CN106788995B - File encryption method and device - Google Patents
File encryption method and device Download PDFInfo
- Publication number
- CN106788995B CN106788995B CN201611118321.7A CN201611118321A CN106788995B CN 106788995 B CN106788995 B CN 106788995B CN 201611118321 A CN201611118321 A CN 201611118321A CN 106788995 B CN106788995 B CN 106788995B
- Authority
- CN
- China
- Prior art keywords
- file
- character
- character string
- encryption
- encrypted
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- Bioethics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Computing Systems (AREA)
- Storage Device Security (AREA)
Abstract
The invention provides a file encryption method and device, and belongs to the technical field of data security. The method comprises the following steps: acquiring a first target file to be encrypted and an encryption character string input by a user; analyzing the encrypted character string, and generating an encryption key according to an analysis result; and based on the encryption key, adding the file stream corresponding to the first target file into the encryption stream for encryption, and writing the encrypted data into the stored encrypted file. The method and the device acquire the first target file to be encrypted and the encrypted character string input by the user. And analyzing the encrypted character string, and generating an encryption key according to an analysis result. And adding the file stream corresponding to the first target file into the encrypted stream for encryption based on the encryption key. Because the encryption character string is input by the user, the thinking randomness of the user is higher when the user inputs the encryption character string, and the input characters are more diversified, so that the decryption difficulty of the correspondingly generated encryption key is higher. Therefore, the security of file encryption is high.
Description
Technical Field
The present invention relates to the field of data security technologies, and in particular, to a file encryption method and apparatus.
Background
With the rapid development of computer network technology and information technology, the digital industry such as electronic commerce is rapidly rising worldwide. Whether government, enterprise or individual, when storing files in a storage medium, some important files need to be encrypted to prevent information leakage. Therefore, how to encrypt the file is a concern. The existing file encryption method is mainly to encrypt a file through a pre-stored encryption key to obtain encrypted data. Correspondingly, the decryption process mainly decrypts the encrypted data through a pre-stored decryption key to obtain a decrypted file. Wherein the encryption key is identical to the decryption key.
In the process of implementing the invention, the prior art is found to have at least the following problems: since the encryption key is a pre-stored fixed character, a related cracker can easily intrude the mobile terminal to obtain the pre-stored encryption key, and crack the encrypted first data according to the encryption key and steal the encrypted file, thereby causing the leakage of file information. Therefore, the security of file encryption is not high.
Disclosure of Invention
The present invention provides a file encryption method and apparatus that overcomes, or at least partially solves, the above mentioned problems.
According to an aspect of the present invention, there is provided a file encryption method, including:
acquiring a first target file to be encrypted and an encryption character string input by a user;
analyzing the encrypted character string, and generating an encryption key according to an analysis result;
and based on the encryption key, adding the file stream corresponding to the first target file into the encryption stream for encryption, and writing the encrypted data into the stored encrypted file.
According to another aspect of the present invention, there is provided a file encryption apparatus including:
the first acquisition module is used for acquiring a first target file to be encrypted and an encryption character string input by a user;
the analysis module is used for analyzing the encrypted character string and generating an encryption key according to an analysis result;
and the encryption module is used for adding the file stream corresponding to the first target file into the encryption stream for encryption based on the encryption key, and writing the encrypted data into the stored encrypted file.
The beneficial effect that technical scheme that this application provided brought is:
the method comprises the steps of obtaining a first target file to be encrypted and an encryption character string input by a user. And analyzing the encrypted character string, and generating an encryption key according to an analysis result. And based on the encryption key, adding the file stream corresponding to the first target file into the encryption stream for encryption, and writing the encrypted data into the stored encrypted file. Because the encryption character string is input by the user, the thinking randomness of the user is higher when the user inputs the encryption character string, and the input characters are more diversified, so that the decryption difficulty of the correspondingly generated encryption key is higher. In addition, as the preset type expression characters, such as emoji expressions, can be added into the characters input by the user, the decryption difficulty of the correspondingly generated encryption key is higher. Therefore, the security of file encryption is high.
Drawings
FIG. 1 is a flowchart illustrating a file encryption method according to an embodiment of the present invention;
FIG. 2 is a flowchart illustrating a file encryption method according to an embodiment of the present invention;
FIG. 3 is a schematic structural diagram of a file encryption apparatus according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a file encryption apparatus according to an embodiment of the present invention.
Detailed Description
The following detailed description of embodiments of the present invention is provided in connection with the accompanying drawings and examples. The following examples are intended to illustrate the invention but are not intended to limit the scope of the invention.
The existing file encryption process is mainly to encrypt a file through a pre-stored encryption key to obtain encrypted data. Accordingly, when decrypting the file, the encrypted data is decrypted by the pre-stored decryption key. The pre-stored encryption key can be generated by preset English characters or numbers, and the encryption key is consistent with the decryption key. The encryption key and the decryption key are locally stored by the terminal and are generated by preset fixed characters, so that a related cracker can easily invade the mobile terminal to obtain the pre-stored encryption key, the encrypted first data is cracked according to the encryption key and the encrypted file is stolen, and the file information is leaked. Therefore, the security of file encryption is not high.
Aiming at the problems in the prior art, the embodiment of the invention provides a file encryption method. It should be noted that the file encryption method and the file decryption method corresponding to the encryption method provided in this embodiment and the following embodiments are applicable to any type of terminal, including but not limited to a mobile terminal or a local terminal with a processing function, and this is not limited in this embodiment and the following embodiments. In view of the relatively high usage rate of mobile terminals in the present day, the terminals mentioned in the present embodiment and the following embodiments may both refer to mobile terminals. The mobile terminal may include a mobile phone, a tablet computer, a smart watch, and the like, which is not limited in this embodiment.
In addition, since different operating systems are installed on the mobile terminal, for convenience of description, this embodiment and the following embodiments mainly describe a file encryption method in the Android system and a file decryption method corresponding to the file encryption method. Of course, other operating systems such as IOS may also sample the file encryption or file decryption method provided in this embodiment, and only the implementation code needs to be modified correspondingly, which is not specifically limited in this embodiment.
Referring to fig. 1, the method flow provided by this embodiment includes: 101. acquiring a first target file to be encrypted and an encryption character string input by a user; 102. analyzing the encrypted character string, and generating an encryption key according to an analysis result; 103. and based on the encryption key, adding the file stream corresponding to the first target file into the encryption stream for encryption, and writing the encrypted data into the stored encrypted file.
According to the method provided by the embodiment of the invention, the first target file to be encrypted and the encrypted character string input by the user are obtained. And analyzing the encrypted character string, and generating an encryption key according to an analysis result. And based on the encryption key, adding the file stream corresponding to the first target file into the encryption stream for encryption, and writing the encrypted data into the stored encrypted file. Because the encryption character string is input by the user, the thinking randomness of the user is higher when the user inputs the encryption character string, and the input characters are more diversified, so that the decryption difficulty of the correspondingly generated encryption key is higher. In addition, as the preset type expression characters, such as emoji expressions, can be added into the characters input by the user, the decryption difficulty of the correspondingly generated encryption key is higher. Therefore, the security of file encryption is high.
As an alternative embodiment, obtaining a first target file to be encrypted includes:
acquiring a file address character string according to a file selection instruction input by a user;
when detecting that a file corresponding to the file address character string exists, acquiring a data type corresponding to the file address character string;
and when the data type corresponding to the file address character string is a file, acquiring the file corresponding to the file address character string and using the file as a first target file to be encrypted.
As an alternative embodiment, parsing the encrypted string and generating a key according to the parsing result includes:
acquiring a preset type code corresponding to each character in the encrypted character string;
and generating an encryption key according to the preset type code corresponding to each character.
As an alternative embodiment, obtaining a preset type code corresponding to each character in an encrypted character string includes:
judging whether any character in the encrypted character string is a preset type expression character or not;
and when any character is a preset expression type character, acquiring a preset type code of the any character.
As an optional embodiment, the determining whether any character is a preset type expression character includes:
acquiring coding information of any character;
when the coded information is in a preset range, determining any character as a preset type expression character;
and when the coded information is not in the preset range, determining that any character is not a preset type expression character.
As an alternative embodiment, generating the encryption key according to the preset type code corresponding to each character includes:
splicing preset type codes corresponding to each character to obtain a key character string;
selecting characters in the key character string;
and splicing the selected characters to obtain an encryption key.
As an alternative embodiment, selecting a character in the key string includes:
acquiring a preset interval corresponding to the key character string;
and selecting a preset number of characters from the key character string according to a preset interval.
As an optional embodiment, the preset type expression character is emoji expression, the preset type code is unicode code, the encrypted character string is analyzed, and the encryption key is generated according to the analysis result, including:
regarding any character in the encrypted character string, when the coding information corresponding to any character is between 0xd800 and 0xdbff, or between 0x2100 and 0x27ff and is not equal to 0x263b, taking any character as emoji expression, acquiring the corresponding unicode code, and storing the corresponding unicode code into the unicode character string;
when any character is not emoji expression, converting any character into unicode code, and storing the converted unicode code into a unicode character string;
acquiring a preset interval input by a user, and selecting characters from a unicode character string according to the preset interval;
and splicing each selected character according to the selected character sequence to obtain an encryption key.
As an alternative embodiment, after encrypting the first target file by the encryption key, the method further includes:
acquiring a second target file to be decrypted and a decryption character string input by a user;
when the second target file is the encrypted file generated by the first target file, comparing the decryption character string with the encryption character string;
when the decryption character string is consistent with the encryption character string, analyzing the decryption character string, and generating a decryption key according to a corresponding analysis result;
and generating a corresponding decrypted file stream according to the file stream and the decryption key corresponding to the second target file, and writing the decrypted file stream into the stored decrypted file.
As an optional embodiment, after comparing the decryption string with the encryption string, the method further includes:
and when the decryption character string is inconsistent with the encryption character string, prompting the user that the file decryption is failed.
As an alternative embodiment, before writing the decrypted file stream into the saved decrypted file, the method further includes:
acquiring a decryption file storage address selected by a user;
estimating the occupation space of the corresponding decrypted file according to the occupation space of the second target file;
comparing the storage space corresponding to the decryption file storage address with the space occupied by the decryption file;
and when the space occupied by the decrypted file is larger than the storage space, prompting the user that the selected storage space is insufficient.
All the above-mentioned optional technical solutions can be combined arbitrarily to form the optional embodiments of the present invention, and are not described herein again.
Because the encryption key generated according to the fixed character is easy to crack, and the cracking difficulty of the generated encryption character string is high based on the thought randomness of the user and the diversity of the character types. According to the above theory, based on the contents in the embodiment corresponding to fig. 1, the embodiment of the present invention provides a file encryption method and a file decryption method, and the following describes the file encryption process and the corresponding file decryption process of the terminal in detail.
Referring to fig. 2, the method flow provided by this embodiment includes: 201. acquiring a first target file to be encrypted and an encryption character string input by a user; 202. analyzing the encrypted character string, and generating an encryption key according to an analysis result; 203. based on the encryption key, adding a file stream corresponding to the first target file into the encryption stream for encryption, and writing the encrypted data into a stored encryption file; 204. acquiring a second target file to be decrypted and a decryption character string input by a user; 205. When the second target file is the encrypted file generated by the first target file, comparing the decryption character string with the encryption character string; 206. when the decryption character string is consistent with the encryption character string, analyzing the decryption character string, and generating a decryption key according to a corresponding analysis result; 207. and generating a corresponding decrypted file stream according to the file stream and the decryption key corresponding to the second target file, and writing the decrypted file stream into the stored decrypted file.
201, acquiring a first target file to be encrypted and an encryption character string input by a user.
Since the terminal usually stores more files, a first target file to be encrypted can be obtained before the step is executed. The embodiment does not specifically limit the manner of obtaining the first target file to be encrypted, and includes but is not limited to: acquiring a file address character string according to a file selection instruction input by a user; when detecting that a file corresponding to the file address character string exists, acquiring a data type corresponding to the file address character string; and when the data type corresponding to the file address character string is a file, acquiring the file corresponding to the file address character string and using the file as a first target file to be encrypted.
Specifically, the user may select a file through a file browser of the terminal system. Accordingly, the terminal can obtain a file address character string according to a file selection instruction input by the user. The content corresponding to the file address character string may be file directory information where the file is located, and the content of the file address character string is not specifically limited in this embodiment. In an Android system, a corresponding file address character string can be obtained when a user selects a file through an onactive result method.
When the file is acquired according to the file address, the file may be acquired under the unexpected condition, so that the terminal can detect whether the file corresponding to the file address character string exists or not after acquiring the file address character string. In the Android system, a File object can be created according to a File address character string, and whether a File exists or not is judged by executing exists methods through the File object. When the exists method returns false, it indicates that the file does not exist. When the exists method returns true, it indicates that the file exists.
When it is detected that a file corresponding to the file address character string exists, since the embodiment mainly encrypts the file, after it is detected that the file corresponding to the file address character string exists, it may further be determined whether the file address character string corresponds to a file or a folder, which is not specifically limited in this embodiment. Specifically, the data type corresponding to the file address character string may be obtained, and when the data type corresponding to the file address character string is a file, the file corresponding to the file address character string may be obtained again. In the Android system, the isdirerectory method can be executed by a File object to judge whether the File is a folder or not. When the isDirectory method returns false, this indicates that the file is not a folder. When the isdiretorey method returns true, this indicates that the file is a folder.
After the first target file to be encrypted is obtained, the encryption character string input by the user can be obtained. The encrypted character string may be any character string, and the content of the encrypted character string may include letters, characters, numbers, chinese, foreign language, and expression characters of a preset type. The preset type expression characters may be emoji expressions or expressions carried by the instant messaging application, and the like, which is not specifically limited in this embodiment.
The emoji expression is a visual emotion symbol used in wireless communication in japan, is adopted by Unicode codes compatible with most modern computer systems at present, and is generally applied to various short messages and social networks. Compared with the fixed character or the fixed character string in the prior art, the user has higher thinking randomness when inputting the encrypted character string, and the input characters have more various types, so the cracking difficulty is higher. In addition, the cracking difficulty corresponding to the encrypted character string added with the emoji expression is higher. Accordingly, the higher the security of file encryption.
202, the encrypted character string is analyzed, and an encryption key is generated according to the analysis result.
Since the encryption key is usually a set of binary or hexadecimal codes, the encryption string containing various types of characters needs to be parsed before the file is encrypted. The method for analyzing the encrypted string and generating the encryption key according to the analysis result for analysis is not particularly limited in this embodiment, and includes, but is not limited to: acquiring a preset type code corresponding to each character in the encrypted character string; and generating an encryption key according to the preset type code corresponding to each character.
When the preset type code corresponding to each character in the encrypted character string is obtained, because the encrypted character string has characters which can be identified by the terminal, such as Chinese, letters, numbers and the like, and also has characters which cannot be directly identified by the terminal, such as emoji expressions, the terminal can be enabled to judge the characters which cannot be directly identified. Accordingly, the present embodiment does not specifically limit the manner of obtaining the preset type code corresponding to each character in the encrypted character string, including but not limited to: judging whether any character in the encrypted character string is a preset type expression character or not; and when any character is a preset expression type character, acquiring a preset type code of the any character.
The preset type expression characters generally correspond to the coding information in the fixed range in the terminal, so that the terminal can recognize the preset expression type characters according to the coding information. Accordingly, the present embodiment does not specifically limit the manner of determining whether any character is a preset type of expression character, including but not limited to: acquiring coding information of any character; when the coded information is in a preset range, determining any character as a preset type expression character; and when the coded information is not in the preset range, determining that any character is not a preset type expression character.
For example, the preset expression type character is an emoji expression. Since the encoding information of the emoji expression is usually between 0xd800 and 0xdbff, when the encoding information of any character is between the two 16-system data, the character is the emoji expression. Accordingly, the preset range is 0xd800 to 0 xdbff.
