CN104579689A - Soft secret key system and implementation method - Google Patents
Soft secret key system and implementation method Download PDFInfo
- Publication number
- CN104579689A CN104579689A CN201510028842.2A CN201510028842A CN104579689A CN 104579689 A CN104579689 A CN 104579689A CN 201510028842 A CN201510028842 A CN 201510028842A CN 104579689 A CN104579689 A CN 104579689A
- Authority
- CN
- China
- Prior art keywords
- key
- key certificate
- file
- random
- certificate
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Abstract
The invention discloses a soft secret key system and implementation method. The soft secret key system comprises a secret key certificate management subsystem, a secret key subsystem and an encryption and decryption algorithm subsystem. The secret key certificate management subsystem comprises a secret key certificate security storage module and a secret key certificate reading module. The soft secret key system runs as background software in use, the security of a secret key certificate is guaranteed by carrying out splitting, random interference bit addition, random encryption and random naming and storage on the secret key certificate, the possibility that a private key in the secret key certificate is acquired through a memory in the running process of the software is fundamentally eradicated by utilizing the disassembling source core stealing preventing technology, and compared with a common U shield 'hard secret key', the soft secret key system does not need built-out hardware and has the advantages of being convenient and fast to use and low in cost.
Description
Technical field
The present invention relates to a kind of method for designing of the soft key for intelligent mobile terminal or PC, be applicable to finance, the fields such as traffic, business, hotel, tourism, aviation, or other need the field using encryption and certification.
Background technology
Along with the development of economy, the develop rapidly of the continuous progress, particularly IC industry of science and technology and making rapid progress of mechanics of communication, Internet technology is popularized greatly, throughout the every field of people's routine work and life, simultaneously the Internet financial service obtains the development of explosion type.Meanwhile, have to face a new problem, how to guarantee the safety of internet information, particularly relate to the Internet financial security of fund and personal information.The Internet is the network of an opening, by common technological means, is easy to obtain personal information and fund information.For emerging mobile Internet, this problem is more obvious, because mobile Internet can not adopt the mode of special line to dock with financial institution, existing cipher mode is all software cryptography substantially, in terminal practical application, a large amount of APP (Application third-party application software) can be implanted unintentionally, the safe class of these APP is very different, be easy to be utilized by trojan horse, thus obtain personal information and fund information, and likely there will be some funds and steal and leak privacy behavior.
At present in financial field, the Internet; protection personal information and the most frequently used most effective method of fund security use U shield; namely the USBkey of client key certificate is had; client key certificate content comprises certificate number; the term of validity; key, enciphering and deciphering algorithm describes, the digital signature identification etc. of Digital Signature Algorithm description and certificate.USBkey, except depositing client key certificate, also has Encrypt and Decrypt, digital signature and sign test function.Because the key of USBkey can only use in USBkey inside, can not be read by external equipment, therefore there is good fail safe and confidentiality.But traditional U shield, namely the hard Key of USB emerging based on the Internet financial business of individual intelligent mobile terminal in application seldom, main cause is under mobile Internet scene, U shield carry and use very inconvenient, during transaction under user uses mobile phone to carry out line or on line, need to insert USBkey simultaneously, very inconvenient.If but used software to carry out the greatest problem that Encrypt and Decrypt and digital signature and signature verification exist is how key is deposited to the information of the Internet transmission completely, once key is stolen by the program of wooden horse and so on, the fail safe of information would not just be known where to begin.
Summary of the invention
Based on the demand, the present invention proposes a kind of soft cipher key system and implementation method, ensure again client key certificate content safety by software simulating U shield function simultaneously.
In order to achieve the above object and effect, the present invention adopts following technology contents:
A kind of soft cipher key system, comprises following functional blocks:
A key certificate ADMINISTRATION SUBSYSTEM: be responsible for downloading, random store and read user key certificate, wherein the mark of user in cipher key system deposited by user key certificate, key, the term of validity, enciphering and deciphering algorithm describe, Digital Signature Algorithm describes and the digital signature identification of certificate; User key certificate uses password or encrypting fingerprint; Described key certificate ADMINISTRATION SUBSYSTEM comprises key certificate kept secure module and key certificate read module;
Described key certificate kept secure module: be responsible for certificate kept secure after application program download user key certificate; Comprise and a complete certificate file is split as multiple file, and insert the random bit of random amount as interference at the head of each file and afterbody, above-mentioned file is deposited at random in multiple catalogues of flash or disk;
Described key certificate read module: be responsible for upper layer application need invoke user key certificate carry out Encrypt and Decrypt and digital signature produce and checking time read the key certificate of kept secure;
A cipher key subsystem: be responsible for the key certificate of password or encrypting fingerprint is used to user password or fingerprint deciphering, authentication secret certificate number signature, extracts the private key of key certificate, obtains the PKI of communication counterpart;
An enciphering and deciphering algorithm subsystem: be responsible for the our private key that exports according to cipher key subsystem and the other side's PKI, realizes various asymmetric Encrypt and Decrypt in secure communication and digital signature, sign test work; Once our private key completes use, write random number and discharged depositing in private key internal memory at once.
