CN104468937A - Data encryption and decryption methods and devices for mobile terminal and protection system - Google Patents
Data encryption and decryption methods and devices for mobile terminal and protection system Download PDFInfo
- Publication number
- CN104468937A CN104468937A CN201310416737.7A CN201310416737A CN104468937A CN 104468937 A CN104468937 A CN 104468937A CN 201310416737 A CN201310416737 A CN 201310416737A CN 104468937 A CN104468937 A CN 104468937A
- Authority
- CN
- China
- Prior art keywords
- mobile terminal
- data
- fingerprint recognition
- recognition code
- encrypted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
- H04L9/3231—Biological data, e.g. fingerprint, voice or retina
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0861—Network architectures or network communication protocols for network security for authentication of entities using biometrical features, e.g. fingerprint, retina-scan
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/03—Protecting confidentiality, e.g. by encryption
- H04W12/033—Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/80—Wireless
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
Abstract
The invention discloses data encryption and decryption methods and devices for a mobile terminal and a protection system. The data encryption method of the mobile terminal comprises the following steps: acquiring the fingerprint identification code of a user and the identity of the mobile terminal, wherein the fingerprint identification code is generated according to the fingerprint features of the user; and encrypting data in a storage of the mobile terminal according to the fingerprint identification code and the identity. Through adoption of the data encryption and decryption methods and devices for the mobile terminal and the protection system, the problem of loss or cracking of a password when data in the mobile terminal is protected by using the password in the prior art is solved, and the protection effect on the data stored in the mobile terminal is enhanced.
Description
Technical field
The present invention relates to the communications field, in particular to the data protection system of the data encryption device of a kind of data ciphering method of mobile terminal, mobile terminal, the data decryption method of mobile terminal, the data decryption apparatus of mobile terminal and mobile terminal.
Background technology
Along with G mobile communication, such as: Wideband Code Division Multiple Access (WCDMA) access (Wideband Code Division MultipleAccess, referred to as WCDMA), Time division multiple access (Time Division-Synchronous Code DivisionMultiple Access, TD-SCDMA), code division multiple access access 2000(Code Division Multiple Access2000, referred to as CDMA2000), with forth generation mobile communication technology Long Term Evolution (Long Term Evolution, referred to as LTE) the deep development of system, and smart mobile phone is universal rapidly, the storage information of mobile communication terminal constantly increases, storage capacity constantly strengthens, even the storage capacity of mobile phone all can as an attraction.
In this case current, often store a large amount of user profile in mobile communication terminal, some information may be secret to user and very important, once be read by other people, may cause significant impact to user.
But mobile communication terminal (as mobile phone) is occurred often by the situation that other people use, the situation that the storage card in mobile phone or mobile phone is lost even also can occur, and these all can cause the information of user and the leakage of private data.
For the important private information of protection individual subscriber, then at least should meet two requirements below:
1) vital document and information are not illegally read and are operated;
2) even if mobile terminal or storage card are lost, user does not worry that important information is illegally read yet.
If mobile communication terminal possesses 2 functions above, user just can store important private information relievedly in the terminal, does not worry leakage of personal information.But; in the method for existing protection mobile communication terminal; although the method utilizing password to be encrypted protection for data file can play certain protective effect, still there is the problem that password is easily lost or is cracked, still there is larger potential safety hazard.
For the problem that the password existed during the data used in correlation technique in password protection mobile terminal is easily lost or is cracked, at present effective solution is not yet proposed.
Summary of the invention
The invention provides a kind of data Encrypt and Decrypt method of mobile terminal, device and protection system, at least to solve the problem.
According to an aspect of the present invention, provide a kind of data ciphering method of mobile terminal, comprising: obtain the fingerprint recognition code of user and the identify label of mobile terminal, wherein, described fingerprint recognition code generates according to the fingerprint characteristic of described user; According to described fingerprint recognition code and described identify label, the data in the memory of described mobile terminal are encrypted.
Preferably, described identify label comprise following one of at least: international member identification code (International Mobile SubscriberIdentification Number, referred to as IMSI), international mobile equipment identification number (International Mobile EquipmentIdentity, referred to as IMEI).
Preferably, before the data in the memory to described mobile terminal are encrypted, described method also comprises: verify that whether described fingerprint recognition code is consistent with the fingerprint recognition code preserved in advance in described mobile terminal; Wherein, when the result is consistent, the data in the memory of described mobile terminal are encrypted.
Preferably, the data in the memory of described mobile terminal are encrypted comprise: select the data needing in described memory to be encrypted; According to described fingerprint recognition code and described identify label, generate encryption key; According to described encryption key, be encrypted the data that the needs selected are encrypted, wherein, the mode of described encryption comprises: symmetry encryption algorithm for encryption.
According to another aspect of the present invention, additionally provide a kind of data decryption method of mobile terminal, comprising: obtain the fingerprint recognition code of user and the identify label of mobile terminal, wherein, described fingerprint recognition code generates according to the fingerprint characteristic of described user; According to described fingerprint recognition code and described identify label, to the decrypt data in the memory of described mobile terminal.
Preferably, before the decrypt data of encrypting in described memory, described method also comprises: verify that whether described fingerprint recognition code is consistent with the fingerprint recognition code preserved in advance in described mobile terminal; Wherein, when the result is consistent, to the decrypt data of encrypting in described memory.
According to another aspect of the present invention, additionally provide a kind of data encryption device of mobile terminal, comprising: acquisition module, for the identify label of the fingerprint recognition code and mobile terminal that obtain user, wherein, described fingerprint recognition code generates according to the fingerprint characteristic of described user; Encrypting module, for according to described fingerprint recognition code and described identify label, is encrypted the data in the memory of described mobile terminal.
Preferably, described device also comprises: authentication module, for verifying that whether described fingerprint recognition code is consistent with the fingerprint recognition code preserved in advance in described mobile terminal; Wherein, when the result is consistent, by described encrypting module, the data in the memory of described mobile terminal are encrypted.
Preferably, described encrypting module comprises: selected cell, for selecting the data needing in described memory to be encrypted; Generation unit, for according to described fingerprint recognition code and described identify label, generates encryption key; Ciphering unit, for according to described encryption key, be encrypted the data that the needs selected are encrypted, wherein, the mode of described encryption comprises: symmetry encryption algorithm for encryption.
According to another aspect of the present invention, additionally provide a kind of data decryption apparatus of mobile terminal, comprising: acquisition module, for the identify label of the fingerprint recognition code and mobile terminal that obtain user, wherein, described fingerprint recognition code generates according to the fingerprint characteristic of described user; Deciphering module, for according to described fingerprint recognition code and described identify label, to the decrypt data in the memory of described mobile terminal.
Preferably, described device also comprises: authentication module, for verifying that whether described fingerprint recognition code is consistent with the fingerprint recognition code preserved in advance in described mobile terminal; Wherein, when the result is consistent, by described deciphering module to the decrypt data of encrypting in described memory.
According to another aspect of the present invention, additionally provide a kind of data protection system of mobile terminal, comprising: the data encryption device of above-mentioned mobile terminal and the data decryption apparatus of above-mentioned mobile terminal.
By the present invention, adopt and obtain the fingerprint recognition code of user and the identify label of mobile terminal, wherein, this fingerprint recognition code generates according to the fingerprint characteristic of user; According to this fingerprint recognition code and this identify label; to the mode that the data in the memory of mobile terminal are encrypted; solve in correlation technique the problem that the password that exists when using the data in password protection mobile terminal is easily lost or is cracked, improve the protected effect to the data stored in mobile terminal.
Accompanying drawing explanation
Accompanying drawing described herein is used to provide a further understanding of the present invention, and form a application's part, schematic description and description of the present invention, for explaining the present invention, does not form inappropriate limitation of the present invention.In the accompanying drawings:
Fig. 1 is the schematic flow sheet of the data ciphering method of mobile terminal according to the embodiment of the present invention;
Fig. 2 is the schematic flow sheet of the data decryption method of mobile terminal according to the embodiment of the present invention;
Fig. 3 is the structural representation of the data encryption device of mobile terminal according to the embodiment of the present invention;
Fig. 4 is the preferred structure schematic diagram one of the data encryption device of mobile terminal according to the embodiment of the present invention;
Fig. 5 is the preferred structure schematic diagram two of the data encryption device of mobile terminal according to the embodiment of the present invention;
Fig. 6 is the structural representation of the data decryption apparatus of mobile terminal according to the embodiment of the present invention;
Fig. 7 is the preferred structure schematic diagram of the data decryption apparatus of mobile terminal according to the embodiment of the present invention;
Fig. 8 is the structural representation of the data protection system of mobile terminal according to the embodiment of the present invention;
Fig. 9 is the structural representation of mobile terminal according to the preferred embodiment of the invention;
Figure 10 is the schematic flow sheet of the method utilizing fingerprint recognition protected data safety according to the preferred embodiment of the invention;
Figure 11 is the schematic flow sheet utilizing fingerprint recognition to open protected data message file according to the preferred embodiment of the invention.
Embodiment
It should be noted that, when not conflicting, the embodiment in the application and the feature in embodiment can combine mutually.Below with reference to the accompanying drawings and describe the present invention in detail in conjunction with the embodiments.
Can perform in the computer system of such as one group of computer executable instructions in the step shown in the flow chart of accompanying drawing, and, although show logical order in flow charts, in some cases, can be different from the step shown or described by order execution herein.
Present embodiments provide a kind of data ciphering method of mobile terminal, Fig. 1 is the schematic flow sheet of the data ciphering method of mobile terminal according to the embodiment of the present invention, and as shown in Figure 1, this flow process comprises the steps:
Step S102, obtain the fingerprint recognition code of user and the identify label of mobile terminal, wherein, fingerprint recognition code generates according to the fingerprint characteristic of user;
Step S104, according to fingerprint recognition code and identify label, is encrypted the data in the memory of mobile terminal.
