention, is to have independent current source and independence outside computer
The hardware encryption device of operation, not by the computing capability of computer, ciphering process completes in encryption device,
Separating with computer operating system, do not monitored by computer, its ciphering process and generation password etc. are right
Computer itself has strict shielding, even if computer is thoroughly monitored by hacker, is encrypted by native system
File, be still that safe.
Accompanying drawing explanation
In order to be illustrated more clearly that the embodiment of the present invention or technical scheme of the prior art, below will be to enforcement
In example or description of the prior art, the required accompanying drawing used is briefly described, it should be apparent that, describe below
In accompanying drawing be only some embodiments of the present invention, for those of ordinary skill in the art, do not paying
On the premise of going out creative work, it is also possible to obtain other accompanying drawing according to these accompanying drawings.
Fig. 1 is the connection diagram of the encryption device structure of the present invention.
Detailed description of the invention
Below in conjunction with embodiments of the invention, technical scheme is clearly and completely described,
Obviously, described embodiment is only a part of embodiment of the present invention rather than whole embodiments.Base
Embodiment in the present invention, those of ordinary skill in the art are obtained under not making creative work premise
The every other embodiment obtained, broadly falls into the scope of protection of the invention.
Embodiment 1:
Present embodiments provide a kind of encryption method, through the following steps that realize:
Step one, input is in plain text;Described plaintext can be any type of readable documents, such as doc, jpg,
The file of the forms such as dwg;
Step 2, will resolve to data stream in plain text;Resolve to accordingly according to the storage mode of files in different types
The data stream of form;
Step 3, forms encrypting traffic by data stream by serial port protocol, and by encrypting traffic by string
Mouth output obtains ciphertext;Complete encryption.Data stream selects the initiation site of concrete output according to serial port protocol,
Never obtain encrypting traffic, then obtain ciphertext through serial ports output;Described serial port protocol can be 232 agreements,
One of 485 agreements or MODBUS agreement, it is also possible to carried out self-defined by user.
As a example by plain text " ABC ", further illustrate the encryption method of the present invention:
Step one, input is in plain text " ABC ";
Step 2, resolves to the data stream of 8 binary codes by " ABC " in plain text
“010000010100001001000011”;
Step 3, is formed data stream " 010000010100001001000011 " by 232 serial port protocols
Encrypting traffic " 101111101011110110111100 ", and encrypting traffic is obtained by serial ports output
Ciphertext;Complete encryption.
Serial port protocol described in the step 3 of this enforcement can also use other existing serial port protocols, or oneself
Definition arranges agreement, and such as, serial port protocol can be to insert at least one bit code every four bit codes.
Meanwhile, be necessary for by the inverse process of encryption method, successively by ciphertext through string to obtaining ciphertext deciphering
Mouth obtains encrypting traffic, then by serial port protocol, encrypting traffic is reversely formed data stream, and data flow through
After the parsing of encrypting module, by the output of plaintext interface in plain text.
Embodiment 2
The present embodiment provides a kind of encryption device based on the encryption method of embodiment 1, including:
Interface in plain text, for input in plain text or output;
Encrypting module, for obtaining data stream after resolving in plain text;
Ciphertext interface, described ciphertext interface uses serial ports pattern, for being formed by serial port protocol by data stream
Encrypting traffic, and encrypting traffic output is obtained ciphertext;Or ciphertext is obtained encryption data through serial ports
Stream, then encrypting traffic is formed data stream back through serial port protocol;
Power module, is used for providing power supply;
Described plaintext interface, ciphertext interface and power module are connected with encrypting module respectively.
In order to meet different requirement, the encryption device of the present embodiment can also include logging modle, authorization module,
Several modules in human-computer interaction module, remote monitoring module and servo programe module, described several be a kind of,
One of two kinds, three kinds, four kinds or five kinds, described logging modle, remote monitoring module and servo programe mould
Block is connected with encrypting module respectively.
In order to record operating process, preserve the identity of operator, operating time and the mode of operation to file,
Described cipher machine also includes that logging modle, described logging modle are connected with encrypting-decrypting module.It is able to record that behaviour
Make process, preserve the identity of operator, operating time and which file has been carried out which kind of operation, operating
Cheng Jilu and operating process itself separate, and the file of record operating process separates with the file of encrypted/deciphering,
Such recording medium storage and operation process recording, can be preserved by other people, supervision and oversight encryption equipment
Service condition, also allows for tracing when going wrong.