The present invention separately adopts following technology contents to reach above-mentioned object and effect:
An implementation method for soft key, comprises the steps:
1) kept secure is carried out to key certificate, comprise step 1-1 ~ 1-12; 1-1) read the user key certificate after the password or encrypting fingerprint that upper level applications provides; Randomizer 1-2) using operating system to carry produces a random number, as the seed of inside modules pseudo random sequence; 1-3) user key certificate file is split into N number of file of equal length, N gets 5 ~ 10; 1-4) use the seed obtained in inside modules pseudo random sequence and step 1-2, produce 2 × N number of pseudo random number, 2 × N number of pseudo random number is obtained inserting random bit amount R andByteLength [2N] for disturbing at the head and tail of N number of key certificate file content to MaxRandByteLength delivery; Randomizer 1-5) using operating system to carry, produces the random Byte that 2 × N group length is respectively RandByteLength [n] (n=1 ~ 2N) at random; 1-6) random for 2 × N group Byte is inserted the head and tail of N number of user key certificate file as interference bit; 1-7) use inside modules pseudo random sequence to produce N number of random number as random key, by adding, the N number of user key certificate file use after disturbing bit is N number of to be encrypted with key; 1-8) use inside modules pseudo random sequence, then produce N number of random number, this N number of random number is mapped as letter and number, using this N group random letters and the filename of number combinatorics on words as N number of family key certificate file; 1-9) collect the catalogue of the key certificate file after can depositing N number of scrambling, search operation system directory form, finds system directory position; 1-10) use inside modules pseudo random sequence, then produce N number of random number, this N number of random number is mapped as N number of file storing directory, these file storing directory take from step 1-9; 1-11) N number of random file name adding interference bit and the use of the key certificate file after encrypting step 1-8 generation is named successively, and according to the path that step 1-10 produces, these certificate files are deposited successively; Local directory is kept at document form after inside pseudo random sequence seed 1-12) obtained by step 1-2 uses user password or encrypting fingerprint;
2) key certificate is read, comprise step 2-1 ~ 2-9; 2-1) use user password or the local pseudo random sequence seed stored of fingerprint deciphering; 2-2) use the seed obtained in inside modules pseudo random sequence and 2-1, produce 2 × N number of pseudo random number, 2 × N number of pseudo random number is obtained the amount R andByteLength [2N] of the random disturbances bit inserted at the head and tail of N number of key certificate file content to MaxRandByteLength delivery; 2-3) use inside modules pseudo random sequence to produce encryption key that N number of random number obtains key certificate file; 2-4) use inside modules pseudo random sequence to produce N number of random number, map the filename that letter and number obtains key certificate file; 2-5) use inside modules pseudo random sequence to produce N number of random number, mapping directory obtains the storing directory successively of key certificate file; The key certificate file storing directory that key certificate filename 2-6) using step 2-4 to obtain and step 2-5 obtain reads key certificate file; Key certificate file decryption 2-7) using step 2-3 to obtain double secret key to break; 2-8) use step 2-2 to obtain interference bit that RandByteLength [2N] removes head and tail in the key certificate file of breaking; 2-9) cipher key subsystem is submitted in the key certificate of breaking recovery;
3) obtain key, comprise step 3-1 ~ 3-3; 3-1) use user password or fingerprint decruption key certificate; 3-2) key certificate digital signature and the term of validity are verified; 3-3) read the private key of we, if the public affairs of similar symmetry or asymmetric system, private key asymmetric encipherment system, then according to the mark of communication counterpart from third party CA center or directly mapped the PKI obtaining the other side by PKI matrix;
4) encryption and decryption is carried out to key: the our private key exported according to cipher key subsystem and the other side's PKI, realize asymmetric Encrypt and Decrypt in secure communication and digital signature, sign test work; Once our private key completes use, write random number and discharged depositing in private key internal memory at once.