It should be noted that, because the emoji expression is updated in real time, the coding information corresponding to the newly added emoji expression may not be between 0xd800 and 0xdbff, so that the corresponding preset range and the judgment process may be determined according to the latest data of the emoji expression in specific implementation, which is not specifically limited in this embodiment. Taking the newly added partial data of emoji expression as an example, when determining that the encoding information of any character is not between 0xd800 and 0xdbff, a secondary determination may be made as to whether the encoding information of the character is between 0x2100 and 0x27ff, and is equal to 0x263 b. When the encoding information of the character is between 0x2100 and 0x27ff and the encoding information of the character is not equal to 0x263b, the character is an emoji expression. When the character is not in the preset range or does not meet the judgment condition, the character is determined not to be emoji expression, namely the character is Chinese, number, letter and the like which can be directly recognized by the terminal.
When any character is a preset expression type character, the preset type code of the preset expression type character can be directly acquired. When any character is not the character of the preset expression type, the character can be converted into the corresponding preset type code. The preset type code may be unicode code, UTF-8, or the like, which is not limited in this embodiment.
Because a plurality of preset expression type characters may exist in the encrypted character string and the preset expression type characters may be located at different positions in the encrypted character string, after the preset type codes of the preset expression type characters are obtained, the preset type codes of each preset expression type character can be stored in a temporary character string, and the positions of the preset expression type characters in the encrypted character string are recorded. Correspondingly, for the non-preset expression type characters in the encrypted character string, the converted preset type codes can be stored in the temporary character string, and the positions of the non-preset expression type characters in the encrypted character string are recorded at the same time. Through the above process, splicing of multiple preset type codes can be facilitated, which is not specifically limited in this embodiment.
Based on the analysis process, after the preset type code corresponding to each character in the encrypted character string is obtained, the encryption key can be generated according to the preset type code corresponding to each character. The present embodiment does not specifically limit the way of generating the encryption key according to the preset type code corresponding to each character, which includes but is not limited to: splicing preset type codes corresponding to each character to obtain a key character string; selecting characters in the key character string; and splicing the selected characters to obtain an encryption key.
According to the analysis process, the positions of the preset expression characters and the non-preset expression characters in the encrypted character string are usually staggered. Therefore, when the preset type codes corresponding to each character are spliced, the preset type codes corresponding to the preset type expression characters can be spliced to obtain the first sub-key character string. And splicing the preset type codes corresponding to the non-preset type expression characters to obtain a second sub-key character string. And splicing the first sub-key character string and the second sub-key character string to obtain the key character string. Wherein the first sub-key string is preceding and the second sub-key string is succeeding. Or, the first sub-key string is behind, and the second sub-key string is in front, and this embodiment does not specifically limit the string splicing order.
Preferably, in order to reflect the time sequence between characters when the user inputs the encrypted character string, the preset type codes corresponding to each character may be spliced based on the position of each character recorded in the foregoing process in the encrypted character string, which is not specifically limited in this embodiment.
After the key string is obtained, since the key string is mainly composed of preset type codes, such as unicode codes, the length of the string is longer, so that in order to reduce subsequent calculation amount and improve calculation speed, characters in the key string can be selected first. After a certain number of characters are screened out, the selected characters are spliced to obtain an encryption key.
The present embodiment does not specifically limit the manner of selecting the characters in the key string, and includes but is not limited to: acquiring the preset number of characters in an encryption key; and selecting a preset number of characters from the key character string according to a preset interval. The preset number is the number of characters to be selected when the characters in the key character string are selected. The preset number may be input by a user, that is, the number of the selected characters is determined by the user, which is not specifically limited in this embodiment. In addition, the preset interval may also be input by a user, and the length of the preset interval may be 1, which is not specifically limited in this embodiment.
Through the selection process, after the characters in the key character string are selected, the spliced encryption key is not related to the encryption character string input by the user, so that a cracker can immediately obtain the encryption character string and is difficult to crack the encryption key. Based on the thought randomness and character diversity of the user when inputting characters, the process of selecting characters from the key character string to generate the encryption key can further improve the security of subsequent file encryption.
For convenience of understanding, in combination with the above, the preset type emoticons are emoji emoticons, and the preset type codes are unicode codes, for example. The specific implementation manner of analyzing the encrypted character string and generating the encryption key according to the analysis result can be as follows: regarding any character in the encrypted character string, when the coding information corresponding to any character is between 0xd800 and 0xdbff, or between 0x2100 and 0x27ff and is not equal to 0x263b, taking any character as emoji expression, acquiring the corresponding unicode code, and storing the corresponding unicode code into the unicode character string; when any character is not emoji expression, converting any character into unicode code, and storing the converted unicode code into a unicode character string; acquiring a preset interval input by a user, and selecting characters from a unicode character string according to the preset interval; and splicing each selected character according to the selected character sequence to obtain an encryption key.
And 203, adding a file stream corresponding to the first target file into the encrypted stream based on the encryption key for encryption, and writing the encrypted data into the stored encrypted file.
The encryption algorithm used in this step may be a symmetric cryptosystem encryption algorithm, which is not specifically limited in this embodiment. In the Android system, the encryption process can be implemented by the following codes:
the above process mainly uses Cipher to create an encryption class, and uses this. Where DES denotes a symmetric cryptosystem encryption algorithm, and this. After the key is written, the file stream can begin. And adding the file stream into an encrypted stream CipherInputStream for encryption, and writing the encrypted data into a stored file. And finally, storing the obtained file, namely the encrypted first target file.
Considering that after encrypting the file, the user may need to decrypt the file when reading the file, so this embodiment further provides a file decryption method, and the specific process is detailed in the following steps 204 to 207.
And 204, acquiring a second target file to be decrypted and a decryption character string input by a user.
The second target file to be decrypted in this step may be the first target file encrypted in step 203, or may be another target file encrypted according to the methods in steps 201 to 203, which is not specifically limited in this embodiment. When the second target file to be decrypted and the decryption string input by the user are obtained, reference may be made to the manner of obtaining the first target file and the encryption string in step 201, which is not described herein again.
And 205, comparing the decryption character string with the encryption character string when the second target file is the encrypted file generated by the first target file.
When the second target file is the encrypted file generated by the first target file, the decryption character string input by the user needs to be the same as the encryption character string input by the user in the step 201 and have the same content as the encryption character string input by the user due to the symmetric cipher mechanism encryption algorithm, so as to ensure successful decryption. Therefore, in this step, the decrypted character string and the encrypted character string need to be compared to ensure whether the decrypted character string and the encrypted character string are consistent.
And 206, when the decryption character string is consistent with the encryption character string, analyzing the decryption character string, and generating a decryption key according to a corresponding analysis result.
Since the encrypted string input by the user in step 201 is not an encrypted key, but an encrypted string is analyzed, and an encrypted key is generated according to the analysis result, and meanwhile, since the encrypted key and the decrypted key need to be consistent, the decrypted string can be analyzed according to the same process in step 202, and a decrypted key is generated according to the corresponding analysis result in this step.
It should be noted that, when the decryption string is inconsistent with the encryption string, the user may be prompted that the file decryption has failed. At this time, the user may repeat the step 204 and the subsequent steps, which is not limited in this embodiment.
207, generating a corresponding decrypted file stream according to the file stream and the decryption key corresponding to the second target file, and writing the decrypted file stream into the saved decrypted file.
Based on the content in step 203, the step may also use a symmetric cryptosystem encryption algorithm to decrypt the second target file, which is not specifically limited in this embodiment. In the Android system, the decryption process can be implemented by the following codes:
the process mainly comprises the steps of initializing a des method Cipher, generating a decrypted file stream by creating a file stream and transmitting the file stream and decryption information together, and writing the decrypted file stream into a file. When the input decryption character string is wrong, the decoded character string is a messy code. Accordingly, a meaningless file that cannot be used by the user is generated. When the decryption character string is correct, a decryption file is generated, and the file is the file finally required by the user.
It should be noted that, after the file is decrypted, the decrypted file also needs to be stored at a specific location, so that before the decrypted file stream is written into the stored decrypted file, the decrypted file storage address selected by the user can be obtained; estimating the occupation space of the corresponding decrypted file according to the occupation space of the second target file; comparing the storage space corresponding to the decryption file storage address with the space occupied by the decryption file; and when the space occupied by the decrypted file is larger than the storage space, prompting the user that the selected storage space is insufficient.
The decryption file saving address may be specified by the user by selecting a file directory path, which is not specifically limited in this embodiment. When the space occupied by the decrypted file is not larger than the storage space, the decrypted file can be stored in the storage space corresponding to the decrypted file storage address after the second target file is decrypted to obtain the decrypted file.
By inputting the decryption character string in the above steps 204 to 207 to decrypt the file, other people cannot obtain the corresponding decryption character string except the user who knows the encryption character string, and cannot decrypt the file in other ways, so that the security of file encryption can be improved.
According to the method provided by the embodiment of the invention, the first target file to be encrypted and the encrypted character string input by the user are obtained. And analyzing the encrypted character string, and generating an encryption key according to an analysis result. And based on the encryption key, adding the file stream corresponding to the first target file into the encryption stream for encryption, and writing the encrypted data into the stored encrypted file. Because the encryption character string is input by the user, the thinking randomness of the user is higher when the user inputs the encryption character string, and the input characters are more diversified, so that the decryption difficulty of the correspondingly generated encryption key is higher. In addition, as the preset type expression characters, such as emoji expressions, can be added into the characters input by the user, the decryption difficulty of the correspondingly generated encryption key is higher. Therefore, the security of file encryption is high.
In addition, when the encryption key is generated according to the key character string, a certain number of characters can be screened out according to the number of characters input by a user and spliced to obtain the encryption key, so that the complexity of the encryption key can be reduced, and further, when a file is encrypted according to the encryption key subsequently, the subsequent calculation amount can be reduced and the subsequent calculation speed can be improved. Accordingly, encryption efficiency can be improved.
And thirdly, after the characters in the key character string are selected, the spliced encryption key is not related to the encryption character string input by the user, so that a cracker can immediately obtain the encryption character string and can hardly crack the encryption key. Based on the thought randomness, character diversity, length of the encryption key and the character string sequence of the encryption key when the user inputs the characters, the security of the subsequent file encryption can be further improved.
And finally, comparing the decryption character string with the encryption character string when the second target file is the encrypted file generated by the first target file by acquiring the second target file to be decrypted and the decryption character string input by the user. And when the decryption character string is consistent with the encryption character string, analyzing the decryption character string, and generating a decryption key according to a corresponding analysis result. And generating a corresponding decrypted file stream according to the file stream and the decryption key corresponding to the second target file, and writing the decrypted file stream into the stored decrypted file. Because the corresponding decryption character string needs to be input for decrypting the file, other people can not obtain the corresponding decryption character string except the user who knows the encryption character string, and can not decrypt the file through other modes, the security of the file can be improved on the aspect of file decryption.
An embodiment of the present invention provides a file encryption apparatus, where the apparatus is configured to execute the file encryption method provided in the embodiment corresponding to fig. 1 or fig. 2. Referring to fig. 3, the apparatus includes:
a first obtaining module 301, configured to obtain a first target file to be encrypted and an encrypted character string input by a user;
a first parsing module 302, configured to parse the encrypted character string and generate an encryption key according to a parsing result;
the encryption module 303 is configured to add a file stream corresponding to the first target file to the encrypted stream for encryption based on the encryption key, and write the encrypted data into the stored encrypted file.
As an optional embodiment, the first obtaining module 301 is configured to obtain a file address character string according to a file selection instruction input by a user; when detecting that a file corresponding to the file address character string exists, acquiring a data type corresponding to the file address character string; and when the data type corresponding to the file address character string is a file, acquiring the file corresponding to the file address character string and using the file as a first target file to be encrypted.
As an alternative embodiment, the parsing module 302 includes:
the acquiring unit is used for acquiring a preset type code corresponding to each character in the encrypted character string;
and the generating unit is used for generating an encryption key according to the preset type code corresponding to each character.
As an alternative embodiment, the obtaining unit includes:
the judging subunit is used for judging whether any character in the encrypted character string is a preset type expression character;
and the obtaining subunit is used for obtaining the preset type code of any character when the character is a preset expression type character.
As an alternative embodiment, the judging subunit is configured to obtain encoding information of any character; when the coded information is in a preset range, determining any character as a preset type expression character; and when the coded information is not in the preset range, determining that any character is not a preset type expression character.
As an alternative embodiment, the generating unit comprises:
the first splicing subunit is used for splicing the preset type codes corresponding to each character to obtain a key character string;
the selecting subunit is used for selecting characters in the key character string;
and the second splicing subunit is used for splicing the selected characters to obtain an encryption key.
As an optional embodiment, the selecting subunit is configured to obtain a preset number of characters in the encryption key; and selecting a preset number of characters from the key character string according to a preset interval.
As an optional embodiment, the preset type expression character is an emoji expression, the preset type code is a unicode code, and the parsing module 302 is configured to, for any character in the encrypted character string, when the coding information corresponding to any character is between 0xd800 and 0xdbff, or between 0x2100 and 0x27ff and is not equal to 0x263b, take any character as the emoji expression, obtain the corresponding unicode code, and store the corresponding unicode code into the unicode character string; when any character is not emoji expression, converting any character into unicode code, and storing the converted unicode code into a unicode character string; acquiring a preset interval input by a user, and selecting characters from a unicode character string according to the preset interval; and splicing each selected character according to the selected character sequence to obtain an encryption key.
As an alternative embodiment, referring to fig. 4, the apparatus further comprises:
a second obtaining module 304, configured to obtain a second target file to be decrypted and a decryption character string input by a user;
a comparison module 305, configured to compare the decryption string with the encryption string when the second target file is the encrypted file generated by the first target file;
the second analysis module 306 is configured to, when the decrypted character string is consistent with the encrypted character string, analyze the decrypted character string, and generate a decryption key according to a corresponding analysis result;
the decryption module 307 generates a corresponding decrypted file stream according to the file stream and the decryption key corresponding to the second target file, and writes the decrypted file stream into the saved decrypted file.
The device provided by the embodiment of the invention obtains the first target file to be encrypted and the encrypted character string input by the user. And analyzing the encrypted character string, and generating an encryption key according to an analysis result. And based on the encryption key, adding the file stream corresponding to the first target file into the encryption stream for encryption, and writing the encrypted data into the stored encrypted file. Because the encryption character string is input by the user, the thinking randomness of the user is higher when the user inputs the encryption character string, and the input characters are more diversified, so that the decryption difficulty of the correspondingly generated encryption key is higher. In addition, as the preset type expression characters, such as emoji expressions, can be added into the characters input by the user, the decryption difficulty of the correspondingly generated encryption key is higher. Therefore, the security of file encryption is high.
In addition, when the encryption key is generated according to the key character string, a certain number of characters can be screened out according to the number of characters input by a user and spliced to obtain the encryption key, so that the complexity of the encryption key can be reduced, and further, when a file is encrypted according to the encryption key subsequently, the subsequent calculation amount can be reduced and the subsequent calculation speed can be improved. Accordingly, encryption efficiency can be improved.
And thirdly, after the characters in the key character string are selected, the spliced encryption key is not related to the encryption character string input by the user, so that a cracker can immediately obtain the encryption character string and can hardly crack the encryption key. Based on the thought randomness, character diversity, length of the encryption key and the character string sequence of the encryption key when the user inputs the characters, the security of the subsequent file encryption can be further improved.
And finally, comparing the decryption character string with the encryption character string when the second target file is the encrypted file generated by the first target file by acquiring the second target file to be decrypted and the decryption character string input by the user. And when the decryption character string is consistent with the encryption character string, analyzing the decryption character string, and generating a decryption key according to a corresponding analysis result. And generating a corresponding decrypted file stream according to the file stream and the decryption key corresponding to the second target file, and writing the decrypted file stream into the stored decrypted file. Because the corresponding decryption character string needs to be input for decrypting the file, other people can not obtain the corresponding decryption character string except the user who knows the encryption character string, and can not decrypt the file through other modes, the security of the file can be improved on the aspect of file decryption.
Finally, the method of the present application is only a preferred embodiment and is not intended to limit the scope of the present invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (9)
1. A method for encrypting a file, the method comprising:
acquiring a first target file to be encrypted and an encryption character string input by a user;
analyzing the encrypted character string, and generating an encryption key according to an analysis result;
based on the encryption key, adding a file stream corresponding to the first target file into an encryption stream for encryption, and writing the encrypted data into a saved encryption file;
the encrypted character string is any combination of letters, characters, numbers, Chinese, foreign language and preset type expression characters;
the analyzing the encrypted character string and generating a key according to an analysis result includes:
acquiring a preset type code corresponding to each character in the encrypted character string;
generating an encryption key according to a preset type code corresponding to each character;
the obtaining of the preset type code corresponding to each character in the encrypted character string includes:
judging whether any character in the encrypted character string is a preset type expression character or not;
when any character is a preset expression type character, acquiring a preset type code of the any character;
the generating of the encryption key according to the preset type code corresponding to each character comprises the following steps:
splicing preset type codes corresponding to each character to obtain a key character string;
selecting characters in the key character string;
and splicing the selected characters to obtain an encryption key.
2. The method of claim 1, wherein obtaining the first target file to be encrypted comprises:
acquiring a file address character string according to a file selection instruction input by a user;
when detecting that a file corresponding to the file address character string exists, acquiring a data type corresponding to the file address character string;
and when the data type corresponding to the file address character string is a file, acquiring the file corresponding to the file address character string and using the file as a first target file to be encrypted.
3. The method of claim 1, wherein the determining whether any character is a preset type emoji character comprises:
acquiring coding information of any character;
when the coding information is in a preset range, determining that any character is a preset type expression character;
and when the coded information is not in a preset range, determining that any character is not a preset type expression character.
4. The method of claim 1, wherein said selecting a character in the key string comprises:
acquiring a preset interval corresponding to the key character string;
and selecting a preset number of characters from the key character string according to the preset interval.
5. The method according to any one of claims 1 to 4, wherein the predetermined type expression character is emoji expression, the predetermined type code is unicode code, the parsing the encrypted character string and generating the encryption key according to the parsing result comprises:
regarding any character in the encrypted character string, when the coding information corresponding to the character is between 0xd800 and 0xdbff, or between 0x2100 and 0x27ff and is not equal to 0x263b, taking the character as an emoji expression, acquiring a corresponding unicode code, and storing the corresponding unicode code into a unicode character string;
when any character is not emoji expression, converting the any character into unicode code, and storing the converted unicode code into the unicode character string;
acquiring a preset interval input by a user, and selecting characters from the unicode character string according to the preset interval;
and splicing each selected character according to the selected character sequence to obtain an encryption key.
6. The method according to claim 1, wherein after adding the file stream corresponding to the first target file to an encrypted stream for encryption based on the encryption key, further comprising:
acquiring a second target file to be decrypted and a decryption character string input by a user;
when the second target file is an encrypted file generated by the first target file, comparing the decryption character string with the encryption character string;
when the decryption character string is consistent with the encryption character string, analyzing the decryption character string, and generating a decryption key according to a corresponding analysis result;
and generating a corresponding decrypted file stream according to the file stream corresponding to the second target file and the decryption key, and writing the decrypted file stream into a stored decrypted file.
7. The method of claim 6, wherein after comparing the decryption string to the encryption string, further comprising:
and when the decryption character string is inconsistent with the encryption character string, prompting the user that the file decryption is failed.
8. The method of claim 7, wherein prior to writing the decrypted file stream to the saved decrypted file, further comprising:
acquiring a decryption file storage address selected by a user;
estimating the occupation space of the corresponding decrypted file according to the occupation space of the second target file;
comparing the storage space corresponding to the decryption file storage address with the space occupied by the decryption file;
and when the space occupied by the decrypted file is larger than the storage space, prompting the user that the selected storage space is insufficient.
9. An apparatus for encrypting a file, the apparatus comprising:
the first acquisition module is used for acquiring a first target file to be encrypted and an encryption character string input by a user;
the first analysis module is used for analyzing the encrypted character string and generating an encryption key according to an analysis result;
the encryption module is used for adding a file stream corresponding to the first target file into an encryption stream for encryption based on the encryption key, and writing the encrypted data into a stored encryption file;
the encrypted character string is any combination of letters, characters, numbers, Chinese, foreign language and preset type expression characters;
the first parsing module is further configured to,
acquiring a preset type code corresponding to each character in the encrypted character string;
generating an encryption key according to a preset type code corresponding to each character;
the obtaining of the preset type code corresponding to each character in the encrypted character string includes:
judging whether any character in the encrypted character string is a preset type expression character or not;
when any character is a preset expression type character, acquiring a preset type code of the any character;
splicing preset type codes corresponding to each character to obtain a key character string;
selecting characters in the key character string;
and splicing the selected characters to obtain an encryption key.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611118321.7A CN106788995B (en) | 2016-12-07 | 2016-12-07 | File encryption method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611118321.7A CN106788995B (en) | 2016-12-07 | 2016-12-07 | File encryption method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106788995A CN106788995A (en) | 2017-05-31 |
| CN106788995B true CN106788995B (en) | 2020-09-04 |
Family
ID=58881270
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611118321.7A Active CN106788995B (en) | 2016-12-07 | 2016-12-07 | File encryption method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106788995B (en) |
Families Citing this family (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107819569B (en) * | 2017-12-14 | 2018-09-11 | 平安科技(深圳)有限公司 | The encryption method and terminal device of log-on message |
| CN110321673A (en) * | 2018-03-28 | 2019-10-11 | 北京京东尚科信息技术有限公司 | Information ciphering method and device, information decryption method and device, security system |
| CN109150499B (en) * | 2018-08-29 | 2021-06-08 | 深圳市迷你玩科技有限公司 | Method and device for dynamically encrypting data, computer equipment and storage medium |
| CN110414249B (en) * | 2019-07-24 | 2022-03-25 | Oppo广东移动通信有限公司 | Information processing method, information processing apparatus, storage medium, and electronic device |
| CN113468544B (en) * | 2020-03-30 | 2024-04-05 | 杭州海康威视数字技术股份有限公司 | Training method and device for application model |
| CN111767529A (en) * | 2020-05-18 | 2020-10-13 | 广州视源电子科技股份有限公司 | File encryption method, file decryption method, storage medium and electronic device |
| CN112217806B (en) * | 2020-09-23 | 2022-12-27 | 深圳杰微芯片科技有限公司 | Data transmission encryption method, server and storage medium |
| CN112968899B (en) * | 2021-02-26 | 2022-11-08 | 上海掌门科技有限公司 | Method and equipment for encrypted communication |
| CN113259438B (en) * | 2021-05-14 | 2023-03-31 | 北京达佳互联信息技术有限公司 | Method and device for sending model file and method and device for receiving model file |
| CN113642033A (en) * | 2021-10-19 | 2021-11-12 | 太平金融科技服务(上海)有限公司深圳分公司 | Encryption method, decryption method, device, equipment and storage medium |
| CN114340113B (en) * | 2021-12-30 | 2023-10-13 | 浙江智马达智能科技有限公司 | Information processing method and device based on vehicle lamplight |
| CN114567676B (en) * | 2022-03-14 | 2024-02-02 | 杭州电子科技大学 | Private based on multistage encryption File container entry concealing method |
| CN117891787B (en) * | 2024-03-15 | 2024-05-28 | 武汉磐电科技股份有限公司 | Current transformer quantity value tracing data processing method, system and equipment |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP5003505B2 (en) * | 2007-04-10 | 2012-08-15 | ソニー株式会社 | Connection authentication system, terminal device, connection authentication server, connection authentication method, and program |
| CN101894244B (en) * | 2009-05-20 | 2012-11-21 | 鸿富锦精密工业(深圳)有限公司 | System and method for enciphering electronic data |
| CN102983972B (en) * | 2012-10-18 | 2015-06-10 | 吉林大学珠海学院 | Dynamic encryption and decryption method based on stream cipher |
| CN104320377B (en) * | 2014-09-25 | 2017-07-07 | 华为技术有限公司 | The anti-stealing link method and equipment of a kind of files in stream media |
| CN106022147A (en) * | 2016-05-26 | 2016-10-12 | 珠海市魅族科技有限公司 | Method and device for file encryption and decryption |
-
2016
- 2016-12-07 CN CN201611118321.7A patent/CN106788995B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN106788995A (en) | 2017-05-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106788995B (en) | File encryption method and device | |
| CN106599723B (en) | File encryption method and device and file decryption method and device | |
| CN107801165B (en) | Business short message pushing method and device, computer equipment and storage medium | |
| CN112202754B (en) | Data encryption method and device, electronic equipment and storage medium | |
| CN103684760A (en) | Method, device and system for encryption and decryption of communication | |
| CN106027228B (en) | Encryption and decryption method and encryption and decryption system for webpage identifier | |
| CN105681039A (en) | Method and device for secret key generation and corresponding decryption | |
| CN110084599B (en) | Key processing method, device, equipment and storage medium | |
| JP6346942B2 (en) | Blocking password attacks | |
| US20170353842A1 (en) | Secure communications via a mobile keyboard application of a mobile device | |
| CN103067174A (en) | Digital signature method and system completed in mobile operating system | |
| CN104243149A (en) | Encrypting and decrypting method, device and server | |
| WO2020233047A1 (en) | Page test method and apparatus | |
| CN103414727A (en) | Encryption protection system for input password input box and using method thereof | |
| CN103701586A (en) | Method and device for acquiring secret key | |
| Park et al. | Research on Note-Taking Apps with Security Features. | |
| CN103500294A (en) | Document encrypting and decrypting method and device | |
| KR101379711B1 (en) | Method for file encryption and decryption using telephone number | |
| CN102882675A (en) | Password encryption method for social network sites | |
| CN113517982B (en) | Password generation method, password execution method and terminal | |
| CN109918211A (en) | A kind of method, apparatus of Auto-writing identifying code | |
| KR101584127B1 (en) | System and method for deniable encryption | |
| CN105809494A (en) | method and system for invoice generation and invoice verification | |
| KR101267875B1 (en) | Apparatus for message encryption and decryption using virtual keyboard and recording medium storing program for executing method of the same in computer | |
| CN104038337A (en) | Data encryption method based on AES128 |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |