CN106203128B - Webpage data encryption and decryption method, device and system - Google Patents
Webpage data encryption and decryption method, device and system Download PDFInfo
- Publication number
- CN106203128B CN106203128B CN201510219176.0A CN201510219176A CN106203128B CN 106203128 B CN106203128 B CN 106203128B CN 201510219176 A CN201510219176 A CN 201510219176A CN 106203128 B CN106203128 B CN 106203128B
- Authority
- CN
- China
- Prior art keywords
- data
- encrypted
- key
- webpage
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
A webpage data encryption and decryption method, device and system are provided, and the method comprises the following steps: acquiring webpage data to be transmitted; the acquired webpage data to be sent is blocked to obtain a plurality of data blocks; randomly sorting the plurality of data blocks; generating index data corresponding to the plurality of randomly sequenced data blocks, wherein the index data comprises the sizes of the plurality of data blocks and position information in the webpage data; encrypting the obtained index data to obtain encrypted index data; and packaging the randomly sequenced data blocks and the encrypted index data to generate encrypted webpage data and sending the encrypted webpage data. The scheme can improve the safety of webpage data transmission.
Description
Technical Field
The invention relates to the technical field of web pages, in particular to a method, a device and a system for encrypting and decrypting web page data.
Background
Hyper Text Markup Language (HTML), which is the core Language of the world wide web, has evolved to make originally static web pages into JavaScript-written web page (web) applications. With the fact that JavaScript is more and more complex and huge, a user cannot feel refreshing and jumping of a traditional webpage in the process of using a web application, and the use experience of the user is greatly improved.
However, when web page data including JavaScript files is transmitted between a server and a client, there is a problem of poor security.
Disclosure of Invention
The embodiment of the invention solves the problem of improving the safety of webpage data transmission.
In order to solve the above problem, an embodiment of the present invention provides a method for encrypting web page data, where the method includes:
acquiring webpage data to be transmitted;
the acquired webpage data to be sent is blocked to obtain a plurality of data blocks;
randomly sorting the plurality of data blocks;
generating index data corresponding to the plurality of randomly sequenced data blocks, wherein the index data comprises the sizes of the plurality of data blocks and position information in the webpage data;
encrypting the obtained index data to obtain encrypted index data;
and packaging the randomly sequenced data blocks and the encrypted index data to generate encrypted webpage data and sending the encrypted webpage data.
Optionally, the encrypting the obtained index data to obtain encrypted index data includes:
generating an encryption key and a decryption key;
encrypting the index data by using the generated encryption key to obtain encrypted index data;
performing MD5 operation on the encrypted index data to obtain a corresponding MD5 value;
obtaining a MD5 value by encrypting the obtained RSA key of the server side to obtain first signature information;
encrypting the encryption key by adopting a client RSA public key to obtain an encrypted encryption key;
generating a corresponding file by using the obtained encrypted encryption key, the first signature information, the corresponding MD5 value, the server RSA public key corresponding to the RSA key, the encrypted index data and the randomly ordered data blocks, and adding corresponding file header information to the initial part of the generated file to obtain the encrypted webpage data; the file header information comprises an encryption identifier, an encrypted encryption key, first signature information, a corresponding MD5 value, a server RSA public key corresponding to the server RSA key, encrypted index data and information of the position and size of a data block after random sequencing, wherein the encryption identifier is used for identifying the encrypted webpage data.
Optionally, the encryption key and the decryption key are the same.
Optionally, the plurality of data blocks are the same size.
Optionally, before the step of blocking the acquired web page data to obtain a plurality of data blocks, the method further includes: and scrambling the webpage data.
Optionally, the webpage data is a JavaScript file.
The embodiment of the invention also provides a webpage data decryption method, which comprises the following steps:
receiving encrypted webpage data, wherein the encrypted webpage data comprise a plurality of randomly ordered data blocks and information of encrypted index data, and the index data comprise the sizes of the data blocks and position information in the webpage data;
decrypting the encrypted index data to obtain the index data;
and recovering the sorted data blocks to corresponding positions in the webpage data by adopting the index data obtained after decryption to obtain the webpage data.
Optionally, the encrypted web page data includes a file header, an encrypted encryption key, first signature information, a corresponding MD5 value, a server RSA public key corresponding to the server RSA key, encrypted index data, and randomly ordered information of data chunks, where the file header includes an encryption identifier, the encrypted encryption key, the first signature information, the corresponding MD5 value, a server RSA public key corresponding to the server RSA key, the encrypted index data, and information of positions and sizes of the randomly ordered data chunks, and the encryption identifier is used to identify the encrypted web page data;
the decrypting the encrypted index data to obtain the index data includes:
judging whether the file header has the encryption identifier or not;
when the encryption identifier is determined to exist in the file header, acquiring the encrypted encryption key, the first signature information, the corresponding MD5 value, the server RSA public key corresponding to the server RSA key, the encrypted index data and the information of the position and the size of the sequenced data block in the file header;
respectively acquiring the first signature information, the corresponding MD5 value, the server RSA public key corresponding to the server RSA key, the encrypted index data and the information of the position and the size of the sequenced data block at the corresponding position of the encrypted webpage data according to the acquired encrypted encryption key, the first signature information, the corresponding MD5 value, the server RSA public key corresponding to the server RSA key, the encrypted index data and the information of the sequenced data block;
decrypting the encrypted encryption key by using a client RSA key to obtain the encryption key;
obtaining a corresponding decryption key according to the encryption key;
decrypting the first signature information by using the server RSA public key corresponding to the server RSA key, and calculating to obtain an MD5 value;
comparing the MD5 value obtained by decryption with the corresponding MD5 value obtained;
and when the calculated MD5 value is determined to be the same as the acquired corresponding MD5 value, decrypting the encrypted index data by using the acquired decryption key to acquire the decrypted index data.
Optionally, the encryption key and the decryption key are the same.
Optionally, after the step of recovering the sorted data blocks to corresponding positions in the webpage data by using the index data obtained after decryption, the method further includes: and descrambling the webpage data.
Optionally, the webpage data is a JavaScript file.
The embodiment of the invention also provides a webpage data encryption device, which comprises:
the acquisition unit is suitable for acquiring the webpage data to be transmitted;
the blocking unit is suitable for blocking the acquired webpage data to be transmitted to obtain a plurality of data blocks;
the sorting unit is suitable for randomly sorting the plurality of data blocks;
the index generating unit is suitable for generating index data corresponding to the plurality of randomly sequenced data blocks, and the index data comprises the sizes of the data blocks and position information in the webpage data;
the encryption unit is suitable for encrypting the obtained index data to obtain encrypted index data;
and the packaging processing unit is suitable for packaging the randomly sequenced data blocks and the encrypted index data to generate and send encrypted webpage data.
Optionally, the encryption unit is adapted to: generating an encryption key and a decryption key; encrypting the index data by using the generated encryption key to obtain encrypted index data; performing MD5 operation on the encrypted index data to obtain a corresponding MD5 value; obtaining a MD5 value by encrypting the obtained RSA key of the server side to obtain first signature information; encrypting the encryption key by adopting a client RSA public key to obtain an encrypted encryption key; generating a corresponding file by using the obtained encrypted encryption key, the first signature information, the corresponding MD5 value, the server RSA public key corresponding to the RSA key, the encrypted index data and the randomly ordered data blocks, and adding corresponding file header information to the initial part of the generated file to obtain the encrypted webpage data; the file header information comprises an encryption identifier, an encrypted encryption key, first signature information, a corresponding MD5 value, a server RSA public key corresponding to the server RSA key, encrypted index data and information of the position and size of a data block after random sequencing, wherein the encryption identifier is used for identifying the encrypted webpage data.
Optionally, the encryption key and the decryption key are the same.
Optionally, the plurality of data blocks are the same size.
Optionally, the apparatus further comprises: and the scrambling unit is suitable for scrambling the webpage data before the acquired webpage data are blocked to obtain a plurality of data blocks.
Optionally, the webpage data is a JavaScript file.
The embodiment of the invention also provides a webpage data decryption device, which comprises:
the receiving unit is suitable for receiving encrypted webpage data, the encrypted webpage data comprise a plurality of randomly sequenced data blocks and information of encrypted index data, and the index data comprise the sizes of the data blocks and position information in the webpage data;
the decryption unit is suitable for decrypting the encrypted index data to obtain the index data;
and the recovery unit is suitable for recovering the sorted data to the corresponding position in the webpage data in a blocking manner by adopting the index data obtained after decryption to obtain the webpage data.
Optionally, the encrypted web page data includes a file header, an encrypted encryption key, first signature information, a corresponding MD5 value, a server RSA public key corresponding to the server RSA key, encrypted index data, and randomly ordered information of data chunks, where the file header includes an encryption identifier, the encrypted encryption key, the first signature information, the corresponding MD5 value, a server RSA public key corresponding to the server RSA key, the encrypted index data, and information of positions and sizes of the randomly ordered data chunks, and the encryption identifier is used to identify the encrypted web page data;
the decryption unit is suitable for judging whether the encryption identifier exists in the file header or not; when the encryption identifier is determined to exist in the file header, acquiring the encrypted encryption key, the first signature information, the corresponding MD5 value, the server RSA public key corresponding to the server RSA key, the encrypted index data and the information of the position and the size of the sequenced data block in the file header; respectively acquiring the first signature information, the corresponding MD5 value, the server RSA public key corresponding to the server RSA key, the encrypted index data and the information of the position and the size of the sequenced data block at the corresponding position of the encrypted webpage data according to the acquired encrypted encryption key, the first signature information, the corresponding MD5 value, the server RSA public key corresponding to the server RSA key, the encrypted index data and the information of the sequenced data block; decrypting the encrypted encryption key by using a client RSA key to obtain the encryption key; obtaining a corresponding decryption key according to the encryption key; decrypting the first signature information by using the server RSA public key corresponding to the server RSA key, and calculating to obtain an MD5 value; comparing the MD5 value obtained by decryption with the corresponding MD5 value obtained; and when the calculated MD5 value is determined to be the same as the acquired corresponding MD5 value, decrypting the encrypted index data by using the acquired decryption key to acquire the decrypted index data.
Optionally, the encryption key and the decryption key are the same.
Optionally, the apparatus further comprises: and the descrambling unit is suitable for descrambling the webpage data after the sequenced data are restored to the corresponding positions in the webpage data in a blocking manner by adopting the decrypted index data and the webpage data are obtained.
Optionally, the webpage data is a JavaScript file.
The embodiment of the invention also provides a webpage data encryption and decryption system, which comprises a client and a server, wherein the server comprises the webpage data encryption device, and the client comprises the webpage data decryption device as claimed in the claims.
Compared with the prior art, the technical scheme of the invention has the following advantages:
according to the scheme, the webpage data to be sent are partitioned, the multiple data blocks are randomly sequenced, index data corresponding to the multiple data blocks which are sequenced immediately are generated, and the obtained index data are encrypted and then sent to the client. Since the position information of each data block in the webpage data can be recovered only by decrypting the encrypted index data and the decrypted index data, the security of webpage data transmission can be improved.
Further, since the encryption key and the decryption key are the same, the speed of decrypting the web page data can be increased.
Furthermore, as the plurality of data blocks obtained by division have the same size, the steps of data division can be simplified, so that the speed of webpage data encryption can be increased, the data transmission speed between the server and the client can be increased, and the use experience of a user can be improved.
Drawings
Fig. 1 is a schematic diagram of a web page data transmission system according to an embodiment of the present invention;
FIG. 2 is a flowchart of a method for encrypting data of a web page according to an embodiment of the present invention;
fig. 3 is a flowchart of encrypting the obtained index data to obtain encrypted index data according to an embodiment of the present invention;
FIG. 4 is a flowchart of a method for decrypting web page data according to an embodiment of the present invention;
FIG. 5 is a flowchart illustrating decrypting the encrypted index data to obtain the index data according to an embodiment of the present invention;
FIG. 6 is a schematic structural diagram of a web page data encryption apparatus according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of a web page data decryption apparatus in an embodiment of the present invention.
Detailed Description
JavaScript is a Web-based scripting language, which has been widely used for Web application development, for example, it can be used to add various dynamic functions to a Web page, provide a smoother and more beautiful browsing effect for a user, and the like. In the running and using process of the Web application, the JavaScript file needs to be transmitted between the server and the client.
In the prior art, a JavaScript file transmitted between a server and a client is usually scrambled before transmission, so that the JavaScript file is not suitable for reading, the size of the JavaScript file can be reduced, and the data transmission rate is increased.
However, although the JavaScript file can be protected from being illegally tampered to some extent by using a simple scrambling method, as long as the algorithm of the scrambling process is known, the inverse scrambling of the JavaScript file can be easily realized by using a reversible method.
Therefore, the JavaScript file in the prior art has a problem of poor security when being transmitted between the server and the client.
In order to solve the above problems in the prior art, in the technical scheme adopted in the embodiment of the present invention, the web page data to be sent is partitioned, the obtained multiple data partitions are randomly ordered, index data corresponding to the multiple data partitions that are immediately ordered are generated, and the obtained index data is encrypted and sent to the client. Since the position information of each data block in the webpage data can be recovered only by decrypting the encrypted index data and the decrypted index data, the security of webpage data transmission can be improved.
In order to make the aforementioned objects, features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in detail below.
For convenience of understanding, the embodiment of the present invention first provides a detailed description of a web page data encryption and decryption system.
Fig. 1 is a schematic structural diagram illustrating a web page data encryption and decryption system in an embodiment of the present invention. The system for encrypting and decrypting webpage data as described in fig. 1 may include a server 101 and a client 102. The server 101 includes a web page data encryption device 1011, and the client 102 includes a web page data decryption device 1021.
In a specific implementation, the server 101 is configured to generate corresponding web page data, for example, a JavaScript file, and send the generated web page data to the client 102 after being encrypted by the web page data encryption device 1011. After receiving the encrypted web page data sent by the server 101, the client 102 performs corresponding decryption processing on the received encrypted web page data by using the web page data decryption device 1021, so as to obtain corresponding web page data.
In an embodiment of the present invention, the web page data encryption device in the server is a JavaScript compiler, and the web page data decryption device may be a JavaScript loading unit.
The following describes a method for a server to encrypt web page data and a client to decrypt received web page data in an embodiment of the present invention in detail.
Fig. 2 is a flowchart illustrating a method for encrypting web page data according to an embodiment of the present invention. The webpage data encryption method shown in fig. 2 may include:
step S201: and acquiring the webpage data to be sent.
In specific implementation, the webpage data to be sent is generated by a server. In an embodiment of the present invention, the web page data is a JavaScript file.
In a specific implementation, the method for encrypting webpage data in the embodiment of the present invention may further include:
step S202: and scrambling the webpage data to be transmitted.
In specific implementation, the webpage data can be kept secret by scrambling, the security of data transmission is improved, the size of the webpage data to be transmitted can be reduced, and the data transmission speed can be increased.
Step S203: and partitioning the acquired webpage data to be transmitted to obtain a plurality of data partitions.
In specific implementation, the webpage data to be sent can be blocked according to actual needs to obtain a plurality of data blocks. The size of each data block can be set according to actual needs. In the embodiment of the invention, the webpage data to be sent can be divided into N data blocks with the same size, and compared with the data blocks divided into different sizes, the speed of data encryption can be improved.
Step S204: and randomly sequencing the plurality of data blocks.
In a specific implementation, after the data blocks of the web page data to be sent are obtained, the order of the data blocks in the web page data to be sent can be scrambled in a random ordering mode, so that the scrambled web page data cannot be identified, and an encryption effect is achieved.
Step S205: and generating index data corresponding to the plurality of randomly sequenced data blocks.
In a specific implementation, in order to restore the multiple data blocks after the disordering sequence to the original position in the webpage data to be sent, so as to restore the webpage data, index data corresponding to the multiple data blocks after the random sorting may be generated. The generated index data includes information of the size of each data block and the position in the webpage data to be sent.
Step S206: and encrypting the obtained index data to obtain the encrypted index data.
In a specific implementation, since the index data includes information of the position and size of each data block in the web page data to be transmitted, when the index data is acquired, the randomly ordered data blocks can be restored to corresponding positions in the web page data to be transmitted. Therefore, in order to protect the web page data to be transmitted, a mode of encrypting the index data of the plurality of data blocks after random sorting may be adopted, so that the index data is not acquired, and the web page data to be transmitted is protected.
Step S207: and packaging the randomly sequenced data blocks and the encrypted index data to generate encrypted webpage data and sending the encrypted webpage data.
In specific implementation, after the randomly ordered data blocks and the encrypted index data of the randomly ordered data blocks are obtained, the randomly ordered data blocks and the encrypted index data can be packaged to obtain encrypted webpage data and send the encrypted webpage data to the client.
Fig. 3 shows a flowchart of encrypting the obtained index data to obtain encrypted index data in the embodiment of the present invention. Encrypting the obtained index data as shown in fig. 3 to obtain encrypted index data may include:
step 301: an encryption key and a decryption key are generated.
In specific implementation, the encryption key and the decryption key can be generated in different manners according to actual needs. In an embodiment of the present invention, the generated encryption key and the generated decryption key are the same, and when the encryption key is obtained, the corresponding decryption key is obtained at the same time, so that the decryption speed in the subsequent steps can be effectively increased by using the same encryption key and decryption key, and further, the loading of the web page data by the client cannot be greatly influenced, and the user experience can be improved.
Step 302: and encrypting the index data by adopting the generated encryption key to obtain the encrypted index data.
In specific implementation, the randomly ordered index data (M) of the plurality of data blocks are encrypted by using a randomly generated encryption key (Km) to obtain encrypted index data (Me).
Step 303: and performing MD5 operation on the encrypted index data to obtain a corresponding MD5 value.
In a specific implementation, after the encrypted index data Me is obtained, the encrypted index data Me is operated by using a fifth version of the chinese name Message Digest Algorithm (MD 5), so as to obtain an MD5 value Me-MD5 of the 128-bit encrypted index data Me.
Step 304: and encrypting the obtained MD5 value by using the RSA key of the server side to obtain first signature information.
In a specific implementation, after the MD5 value Me-MD5 of the encrypted index data Me is obtained, the MD5 value Me-MD5 of the obtained encrypted index data Me may be encrypted by using a server RSA key stored in the server, so as to obtain first signature information Me-MD5-sign as the signature information of the server. The RSA key of the server is stored in the server in advance and can be directly used when needed.
Step 305: and encrypting the encryption key by adopting a client RSA public key to obtain an encrypted encryption key.
In specific implementation, in order to further protect the encryption key and improve the security of the index data, the encryption key Km may be encrypted by using a client RSA public key to obtain an encrypted encryption key Km-e. The client RSA public key is published publicly, and the server can acquire the client RSA public key in a corresponding mode and is used for encrypting the encryption key Km.
Step 306: and generating a corresponding file by adopting the obtained encrypted encryption key, the first signature information, the corresponding MD5 value, the server RSA public key corresponding to the server RSA key, the encrypted index data and the randomly sequenced data block, and adding corresponding file header information to the initial part of the generated file to obtain the encrypted webpage data.
In a specific implementation, the encrypted web page data includes the following contents: (1) a file header: the encrypted representation is used for identifying the encrypted webpage data; (2) the encrypted encryption key Km-e; (3) the server RSA public key corresponding to the server RSA key; (4) the MD5 value Me-MD5 of the encrypted index data Me; (5) first signature information Me-md 5-sign; (6) encrypted index data Me; (7) and partitioning the randomly sequenced data into a plurality of blocks.
In order to decrypt the first signature information Me-MD5-sign to obtain the MD5 value Me-MD5 of the encrypted index data Me, the server RSA public key corresponding to the server RSA key may be added to the encrypted web page data and sent to the client together, so that the client can obtain the server RSA public key corresponding to the server RSA key.
Fig. 4 shows a flowchart of a method for decrypting web page data in the embodiment of the present invention. The webpage data decryption method shown in fig. 3 may include:
step 401: and receiving the encrypted webpage data.
Step 402: and decrypting the encrypted index data to obtain the index data.
In a specific implementation, the encrypted web page data includes information of a plurality of randomly ordered data blocks and encrypted index data. The data blocks are obtained by dividing the webpage data. The index data comprises the information of the position and the size of each data block in the webpage data, which is recorded according to the position of each data block after random sequencing.
When the index data is obtained by adopting a corresponding decryption method, the information of the positions and the sizes of the plurality of randomly ordered data blocks in the original webpage data can be obtained, so that the randomly ordered data blocks can be restored to the original positions in the webpage data.
Step 403: and recovering the sorted data blocks to corresponding positions in the webpage data by adopting the index data obtained after decryption to obtain the webpage data.
In specific implementation, because the obtained index data includes the information of the positions and sizes of the randomly ordered data blocks in the original webpage data, when the correct index data is obtained through decryption, the obtained index data can be used to restore the randomly ordered data blocks to the original (corresponding) positions in the webpage data, so as to obtain the webpage data.
It should be noted that the webpage data decryption method shown in fig. 4 is the inverse process of the webpage data encryption method shown in fig. 2, and the webpage data decryption method shown in fig. 4 and the webpage data encryption method shown in fig. 2 can be understood by referring to each other.
Fig. 5 shows a flowchart of decrypting the encrypted index data to obtain the index data in the embodiment of the present invention. Decrypting the encrypted index data to obtain the index data as shown in fig. 5 may include:
step S501: and judging whether the file header has an encryption identifier or not.
In specific implementation, when a client receives webpage data sent by a server, information of a file header in the received webpage data is acquired first. In an embodiment of the present invention, the header of the received encrypted web page data may have information of a corresponding encryption identifier. Whether the received webpage data is subjected to corresponding encryption processing can be determined by judging whether the file header has the encryption identifier. When the file header has the encryption identifier, the received webpage data is the encrypted webpage data obtained after the encryption processing. Otherwise, it is only required to process the received webpage data in a normal manner without being encrypted.
In a specific implementation, when the determination result is yes, step S502 may be executed, otherwise, no operation is executed.
Step S502: and acquiring the encrypted encryption key, the first signature information, the corresponding MD5 value, the server RSA public key corresponding to the server RSA key, the encrypted index data and the information of the position and the size of the sequenced data block in the file header.
In an embodiment of the present invention, the encrypted web page data includes: (1) a file header: the encrypted representation is used for identifying the encrypted webpage data; (2) the encrypted encryption key Km-e; (3) the server RSA public key corresponding to the server RSA key; (4) the MD5 value Me-MD5 of the encrypted index data Me; (5) first signature information Me-md 5-sign; (6) encrypted index data Me; (7) and partitioning the randomly sequenced data into a plurality of blocks.
When it is determined that the encryption flag exists in the header, the information of the position and size of the above-mentioned (2- (7) item can then be acquired from the header.
Step S503: according to the obtained encrypted encryption key Km-e, the first signature information Km-e, the corresponding MD5 value, the server RSA public key corresponding to the server RSA key, the encrypted index data and the information of the position and the size of the sequenced data block, the first signature information, the corresponding MD5 value, the server RSA public key corresponding to the server RSA key, the encrypted index data and the information of the sequenced data block are respectively obtained at the corresponding position of the encrypted webpage data.
In a specific implementation, when the encrypted encryption key, the first signature information Me-MD5-sign, the corresponding MD5 value Me-MD5, the server RSA public key corresponding to the server RSA key, the encrypted index data Me, and the information on the position and size of the ordered data chunk in the (2- (7) entry in the file header are obtained, the encrypted encryption key, the first signature information, the corresponding MD5 value, the server RSA public key corresponding to the server RSA key, the encrypted index data, and the information on the ordered data chunk can be obtained at the corresponding position in the received encrypted web page data.
Step S504: and decrypting the encrypted encryption key by adopting a client RSA key to obtain the encryption key.
In specific implementation, the client RSA key is stored in the client, and when the client RSA key corresponding to the client RSA public key is obtained, the encrypted encryption key Km-e can be decrypted to obtain the encryption key Km.
Step S505: and obtaining a corresponding decryption key according to the encryption key.
In specific implementation, the randomly generated encryption key and decryption key used for encryption and decryption have a preset corresponding relationship, and when the encryption key is obtained through decryption, the corresponding decryption key can be obtained.
In an embodiment of the present invention, the randomly generated encryption key Km is the same as the decryption key, and when the encryption key Km is obtained by decryption, the corresponding decryption key is also obtained.
Step S506: and decrypting the first signature information by using the acquired server RSA public key corresponding to the server RSA key, and calculating to obtain an MD5 value.
In specific implementation, when the server RSA public key corresponding to the server RSA key is obtained, the server RSA public key corresponding to the server RSA key may be used to decrypt the first signature information Me-MD5-sign, so as to obtain the MD5 value.
Step S507: and comparing the MD5 value obtained by decryption with the corresponding MD5 value obtained.
In a specific implementation, when the MD5 value obtained by decrypting the first signature information using the server RSA public key corresponding to the server RSA key is compared with the MD5 value obtained at the corresponding position of the encrypted web page data, it is determined whether the received encrypted web page data is tampered.
Step S508: and when the calculated MD5 value is determined to be the same as the acquired corresponding MD5 value, decrypting the encrypted index data by using the acquired decryption key to acquire the decrypted index data.
In a specific implementation, when the MD5 value obtained by decrypting the first signature information using the server RSA public key corresponding to the server RSA key is the same as the MD5 value obtained at the corresponding position of the encrypted web page data, it indicates that the received encrypted web page data has not been tampered with. At this time, the encrypted index data may be decrypted by using the obtained decryption key corresponding to the encryption key to obtain the index data. Then, in the subsequent steps, the information of the position and size of the randomly ordered data blocks in the web page data in the obtained index data can be adopted to restore the randomly ordered data blocks to the position of the web page data, so as to obtain correct web page data.
It should be noted that the webpage data decryption method shown in fig. 5 is the inverse process of the webpage data encryption method shown in fig. 3, and therefore, the webpage data decryption method shown in fig. 5 and the webpage data encryption method shown in fig. 3 can be understood by referring to each other.
Fig. 6 shows a web page data encryption apparatus in an embodiment of the present invention. The web page data encryption apparatus 600 shown in fig. 6 may include an acquisition unit 601, a blocking unit 602, an ordering unit 603, an index generation unit 604, an encryption unit 605, and a package processing unit 606, where:
the obtaining unit 601 is adapted to obtain the webpage data to be sent.
The blocking unit 602 is adapted to block the acquired web page data to be transmitted to obtain a plurality of data blocks.
An ordering unit 603 adapted to randomly order the plurality of data chunks.
The index generating unit 604 is adapted to generate index data corresponding to the plurality of randomly ordered data chunks, where the index data includes sizes of the plurality of data chunks and position information in the web page data.
The encryption unit 605 is adapted to encrypt the obtained index data to obtain encrypted index data. In a specific implementation, the encryption unit 605 is adapted to generate an encryption key and a decryption key; encrypting the index data by using the generated encryption key to obtain encrypted index data; performing MD5 operation on the encrypted index data to obtain a corresponding MD5 value; obtaining a MD5 value by encrypting the obtained RSA key of the server side to obtain first signature information; encrypting the encryption key by adopting a client RSA public key to obtain an encrypted encryption key; generating a corresponding file by using the obtained encrypted encryption key, the first signature information, the corresponding MD5 value, the server RSA public key corresponding to the RSA key, the encrypted index data and the randomly ordered data blocks, and adding corresponding file header information to the initial part of the generated file to obtain the encrypted webpage data; the file header information comprises an encryption identifier, an encrypted encryption key, first signature information, a corresponding MD5 value, a server RSA public key corresponding to the server RSA key, encrypted index data and information of the position and size of a data block after random sequencing, wherein the encryption identifier is used for identifying the encrypted webpage data.
And the encapsulation processing unit 606 is adapted to encapsulate the randomly sequenced data blocks and the encrypted index data, generate encrypted web page data, and send the encrypted web page data.
In a specific implementation, the apparatus 600 for encrypting web page data in the embodiment of the present invention may further include a scrambling unit 607, where:
the scrambling unit 607 is adapted to scramble the acquired web page data before the acquired web page data is blocked to obtain a plurality of data blocks.
Fig. 7 shows a web page data decryption apparatus in an embodiment of the present invention. The web page data decryption apparatus 700 shown in fig. 7 may include a receiving unit 701, a decryption unit 702, and a recovery unit 703, wherein:
the receiving unit 701 is adapted to receive encrypted web page data, where the encrypted web page data includes a plurality of randomly ordered data chunks and information of encrypted index data, and the index data includes sizes of the data chunks and position information in the web page data. Wherein the web page data is to include a JavaScript file. In specific implementation, the encrypted webpage data comprises a file header, an encrypted encryption key, first signature information, a corresponding MD5 value, a server RSA public key corresponding to the server RSA key, encrypted index data and randomly ordered data block information, wherein the file header comprises an encryption identifier, the encrypted encryption key, the first signature information, a corresponding MD5 value, a server RSA public key corresponding to the server RSA key, the encrypted index data and randomly ordered data block position and size information, and the encryption identifier is used for identifying the encrypted webpage data.
A decryption unit 702, adapted to decrypt the encrypted index data to obtain the index data. In a specific implementation, the decryption unit 702 is adapted to obtain an encrypted identifier in the file header; when the encryption identifier is determined to be a preset encryption identifier, acquiring the encrypted encryption key, the first signature information, the corresponding MD5 value, the server RSA public key corresponding to the server RSA key, the encrypted index data and the information of the position and the size of the sequenced data block in the file header; respectively acquiring the first signature information, the corresponding MD5 value, the server RSA public key corresponding to the server RSA key, the encrypted index data and the information of the position and the size of the sequenced data block at the corresponding position of the encrypted webpage data according to the acquired encrypted encryption key, the first signature information, the corresponding MD5 value, the server RSA public key corresponding to the server RSA key, the encrypted index data and the information of the sequenced data block; decrypting the encrypted encryption key by using a client RSA key to obtain the encryption key; obtaining a corresponding decryption key according to the encryption key; decrypting the first signature information by using the server RSA public key corresponding to the server RSA key, and calculating to obtain an MD5 value; comparing the MD5 value obtained by decryption with the corresponding MD5 value obtained; and when the calculated MD5 value is determined to be the same as the acquired corresponding MD5 value, decrypting the encrypted index data by using the acquired decryption key to acquire the decrypted index data.
The restoring unit 703 is adapted to restore the sorted data to the corresponding position in the web page data in blocks by using the decrypted index data, so as to obtain the web page data.
In a specific implementation, the web page data decryption apparatus 700 shown in fig. 7 may further include a descrambling unit 704, where:
and the descrambling unit 704 is adapted to descramble the webpage data after the sorted data is restored to the corresponding position in the webpage data in blocks by using the decrypted index data to obtain the webpage data.
Those skilled in the art will appreciate that all or part of the steps in the methods of the above embodiments may be implemented by instructions associated with hardware via a program, which may be stored in a computer-readable storage medium, and the storage medium may include: ROM, RAM, magnetic or optical disks, and the like.
The method and system of the embodiments of the present invention have been described in detail, but the present invention is not limited thereto. Various changes and modifications may be effected therein by one skilled in the art without departing from the spirit and scope of the invention as defined in the appended claims.
Claims (19)
1. A method for encrypting webpage data is characterized by comprising the following steps:
acquiring webpage data to be transmitted;
the acquired webpage data to be sent is blocked to obtain a plurality of data blocks;
randomly sorting the plurality of data blocks;
generating index data corresponding to the plurality of randomly sequenced data blocks, wherein the index data comprises the sizes of the plurality of data blocks and position information in the webpage data;
encrypting the obtained index data to obtain encrypted index data;
packaging the randomly sequenced data blocks and the encrypted index data to generate encrypted webpage data and sending the encrypted webpage data;
the encrypting the obtained index data to obtain the encrypted index data includes:
generating an encryption key and a decryption key;
encrypting the index data by using the generated encryption key to obtain encrypted index data;
performing MD5 operation on the encrypted index data to obtain a corresponding MD5 value;
obtaining a MD5 value by encrypting the obtained RSA key of the server side to obtain first signature information;
encrypting the encryption key by adopting a client RSA public key to obtain an encrypted encryption key;
generating a corresponding file by using the obtained encrypted encryption key, the first signature information, the corresponding MD5 value, the server RSA public key corresponding to the RSA key, the encrypted index data and the randomly ordered data blocks, and adding corresponding file header information to the initial part of the generated file to obtain the encrypted webpage data; the file header information comprises an encryption identifier, an encrypted encryption key, first signature information, a corresponding MD5 value, a server RSA public key corresponding to the server RSA key, encrypted index data and information of the position and size of a data block after random sequencing, wherein the encryption identifier is used for identifying the encrypted webpage data.
2. The method for encrypting data of a web page according to claim 1, wherein the encryption key and the decryption key are the same.
3. The method for encrypting data of a web page according to claim 1, wherein the plurality of data blocks have the same size.
4. The method for encrypting webpage data according to claim 1, wherein before the step of blocking the acquired webpage data to obtain a plurality of data blocks, the method further comprises: and scrambling the webpage data.
5. The method for encrypting data of web pages according to any one of claims 1 to 4, wherein the data of web pages is a JavaScript file.
6. A webpage data decryption method is characterized by comprising the following steps:
receiving encrypted webpage data, wherein the encrypted webpage data comprise a plurality of randomly ordered data blocks and information of encrypted index data, and the index data comprise the sizes of the data blocks and position information in the webpage data;
decrypting the encrypted index data to obtain the index data;
adopting the decrypted index data to restore the sorted data to the corresponding position in the webpage data in a blocking manner to obtain the webpage data;
the encrypted webpage data comprise a file header, an encrypted encryption key, first signature information, a corresponding MD5 value, a server RSA public key corresponding to a server RSA key, encrypted index data and randomly ordered data block information, wherein the file header comprises an encryption identifier, the encrypted encryption key, the first signature information, the corresponding MD5 value, a server RSA public key corresponding to the server RSA key, the encrypted index data and the randomly ordered data block information, and the encryption identifier is used for identifying the encrypted webpage data;
the decrypting the encrypted index data to obtain the index data includes:
judging whether the file header has the encryption identifier or not;
when the encryption identifier is determined to exist in the file header, acquiring the encrypted encryption key, the first signature information, the corresponding MD5 value, the server RSA public key corresponding to the server RSA key, the encrypted index data and the information of the position and the size of the sequenced data block in the file header;
respectively acquiring the first signature information, the corresponding MD5 value, the server RSA public key corresponding to the server RSA key, the encrypted index data and the information of the position and the size of the sequenced data block at the corresponding position of the encrypted webpage data according to the acquired encrypted encryption key, the first signature information, the corresponding MD5 value, the server RSA public key corresponding to the server RSA key, the encrypted index data and the information of the sequenced data block;
decrypting the encrypted encryption key by using a client RSA key to obtain the encryption key;
obtaining a corresponding decryption key according to the encryption key;
decrypting the first signature information by using the server RSA public key corresponding to the server RSA key, and calculating to obtain an MD5 value;
comparing the MD5 value obtained by decryption with the corresponding MD5 value obtained;
and when the calculated MD5 value is determined to be the same as the acquired corresponding MD5 value, decrypting the encrypted index data by using the acquired decryption key to acquire the decrypted index data.
7. The method for decrypting web page data according to claim 6, wherein the encryption key and the decryption key are the same.
8. The method for decrypting webpage data according to claim 6, wherein the step of recovering the sorted data blocks to corresponding positions in the webpage data by using the index data obtained after decryption further comprises the step of: and descrambling the webpage data.
9. The method for decrypting web page data according to any one of claims 6 to 8, wherein the web page data is a JavaScript file.
10. A web page data encryption apparatus, comprising:
the acquisition unit is suitable for acquiring the webpage data to be transmitted;
the blocking unit is suitable for blocking the acquired webpage data to be transmitted to obtain a plurality of data blocks;
the sorting unit is suitable for randomly sorting the plurality of data blocks;
the index generating unit is suitable for generating index data corresponding to the plurality of randomly sequenced data blocks, and the index data comprises the sizes of the data blocks and position information in the webpage data;
the encryption unit is suitable for encrypting the obtained index data to obtain encrypted index data;
the encapsulation processing unit is suitable for encapsulating the randomly sequenced data blocks and the encrypted index data to generate and send encrypted webpage data;
wherein the encryption unit is adapted to: generating an encryption key and a decryption key; encrypting the index data by using the generated encryption key to obtain encrypted index data; performing MD5 operation on the encrypted index data to obtain a corresponding MD5 value; obtaining a MD5 value by encrypting the obtained RSA key of the server side to obtain first signature information; encrypting the encryption key by adopting a client RSA public key to obtain an encrypted encryption key; generating a corresponding file by using the obtained encrypted encryption key, the first signature information, the corresponding MD5 value, the server RSA public key corresponding to the RSA key, the encrypted index data and the randomly ordered data blocks, and adding corresponding file header information to the initial part of the generated file to obtain the encrypted webpage data; the file header information comprises an encryption identifier, an encrypted encryption key, first signature information, a corresponding MD5 value, a server RSA public key corresponding to the server RSA key, encrypted index data and information of the position and size of a data block after random sequencing, wherein the encryption identifier is used for identifying the encrypted webpage data.
11. The apparatus for encrypting data of web pages according to claim 10, wherein said encryption key and said decryption key are the same.
12. The apparatus for encrypting data of web pages according to claim 10, wherein said plurality of data blocks have the same size.
13. The web page data encryption apparatus according to claim 10, further comprising: and the scrambling unit is suitable for scrambling the webpage data before the acquired webpage data are blocked to obtain a plurality of data blocks.
14. The apparatus for encrypting data of web pages according to any one of claims 10 to 13, wherein said data of web pages is a JavaScript file.
15. A web page data decryption apparatus, comprising:
the receiving unit is suitable for receiving encrypted webpage data, the encrypted webpage data comprise a plurality of randomly sequenced data blocks and information of encrypted index data, and the index data comprise the sizes of the data blocks and position information in the webpage data;
the decryption unit is suitable for decrypting the encrypted index data to obtain the index data;
the recovery unit is suitable for recovering the sorted data to the corresponding positions in the webpage data in a blocking manner by using the decrypted index data to obtain the webpage data;
the encrypted webpage data comprise a file header, an encrypted encryption key, first signature information, a corresponding MD5 value, a server RSA public key corresponding to a server RSA key, encrypted index data and randomly ordered data block information, wherein the file header comprises an encryption identifier, the encrypted encryption key, the first signature information, the corresponding MD5 value, a server RSA public key corresponding to the server RSA key, the encrypted index data and the randomly ordered data block information, and the encryption identifier is used for identifying the encrypted webpage data;
the decryption unit is suitable for judging whether the encryption identifier exists in the file header or not; when the encryption identifier is determined to exist in the file header, acquiring the encrypted encryption key, the first signature information, the corresponding MD5 value, the server RSA public key corresponding to the server RSA key, the encrypted index data and the information of the position and the size of the sequenced data block in the file header; respectively acquiring the first signature information, the corresponding MD5 value, the server RSA public key corresponding to the server RSA key, the encrypted index data and the information of the position and the size of the sequenced data block at the corresponding position of the encrypted webpage data according to the acquired encrypted encryption key, the first signature information, the corresponding MD5 value, the server RSA public key corresponding to the server RSA key, the encrypted index data and the information of the sequenced data block; decrypting the encrypted encryption key by using a client RSA key to obtain the encryption key; obtaining a corresponding decryption key according to the encryption key; decrypting the first signature information by using the server RSA public key corresponding to the server RSA key, and calculating to obtain an MD5 value; comparing the MD5 value obtained by decryption with the corresponding MD5 value obtained; and when the calculated MD5 value is determined to be the same as the acquired corresponding MD5 value, decrypting the encrypted index data by using the acquired decryption key to acquire the decrypted index data.
16. The apparatus for decrypting web page data according to claim 15, wherein the encryption key and the decryption key are the same.
17. The apparatus for decrypting web page data according to claim 15, further comprising: and the descrambling unit is suitable for descrambling the webpage data after the sequenced data are restored to the corresponding positions in the webpage data in a blocking manner by adopting the decrypted index data and the webpage data are obtained.
18. The apparatus for decrypting web page data according to any one of claims 15 to 17, wherein the web page data is a JavaScript file.
19. A web page data encryption and decryption system, comprising a client and a server, wherein the server comprises the web page data encryption device of any one of claims 10 to 14, and the client comprises the web page data decryption device of any one of claims 15 to 18.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510219176.0A CN106203128B (en) | 2015-04-30 | 2015-04-30 | Webpage data encryption and decryption method, device and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510219176.0A CN106203128B (en) | 2015-04-30 | 2015-04-30 | Webpage data encryption and decryption method, device and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106203128A CN106203128A (en) | 2016-12-07 |
| CN106203128B true CN106203128B (en) | 2020-01-14 |
Family
ID=57457859
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510219176.0A Active CN106203128B (en) | 2015-04-30 | 2015-04-30 | Webpage data encryption and decryption method, device and system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106203128B (en) |
Families Citing this family (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106686002A (en) * | 2017-02-28 | 2017-05-17 | 北京潘达互娱科技有限公司 | Data transmission and reception methods and device |
| CN107066890B (en) * | 2017-04-25 | 2020-12-25 | 腾讯科技(深圳)有限公司 | Method and device for encrypting file by using obfuscation processing |
| CN107426210A (en) * | 2017-07-25 | 2017-12-01 | 合肥红铭网络科技有限公司 | A kind of real-time traffic detection information storage method |
| CN108200044B (en) * | 2017-12-28 | 2021-02-19 | 宁德时代新能源科技股份有限公司 | Vehicle-mounted program file encryption method and system |
| CN108229192B (en) * | 2018-01-04 | 2020-05-08 | 武汉斗鱼网络科技有限公司 | File decryption method and device and client |
| CN108197439B (en) * | 2018-01-04 | 2020-05-08 | 武汉斗鱼网络科技有限公司 | File encryption method and device and server |
| CN108256352B (en) * | 2018-01-15 | 2021-10-22 | 北京安博通科技股份有限公司 | Method, device and terminal for automatically packaging web protection feature library |
| CN108777685B (en) * | 2018-06-05 | 2020-06-23 | 京东数字科技控股有限公司 | Method and apparatus for processing information |
| CN110149326A (en) * | 2019-05-14 | 2019-08-20 | 中国农业银行股份有限公司 | Data introducing method, apparatus and system |
| CN110688667A (en) * | 2019-10-09 | 2020-01-14 | 北京无限光场科技有限公司 | Picture file processing method and device, terminal equipment and medium |
| CN112653652B (en) * | 2019-10-11 | 2022-06-14 | 中移物联网有限公司 | Streaming media transmission method, device, terminal and computer readable storage medium |
| CN113486374A (en) * | 2021-07-14 | 2021-10-08 | 郑州轻工业大学 | Computer data storage and reading method and system based on cloud computing |
| CN115022706A (en) * | 2022-06-17 | 2022-09-06 | 成都商汤科技有限公司 | Data packaging method and device, equipment and storage medium |
| CN116776341B (en) * | 2023-04-23 | 2023-11-24 | 安徽安天利信工程管理股份有限公司 | Provider database file management system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103366124A (en) * | 2012-03-26 | 2013-10-23 | 宇龙计算机通信科技(深圳)有限公司 | Terminal and file management method |
| CN103793666A (en) * | 2014-01-24 | 2014-05-14 | 中经云数据存储科技(北京)有限公司 | Data file protecting method and system |
| CN103825885A (en) * | 2014-01-23 | 2014-05-28 | 广东顺德中山大学卡内基梅隆大学国际联合研究院 | Internet content encryption release method and system |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9208335B2 (en) * | 2013-09-17 | 2015-12-08 | Auburn University | Space-time separated and jointly evolving relationship-based network access and data protection system |
-
2015
- 2015-04-30 CN CN201510219176.0A patent/CN106203128B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103366124A (en) * | 2012-03-26 | 2013-10-23 | 宇龙计算机通信科技(深圳)有限公司 | Terminal and file management method |
| CN103825885A (en) * | 2014-01-23 | 2014-05-28 | 广东顺德中山大学卡内基梅隆大学国际联合研究院 | Internet content encryption release method and system |
| CN103793666A (en) * | 2014-01-24 | 2014-05-14 | 中经云数据存储科技(北京)有限公司 | Data file protecting method and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106203128A (en) | 2016-12-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106203128B (en) | Webpage data encryption and decryption method, device and system | |
| US20160117518A1 (en) | File Encryption/Decryption Device And File Encryption/Decryption Method | |
| Maitri et al. | Secure file storage in cloud computing using hybrid cryptography algorithm | |
| CN100592683C (en) | Protected return path from digital rights management dongle | |
| CN109728914B (en) | Digital signature verification method, system, device and computer readable storage medium | |
| JP5866460B2 (en) | Method and apparatus for packing / unpacking files | |
| CN110457873B (en) | Watermark embedding and detecting method and device | |
| CN109274644B (en) | Data processing method, terminal and watermark server | |
| EP3316160A1 (en) | Authentication method and apparatus for reinforced software | |
| CN106557707B (en) | Method and system for processing document data | |
| CN102819716A (en) | Method, device and system for encrypting and decrypting picture | |
| US20230325516A1 (en) | Method for file encryption, terminal, electronic device and computer-readable storage medium | |
| KR101269089B1 (en) | Software modulation prevention method using own encryption | |
| CN112272314B (en) | Method, device, equipment and medium for safely transmitting video in video network | |
| CN111159757A (en) | File encryption method, file decryption method and corresponding devices | |
| CN109005184A (en) | File encrypting method and device, storage medium, terminal | |
| CN107306254B (en) | Digital copyright protection method and system based on double-layer encryption | |
| CN106549757B (en) | Data authenticity identification method of WEB service, server and client | |
| WO2019134276A1 (en) | Method and system for protecting web page code, storage medium, and electronic device | |
| CN110149312B (en) | Data processing method, device, system and computer readable storage medium | |
| US9665696B1 (en) | Protecting content with initialization vector manipulation | |
| CN105743906A (en) | Picture file encryption and decryption method and system based on content-associated secret key | |
| CN107257282A (en) | A kind of full bag encryption method of code based on RC4 algorithms | |
| US10110373B2 (en) | System and method for manipulating both the plaintext and ciphertext of an encryption process prior to dissemination to an intended recipient | |
| US8862893B2 (en) | Techniques for performing symmetric cryptography |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |