CN104410493A - Secure data storage method and secure data read method based on distributed system infrastructure - Google Patents
Secure data storage method and secure data read method based on distributed system infrastructure Download PDFInfo
- Publication number
- CN104410493A CN104410493A CN201410626012.5A CN201410626012A CN104410493A CN 104410493 A CN104410493 A CN 104410493A CN 201410626012 A CN201410626012 A CN 201410626012A CN 104410493 A CN104410493 A CN 104410493A
- Authority
- CN
- China
- Prior art keywords
- data
- random key
- information
- ciphertext
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses a secure data storage method based on a distributed system infrastructure. The method comprises a first step of generating digest information; a second step of encrypting data; a third step of hiding a random secret key; a fourth step of storing a ciphertext; and a fifth step of storing related information. In the first step, data to be stored is signed by an information digest algorithm so as to generate the digest information; in the second step, the data to be stored is encrypted by the random secret key generated by a secret key generation function so as to acquire corresponding ciphertext; in the third step, the random secret key generated in the second step is hidden so as to acquire random secret key information of the ciphertext; in the fourth step, the ciphertext acquired in the second step is stored in a distributed file system; and in the fifth step, the digest information generated in the first step, the random secret key information acquired in the third step and file names are stored in an open source database. The invention also discloses a secure data read method based on the distributed system infrastructure.
Description
Technical field
The present invention relates to technical field of cryptology, particularly relate to a kind of data security based on distributed system architecture and store and read method.
Background technology
What cryptographic algorithm was mainly applied has two kinds: symmetric encipherment algorithm and rivest, shamir, adelman.
The feature of symmetric encipherment algorithm is that algorithm is open, amount of calculation is little, enciphering rate is fast, encryption efficiency is high; Weak point is, encryption and decryption use identical key, and fail safe can not be guaranteed, and key is difficult to management.
And rivest, shamir, adelman uses two complete differences but is a pair key-PKI and private key that mate completely.When using rivest, shamir, adelman encrypt file, only having a pair PKI and private key that use coupling, just can complete encryption and decryption process expressly.The shortcoming of asymmetric encryption is that encryption/decryption speed is slow and efficiency is very low, inapplicablely carries out encryption and decryption to a large amount of data.
Data source in current most of system application is more, data volume is huge, especially require very high to time efficiency.Therefore, the cryptographic algorithm that enciphering rate is fast and efficiency is high is more suitable for the encryption and decryption to mass data.
Summary of the invention
The object of this invention is to provide a kind of based on the secure storage method of data of distributed system architecture and the data safe reading method of correspondence thereof, be suitable for the encryption and decryption to mass data, and fully can ensure integrality and the confidentiality of data in mass data storage/reading.
For achieving the above object, embodiments provide a kind of secure storage method of data based on distributed system architecture, comprise step:
S1, generation summary info; Adopt Message Digest 5 to carry out signature process to needing the data stored, thus generate summary info;
S2, enciphered data; Adopt the random key that key-function generates, the described data stored that need are encrypted, thus obtain corresponding ciphertext;
S3, hiding random key; Carry out hiding process to the described random key generated in step S2, thus obtain the random key information of described ciphertext;
S4, storage ciphertext; The described ciphertext obtained in step S2 is stored in distributed file system;
S5, storage relevant information; The described random key information obtained in the described summary info generated in step S1, step S3 is together stored in PostgreSQL database with filename.
As the improvement of technique scheme, in described S1, described each attribute of the data stored and the random filler of needing is utilized to generate described summary info; Wherein, described attribute comprises user password information.
In another embodiment of the invention, described step S3 specifically comprises step:
S31, employing Hash function process the described summary info generated in step S1, obtain encryption key;
S32, utilize described encryption key to be encrypted the described random key generated in step S2, thus obtain the random key information of described ciphertext.
In another embodiment of the present invention, described step S3 specifically comprises step:
S31, SHA cryptographic algorithm is taked to need each attribute of the data stored and random filler to carry out summary to process to described, obtain digest value (byte arrays), and utilize user password information to be encrypted described digest value, thus obtain described summary info;
S32, employing Hash function process the described byte arrays generated in step S31, obtain a N bit encryption key;
S33, utilize the described random key generated in described N bit encryption double secret key step S2 to be encrypted, thus obtain the random key information of described ciphertext.
As the improvement of technique scheme, in described PostgreSQL database, the M table with three column units is adopted to store; Described three column units comprise row keyword key, time stamp T and row race Md respectively; Described row keyword key is used for storage file name; Md comprises hKey and mD two labels, preserves random key information and summary info respectively; Adopt hKey to be the data that full 0 represents without the need to encryption, and mD is for checking the integrality of data.
The embodiment of the invention also discloses a kind of data safe reading method based on distributed system architecture, be applicable to the data reading storage means as claimed in claim 1 storage, comprise step:
S01, reading ciphertext; Ciphertext is read from distributed file system;
S02, reading relevant information; From PostgreSQL database, read relevant information, described relevant information comprises filename, summary info and random key information;
S03, acquisition random key; Hiding reverse process is carried out to the described random key information read, thus obtains random key;
S04, data decryption; The described random key utilizing step S03 to obtain is decrypted process to the ciphertext that step S01 reads, thus obtains corresponding data;
S05, checked for integrity; Take described Message Digest 5 to carry out signature process to the described data obtained in step S04, thus generate digital digest information; And the described summary info obtained in described digital digest information and step S01 is carried out the integrality that contrasts to judge described data.
As the improvement of technique scheme, between described step S02 and step S03, also comprise step:
Judge data type: the ciphertext that the random key information obtained by step S02 to read in determining step S01 is the need of deciphering: if described random key information is 0, then go to and perform step S05; If described random key information is not 0, then continue step S03.
In another embodiment of the invention, described step S03 specifically comprises step:
S031, employing Hash function and user password information carry out inverse processing to the described summary info read in step S02, thus obtain encryption key;
S032, utilize described encryption key to be decrypted the described random key information read in step S02, thus obtain the random key of described ciphertext.
In another embodiment of the present invention, described step S03 specifically comprises step:
S031, take SHA cryptographic algorithm and user password information to carry out inverse processing to described summary info, obtain a byte arrays;
S032, employing Hash function process the described byte arrays generated in step S031, obtain a N bit encryption key;
S033, utilize the described random key information read in described N bit encryption double secret key step S02 to be decrypted, thus obtain the random key of described ciphertext.
Compared with prior art, data security based on distributed system architecture disclosed by the invention stores and read method, realized by cryptographic method, choose appropriate cryptographic algorithm and Message Digest 5, fully can ensure integrality and the confidentiality of certificate in mass data storage, also there is following beneficial effect:
(1) high security.Each time key used is encrypted to data all different, plays often close effect once; Even if be cracked through one of them ciphertext of encryption, other encrypt file have employed different keys, still fool proof.
(2) management is easy to.When each user uses symmetric encipherment algorithm at every turn, only need to use other people even not need password by ignorant only key, user uses and manages very convenient.
(3) change of secret code is convenient.When for system safety angle to security strategy make adjustment need user to change password time, without the need to all decrypt data through encryption, also need not carry out re-encrypted with the key of new change, it is convenient also to bring to user while guaranteed efficiency.
Accompanying drawing explanation
In order to be illustrated more clearly in the embodiment of the present invention or technical scheme of the prior art, be briefly described to the accompanying drawing used required in embodiment or description of the prior art below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the prerequisite not paying creative work, other accompanying drawing can also be obtained according to these accompanying drawings.
Fig. 1 is the flow chart of a kind of secure storage method of data based on distributed system architecture in the embodiment of the present invention 1.
Fig. 2 is the idiographic flow schematic diagram of the secure storage method of data based on distributed system architecture shown in Fig. 1.
A kind of flow chart of the secure storage method of data based on distributed system architecture in Fig. 3 embodiment of the present invention 2.
Fig. 4 is the idiographic flow schematic diagram generating random key information in the secure storage method of data shown in Fig. 3.
A kind of flow chart of the secure storage method of data based on distributed system architecture in Fig. 5 embodiment of the present invention 3.
Fig. 6 is the idiographic flow schematic diagram generating random key information in the secure storage method of data shown in Fig. 5.
Fig. 7 is the flow chart of a kind of data safe reading method based on distributed system architecture in the embodiment of the present invention 4.
Fig. 8 is the idiographic flow schematic diagram of the secure storage method of data based on distributed system architecture shown in Fig. 7.
A kind of flow chart of the data safe reading method based on distributed system architecture in Fig. 9 embodiment of the present invention 5.
A kind of flow chart of the data safe reading method based on distributed system architecture in Figure 10 embodiment of the present invention 6.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, those of ordinary skill in the art, not making the every other embodiment obtained under creative work prerequisite, belong to the scope of protection of the invention.
Embodiment 1
See Fig. 1, it is the flow chart of a kind of secure storage method of data based on distributed system architecture that the embodiment of the present invention provides.Step should be comprised based on the secure storage method of data of distributed system architecture:
S1, generation summary info; Adopt Message Digest 5 to carry out signature process to needing the data stored, thus generate summary info;
S2, enciphered data; Adopt the random key that key-function generates, the described data stored that need are encrypted, thus obtain corresponding ciphertext;
S3, hiding random key; Carry out hiding process to the described random key generated in step S2, thus obtain the random key information of described ciphertext;
S4, storage ciphertext; The described ciphertext obtained in step S2 is stored in distributed file system DFS;
S5, storage relevant information; The described random key information obtained in the described summary info generated in step S1, step S3 is together stored in PostgreSQL database DB with filename.
Data due to current most of core memory are encryptions, if can not get corresponding key information, the information of wherein encrypting is a string mess code failed to understand.For integrality, the present embodiment generates a summary info to needing the data in advance stored, and like this in time reading data, just can utilize the integrality of summary info verification msg.In addition, conveniently to the operation of key information, ciphertext and key information are stored respectively, make all to impact ciphertext any operation of key information.Fig. 2 shows the specific operation process of the secure storage method of data based on distributed system architecture of the present embodiment.
In addition, in the present embodiment, in order to by key information and summary info stored in PostgreSQL database DB, devise the structure of M table.M table mainly contains three row, be respectively row keyword key for storage file name, time stamp T and row race Md, Md comprise hKey and mD two labels and preserve key information and summary info respectively.In addition, for the data not needing to encrypt, adopt hKey to be that full 0 is distinguished, mD then normally uses the integrality checking data.
The present embodiment adopts distributed file system DFS, and be applicable to mass data storage, particularly will be suitable for the EMS EMS in power application system, the frequency of its data acquisition and storage is very high, and general relational database can not meet load far away.In addition, relational database is with data volume rapid growth, the decrease in efficiency of its inquiry is obvious, and the present embodiment uses PostgreSQL database DB can keep original high efficiency, it is a kind of telescopic distributed storage system, and when calling mass data, still can high-performance be kept, ensure that the reliability of data.
Embodiment 2
See Fig. 3, it is the flow chart of a kind of secure storage method of data based on distributed system architecture that the embodiment of the present invention provides.The secure storage method of data be somebody's turn to do based on distributed system architecture of the present embodiment comprise step:
S1, generation summary info; Adopt Message Digest 5 to carry out signature process to needing the data stored, thus generate summary info;
In this step, described each attribute of the data stored and the random filler of needing preferably is utilized to generate described summary info; Wherein, described attribute comprises user password information, and like this after user have modified encrypted message, random key information changes thereupon, does not but need, to all ciphertext re-encrypteds, to improve efficiency, reduce complexity.In addition, for user and system, only have key information to need management, simplify the management of key.Random filler is used mainly to prevent dictionary attack and precalculate attack.
S2, enciphered data; Adopt the random key that key-function generates, the described data stored that need are encrypted, thus obtain corresponding ciphertext;
S31, employing Hash function process the described summary info generated in step S1, obtain encryption key;
S32, utilize described encryption key to be encrypted the described random key generated in step S2, thus obtain the random key information of described ciphertext;
S4, storage ciphertext; The described ciphertext obtained in step S2 is stored in distributed file system DFS;
S5, storage relevant information; The described random key information obtained in the described summary info generated in step S1, step S32 is together stored in PostgreSQL database DB with filename.
Composition graphs 4, the secure storage method of data flow process of the present embodiment and embodiment 1 is basically identical, unlike, the present embodiment utilizes encryption key to realize carrying out Information hiding to random key to the mode that random key is encrypted, thus obtain the random key information of corresponding ciphertext, to solve the cipher key management considerations of symmetric encipherment algorithm.And the encryption key used obtains for adopting Hash function to process the described summary info generated in step S1.And the described summary info generated in S1 is utilize Message Digest 5 to calculate generation to described each attribute (such as, can comprise user password information) of the data stored and the random filler of needing.
Embodiment 3
See Fig. 5, it is the flow chart of a kind of secure storage method of data based on distributed system architecture that the embodiment of the present invention provides.The secure storage method of data be somebody's turn to do based on distributed system architecture of the present embodiment comprise step:
S1, generation summary info; Adopt Message Digest 5 to carry out signature process to needing the data stored, thus generate summary info;
In this step, described each attribute of the data stored and the random filler of needing preferably is utilized to generate described summary info; Wherein, described attribute comprises user password information.
S2, enciphered data; Adopt the random key that key-function generates, the described data stored that need are encrypted, thus obtain corresponding ciphertext;
S31, SHA cryptographic algorithm is taked to need each attribute of the data stored and random filler to carry out summary to process to described, obtain digest value (byte arrays), and utilize user password information to be encrypted described digest value, thus obtain described summary info;
S32, employing Hash function process the described byte arrays generated in step S31, obtain a N bit encryption key;
S33, utilize the described random key generated in described N bit encryption double secret key step S2 to be encrypted, thus obtain the random key information of described ciphertext;
S4, storage ciphertext; The described ciphertext obtained in step S2 is stored in distributed file system DFS;
S5, storage relevant information; The described random key information obtained in the described summary info generated in step S1, step S33 is together stored in PostgreSQL database DB with filename.
Composition graphs 6, the secure storage method of data flow process of the present embodiment and embodiment 1 is basically identical, unlike, the mode that the present embodiment utilizes a N bit encryption double secret key random key to be encrypted realizes carrying out Information hiding to random key, thus obtain the random key information of corresponding ciphertext, to solve the cipher key management considerations of symmetric encipherment algorithm.And the N bit encryption key used needs each attribute of the data that store and a random filler process and a byte arrays obtaining process and obtain to through SHA cryptographic algorithm to described for adopting Hash function.
Embodiment 4
See Fig. 7, it is the flow chart of a kind of data safe reading method based on distributed system architecture that the embodiment of the present invention provides.Should be applicable to read based on the data safe reading method of distributed system architecture the data adopting the secure storage method of data described in embodiment 1 to store, specifically comprise step:
S01, reading ciphertext; Ciphertext is read from distributed file system;
S02, reading relevant information; From PostgreSQL database, read relevant information, described relevant information comprises filename, summary info and random key information;
S03, acquisition random key; Hiding reverse process is carried out to the described random key information read, thus obtains random key;
S04, data decryption; The described random key utilizing step S03 to obtain is decrypted process to the ciphertext that step S01 reads, thus obtains corresponding data;
S05, checked for integrity; Take described Message Digest 5 to carry out signature process to the described data obtained in step S04, thus generate digital digest information; And the described summary info obtained in described digital digest information and step S01 is carried out the integrality that contrasts to judge described data.If both are different, then illustrate that the data in storing have been tampered, if both are the same, then illustrate that the data in storing are normal.
Preferably, between described step S02 and step S03, also comprise step: judge data type: the ciphertext that the random key information obtained by step S02 to read in determining step S01 is the need of deciphering: if described random key information is 0, then go to and perform step S05; If described random key information is not 0, then continue step S03.
As shown in Figure 8, when reading the data, two parts work is mainly contained: obtain the information and integrity checking of maintaining secrecy.First from PostgreSQL database DB and distributed file system DFS, corresponding data are obtained, then whether be ciphertext according to data in key information determination distributed file system DFS and carry out respective handling according to actual conditions, the integrality of terminal check data, to determine the integrality of data.Detailed process as shown in Figure 8.
Embodiment 5
See Fig. 9, it is the flow chart of a kind of data safe reading method based on distributed system architecture that the embodiment of the present invention provides.Should be applicable to read based on the data safe reading method of distributed system architecture the data adopting the secure storage method of data described in embodiment 2 to store, specifically comprise step:
S01, reading ciphertext; Ciphertext is read from distributed file system;
S02, reading relevant information; From PostgreSQL database, read relevant information, described relevant information comprises filename, summary info and random key information;
S031, employing Hash function and user password information carry out inverse processing to the described summary info read in step S02, thus obtain encryption key;
S032, utilize described encryption key to be decrypted the described random key information read in step S02, thus obtain the random key of described ciphertext;
S04, data decryption; The described random key utilizing step S032 to obtain is decrypted process to the ciphertext that step S01 reads, thus obtains corresponding data;
S05, checked for integrity; Take described Message Digest 5 to carry out signature process to the described data obtained in step S04, thus generate digital digest information; And the described summary info obtained in described digital digest information and step S01 is carried out the integrality that contrasts to judge described data.If both are different, then illustrate that the data in storing have been tampered, if both are the same, then illustrate that the data in storing are normal.
Preferably, between described step S02 and step S031, also comprise step: judge data type: the ciphertext that the random key information obtained by step S02 to read in determining step S01 is the need of deciphering: if described random key information is 0, then go to and perform step S05; If described random key information is not 0, then continue step S031.
Embodiment 6
See Figure 10, it is the flow chart of a kind of data safe reading method based on distributed system architecture that the embodiment of the present invention provides.Should be applicable to read based on the data safe reading method of distributed system architecture the data adopting the secure storage method of data described in embodiment 3 to store, specifically comprise step:
S01, reading ciphertext; Ciphertext is read from distributed file system;
S02, reading relevant information; From PostgreSQL database, read relevant information, described relevant information comprises filename, summary info and random key information;
S031, take SHA cryptographic algorithm and user password information to carry out inverse processing to described summary info, obtain a byte arrays;
S032, employing Hash function process the described byte arrays generated in step S031, obtain a N bit encryption key;
S033, utilize the described random key information read in described N bit encryption double secret key step S02 to be decrypted, thus obtain the random key of described ciphertext;
S04, data decryption; The described random key utilizing step S033 to obtain is decrypted process to the ciphertext that step S01 reads, thus obtains corresponding data;
S05, checked for integrity; Take described Message Digest 5 to carry out signature process to the described data obtained in step S04, thus generate digital digest information; And the described summary info obtained in described digital digest information and step S01 is carried out the integrality that contrasts to judge described data.If both are different, then illustrate that the data in storing have been tampered, if both are the same, then illustrate that the data in storing are normal.
Preferably, between described step S02 and step S031, also comprise step: judge data type: the ciphertext that the random key information obtained by step S02 to read in determining step S01 is the need of deciphering: if described random key information is 0, then go to and perform step S05; If described random key information is not 0, then continue step S031.
Concrete, 3 illustrate how the present embodiment realizes the inspection of data (message) integrality of step S05 in conjunction with the embodiments.Put in method in the data storage of embodiment 3, first make a summary to needing the data stored with SHA algorithm, and then the encrypted private key of digest value (character array) by information source (user password information), thus form summary info to be stored in the database D B of Katyuan.When reading these data, first the plaintext (data) that step S04 reads being made a summary with same SHA algorithm, being formed " accurate label body ".And with the PKI of information source (user password information), the summary info in step S02 is decrypted, " the label body " that decrypt compares with " standard signs body ", just think that if identical data (message) are complete, otherwise data (message) are imperfect.
In sum, data security based on distributed system architecture disclosed by the invention stores and read method, realized by cryptographic method, choose appropriate cryptographic algorithm and Message Digest 5, fully can ensure integrality and the confidentiality of certificate in mass data storage, also there is following beneficial effect:
(1) high security.Each time key used is encrypted to data all different, plays often close effect once; Even if be cracked through one of them ciphertext of encryption, other encrypt file have employed different keys, still fool proof.
(2) management is easy to.When each user uses symmetric encipherment algorithm at every turn, only need to use other people even not need password by ignorant only key, user uses and manages very convenient.
(3) change of secret code is convenient.When for system safety angle to security strategy make adjustment need user to change password time, without the need to all decrypt data through encryption, also need not carry out re-encrypted with the key of new change, it is convenient also to bring to user while guaranteed efficiency.
The above is the preferred embodiment of the present invention; it should be pointed out that for those skilled in the art, under the premise without departing from the principles of the invention; can also make some improvements and modifications, these improvements and modifications are also considered as protection scope of the present invention.
Claims (9)
1. based on a secure storage method of data for distributed system architecture, it is characterized in that, comprise step:
S1, generation summary info; Adopt Message Digest 5 to carry out signature process to needing the data stored, thus generate summary info;
S2, enciphered data; Adopt the random key that key-function generates, the described data stored that need are encrypted, thus obtain corresponding ciphertext;
S3, hiding random key; Carry out hiding process to the described random key generated in step S2, thus obtain the random key information of described ciphertext;
S4, storage ciphertext; The described ciphertext obtained in step S2 is stored in distributed file system;
S5, storage relevant information; The described random key information obtained in the described summary info generated in step S1, step S3 is together stored in PostgreSQL database with filename.
2. as claimed in claim 1 based on the secure storage method of data of distributed system architecture, it is characterized in that, in described S1, utilize described each attribute of the data stored and the random filler of needing to generate described summary info; Wherein, described attribute comprises user password information.
3., as claimed in claim 2 based on the secure storage method of data of distributed system architecture, it is characterized in that, described step S3 specifically comprises step:
S31, employing Hash function process the described summary info generated in step S1, obtain encryption key;
S32, utilize described encryption key to be encrypted the described random key generated in step S2, thus obtain the random key information of described ciphertext.
4., as claimed in claim 1 based on the secure storage method of data of distributed system architecture, it is characterized in that, described step S3 specifically comprises step:
S31, take SHA cryptographic algorithm to carry out summary process, acquisition byte arrays to described each attribute of the data stored and the random filler of needing, and utilize user password information to be encrypted described byte arrays, thus obtain described summary info;
S32, employing Hash function process the described byte arrays generated in step S31, obtain a N bit encryption key;
S33, utilize the described random key generated in described N bit encryption double secret key step S2 to be encrypted, thus obtain the random key information of described ciphertext.
5. as claimed in claim 1 based on the secure storage method of data of distributed system architecture, it is characterized in that, in described PostgreSQL database, adopt the M table with three column units to store; Described three column units comprise row keyword key, time stamp T and row race Md respectively; Described row keyword key is used for storage file name; Md comprises hKey and mD two labels, preserves random key information and summary info respectively; Adopt hKey to be the data that full 0 represents without the need to encryption, and mD is for checking the integrality of data.
6., based on a data safe reading method for distributed system architecture, be applicable to the data reading storage means as claimed in claim 1 storage, it is characterized in that, comprise step:
S01, reading ciphertext; Ciphertext is read from distributed file system;
S02, reading relevant information; From PostgreSQL database, read relevant information, described relevant information comprises filename, summary info and random key information;
S03, acquisition random key; Hiding reverse process is carried out to the described random key information read, thus obtains random key;
S04, data decryption; The described random key utilizing step S03 to obtain is decrypted process to the ciphertext that step S01 reads, thus obtains corresponding data;
S05, checked for integrity; Take described Message Digest 5 to carry out signature process to the described data obtained in step S04, thus generate digital digest information; And the described summary info obtained in described digital digest information and step S01 is carried out the integrality that contrasts to judge described data.
7., as claimed in claim 6 based on the data safe reading method of distributed system architecture, it is characterized in that, between described step S02 and step S03, also comprise step:
Judge data type: the ciphertext that the random key information obtained by step S02 to read in determining step S01 is the need of deciphering: if described random key information is 0, then go to and perform step S05; If described random key information is not 0, then continue step S03.
8., as claimed in claim 6 based on the data safe reading method of distributed system architecture, it is characterized in that, described step S03 specifically comprises step:
S031, employing Hash function and user password information carry out inverse processing to the described summary info read in step S02, thus obtain encryption key;
S032, utilize described encryption key to be decrypted the described random key information read in step S02, thus obtain the random key of described ciphertext.
9., as claimed in claim 6 based on the data safe reading method of distributed system architecture, it is characterized in that, described step S03 specifically comprises step:
S031, take SHA cryptographic algorithm and user password information to carry out inverse processing to described summary info, obtain a byte arrays;
S032, employing Hash function process the described byte arrays generated in step S031, obtain a N bit encryption key;
S033, utilize the described random key information read in described N bit encryption double secret key step S02 to be decrypted, thus obtain the random key of described ciphertext.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410626012.5A CN104410493A (en) | 2014-11-07 | 2014-11-07 | Secure data storage method and secure data read method based on distributed system infrastructure |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410626012.5A CN104410493A (en) | 2014-11-07 | 2014-11-07 | Secure data storage method and secure data read method based on distributed system infrastructure |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104410493A true CN104410493A (en) | 2015-03-11 |
Family
ID=52648091
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410626012.5A Pending CN104410493A (en) | 2014-11-07 | 2014-11-07 | Secure data storage method and secure data read method based on distributed system infrastructure |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104410493A (en) |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107844714A (en) * | 2017-11-01 | 2018-03-27 | 深信服科技股份有限公司 | A kind of verification method and device, computer installation, readable storage medium storing program for executing |
| CN108052836A (en) * | 2017-12-11 | 2018-05-18 | 北京奇虎科技有限公司 | A kind of tamper resistant method of service packs, device and server |
| CN108881262A (en) * | 2018-07-02 | 2018-11-23 | 北京市天元网络技术股份有限公司 | Restoring files methods, devices and systems based on block chain |
| CN108900869A (en) * | 2018-05-04 | 2018-11-27 | 烽火通信科技股份有限公司 | A kind of communication group information encryption and decryption method and system |
| CN109688584A (en) * | 2018-12-27 | 2019-04-26 | 绍兴心越科技有限公司 | Date safety storing system and method suitable for energy-constrained network node |
| CN109862002A (en) * | 2019-01-24 | 2019-06-07 | 上海泰宇信息技术股份有限公司 | A kind of traceable Data Security and system |
| CN110622166A (en) * | 2016-05-19 | 2019-12-27 | 美新科技公司 | Practical encrypted IP management method and system |
| WO2021169767A1 (en) * | 2020-02-27 | 2021-09-02 | 华为技术有限公司 | Data processing method and apparatus, device and medium |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101340279A (en) * | 2008-07-09 | 2009-01-07 | 深圳市金蝶移动互联技术有限公司 | Method, system and apparatus for data ciphering and deciphering |
| CN101986663A (en) * | 2010-11-29 | 2011-03-16 | 北京卓微天成科技咨询有限公司 | OTP-based cloud storage data storing method, device and system |
| CN102163178A (en) * | 2010-02-24 | 2011-08-24 | 上海果壳电子有限公司 | Secure storage method of data |
| CN102546181A (en) * | 2012-01-09 | 2012-07-04 | 西安电子科技大学 | Cloud storage encrypting and deciphering method based on secret key pool |
-
2014
- 2014-11-07 CN CN201410626012.5A patent/CN104410493A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101340279A (en) * | 2008-07-09 | 2009-01-07 | 深圳市金蝶移动互联技术有限公司 | Method, system and apparatus for data ciphering and deciphering |
| CN102163178A (en) * | 2010-02-24 | 2011-08-24 | 上海果壳电子有限公司 | Secure storage method of data |
| CN101986663A (en) * | 2010-11-29 | 2011-03-16 | 北京卓微天成科技咨询有限公司 | OTP-based cloud storage data storing method, device and system |
| CN102546181A (en) * | 2012-01-09 | 2012-07-04 | 西安电子科技大学 | Cloud storage encrypting and deciphering method based on secret key pool |
Non-Patent Citations (1)
| Title |
|---|
| 张少敏: "基于Hadoop的智能电网数据安全存储设计", 《电力系统保护与控制》 * |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110622166A (en) * | 2016-05-19 | 2019-12-27 | 美新科技公司 | Practical encrypted IP management method and system |
| CN107844714A (en) * | 2017-11-01 | 2018-03-27 | 深信服科技股份有限公司 | A kind of verification method and device, computer installation, readable storage medium storing program for executing |
| CN108052836A (en) * | 2017-12-11 | 2018-05-18 | 北京奇虎科技有限公司 | A kind of tamper resistant method of service packs, device and server |
| CN108052836B (en) * | 2017-12-11 | 2021-06-04 | 北京奇虎科技有限公司 | Anti-tampering method and device for patch package and server |
| CN108900869A (en) * | 2018-05-04 | 2018-11-27 | 烽火通信科技股份有限公司 | A kind of communication group information encryption and decryption method and system |
| CN108900869B (en) * | 2018-05-04 | 2021-02-02 | 烽火通信科技股份有限公司 | Communication group information encryption and decryption method and system |
| CN108881262A (en) * | 2018-07-02 | 2018-11-23 | 北京市天元网络技术股份有限公司 | Restoring files methods, devices and systems based on block chain |
| CN109688584A (en) * | 2018-12-27 | 2019-04-26 | 绍兴心越科技有限公司 | Date safety storing system and method suitable for energy-constrained network node |
| CN109862002A (en) * | 2019-01-24 | 2019-06-07 | 上海泰宇信息技术股份有限公司 | A kind of traceable Data Security and system |
| CN109862002B (en) * | 2019-01-24 | 2021-06-11 | 上海泰宇信息技术股份有限公司 | Traceable data security fidelity method |
| WO2021169767A1 (en) * | 2020-02-27 | 2021-09-02 | 华为技术有限公司 | Data processing method and apparatus, device and medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104410493A (en) | Secure data storage method and secure data read method based on distributed system infrastructure | |
| CN102624522B (en) | A kind of key encryption method based on file attribute | |
| US20110145576A1 (en) | Secure method of data transmission and encryption and decryption system allowing such transmission | |
| CN110958219B (en) | SM2 proxy re-encryption method and device for medical cloud shared data | |
| CN103986583B (en) | A kind of dynamic encrypting method and its cryptographic communication system | |
| CN107070948A (en) | Signature and verification method based on hybrid encryption algorithm in cloud storage | |
| CN103067170B (en) | encrypting method based on EXT2 file system | |
| US11308241B2 (en) | Security data generation based upon software unreadable registers | |
| CN109543434B (en) | Block chain information encryption method, decryption method, storage method and device | |
| CN103684794A (en) | Communication data encryption and decryption method based on DES (Data Encryption Standard), RSA and SHA-1 (Secure Hash Algorithm) encryption algorithms | |
| CN103488915B (en) | The resource encryption decryption method of the double secret key encryption that a kind of software and hardware combines | |
| CN107086915A (en) | A kind of data transmission method, data sending terminal and data receiver | |
| CN105554031A (en) | Encryption method, encryption apparatus, decryption method, decryption apparatus and terminal | |
| CN103152362A (en) | Cloud-computing-based encrypted transmission method for large data files | |
| CN101826961A (en) | Method, device and system for data transmission encryption and decryption | |
| CN102752111A (en) | Method and system for preventing electronic signature from being tampered of work form system | |
| CN109614792A (en) | A kind of hierarchial file structure key management method | |
| CN104200154A (en) | Identity based installation package signing method and identity based installation package signing device | |
| CN100531027C (en) | Key transplanting method based on safety environment | |
| CN102811124B (en) | Based on the system Authentication method of two card trigram technology | |
| CN104954124A (en) | Encryption and decryption data processing method, device and system | |
| CN110233729A (en) | A kind of encryption solid-state disk key management method based on PUF | |
| CN114095161A (en) | Identity base pierceable encryption method supporting equality test | |
| CN101964039B (en) | Encryption protection method and system of copyright object | |
| TW201445902A (en) | Method for quantum communication |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20150311 |