Specifically, the storage medium that described logging modle uses can be to be solidificated in the SD card within encryption equipment
Deng, it is also possible to it is external storage device, or uses massive store chip, periodically or lead to after being filled with
Cross dedicated program and upload to the memory space such as designated computer or USB flash disk/CD.
In order to ensure the safety in utilization of cipher machine, need operator is carried out authentication, therefore, this reality
Also including authorization module with novel cipher machine, it is achieved the identity validation to operator, described authorization module can
Think one of mandate U-shield, fingerprint recognition or identity card identification, or other can be owing to carrying out identity knowledge
Otherwise.
Further, cipher machine of the present utility model also includes human-computer interaction module, it is achieved operator is with password
The man-machine interaction of machine, described human-computer interaction module may refer to show the mode such as lamp and/or liquid crystal display screen, but encryption/
The core operation of deciphering should be completed by separate hardware system.
According to informationalized development and client and the market demand, the novel cipher machine of this enforcement also includes remotely supervising
Control module, described remote monitoring module is connected with encrypting-decrypting module, it is achieved to the mode of operation of encryption equipment
Monitoring in real time, it is possible to remotely operate.
Efficiently handling official business theory in conjunction with present society, the novel cipher machine of this enforcement can also include servo programe mould
Block, described servo programe module is connected with encrypting-decrypting module, it is achieved automatically servo file is encrypted/
Decryption oprerations, and operating process is carried out record, and whole encryption/decryption processes is in encryption of the present utility model
Machine completes.
It addition, the encryption device of the present embodiment can develop portable small device, it is connected to meter by U mouth
On calculation machine.Being shown as an encryption/deciphering application file on computers, its transformation process is similar by one often
Being converted into one with document (such as .DOC file) have to the file opened of professional software.But encryption and deciphering
Process and encrypting/decrypting method, it is necessary to be saved in portable small device, the most just can ensure that
Encryption/decryption processes is not computer controlled and monitors.
The encryption device of the present embodiment can also develop into one piece of hardware board, embeds other equipment such as server
In, it is achieved the encryption/decryption functionality to special data, to protect the data safety of user.
The above, the only detailed description of the invention of the present invention, but protection scope of the present invention is not limited to
This, any those familiar with the art, in the technical scope that the invention discloses, can readily occur in
Change or replacement, all should contain within protection scope of the present invention.Therefore, protection scope of the present invention should
Described it is as the criterion with scope of the claims.
Claims (6)
1. an encryption method, it is characterised in that: through the following steps that realize:
Step one, input is in plain text;
Step 2, will resolve to data stream in plain text;
Step 3, forms encrypting traffic by data stream by serial port protocol, and by encrypting traffic by string
Mouth output obtains ciphertext;Complete encryption;
Described encryption method is applied at the encryption device presented in portable small device, hardware board
On, and this encryption device has independent current source.
A kind of encryption method the most according to claim 1, it is characterised in that: step 2 will solve in plain text
Analysis is the data stream of 8 binary codes.
A kind of encryption method the most according to claim 1 and 2, it is characterised in that: described in step 3
Serial port protocol is one of 232 agreements, 485 agreements or MODBUS agreement.
4. the encryption device based on the encryption method described in claim 1, it is characterised in that: including:
Interface in plain text, for input in plain text or output;
Encrypting module, for obtaining data stream after resolving in plain text;
Ciphertext interface, described ciphertext interface uses serial ports pattern, for being formed by serial port protocol by data stream
Encrypting traffic, and encrypting traffic output is obtained ciphertext;Or ciphertext is obtained encryption data through serial ports
Stream, then encrypting traffic is formed data stream back through serial port protocol;
Power module, is used for providing power supply;
Described plaintext interface, ciphertext interface and power module are connected with encrypting module respectively.
Encryption device the most according to claim 4, it is characterised in that: described encryption device also includes note
Several moulds in record module, authorization module, human-computer interaction module, remote monitoring module and servo programe module
Block, described several be a kind of, two kinds, three kinds, one of four kinds or five kinds, described logging modle, remotely
Monitoring module and servo programe module are connected with encrypting module respectively.
6. according to the encryption device described in claim 4 or 5, it is characterised in that: described encryption device is permissible
Presented in portable small device, hardware board.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310407089.9A CN103457723B (en) | 2013-09-10 | 2013-09-10 | A kind of encryption method and the encryption device based on it |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201310407089.9A CN103457723B (en) | 2013-09-10 | 2013-09-10 | A kind of encryption method and the encryption device based on it |
Publications (2)
Publication Number | Publication Date |
---|---|
CN103457723A CN103457723A (en) | 2013-12-18 |
CN103457723B true CN103457723B (en) | 2016-08-10 |
Family
ID=49739719
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201310407089.9A Expired - Fee Related CN103457723B (en) | 2013-09-10 | 2013-09-10 | A kind of encryption method and the encryption device based on it |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN103457723B (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103746791B (en) * | 2013-12-19 | 2017-02-08 | 广东芬尼克兹节能设备有限公司 | Encryption communication device and method applied to the field of industry |
CN106130999A (en) * | 2016-06-30 | 2016-11-16 | 北京奇虎科技有限公司 | Data transmission method, apparatus and system |
CN109450857B (en) * | 2018-10-12 | 2022-05-31 | 五八有限公司 | Encrypted data configuration method, device, server, encryption equipment and storage medium |
CN113765900B (en) * | 2021-08-24 | 2023-09-26 | 深圳融安网络科技有限公司 | Protocol interaction information output transmission method, adapter device and storage medium |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1536503A (en) * | 2003-04-08 | 2004-10-13 | ������������ʽ���� | Enciphered circuit |
CN201838004U (en) * | 2010-11-02 | 2011-05-18 | 中国人民武装警察部队成都指挥学院 | Hardware encryption card for computer interface |
Family Cites Families (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8804953B2 (en) * | 2008-11-18 | 2014-08-12 | Red Hat, Inc. | Extensive ciphertext feedback |
TWI473473B (en) * | 2011-11-08 | 2015-02-11 | Inst Information Industry | Sequence data transmission system, method and recording medium thereof |
-
2013
- 2013-09-10 CN CN201310407089.9A patent/CN103457723B/en not_active Expired - Fee Related
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN1536503A (en) * | 2003-04-08 | 2004-10-13 | ������������ʽ���� | Enciphered circuit |
CN201838004U (en) * | 2010-11-02 | 2011-05-18 | 中国人民武装警察部队成都指挥学院 | Hardware encryption card for computer interface |
Also Published As
Publication number | Publication date |
---|---|
CN103457723A (en) | 2013-12-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106169041B (en) | A kind of safety encryption mobile hard disk and its data transmission method based on USBKEY authentication | |
CN105915502A (en) | Method and system for facilitating network joining | |
CN108229220B (en) | System and method for trusted presentation of information on untrusted user devices | |
CN103745164B (en) | A kind of file safety storage method based on environmental and system | |
CN103457723B (en) | A kind of encryption method and the encryption device based on it | |
WO2018216988A1 (en) | Security authentication system and security authentication method for creating security key by combining authentication factors of multiple users | |
CN103780609A (en) | Cloud data processing method and device and cloud data security gateway | |
CN111046405B (en) | Data processing method, device, equipment and storage medium | |
CN105205376A (en) | Method for logging into intelligent application through fingerprints based on Android system | |
CN105279447A (en) | Method and device for data encryption, and method and device for data decryption | |
CN103824014A (en) | Isolation certificating and monitoring method of USB (universal serial bus) port within local area network | |
JP2017530636A (en) | Authentication stick | |
CN108989019A (en) | Content resource safety system based on block chain technology | |
CN102270182B (en) | Encrypted mobile storage equipment based on synchronous user and host machine authentication | |
CN102761559B (en) | Network security based on private data shares method and communication terminal | |
KR101043255B1 (en) | Usb hub device for providing datasecurity and method for providing datasecurity using the same | |
TW201409977A (en) | Communication system utilizing fingerprint information and use of the system | |
CN104239809A (en) | File protecting method, file protecting device, file decryption method, file decryption device and terminal | |
WO2018216991A1 (en) | Security authentication method for creating security key by combining authentication factors of multiple users | |
CN105847261A (en) | Bluetooth wireless encryption and decryption-based electronic signature method | |
CN107135074A (en) | A kind of advanced security method and apparatus | |
CN106156571B (en) | Encrypting fingerprint tool, encrypting fingerprint tool encrypting and deciphering system and encipher-decipher method | |
CN203423701U (en) | Cipher machine | |
CN106027535A (en) | Campus network security authentication system and method | |
CN102426635B (en) | Display device for file information, display method and system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20191104 Address after: 210000 room 111, building 24, baodiyuan, Gulou District, Nanjing City, Jiangsu Province Patentee after: Nanjing Guangze Technology Co., Ltd Address before: 100081 Beijing city Haidian District Daliushu Road No. 2 Building No. 232 West nine Co-patentee before: Xu Guangyu Patentee before: Xu Guangmei |
|
CF01 | Termination of patent right due to non-payment of annual fee | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20160810 Termination date: 20200910 |