The present invention at least has following beneficial effect:
The present invention runs as daemon software in use, relatively conventional U shield " hard key ", without the need to extrapolation hardware, have easy to use, feature with low cost, simultaneously by adding interference bit, accidental enciphering to the fractionation of key certificate, at random and name the method deposited at random, ensure that the fail safe of key certificate, stealing by using anti-dis-assembling the possibility that source code technology to have stopped substantially when running software private key in by internal memory acquisition key certificate.
Other objects of the present invention and advantage can be further understood from the technology contents disclosed by the present invention.In order to above and other object of the present invention, feature and advantage can be become apparent, special embodiment below also coordinates institute's accompanying drawings to be described in detail below.
Accompanying drawing explanation
Fig. 1 is the structured flowchart of the soft cipher key system in the present invention.
Embodiment
The content of the present invention's announcement relates to a kind of cipher key system by software simulating, and its technical characteristics is, need to use additional hardware i.e. " hard key " relative to U shield scheme, the present invention can be described as " soft key ".The present invention is by software simulating, with low cost; During use, terminal is without the need to linking additional hardware, easy to use; Key certificate splits into some files after using password or encrypting fingerprint, and random name stores with random, ensures key certificate safety to greatest extent.
Next will coordinate institute's accompanying drawings through embodiment, and illustrate that the present invention has the unique technology parts such as innovation, progressive or effect compared with prior art, those of ordinary skill in the art can be realized according to this.Should be noted that, the modification that those of ordinary skill in the art carry out under not departing from spirit of the present invention and change, all do not depart from protection category of the present invention.
Refer to Fig. 1, soft cipher key system of the present invention comprises key certificate ADMINISTRATION SUBSYSTEM, cipher key subsystem and enciphering and deciphering algorithm subsystem, and supports the software systems of above-mentioned three subsystems.
Key certificate ADMINISTRATION SUBSYSTEM: be responsible for download, random storage and read user key certificate, wherein the mark of user in cipher key system deposited by user key certificate, key, the term of validity, enciphering and deciphering algorithm describe, Digital Signature Algorithm describes and the digital signature identification etc. of certificate.User key certificate uses password or encrypting fingerprint, and password or encrypting fingerprint algorithm are algorithms most in use, and specific descriptions can search related data.Key certificate ADMINISTRATION SUBSYSTEM is divided into key certificate kept secure module and key certificate read module.
Key certificate kept secure module: by certificate kept secure after application program download user key certificate, prevents certificate to be stolen to greatest extent.The key of kept secure is a complete certificate file to be split as multiple file, and inserts the random bit of random amount as interference at the head of each file and afterbody, is deposited at random by these files in multiple catalogues of flash or disk.
Key certificate read module: be responsible for upper layer application need invoke user key certificate carry out Encrypt and Decrypt and digital signature produce and checking time read the key certificate of kept secure.
Cipher key subsystem: the key certificate of password or encrypting fingerprint is used to user password or fingerprint deciphering, authentication secret certificate number signature, extracts the private key of key certificate, obtains the PKI of communication counterpart.
Enciphering and deciphering algorithm subsystem: the our private key exported according to cipher key subsystem and the other side's PKI, realizes various asymmetric Encrypt and Decrypt in secure communication and digital signature, sign test work.Once our private key completes use, write random number and discharged depositing in private key internal memory at once, in case private key expressly leaks.
Below in conjunction with Fig. 1, the workflow of soft cipher key system of the present invention is described:
Step 1, by key certificate kept secure module, carry out kept secure to key certificate, specific works step is as follows:
Step 1-1: the user key certificate after the password that provides of upper level applications or encrypting fingerprint is provided;
Step 1-2: the randomizer using operating system to carry produces a random number, as the seed of inside modules pseudo random sequence, inside modules pseudo random sequence can use m sequencer or additive method to realize, after the seed of pseudo random sequence is certain, the pseudo random number that order produces is fixing;
Step 1-3: N number of file user key certificate file being split into equal length, N can get 5 ~ 10;
Step 1-4: use the seed obtained in inside modules pseudo random sequence and step 2, produce 2 × N number of pseudo random number, 2 × N number of pseudo random number obtained inserting random bit amount R andByteLength [2N] for disturbing at the head and tail of N number of key certificate file content to MaxRandByteLength delivery, MaxRandByteLength can get 1024 or other values.