For the mode of encrypting relative to adopting user password in correlation technique, adopt the mode that the identify label of the fingerprint recognition code shown in above-mentioned steps and mobile terminal is encrypted the data stored in mobile terminal, owing to not needing user to remember user password, the loss of password therefore can not be caused; Meanwhile, because fingerprint recognition code generates according to the fingerprint characteristic of user, there is uniqueness and not reproducible, then in conjunction with the identify label of mobile terminal, data are encrypted, thus avoid data and cracked easily.Visible, by above-mentioned steps, solve in correlation technique the problem that the password that exists when using the data in password protection mobile terminal is easily lost or is cracked, improve the protected effect to the data stored in mobile terminal.
Preferably, above-mentioned identify label comprise following one of at least: IMSI, IMEI.Certainly, identify label is not limited to above-mentioned two kinds, can also be other the mark that can be used in unique identification mobile terminal.
In above-mentioned steps, user can according to the identify label encrypted stored data file of the fingerprint characteristic of oneself and current mobile terminal, may be used for using together with identify label although do not limit on same mobile terminal, and the number to the fingerprint recognition code that the data stored are encrypted, but, for the mobile terminal of a user, this user possible the data of undesirably other people storage encryption on the mobile terminal of oneself.Therefore, preferably, can before data be encrypted, whether first checking provides the user identity of fingerprint characteristic legal, such as: whether checking fingerprint recognition code is consistent with the fingerprint recognition code preserved in advance in mobile terminal; Wherein, when the result is consistent, the data in the memory of mobile terminal are encrypted, if the result is inconsistent, can not any operation be carried out, or not carry out data encryption operation.Wherein, the fingerprint recognition code preserved in advance can arrange change according to user, and its number can be one, also can be multiple.
Preferably, in order to improve the encipherment protection effect to data further, symmetry encryption algorithm can be adopted to be encrypted data, such as: in selection memory, need the data be encrypted; According to fingerprint recognition code and identify label, generate encryption key; According to encryption key, be encrypted the data that the needs selected are encrypted, wherein, the mode generating encryption key comprises binary One-way encryption algorithm; The mode that data are encrypted is comprised: symmetry encryption algorithm for encryption.It should be noted that, in above-mentioned optimal way, propose a kind of method that the data needing in selection memory to be encrypted are encrypted, in implementation process, can also arrange flexibly, such as: do not carry out selecting and total data being encrypted; Some subregions in memory or the data in file are encrypted.Symmetry encryption algorithm wherein comprises DES, 3DES cryptographic algorithm etc., and symmetry encryption is exactly that encryption and decryption use same key, and this encryption technology is widely used now.
The present embodiment additionally provides a kind of data decryption method of mobile terminal, the decrypt data that the data decryption method of this mobile terminal can be encrypted the data ciphering method of above-mentioned mobile terminal, therefore, when not conflicting, this decryption method also can carry out associativity, the description of correspondence and explanation in conjunction with above-mentioned encryption method.Fig. 2 is the schematic flow sheet of the data decryption method of mobile terminal according to the embodiment of the present invention, and as shown in Figure 2, this flow process comprises the steps:
Step S202, obtain the fingerprint recognition code of user and the identify label of mobile terminal, wherein, fingerprint recognition code generates according to the fingerprint characteristic of user;
Step S204, according to fingerprint recognition code and identify label, to the decrypt data in the memory of mobile terminal.
For the mode of deciphering relative to adopting user password in correlation technique, adopt the identify label of the fingerprint recognition code shown in above-mentioned steps and mobile terminal to the mode of the decrypt data stored in mobile terminal, owing to not needing user to remember user password, the loss of password therefore can not be caused; Meanwhile, because fingerprint recognition code generates according to the fingerprint characteristic of user, there is uniqueness and not reproducible, then in conjunction with the identify label of mobile terminal to decrypt data, thus avoid data and cracked easily by disabled user.Visible, by above-mentioned steps, solve in correlation technique the problem that the password that exists when using the data in password protection mobile terminal is easily lost or is cracked, improve the protected effect to the data stored in mobile terminal.
Preferably, above-mentioned identify label comprise following one of at least: IMSI, IMEI.Certainly, identify label is not limited to above-mentioned two kinds, can also be other the mark that can be used in unique identification mobile terminal.
Preferably, before step S204, the method also comprises: whether checking fingerprint recognition code is consistent with the fingerprint recognition code preserved in advance in mobile terminal; Wherein, when the result is consistent, to the decrypt data of encrypting in memory.
The present embodiment additionally provides a kind of data encryption device of mobile terminal, this device is for realizing the data ciphering method of above-mentioned mobile terminal, the concrete implementation procedure of the device described in device embodiment carried out detailed description in embodiment of the method, did not repeat them here.
Fig. 3 is the structural representation of the data encryption device of mobile terminal according to the embodiment of the present invention, as shown in Figure 3, this device comprises: acquisition module 32 and encrypting module 34, wherein, acquisition module 32, for the identify label of the fingerprint recognition code and mobile terminal that obtain user, wherein, fingerprint recognition code generates according to the fingerprint characteristic of user; Encrypting module 34 is coupled to acquisition module 32, for according to fingerprint recognition code and identify label, is encrypted the data in the memory of mobile terminal.
Module involved in embodiments of the invention, unit can be realized by the mode of software, also can be realized by the mode of hardware.Described module in the present embodiment, unit also can be arranged within a processor, such as, can be described as: a kind of processor comprises acquisition module 32 and encrypting module 34.Wherein, the title of these modules does not form the restriction to this module itself under certain conditions, and such as, acquisition module can also be described to " module for the identify label of the fingerprint recognition code and mobile terminal that obtain user ".
Preferably, identify label comprise following one of at least: IMSI, IMEI.
Fig. 4 is the preferred structure schematic diagram one of the data encryption device of mobile terminal according to the embodiment of the present invention, as shown in Figure 4, preferably, this device also comprises: authentication module 42 is coupled to encrypting module 34, for verifying that whether fingerprint recognition code is consistent with the fingerprint recognition code preserved in advance in mobile terminal; Wherein, when the result is consistent, be encrypted by the data in the memory of encrypting module 34 pairs of mobile terminals.
Fig. 5 is the preferred structure schematic diagram two of the data encryption device of mobile terminal according to the embodiment of the present invention, and as shown in Figure 5, preferably, encrypting module 34 comprises: selected cell 342, for needing the data be encrypted in selection memory; Generation unit 344, for according to fingerprint recognition code and identify label, generates encryption key; Ciphering unit 346 is coupled to selected cell 342 and generation unit 344, and for according to encryption key, be encrypted the data that the needs selected are encrypted, wherein, the mode of encryption comprises: symmetry encryption algorithm for encryption.
The embodiment of the present invention additionally provides a kind of data decryption apparatus of mobile terminal, this device is for realizing the data decryption method of above-mentioned mobile terminal, the concrete implementation procedure of the device described in device embodiment carried out detailed description in embodiment of the method, did not repeat them here.
Fig. 6 is the structural representation of the data decryption apparatus of mobile terminal according to the embodiment of the present invention, as shown in Figure 6, this device comprises: acquisition module 62 and deciphering module 64, wherein, acquisition module 62, for the identify label of the fingerprint recognition code and mobile terminal that obtain user, wherein, fingerprint recognition code generates according to the fingerprint characteristic of user; Deciphering module 64 is coupled to acquisition module 62, for according to fingerprint recognition code and identify label, to the decrypt data in the memory of mobile terminal.
Module involved in embodiments of the invention, unit can be realized by the mode of software, also can be realized by the mode of hardware.Described module in the present embodiment, unit also can be arranged within a processor, such as, can be described as: a kind of processor comprises acquisition module 62 and deciphering module 64.Wherein, the title of these modules does not form the restriction to this module itself under certain conditions, and such as, acquisition module can also be described to " module for the identify label of the fingerprint recognition code and mobile terminal that obtain user ".
Preferably, above-mentioned identify label comprise following one of at least: IMSI, IMEI.Certainly, identify label is not limited to above-mentioned two kinds, can also be other the mark that can be used in unique identification mobile terminal.
Fig. 7 is the preferred structure schematic diagram of the data decryption apparatus of mobile terminal according to the embodiment of the present invention, as shown in Figure 7, preferably, this device also comprises: authentication module 72 is coupled to deciphering module 64, for verifying that whether fingerprint recognition code is consistent with the fingerprint recognition code preserved in advance in mobile terminal; Wherein, when the result is consistent, by the decrypt data of encrypting in deciphering module 64 pairs of memories.
The present embodiment additionally provides a kind of data protection system of mobile terminal; Fig. 8 is the structural representation of the data protection system of mobile terminal according to the embodiment of the present invention; as shown in Figure 8, this system comprises the data encryption device 30 of above-mentioned mobile terminal and the data decryption apparatus 60 of mobile terminal.Wherein, acquisition module 32 and acquisition module 62 can be identical modules.
Be described below in conjunction with preferred embodiment and illustrate.
This preferred embodiment relates to mobile terminal data security fields, provides a kind of mobile terminal and the method that utilize fingerprint recognition protected data safety, the important information of intelligent mobile terminal user can be made to be protected.
Consider in current intelligent mobile terminal and be integrated with increasing transducer, as fingerprint Identification sensor also likely can become a standard configuration of intelligent mobile terminal in the future.Fingerprint identification technology is adopted to carry out safeguard protection for the data file in mobile terminal in the preferred embodiment.
The technical scheme of this preferred embodiment is achieved in that
This preferred embodiment provides a kind of mobile terminal utilizing fingerprint identification technology protected data safety, and this mobile terminal comprises fingerprint sensor, fingerprint identification module; key production module, encrypting module, finger print information authentication module; deciphering module, and the CPU of mobile terminal.
Below the function of each module or unit is described:
Fingerprint sensor, for scanning the finger print information of user;
Fingerprint identification module, for extracting the fingerprint characteristic of user, exports as unique fingerprint recognition mark (Identifier, referred to as ID) (being equivalent to above-mentioned fingerprint recognition code) by the finger print information of user;
Key production module, for using the input of the parameter of user fingerprints identification id and terminal equipment as binary input one-way algorithm A, then exports key K c;
Encrypting module, is encrypted user profile file for utilizing key K c;
Finger print information authentication module, in decrypting process, whether the scanning fingerprint of authentication of users is consistent with finger print information during encryption;
Deciphering module, is decrypted the message file after user encryption for utilizing key K c;
Mobile terminal CPU, for process and the control of whole encryption and decryption flow process and link.
Wherein, the binary input one-way algorithm A in key production module is the algorithm that one has unidirectional (or trap door) function, and that is calculate output from input and be easy to, counter pushing away is impossible.A8 cryptographic algorithm in such as global mobile communication (Global system forMobile Communication, referred to as GSM) system.And the terminal equipment parameter mentioned in this module, can refer to the IMEI number of equipment or the IMSI number of subscriber identification module, one of them can be selected to coordinate fingerprint recognition ID to carry out generation key as the input of binary input one-way algorithm A according to actual conditions.
This preferred embodiment additionally provides a kind of method utilizing fingerprint identification technology protected data safety, comprising:
Step S1, scanning input fingerprint, is converted to finger print information ID by user fingerprints information, utilizes this finger print information ID to generate key, is then encrypted operation to important data message file.
Step S2, when being decrypted operation, needing scanning input fingerprint equally and generates finger print information ID, then utilizes this finger print information ID to generate the key the same with ciphering process, utilizes this key to be decrypted data message file.
Preferably, scanning fingerprint has been come by fingerprint sensor, then by fingerprint identification module, the finger print information that fingerprint sensor obtains is converted into unique finger print information ID;
Preferably, the algorithm generating key adopts binary input one-way algorithm A to come, and binary input one-way algorithm A is the algorithm that one has unidirectional (or trap door) function, and that is calculate output from input and be easy to, counter pushing away is impossible.A8 cryptographic algorithm in such as gsm mobile communication system.The input one of binary input one-way algorithm A is fingerprint recognition ID, input two adopts the IMEI number of terminal equipment or the IMSI number of subscriber identification module, one of them can be selected to coordinate fingerprint recognition ID to carry out generation key as the input of binary input one-way algorithm A according to actual conditions.
Preferably, can also comprise the operation after data message file encryption: whether inquiry user deletes the clear data message file before encryption, is then for further processing according to the selection of user.If data file is encrypted, the cryptograph files of an alternative document form can be generated.
Preferably, when user attempts opening cryptograph files, trigger decryption oprerations, need scanning user fingerprints in decrypting process equally and generate fingerprint recognition ID, and coordinate IMEI number or IMSI number to generate the decruption key the same with ciphering process by binary input one-way algorithm A, then checking judges whether consistent with encryption key;
Preferably, in decrypting process, if decruption key and encryption key inconsistent, then point out user illegal;
Preferably, in decrypting process, if decruption key is consistent with encryption key, then point out user directly to open encrypt file, the file still saved as after deciphering is opened again, and the selection according to user operates.
Below in conjunction with accompanying drawing, technical scheme of the present invention is set forth.
Fig. 9 is the structural representation of mobile terminal according to the preferred embodiment of the invention; as shown in Figure 9; the mobile terminal of fingerprint recognition protected data safety is utilized to comprise: fingerprint sensor; fingerprint identification module, key production module, encrypting module; finger print information authentication module; deciphering module, and the CPU of mobile terminal, its annexation has carried out exemplary signal in the drawings.
Figure 10 is the schematic flow sheet of the method utilizing fingerprint recognition protected data safety according to the preferred embodiment of the invention, and as shown in Figure 10, the method comprises the steps:
Step S1001: select data message file to be encrypted.This refers in user's optional m igration terminal the data message file thinking important, then can carry out data protection operations by mobile terminal related menu;
Step S1002: scanning input fingerprint.When user selects to carry out data protection operations to a certain important data message file, mobile terminal can point out user to carry out scanning fingerprint information, and user carries out scanning fingerprint on fingerprint sensor according to prompting;
Step S1003: generate fingerprint recognition ID.After scanning input fingerprint, the fingerprint identification module of mobile terminal takes the fingerprint information generate fingerprint recognition ID;
Step S1004: generate encryption key.Using the input of the parameter of user fingerprints identification id and terminal equipment as binary input one-way algorithm A, then export key K c;
Step S1005: ciphered data information file.Encryption key is utilized to be encrypted the significant data message file that user selects;
Step S1006: whether prompting deletes the file before encryption.After encryption completes, provide user's prompting the need of the file process of deleting before encryption, select to operate according to user.
Figure 11 is the schematic flow sheet utilizing fingerprint recognition to open protected data message file according to the preferred embodiment of the invention, and as shown in figure 11, this flow process comprises the steps:
Step S1101: open protected data message file.This refers to that user attempts opening the data message file through fingerprint recognition protection;
Step S1102: scanning input fingerprint.When user attempts opening protected data message file, now mobile terminal can eject prompting and allow scanning input fingerprint, and user carries out scanning fingerprint on fingerprint sensor according to prompting;
Step S1103: generate fingerprint recognition ID.After scanning input fingerprint, the fingerprint identification module of mobile terminal takes the fingerprint information generate fingerprint recognition ID;
Step S1104: generating solution decryption key.Using the input of the parameter of user fingerprints identification id and terminal equipment as binary input one-way algorithm A, then export key K c;
Step S1105: checking decruption key.By finger print information authentication module, whether the scanning fingerprint of authentication of users is consistent with finger print information during encryption, if inconsistent, then provide prompting user illegal, cannot consult shielded file;
Step S1106: data decryption message file.In step S1105, if the finger print information of finger print information authentication module authentication of users is correct, then the decruption key in step S1104 is utilized to be decrypted shielded file;
Step S1107: open protected data message file.In step S1106, after deciphering completes, can provide user's prompting, this prompting can have 2 options, and option one directly opens protected data message file, and option two opens after saving as unencrypted file again.
In the method provided in above preferred embodiment and mobile terminal, fingerprint sensor is utilized to gather fingerprint, then utilize binary to input one-way algorithm A in conjunction with the IMEI number in mobile terminal or IMSI number to generate key, be encrypted the important information data of user; Generate the cryptograph files of an alternative document form after encryption, when opening encrypted file, still need to scan user fingerprints, with generating solution decryption key, point out user directly to open encrypt file, the file still saved as after deciphering is opened again, and the selection according to user operates simultaneously.By above preferred embodiment, the object of the important private information data of protection user can be reached.And; finger print information possesses uniqueness; password can be avoided to lose or the problem such as to be cracked; mobile terminal relievedly can be shared to other people and use by user; even if or mobile terminal, storage card are lost accidentally; the important information of user also by illicit distributions and can not be passed round, thus improves the protected effect to data.
Obviously, those skilled in the art should be understood that, above-mentioned of the present invention each module or each step can realize with general calculation element, they can concentrate on single calculation element, or be distributed on network that multiple calculation element forms, alternatively, they can realize with the executable program code of calculation element, thus, they can be stored and be performed by calculation element in the storage device, or they are made into each integrated circuit modules respectively, or the multiple module in them or step are made into single integrated circuit module to realize.Like this, the present invention is not restricted to any specific hardware and software combination.
More than above are only the preferred embodiments of the present invention, be not limited to the present invention, for a person skilled in the art, the present invention can have various modifications and variations.Within the spirit and principles in the present invention all, any amendment done, equivalent replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (12)
1. a data ciphering method for mobile terminal, is characterized in that comprising:
Obtain the fingerprint recognition code of user and the identify label of mobile terminal, wherein, described fingerprint recognition code generates according to the fingerprint characteristic of described user;
According to described fingerprint recognition code and described identify label, the data in the memory of described mobile terminal are encrypted.
2. method according to claim 1, is characterized in that, described identify label comprise following one of at least: international mobile subscriber identity IMSI, IMEI IMEI.
3. method according to claim 1, is characterized in that, before the data in the memory to described mobile terminal are encrypted, described method also comprises:
Verify that whether described fingerprint recognition code is consistent with the fingerprint recognition code preserved in advance in described mobile terminal;
Wherein, when the result is consistent, the data in the memory of described mobile terminal are encrypted.
4. method according to claim 1, is characterized in that, is encrypted comprises the data in the memory of described mobile terminal:
Select the data needing in described memory to be encrypted;
According to described fingerprint recognition code and described identify label, generate encryption key;
According to described encryption key, be encrypted the data that the needs selected are encrypted, wherein, the mode of described encryption comprises: symmetry encryption algorithm for encryption.
5. a data decryption method for mobile terminal, is characterized in that comprising:
Obtain the fingerprint recognition code of user and the identify label of mobile terminal, wherein, described fingerprint recognition code generates according to the fingerprint characteristic of described user;
According to described fingerprint recognition code and described identify label, to the decrypt data in the memory of described mobile terminal.
6. method according to claim 5, is characterized in that, before the decrypt data of encrypting in described memory, described method also comprises:
Verify that whether described fingerprint recognition code is consistent with the fingerprint recognition code preserved in advance in described mobile terminal;
Wherein, when the result is consistent, to the decrypt data of encrypting in described memory.
7. a data encryption device for mobile terminal, is characterized in that comprising:
Acquisition module, for the identify label of the fingerprint recognition code and mobile terminal that obtain user, wherein, described fingerprint recognition code generates according to the fingerprint characteristic of described user;
Encrypting module, for according to described fingerprint recognition code and described identify label, is encrypted the data in the memory of described mobile terminal.
8. device according to claim 7, is characterized in that, described device also comprises:
Authentication module, for verifying that whether described fingerprint recognition code is consistent with the fingerprint recognition code preserved in advance in described mobile terminal;
Wherein, when the result is consistent, by described encrypting module, the data in the memory of described mobile terminal are encrypted.
9. device according to claim 7, is characterized in that, described encrypting module comprises:
Selected cell, for selecting the data needing in described memory to be encrypted;
Generation unit, for according to described fingerprint recognition code and described identify label, generates encryption key;
Ciphering unit, for according to described encryption key, be encrypted the data that the needs selected are encrypted, wherein, the mode of described encryption comprises: symmetry encryption algorithm for encryption.
10. a data decryption apparatus for mobile terminal, is characterized in that comprising:
Acquisition module, for the identify label of the fingerprint recognition code and mobile terminal that obtain user, wherein, described fingerprint recognition code generates according to the fingerprint characteristic of described user;
Deciphering module, for according to described fingerprint recognition code and described identify label, to the decrypt data in the memory of described mobile terminal.
11. devices according to claim 10, is characterized in that, described device also comprises:
Authentication module, for verifying that whether described fingerprint recognition code is consistent with the fingerprint recognition code preserved in advance in described mobile terminal;
Wherein, when the result is consistent, by described deciphering module to the decrypt data of encrypting in described memory.
The data protection system of 12. 1 kinds of mobile terminals, is characterized in that comprising: the data decryption apparatus of the data encryption device of the mobile terminal according to any one of claim 7 to 9 and the mobile terminal as described in claim 10 or 11.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310416737.7A CN104468937A (en) | 2013-09-12 | 2013-09-12 | Data encryption and decryption methods and devices for mobile terminal and protection system |
| PCT/CN2013/085963 WO2014169610A1 (en) | 2013-09-12 | 2013-10-25 | Data encryption and decryption method and device, and protection system of mobile terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310416737.7A CN104468937A (en) | 2013-09-12 | 2013-09-12 | Data encryption and decryption methods and devices for mobile terminal and protection system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104468937A true CN104468937A (en) | 2015-03-25 |
Family
ID=51730745
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310416737.7A Pending CN104468937A (en) | 2013-09-12 | 2013-09-12 | Data encryption and decryption methods and devices for mobile terminal and protection system |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN104468937A (en) |
| WO (1) | WO2014169610A1 (en) |
Cited By (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104834868A (en) * | 2015-04-28 | 2015-08-12 | 一铂有限公司 | Electronic data protection method, device and terminal equipment |
| CN104834863A (en) * | 2015-03-31 | 2015-08-12 | 努比亚技术有限公司 | Wi-Fi password storage method and apparatus |
| CN104992120A (en) * | 2015-06-18 | 2015-10-21 | 广东欧珀移动通信有限公司 | Picture encryption method and mobile terminal |
| CN105005731A (en) * | 2015-06-30 | 2015-10-28 | 广东欧珀移动通信有限公司 | Data encryption and decryption methods and mobile terminal |
| CN105141584A (en) * | 2015-07-29 | 2015-12-09 | 宇龙计算机通信科技(深圳)有限公司 | Smart home system equipment authentication methods, and devices |
| CN105610770A (en) * | 2015-07-27 | 2016-05-25 | 宇龙计算机通信科技(深圳)有限公司 | Access method, access device, terminal, encryption method, encryption device and terminal |
| CN105653971A (en) * | 2015-07-24 | 2016-06-08 | 哈尔滨安天科技股份有限公司 | File protection method and apparatus based on interlayer |
| CN106257884A (en) * | 2016-07-20 | 2016-12-28 | 陶德龙 | Information security transmission method and device |
| CN106295368A (en) * | 2016-08-17 | 2017-01-04 | 四川长虹通信科技有限公司 | The data security protection method of a kind of mobile terminal and system |
| CN106921489A (en) * | 2015-12-25 | 2017-07-04 | 中国移动通信集团公司 | A kind of data ciphering method and device |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105989121A (en) * | 2015-02-12 | 2016-10-05 | 广东欧珀移动通信有限公司 | Downloading method and device of favorites data |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO1999026372A1 (en) * | 1997-11-14 | 1999-05-27 | Digital Persona, Inc. | Cryptographic key generation using biometric data |
| CN103152157A (en) * | 2013-02-04 | 2013-06-12 | 快车科技有限公司 | Secure encrypted method and relevant device |
| CN103186761A (en) * | 2011-12-28 | 2013-07-03 | 宇龙计算机通信科技(深圳)有限公司 | Fingerprint encryption method of private file and communication terminal |
| CN103236930A (en) * | 2013-04-27 | 2013-08-07 | 深圳市中兴移动通信有限公司 | Data encryption method and system |
-
2013
- 2013-09-12 CN CN201310416737.7A patent/CN104468937A/en active Pending
- 2013-10-25 WO PCT/CN2013/085963 patent/WO2014169610A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO1999026372A1 (en) * | 1997-11-14 | 1999-05-27 | Digital Persona, Inc. | Cryptographic key generation using biometric data |
| CN103186761A (en) * | 2011-12-28 | 2013-07-03 | 宇龙计算机通信科技(深圳)有限公司 | Fingerprint encryption method of private file and communication terminal |
| CN103152157A (en) * | 2013-02-04 | 2013-06-12 | 快车科技有限公司 | Secure encrypted method and relevant device |
| CN103236930A (en) * | 2013-04-27 | 2013-08-07 | 深圳市中兴移动通信有限公司 | Data encryption method and system |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104834863A (en) * | 2015-03-31 | 2015-08-12 | 努比亚技术有限公司 | Wi-Fi password storage method and apparatus |
| CN104834868A (en) * | 2015-04-28 | 2015-08-12 | 一铂有限公司 | Electronic data protection method, device and terminal equipment |
| EP3291124A4 (en) * | 2015-04-28 | 2018-05-16 | NiiP Limited | Electronic data protection method and device, and terminal device |
| WO2016173264A1 (en) * | 2015-04-28 | 2016-11-03 | 一铂有限公司 | Electronic data protection method and device, and terminal device |
| CN104992120A (en) * | 2015-06-18 | 2015-10-21 | 广东欧珀移动通信有限公司 | Picture encryption method and mobile terminal |
| CN105005731A (en) * | 2015-06-30 | 2015-10-28 | 广东欧珀移动通信有限公司 | Data encryption and decryption methods and mobile terminal |
| CN105653971A (en) * | 2015-07-24 | 2016-06-08 | 哈尔滨安天科技股份有限公司 | File protection method and apparatus based on interlayer |
| CN105610770A (en) * | 2015-07-27 | 2016-05-25 | 宇龙计算机通信科技(深圳)有限公司 | Access method, access device, terminal, encryption method, encryption device and terminal |
| CN105141584A (en) * | 2015-07-29 | 2015-12-09 | 宇龙计算机通信科技(深圳)有限公司 | Smart home system equipment authentication methods, and devices |
| CN105141584B (en) * | 2015-07-29 | 2019-01-11 | 宇龙计算机通信科技(深圳)有限公司 | A kind of equipment authentication method and device of smart home system |
| CN106921489A (en) * | 2015-12-25 | 2017-07-04 | 中国移动通信集团公司 | A kind of data ciphering method and device |
| CN106257884A (en) * | 2016-07-20 | 2016-12-28 | 陶德龙 | Information security transmission method and device |
| CN106295368A (en) * | 2016-08-17 | 2017-01-04 | 四川长虹通信科技有限公司 | The data security protection method of a kind of mobile terminal and system |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2014169610A1 (en) | 2014-10-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104468937A (en) | Data encryption and decryption methods and devices for mobile terminal and protection system | |
| CN105760764B (en) | Encryption and decryption method and device for embedded storage device file and terminal | |
| CN106452770B (en) | Data encryption method, data decryption method, device and system | |
| CN105812332A (en) | Data protection method | |
| CN102761870B (en) | Terminal authentication and service authentication method, system and terminal | |
| CN101674575B (en) | Method for protecting security of mobile communication terminal data and device thereof | |
| CN102867157B (en) | Mobile terminal and data guard method | |
| CN105450395A (en) | Information encryption and decryption processing method and system | |
| CN104834868A (en) | Electronic data protection method, device and terminal equipment | |
| CN102781001A (en) | Method for encrypting built-in file of mobile terminal and mobile terminal | |
| CN101621794A (en) | Method for realizing safe authentication of wireless application service system | |
| CN105005731A (en) | Data encryption and decryption methods and mobile terminal | |
| US20150304321A1 (en) | An image management system and an image management method based on fingerprint authentication | |
| US9276748B2 (en) | Data-encrypting method and decrypting method for a mobile phone | |
| CN105117658A (en) | Password security management method and equipment based on fingerprint authentication | |
| US20170091483A1 (en) | Method and Device for Protecting Address Book, and Communication System | |
| KR101358375B1 (en) | Prevention security system and method for smishing | |
| CN105592056A (en) | Password safety system for mobile device and password safety input method thereof | |
| CN205354036U (en) | Data encryption cloud storage system based on multimode biological identification technique | |
| CN105279447A (en) | Method and device for data encryption, and method and device for data decryption | |
| EP2993856B1 (en) | Establishment of communication connection between mobile device and secure element | |
| EP2985712B1 (en) | Application encryption processing method, apparatus, and terminal | |
| JP6349712B2 (en) | Mobile device setting method | |
| CN104732166A (en) | Data storing and reading method and device and equipment | |
| CN111628864A (en) | Method for carrying out secret key safety recovery by using SIM card |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20150325 |
|
| RJ01 | Rejection of invention patent application after publication |