Step 1-5: the randomizer using operating system to carry, produces the random Byte (8bit) that 2 × N group length is respectively RandByteLength [n] (n=1 ~ 2N) at random;
Step 1-6: random for 2 × N group Byte is inserted the head and tail of N number of user key certificate file as interference bit;
Step 1-7: use inside modules pseudo random sequence to produce N number of random number as random key, by adding, the N number of user key certificate file use after disturbing bit is N number of to be encrypted with key, encryption method can use direct XOR, or other symmetric encipherment algorithm such as AES;
Step 1-8: use inside modules pseudo random sequence, produce N number of random number again, this N number of random number is adopted specific mapping mode, be mapped as letter and number, using this N group random letters and the filename of number combinatorics on words as N number of family key certificate file, suffix can use the conventional suffix name such as txt, dat, also can use the fascinating suffix such as dll (windows system), so (Linux system);
Step 1-9: the catalogue of collecting the key certificate file after can depositing N number of scrambling, search operation system directory form, find system directory position, windows system is as windows catalogue, program files directory etc., Android system is as android catalogue, and DCIM etc., also can collect some catalogues in the application program using soft key;
Step 1-10: use inside modules pseudo random sequence, then produce N number of random number, adopt specific mapping mode to be mapped as N number of file storing directory this N number of random number, these file storing directory take from step 1-9;
Step 1-11: N number of random file name adding interference bit and the use of the key certificate file after encrypting step 1-8 generation is named successively, and according to the path that step 1-10 produces, these certificate files is deposited successively;
Step 1-12: be kept at specific local directory with document form after the inside pseudo random sequence seed obtained by step 1-2 uses user password or encrypting fingerprint.
Step 2, by key certificate read module, reads key certificate, and its job step is the inverse process of key certificate kept secure module, specific as follows:
Step 2-1: use user password or the local pseudo random sequence seed stored of fingerprint deciphering;
Step 2-2: use the seed obtained in inside modules pseudo random sequence and step one, produce 2 × N number of pseudo random number, 2 × N number of pseudo random number is obtained the amount R andByteLength [2N] of the random disturbances bit inserted at the head and tail of N number of key certificate file content to MaxRandByteLength delivery;
Step 2-3: use inside modules pseudo random sequence to produce the encryption key that N number of random number obtains key certificate file;
Step 2-4: use inside modules pseudo random sequence to produce N number of random number, maps the filename that letter and number obtains key certificate file;
Step 2-5: use inside modules pseudo random sequence to produce N number of random number, mapping directory obtains the storing directory successively of key certificate file;
Step 2-6: the key certificate file storing directory that the key certificate filename using step 2-4 to obtain and step 2-5 obtain reads key certificate file;
Step 2-7: use step 2-3 obtains the key certificate file decryption that double secret key is broken;
Step 2-8: use step 2-2 to obtain the interference bit that RandByteLength [2N] removes head and tail in the key certificate file of breaking;
Step 2-9: the key certificate of breaking is restored and submits to cipher key subsystem.
Step 3, by cipher key subsystem, obtain key, concrete steps are as follows:
Step 3-1: use user password or fingerprint decruption key certificate;
Step 3-2: key certificate digital signature and the term of validity are verified;
Step 3-3: the private key reading we, if the public affairs of similar symmetry or asymmetric system, private key asymmetric encipherment system, then according to the mark of communication counterpart from third party CA center or directly mapped the PKI obtaining the other side by PKI matrix.
Step 4, by enciphering and deciphering algorithm subsystem, carries out encryption and decryption to key.The our private key exported according to cipher key subsystem and the other side's PKI, realize various asymmetric Encrypt and Decrypt in secure communication and digital signature, sign test work.Once our private key completes use, write random number and discharged depositing in private key internal memory at once, in case private key expressly leaks.
Above key certificate ADMINISTRATION SUBSYSTEM, cipher key subsystem and enciphering and deciphering algorithm subsystem need use C language or other cannot be obtained the language compilation of source code by straightforward procedures such as dis-assemblings, the simultaneously false code etc. inserted in code for the obscuring technology that prevents source code from being obtained by decompiling, thus prevent to greatest extent the private key in key certificate in internal memory expressly to occur time be stolen.
The present invention has boundless use scenes, such as in the small amount payment application program of various mobile terminal, does not need the external hardware of U shield and so on, easy to use, and key certificate can obtain safeguard protection simultaneously.
With android mobile phone terminal, use the payment application of symmetry or asymmetric encipherment system as embodiment:
[it is as follows that storing step downloaded by certificate] (corresponding to step 1 of the present invention):
Step a:android payment application is from server download user key certificate;
Step b: key certificate splits by the key certificate kept secure module of key certificate ADMINISTRATION SUBSYSTEM, use inner pseudo random sequence order to produce a series of random number, the key certificate file after splitting is added to interference bit, accidental enciphering, random name and stores (concrete steps see above);
Step c: used by the random seed of inner pseudo random sequence user password or encrypting fingerprint to store.
[certificate read step is as follows] (corresponding to step 2 of the present invention):
Step a: read and use the random seed of user password or fingerprint decruption key certificate management subsystem internal pseudo random sequence;
Step b: the key certificate read module of key certificate ADMINISTRATION SUBSYSTEM uses inner pseudo random sequence order to produce a series of random number, the key certificate of each dispersion reading random name and store, removes interference bit, deciphers each certificate file, the certificate file of dispersion is merged into a complete certificate (concrete steps see above).
[payment step is as follows] (corresponding to step 3 of the present invention and 4):
Step a: obtain payment information (by scanning Quick Response Code or input), obtain pricing information;
Step b: select the means of payment (other modes such as e-bank or electronics collar);
Step c: user inputs payment cipher or scanning payment Quick Response Code;
Steps d: user inputs soft key and starts password or fingerprint, application program uses password or fingerprint algorithm to verify password or fingerprint;
Step e: the key certificate read module of the key certificate ADMINISTRATION SUBSYSTEM of soft key reads the random key certificate stored;
Step f: the cipher key subsystem of soft key uses user password or fingerprint decruption key certificate, obtains private key and the PKI matrix of user;
Step g: the cipher key subsystem of soft key will pay communication counterpart mark and map acquisition the other side PKI by symmetrical or asymmetric public key matrix;
Step h: by user input payment cipher or scanning payment Quick Response Code with, the means of payment and payment information use the enciphering and deciphering algorithm subsystem of soft key to be encrypted and digital signature;
Step I: the information after the encryption of upper-level payment application transfer is to channel of disbursement (third party or bank);
Step j: sign test is passed through, withhold successfully, payment completes.
Above-described is only the preferred embodiment of the present invention, the invention is not restricted to above embodiment.Be appreciated that the oher improvements and changes that those skilled in the art directly derive without departing from the spirit and concept in the present invention or associate, all should think and be included within protection scope of the present invention.
Claims (6)
1. a soft cipher key system, is characterized in that, comprises following functional blocks:
A key certificate ADMINISTRATION SUBSYSTEM: be responsible for downloading, random store and read user key certificate, wherein the mark of user in cipher key system deposited by user key certificate, key, the term of validity, enciphering and deciphering algorithm describe, Digital Signature Algorithm describes and the digital signature identification of certificate; User key certificate uses password or encrypting fingerprint; Described key certificate ADMINISTRATION SUBSYSTEM comprises key certificate kept secure module and key certificate read module;
Described key certificate kept secure module: be responsible for certificate kept secure after application program download user key certificate; Comprise and a complete certificate file is split as multiple file, and insert the random bit of random amount as interference at the head of each file and afterbody, above-mentioned file is deposited at random in multiple catalogues of flash or disk;
Described key certificate read module: be responsible for upper layer application need invoke user key certificate carry out Encrypt and Decrypt and digital signature produce and checking time read the key certificate of kept secure;
A cipher key subsystem: be responsible for the key certificate of password or encrypting fingerprint is used to user password or fingerprint deciphering, authentication secret certificate number signature, extracts the private key of key certificate, obtains the PKI of communication counterpart;
An enciphering and deciphering algorithm subsystem: be responsible for the our private key that exports according to cipher key subsystem and the other side's PKI, realizes various asymmetric Encrypt and Decrypt in secure communication and digital signature, sign test work; Once our private key completes use, write random number and discharged depositing in private key internal memory at once.
2. an implementation method for soft key, is characterized in that, comprises the steps:
1) kept secure is carried out to key certificate;
1-1) read the user key certificate after the password or encrypting fingerprint that upper level applications provides;
Randomizer 1-2) using operating system to carry produces a random number, as the seed of inside modules pseudo random sequence;
1-3) user key certificate file is split into N number of file of equal length, N gets 5 ~ 10;
1-4) use the seed obtained in inside modules pseudo random sequence and step 1-2, produce 2 × N number of pseudo random number, 2 × N number of pseudo random number is obtained inserting random bit amount R andByteLength [2N] for disturbing at the head and tail of N number of key certificate file content to MaxRandByteLength delivery;
Randomizer 1-5) using operating system to carry, produces the random Byte that 2 × N group length is respectively RandByteLength [n] (n=1 ~ 2N) at random;
1-6) random for 2 × N group Byte is inserted the head and tail of N number of user key certificate file as interference bit;
1-7) use inside modules pseudo random sequence to produce N number of random number as random key, by adding, the N number of user key certificate file use after disturbing bit is N number of to be encrypted with key;
1-8) use inside modules pseudo random sequence, then produce N number of random number, this N number of random number is mapped as letter and number, using this N group random letters and the filename of number combinatorics on words as N number of family key certificate file;
1-9) collect the catalogue of the key certificate file after can depositing N number of scrambling, search operation system directory form, finds system directory position;
1-10) use inside modules pseudo random sequence, then produce N number of random number, this N number of random number is mapped as N number of file storing directory, these file storing directory take from step 1-9;
1-11) N number of random file name adding interference bit and the use of the key certificate file after encrypting step 1-8 generation is named successively, and according to the path that step 1-10 produces, these certificate files are deposited successively;
Local directory is kept at document form after inside pseudo random sequence seed 1-12) obtained by step 1-2 uses user password or encrypting fingerprint;
2) key certificate is read;
2-1) use user password or the local pseudo random sequence seed stored of fingerprint deciphering;
2-2) use the seed obtained in inside modules pseudo random sequence and 2-1, produce 2 × N number of pseudo random number, 2 × N number of pseudo random number is obtained the amount R andByteLength [2N] of the random disturbances bit inserted at the head and tail of N number of key certificate file content to MaxRandByteLength delivery;
2-3) use inside modules pseudo random sequence to produce encryption key that N number of random number obtains key certificate file;
2-4) use inside modules pseudo random sequence to produce N number of random number, map the filename that letter and number obtains key certificate file;
2-5) use inside modules pseudo random sequence to produce N number of random number, mapping directory obtains the storing directory successively of key certificate file;
The key certificate file storing directory that key certificate filename 2-6) using step 2-4 to obtain and step 2-5 obtain reads key certificate file;
Key certificate file decryption 2-7) using step 2-3 to obtain double secret key to break;
2-8) use step 2-2 to obtain interference bit that RandByteLength [2N] removes head and tail in the key certificate file of breaking;
2-9) cipher key subsystem is submitted in the key certificate of breaking recovery;
3) key is obtained;
3-1) use user password or fingerprint decruption key certificate;
3-2) key certificate digital signature and the term of validity are verified;
3-3) read the private key of we, if the public affairs of similar symmetry or asymmetric system, private key asymmetric encipherment system, then according to the mark of communication counterpart from third party CA center or directly mapped the PKI obtaining the other side by PKI matrix;
4) encryption and decryption is carried out to key: the our private key exported according to cipher key subsystem and the other side's PKI, realize asymmetric Encrypt and Decrypt in secure communication and digital signature, sign test work; Once our private key completes use, write random number and discharged depositing in private key internal memory at once.
3. the implementation method of soft key according to claim 2, is characterized in that: in described step 1-2, and inside modules pseudo random sequence uses m sequencer to realize.
4. the implementation method of soft key according to claim 2, it is characterized in that: in described step 1-7, encryption method uses direct XOR algorithm or aes algorithm.
5. the implementation method of soft key according to claim 2, is characterized in that: in described step 1-8, and the suffix of filename is conventional suffix txt, dat or fascinating suffix dll, so.
6. the implementation method of soft key according to claim 2, it is characterized in that: in described step 1-9, system directory position is windows catalogue or Program Files catalogue under windows system, is android catalogue or DCIM under Android system.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510028842.2A CN104579689B (en) | 2015-01-20 | 2015-01-20 | A kind of soft cipher key system and implementation method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510028842.2A CN104579689B (en) | 2015-01-20 | 2015-01-20 | A kind of soft cipher key system and implementation method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104579689A true CN104579689A (en) | 2015-04-29 |
| CN104579689B CN104579689B (en) | 2018-02-13 |
Family
ID=53094968
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510028842.2A Active CN104579689B (en) | 2015-01-20 | 2015-01-20 | A kind of soft cipher key system and implementation method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104579689B (en) |
Cited By (12)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105142005A (en) * | 2015-09-21 | 2015-12-09 | 深圳市九洲电器有限公司 | Program recording sharing method and system |
| CN105205664A (en) * | 2015-09-25 | 2015-12-30 | 中城智慧科技有限公司 | Novel offline payment method |
| CN105407079A (en) * | 2015-09-25 | 2016-03-16 | 中城智慧科技有限公司 | Novel terminal safety soft secret key management method |
| CN106709366A (en) * | 2016-12-05 | 2017-05-24 | 国云科技股份有限公司 | Method for improving data security based on object storage |
| CN107026730A (en) * | 2017-04-01 | 2017-08-08 | 北京深思数盾科技股份有限公司 | Data processing method, apparatus and system |
| CN107087002A (en) * | 2017-05-15 | 2017-08-22 | 武汉斗鱼网络科技有限公司 | A kind of encipher-decipher method of data, device and electronic equipment |
| CN107679853A (en) * | 2017-09-29 | 2018-02-09 | 南京中高知识产权股份有限公司 | Offline electronic payment system and its method of work |
| CN107979615A (en) * | 2018-01-05 | 2018-05-01 | 新华三信息安全技术有限公司 | Message encryption transmission, authentication method, device, client and fire wall |
| CN108537537A (en) * | 2018-04-16 | 2018-09-14 | 杭州网看科技有限公司 | A kind of safe and reliable digital cash Wallet System |
| CN109005196A (en) * | 2018-09-10 | 2018-12-14 | 北京旷视科技有限公司 | Data transmission method, data decryption method, device and electronic equipment |
| CN111866864A (en) * | 2020-07-17 | 2020-10-30 | 上海市共进通信技术有限公司 | Method, device and storage medium for realizing encrypted storage and safe use management of cloud platform certificate based on wireless AP |
| CN112398654A (en) * | 2019-08-13 | 2021-02-23 | 腾讯科技(深圳)有限公司 | Method, device, equipment and medium for supporting packet grabbing |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110650160B (en) * | 2019-10-29 | 2022-01-04 | 北京天威诚信电子商务服务有限公司 | Identity authentication method and system |
Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1545023A (en) * | 2003-11-21 | 2004-11-10 | 苏州国芯科技有限公司 | Flushbonding CPU for information safety |
| CN1694415A (en) * | 2005-04-29 | 2005-11-09 | 北京邦诺存储科技有限公司 | Method and device for safety of storaged network data |
| US20050257046A1 (en) * | 2004-05-03 | 2005-11-17 | Thomson Licensing S.A. | Distributed management of a certificate revocation list |
| CN1917422A (en) * | 2006-07-21 | 2007-02-21 | 北京理工大学 | Implementation method for reducing amount of calculation for managing cipher key of MANET network |
| US20080162947A1 (en) * | 2006-12-28 | 2008-07-03 | Michael Holtzman | Methods of upgrading a memory card that has security mechanisms that prevent copying of secure content and applications |
| US20080250244A1 (en) * | 2007-04-05 | 2008-10-09 | Michael Baentsch | System and method for distribution of credentials |
| CN101465732A (en) * | 2007-12-19 | 2009-06-24 | 联想(北京)有限公司 | Method and terminal for ensuring digital certificate safety |
| CN103095452A (en) * | 2011-11-01 | 2013-05-08 | 刘海云 | Random encryption method needing to adopt exhaustion method for deciphering |
-
2015
- 2015-01-20 CN CN201510028842.2A patent/CN104579689B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1545023A (en) * | 2003-11-21 | 2004-11-10 | 苏州国芯科技有限公司 | Flushbonding CPU for information safety |
| US20050257046A1 (en) * | 2004-05-03 | 2005-11-17 | Thomson Licensing S.A. | Distributed management of a certificate revocation list |
| CN1694415A (en) * | 2005-04-29 | 2005-11-09 | 北京邦诺存储科技有限公司 | Method and device for safety of storaged network data |
| CN1917422A (en) * | 2006-07-21 | 2007-02-21 | 北京理工大学 | Implementation method for reducing amount of calculation for managing cipher key of MANET network |
| US20080162947A1 (en) * | 2006-12-28 | 2008-07-03 | Michael Holtzman | Methods of upgrading a memory card that has security mechanisms that prevent copying of secure content and applications |
| US20080250244A1 (en) * | 2007-04-05 | 2008-10-09 | Michael Baentsch | System and method for distribution of credentials |
| CN101465732A (en) * | 2007-12-19 | 2009-06-24 | 联想(北京)有限公司 | Method and terminal for ensuring digital certificate safety |
| CN103095452A (en) * | 2011-11-01 | 2013-05-08 | 刘海云 | Random encryption method needing to adopt exhaustion method for deciphering |
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105142005A (en) * | 2015-09-21 | 2015-12-09 | 深圳市九洲电器有限公司 | Program recording sharing method and system |
| CN105205664A (en) * | 2015-09-25 | 2015-12-30 | 中城智慧科技有限公司 | Novel offline payment method |
| CN105407079A (en) * | 2015-09-25 | 2016-03-16 | 中城智慧科技有限公司 | Novel terminal safety soft secret key management method |
| CN106709366A (en) * | 2016-12-05 | 2017-05-24 | 国云科技股份有限公司 | Method for improving data security based on object storage |
| CN107026730A (en) * | 2017-04-01 | 2017-08-08 | 北京深思数盾科技股份有限公司 | Data processing method, apparatus and system |
| CN107087002B (en) * | 2017-05-15 | 2019-09-20 | 武汉斗鱼网络科技有限公司 | A kind of encipher-decipher method of data, device and electronic equipment |
| CN107087002A (en) * | 2017-05-15 | 2017-08-22 | 武汉斗鱼网络科技有限公司 | A kind of encipher-decipher method of data, device and electronic equipment |
| CN107679853A (en) * | 2017-09-29 | 2018-02-09 | 南京中高知识产权股份有限公司 | Offline electronic payment system and its method of work |
| CN107979615A (en) * | 2018-01-05 | 2018-05-01 | 新华三信息安全技术有限公司 | Message encryption transmission, authentication method, device, client and fire wall |
| CN107979615B (en) * | 2018-01-05 | 2020-07-03 | 新华三信息安全技术有限公司 | Message encryption sending and authentication method, device, client and firewall |
| CN108537537A (en) * | 2018-04-16 | 2018-09-14 | 杭州网看科技有限公司 | A kind of safe and reliable digital cash Wallet System |
| CN109005196A (en) * | 2018-09-10 | 2018-12-14 | 北京旷视科技有限公司 | Data transmission method, data decryption method, device and electronic equipment |
| CN112398654A (en) * | 2019-08-13 | 2021-02-23 | 腾讯科技(深圳)有限公司 | Method, device, equipment and medium for supporting packet grabbing |
| CN112398654B (en) * | 2019-08-13 | 2022-05-20 | 腾讯科技(深圳)有限公司 | Method, device, equipment and medium for supporting packet grabbing |
| CN111866864A (en) * | 2020-07-17 | 2020-10-30 | 上海市共进通信技术有限公司 | Method, device and storage medium for realizing encrypted storage and safe use management of cloud platform certificate based on wireless AP |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104579689B (en) | 2018-02-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104579689A (en) | Soft secret key system and implementation method | |
| CN109074434B (en) | Method and system for verifying ownership of digital assets using distributed hash tables and peer-to-peer distributed ledgers | |
| LU101903B1 (en) | System and method for storing and accessing private data of Hyperledger Fabric blockchain | |
| US10891384B2 (en) | Blockchain transaction device and method | |
| US7975312B2 (en) | Token passing technique for media playback devices | |
| US9735962B1 (en) | Three layer key wrapping for securing encryption keys in a data storage system | |
| US9043610B2 (en) | Systems and methods for data security | |
| CN108833114A (en) | A kind of decentralization identity authorization system and method based on block chain | |
| CN106980794A (en) | TrustZone-based file encryption and decryption method and device and terminal equipment | |
| CN109948322B (en) | Personal cloud storage data safe box device and method for localized encryption protection | |
| CN103457733A (en) | Data sharing method and system under cloud computing environment | |
| CN108768990A (en) | It is a kind of that encryption method can search for based on block chain | |
| US20140351583A1 (en) | Method of implementing a right over a content | |
| CN103955654A (en) | USB (Universal Serial Bus) flash disk secure storage method based on virtual file system | |
| CN105117635A (en) | Local data security protection system and method | |
| CN103559453A (en) | Hardware encryption protection method and system for cellphone data | |
| US11288381B2 (en) | Calculation device, calculation method, calculation program and calculation system | |
| CN103973698A (en) | User access right revoking method in cloud storage environment | |
| US8755521B2 (en) | Security method and system for media playback devices | |
| WO2015154469A1 (en) | Database operation method and device | |
| CN103532712B (en) | digital media file protection method, system and client | |
| CN117077202A (en) | SGX (service gateway) -based network data security protection system and method | |
| CN117155549A (en) | Key distribution method, key distribution device, computer equipment and storage medium | |
| CN111177747A (en) | Block chain-based social network privacy data protection method | |
| CN107967432B (en) | Safe storage device, system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |